- Timestamp:
- 19 Nov 2011, 23:03:49 (13 years ago)
- Location:
- main/waeup.sirp/trunk/src/waeup/sirp
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.sirp/trunk/src/waeup/sirp/authentication.py
r7137 r7147 9 9 from zope.securitypolicy.interfaces import IPrincipalRoleManager 10 10 from zope.securitypolicy.principalrole import principalRoleManager 11 from waeup.sirp.interfaces import IUserAccount, IAuthPluginUtility 11 from waeup.sirp.interfaces import ( 12 IUserAccount, IAuthPluginUtility, IPasswordValidator) 12 13 13 14 def setup_authentication(pau): … … 170 171 site = grok.getSite() 171 172 return site['users'] 173 174 class PasswordValidator(grok.GlobalUtility): 175 176 grok.implements(IPasswordValidator) 177 178 def validate_password(self, pw, pw_repeat): 179 errors = [] 180 if len(pw) < 3: 181 errors.append('Password must have at least 3 chars.') 182 if pw != pw_repeat: 183 errors.append('Passwords do not match.') 184 return errors 172 185 173 186 @grok.subscribe(IUserAccount, grok.IObjectRemovedEvent) -
main/waeup.sirp/trunk/src/waeup/sirp/interfaces.py
r7137 r7147 195 195 value_type = schema.Choice(source=RoleSource())) 196 196 197 class IPasswordValidator(Interface): 198 """A password validator utility. 199 """ 200 201 def validate_password(password, password_repeat): 202 """Validates a password by comparing it with 203 control password and checking some other requirements. 204 """ 205 197 206 198 207 class IUserContainer(IWAeUPObject): -
main/waeup.sirp/trunk/src/waeup/sirp/students/authentication.py
r7144 r7147 33 33 from zope.session.interfaces import ISession 34 34 from waeup.sirp.authentication import PrincipalInfo, get_principal_role_manager 35 from waeup.sirp.interfaces import IAuthPluginUtility, IUserAccount 35 from waeup.sirp.interfaces import ( 36 IAuthPluginUtility, IUserAccount, IPasswordValidator) 36 37 from waeup.sirp.students.interfaces import IStudent 37 38 … … 228 229 return None 229 230 230 if password != password_repeat: 231 # At least protect against erraneous password input 232 return None 233 234 if len(password) < 3: 235 # XXX: these checks should be generalized somehow, as we 236 # do the same stuff in password setting views. 231 validator = getUtility(IPasswordValidator) 232 errors = validator.validate_password(password, password_repeat) 233 if errors: 237 234 return None 238 235 -
main/waeup.sirp/trunk/src/waeup/sirp/students/browser.py
r7145 r7147 34 34 from waeup.sirp.browser.viewlets import ( 35 35 ManageActionButton, PrimaryNavTab, AddActionButton) 36 from waeup.sirp.interfaces import IWAeUPObject, IUserAccount, IExtFileStore 36 from waeup.sirp.interfaces import ( 37 IWAeUPObject, IUserAccount, IExtFileStore, IPasswordValidator) 37 38 from waeup.sirp.widgets.datewidget import ( 38 39 FriendlyDateWidget, FriendlyDateDisplayWidget, … … 53 54 from waeup.sirp.students.utils import ( 54 55 get_payment_details, get_accommodation_details, select_bed, 55 render_pdf , validatePassword)56 render_pdf) 56 57 from waeup.sirp.browser.resources import toggleall 57 58 from waeup.sirp.authentication import get_principal_role_manager … … 408 409 password_ctl = form.get('control_password', None) 409 410 if password: 410 if (password != password_ctl): 411 self.flash('Passwords do not match.') 412 else: 413 # XXX: This is too early. PW should only be saved if there 414 # are no (other) errors left in form. 415 IUserAccount(self.context).setPassword(password) 416 write_log_message(self, 'password changed') 417 418 # The following is now done by contextual_reg_num_source validation 419 #self.reg_number = form.get('form.reg_number', None) 420 #if self.reg_number: 421 # hitlist = search(query=self.reg_number,searchtype='reg_number', view=self) 422 # if hitlist and hitlist[0].student_id != self.context.student_id: 423 # self.flash('Registration number exists.') 424 # return 425 #self.matric_number = form.get('form.matric_number', None) 426 #if self.matric_number: 427 # hitlist = search(query=self.matric_number, 428 # searchtype='matric_number', view=self) 429 # if hitlist and hitlist[0].student_id != self.context.student_id: 430 # self.flash('Matriculation number exists.') 431 # return 432 411 validator = getUtility(IPasswordValidator) 412 errors = validator.validate_password(password, password_ctl) 413 if errors: 414 self.flash( ' '.join(errors)) 415 return 416 changed_fields = self.applyData(self.context, **data) 433 417 # Turn list of lists into single list 434 changed_fields = self.applyData(self.context, **data)435 418 if changed_fields: 436 419 changed_fields = reduce(lambda x,y: x+y, changed_fields.values()) 437 fields_string = ' + '.join(changed_fields) 438 self.context._p_changed = True 420 else: 421 changed_fields = [] 422 if password: 423 # Now we know that the form has no errors and can set password ... 424 IUserAccount(self.context).setPassword(password) 425 changed_fields.append('password') 426 # ... and execute transition 439 427 if form.has_key('transition') and form['transition']: 440 428 transition_id = form['transition'] 441 429 self.wf_info.fireTransition(transition_id) 430 fields_string = ' + '.join(changed_fields) 442 431 self.flash('Form has been saved.') 443 432 if fields_string: … … 1523 1512 password_ctl = form.get('change_password_repeat', None) 1524 1513 if password: 1525 if (password != password_ctl): 1526 self.flash('Passwords do not match.') 1514 validator = getUtility(IPasswordValidator) 1515 errors = validator.validate_password(password, password_ctl) 1516 if not errors: 1517 IUserAccount(self.context).setPassword(password) 1518 write_log_message(self, 'saved: password') 1519 self.flash('Password changed.') 1527 1520 else: 1528 error = validatePassword(password) 1529 if not error: 1530 IUserAccount(self.context).setPassword(password) 1531 write_log_message(self, 'password changed') 1532 self.flash('Password changed.') 1533 else: 1534 self.flash(error) 1521 self.flash( ' '.join(errors)) 1535 1522 return 1536 1523 -
main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_browser.py
r7144 r7147 657 657 name="change_password_repeat").value = 'pw' 658 658 self.browser.getControl("Save").click() 659 self.assertTrue(' Value is too short' in self.browser.contents)659 self.assertTrue('Password must have at least' in self.browser.contents) 660 660 self.browser.getControl(name="change_password").value = 'new_password' 661 661 self.browser.getControl( -
main/waeup.sirp/trunk/src/waeup/sirp/students/utils.py
r7145 r7147 33 33 student['studycourse'].previous_verdict = verdict 34 34 return 35 36 def validatePassword(password):37 if len(password) < 4:38 return u'Value is too short.'39 return None40 35 41 36 # To be specified in customization packages, see also the view which
Note: See TracChangeset for help on using the changeset viewer.