def __call__(self):
self.request.response.setHeader('Content-Type', 'application/json')
token = self.request.get('token')
user = self.request.get('user')
if token:
salt = api.portal.get_registry_record('castle.rocket_chat_secret')
manager = getUtility(IKeyManager)
keyring = _getKeyring(user, manager=manager)
for key in keyring:
if key is None:
continue
value = hmac.new(key, user + salt, sha).hexdigest()
if _is_equal(value, token):
return json.dumps({'status': 'success', 'user': user})
return json.dumps({'status': 'failure'})
def test_new_user_as_site_administrator(self):
self.portal.acl_users._doAddUser(
'siteadmin', 'secret', ['Site Administrator'], []
)
self.browser.addHeader('Authorization', 'Basic siteadmin:secret')
# XXX need to use auth token here because there is one case of write
# on read for portlets that isn't hit here...
ring = auth._getKeyring('siteadmin')
secret = ring.random()
token = hmac.new(secret, 'siteadmin', sha).hexdigest()
self.browser.open('http://nohost/plone/new-user?_authenticator=%s' % (
token))
self.browser.getControl('User Name').value = 'newuser'
self.browser.getControl('E-mail').value = '*****@*****.**'
self.browser.getControl('Password').value = 'foobar'
self.browser.getControl('Confirm password').value = 'foobar'
self.browser.getControl('Site Administrators').selected = True
self.browser.getControl('Register').click()
# make sure the new user is in the Site Administrators group
self.assertTrue(
'Site Administrator' in
self.portal.acl_users.getUserById('newuser').getRoles()
)
def getToken(username):
ring = _getKeyring(username)
secret = ring.random()
return hmac.new(secret, username, sha).hexdigest()
def getToken(username):
ring = _getKeyring(username)
secret = ring.random()
return hmac.new(secret, username, sha).hexdigest()
def getToken(username):
ring = _getKeyring(username)
secret = ring.random().encode('utf8')
return hmac.new(secret, username.encode('utf8'), sha).hexdigest()
