changeset 2367:405032c82324

introduce changepass userprefs plugin
author Johannes Berg <johannes AT sipsolutions DOT net>
date Thu, 12 Jul 2007 11:40:52 +0200
parents 2f36b737022a
children 5fc0717a060f
files MoinMoin/config/multiconfig.py MoinMoin/userprefs/changepass.py MoinMoin/userprefs/prefs.py
diffstat 3 files changed, 121 insertions(+), 26 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/config/multiconfig.py	Thu Jul 12 11:40:20 2007 +0200
+++ b/MoinMoin/config/multiconfig.py	Thu Jul 12 11:40:52 2007 +0200
@@ -565,8 +565,6 @@
     user_form_fields = [
         ('name', _('Name'), "text", "36", _("(Use Firstname''''''Lastname)")),
         ('aliasname', _('Alias-Name'), "text", "36", ''),
-        ('password', _('Password'), "password", "36", ''),
-        ('password2', _('Password repeat'), "password", "36", _('(Only for password change or new account)')),
         ('email', _('Email'), "text", "36", ''),
         ('jid', _('Jabber ID'), "text", "36", ''),
         ('css_url', _('User CSS URL'), "text", "40", _('(Leave it empty for disabling user CSS)')),
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MoinMoin/userprefs/changepass.py	Thu Jul 12 11:40:52 2007 +0200
@@ -0,0 +1,119 @@
+# -*- coding: iso-8859-1 -*-
+"""
+    MoinMoin - Password change preferences plugin
+
+    @copyright: 2001-2004 Juergen Hermann <jh@web.de>,
+                2003-2007 MoinMoin:ThomasWaldmann
+                2007      MoinMoin:JohannesBerg
+    @license: GNU GPL, see COPYING for details.
+"""
+
+import time
+from MoinMoin import user, wikiutil
+from MoinMoin.widget import html
+from MoinMoin.userprefs import UserPrefBase
+
+
+class Settings(UserPrefBase):
+    def __init__(self, request):
+        """ Initialize password change form. """
+        UserPrefBase.__init__(self, request)
+        self.request = request
+        self._ = request.getText
+        _ = request.getText
+        self.cfg = request.cfg
+        self.title = _("Change password")
+
+
+    def allowed(self):
+        return (not 'password' in self.cfg.user_form_remove and
+                not 'password' in self.cfg.user_form_disable and
+                UserPrefBase.allowed(self) and
+                not 'password' in self.request.user.auth_attribs)
+
+
+    def handle_form(self):
+        _ = self._
+        form = self.request.form
+
+        if form.has_key('cancel'):
+            return
+
+        if self.request.request_method != 'POST':
+            return
+
+        password = form.get('password', [''])[0]
+        password2 = form.get('password2', [''])[0]
+
+        # Check if password is given and matches with password repeat
+        if password != password2:
+            return _("Passwords don't match!")
+
+        # Encode password
+        if password and not password.startswith('{SHA}'):
+            try:
+                self.request.user.enc_password = user.encodePassword(password)
+                self.request.user.save()
+                return _("Your password has been changed.")
+            except UnicodeError, err:
+                # Should never happen
+                return "Can't encode password: %s" % str(err)
+
+
+    def _make_form(self):
+        """ Create the FORM, and the TABLE with the input fields
+        """
+        _ = self._
+        sn = self.request.getScriptname()
+        pi = self.request.getPathinfo()
+        action = u"%s%s" % (sn, pi)
+        self._form = html.FORM(action=action)
+        self._table = html.TABLE(border="0")
+
+        # Use the user interface language and direction
+        lang_attr = self.request.theme.ui_lang_attr()
+        self._form.append(html.Raw('<div class="userpref"%s>' % lang_attr))
+
+        self._form.append(html.STRONG().append(html.P().append(html.Text(
+            _("To change your password, enter a new password twice.")))))
+
+        self._form.append(self._table)
+        self._form.append(html.Raw("</div>"))
+
+
+    def _make_row(self, label, cell, **kw):
+        """ Create a row in the form table.
+        """
+        self._table.append(html.TR().extend([
+            html.TD(**kw).extend([html.B().append(label), '   ']),
+            html.TD().extend(cell),
+        ]))
+
+
+    def create_form(self, create_only=False, recover_only=False):
+        """ Create the complete HTML form code. """
+        _ = self._
+        self._make_form()
+
+        self._make_row(_('Password'),
+                       [html.INPUT(type="password", size=36, name="password")])
+        self._make_row(_('Password repeat'),
+                       [html.INPUT(type="password", size=36, name="password2")])
+
+        self._form.append(html.INPUT(type="hidden", name="action",
+                                     value="userprefs"))
+        self._form.append(html.INPUT(type="hidden", name="handler",
+                                     value="changepass"))
+
+        # Add buttons
+        self._form.append(html.INPUT(type="hidden", name="action",
+                                     value="userprefs"))
+        self._form.append(html.INPUT(type="hidden", name="handler",
+                                     value="changepass"))
+
+        self._make_row('', [
+                html.INPUT(type="submit", name='save', value=_("Save")),
+                html.INPUT(type="submit", name='cancel', value=_("Cancel")),
+              ])
+
+        return unicode(self._form)
--- a/MoinMoin/userprefs/prefs.py	Thu Jul 12 11:40:20 2007 +0200
+++ b/MoinMoin/userprefs/prefs.py	Thu Jul 12 11:40:52 2007 +0200
@@ -19,7 +19,6 @@
 # The plan for refactoring would be:
 # split the plugin into multiple preferences pages:
 #    - account details (name, email, timezone, ...)
-#    - change password
 #    - wiki settings (editor, fancy diffs, theme, ...)
 #    - notification settings (trivial, subscribed pages, ...)
 #    - quick links (or leave in wiki settings?)
@@ -85,23 +84,6 @@
             if not theuser.name:
                 return _("Empty user name. Please enter a user name.")
 
-        if not 'password' in theuser.auth_attribs:
-            # try to get the password and pw repeat
-            password = form.get('password', [''])[0]
-            password2 = form.get('password2', [''])[0]
-
-            # Check if password is given and matches with password repeat
-            if password != password2:
-                return _("Passwords don't match!")
-
-            # Encode password
-            if password and not password.startswith('{SHA}'):
-                try:
-                    theuser.enc_password = user.encodePassword(password)
-                except UnicodeError, err:
-                    # Should never happen
-                    return "Can't encode password: %s" % str(err)
-
         if not 'email' in theuser.auth_attribs:
             # try to get the email
             email = wikiutil.clean_input(form.get('email', [theuser.email])[0])
@@ -184,7 +166,7 @@
         # handler for each form field, instead of stuffing them all in
         # one long and inextensible method.  That would allow for
         # plugins to provide methods to validate their fields as well.
-        already_handled = ['name', 'password', 'password2', 'email',
+        already_handled = ['name', 'email',
                            'aliasname', 'edit_rows', 'editor_default',
                            'editor_ui', 'tz_offset', 'datetime_fmt',
                            'theme_name', 'language', 'jid']
@@ -381,11 +363,7 @@
             uf_remove = self.cfg.user_form_remove
             uf_disable = self.cfg.user_form_disable
             for attr in self.request.user.auth_attribs:
-                if attr == 'password':
-                    uf_remove.append(attr)
-                    uf_remove.append('password2')
-                else:
-                    uf_disable.append(attr)
+                uf_disable.append(attr)
             for key, label, type, length, textafter in self.cfg.user_form_fields:
                 default = self.cfg.user_form_defaults[key]
                 if not key in uf_remove: