Prevent organizations from attempting an account recovery.

data/model.py

@@ -350,6 +350,9 @@ def create_reset_password_email_code(email):
   except User.DoesNotExist:
     raise InvalidEmailAddressException('Email address was not found.');
 
+  if user.organization:
+    raise InvalidEmailAddressException('Organizations can not have passwords.')
+
   code = EmailConfirmation.create(user=user, pw_reset=True)
   return code
 

static/directives/user-setup.html

@@ -43,7 +43,7 @@
             <button class="btn btn-lg btn-primary btn-block" type="submit">Send Recovery Email</button>
           </form>
           
-          <div class="alert alert-danger" ng-show="invalidEmail">Unable to locate account.</div>
+          <div class="alert alert-danger" ng-show="invalidRecovery">{{errorMessage}}</div>
           
           <div class="alert alert-success" ng-show="sent">Account recovery email was sent.</div>
         </div>

static/js/app.js

@@ -831,10 +831,12 @@ quayApp.directive('userSetup', function () {
     controller: function($scope, $location, $timeout, ApiService, KeyService, UserService) {
       $scope.sendRecovery = function() {
         ApiService.requestRecoveryEmail($scope.recovery).then(function() {
-          $scope.invalidEmail = false;
+          $scope.invalidRecovery = false;
+          $scope.errorMessage = '';
           $scope.sent = true;
         }, function(result) {
-          $scope.invalidEmail = true;
+          $scope.invalidRecovery = true;
+          $scope.errorMessage = result.data;
           $scope.sent = false;
         });
       };