class IdTool(BaseTool):
"""
This tools handles the generation of IDs.
"""
zope.interface.implements(interfaces.IIdTool)
id = 'portal_ids'
meta_type = 'ERP5 Id Tool'
portal_type = 'Id Tool'
# Declarative Security
security = ClassSecurityInfo()
security.declareProtected( Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainIdTool', _dtmldir )
def newContent(self, *args, **kw):
"""
the newContent is overriden to not use generateNewId
"""
if not kw.has_key(id):
new_id = self._generateNextId()
if new_id is not None:
kw['id'] = new_id
else:
raise ValueError('Failed to gererate id')
return BaseTool.newContent(self, *args, **kw)
def _get_id(self, id):
"""
_get_id is overrided to not use generateNewId
It is used for example when an object is cloned
"""
if self._getOb(id, None) is None :
return id
return self._generateNextId()
@caching_instance_method(id='IdTool._getLatestIdGenerator',
cache_factory='erp5_content_long')
def _getLatestIdGenerator(self, reference):
"""
Tries to find the id_generator with the latest version
from the current object.
Use the low-level to create a site without catalog
"""
assert reference
id_tool = self.getPortalObject().portal_ids
id_last_generator = None
version_last_generator = 0
for generator in id_tool.objectValues():
if generator.getReference() == reference:
version = generator.getVersion()
if version > version_last_generator:
id_last_generator = generator.getId()
version_last_generator = generator.getVersion()
if id_last_generator is None:
raise KeyError, 'The generator %s is not present' % (reference,)
return id_last_generator
def _getLatestGeneratorValue(self, id_generator):
"""
Return the last generator with the reference
"""
id_tool = self.getPortalObject().portal_ids
last_id_generator = self._getLatestIdGenerator(id_generator)
last_generator = id_tool._getOb(last_id_generator)
return last_generator
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewId')
def generateNewId(self, id_group=None, default=None, method=_marker,
id_generator=None):
"""
Generate the next id in the sequence of ids of a particular group
"""
if id_group in (None, 'None'):
raise ValueError, '%s is not a valid id_group' % (repr(id_group), )
# for compatibilty with sql data, must not use id_group as a list
if not isinstance(id_group, str):
id_group = repr(id_group)
warnings.warn('id_group must be a string, other types '
'are deprecated.', DeprecationWarning)
if id_generator is None:
id_generator = 'document'
if method is not _marker:
warnings.warn("Use of 'method' argument is deprecated", DeprecationWarning)
try:
#use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
new_id = last_generator.generateNewId(id_group=id_group, \
default=default)
except KeyError:
template_tool = getattr(self, 'portal_templates', None)
revision = template_tool.getInstalledBusinessTemplateRevision('erp5_core')
# XXX backward compatiblity
if int(revision) > 1561:
LOG('generateNewId', ERROR, 'while generating id')
raise
else:
# Compatibility code below, in case the last version of erp5_core
# is not installed yet
warnings.warn("You are using an old version of erp5_core to generate"
"ids.\nPlease update erp5_core business template to "
"use new id generators", DeprecationWarning)
dict_ids = getattr(aq_base(self), 'dict_ids', None)
if dict_ids is None:
dict_ids = self.dict_ids = PersistentMapping()
new_id = None
# Getting the last id
if default is None:
default = 0
marker = []
new_id = dict_ids.get(id_group, marker)
if method is _marker:
if new_id is marker:
new_id = default
else:
new_id = new_id + 1
else:
if new_id is marker:
new_id = default
new_id = method(new_id)
# Store the new value
dict_ids[id_group] = new_id
return new_id
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewIdList')
def generateNewIdList(self, id_group=None, id_count=1, default=None,
store=_marker, id_generator=None):
"""
Generate a list of next ids in the sequence of ids of a particular group
"""
if id_group in (None, 'None'):
raise ValueError, '%s is not a valid id_group' % (repr(id_group), )
# for compatibilty with sql data, must not use id_group as a list
if not isinstance(id_group, str):
id_group = repr(id_group)
warnings.warn('id_group must be a string, other types '
'are deprecated.', DeprecationWarning)
if id_generator is None:
id_generator = 'uid'
if store is not _marker:
warnings.warn("Use of 'store' argument is deprecated.",
DeprecationWarning)
try:
#use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
new_id_list = last_generator.generateNewIdList(id_group=id_group,
id_count=id_count, default=default)
except (KeyError, ValueError):
template_tool = getattr(self, 'portal_templates', None)
revision = template_tool.getInstalledBusinessTemplateRevision('erp5_core')
# XXX backward compatiblity
if int(revision) > 1561:
LOG('generateNewIdList', ERROR, 'while generating id')
raise
else:
# Compatibility code below, in case the last version of erp5_core
# is not installed yet
warnings.warn("You are using an old version of erp5_core to generate"
"ids.\nPlease update erp5_core business template to "
"use new id generators", DeprecationWarning)
new_id = None
if default is None:
default = 1
# XXX It's temporary, a New API will be implemented soon
# the code will be change
portal = self.getPortalObject()
query = getattr(portal, 'IdTool_zGenerateId', None)
commit = getattr(portal, 'IdTool_zCommit', None)
if query is None or commit is None:
portal_catalog = getattr(self, 'portal_catalog').getSQLCatalog()
query = getattr(portal_catalog, 'z_portal_ids_generate_id')
commit = getattr(portal_catalog, 'z_portal_ids_commit')
if None in (query, commit):
raise AttributeError, 'Error while generating Id: ' \
'idTool_zGenerateId and/or idTool_zCommit could not ' \
'be found.'
try:
result = query(id_group=id_group, id_count=id_count, default=default)
finally:
commit()
new_id = result[0]['LAST_INSERT_ID()']
if store:
if getattr(aq_base(self), 'dict_length_ids', None) is None:
# Length objects are stored in a persistent mapping: there is one
# Length object per id_group.
self.dict_length_ids = PersistentMapping()
if self.dict_length_ids.get(id_group) is None:
self.dict_length_ids[id_group] = Length(new_id)
self.dict_length_ids[id_group].set(new_id)
new_id_list = range(new_id - id_count, new_id)
return new_id_list
security.declareProtected(Permissions.ModifyPortalContent,
'initializeGenerator')
def initializeGenerator(self, id_generator=None, all=False):
"""
Initialize generators. This is mostly used when a new ERP5 site
is created. Some generators will need to do some initialization like
creating SQL Database, prepare some data in ZODB, etc
"""
if not all:
#Use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
last_generator.initializeGenerator()
else:
# recovery all the generators and initialize them
for generator in self.objectValues(\
portal_type='Application Id Generator'):
generator.initializeGenerator()
security.declareProtected(Permissions.ModifyPortalContent,
'clearGenerator')
def clearGenerator(self, id_generator=None, all=False):
"""
Clear generators data. This can be usefull when working on a
development instance or in some other rare cases. This will
loose data and must be use with caution
This can be incompatible with some particular generator implementation,
in this case a particular error will be raised (to be determined and
added here)
"""
if not all:
#Use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
last_generator.clearGenerator()
else:
if len(self.objectValues()) == 0:
# compatibility with old API
self.getPortalObject().IdTool_zDropTable()
self.getPortalObject().IdTool_zCreateTable()
for generator in self.objectValues(\
portal_type='Application Id Generator'):
generator.clearGenerator()
## XXX Old API deprecated
#backward compatibility
generateNewLengthIdList = generateNewIdList
security.declareProtected(Permissions.AccessContentsInformation,
'getLastLengthGeneratedId')
def getLastLengthGeneratedId(self, id_group, default=None):
"""
Get the last length id generated
"""
warnings.warn('getLastLengthGeneratedId is deprecated',
DeprecationWarning)
# check in persistent mapping if exists
if getattr(aq_base(self), 'dict_length_ids', None) is not None:
last_id = self.dict_length_ids.get(id_group)
if last_id is not None:
return last_id.value - 1
# otherwise check in mysql
# XXX It's temporary, a New API will be implemented soon
# the code will be change
portal = self.getPortalObject()
query = getattr(portal, 'IdTool_zGetLastId', None)
if query is None:
portal_catalog = getattr(self, 'portal_catalog').getSQLCatalog()
query = getattr(portal_catalog, 'z_portal_ids_get_last_id')
if query is None:
raise AttributeError, 'Error while getting last Id: ' \
'IdTool_zGetLastId could not ' \
'be found.'
result = query(id_group=id_group)
if len(result):
try:
return result[0]['last_id']
except KeyError:
return result[0]['LAST_INSERT_ID()']
return default
security.declareProtected(Permissions.AccessContentsInformation,
'getLastGeneratedId')
def getLastGeneratedId(self, id_group=None, default=None):
"""
Get the last id generated
"""
warnings.warn('getLastGeneratedId is deprecated', DeprecationWarning)
if getattr(aq_base(self), 'dict_ids', None) is None:
self.dict_ids = PersistentMapping()
last_id = None
if id_group is not None and id_group != 'None':
last_id = self.dict_ids.get(id_group, default)
return last_id
security.declareProtected(Permissions.ModifyPortalContent,
'setLastGeneratedId')
def setLastGeneratedId(self, new_id, id_group=None):
"""
Set a new last id. This is usefull in order to reset
a sequence of ids.
"""
if getattr(aq_base(self), 'dict_ids', None) is None:
self.dict_ids = PersistentMapping()
if id_group is not None and id_group != 'None':
self.dict_ids[id_group] = new_id
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewLengthId')
def generateNewLengthId(self, id_group=None, default=None, store=_marker):
"""Generates an Id using a conflict free id generator. Deprecated.
"""
warnings.warn('generateNewLengthId is deprecated.\n'
'Use generateNewIdList with a sql id_generator',
DeprecationWarning)
if store is not _marker:
return self.generateNewIdList(id_group=id_group,
id_count=1, default=default, store=store)[0]
return self.generateNewIdList(id_group=id_group,
id_count=1, default=default)[0]
security.declareProtected(Permissions.AccessContentsInformation,
'getDictLengthIdsItems')
def getDictLengthIdsItems(self):
"""
Return a copy of dict_length_ids.
This is a workaround to access the persistent mapping content from ZSQL
method to be able to insert initial tuples in the database at creation.
"""
if getattr(self, 'dict_length_ids', None) is None:
self.dict_length_ids = PersistentMapping()
return self.dict_length_ids.items()
security.declarePrivate('dumpDictLengthIdsItems')
def dumpDictLengthIdsItems(self):
"""
Store persistently data from SQL table portal_ids.
"""
portal_catalog = getattr(self, 'portal_catalog').getSQLCatalog()
query = getattr(portal_catalog, 'z_portal_ids_dump')
dict_length_ids = getattr(aq_base(self), 'dict_length_ids', None)
if dict_length_ids is None:
dict_length_ids = self.dict_length_ids = PersistentMapping()
for line in query().dictionaries():
id_group = line['id_group']
last_id = line['last_id']
stored_last_id = self.dict_length_ids.get(id_group)
if stored_last_id is None:
self.dict_length_ids[id_group] = Length(last_id)
else:
stored_last_id_value = stored_last_id()
if stored_last_id_value < last_id:
stored_last_id.set(last_id)
else:
if stored_last_id_value > last_id:
LOG('IdTool', WARNING, 'ZODB value (%r) for group %r is higher ' \
'than SQL value (%r). Keeping ZODB value untouched.' % \
(stored_last_id, id_group, last_id))
class IdTool(BaseTool):
"""
This tools handles the generation of IDs.
"""
id = 'portal_ids'
meta_type = 'ERP5 Id Tool'
portal_type = 'Id Tool'
title = 'Id Generators'
# Declarative Security
security = ClassSecurityInfo()
security.declareProtected( Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainIdTool', _dtmldir )
def newContent(self, *args, **kw):
"""
the newContent is overriden to not use generateNewId
"""
if id not in kw:
new_id = self._generateNextId()
if new_id is not None:
kw['id'] = new_id
else:
raise ValueError('Failed to gererate id')
return BaseTool.newContent(self, *args, **kw)
def _get_id(self, id):
"""
_get_id is overrided to not use generateNewId
It is used for example when an object is cloned
"""
if self._getOb(id, None) is None :
return id
return self._generateNextId()
@caching_instance_method(id='IdTool._getLatestIdGenerator',
cache_factory='erp5_content_long')
def _getLatestIdGenerator(self, reference):
"""
Tries to find the id_generator with the latest version
from the current object.
Use the low-level to create a site without catalog
"""
assert reference
id_last_generator = None
version_last_generator = 0
for generator in self.objectValues():
if generator.getReference() == reference:
# Version Property Sheet defines 'version' property as a 'string'
version = int(generator.getVersion())
if version > version_last_generator:
id_last_generator = generator.getId()
version_last_generator = version
if id_last_generator is None:
raise KeyError(repr(reference))
return id_last_generator
def _getLatestGeneratorValue(self, id_generator):
"""
Return the last generator with the reference
"""
return self._getOb(self._getLatestIdGenerator(id_generator))
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewId')
def generateNewId(self, id_group=None, default=None, method=_marker,
id_generator=None, poison=False):
"""
Generate the next id in the sequence of ids of a particular group
"""
if id_group in (None, 'None'):
raise ValueError('%r is not a valid id_group' % id_group)
# for compatibilty with sql data, must not use id_group as a list
if not isinstance(id_group, str):
id_group = repr(id_group)
warnings.warn('id_group must be a string, other types '
'are deprecated.', DeprecationWarning)
if id_generator is None:
id_generator = 'document'
if method is not _marker:
warnings.warn("Use of 'method' argument is deprecated", DeprecationWarning)
try:
#use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
new_id = last_generator.generateNewId(
id_group=id_group,
default=default,
poison=poison,
)
except KeyError:
# XXX backward compatiblity
if self.getTypeInfo():
LOG('generateNewId', ERROR, 'while generating id')
raise
else:
# Compatibility code below, in case the last version of erp5_core
# is not installed yet
warnings.warn("You are using an old version of erp5_core to generate"
"ids.\nPlease update erp5_core business template to "
"use new id generators", DeprecationWarning)
dict_ids = getattr(aq_base(self), 'dict_ids', None)
if dict_ids is None:
dict_ids = self.dict_ids = PersistentMapping()
new_id = None
# Getting the last id
if default is None:
default = 0
marker = []
new_id = dict_ids.get(id_group, marker)
if method is _marker:
if new_id is marker:
new_id = default
else:
new_id = new_id + 1
else:
if new_id is marker:
new_id = default
new_id = method(new_id)
# Store the new value
dict_ids[id_group] = new_id
return new_id
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewIdList')
def generateNewIdList(self, id_group=None, id_count=1, default=None,
store=_marker, id_generator=None, poison=False):
"""
Generate a list of next ids in the sequence of ids of a particular group
"""
if id_group in (None, 'None'):
raise ValueError('%r is not a valid id_group' % id_group)
# for compatibilty with sql data, must not use id_group as a list
if not isinstance(id_group, str):
id_group = repr(id_group)
warnings.warn('id_group must be a string, other types '
'are deprecated.', DeprecationWarning)
if id_generator is None:
id_generator = 'uid'
if store is not _marker:
warnings.warn("Use of 'store' argument is deprecated.",
DeprecationWarning)
try:
#use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
new_id_list = last_generator.generateNewIdList(id_group=id_group,
id_count=id_count, default=default, poison=poison)
except (KeyError, ValueError):
# XXX backward compatiblity
if self.getTypeInfo():
LOG('generateNewIdList', ERROR, 'while generating id')
raise
else:
# Compatibility code below, in case the last version of erp5_core
# is not installed yet
warnings.warn("You are using an old version of erp5_core to generate"
"ids.\nPlease update erp5_core business template to "
"use new id generators", DeprecationWarning)
new_id = None
if default is None:
default = 1
# XXX It's temporary, a New API will be implemented soon
# the code will be change
portal = self.getPortalObject()
try:
query = portal.IdTool_zGenerateId
commit = portal.IdTool_zCommit
except AttributeError:
portal_catalog = portal.portal_catalog.getSQLCatalog()
query = portal_catalog.z_portal_ids_generate_id
commit = portal_catalog.z_portal_ids_commit
try:
result = query(id_group=id_group, id_count=id_count, default=default)
finally:
commit()
new_id = result[0]['LAST_INSERT_ID()']
if store:
if getattr(aq_base(self), 'dict_length_ids', None) is None:
# Length objects are stored in a persistent mapping: there is one
# Length object per id_group.
self.dict_length_ids = PersistentMapping()
if self.dict_length_ids.get(id_group) is None:
self.dict_length_ids[id_group] = Length(new_id)
self.dict_length_ids[id_group].set(new_id)
if six.PY2:
new_id_list = range(new_id - id_count, new_id)
else:
new_id_list = list(range(new_id - id_count, new_id))
return new_id_list
security.declareProtected(Permissions.ModifyPortalContent,
'initializeGenerator')
def initializeGenerator(self, id_generator=None, all=False):
"""
Initialize generators. This is mostly used when a new ERP5 site
is created. Some generators will need to do some initialization like
creating SQL Database, prepare some data in ZODB, etc
"""
if not all:
#Use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
last_generator.initializeGenerator()
else:
# recovery all the generators and initialize them
for generator in self.objectValues(\
portal_type='Application Id Generator'):
generator.initializeGenerator()
security.declareProtected(Permissions.ModifyPortalContent,
'clearGenerator')
def clearGenerator(self, id_generator=None, all=False):
"""
Clear generators data. This can be usefull when working on a
development instance or in some other rare cases. This will
loose data and must be use with caution
This can be incompatible with some particular generator implementation,
in this case a particular error will be raised (to be determined and
added here)
"""
if not all:
#Use _getLatestGeneratorValue here for that the technical level
#must not call the method
last_generator = self._getLatestGeneratorValue(id_generator)
last_generator.clearGenerator()
else:
if len(self.objectValues()) == 0:
# compatibility with old API
self.getPortalObject().IdTool_zDropTable()
self.getPortalObject().IdTool_zCreateTable()
for generator in self.objectValues(\
portal_type='Application Id Generator'):
generator.clearGenerator()
## XXX Old API deprecated
#backward compatibility
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewLengthIdList')
generateNewLengthIdList = generateNewIdList
security.declareProtected(Permissions.AccessContentsInformation,
'getLastLengthGeneratedId')
def getLastLengthGeneratedId(self, id_group, default=None):
"""
Get the last length id generated
"""
warnings.warn('getLastLengthGeneratedId is deprecated',
DeprecationWarning)
# check in persistent mapping if exists
if getattr(aq_base(self), 'dict_length_ids', None) is not None:
last_id = self.dict_length_ids.get(id_group)
if last_id is not None:
return last_id.value - 1
# otherwise check in mysql
# XXX It's temporary, a New API will be implemented soon
# the code will be change
portal = self.getPortalObject()
try:
query = portal.IdTool_zGetLastId
except AttributeError:
query = portal.portal_catalog.getSQLCatalog().z_portal_ids_get_last_id
result = query(id_group=id_group)
if len(result):
try:
return result[0]['last_id']
except KeyError:
return result[0]['LAST_INSERT_ID()']
return default
security.declareProtected(Permissions.AccessContentsInformation,
'getLastGeneratedId')
def getLastGeneratedId(self, id_group=None, default=None):
"""
Get the last id generated
"""
warnings.warn('getLastGeneratedId is deprecated', DeprecationWarning)
if getattr(aq_base(self), 'dict_ids', None) is None:
self.dict_ids = PersistentMapping()
last_id = None
if id_group is not None and id_group != 'None':
last_id = self.dict_ids.get(id_group, default)
return last_id
security.declareProtected(Permissions.ModifyPortalContent,
'setLastGeneratedId')
def setLastGeneratedId(self, new_id, id_group=None):
"""
Set a new last id. This is usefull in order to reset
a sequence of ids.
"""
if getattr(aq_base(self), 'dict_ids', None) is None:
self.dict_ids = PersistentMapping()
if id_group is not None and id_group != 'None':
self.dict_ids[id_group] = new_id
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewLengthId')
def generateNewLengthId(self, id_group=None, default=None, store=_marker):
"""Generates an Id using a conflict free id generator. Deprecated.
"""
warnings.warn('generateNewLengthId is deprecated.\n'
'Use generateNewIdList with a sql id_generator',
DeprecationWarning)
if store is not _marker:
return self.generateNewIdList(id_group=id_group,
id_count=1, default=default, store=store)[0]
return self.generateNewIdList(id_group=id_group,
id_count=1, default=default)[0]
security.declareProtected(Permissions.AccessContentsInformation,
'getDictLengthIdsItems')
def getDictLengthIdsItems(self):
"""
Return a copy of dict_length_ids.
This is a workaround to access the persistent mapping content from ZSQL
method to be able to insert initial tuples in the database at creation.
"""
if getattr(self, 'dict_length_ids', None) is None:
self.dict_length_ids = PersistentMapping()
return self.dict_length_ids.items()
security.declarePrivate('dumpDictLengthIdsItems')
def dumpDictLengthIdsItems(self):
"""
Store persistently data from SQL table portal_ids.
"""
portal_catalog = getattr(self, 'portal_catalog').getSQLCatalog()
query = getattr(portal_catalog, 'z_portal_ids_dump')
dict_length_ids = getattr(aq_base(self), 'dict_length_ids', None)
if dict_length_ids is None:
dict_length_ids = self.dict_length_ids = PersistentMapping()
for line in query().dictionaries():
id_group = line['id_group']
last_id = line['last_id']
stored_last_id = self.dict_length_ids.get(id_group)
if stored_last_id is None:
self.dict_length_ids[id_group] = Length(last_id)
else:
stored_last_id_value = stored_last_id()
if stored_last_id_value < last_id:
stored_last_id.set(last_id)
else:
if stored_last_id_value > last_id:
LOG('IdTool', WARNING, 'ZODB value (%r) for group %r is higher ' \
'than SQL value (%r). Keeping ZODB value untouched.' % \
(stored_last_id, id_group, last_id))
class PasswordTool(BaseTool):
"""
PasswordTool is used to allow a user to change its password
"""
title = 'Password Tool'
id = 'portal_password'
meta_type = 'ERP5 Password Tool'
portal_type = 'Password Tool'
allowed_types = ()
# Declarative Security
security = ClassSecurityInfo()
security.declareProtected(Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainPasswordTool', _dtmldir )
_expiration_day = 1
_password_request_dict = {}
def __init__(self, id=None):
if id is None:
id = self.__class__.id
self._password_request_dict = PersistentMapping()
# XXX no call to BaseTool.__init__ ?
# BaseTool.__init__(self, id)
security.declareProtected('Manage users', 'getResetPasswordKey')
def getResetPasswordKey(self, user_login):
# generate expiration date
expiration_date = DateTime() + self._expiration_day
# generate a random string
key = self._generateUUID()
# XXX before r26093, _password_request_dict was initialized by an OOBTree and
# replaced by a dict on each request, so if it's data structure is not up
# to date, we update it if needed
if not isinstance(self._password_request_dict, PersistentMapping):
LOG('ERP5.PasswordTool', INFO, 'Updating password_request_dict to'
' PersistentMapping')
self._password_request_dict = PersistentMapping()
# register request
self._password_request_dict[key] = (user_login, expiration_date)
return key
security.declareProtected('Manage users', 'getResetPasswordUrl')
def getResetPasswordUrl(self, user_login=None, key=None, site_url=None):
if user_login is not None:
# XXX Backward compatibility
key = self.getResetPasswordKey(user_login)
parameter = urlencode(dict(reset_key=key))
method = self._getTypeBasedMethod("getSiteUrl")
if method is not None:
base_url = method()
else:
base_url = "%s/portal_password/PasswordTool_viewResetPassword" % (
site_url,)
url = "%s?%s" %(base_url, parameter)
return url
security.declareProtected('Manage users', 'getResetPasswordUrl')
def getExpirationDateForKey(self, key=None):
return self._password_request_dict[key][1]
def mailPasswordResetRequest(self, user_login=None, REQUEST=None,
notification_message=None, sender=None,
store_as_event=False):
"""
Create a random string and expiration date for request
Parameters:
user_login -- Reference of the user to send password reset link
REQUEST -- Request object
notification_message -- Notification Message Document used to build the email.
As default, a standart text will be used.
sender -- Sender (Person or Organisation) of the email.
As default, the default email address will be used
store_as_event -- whenever CRM is available, store
notifications as events
"""
if REQUEST is None:
REQUEST = get_request()
if user_login is None:
user_login = REQUEST["user_login"]
site_url = self.getPortalObject().absolute_url()
if REQUEST and 'came_from' in REQUEST:
site_url = REQUEST.came_from
msg = None
# check user exists, and have an email
user_list = self.getPortalObject().acl_users.\
erp5_users.getUserByLogin(user_login)
if len(user_list) == 0:
msg = translateString("User ${user} does not exist.",
mapping={'user':user_login})
else:
# We use checked_permission to prevent errors when trying to acquire
# email from organisation
user = user_list[0]
email_value = user.getDefaultEmailValue(
checked_permission='Access content information')
if email_value is None or not email_value.asText():
msg = translateString(
"User ${user} does not have an email address, please contact site "
"administrator directly", mapping={'user':user_login})
if msg:
if REQUEST is not None:
parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % \
(site_url, parameter)
return REQUEST.RESPONSE.redirect( ret_url )
return msg
key = self.getResetPasswordKey(user_login=user_login)
url = self.getResetPasswordUrl(key=key, site_url=site_url)
# send mail
message_dict = {'instance_name':self.getPortalObject().getTitle(),
'reset_password_link':url,
'expiration_date':self.getExpirationDateForKey(key)}
if notification_message is None:
subject = translateString("[${instance_name}] Reset of your password",
mapping={'instance_name': self.getPortalObject().getTitle()})
subject = subject.translate()
message = translateString("\nYou requested to reset your ${instance_name}"\
" account password.\n\n" \
"Please copy and paste the following link into your browser: \n"\
"${reset_password_link}\n\n" \
"Please note that this link will be valid only one time, until "\
"${expiration_date}.\n" \
"After this date, or after having used this link, you will have to make " \
"a new request\n\n" \
"Thank you",
mapping=message_dict)
message = message.translate()
else:
subject = notification_message.getTitle()
if notification_message.getContentType() == "text/html":
message = notification_message.asEntireHTML(substitution_method_parameter_dict=message_dict)
else:
message = notification_message.asText(substitution_method_parameter_dict=message_dict)
self.getPortalObject().portal_notifications.sendMessage(sender=sender, recipient=[user,],
subject=subject, message=message,
store_as_event=store_as_event)
if REQUEST is not None:
msg = translateString("An email has been sent to you.")
parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % (site_url, parameter)
return REQUEST.RESPONSE.redirect( ret_url )
def _generateUUID(self, args=""):
"""
Generate a unique id that will be used as url for password
"""
# this code is based on
# http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/213761
# by Carl Free Jr
# as uuid module is only available in pyhton 2.5
t = long( time.time() * 1000 )
r = long( random.random()*100000000000000000L )
try:
a = socket.gethostbyname( socket.gethostname() )
except:
# if we can't get a network address, just imagine one
a = random.random()*100000000000000000L
data = ' '.join((str(t), str(r), str(a), str(args)))
data = md5_new(data).hexdigest()
return data
def resetPassword(self, reset_key=None, REQUEST=None):
"""
"""
# XXX-Aurel : is it used ?
if REQUEST is None:
REQUEST = get_request()
user_login, expiration_date = self._password_request_dict.get(reset_key, (None, None))
site_url = self.getPortalObject().absolute_url()
if REQUEST and 'came_from' in REQUEST:
site_url = REQUEST.came_from
if reset_key is None or user_login is None:
ret_url = '%s/login_form' % site_url
return REQUEST.RESPONSE.redirect( ret_url )
# check date
current_date = DateTime()
if current_date > expiration_date:
msg = translateString("Date has expire.")
parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % (site_url, parameter)
return REQUEST.RESPONSE.redirect( ret_url )
# redirect to form as all is ok
REQUEST.set("password_key", reset_key)
return self.reset_password_form(REQUEST=REQUEST)
def removeExpiredRequests(self, **kw):
"""
Browse dict and remove expired request
"""
current_date = DateTime()
for key, (login, date) in self._password_request_dict.items():
if date < current_date:
self._password_request_dict.pop(key)
def changeUserPassword(self, password, password_key, password_confirm=None,
user_login=None, REQUEST=None, **kw):
"""
Reset the password for a given login
"""
# check the key
register_user_login, expiration_date = self._password_request_dict.get(
password_key, (None, None))
current_date = DateTime()
msg = None
if REQUEST is None:
REQUEST = get_request()
site_url = self.getPortalObject().absolute_url()
if REQUEST and 'came_from' in REQUEST:
site_url = REQUEST.came_from
if self.getWebSiteValue():
site_url = self.getWebSiteValue().absolute_url()
if register_user_login is None:
msg = "Key not known. Please ask reset password."
elif user_login is not None and register_user_login != user_login:
msg = translateString("Bad login provided.")
elif current_date > expiration_date:
msg = translateString("Date has expire.")
if msg is not None:
if REQUEST is not None:
parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % (site_url, parameter)
return REQUEST.RESPONSE.redirect( ret_url )
else:
return msg
# all is OK, change password and remove it from request dict
self._password_request_dict.pop(password_key)
persons = self.getPortalObject().acl_users.erp5_users.getUserByLogin(register_user_login)
person = persons[0]
person._forceSetPassword(password)
person.reindexObject()
if REQUEST is not None:
msg = translateString("Password changed.")
parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % (site_url, parameter)
return REQUEST.RESPONSE.redirect( ret_url )
