def sendmailUser_mask(req, id, err=0): v = getAdminStdVars(req) v["path"] = req.path[1:] if id in["execute", "execu"]: userid = req.params.get("userid") user = getUser(userid) if not user: path = req.path[1:].split("/") user = getExternalUser(userid, path[-1]) password = makeRandomPassword() user.resetPassword(password) text = req.params.get("text") text = text.replace("[wird eingesetzt]", password) try: mail.sendmail(req.params.get("from"), req.params.get("email"), req.params.get("subject"), text) except mail.SocketError: print "Socket error while sending mail" req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR) return req.getTAL("web/admin/modules/user.html", v, macro="sendmailerror") return req.getTAL("web/admin/modules/user.html", v, macro="sendmaildone") user = getUser(id) if not user: path = req.path[1:].split("/") user = getExternalUser(id, path[-1]) collections = [] seen = {} access = acl.AccessData(user=user) for node in getAllCollections(): if access.hasReadAccess(node): if access.hasWriteAccess(node): collections.append(node.name + " (lesen/schreiben)") seen[node.id] = None for node in tree.getRoot("collections").getChildren(): if access.hasReadAccess(node) and node.id not in seen: collections.append(node.name + " (nur lesen)") x = {} x["name"] = "%s %s" % (user.getFirstName(), user.getLastName()) if(x["name"] == ""): x["name"] = user.getName() x["host"] = config.get("host.name") x["login"] = user.getName() x["isEditor"] = user.isEditor() x["collections"] = list() x["groups"] = user.getGroups() x["groups"].sort() x["language"] = lang(req) x["collections"] = collections x["collections"].sort() v["mailtext"] = req.getTAL("web/admin/modules/user.html", x, macro="emailtext").strip() v["email"] = user.getEmail() v["userid"] = user.getName() return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
def pwdforgotten(req): if len(req.params) > 3: # user changed to browsing return buildURL(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) if req.params.get("action", "") == "activate": # do activation of new password id, key = req.params.get("key").replace("/", "").split('-') targetuser = users.getUser(id) if targetuser.get("newpassword.activation_key") == key: newpassword = targetuser.get("newpassword.password") if newpassword: targetuser.set("password", newpassword) print "password reset for user '%s' (id=%s) reset" % ( targetuser.getName(), targetuser.id) targetuser.removeAttribute("newpassword.password") targetuser.set("newpassword.time_activated", date.format_date()) logging.getLogger('usertracing').info( "new password activated for user: %s - was requested: %s by %s" % (targetuser.getName(), targetuser.get("newpassword.time_requested"), targetuser.get("newpassword.request_ip"))) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), {"username": targetuser.getName()}, macro="pwdforgotten_password_activated")) return httpstatus.HTTP_OK else: print "invalid key: wrong key or already used key" navframe.write( req, req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK elif "user" in req.params: # create email with activation information username = req.params.get("user", "") if username == '': req.params['error'] = "pwdforgotten_noentry" else: targetuser = users.getUser(username) if not targetuser or not targetuser.canChangePWD(): logging.getLogger('usertracing').info( "new password requested for non-existing user: "******"pwdforgotten_nosuchuser" else: password = users.makeRandomPassword() randomkey = mkKey() targetuser.set("newpassword.password", hashlib.md5(password).hexdigest()) targetuser.set("newpassword.time_requested", date.format_date()) targetuser.set("newpassword.activation_key", randomkey) targetuser.set("newpassword.request_ip", req.ip) v = {} v["name"] = targetuser.getName() v["host"] = config.get("host.name") v["login"] = targetuser.getName() v["language"] = lang(req) v["activationlink"] = v[ "host"] + "/pwdforgotten?action=activate&key=%s-%s" % ( targetuser.id, randomkey) v["email"] = targetuser.getEmail() v["userid"] = targetuser.getName() # going to send the mail try: mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext") mailtext = mailtext.strip().replace( "[$newpassword]", password).replace("[wird eingesetzt]", password) mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext) logging.getLogger('usertracing').info( "new password requested for user: %s - activation email sent" % username) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), {"message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK except mail.SocketError: print "Socket error while sending mail" logging.getLogger('usertracing').info( "new password requested for user: %s - failed to send activation email" % username) return req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message") # standard operation navframe.write( req, req.getTAL(theme.getTemplate("login.html"), { "error": req.params.get("error"), "user": users.getUserFromRequest(req) }, macro="pwdforgotten")) return httpstatus.HTTP_OK
def sendmailUser_mask(req, id, err=0): v = getAdminStdVars(req) v["path"] = req.path[1:] if id in ["execute", "execu"]: userid = req.params.get("userid") user = getUser(userid) if not user: path = req.path[1:].split("/") user = getExternalUser(userid, path[-1]) password = makeRandomPassword() user.resetPassword(password) text = req.params.get("text") text = text.replace("[wird eingesetzt]", password) try: mail.sendmail(req.params.get("from"), req.params.get("email"), req.params.get("subject"), text) except mail.SocketError: print "Socket error while sending mail" req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR) return req.getTAL("web/admin/modules/user.html", v, macro="sendmailerror") return req.getTAL("web/admin/modules/user.html", v, macro="sendmaildone") user = getUser(id) if not user: path = req.path[1:].split("/") user = getExternalUser(id, path[-1]) collections = [] seen = {} access = acl.AccessData(user=user) for node in getAllCollections(): if access.hasReadAccess(node): if access.hasWriteAccess(node): collections.append(node.name + " (lesen/schreiben)") seen[node.id] = None for node in tree.getRoot("collections").getChildren(): if access.hasReadAccess(node) and node.id not in seen: collections.append(node.name + " (nur lesen)") x = {} x["name"] = "%s %s" % (user.getFirstName(), user.getLastName()) if (x["name"] == ""): x["name"] = user.getName() x["host"] = config.get("host.name") x["login"] = user.getName() x["isEditor"] = user.isEditor() x["collections"] = list() x["groups"] = user.getGroups() x["groups"].sort() x["language"] = lang(req) x["collections"] = collections x["collections"].sort() v["mailtext"] = req.getTAL("web/admin/modules/user.html", x, macro="emailtext").strip() v["email"] = user.getEmail() v["userid"] = user.getName() return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
def pwdforgotten(req): if len(req.params) > 3: # user changed to browsing return buildURL(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) if req.params.get("action", "") == "activate": # do activation of new password id, key = req.params.get("key").replace("/", "").split('-') targetuser = users.getUser(id) if targetuser.get("newpassword.activation_key") == key: newpassword = targetuser.get("newpassword.password") if newpassword: targetuser.set("password", newpassword) print "password reset for user '%s' (id=%s) reset" % (targetuser.getName(), targetuser.id) targetuser.removeAttribute("newpassword.password") targetuser.set("newpassword.time_activated", date.format_date()) logging.getLogger('usertracing').info( "new password activated for user: %s - was requested: %s by %s" % (targetuser.getName(), targetuser.get("newpassword.time_requested"), targetuser.get("newpassword.request_ip"))) navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "username": targetuser.getName()}, macro="pwdforgotten_password_activated")) return httpstatus.HTTP_OK else: print "invalid key: wrong key or already used key" navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK elif "user" in req.params: # create email with activation information username = req.params.get("user", "") if username == '': req.params['error'] = "pwdforgotten_noentry" else: targetuser = users.getUser(username) if not targetuser or not targetuser.canChangePWD(): logging.getLogger('usertracing').info("new password requested for non-existing user: "******"pwdforgotten_nosuchuser" else: password = users.makeRandomPassword() randomkey = mkKey() targetuser.set("newpassword.password", hashlib.md5(password).hexdigest()) targetuser.set("newpassword.time_requested", date.format_date()) targetuser.set("newpassword.activation_key", randomkey) targetuser.set("newpassword.request_ip", req.ip) v = {} v["name"] = targetuser.getName() v["host"] = config.get("host.name") v["login"] = targetuser.getName() v["language"] = lang(req) v["activationlink"] = v["host"] + "/pwdforgotten?action=activate&key=%s-%s" % (targetuser.id, randomkey) v["email"] = targetuser.getEmail() v["userid"] = targetuser.getName() # going to send the mail try: mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext") mailtext = mailtext.strip().replace("[$newpassword]", password).replace("[wird eingesetzt]", password) mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext) logging.getLogger('usertracing').info("new password requested for user: %s - activation email sent" % username) navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK except mail.SocketError: print "Socket error while sending mail" logging.getLogger('usertracing').info( "new password requested for user: %s - failed to send activation email" % username) return req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message") # standard operation navframe.write(req, req.getTAL(theme.getTemplate("login.html"), { "error": req.params.get("error"), "user": users.getUserFromRequest(req)}, macro="pwdforgotten")) return httpstatus.HTTP_OK