Changeset 7147 for main


Ignore:
Timestamp:
19 Nov 2011, 23:03:49 (13 years ago)
Author:
Henrik Bettermann
Message:

Implement PasswordValidator? global utility as suggested by Uli.

Location:
main/waeup.sirp/trunk/src/waeup/sirp
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.sirp/trunk/src/waeup/sirp/authentication.py

    r7137 r7147  
    99from zope.securitypolicy.interfaces import IPrincipalRoleManager
    1010from zope.securitypolicy.principalrole import principalRoleManager
    11 from waeup.sirp.interfaces import IUserAccount, IAuthPluginUtility
     11from waeup.sirp.interfaces import (
     12    IUserAccount, IAuthPluginUtility, IPasswordValidator)
    1213
    1314def setup_authentication(pau):
     
    170171        site = grok.getSite()
    171172        return site['users']
     173
     174class PasswordValidator(grok.GlobalUtility):
     175
     176  grok.implements(IPasswordValidator)
     177
     178  def validate_password(self, pw, pw_repeat):
     179       errors = []
     180       if len(pw) < 3:
     181         errors.append('Password must have at least 3 chars.')
     182       if pw != pw_repeat:
     183         errors.append('Passwords do not match.')
     184       return errors
    172185
    173186@grok.subscribe(IUserAccount, grok.IObjectRemovedEvent)
  • main/waeup.sirp/trunk/src/waeup/sirp/interfaces.py

    r7137 r7147  
    195195        value_type = schema.Choice(source=RoleSource()))
    196196
     197class IPasswordValidator(Interface):
     198    """A password validator utility.
     199    """
     200
     201    def validate_password(password, password_repeat):
     202        """Validates a password by comparing it with
     203        control password and checking some other requirements.
     204        """
     205
    197206
    198207class IUserContainer(IWAeUPObject):
  • main/waeup.sirp/trunk/src/waeup/sirp/students/authentication.py

    r7144 r7147  
    3333from zope.session.interfaces import ISession
    3434from waeup.sirp.authentication import PrincipalInfo, get_principal_role_manager
    35 from waeup.sirp.interfaces import IAuthPluginUtility, IUserAccount
     35from waeup.sirp.interfaces import (
     36    IAuthPluginUtility, IUserAccount, IPasswordValidator)
    3637from waeup.sirp.students.interfaces import IStudent
    3738
     
    228229            return None
    229230
    230         if password != password_repeat:
    231             # At least protect against erraneous password input
    232             return None
    233 
    234         if len(password) < 3:
    235             # XXX: these checks should be generalized somehow, as we
    236             # do the same stuff in password setting views.
     231        validator = getUtility(IPasswordValidator)
     232        errors = validator.validate_password(password, password_repeat)
     233        if errors:
    237234            return None
    238235
  • main/waeup.sirp/trunk/src/waeup/sirp/students/browser.py

    r7145 r7147  
    3434from waeup.sirp.browser.viewlets import (
    3535    ManageActionButton, PrimaryNavTab, AddActionButton)
    36 from waeup.sirp.interfaces import IWAeUPObject, IUserAccount, IExtFileStore
     36from waeup.sirp.interfaces import (
     37    IWAeUPObject, IUserAccount, IExtFileStore, IPasswordValidator)
    3738from waeup.sirp.widgets.datewidget import (
    3839    FriendlyDateWidget, FriendlyDateDisplayWidget,
     
    5354from waeup.sirp.students.utils import (
    5455    get_payment_details, get_accommodation_details, select_bed,
    55     render_pdf, validatePassword)
     56    render_pdf)
    5657from waeup.sirp.browser.resources import toggleall
    5758from waeup.sirp.authentication import get_principal_role_manager
     
    408409        password_ctl = form.get('control_password', None)
    409410        if password:
    410             if (password != password_ctl):
    411                 self.flash('Passwords do not match.')
    412             else:
    413                 # XXX: This is too early. PW should only be saved if there
    414                 #      are no (other) errors left in form.
    415                 IUserAccount(self.context).setPassword(password)
    416                 write_log_message(self, 'password changed')
    417 
    418         # The following is now done by contextual_reg_num_source validation
    419         #self.reg_number = form.get('form.reg_number', None)
    420         #if self.reg_number:
    421         #    hitlist = search(query=self.reg_number,searchtype='reg_number', view=self)
    422         #    if hitlist and hitlist[0].student_id != self.context.student_id:
    423         #        self.flash('Registration number exists.')
    424         #        return
    425         #self.matric_number = form.get('form.matric_number', None)
    426         #if self.matric_number:
    427         #    hitlist = search(query=self.matric_number,
    428         #        searchtype='matric_number', view=self)
    429         #    if hitlist and hitlist[0].student_id != self.context.student_id:
    430         #        self.flash('Matriculation number exists.')
    431         #        return
    432 
     411            validator = getUtility(IPasswordValidator)
     412            errors = validator.validate_password(password, password_ctl)
     413            if errors:
     414                self.flash( ' '.join(errors))
     415                return
     416        changed_fields = self.applyData(self.context, **data)
    433417        # Turn list of lists into single list
    434         changed_fields = self.applyData(self.context, **data)
    435418        if changed_fields:
    436419            changed_fields = reduce(lambda x,y: x+y, changed_fields.values())
    437         fields_string = ' + '.join(changed_fields)
    438         self.context._p_changed = True
     420        else:
     421            changed_fields = []
     422        if password:
     423            # Now we know that the form has no errors and can set password ...
     424            IUserAccount(self.context).setPassword(password)
     425            changed_fields.append('password')
     426        # ... and execute transition
    439427        if form.has_key('transition') and form['transition']:
    440428            transition_id = form['transition']
    441429            self.wf_info.fireTransition(transition_id)
     430        fields_string = ' + '.join(changed_fields)
    442431        self.flash('Form has been saved.')
    443432        if fields_string:
     
    15231512        password_ctl = form.get('change_password_repeat', None)
    15241513        if password:
    1525             if (password != password_ctl):
    1526                 self.flash('Passwords do not match.')
     1514            validator = getUtility(IPasswordValidator)
     1515            errors = validator.validate_password(password, password_ctl)
     1516            if not errors:
     1517                IUserAccount(self.context).setPassword(password)
     1518                write_log_message(self, 'saved: password')
     1519                self.flash('Password changed.')
    15271520            else:
    1528                 error = validatePassword(password)
    1529                 if not error:
    1530                     IUserAccount(self.context).setPassword(password)
    1531                     write_log_message(self, 'password changed')
    1532                     self.flash('Password changed.')
    1533                 else:
    1534                     self.flash(error)
     1521                self.flash( ' '.join(errors))
    15351522        return
    15361523
  • main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_browser.py

    r7144 r7147  
    657657            name="change_password_repeat").value = 'pw'
    658658        self.browser.getControl("Save").click()
    659         self.assertTrue('Value is too short' in self.browser.contents)
     659        self.assertTrue('Password must have at least' in self.browser.contents)
    660660        self.browser.getControl(name="change_password").value = 'new_password'
    661661        self.browser.getControl(
  • main/waeup.sirp/trunk/src/waeup/sirp/students/utils.py

    r7145 r7147  
    3333    student['studycourse'].previous_verdict = verdict
    3434    return
    35 
    36 def validatePassword(password):
    37     if len(password) < 4:
    38         return u'Value is too short.'
    39     return None
    4035
    4136# To be specified in customization packages, see also the view which
Note: See TracChangeset for help on using the changeset viewer.