do_reset in auth.py has a sharp edge:
This function takes an iterable of stuff, i.e. guests, updates all the guests's password to the same password, and then emails an individual email with the new password. In practice, I think this is ok because it get's called like this:
guests = Guest.objects.filter(email=email, can_login=True)
if guests.count() > 0:
do_reset(guests)
return
... and, in practice, I don't think the data model supports having more than one Guest record with the same email.
That said, if you were to do something like the following:
d_reset(Guest.objects.all())
... bad shit would happen.
do_reset in
auth.pyhas a sharp edge:This function takes an iterable of stuff, i.e.
guests, updates all the guests's password to the same password, and then emails an individual email with the new password. In practice, I think this is ok because it get's called like this:... and, in practice, I don't think the data model supports having more than one
Guestrecord with the same email.That said, if you were to do something like the following:
... bad shit would happen.