Commit 84e59af2 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

code improvement

parent 0a6324f2
......@@ -70,20 +70,13 @@ class PasswordTool(BaseTool):
# XXX no call to BaseTool.__init__ ?
# BaseTool.__init__(self, id)
security.declareProtected('Manage users', 'getResetPasswordUrl')
def getResetPasswordUrl(self, user_login, site_url):
security.declareProtected('Manage users', 'getResetPasswordKey')
def getResetPasswordKey(self, user_login):
# generate expiration date
expiration_date = DateTime() + self._expiration_day
# generate a random string
random_url = self._generateUUID()
parameter = urlencode(dict(reset_key=random_url,
user_login=user_login))
url = "%s/portal_password/%s?%s" % (
site_url,
'PasswordTool_viewResetPassword',
parameter)
key = self._generateUUID()
# XXX before r26093, _password_request_dict was initialized by an OOBTree and
# replaced by a dict on each request, so if it's data structure is not up
# to date, we update it if needed
......@@ -93,7 +86,21 @@ class PasswordTool(BaseTool):
self._password_request_dict = PersistentMapping()
# register request
self._password_request_dict[random_url] = (user_login, expiration_date)
self._password_request_dict[key] = (user_login, expiration_date)
return key
security.declareProtected('Manage users', 'getResetPasswordUrl')
def getResetPasswordUrl(self, user_login=None, key=None, site_url):
if user_login is not None:
# XXX Backward compatibility
key = self.getResetPasswordKey(user_login)
parameter = urlencode(dict(reset_key=reset_key,
user_login=user_login))
url = "%s/portal_password/%s?%s" % (
site_url,
'PasswordTool_viewResetPassword',
parameter)
return url
def mailPasswordResetRequest(self, user_login=None, REQUEST=None,
......@@ -147,31 +154,13 @@ class PasswordTool(BaseTool):
return REQUEST.RESPONSE.redirect( ret_url )
return msg
# generate a random string
random_url = self._generateUUID()
parameter = urlencode(dict(reset_key=random_url))
url = "%s/portal_password/%s?%s" % (
site_url,
'PasswordTool_viewResetPassword',
parameter)
# generate expiration date
expiration_date = DateTime() + self._expiration_day
# XXX before r26093, _password_request_dict was initialized by an OOBTree and
# replaced by a dict on each request, so if it's data structure is not up
# to date, we update it if needed
if not isinstance(self._password_request_dict, PersistentMapping):
LOG('ERP5.PasswordTool', INFO, 'Updating password_request_dict to'
' PersistentMapping')
self._password_request_dict = PersistentMapping()
# register request
self._password_request_dict[random_url] = (user_login, expiration_date)
key = self.getResetPasswordKey(user_login)
url = self.getResetPasswordUrl(key, site_url)
# send mail
message_dict = {'instance_name':self.getPortalObject().getTitle(),
'reset_password_link':url,
'expiration_date':expiration_date}
'expiration_date':self._password_request_dict[key][1]}
if notification_message is None:
subject = translateString("[${instance_name}] Reset of your password",
......@@ -227,6 +216,7 @@ class PasswordTool(BaseTool):
def resetPassword(self, reset_key=None, REQUEST=None):
"""
"""
# XXX-Aurel : is it used ?
if REQUEST is None:
REQUEST = get_request()
user_login, expiration_date = self._password_request_dict.get(reset_key, (None, None))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment