Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Sebastien Robin
erp5
Commits
9ca9edce
Commit
9ca9edce
authored
Jul 20, 2020
by
Xiaowu Zhang
Browse files
Options
Browse Files
Download
Plain Diff
erp5_authentication_policy: prevent to create too much credential recovery
See merge request
nexedi/erp5!1210
parents
7c72a354
6c0d018e
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
11 additions
and
4 deletions
+11
-4
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Login_notifyPasswordExpire.py
.../erp5_authentication_policy/Login_notifyPasswordExpire.py
+5
-1
product/ERP5/tests/testAuthenticationPolicy.py
product/ERP5/tests/testAuthenticationPolicy.py
+6
-3
No files found.
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Login_notifyPasswordExpire.py
View file @
9ca9edce
...
@@ -25,12 +25,16 @@ recovery_list = portal.portal_catalog(
...
@@ -25,12 +25,16 @@ recovery_list = portal.portal_catalog(
limit
=
1
)
limit
=
1
)
if
recovery_list
:
if
recovery_list
:
return
return
tag
=
'credential_recovery_%s'
%
context
.
getReference
()
if
portal
.
portal_activities
.
countMessageWithTag
(
tag
):
return
module
=
portal
.
getDefaultModule
(
portal_type
=
'Credential Recovery'
)
module
=
portal
.
getDefaultModule
(
portal_type
=
'Credential Recovery'
)
credential_recovery
=
module
.
newContent
(
credential_recovery
=
module
.
newContent
(
portal_type
=
"Credential Recovery"
,
portal_type
=
"Credential Recovery"
,
reference
=
username
,
reference
=
username
,
destination_decision_value
=
user
,
destination_decision_value
=
user
,
language
=
portal
.
Localizer
.
get_selected_language
())
language
=
portal
.
Localizer
.
get_selected_language
(),
activate_kw
=
{
'tag'
:
tag
})
context
.
serialize
()
context
.
serialize
()
credential_recovery
.
submit
()
credential_recovery
.
submit
()
product/ERP5/tests/testAuthenticationPolicy.py
View file @
9ca9edce
...
@@ -634,13 +634,16 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
...
@@ -634,13 +634,16 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
basic
=
self
.
id
()
+
':password'
,
basic
=
self
.
id
()
+
':password'
,
)
)
# User cannot login
# User cannot login
# fire 5 requests, only 1 credential recovery should be created
for
i
in
range
(
5
):
response
=
publish
()
response
=
publish
()
self
.
assertTrue
(
response
.
getHeader
(
"Location"
).
endswith
(
"login_form"
))
self
.
assertTrue
(
response
.
getHeader
(
"Location"
).
endswith
(
"login_form"
))
self
.
tic
()
self
.
tic
()
# and a credential recovery is created automatically
# and a credential recovery is created automatically
credential_recovery
,
=
person
.
getDestinationDecisionRelatedValueList
(
credential_recovery
_list
=
person
.
getDestinationDecisionRelatedValueList
(
portal_type
=
'Credential Recovery'
)
portal_type
=
'Credential Recovery'
)
self
.
assertEqual
(
len
(
credential_recovery_list
),
1
)
# trying to login again does not create a new credential recovery
# trying to login again does not create a new credential recovery
response
=
publish
()
response
=
publish
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment