X-Git-Url: https://scm.cri.ensmp.fr/git/Plinn.git/blobdiff_plain/8477d1d3bd27406257f7d1834ed69216440c56bd..ae75bab9028d6321710c42da338cef25c7afe576:/Products/Plinn/RegistrationTool.py

diff --git a/Products/Plinn/RegistrationTool.py b/Products/Plinn/RegistrationTool.py
index 3451d37..738d2ee 100644
--- a/Products/Plinn/RegistrationTool.py
+++ b/Products/Plinn/RegistrationTool.py
@@ -35,6 +35,7 @@ from Products.CMFCore.exceptions import AccessControl_Unauthorized
 from Products.CMFDefault.exceptions import EmailAddressInvalid
 from Products.CMFCore.utils import getToolByName
 from Products.CMFCore.utils import getUtilityByInterfaceName
+from Products.CMFCore.utils import _checkPermission
 from Products.CMFDefault.utils import checkEmailAddress
 from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups
 from Products.Plinn.utils import Message as _
@@ -183,7 +184,7 @@ class RegistrationTool(BaseRegistrationTool) :
                 private_collections = portal.get('private_collections')
                 if not private_collections :
                     raise AccessControl_Unauthorized()
-                    return
+
                 data = private_collections.data
                 lines = filter(None, [l.strip() for l in data.split('\n')])
                 assert len(lines) % 3 == 0
@@ -194,7 +195,6 @@ class RegistrationTool(BaseRegistrationTool) :
                 if not (collecInfos.has_key(properties.get('collection_id')) and \
                     collecInfos[properties.get('collection_id')]['pw'] == properties.get('collection_password')) :
                     raise AccessControl_Unauthorized('Wrong primary credentials')
-                    return
 
 
             BaseRegistrationTool.addMember(self, id, password, roles=roles,
@@ -218,6 +218,27 @@ class RegistrationTool(BaseRegistrationTool) :
             BaseRegistrationTool.addMember(self, id, password, roles=roles,
                                            domains=domains, properties=properties)
 
+    security.declarePublic( 'testPasswordValidity' )
+    def testPasswordValidity(self, password, confirm=None):
+
+        """ Verify that the password satisfies the portal's requirements.
+
+        o If the password is valid, return None.
+        o If not, return a string explaining why.
+        """
+        if not password:
+            return _(u'You must enter a password.')
+
+        if len(password) < 8 and not _checkPermission(ManagePortal, self):
+            return _(u'Your password must contain at least 8 characters.')
+
+        if confirm is not None and confirm != password:
+            return _(u'Your password and confirmation did not match. '
+                     u'Please try again.')
+
+        return None
+
+
 
     def afterAdd(self, member, id, password, properties):
         """ notify member creation """
@@ -233,7 +254,7 @@ class RegistrationTool(BaseRegistrationTool) :
         return str(uuid4())
 
     security.declarePublic('requestPasswordReset')
-    def requestPasswordReset(self, userid, initial=False):
+    def requestPasswordReset(self, userid, initial=False, came_from=''):
         """ add uuid / (userid, expiration) pair
             if ok: send an email to member. returns error message otherwise.
         """
@@ -253,7 +274,7 @@ class RegistrationTool(BaseRegistrationTool) :
             uuid = str(uuid4())
             while self._passwordResetRequests.has_key(uuid) :
                 uuid = str(uuid4())
-            self._passwordResetRequests[uuid] = (userid, DateTime() + 1)
+            self._passwordResetRequests[uuid] = (userid, DateTime() + 1, came_from)
             utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool')
             ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool')
             # fuck : mailhost récupéré avec getUtilityByInterfaceName n'est pas correctement
@@ -290,7 +311,7 @@ class RegistrationTool(BaseRegistrationTool) :
     def clearExpiredPasswordResetRequests(self):
         now = DateTime()
         for uuid, record in self._passwordResetRequests.items() :
-            userid, date = record
+            date = record[1]
             if date < now :
                 del self._passwordResetRequests[uuid]
 
@@ -301,7 +322,7 @@ class RegistrationTool(BaseRegistrationTool) :
         if not record :
             return None, _('Invalid reset password request.')
 
-        userid, expiration = record
+        userid, expiration, came_from = record
         now = DateTime()
         if expiration < now :
             self.clearExpiredPasswordResetRequests()
@@ -314,9 +335,9 @@ class RegistrationTool(BaseRegistrationTool) :
             if member :
                 member.setSecurityProfile(password=password)
                 del self._passwordResetRequests[uuid]
-                return  userid, _('Password successfully updated.')
+                return  {'userid': userid, 'came_from' : came_from}, _('Password successfully updated.')
             else :
-                return None, _('"%s" username not found.') % userid
+                return None, _('"${userid}" username not found.', mapping={'userid': userid})
         else :
             return None, msg