Mercurial > moin > 1.9
changeset 5917:c99f570e274a
moin account resetpw: make password optional, to be able to set a invalid password
this is needed for resetting a password (or many passwords) so that the user is
not able to login, but just to recover using password recovery.
author | Thomas Waldmann <tw AT waldmann-edv DOT de> |
---|---|
date | Thu, 17 Jan 2013 22:39:00 +0100 |
parents | 881d9053592a |
children | 5126fadbf24f |
files | MoinMoin/script/account/resetpw.py MoinMoin/user.py |
diffstat | 2 files changed, 23 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/script/account/resetpw.py Wed Jan 16 16:16:42 2013 +0100 +++ b/MoinMoin/script/account/resetpw.py Thu Jan 17 22:39:00 2013 +0100 @@ -19,17 +19,27 @@ Detailed Instructions: ====================== -General syntax: moin [options] account resetpw [newpw-options] newpassword +General syntax: moin [options] account resetpw [newpw-options] [newpassword] [options] usually should be: --config-dir=/path/to/my/cfg/ --wiki-url=http://wiki.example.org/ +newpassword: + The new password, optional. If newpassword is not given, the password will + be invalidated (and the user will not be able to log in with any password, + so the user will need to do a password recovery). + [newpw-options] see below: 1. To change JohnSmith's password: moin ... account resetpw --name JohnSmith new-password 2. To change the password for the UID '1198872910.78.56322': moin ... account resetpw --uid 1198872910.78.56322 new-password + + 3. To invalidate the password of all users and notify them via e-mail, + giving verbose progress information: + moin ... --verbose account resetpw --all-users --notify + (be careful: if you have many users, this will generate many e-mails) """ def __init__(self, argv, def_values): @@ -56,9 +66,13 @@ ) def mainloop(self): - if len(self.args) != 1: - self.parser.error("no new password given") - newpass = self.args[0] + argc = len(self.args) + if argc < 1: + newpass = None + elif argc == 1: + newpass = self.args[0] + else: + self.parser.error("too many arguments given") flags_given = self.options.uid or self.options.uname or self.options.all_users if not flags_given:
--- a/MoinMoin/user.py Wed Jan 16 16:16:42 2013 +0100 +++ b/MoinMoin/user.py Thu Jan 17 22:39:00 2013 +0100 @@ -183,7 +183,11 @@ elif uname: u = User(request, None, uname) if u and u.exists(): - u.enc_password = encodePassword(newpass) + if not newpass: + # set a invalid password hash + u.enc_password = '' + else: + u.enc_password = encodePassword(newpass) u.save() if notify and not u.disabled and u.email: mailok, msg = u.mailAccountData()