##parameters=
# $Id: change_password.py 5045 2010-03-10 08:48:18Z henrik $
"""

"""

request = context.REQUEST
import DateTime,logging
try:
    from Products.zdb import set_trace
except:
    def set_trace():
        pass

current = DateTime.DateTime()
#pr = context.portal_registration
logger = logging.getLogger('Skins.change_password')
validate = request.has_key("change_password")
students_dir = context.portal_directories.students
mtool = context.portal_membership
member = mtool.getAuthenticatedMember()
member_id = str(member)
lt = context.portal_layouts
wt = context.waeup_tool
requested_id = context.getStudentId()
if requested_id and not context.isStaff() and member_id != requested_id:
    logger.info('%s tried to access %s' % (member_id,requested_id))
    return None
elif context.isStaff():
    student_id = requested_id
else:
    student_id = member_id
res,psm,ds = lt.renderLayout(layout_id= 'student_change_password',
                      schema_id= 'student_change_password',
                      context=context,
                      mapping=validate and request,
                      ob = {},
                      layout_mode='edit',
                      button = "Change Password",
                      commit = False,
                      )
if psm == '':
    return context.change_password_form(rendered = res,
                                 psm = None,
                                 ds = ds,
                                 mode = "edit",
                                 formaction = "change_password",
                                 button = "Change Password",
                                 )
elif psm == 'invalid':
    psm = "Please correct your input!"
    return context.change_password_form(rendered = res,
                                 psm = psm,
                                 ds = ds,
                                 mode = "edit",
                                 formaction = "change_password",
                                 button = "Change Password",
                                 )
else:
    pass
old_password = request.get('widget__old_password')
if not wt.checkPassword(student_id,old_password):
    psm = "Old password is not correct!"
    return context.change_password_form(rendered = res,
                             psm = psm,
                             ds = ds,
                             mode = "edit",
                             formaction = "change_password",
                             button = "Change Password",
                             )
#set_trace()
password = request.get('widget__password')
if not len(password):
    psm = "Please enter a new password!"
    return context.change_password_form(rendered = res,
                             psm = psm,
                             ds = ds,
                             mode = "edit",
                             formaction = "change_password",
                             button = "Change Password",
                             )

wt.editPassword(student_id,password)
logger.info('%s changed password from %s to %s' % (member_id,old_password,password))

if context.isStaff():
    return 'Password changed!'

args = {}
args['__ac_name'] = student_id
args['__ac_password'] = password

from urllib import urlencode
url = "%s/logged_in?%s" % (context.absolute_url(),urlencode(args))
return request.RESPONSE.redirect(url)