X-Git-Url: https://scm.cri.ensmp.fr/git/Plinn.git/blobdiff_plain/8477d1d3bd27406257f7d1834ed69216440c56bd..fdcfbd9b5ac50582333e87ff5cc3e06883a7d5fa:/Products/Plinn/RegistrationTool.py diff --git a/Products/Plinn/RegistrationTool.py b/Products/Plinn/RegistrationTool.py index 3451d37..738d2ee 100644 --- a/Products/Plinn/RegistrationTool.py +++ b/Products/Plinn/RegistrationTool.py @@ -35,6 +35,7 @@ from Products.CMFCore.exceptions import AccessControl_Unauthorized from Products.CMFDefault.exceptions import EmailAddressInvalid from Products.CMFCore.utils import getToolByName from Products.CMFCore.utils import getUtilityByInterfaceName +from Products.CMFCore.utils import _checkPermission from Products.CMFDefault.utils import checkEmailAddress from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups from Products.Plinn.utils import Message as _ @@ -183,7 +184,7 @@ class RegistrationTool(BaseRegistrationTool) : private_collections = portal.get('private_collections') if not private_collections : raise AccessControl_Unauthorized() - return + data = private_collections.data lines = filter(None, [l.strip() for l in data.split('\n')]) assert len(lines) % 3 == 0 @@ -194,7 +195,6 @@ class RegistrationTool(BaseRegistrationTool) : if not (collecInfos.has_key(properties.get('collection_id')) and \ collecInfos[properties.get('collection_id')]['pw'] == properties.get('collection_password')) : raise AccessControl_Unauthorized('Wrong primary credentials') - return BaseRegistrationTool.addMember(self, id, password, roles=roles, @@ -218,6 +218,27 @@ class RegistrationTool(BaseRegistrationTool) : BaseRegistrationTool.addMember(self, id, password, roles=roles, domains=domains, properties=properties) + security.declarePublic( 'testPasswordValidity' ) + def testPasswordValidity(self, password, confirm=None): + + """ Verify that the password satisfies the portal's requirements. + + o If the password is valid, return None. + o If not, return a string explaining why. + """ + if not password: + return _(u'You must enter a password.') + + if len(password) < 8 and not _checkPermission(ManagePortal, self): + return _(u'Your password must contain at least 8 characters.') + + if confirm is not None and confirm != password: + return _(u'Your password and confirmation did not match. ' + u'Please try again.') + + return None + + def afterAdd(self, member, id, password, properties): """ notify member creation """ @@ -233,7 +254,7 @@ class RegistrationTool(BaseRegistrationTool) : return str(uuid4()) security.declarePublic('requestPasswordReset') - def requestPasswordReset(self, userid, initial=False): + def requestPasswordReset(self, userid, initial=False, came_from=''): """ add uuid / (userid, expiration) pair if ok: send an email to member. returns error message otherwise. """ @@ -253,7 +274,7 @@ class RegistrationTool(BaseRegistrationTool) : uuid = str(uuid4()) while self._passwordResetRequests.has_key(uuid) : uuid = str(uuid4()) - self._passwordResetRequests[uuid] = (userid, DateTime() + 1) + self._passwordResetRequests[uuid] = (userid, DateTime() + 1, came_from) utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool') ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool') # fuck : mailhost récupéré avec getUtilityByInterfaceName n'est pas correctement @@ -290,7 +311,7 @@ class RegistrationTool(BaseRegistrationTool) : def clearExpiredPasswordResetRequests(self): now = DateTime() for uuid, record in self._passwordResetRequests.items() : - userid, date = record + date = record[1] if date < now : del self._passwordResetRequests[uuid] @@ -301,7 +322,7 @@ class RegistrationTool(BaseRegistrationTool) : if not record : return None, _('Invalid reset password request.') - userid, expiration = record + userid, expiration, came_from = record now = DateTime() if expiration < now : self.clearExpiredPasswordResetRequests() @@ -314,9 +335,9 @@ class RegistrationTool(BaseRegistrationTool) : if member : member.setSecurityProfile(password=password) del self._passwordResetRequests[uuid] - return userid, _('Password successfully updated.') + return {'userid': userid, 'came_from' : came_from}, _('Password successfully updated.') else : - return None, _('"%s" username not found.') % userid + return None, _('"${userid}" username not found.', mapping={'userid': userid}) else : return None, msg