authentication : Prevent creating 10 recoveries when browser access all HTML,...

authentication : Prevent creating 10 recoveries when browser access all HTML, CSS, JS files in parallel

authentication : Prevent creating 10 recoveries when browser access all HTML,...
authentication : Prevent creating 10 recoveries when browser access all HTML, CSS, JS files in parallel
66fc5731 · Aurel · a5e11f86 · 66fc5731
Commit 66fc5731 authored Dec 16, 2015 by Aurel
Showing with 27 additions and 3 deletions

bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyPasswordExpire.xml ...rp5_authentication_policy/Person_notifyPasswordExpire.xml +27 -3

No files found.
--- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyPasswordExpire.xml
+++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyPasswordExpire.xml
@@ -50,9 +50,15 @@
        </item>
        <item>
            <key> <string>_body</string> </key>
-            <value> <string>"""\n
+            <value> <string encoding="cdata"><![CDATA[
+"""\n
  File a password expire event.\n
 """\n
+from DateTime import DateTime\n
+from Products.ZSQLCatalog.SQLCatalog import Query\n
+from Products.ERP5Type.DateUtils import addToDate\n
+\n
 portal = context.getPortalObject()\n
 portal_preferences = portal.portal_preferences\n
 \n
@@ -61,14 +67,32 @@ if not portal_preferences.isAuthenticationPolicyEnabled() or \\\n
  # no policy, no sense to file expire at all or symply system do not configured to\n
  return 0\n
 \n
+# Prevent creating 10 recoveries when browser access all HTML, CSS, JS files in parallel\n
+tag = "%s_passwd_recovery_inProgress" % context.getUid()\n
+if (portal.portal_activities.countMessageWithTag(tag) > 0):\n
+  return 0\n
+\n
+# Prevent creating new recovery if one was recently created\n
+recovery_list = portal.portal_catalog(\n
+  portal_type="Credential Recovery",\n
+  reference=context.getReference(),\n
+  default_destination_decision_uid=context.getUid(),\n
+  creation_date=Query(range="min", creation_date=addToDate(DateTime(), {\'day\': -1})),\n
+  limit=1)\n
+if (len(recovery_list) > 0):\n
+  return 0\n
+\n
 module = portal.getDefaultModule(portal_type=\'Credential Recovery\')\n
 credential_recovery = module.newContent(\n
                               portal_type="Credential Recovery",\n
                               reference=context.getReference(),\n
                               destination_decision_value=context,\n
-                               language=portal.Localizer.get_selected_language())\n
+                               language=portal.Localizer.get_selected_language(),\n
+                               activate_kw={\'tag\': tag})\n
 credential_recovery.submit()\n
-</string> </value>
+]]></string> </value>
        </item>
        <item>
            <key> <string>_params</string> </key>