def validate_registration(self, req):
if req.path_info == '/prefs':
return
acctmgr = AccountManager(self.env)
username = acctmgr.handle_username_casing(
req.args.get('username', '').strip())
if not username:
raise RegistrationError(N_("Username cannot be empty."))
# Always exclude some special characters, i.e.
# ':' can't be used in HtPasswdStore
# '[' and ']' can't be used in SvnServePasswordStore
blacklist = acctmgr.username_char_blacklist
if contains_any(username, blacklist):
pretty_blacklist = ''
for c in blacklist:
if pretty_blacklist == '':
pretty_blacklist = tag(' \'', tag.b(c), '\'')
else:
pretty_blacklist = tag(pretty_blacklist,
', \'', tag.b(c), '\'')
raise RegistrationError(N_(
"The username must not contain any of these characters: %s"),
tag.b(pretty_blacklist)
)
# All upper-cased names are reserved for permission action names.
if username.isupper():
raise RegistrationError(N_("A username with only upper-cased "
"characters is not allowed."))
# Prohibit some user names, that are important for Trac and therefor
# reserved, even if not in the permission store for some reason.
if username.lower() in ['anonymous', 'authenticated']:
raise RegistrationError(N_("Username %s is not allowed."),
tag.b(username))
# NOTE: A user may exist in a password store but not in the permission
# store. I.e. this happens, when the user (from the password store)
# never logged in into Trac. So we have to perform this test here
# and cannot just check for the user being in the permission store.
# And better obfuscate whether an existing user or group name
# was responsible for rejection of this user name.
for store_user in acctmgr.get_users():
# Do it carefully by disregarding case.
if store_user.lower() == username.lower():
raise RegistrationError(tag_(
"Another account or group already exists, who's name "
"differs from %(username)s only by case or is identical.",
username=tag.b(username)))
# Password consistency checks follow.
password = req.args.get('password')
if not password:
raise RegistrationError(N_("Password cannot be empty."))
elif password != req.args.get('password_confirm'):
raise RegistrationError(N_("The passwords must match."))
def validate_registration(self, req):
acctmgr = AccountManager(self.env)
username = acctmgr.handle_username_casing(
req.args.get('username', '').strip())
if self.username_regexp != "" and \
not re.match(self.username_regexp.strip(), username):
raise RegistrationError(
N_("Username %s doesn't match local naming policy."),
tag.b(username))
email = req.args.get('email', '').strip()
if acctmgr.verify_email and is_enabled(self.env, EmailCheck) and \
is_enabled(self.env, EmailVerificationModule):
if self.email_regexp.strip() != "" and \
not re.match(self.email_regexp.strip(), email):
raise RegistrationError(
N_("The email address specified appears to be invalid. "
"Please specify a valid email address."))
def validate_registration(self, req):
acctmgr = AccountManager(self.env)
username = acctmgr.handle_username_casing(
req.args.get('username', '').strip())
if self.username_regexp != "" and \
not re.match(self.username_regexp.strip(), username):
raise RegistrationError(N_(
"Username %s doesn't match local naming policy."),
tag.b(username)
)
email = req.args.get('email', '').strip()
if acctmgr.verify_email and is_enabled(self.env, EmailCheck) and \
is_enabled(self.env, EmailVerificationModule):
if self.email_regexp.strip() != "" and \
not re.match(self.email_regexp.strip(), email):
raise RegistrationError(N_(
"The email address specified appears to be invalid. "
"Please specify a valid email address.")
)
def _create_user(req, env, check_permissions=True):
acctmgr = AccountManager(env)
username = acctmgr.handle_username_casing(req.args.get('username').strip())
name = req.args.get('name')
email = req.args.get('email').strip()
account = {
'username': username,
'name': name,
'email': email,
}
error = TracError('')
error.account = account
if not username:
error.message = _("Username cannot be empty.")
raise error
# Prohibit some user names that are important for Trac and therefor
# reserved, even if they're not in the permission store for some reason.
if username in ['authenticated', 'anonymous']:
error.message = _("Username %s is not allowed.") % username
raise error
# NOTE: A user may exist in the password store but not in the permission
# store. I.e. this happens, when the user (from the password store)
# never logged in into Trac. So we have to perform this test here
# and cannot just check for the user being in the permission store.
# And obfuscate whether an existing user or group name
# was responsible for rejection of this user name.
if acctmgr.has_user(username):
error.message = _(
"Another account or group named %s already exists.") % username
raise error
# Check whether there is also a user or a group with that name.
if check_permissions:
# NOTE: We can't use 'get_user_permissions(username)' here
# as this always returns a list - even if the user doesn't exist.
# In this case the permissions of "anonymous" are returned.
#
# Also note that we can't simply compare the result of
# 'get_user_permissions(username)' to some known set of permission,
# i.e. "get_user_permissions('authenticated') as this is always
# false when 'username' is the name of an existing permission group.
#
# And again obfuscate whether an existing user or group name
# was responsible for rejection of this username.
for (perm_user, perm_action) in \
perm.PermissionSystem(env).get_all_permissions():
if perm_user == username:
error.message = _(
"Another account or group named %s already exists.") \
% username
raise error
# Always exclude some special characters, i.e.
# ':' can't be used in HtPasswdStore
# '[' and ']' can't be used in SvnServePasswordStore
blacklist = acctmgr.username_char_blacklist
if containsAny(username, blacklist):
pretty_blacklist = ''
for c in blacklist:
if pretty_blacklist == '':
pretty_blacklist = tag(' \'', tag.b(c), '\'')
else:
pretty_blacklist = tag(pretty_blacklist, ', \'', tag.b(c),
'\'')
error.message = tag(
_("The username must not contain any of these characters:"),
pretty_blacklist)
raise error
# Validation of username passed.
password = req.args.get('password')
if not password:
error.message = _("Password cannot be empty.")
raise error
if password != req.args.get('password_confirm'):
error.message = _("The passwords must match.")
raise error
# Validation of password passed.
if if_enabled(EmailVerificationModule) and acctmgr.verify_email:
if not email:
error.message = _("You must specify a valid email address.")
raise error
elif not re.match('^[A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,6}$',
email, re.IGNORECASE):
error.message = _("""The email address specified appears to be
invalid. Please specify a valid email address.
""")
raise error
elif acctmgr.has_email(email):
error.message = _("""The email address specified is already in
use. Please specify a different one.
""")
raise error
# Validation of email address passed.
acctmgr.set_password(username, password)
# INSERT new sid, needed as foreign key in some db schemata later on,
# at least for PostgreSQL.
db = env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"""
SELECT COUNT(*)
FROM session
WHERE sid=%s
""", (username, ))
exists = cursor.fetchone()
if not exists:
cursor.execute(
"""
INSERT INTO session
(sid,authenticated,last_visit)
VALUES (%s,0,0)
""", (username, ))
for attribute in ('name', 'email'):
value = req.args.get(attribute)
if not value:
continue
set_user_attribute(env, username, attribute, value)
def _create_user(req, env, check_permissions=True):
acctmgr = AccountManager(env)
username = acctmgr.handle_username_casing(
req.args.get('username').strip())
name = req.args.get('name')
email = req.args.get('email').strip()
account = {'username' : username,
'name' : name,
'email' : email,
}
error = TracError('')
error.account = account
if not username:
error.message = _("Username cannot be empty.")
raise error
# Prohibit some user names that are important for Trac and therefor
# reserved, even if they're not in the permission store for some reason.
if username in ['authenticated', 'anonymous']:
error.message = _("Username %s is not allowed.") % username
raise error
# NOTE: A user may exist in the password store but not in the permission
# store. I.e. this happens, when the user (from the password store)
# never logged in into Trac. So we have to perform this test here
# and cannot just check for the user being in the permission store.
# And obfuscate whether an existing user or group name
# was responsible for rejection of this user name.
if acctmgr.has_user(username):
error.message = _(
"Another account or group named %s already exists.") % username
raise error
# Check whether there is also a user or a group with that name.
if check_permissions:
# NOTE: We can't use 'get_user_permissions(username)' here
# as this always returns a list - even if the user doesn't exist.
# In this case the permissions of "anonymous" are returned.
#
# Also note that we can't simply compare the result of
# 'get_user_permissions(username)' to some known set of permission,
# i.e. "get_user_permissions('authenticated') as this is always
# false when 'username' is the name of an existing permission group.
#
# And again obfuscate whether an existing user or group name
# was responsible for rejection of this username.
for (perm_user, perm_action) in \
perm.PermissionSystem(env).get_all_permissions():
if perm_user == username:
error.message = _(
"Another account or group named %s already exists.") \
% username
raise error
# Always exclude some special characters, i.e.
# ':' can't be used in HtPasswdStore
# '[' and ']' can't be used in SvnServePasswordStore
blacklist = acctmgr.username_char_blacklist
if containsAny(username, blacklist):
pretty_blacklist = ''
for c in blacklist:
if pretty_blacklist == '':
pretty_blacklist = tag(' \'', tag.b(c), '\'')
else:
pretty_blacklist = tag(pretty_blacklist,
', \'', tag.b(c), '\'')
error.message = tag(_(
"The username must not contain any of these characters:"),
pretty_blacklist)
raise error
# Validation of username passed.
password = req.args.get('password')
if not password:
error.message = _("Password cannot be empty.")
raise error
if password != req.args.get('password_confirm'):
error.message = _("The passwords must match.")
raise error
# Validation of password passed.
if if_enabled(EmailVerificationModule) and acctmgr.verify_email:
if not email:
error.message = _("You must specify a valid email address.")
raise error
elif not re.match('^[A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,6}$',
email, re.IGNORECASE):
error.message = _("""The email address specified appears to be
invalid. Please specify a valid email address.
""")
raise error
elif acctmgr.has_email(email):
error.message = _("""The email address specified is already in
use. Please specify a different one.
""")
raise error
# Validation of email address passed.
acctmgr.set_password(username, password)
# INSERT new sid, needed as foreign key in some db schemata later on,
# at least for PostgreSQL.
db = env.get_db_cnx()
cursor = db.cursor()
cursor.execute("""
SELECT COUNT(*)
FROM session
WHERE sid=%s
""", (username,))
exists = cursor.fetchone()
if not exists:
cursor.execute("""
INSERT INTO session
(sid,authenticated,last_visit)
VALUES (%s,0,0)
""", (username,))
for attribute in ('name', 'email'):
value = req.args.get(attribute)
if not value:
continue
set_user_attribute(env, username, attribute, value)