[Bps-public-commit] rt-extension-resetpassword branch, new-user-create-password, created. 1.04-4-g46c26c7

Craig Kaiser craig at bestpractical.com
Thu Jan 9 15:44:57 EST 2020


The branch, new-user-create-password has been created
        at  46c26c73c6ac2a9cb1f5b20927f777f1d5335ba0 (commit)

- Log -----------------------------------------------------------------
commit 5d80792e7f4ced04ac29d08e78e5dd540231ad1e
Author: Craig Kaiser <craig at bestpractical.com>
Date:   Thu Jan 9 11:42:11 2020 -0500

    Move token generation and password reset to lib method

diff --git a/html/NoAuth/ResetPassword/Request.html b/html/NoAuth/ResetPassword/Request.html
index 794c44c..8a45b20 100644
--- a/html/NoAuth/ResetPassword/Request.html
+++ b/html/NoAuth/ResetPassword/Request.html
@@ -65,22 +65,7 @@ if ($ARGS{'Email'}) {
     my $u = RT::User->new($RT::SystemUser);
     $u->LoadByCols(EmailAddress => $ARGS{'Email'});
     if ($u->id and $u->HasPassword and not $u->Disabled) {
-        my $token = Digest::MD5->new()->add(
-            $u->id,
-            $u->__Value('Password'),
-            $RT::DatabasePassword,
-            $u->LastUpdated,
-            @{[$RT::WebPath]} . '/NoAuth/ResetPassword/Reset'
-        )->hexdigest();
-
-        my ($status, $msg) = RT::Interface::Email::SendEmailUsingTemplate(
-            To        => $u->EmailAddress,
-            Template  => 'PasswordReset',
-            Arguments => {
-                Token => $token,
-                User  => $u,
-            },
-        );
+        my ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
 
         if ($status) {
             push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 1e96f02..13f973c 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -5,6 +5,29 @@ use warnings;
 
 our $VERSION = '1.04';
 
+sub CreateTokenAndResetPassword {
+    my $self = shift;
+    my $user = shift;
+
+    my $token = Digest::MD5->new()->add(
+        $user->id,
+        $user->__Value('Password'),
+        $RT::DatabasePassword,
+        $user->LastUpdated,
+        @{[$RT::WebPath]} . '/NoAuth/ResetPassword/Reset'
+    )->hexdigest();
+
+    my ($status, $msg) = RT::Interface::Email::SendEmailUsingTemplate(
+        To        => $user->EmailAddress,
+        Template  => 'PasswordReset',
+        Arguments => {
+            Token => $token,
+            User  => $user,
+        },
+    );
+    return ($status, $msg);
+}
+
 =head1 NAME
 
 RT::Extension::ResetPassword - add "forgot your password?" link to RT instance

commit a8ae09d34e772ba14e0fbfde27a905b5d6069444
Author: Craig Kaiser <craig at bestpractical.com>
Date:   Thu Jan 9 11:43:07 2020 -0500

    Allow for users to create priv user records with no account

diff --git a/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default b/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
index 3c99919..d6e744a 100644
--- a/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
+++ b/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
@@ -1,2 +1,5 @@
 <br/><div id="lostpassword" style="align:left;clear:both;">
 <a href="<%$RT::WebPath%>/NoAuth/ResetPassword/Request.html"><&|/l&>Forgot your password?</&></a></div>
+
+<div id="firstpassword" style="align:right;clear:both;">
+<a href="<%$RT::WebPath%>/NoAuth/ResetPassword/NewUser.html"><&|/l&>New user and need a password?</&></a></div>
diff --git a/html/NoAuth/ResetPassword/NewUser.html b/html/NoAuth/ResetPassword/NewUser.html
new file mode 100644
index 0000000..4910f0f
--- /dev/null
+++ b/html/NoAuth/ResetPassword/NewUser.html
@@ -0,0 +1,117 @@
+%# BEGIN BPS TAGGED BLOCK {{{
+%#
+%# COPYRIGHT:
+%#
+%# This software is Copyright (c) 1996-2019 Best Practical Solutions, LLC
+%#                                          <sales at bestpractical.com>
+%#
+%# (Except where explicitly superseded by other copyright notices)
+%#
+%#
+%# LICENSE:
+%#
+%# This work is made available to you under the terms of Version 2 of
+%# the GNU General Public License. A copy of that license should have
+%# been provided with this software, but in any event can be snarfed
+%# from www.gnu.org.
+%#
+%# This work is distributed in the hope that it will be useful, but
+%# WITHOUT ANY WARRANTY; without even the implied warranty of
+%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%# General Public License for more details.
+%#
+%# You should have received a copy of the GNU General Public License
+%# along with this program; if not, write to the Free Software
+%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+%# 02110-1301 or visit their web page on the internet at
+%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+%#
+%#
+%# CONTRIBUTION SUBMISSION POLICY:
+%#
+%# (The following paragraph is not intended to limit the rights granted
+%# to you to modify and distribute this software under the terms of
+%# the GNU General Public License and is only of importance to you if
+%# you choose to contribute your changes and enhancements to the
+%# community by submitting them to Best Practical Solutions, LLC.)
+%#
+%# By intentionally submitting any modifications, corrections or
+%# derivatives to this work, or any other work intended for use with
+%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+%# you are the copyright holder for those contributions and you grant
+%# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
+%# royalty-free, perpetual, license to use, copy, create derivative
+%# works based on those contributions, and sublicense and distribute
+%# those contributions and any derivatives thereof.
+%#
+%# END BPS TAGGED BLOCK }}}
+<& /Elements/Header, Title => $title &>
+<div id="body" class="login-body">
+
+<h1><%$title%></h1>
+<& /Elements/ListActions, actions => \@actions  &>
+<p>
+<&|/l&>RT can send you an email message with a link that will allow you to set your password.</&>
+<form method="post" action="NewUser.html">
+    <&|/l&>Email address</&>:<input name="Email" value="" />
+    <input type="submit" class="button" value="<%loc('Send it!')%>" />
+</form>
+<a href="<%$RT::WebURL|n%>"><&|/l&>Login</&></a>
+</div>
+
+<%INIT>
+my @actions;
+
+my $title = loc("Create your password");
+
+if ($ARGS{'Email'}) {
+    my $u = RT::User->new($RT::SystemUser);
+    $u->LoadByCols(EmailAddress => $ARGS{'Email'});
+
+    if ($u->id and $u->HasPassword and $u->Privileged and not $u->Disabled) {
+        my ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+
+        if ($status) {
+            push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+            RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+        } else {
+            push @actions, loc("Failed to send password reset token, please contact your RT administrator.");
+            RT->Logger->error("Failed to send password reset token to " . $u->EmailAddress . ": $msg");
+        }
+    } elsif ($u->id and $u->Disabled) {
+        push @actions, loc("You can't reset your password because your user is disabled.");
+        RT->Logger->warning("Disabled user " . $u->Name . " attempted to reset password");
+    } elsif ($u->id and not $u->Privileged) {
+        my ($status, $msg) = $u->SetPrivileged(1);
+        RT::Logger->error($msg) unless $status;
+
+        ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+        if ($status) {
+            push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+            RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+        } else {
+            push @actions, loc("You can't reset your password as you don't already have one.");
+            RT->Logger->warning("$msg")
+        }
+    } else {
+        my ($status, $msg) = $u->Create(
+            Privileged => 1,
+            EmailAddress => $ARGS{'Email'},
+        );
+        RT::Logger->error($msg) unless $status;
+
+        ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+        if ($status) {
+            push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+            RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+        } else {
+            push @actions, loc("Failed to send password reset token, please contact your RT administrator.");
+            RT->Logger->error("Failed to send password reset token to " . $u->EmailAddress . ": $msg");
+        }
+    }
+    if(RT->Config->Get("HidePasswordResetErrors")) {
+        pop @actions;
+        push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+    }
+}
+</%INIT>

commit 30eae483dc8fcc6b5f96666a68960b131c416336
Author: Craig Kaiser <craig at bestpractical.com>
Date:   Thu Jan 9 15:18:25 2020 -0500

    Config option for if a new user created on password set should be privileged

diff --git a/html/NoAuth/ResetPassword/NewUser.html b/html/NoAuth/ResetPassword/NewUser.html
index 4910f0f..6f6e243 100644
--- a/html/NoAuth/ResetPassword/NewUser.html
+++ b/html/NoAuth/ResetPassword/NewUser.html
@@ -82,10 +82,7 @@ if ($ARGS{'Email'}) {
         push @actions, loc("You can't reset your password because your user is disabled.");
         RT->Logger->warning("Disabled user " . $u->Name . " attempted to reset password");
     } elsif ($u->id and not $u->Privileged) {
-        my ($status, $msg) = $u->SetPrivileged(1);
-        RT::Logger->error($msg) unless $status;
-
-        ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+        my ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
         if ($status) {
             push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
             RT->Logger->info("Password reset token send to " . $u->EmailAddress);
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 13f973c..1205a6a 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -115,6 +115,12 @@ appear to the requestor to have resulted in an email being sent, thus
 not revealing the reasons for any failure. All failures will still be
 logged with an appropriate diagnostic message.
 
+=item C<$CreateNewsUserAsPrivileged>
+
+Set this config value to true if users creating a new account should default to privileged users.
+
+=cut
+
 =head1 AUTHOR
 
 Best Practical Solutions, LLC E<lt>modules at bestpractical.comE<gt>

commit 46c26c73c6ac2a9cb1f5b20927f777f1d5335ba0
Author: Craig Kaiser <craig at bestpractical.com>
Date:   Thu Jan 9 15:19:44 2020 -0500

    Config option for creating a user on password set if no user record exists

diff --git a/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default b/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
index d6e744a..78810cc 100644
--- a/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
+++ b/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
@@ -1,5 +1,7 @@
 <br/><div id="lostpassword" style="align:left;clear:both;">
 <a href="<%$RT::WebPath%>/NoAuth/ResetPassword/Request.html"><&|/l&>Forgot your password?</&></a></div>
 
-<div id="firstpassword" style="align:right;clear:both;">
-<a href="<%$RT::WebPath%>/NoAuth/ResetPassword/NewUser.html"><&|/l&>New user and need a password?</&></a></div>
+% if ( RT::Config->Get('CreateNewUserOnPasswordSet') ) {
+  <div id="firstpassword" style="align:left;clear:both;">
+  <a href="<%$RT::WebPath%>/NoAuth/ResetPassword/NewUser.html"><&|/l&>New user and need a password?</&></a></div>
+% }
diff --git a/html/NoAuth/ResetPassword/NewUser.html b/html/NoAuth/ResetPassword/NewUser.html
index 6f6e243..dbf5aec 100644
--- a/html/NoAuth/ResetPassword/NewUser.html
+++ b/html/NoAuth/ResetPassword/NewUser.html
@@ -91,19 +91,25 @@ if ($ARGS{'Email'}) {
             RT->Logger->warning("$msg")
         }
     } else {
-        my ($status, $msg) = $u->Create(
-            Privileged => 1,
-            EmailAddress => $ARGS{'Email'},
-        );
-        RT::Logger->error($msg) unless $status;
+        if ( RT::Config->Get('CreateNewUserOnPasswordSet') ) {
+            my ($status, $msg) = $u->Create(
+                Privileged => RT::Config->Get('CreateNewsUserAsPrivileged') || 0,
+                EmailAddress => $ARGS{'Email'},
+            );
+            RT::Logger->error($msg) unless $status;
 
-        ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
-        if ($status) {
-            push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
-            RT->Logger->info("Password reset token send to " . $u->EmailAddress);
-        } else {
-            push @actions, loc("Failed to send password reset token, please contact your RT administrator.");
-            RT->Logger->error("Failed to send password reset token to " . $u->EmailAddress . ": $msg");
+            ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+            if ($status) {
+                push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+                RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+            } else {
+                push @actions, loc("Failed to send password reset token, please contact your RT administrator.");
+                RT->Logger->error("Failed to send password reset token to " . $u->EmailAddress . ": $msg");
+            }
+        }
+        else {
+            push @actions, loc("Cannot set password for user that does not exist");
+            RT->Logger->info("Cannot set password for user that does not exist: " . $u->EmailAddress . ", see theb \$CreateNewUserOnPasswordSet config option");
         }
     }
     if(RT->Config->Get("HidePasswordResetErrors")) {
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 1205a6a..d7243df 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -121,6 +121,12 @@ Set this config value to true if users creating a new account should default to
 
 =cut
 
+=item C<$CreateNewUserOnPasswordSet>
+
+This configuration option determines if a nonexistant user can create an new user record.
+
+=cut
+
 =head1 AUTHOR
 
 Best Practical Solutions, LLC E<lt>modules at bestpractical.comE<gt>

-----------------------------------------------------------------------


More information about the Bps-public-commit mailing list