Merge pull request #27284 from edx/aakbar/PROD-2337

Allow reset password from Support Tools

openedx/core/djangoapps/user_authn/views/password_reset.py

@@ -1,5 +1,4 @@
 """ Password reset logic and views . """
-
 import logging
 
 from django import forms
@@ -595,8 +594,11 @@ def password_change_request_handler(request):
 
     """
     user = request.user
-    # Prefer logged-in user's email
-    email = user.email if user.is_authenticated else request.POST.get('email')
+    if user.is_staff and user.is_superuser and request.POST.get('email_from_support_tools'):
+        email = request.POST.get('email_from_support_tools')
+    else:
+        # Prefer logged-in user's email
+        email = user.email if user.is_authenticated else request.POST.get('email')
     AUDIT_LOG.info("Password reset initiated for email %s.", email)
 
     if getattr(request, 'limited', False):
@@ -609,7 +611,8 @@ def password_change_request_handler(request):
     if email:
         try:
             request_password_change(email, request.is_secure())
-            user = user if user.is_authenticated else _get_user_from_email(email=email)
+            user = user if not request.POST.get('email_from_support_tools') and user.is_authenticated \
+                else _get_user_from_email(email=email)
             destroy_oauth_tokens(user)
         except errors.UserNotFound:
             AUDIT_LOG.info("Invalid password reset attempt")