Prise en charge de la redirection vers « came_from » lors de la ré-initialisation...

[Plinn.git] / Products / Plinn / RegistrationTool.py

diff --git a/Products/Plinn/RegistrationTool.py b/Products/Plinn/RegistrationTool.py
index fff500e..738d2ee 100644 (file)
--- a/Products/Plinn/RegistrationTool.py
+++ b/Products/Plinn/RegistrationTool.py
@@ -35,6 +35,7 @@ from Products.CMFCore.exceptions import AccessControl_Unauthorized
 from Products.CMFDefault.exceptions import EmailAddressInvalid
 from Products.CMFCore.utils import getToolByName
 from Products.CMFCore.utils import getUtilityByInterfaceName
+from Products.CMFCore.utils import _checkPermission
 from Products.CMFDefault.utils import checkEmailAddress
 from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups
 from Products.Plinn.utils import Message as _
@@ -217,6 +218,27 @@ class RegistrationTool(BaseRegistrationTool) :
             BaseRegistrationTool.addMember(self, id, password, roles=roles,
                                            domains=domains, properties=properties)
 
+    security.declarePublic( 'testPasswordValidity' )
+    def testPasswordValidity(self, password, confirm=None):
+
+        """ Verify that the password satisfies the portal's requirements.
+
+        o If the password is valid, return None.
+        o If not, return a string explaining why.
+        """
+        if not password:
+            return _(u'You must enter a password.')
+
+        if len(password) < 8 and not _checkPermission(ManagePortal, self):
+            return _(u'Your password must contain at least 8 characters.')
+
+        if confirm is not None and confirm != password:
+            return _(u'Your password and confirmation did not match. '
+                     u'Please try again.')
+
+        return None
+
+
 
     def afterAdd(self, member, id, password, properties):
         """ notify member creation """
@@ -232,7 +254,7 @@ class RegistrationTool(BaseRegistrationTool) :
         return str(uuid4())
 
     security.declarePublic('requestPasswordReset')
-    def requestPasswordReset(self, userid, initial=False):
+    def requestPasswordReset(self, userid, initial=False, came_from=''):
         """ add uuid / (userid, expiration) pair
             if ok: send an email to member. returns error message otherwise.
         """
@@ -252,7 +274,7 @@ class RegistrationTool(BaseRegistrationTool) :
             uuid = str(uuid4())
             while self._passwordResetRequests.has_key(uuid) :
                 uuid = str(uuid4())
-            self._passwordResetRequests[uuid] = (userid, DateTime() + 1)
+            self._passwordResetRequests[uuid] = (userid, DateTime() + 1, came_from)
             utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool')
             ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool')
             # fuck : mailhost récupéré avec getUtilityByInterfaceName n'est pas correctement
@@ -289,7 +311,7 @@ class RegistrationTool(BaseRegistrationTool) :
     def clearExpiredPasswordResetRequests(self):
         now = DateTime()
         for uuid, record in self._passwordResetRequests.items() :
-            userid, date = record
+            date = record[1]
             if date < now :
                 del self._passwordResetRequests[uuid]
 
@@ -300,7 +322,7 @@ class RegistrationTool(BaseRegistrationTool) :
         if not record :
             return None, _('Invalid reset password request.')
 
-        userid, expiration = record
+        userid, expiration, came_from = record
         now = DateTime()
         if expiration < now :
             self.clearExpiredPasswordResetRequests()
@@ -313,7 +335,7 @@ class RegistrationTool(BaseRegistrationTool) :
             if member :
                 member.setSecurityProfile(password=password)
                 del self._passwordResetRequests[uuid]
-                return  userid, _('Password successfully updated.')
+                return  {'userid': userid, 'came_from' : came_from}, _('Password successfully updated.')
             else :
                 return None, _('"${userid}" username not found.', mapping={'userid': userid})
         else :