[Rt-commit] rt branch, safe_set_password, updated. rt-3.8.7-341-gfae5320
Ruslan Zakirov
ruz at bestpractical.com
Wed Apr 7 21:20:39 EDT 2010
The branch, safe_set_password has been updated
via fae532008ae33c2631ae03de32cc4eeb59afef83 (commit)
via 67d6a37b44d0d6bd24fedbd5f1298a5c60ee23f4 (commit)
via 06aa393cb686d21edbc48f146be53394c6ea113d (commit)
via a2c8f469f182140bf25c4869f10442d68f5cbf1d (commit)
from 74428a7e5ee979a53996cf19b5f062b6281b3f7a (commit)
Summary of changes:
lib/RT/User_Overlay.pm | 65 ++++++++++++++++++++++++++++++++++++
share/html/Admin/Users/Modify.html | 63 +++++++++--------------------------
share/html/Elements/EditPassword | 34 +++++++++++++++++++
share/html/SelfService/Prefs.html | 65 ++++++++++--------------------------
share/html/User/Prefs.html | 56 ++++++++-----------------------
5 files changed, 147 insertions(+), 136 deletions(-)
create mode 100644 share/html/Elements/EditPassword
- Log -----------------------------------------------------------------
commit a2c8f469f182140bf25c4869f10442d68f5cbf1d
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Thu Apr 8 05:17:20 2010 +0400
RT::User->CurrentUserRequireToSetPassword method
diff --git a/lib/RT/User_Overlay.pm b/lib/RT/User_Overlay.pm
index 8a41639..bc7bce4 100755
--- a/lib/RT/User_Overlay.pm
+++ b/lib/RT/User_Overlay.pm
@@ -1047,6 +1047,35 @@ sub IsPassword {
return (undef);
}
+sub CurrentUserRequireToSetPassword {
+ my $self = shift;
+
+ my %res = (
+ CanSet => 1,
+ Reason => '',
+ RequireCurrent => 1,
+ );
+
+ if ( RT->Config->Get('WebExternalAuth')
+ && !RT->Config->Get('WebFallbackToInternalAuth')
+ ) {
+ $res{'CanSet'} = 0;
+ $res{'Reason'} = $self->loc("External authentication enabled.");
+ }
+ elsif ( !$self->CurrentUser->HasPassword ) {
+ if ( $self->CurrentUser->id == ($self->id||0) ) {
+ # don't require current password if user has no
+ $res{'RequireCurrent'} = 0;
+ }
+ else {
+ $res{'CanSet'} = 0;
+ $res{'Reason'} = $self->loc("Your password is not set.");
+ }
+ }
+
+ return %res;
+}
+
=head3 AuthToken
Returns an authentication string associated with the user. This
commit 06aa393cb686d21edbc48f146be53394c6ea113d
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Thu Apr 8 05:17:52 2010 +0400
RT::User->SafeSetPassword method
diff --git a/lib/RT/User_Overlay.pm b/lib/RT/User_Overlay.pm
index bc7bce4..8582d78 100755
--- a/lib/RT/User_Overlay.pm
+++ b/lib/RT/User_Overlay.pm
@@ -916,6 +916,42 @@ sub _GenerateRandomNextChar {
return ($i);
}
+sub SafeSetPassword {
+ my $self = shift;
+ my %args = (
+ Current => undef,
+ New => undef,
+ Confirmation => undef,
+ @_,
+ );
+ return (1) unless defined $args{'New'} && length $args{'New'};
+
+ my %cond = $self->CurrentUserRequireToSetPassword;
+
+ unless ( $cond{'CanSet'} ) {
+ return (0, $self->loc('You can not set password.') .' '. $cond{'Reason'} );
+ }
+
+ my $error = '';
+ if ( $cond{'RequireCurrent'} && !$self->CurrentUser->IsPassword($args{'Current'}) ) {
+ if ( defined $args{'Current'} && length $args{'Current'} ) {
+ $error = $self->loc("Please enter your current password correctly.");
+ }
+ else {
+ $error = $self->loc("Please enter your current password.");
+ }
+ } elsif ( $args{'New'} ne $args{'Confirmation'} ) {
+ $error = $self->loc("Passwords do not match.");
+ }
+
+ if ( $error ) {
+ $error .= ' '. $self->loc('Password has not been set.');
+ return (0, $error);
+ }
+
+ return $self->SetPassword( $args{'New'} );
+}
+
=head3 SetPassword
Takes a string. Checks the string's length and sets this user's password
commit 67d6a37b44d0d6bd24fedbd5f1298a5c60ee23f4
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Thu Apr 8 05:18:22 2010 +0400
/Elements/EditPassword component
diff --git a/share/html/Elements/EditPassword b/share/html/Elements/EditPassword
new file mode 100644
index 0000000..3b0ec0b
--- /dev/null
+++ b/share/html/Elements/EditPassword
@@ -0,0 +1,34 @@
+% unless ( $cond{'CanSet'} ) {
+<% $cond{'Reason'} %><br />
+% } else {
+<table>
+
+% if ( $cond{'RequireCurrent'} ) {
+<tr>
+<td><&|/l&>Your current password</&>:</td>
+<td><input type="password" name="<% $Name[0] %>" size="16" autocomplete="off" /></td>
+</tr>
+% }
+
+<tr>
+<td><&|/l&>New password</&>:</td>
+<td><input type="password" name="<% $Name[1] %>" size="16" autocomplete="off" /></td>
+</tr>
+
+<tr>
+<td><&|/l&>Retype Password</&>:</td>
+<td><input type="password" name="<% $Name[2] %>" size="16" autocomplete="off" /></td>
+</tr>
+
+</table>
+% }
+
+<%ARGS>
+$User
+ at Name => qw(CurrentPass NewPass1 NewPass2)
+</%ARGS>
+<%INIT>
+
+my %cond = $User->CurrentUserRequireToSetPassword;
+
+</%INIT>
commit fae532008ae33c2631ae03de32cc4eeb59afef83
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Thu Apr 8 05:19:53 2010 +0400
use new API to change passwords
* EditPassword element
* SafeSetPassword method
diff --git a/share/html/Admin/Users/Modify.html b/share/html/Admin/Users/Modify.html
index ca022ad..6af7bf3 100755
--- a/share/html/Admin/Users/Modify.html
+++ b/share/html/Admin/Users/Modify.html
@@ -113,34 +113,11 @@
<input type="hidden" class="hidden" name="SetPrivileged" value="1" />
<input type="checkbox" class="checkbox" name="Privileged" value="1" <%$PrivilegedChecked||''%> /> <&|/l&>Let this user be granted rights</&><br />
-
-% unless (RT->Config->Get('WebExternalAuth') and !RT->Config->Get('WebFallbackToInternalAuth')) {
-<table>
-<tr>
-<td align="right">
-<&|/l&>Your current password</&>:
-</td>
-<td align="left">
-<input type="password" name="CurrentPass" autocomplete="off" />
-</td>
-</tr>
-<tr>
-<td align="right">
-<&|/l&>New Password</&>:
-</td>
-<td align="left">
-<input type="password" name="Pass1" autocomplete="off" />
-</td>
-</tr>
-<tr><td align="right">
-<&|/l&>Retype Password</&>:
-</td>
-<td>
-<input type="password" name="Pass2" autocomplete="off" />
-</td>
-</tr>
-</table>
-% }
+
+<& /Elements/EditPassword,
+ User => $UserObj,
+ Name => [qw(CurrentPass Pass1 Pass2)],
+&>
</&>
% $m->callback( %ARGS, CallbackName => 'LeftColumnBottom', UserObj => $UserObj );
</td>
@@ -372,28 +349,20 @@ if ($UserObj->Id && $id ne 'new') {
# }}}
}
+
+my %password_cond = $UserObj->CurrentUserRequireToSetPassword;
if ( $UserObj->Id ) {
- my $password_not_set;
# Deal with Password field
- if ( !$Pass1 and !$Pass2 ) {
- $password_not_set = 1;
- } elsif (!$CurrentPass) {
- $password_not_set = 1;
- push @results, loc("Please enter your current password.");
- } elsif (!$session{'CurrentUser'}->IsPassword($CurrentPass)) {
- $password_not_set = 1;
- push @results, loc("Please enter your current password correctly.");
- } elsif ( $Pass1 ne $Pass2 ) {
- $password_not_set = 1;
- push @results, loc("Passwords do not match.");
- } elsif ( $Pass1 eq $Pass2 and !$UserObj->IsPassword($Pass1) ) {
- my ($code, $msg) = $UserObj->SetPassword($Pass1);
- push @results, loc_fuzzy($msg);
- $password_not_set = 1 unless $code;
- }
- if ($id eq 'new' and $password_not_set) {
+ my ($status, $msg) = $UserObj->SafeSetPassword(
+ Current => $CurrentPass,
+ New => $Pass1,
+ Confirmation => $Pass2,
+ );
+ push @results, $msg;
+
+ if ( $id eq 'new' && !$status ) {
push @results, loc("A password was not set, so user won't be able to login.");
- }
+ }
}
diff --git a/share/html/SelfService/Prefs.html b/share/html/SelfService/Prefs.html
index 7e7ba51..468a3d5 100755
--- a/share/html/SelfService/Prefs.html
+++ b/share/html/SelfService/Prefs.html
@@ -50,39 +50,14 @@
<& /Elements/ListActions, actions => \@results &>
<form method="post">
-% unless (RT->Config->Get('WebExternalAuth') and !RT->Config->Get('WebFallbackToInternalAuth')) {
<&| /Widgets/TitleBox, title => loc('Change password') &>
-<table>
-<tr>
-<td>
-<&|/l&>Your current password</&>:
-</td>
-<td>
-<input type="password" name="CurrentPass" size="16" autocomplete="off" />
-</td>
-</tr>
-
-<tr>
-<td>
-<&|/l&>New password</&>:
-</td>
-<td>
-<input type="password" name="NewPass1" size="16" autocomplete="off" />
-</td>
-</tr>
-
-<tr>
-<td>
-<&|/l&>Confirm</&>:
-</td>
-<td>
-<input type="password" name="NewPass2" size="16" autocomplete="off" />
-</td>
-</tr>
-</table>
+<& /Elements/EditPassword,
+ User => $user,
+ Name => [qw(CurrentPass NewPass1 NewPass2)],
+&>
</&>
+
<br />
-% }
<& /Elements/Submit, Label => loc('Save Changes') &>
</form>
@@ -90,30 +65,26 @@
<%INIT>
my @results;
-if ($NewPass1) {
- if (!$CurrentPass) {
- push @results, loc("Please specify your current password.");
- }
- elsif (!$session{'CurrentUser'}->UserObj->IsPassword($CurrentPass)) {
- push @results, loc("Please specify your current password correctly.");
- }
- elsif ($NewPass1 ne $NewPass2) {
- push (@results, "Passwords did not match.");
- }
- else {
- my ($val, $msg)=$session{'CurrentUser'}->UserObj->SetPassword($NewPass1);
- push (@results, "Password: ".$msg);
- }
+my $user = $session{'CurrentUser'}->UserObj;
+
+if (defined $NewPass1 && length $NewPass1 ) {
+ my ($status, $msg) = $user->SafeSetPassword(
+ Current => $CurrentPass,
+ New => $NewPass1,
+ Confirmation => $NewPass2,
+ );
+ push @results, loc("Password: [_1]", $msg);
}
+
if ($Signature) {
$Signature =~ s/(\r\n|\r)/\n/g;
- if ($Signature ne $session{'CurrentUser'}->UserObj->Signature) {
- my ($val, $msg)=$session{'CurrentUser'}->UserObj->SetSignature($Signature);
+ if ($Signature ne $user->Signature) {
+ my ($val, $msg) = $user->SetSignature($Signature);
push (@results, "Signature: ".$msg);
}
}
-#A hack to make sure that session gets rewritten.
+#A hack to make sure that session gets rewritten.
$session{'i'}++;
</%INIT>
diff --git a/share/html/User/Prefs.html b/share/html/User/Prefs.html
index bfa0c8b..884cf85 100755
--- a/share/html/User/Prefs.html
+++ b/share/html/User/Prefs.html
@@ -107,35 +107,13 @@
% $m->callback( %ARGS, UserObj => $UserObj, CallbackName => 'FormLeftColumn' );
</td>
<td valign="top" class="boxcontainer">
-% unless (RT->Config->Get('WebExternalAuth') and !RT->Config->Get('WebFallbackToInternalAuth')) {
+
<&| /Widgets/TitleBox, title => loc('Password'), id => "user-prefs-password" &>
-<table>
-<tr>
-<td class="label">
-<&|/l&>Your current password</&>:
-</td>
-<td class="value">
-<input type="password" name="CurrentPass" autocomplete="off"/>
-</td>
-</tr>
-<tr>
-<td class="label">
-<&|/l&>New Password</&>:
-</td>
-<td class="value">
-<input type="password" name="Pass1" autocomplete="off"/>
-</td>
-</tr>
-<tr><td class="label">
-<&|/l&>Retype Password</&>:
-</td>
-<td class="value">
-<input type="password" name="Pass2" autocomplete="off" />
-</td>
-</tr>
-</table>
+<& /Elements/EditPassword,
+ User => $UserObj,
+ Name => [qw(CurrentPass Pass1 Pass2)],
+&>
</&>
-% }
<&| /Widgets/TitleBox, title => loc('Location'), id => "user-prefs-location" &>
<table cellspacing="0" cellpadding="0">
@@ -229,6 +207,7 @@ unless ( $UserObj->id ) {
if $Name;
Abort(loc("Couldn't load user"));
}
+$id = $UserObj->id;
my @results;
@@ -267,21 +246,14 @@ if ( $SetPrivileged and $Privileged != $UserObj->Privileged ) {
push @results, loc('Privileged status: [_1]', loc_fuzzy($msg));
}
-#TODO: make this report errors properly
-if (defined($Pass1) && length($Pass1) && !$UserObj->IsPassword($CurrentPass)) {
- if (length($CurrentPass)) {
- push @results, loc("Please enter your current password correctly. Your password has not been changed.");
- }
- else {
- push @results, loc("Please enter your current password. Your password has not been changed.");
- }
-}
-elsif ( defined $Pass1 and length $Pass1 and $Pass1 eq $Pass2 and !$UserObj->IsPassword($Pass1) ) {
- my ($code, $msg);
- ($code, $msg) = $UserObj->SetPassword($Pass1);
- push @results, loc('Password: [_1]', loc_fuzzy($msg));
-} elsif ( defined $Pass1 && length $Pass1 && $Pass1 ne $Pass2 ) {
- push @results, loc("Passwords do not match. Your password has not been changed");
+my %password_cond = $UserObj->CurrentUserRequireToSetPassword;
+if (defined $Pass1 && length $Pass1 ) {
+ my ($status, $msg) = $UserObj->SafeSetPassword(
+ Current => $CurrentPass,
+ New => $Pass1,
+ Confirmation => $Pass2,
+ );
+ push @results, loc("Password: [_1]", $msg);
}
if ( $ARGS{'ResetAuthToken'} ) {
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list