Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
alecs_myu
erp5
Commits
84e59af2
Commit
84e59af2
authored
Aug 30, 2011
by
Kazuhiko Shiozaki
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
code improvement
parent
0a6324f2
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
36 deletions
+26
-36
product/ERP5/Tool/PasswordTool.py
product/ERP5/Tool/PasswordTool.py
+26
-36
No files found.
product/ERP5/Tool/PasswordTool.py
View file @
84e59af2
...
@@ -70,20 +70,13 @@ class PasswordTool(BaseTool):
...
@@ -70,20 +70,13 @@ class PasswordTool(BaseTool):
# XXX no call to BaseTool.__init__ ?
# XXX no call to BaseTool.__init__ ?
# BaseTool.__init__(self, id)
# BaseTool.__init__(self, id)
security
.
declareProtected
(
'Manage users'
,
'getResetPasswordKey'
)
security
.
declareProtected
(
'Manage users'
,
'getResetPasswordUrl'
)
def
getResetPasswordKey
(
self
,
user_login
):
def
getResetPasswordUrl
(
self
,
user_login
,
site_url
):
# generate expiration date
# generate expiration date
expiration_date
=
DateTime
()
+
self
.
_expiration_day
expiration_date
=
DateTime
()
+
self
.
_expiration_day
# generate a random string
# generate a random string
random_url
=
self
.
_generateUUID
()
key
=
self
.
_generateUUID
()
parameter
=
urlencode
(
dict
(
reset_key
=
random_url
,
user_login
=
user_login
))
url
=
"%s/portal_password/%s?%s"
%
(
site_url
,
'PasswordTool_viewResetPassword'
,
parameter
)
# XXX before r26093, _password_request_dict was initialized by an OOBTree and
# XXX before r26093, _password_request_dict was initialized by an OOBTree and
# replaced by a dict on each request, so if it's data structure is not up
# replaced by a dict on each request, so if it's data structure is not up
# to date, we update it if needed
# to date, we update it if needed
...
@@ -93,10 +86,24 @@ class PasswordTool(BaseTool):
...
@@ -93,10 +86,24 @@ class PasswordTool(BaseTool):
self
.
_password_request_dict
=
PersistentMapping
()
self
.
_password_request_dict
=
PersistentMapping
()
# register request
# register request
self
.
_password_request_dict
[
random_url
]
=
(
user_login
,
expiration_date
)
self
.
_password_request_dict
[
key
]
=
(
user_login
,
expiration_date
)
return
key
security
.
declareProtected
(
'Manage users'
,
'getResetPasswordUrl'
)
def
getResetPasswordUrl
(
self
,
user_login
=
None
,
key
=
None
,
site_url
):
if
user_login
is
not
None
:
# XXX Backward compatibility
key
=
self
.
getResetPasswordKey
(
user_login
)
parameter
=
urlencode
(
dict
(
reset_key
=
reset_key
,
user_login
=
user_login
))
url
=
"%s/portal_password/%s?%s"
%
(
site_url
,
'PasswordTool_viewResetPassword'
,
parameter
)
return
url
return
url
def
mailPasswordResetRequest
(
self
,
user_login
=
None
,
REQUEST
=
None
,
def
mailPasswordResetRequest
(
self
,
user_login
=
None
,
REQUEST
=
None
,
notification_message
=
None
,
sender
=
None
,
notification_message
=
None
,
sender
=
None
,
store_as_event
=
False
):
store_as_event
=
False
):
"""
"""
...
@@ -104,7 +111,7 @@ class PasswordTool(BaseTool):
...
@@ -104,7 +111,7 @@ class PasswordTool(BaseTool):
Parameters:
Parameters:
user_login -- Reference of the user to send password reset link
user_login -- Reference of the user to send password reset link
REQUEST -- Request object
REQUEST -- Request object
notification_message -- Notification Message Document used to build the email.
notification_message -- Notification Message Document used to build the email.
As default, a standart text will be used.
As default, a standart text will be used.
sender -- Sender (Person or Organisation) of the email.
sender -- Sender (Person or Organisation) of the email.
As default, the default email address will be used
As default, the default email address will be used
...
@@ -138,7 +145,7 @@ class PasswordTool(BaseTool):
...
@@ -138,7 +145,7 @@ class PasswordTool(BaseTool):
msg
=
translateString
(
msg
=
translateString
(
"User ${user} does not have an email address, please contact site "
"User ${user} does not have an email address, please contact site "
"administrator directly"
,
mapping
=
{
'user'
:
user_login
})
"administrator directly"
,
mapping
=
{
'user'
:
user_login
})
if
msg
:
if
msg
:
if
REQUEST
is
not
None
:
if
REQUEST
is
not
None
:
parameter
=
urlencode
(
dict
(
portal_status_message
=
msg
))
parameter
=
urlencode
(
dict
(
portal_status_message
=
msg
))
...
@@ -147,31 +154,13 @@ class PasswordTool(BaseTool):
...
@@ -147,31 +154,13 @@ class PasswordTool(BaseTool):
return
REQUEST
.
RESPONSE
.
redirect
(
ret_url
)
return
REQUEST
.
RESPONSE
.
redirect
(
ret_url
)
return
msg
return
msg
# generate a random string
key
=
self
.
getResetPasswordKey
(
user_login
)
random_url
=
self
.
_generateUUID
()
url
=
self
.
getResetPasswordUrl
(
key
,
site_url
)
parameter
=
urlencode
(
dict
(
reset_key
=
random_url
))
url
=
"%s/portal_password/%s?%s"
%
(
site_url
,
'PasswordTool_viewResetPassword'
,
parameter
)
# generate expiration date
expiration_date
=
DateTime
()
+
self
.
_expiration_day
# XXX before r26093, _password_request_dict was initialized by an OOBTree and
# replaced by a dict on each request, so if it's data structure is not up
# to date, we update it if needed
if
not
isinstance
(
self
.
_password_request_dict
,
PersistentMapping
):
LOG
(
'ERP5.PasswordTool'
,
INFO
,
'Updating password_request_dict to'
' PersistentMapping'
)
self
.
_password_request_dict
=
PersistentMapping
()
# register request
self
.
_password_request_dict
[
random_url
]
=
(
user_login
,
expiration_date
)
# send mail
# send mail
message_dict
=
{
'instance_name'
:
self
.
getPortalObject
().
getTitle
(),
message_dict
=
{
'instance_name'
:
self
.
getPortalObject
().
getTitle
(),
'reset_password_link'
:
url
,
'reset_password_link'
:
url
,
'expiration_date'
:
expiration_date
}
'expiration_date'
:
self
.
_password_request_dict
[
key
][
1
]
}
if
notification_message
is
None
:
if
notification_message
is
None
:
subject
=
translateString
(
"[${instance_name}] Reset of your password"
,
subject
=
translateString
(
"[${instance_name}] Reset of your password"
,
...
@@ -227,6 +216,7 @@ class PasswordTool(BaseTool):
...
@@ -227,6 +216,7 @@ class PasswordTool(BaseTool):
def
resetPassword
(
self
,
reset_key
=
None
,
REQUEST
=
None
):
def
resetPassword
(
self
,
reset_key
=
None
,
REQUEST
=
None
):
"""
"""
"""
"""
# XXX-Aurel : is it used ?
if
REQUEST
is
None
:
if
REQUEST
is
None
:
REQUEST
=
get_request
()
REQUEST
=
get_request
()
user_login
,
expiration_date
=
self
.
_password_request_dict
.
get
(
reset_key
,
(
None
,
None
))
user_login
,
expiration_date
=
self
.
_password_request_dict
.
get
(
reset_key
,
(
None
,
None
))
...
@@ -263,7 +253,7 @@ class PasswordTool(BaseTool):
...
@@ -263,7 +253,7 @@ class PasswordTool(BaseTool):
def
changeUserPassword
(
self
,
user_login
,
password
,
password_confirmation
,
def
changeUserPassword
(
self
,
user_login
,
password
,
password_confirmation
,
password_key
,
REQUEST
=
None
):
password_key
,
REQUEST
=
None
):
"""
"""
Reset the password for a given login
Reset the password for a given login
"""
"""
# check the key
# check the key
register_user_login
,
expiration_date
=
self
.
_password_request_dict
.
get
(
register_user_login
,
expiration_date
=
self
.
_password_request_dict
.
get
(
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment