Ignore:
Timestamp:
9 Sep 2011, 15:51:56 (13 years ago)
Author:
Henrik Bettermann
Message:

Add SetPassword? page which uses an PWD access code as password for first-time login (admission checking).

Remove password from schema. This makes things much easier to handle.

Location:
main/waeup.sirp/trunk/src/waeup/sirp/students
Files:
2 added
6 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.sirp/trunk/src/waeup/sirp/students/browser.py

    r6696 r6699  
    7070from waeup.sirp.students.student import Student
    7171from waeup.sirp.students.catalog import search
     72from waeup.sirp.accesscodes import invalidate_accesscode, get_access_code
     73from waeup.sirp.accesscodes.workflow import USED
    7274
    7375class StudentsTab(PrimaryNavTab):
     
    142144        return
    143145
     146class SetPassword(WAeUPPage):
     147    grok.context(IWAeUPObject)
     148    grok.name('setpassword')
     149    grok.require('waeup.Public')
     150    title = ''
     151    label = 'Set password for first-time login'
     152    acprefix = 'PWD'
     153    pnav = 4
     154
     155    def update(self, SUBMIT=None):
     156        self.reg_number = self.request.form.get('form.reg_number', None)
     157        # We must not use form.ac_series and form.ac_number in forms since these
     158        # are interpreted by applicant credentials
     159        self.acseries = self.request.form.get('form.acseries', None)
     160        self.acnumber = self.request.form.get('form.acnumber', None)
     161       
     162        if SUBMIT is None:
     163            return
     164        hitlist = search(query=self.reg_number,
     165            searchtype='reg_number', view=self)
     166        if not hitlist:
     167            self.flash('No student found.')
     168            return
     169        if len(hitlist) != 1:   # Cannot happen but anyway
     170            self.flash('More than one student found.')
     171            return
     172        self.student_id = hitlist[0].student_id
     173        student_pw = hitlist[0].context.password
     174        if student_pw:
     175            self.flash('Password has already been set. Please request a password reset.')
     176            return
     177        pin = '%s-%s-%s' % (self.acprefix,self.acseries,self.acnumber)
     178        code = get_access_code(pin)
     179        if not code:
     180            self.flash('Access code is invalid.')
     181            return
     182        # Mark pin as used (this also fires a pin related transition)
     183        # and set student password
     184        if code.state == USED:
     185            self.flash('Access code has already been used.')
     186            return
     187        else:
     188            comment = u"AC invalidated"
     189            # Here we know that the ac is in state initialized so we do not
     190            # expect an exception
     191            #import pdb; pdb.set_trace()
     192            invalidate_accesscode(pin,comment)
     193            IUserAccount(hitlist[0].context).setPassword(self.acnumber)
     194        return
     195
    144196class StudentsContainerManageActionButton(ManageActionButton):
    145197    grok.order(1)
     
    234286    grok.require('waeup.viewStudent')
    235287    grok.template('basepage')
    236     form_fields = grok.AutoFields(IStudentBase).omit('password')
     288    form_fields = grok.AutoFields(IStudentBase)  #.omit('password')
    237289    pnav = 4
    238290    title = 'Base Data'
     
    241293    def label(self):
    242294        return '%s: Base Data' % self.context.name
     295
     296    @property
     297    def hasPassword(self):
     298        if self.context.password:
     299            return 'set'
     300        return 'unset'
    243301
    244302class StudentBaseManageActionButton(ManageActionButton):
     
    289347            transition_id = form['transition']
    290348            self.wf_info.fireTransition(transition_id)
     349        if form.has_key('password') and form['password']:
     350            IUserAccount(self.context).setPassword(form['password'])
     351            if fields_string:
     352                fields_string += ' + password'
     353            else:
     354                fields_string = 'password'
    291355        self.flash('Form has been saved.')
    292356        ob_class = self.__implemented__.__name__.replace('waeup.sirp.','')
    293357        if fields_string:
    294358            self.context.loggerInfo(ob_class, 'saved: % s' % fields_string)
    295         if 'password' in fields_string:
    296             IUserAccount(self.context).setPassword(form['form.password'])
    297359        return
    298360
     
    496558        fields_string = '+'.join(' + '.join(str(i) for i in b) for b in changed_fields)
    497559        self.context._p_changed = True
     560        form = self.request.form
     561        if form.has_key('password') and form['password']:
     562            IUserAccount(self.context).setPassword(form['password'])
     563            if fields_string:
     564                fields_string += ' + password'
     565            else:
     566                fields_string = 'password'
    498567        self.flash('Form has been saved.')
    499         form = self.request.form
    500568        ob_class = self.__implemented__.__name__.replace('waeup.sirp.','')
    501569        if fields_string:
    502570            self.context.loggerInfo(ob_class, 'saved: % s' % fields_string)
    503         if 'password' in fields_string:
    504             IUserAccount(self.context).setPassword(form['form.password'])
    505571        return
    506572
  • main/waeup.sirp/trunk/src/waeup/sirp/students/browser_templates/baseeditpage.pt

    r6695 r6699  
    3838        </tr>
    3939      </tal:block>
     40      <tr>
     41        <td class="label"><label>Password:</label></td>
     42        <td>
     43          <input name="password" type="password" tal:attributes="value view/context/password" />
     44        </td>
     45      </tr>
    4046    </tbody>
    4147  </table>
  • main/waeup.sirp/trunk/src/waeup/sirp/students/browser_templates/basemanagepage.pt

    r6695 r6699  
    3939      </tal:block>
    4040      <tr>
     41        <td class="label"><label>Password:</label></td>
     42        <td>
     43          <input name="password" type="password" tal:attributes="value view/context/password" />
     44        </td>
     45      </tr>
     46      <tr>
    4147        <td class="label"><label>Registration Transition:</label></td>
    4248        <td>
  • main/waeup.sirp/trunk/src/waeup/sirp/students/interfaces.py

    r6696 r6699  
    6262    state = Attribute('Returns the registration state of a student')
    6363    #student_id = Attribute('Randomly generated id')
     64    password = Attribute('Encrypted password of a student')
    6465
    6566    def loggerInfo(ob_class, comment):
     
    7677        default = u'Nobody',
    7778        required = True,
    78         )
    79 
    80     password = schema.Password(
    81         title = u'Password',
    82         required = False,
    8379        )
    8480
     
    152148        )
    153149
    154     password = schema.Password(
    155         title = u'Password',
    156         required = True,
    157         )
    158 
    159150IStudentBaseEdit['name'].order =  IStudentBase['name'].order
    160151
  • main/waeup.sirp/trunk/src/waeup/sirp/students/student.py

    r6695 r6699  
    4545        except ComponentLookupError:
    4646            self.student_id = u'Z654321'
     47        self.password = None
    4748        return
    4849
  • main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_browser.py

    r6695 r6699  
    205205        self.browser.getControl(name="transition").value = ['admit']
    206206        self.browser.getControl(name="form.name").value = 'John Tester'
    207         self.browser.getControl(name="form.password").value = 'secret'
     207        self.browser.getControl(name="form.reg_number").value = '123'
     208        self.browser.getControl(name="password").value = 'secret'
    208209        self.browser.getControl("Save").click()
    209         self.assertTrue('Form has been saved' in self.browser.contents)
     210        self.assertMatches('...Form has been saved...',
     211                           self.browser.contents)
     212        #self.assertTrue('Form has been saved' in self.browser.contents)
    210213
    211214        self.browser.open(self.student_path)
     
    262265        # Change password
    263266        self.browser.getLink("Change password").click()
    264         self.browser.getControl(name="form.password").value = 'new_password'
     267        self.browser.getControl(name="password").value = 'new_password'
    265268        self.browser.getControl("Save").click()
    266269        self.assertTrue('Form has been saved' in self.browser.contents)
     
    276279        self.browser.open(self.login_path)
    277280        self.browser.getControl(name="form.login").value = self.test_student_id
    278         self.browser.getControl(name="form.password").value = 'new_password'
     281        self.browser.getControl(name="password").value = 'new_password'
    279282        self.browser.getControl("Login").click()
    280283        self.assertEqual(self.browser.url, self.student_path)
Note: See TracChangeset for help on using the changeset viewer.