Changeset 3731

Timestamp:

05/28/08 01:02:59 (6 months ago)

Author:

pacopablo

Message:

Added forcing password change after reset. Patch by s0undt3ch. Minor change such that the message indicating password reset needed isn't shown after a successful password reset. Fixes #1427

Files:

• accountmanagerplugin/trunk/acct_mgr/admin.py (modified) (4 diffs)
• accountmanagerplugin/trunk/acct_mgr/api.py (modified) (2 diffs)
• accountmanagerplugin/trunk/acct_mgr/templates/admin_accountsconfig.html (modified) (1 diff)
• accountmanagerplugin/trunk/acct_mgr/templates/prefs_account.html (modified) (2 diffs)
• accountmanagerplugin/trunk/acct_mgr/web_ui.py (modified) (10 diffs)

accountmanagerplugin/trunk/acct_mgr/admin.py

@@ -58 +58 @@
-                    self.config.set(option.section, option.name, newvalue)
-                    self.config.save()
+            self.config.set('account-manager', 'force_passwd_change',
+                            req.args.get('force_passwd_change'))
+            self.config.save()
+
+
-        try:
-            selected = self.account_manager.password_store
@@ -76 +81 @@
-        ]
-        sections = sorted(sections, key=lambda i: i['name'])
-
+
+
+
-
-    def _do_users(self, req):
@@ -136 +143 @@
-
-    # ITemplateProvider
-
+
-    def get_htdocs_dirs(self):
-        """Return the absolute path of a directory containing additional
@@ -142 +149 @@
-        """
-        return []
-
+
-    def get_templates_dirs(self):
-        """Return the absolute path of the directory containing the provided

accountmanagerplugin/trunk/acct_mgr/api.py

@@ -11 +11 @@
-
-from trac.core import *
-
+BoolOption, 
-
-class IPasswordStore(Interface):
@@ -86 +86 @@
-    stores = ExtensionPoint(IPasswordStore)
-    change_listeners = ExtensionPoint(IAccountChangeListener)
+    force_passwd_change = BoolOption('account-manager', 'force_passwd_change',
+                                     True, doc="Forge the user to change "
+                                     "password when it's reset.")
-
-    # Public API

accountmanagerplugin/trunk/acct_mgr/templates/admin_accountsconfig.html

@@ -30 +30 @@
-        </div>
-      </fieldset>
+      <fieldset>
+        <legend>Password Reset</legend>
+        <label for="force_passwd_change">
+          Force users to change passwords after a password reset?
+        </label>
+        <input type="radio" name="force_passwd_change" value="true"
+          checked="${force_passwd_change and 'checked' or None}">Yes</input>
+        <input type="radio" name="force_passwd_change" value="false"
+          checked="${not force_passwd_change and 'checked' or None}">No</input>
+      </fieldset>
-      <div class="buttons">
-        <input type="submit" name="save" value="Save" />

accountmanagerplugin/trunk/acct_mgr/templates/prefs_account.html

@@ -35 +35 @@
-    </py:if>
-  </div>
-
+
-  <head>
-    <title>Account</title>
@@ -45 +45 @@
-      <p>$account.error</p>
-    </div>
-
+
+
+
+
+
+
-    <p py:if="account.message">$account.message</p>
-    <h2>Change Password</h2>

accountmanagerplugin/trunk/acct_mgr/web_ui.py

@@ -20 +20 @@
-from trac.web import auth
-from trac.web.api import IAuthenticator
-
+, IRequestFilter
-from trac.web.chrome import INavigationContributor, ITemplateProvider
-trac.util import Markup
+genshi.builder import tag
-
-from api import AccountManager
@@ -120 +120 @@
-    """
-
-
+
+
-
-    _password_chars = string.ascii_letters + string.digits
- 8,
-
+
+8, 
-                                'created when resetting the password for an '
-                                'account.')
@@ -158 +159 @@
-        return 'reset_password.html', data, None
-
+    # IRequestFilter methods
+    def pre_process_request(self, req, handler):
+        return handler
+
+    def post_process_request(self, req, template, data, content_type):
+        if req.authname and req.authname != 'anonymous':
+            if req.session.get('force_change_passwd', False):
+                redirect_url = req.href.prefs('account')
+                if req.path_info != redirect_url:
+                    req.redirect(redirect_url)
+        return (template, data, content_type)
+
-    # INavigationContributor methods
-    def get_active_navigation_item(self, req):
@@ -166 +179 @@
-            return
-        if req.authname == 'anonymous':
-
+
+
-
-    def reset_password_enabled(self):
@@ -180 +194 @@
-        delete_enabled = AccountManager(self.env).supports('delete_user')
-        data = {'delete_enabled': delete_enabled}
+        force_change_password = req.session.get('force_change_passwd', False)
+        if force_change_password:
+            data['force_change_passwd'] = True
-        if req.method == 'POST':
-            if action == 'save':
-                data.update(self._do_change_password(req))
+                if force_change_password:
+                    data['force_change_passwd'] = False
+                    del(req.session['force_change_passwd'])
+                    req.session.save()
-            elif action == 'delete' and delete_enabled:
-                data.update(self._do_delete(req))
@@ -209 +230 @@
-        new_password = self._random_password()
-        notifier.notify(username, new_password)
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-        return {'sent_to_email': email}
-
@@ -250 +285 @@
-
-    # ITemplateProvider
-
+
-    def get_htdocs_dirs(self):
-        """Return the absolute path of a directory containing additional
@@ -298 +333 @@
-            return
-        if req.authname == 'anonymous':
-
+
+
+
-
-    # IRequestHandler methods
@@ -325 +362 @@
-
-    # ITemplateProvider
-
+
-    def get_htdocs_dirs(self):
-        """Return the absolute path of a directory containing additional
@@ -402 +439 @@
-
-    # ITemplateProvider
-
+
-    def get_htdocs_dirs(self):
-        """Return the absolute path of a directory containing additional