fix: set password on save

Author: dodumosu

profiles/forms.py

@@ -68,4 +68,9 @@ def clean(self):
         if password != password_confirm:
             self.add_error('password', 'Passwords do not match')
 
-        return cleaned_data
+        return cleaned_data
+
+
+class UserCreateForm(UserForm):
+    password = forms.CharField(widget=forms.PasswordInput())
+    password_confirm = forms.CharField(widget=forms.PasswordInput())

profiles/views.py

@@ -7,7 +7,7 @@
 from django.http import HttpResponseRedirect
 from django.views.generic import CreateView, ListView, UpdateView
 
-from profiles.forms import UserForm
+from profiles.forms import UserCreateForm, UserForm
 from profiles.models import Profile
 
 PROTECTED_VIEW_PERMISSION = 'auth.change_user'
@@ -89,7 +89,7 @@ def get_context_data(self, **kwargs):
 
 
 class UserCreateView(LoginRequiredMixin, PermissionRequiredMixin, CreateView):
-    form_class = UserForm
+    form_class = UserCreateForm
     model = User
     page_title = 'Create User'
     permission_required = PROTECTED_VIEW_PERMISSION
@@ -98,8 +98,9 @@ class UserCreateView(LoginRequiredMixin, PermissionRequiredMixin, CreateView):
     def form_valid(self, form):
         user = form.save()
         cleaned_data = form.cleaned_data
+        user.set_password(cleaned_data.get('password'))
 
-        if user.is_superuser:
+        if not user.is_superuser:
             update_permissions(user, cleaned_data)
 
         return HttpResponseRedirect(reverse('users:users_list'))
@@ -121,7 +122,10 @@ def form_valid(self, form):
         user = form.save()
         cleaned_data = form.cleaned_data
 
-        if user.is_superuser:
+        if cleaned_data.get('password'):
+            user.set_password(cleaned_data.get('password'))
+
+        if not user.is_superuser:
             update_permissions(user, cleaned_data)
 
         return HttpResponseRedirect(reverse('users:users_list'))