def _reset_password_enabled(self, log=False):
try:
self.store.hash_method
except (AttributeError, ConfigurationError):
return False
return is_enabled(self.env, self.__class__) and \
self.reset_password and (self._write_check(log) != []) and \
is_enabled(self.env, self.store.__class__) and \
self.store.hash_method and True or False
def _reset_password_enabled(self, log=False):
try:
self.store.hash_method
except AttributeError:
return False
return is_enabled(self.env, self.__class__) and \
self.reset_password and (self._write_check(log) != []) and \
is_enabled(self.env, self.store.__class__) and \
self.store.hash_method and True or False
def render_registration_fields(self, req, data):
"""Add an email address text input field to the registration form."""
# Preserve last input for editing on failure instead of typing
# everything again.
old_value = req.args.get('email', '').strip()
insert = tag.label(_("Email:"),
tag.input(type='text', name='email', size=20,
class_='textwidget', value=old_value)
)
# Deferred import required to aviod circular import dependencies.
from acct_mgr.web_ui import AccountModule
reset_password = AccountModule(self.env).reset_password_enabled
verify_account = is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email
if verify_account:
# TRANSLATOR: Registration form hints for a mandatory input field.
hint = tag.p(_("""The email address is required for Trac to send
you a verification token."""), class_='hint')
if reset_password:
hint = tag(hint, tag.p(_(
"""Entering your email address will also enable you
to reset your password if you ever forget it."""),
class_='hint')
)
return tag(insert, hint), data
elif reset_password:
# TRANSLATOR: Registration form hint, if email input is optional.
hint = tag.p(_("""Entering your email address will enable you to
reset your password if you ever forget it."""),
class_='hint')
return dict(optional=tag(insert, hint)), data
else:
# Always return the email text input itself as optional field.
return dict(optional=insert), data
def render_registration_fields(self, req, data):
"""Add an email address text input field to the registration form."""
# Preserve last input for editing on failure instead of typing
# everything again.
old_value = req.args.get('email', '').strip()
insert = tag.label(_("Email:"),
tag.input(type='text', name='email', size=20,
class_='textwidget', value=old_value)
)
# Deferred import required to aviod circular import dependencies.
from acct_mgr.web_ui import AccountModule
reset_password = AccountModule(self.env).reset_password_enabled
verify_account = is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email
if verify_account:
# TRANSLATOR: Registration form hints for a mandatory input field.
hint = tag.p(_("""The email address is required for Trac to send
you a verification token."""), class_='hint')
if reset_password:
hint = tag(hint, tag.p(_(
"""Entering your email address will also enable you
to reset your password if you ever forget it."""),
class_='hint')
)
return tag(insert, hint), data
elif reset_password:
# TRANSLATOR: Registration form hint, if email input is optional.
hint = tag.p(_("""Entering your email address will enable you to
reset your password if you ever forget it."""),
class_='hint')
return dict(optional=tag(insert, hint)), data
else:
# Always return the email text input itself as optional field.
return dict(optional=insert), data
def __init__(self, *args, **kwargs):
self.email_enabled = True
if self.config.getbool('announcer', 'email_enabled') != True and \
self.config.getbool('notification', 'smtp_enabled') != True:
self.email_enabled = False
if is_enabled(self.env, self.__class__) == True:
self.env.log.warn(' '.join([
self.__class__.__name__,
"can't work because of missing email setup."
]))
def __init__(self, *args, **kwargs):
self.email_enabled = True
if self.config.getbool('announcer', 'email_enabled') != True and \
self.config.getbool('notification', 'smtp_enabled') != True:
self.email_enabled = False
if is_enabled(self.env, self.__class__) == True:
self.env.log.warn(
' '.join([self.__class__.__name__,
"can't work because of missing email setup."])
)
def process_request(self, req):
acctmgr = self.acctmgr
if req.authname != 'anonymous':
req.redirect(req.href.prefs('account'))
action = req.args.get('action')
name = req.args.get('name', '').strip()
username = acctmgr.handle_username_casing(req.args.get('username',
'').strip())
data = {
'_dgettext': dgettext,
'acctmgr': dict(name=name, username=username),
'ignore_auth_case': self.config.getbool('trac', 'ignore_auth_case')
}
verify_enabled = is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email
data['verify_account_enabled'] = verify_enabled
if req.method == 'POST' and action == 'create':
try:
# Check request and prime account on success.
acctmgr.validate_account(req, True)
except RegistrationError, e:
# Attempt deferred translation.
message = gettext(e.message)
# Check for (matching number of) message arguments before
# attempting string substitution.
if e.msg_args and \
len(e.msg_args) == len(re.findall('%s', message)):
message = message % e.msg_args
chrome.add_warning(req, Markup(message))
else:
if self.require_approval:
set_user_attribute(self.env, username, 'approval',
N_('pending'))
# Notify admin user about registration pending for review.
acctmgr._notify('registration_approval_required',
username)
chrome.add_notice(req, Markup(tag.span(Markup(_(
"Your username has been registered successfully, but "
"your account requires administrative approval. "
"Please proceed according to local policy."))))
)
if verify_enabled:
chrome.add_notice(req, Markup(tag.span(Markup(_(
"""Your username has been successfully registered but
your account still requires activation. Please login
as user %(user)s, and follow the instructions.""",
user=tag.b(username)))))
)
req.redirect(req.href.login())
chrome.add_notice(req, Markup(tag.span(Markup(_(
"""Registration has been finished successfully.
You may log in as user %(user)s now.""",
user=tag.b(username)))))
)
req.redirect(req.href.login())
def __init__(self):
cfg = self.config
if is_enabled(self.env, self.__class__) and \
is_enabled(self.env, auth.LoginModule):
# Disable auth.LoginModule to handle login requests alone.
self.env.log.info("Concurrent enabled login modules found, "
"fixing configuration ...")
cfg.set('components', 'trac.web.auth.loginmodule', 'disabled')
# Changes are intentionally not written to file for persistence.
# This could cause the environment to reload a bit too early, even
# interrupting a rewrite in progress by another thread and causing
# a DoS condition by truncating the configuration file.
self.env.log.info("trac.web.auth.LoginModule disabled, "
"giving preference to %s." % self.__class__)
self.cookie_lifetime = self.auth_cookie_lifetime
if not self.cookie_lifetime > 0:
# Set the session to expire after some time and not
# when the browser is closed - what is Trac core default).
self.cookie_lifetime = 86400 * 30 # AcctMgr default = 30 days
def __init__(self):
cfg = self.config
if is_enabled(self.env, self.__class__) and \
is_enabled(self.env, auth.LoginModule):
# Disable auth.LoginModule to handle login requests alone.
self.env.log.info("Concurrent enabled login modules found, "
"fixing configuration ...")
cfg.set('components', 'trac.web.auth.loginmodule', 'disabled')
# Changes are intentionally not written to file for persistence.
# This could cause the environment to reload a bit too early, even
# interrupting a rewrite in progress by another thread and causing
# a DoS condition by truncating the configuration file.
self.env.log.info("trac.web.auth.LoginModule disabled, "
"giving preference to %s." % self.__class__)
self.cookie_lifetime = self.auth_cookie_lifetime
if not self.cookie_lifetime > 0:
# Set the session to expire after some time and not
# when the browser is closed - what is Trac core default).
self.cookie_lifetime = 86400 * 30 # AcctMgr default = 30 days
def validate_registration(self, req):
acctmgr = AccountManager(self.env)
username = acctmgr.handle_username_casing(
req.args.get('username', '').strip())
if req.path_info != '/prefs' and self.username_regexp != "" and \
not re.match(self.username_regexp.strip(), username):
raise RegistrationError(
N_("Username %s doesn't match local naming policy."),
tag.b(username))
email = req.args.get('email', '').strip()
if is_enabled(self.env, EmailCheck) and \
is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email:
if self.email_regexp.strip() != "" and \
not re.match(self.email_regexp.strip(), email) and \
not req.args.get('active'):
raise RegistrationError(
N_("The email address specified appears to be invalid. "
"Please specify a valid email address."))
def _enable_check(self, log=False):
env = self.env
writable = self.acctmgr.supports('set_password')
ignore_case = auth.LoginModule(env).ignore_case
if log:
if not writable:
self.log.warn('RegistrationModule is disabled because the '
'password store does not support writing.')
if ignore_case:
self.log.debug('RegistrationModule will allow lowercase '
'usernames only and convert them forcefully '
'as required, while \'ignore_auth_case\' is '
'enabled in [trac] section of your trac.ini.')
return is_enabled(env, self.__class__) and writable
def validate_registration(self, req):
acctmgr = AccountManager(self.env)
username = acctmgr.handle_username_casing(
req.args.get('username', '').strip())
if req.path_info != '/prefs' and self.username_regexp != "" and \
not re.match(self.username_regexp.strip(), username):
raise RegistrationError(N_(
"Username %s doesn't match local naming policy."),
tag.b(username)
)
email = req.args.get('email', '').strip()
if is_enabled(self.env, EmailCheck) and \
is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email:
if self.email_regexp.strip() != "" and \
not re.match(self.email_regexp.strip(), email) and \
not req.args.get('active'):
raise RegistrationError(N_(
"The email address specified appears to be invalid. "
"Please specify a valid email address.")
)
def _enable_check(self, log=False):
env = self.env
writable = self.acctmgr.supports('set_password')
ignore_case = auth.LoginModule(env).ignore_case
if log:
if not writable:
self.log.warn('RegistrationModule is disabled because the '
'password store does not support writing.')
if ignore_case:
self.log.debug('RegistrationModule will allow lowercase '
'usernames only and convert them forcefully '
'as required, while \'ignore_auth_case\' is '
'enabled in [trac] section of your trac.ini.')
return is_enabled(env, self.__class__) and writable
def validate_registration(self, req):
acctmgr = AccountManager(self.env)
email = req.args.get('email', '').strip()
if is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email:
# Initial configuration case.
if not email and not req.args.get('active'):
raise RegistrationError(
N_("You must specify a valid email address."))
# User preferences case.
elif req.path_info == '/prefs' and email == req.session.get(
'email'):
return
elif email_associated(self.env, email):
raise RegistrationError(
N_("The email address specified is already in use. "
"Please specify a different one."))
def validate_registration(self, req):
acctmgr = AccountManager(self.env)
email = req.args.get('email', '').strip()
if is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email:
# Initial configuration case.
if not email and not req.args.get('active'):
raise RegistrationError(N_(
"You must specify a valid email address.")
)
# User preferences case.
elif req.path_info == '/prefs' and email == req.session.get('email'):
return
elif email_associated(self.env, email):
raise RegistrationError(N_(
"The email address specified is already in use. "
"Please specify a different one.")
)
def enabled(self):
# Trac built-in authentication must be disabled to use this one.
return is_enabled(self.env, self.__class__) and \
not is_enabled(self.env, auth.LoginModule)
def enabled(self):
# Trac built-in authentication must be disabled to use this one.
return is_enabled(self.env, self.__class__) and \
not is_enabled(self.env, auth.LoginModule)
def process_request(self, req):
acctmgr = self.acctmgr
if req.authname != 'anonymous':
req.redirect(req.href.prefs('account'))
action = req.args.get('action')
name = req.args.get('name', '').strip()
username = acctmgr.handle_username_casing(
req.args.get('username', '').strip())
data = {
'_dgettext': dgettext,
'acctmgr': dict(name=name, username=username),
'ignore_auth_case': self.config.getbool('trac', 'ignore_auth_case')
}
verify_enabled = is_enabled(self.env, EmailVerificationModule) and \
EmailVerificationModule(self.env).verify_email
data['verify_account_enabled'] = verify_enabled
if req.method == 'POST' and action == 'create':
try:
# Check request and prime account on success.
acctmgr.validate_account(req, True)
except RegistrationError, e:
# Attempt deferred translation.
message = gettext(e.message)
# Check for (matching number of) message arguments before
# attempting string substitution.
if e.msg_args and \
len(e.msg_args) == len(re.findall('%s', message)):
message = message % e.msg_args
chrome.add_warning(req, Markup(message))
else:
if self.require_approval:
set_user_attribute(self.env, username, 'approval',
N_('pending'))
# Notify admin user about registration pending for review.
acctmgr._notify('registration_approval_required', username)
chrome.add_notice(
req,
Markup(
tag.span(
Markup(
_("Your username has been registered successfully, but "
"your account requires administrative approval. "
"Please proceed according to local policy."
)))))
if verify_enabled:
chrome.add_notice(
req,
Markup(
tag.span(
Markup(
_("""Your username has been successfully registered but
your account still requires activation. Please login
as user %(user)s, and follow the instructions.""",
user=tag.b(username))))))
req.redirect(req.href.login())
chrome.add_notice(
req,
Markup(
tag.span(
Markup(
_("""Registration has been finished successfully.
You may log in as user %(user)s now.""",
user=tag.b(username))))))
req.redirect(req.href.login())
