X-Git-Url: https://scm.cri.mines-paristech.fr/git/Plinn.git/blobdiff_plain/65ff5cb6e355242be8f93d5ef1f26190af3f44e6..3ea03165707ec21e141b91c554596bc440872312:/Products/Plinn/RegistrationTool.py diff --git a/Products/Plinn/RegistrationTool.py b/Products/Plinn/RegistrationTool.py index 3cd5e4d..3e04db1 100644 --- a/Products/Plinn/RegistrationTool.py +++ b/Products/Plinn/RegistrationTool.py @@ -35,6 +35,7 @@ from Products.CMFCore.exceptions import AccessControl_Unauthorized from Products.CMFDefault.exceptions import EmailAddressInvalid from Products.CMFCore.utils import getToolByName from Products.CMFCore.utils import getUtilityByInterfaceName +from Products.CMFCore.utils import _checkPermission from Products.CMFDefault.utils import checkEmailAddress from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups from Products.Plinn.utils import Message as _ @@ -183,7 +184,7 @@ class RegistrationTool(BaseRegistrationTool) : private_collections = portal.get('private_collections') if not private_collections : raise AccessControl_Unauthorized() - return + data = private_collections.data lines = filter(None, [l.strip() for l in data.split('\n')]) assert len(lines) % 3 == 0 @@ -194,7 +195,6 @@ class RegistrationTool(BaseRegistrationTool) : if not (collecInfos.has_key(properties.get('collection_id')) and \ collecInfos[properties.get('collection_id')]['pw'] == properties.get('collection_password')) : raise AccessControl_Unauthorized('Wrong primary credentials') - return BaseRegistrationTool.addMember(self, id, password, roles=roles, @@ -218,6 +218,27 @@ class RegistrationTool(BaseRegistrationTool) : BaseRegistrationTool.addMember(self, id, password, roles=roles, domains=domains, properties=properties) + security.declarePublic( 'testPasswordValidity' ) + def testPasswordValidity(self, password, confirm=None): + + """ Verify that the password satisfies the portal's requirements. + + o If the password is valid, return None. + o If not, return a string explaining why. + """ + if not password: + return _(u'You must enter a password.') + + if len(password) < 8 and not _checkPermission(ManagePortal, self): + return _(u'Your password must contain at least 8 characters.') + + if confirm is not None and confirm != password: + return _(u'Your password and confirmation did not match. ' + u'Please try again.') + + return None + + def afterAdd(self, member, id, password, properties): """ notify member creation """ @@ -233,7 +254,7 @@ class RegistrationTool(BaseRegistrationTool) : return str(uuid4()) security.declarePublic('requestPasswordReset') - def requestPasswordReset(self, userid, initialize=False): + def requestPasswordReset(self, userid, initial=False): """ add uuid / (userid, expiration) pair if ok: send an email to member. returns error message otherwise. """ @@ -263,12 +284,15 @@ class RegistrationTool(BaseRegistrationTool) : mailhost = portal.MailHost sender = encodeQuopriEmail(ptool.getProperty('email_from_name'), ptool.getProperty('email_from_address')) to = encodeQuopriEmail(member.getMemberFullName(nameBefore=0), member.getProperty('email')) - if initialize : - subject = translate(_('How to initialize your password on the %s website')) % ptool.getProperty('title') + if initial : + subject = translate(_('Complete your registration on the %s website')) % ptool.getProperty('title') else : subject = translate(_('How to reset your password on the %s website')) % ptool.getProperty('title') subject = encodeMailHeader(subject) - options = {'fullName' : member.getMemberFullName(nameBefore=0), + options = {'initial' : initial, + 'fullName' : member.getMemberFullName(nameBefore=0), + 'member_id' : member.getId(), + 'loginIsNotEmail' : member.getId() != member.getProperty('email'), 'siteName' : ptool.getProperty('title'), 'resetPasswordUrl' : '%s/password_reset_form/%s' % (utool(), uuid)} body = self.password_reset_mail(options) @@ -313,7 +337,7 @@ class RegistrationTool(BaseRegistrationTool) : del self._passwordResetRequests[uuid] return userid, _('Password successfully updated.') else : - return None, _('"%s" username not found.') % userid + return None, _('"${userid}" username not found.', mapping={'userid': userid}) else : return None, msg