def set_email(self, value):
if value is None:
value = ""
props = getToolByName(self, "portal_properties").site_properties
if props.getProperty("use_email_as_login"):
set_own_login_name(self.context, value)
return self.context.setMemberProperties({"email": value})
def set_email(self, value):
if value is None:
value = ''
props = getToolByName(self, 'portal_properties').site_properties
if props.getProperty('use_email_as_login'):
set_own_login_name(self.context, value)
return self.context.setMemberProperties({'email': value})
def reply(self):
user_settings_to_update = json.loads(self.request.get('BODY', '{}'))
user = self._get_user(self._get_user_id)
# Disable CSRF protection
if 'IDisableCSRFProtection' in dir(plone.protect.interfaces):
alsoProvides(self.request,
plone.protect.interfaces.IDisableCSRFProtection)
for key, value in user_settings_to_update.items():
if key == 'password':
user.userSetPassword(user.getUserId(), value)
elif key == 'username':
set_own_login_name(user, value)
else:
user.setMemberProperties(mapping={key: value})
roles = user_settings_to_update.get('roles', {})
if roles:
to_add = [key for key, enabled in roles.items() if enabled]
to_remove = [key for key, enabled in roles.items() if not enabled]
target_roles = set(user.getRoles()) - set(to_remove)
target_roles = target_roles | set(to_add)
acl_users = getToolByName(self.context, 'acl_users')
acl_users.userFolderEditUser(
principal_id=user.id,
password=None,
roles=target_roles,
domains=user.getDomains(),
)
self.request.response.setStatus(204)
return None
def testSetOwnLoginName(self):
memship = self.portal.portal_membership
users = self.portal.acl_users.source_users
member = memship.getAuthenticatedMember()
self.assertEqual(users.getLoginForUserId(PloneTestCase.default_user), PloneTestCase.default_user)
set_own_login_name(member, "maurits")
self.assertEqual(users.getLoginForUserId(PloneTestCase.default_user), "maurits")
def set_email(self, value):
if value is None:
value = ''
props = getToolByName(self, 'portal_properties').site_properties
if props.getProperty('use_email_as_login'):
set_own_login_name(self.context, value)
return self.context.setMemberProperties({'email': value})
def reply(self):
user_settings_to_update = json.loads(self.request.get('BODY', '{}'))
user = self._get_user(self._get_user_id)
# Disable CSRF protection
if 'IDisableCSRFProtection' in dir(plone.protect.interfaces):
alsoProvides(self.request,
plone.protect.interfaces.IDisableCSRFProtection)
security = getAdapter(self.context, ISecuritySchema)
if self.can_manage_users:
for key, value in user_settings_to_update.items():
if key == 'password':
self._change_user_password(user, value)
elif key == 'username':
set_own_login_name(user, value)
else:
user.setMemberProperties(mapping={key: value})
roles = user_settings_to_update.get('roles', {})
if roles:
to_add = [key for key, enabled in roles.items() if enabled]
to_remove = [
key for key, enabled in roles.items() if not enabled
]
target_roles = set(user.getRoles()) - set(to_remove)
target_roles = target_roles | set(to_add)
acl_users = getToolByName(self.context, 'acl_users')
acl_users.userFolderEditUser(
principal_id=user.id,
password=None,
roles=target_roles,
domains=user.getDomains(),
)
elif self._get_current_user == self._get_user_id:
for key, value in user_settings_to_update.items():
if key == 'password' and \
security.enable_user_pwd_choice and \
self.can_set_own_password:
self._change_user_password(user, value)
else:
user.setMemberProperties(mapping={key: value})
else:
if self._is_anonymous:
return self._error(
401, 'Unauthorized',
'You are not authorized to perform this '
'action')
else:
return self._error(
403, 'Forbidden', 'You can\'t update the '
'properties of this user')
self.request.response.setStatus(204)
return None
def testSetOwnLoginName(self):
memship = self.portal.portal_membership
users = self.portal.acl_users.source_users
member = memship.getAuthenticatedMember()
self.assertEqual(users.getLoginForUserId(PloneTestCase.default_user),
'test-user')
set_own_login_name(member, 'maurits')
self.assertEqual(users.getLoginForUserId(PloneTestCase.default_user),
'maurits')
def set_email(self, value):
pp = getToolByName(self.context, 'portal_properties')
if pp.site_properties.getProperty('use_email_as_login'):
mt = getToolByName(self.context, 'portal_membership')
if self.context.getId() == mt.getAuthenticatedMember().getId():
set_own_login_name(self.context, value)
else:
pas = getToolByName(self.context, 'acl_users')
pas.updateLoginName(self.context.getId(), value)
return self._setProperty('email', value)
def testSetLoginNameOfOther(self):
memship = self.portal.portal_membership
memship.addMember('maurits', 'secret', [], [])
member = memship.getMemberById('maurits')
self.assertRaises(Unauthorized, set_own_login_name, member, 'vanrees')
# The admin *should* be able to change the login name of
# another user. See http://dev.plone.org/plone/ticket/11255
self.loginAsPortalOwner()
set_own_login_name(member, 'vanrees')
users = self.portal.acl_users.source_users
self.assertEqual(users.getLoginForUserId('maurits'), 'vanrees')
def set_email(self, value):
registry = getUtility(IRegistry)
security_settings = registry.forInterface(ISecuritySchema, prefix="plone")
if security_settings.use_email_as_login:
mt = getToolByName(self.context, "portal_membership")
if self.context.getId() == mt.getAuthenticatedMember().getId():
set_own_login_name(self.context, value)
else:
pas = getToolByName(self.context, "acl_users")
pas.updateLoginName(self.context.getId(), value)
return self._setProperty("email", value)
def testSetLoginNameOfOther(self):
memship = self.portal.portal_membership
memship.addMember('maurits', 'secret', [], [])
member = memship.getMemberById('maurits')
self.assertRaises(Unauthorized, set_own_login_name, member, 'vanrees')
# The admin *should* be able to change the login name of
# another user. See http://dev.plone.org/plone/ticket/11255
self.loginAsPortalOwner()
set_own_login_name(member, 'vanrees')
users = self.portal.acl_users.source_users
self.assertEqual(users.getLoginForUserId('maurits'), 'vanrees')
def set_email(self, value):
if value is None:
value = ''
props = getToolByName(self, 'portal_properties').site_properties
if props.getProperty('use_email_as_login'):
mt = getToolByName(self.context, 'portal_membership')
if self.context.getId() == mt.getAuthenticatedMember().getId():
set_own_login_name(self.context, value)
else:
pas = getToolByName(self.context, 'acl_users')
pas.updateLoginName(self.context.getId(), value)
return self.context.setMemberProperties({'email': value})
def modifiedProfile(obj, event):
# import pdb; pdb.set_trace()
owner = api.user.get(username=obj.getOwner().getUserName())
obj.title = obj.myName
owner.setMemberProperties(
mapping={
"fullname":obj.myName,
"email":obj.email
}
)
obj.reindexObject()
utils.set_own_login_name(owner, obj.email)
def set_email(self, value):
registry = getUtility(IRegistry)
security_settings = registry.forInterface(ISecuritySchema,
prefix="plone")
if security_settings.use_email_as_login:
mt = getToolByName(self.context, 'portal_membership')
if self.context.getId() == mt.getAuthenticatedMember().getId():
set_own_login_name(self.context, value)
else:
pas = getToolByName(self.context, 'acl_users')
pas.updateLoginName(self.context.getId(), value)
return self._setProperty('email', value)
def reply(self):
user_settings_to_update = json.loads(self.request.get('BODY', '{}'))
user = self._get_user(self._get_user_id)
# Disable CSRF protection
if 'IDisableCSRFProtection' in dir(plone.protect.interfaces):
alsoProvides(self.request,
plone.protect.interfaces.IDisableCSRFProtection)
for key, value in user_settings_to_update.items():
if key == 'password':
user.userSetPassword(user.getUserId(), value)
elif key == 'username':
set_own_login_name(user, value)
else:
user.setMemberProperties(mapping={key: value})
self.request.response.setStatus(204)
return None
def reply(self):
user_settings_to_update = json.loads(self.request.get('BODY', '{}'))
user = self._get_user(self._get_user_id)
# Disable CSRF protection
if 'IDisableCSRFProtection' in dir(plone.protect.interfaces):
alsoProvides(self.request,
plone.protect.interfaces.IDisableCSRFProtection)
for key, value in user_settings_to_update.items():
if key == 'password':
user.userSetPassword(user.getUserId(), value)
elif key == 'username':
set_own_login_name(user, value)
else:
user.setMemberProperties(mapping={key: value})
self.request.response.setStatus(204)
return None
def test_get_member_by_login_name(self):
memship = self.portal.portal_membership
context = self.portal
member = memship.getMemberById(PloneTestCase.default_user)
# Login name and user name start out the same
found = get_member_by_login_name(context, PloneTestCase.default_user)
self.assertEqual(member, found)
# Change the login name:
set_own_login_name(member, 'vanrees')
# A member with this user name is still returned:
found = get_member_by_login_name(context, PloneTestCase.default_user)
self.assertEqual(member, found)
# With the changed login name we can find the member:
found = get_member_by_login_name(context, 'vanrees')
self.assertEqual(member, found)
# Demonstrate that we can find other members than just the
# default user:
found = get_member_by_login_name(context, SITE_OWNER_NAME)
member = memship.getMemberById(SITE_OWNER_NAME)
self.assertEqual(member, found)
def test_get_member_by_login_name(self):
memship = self.portal.portal_membership
context = self.portal
member = memship.getMemberById(PloneTestCase.default_user)
# Login name and user name start out the same
found = get_member_by_login_name(context, PloneTestCase.default_user)
self.assertEqual(member, found)
# Change the login name:
set_own_login_name(member, 'vanrees')
# A member with this user name is still returned:
found = get_member_by_login_name(context, PloneTestCase.default_user)
self.assertEqual(member, found)
# With the changed login name we can find the member:
found = get_member_by_login_name(context, 'vanrees')
self.assertEqual(member, found)
# Demonstrate that we can find other members than just the
# default user:
found = get_member_by_login_name(context, SITE_OWNER_NAME)
member = memship.getMemberById(SITE_OWNER_NAME)
self.assertEqual(member, found)
def reply(self):
user_settings_to_update = json.loads(self.request.get("BODY", "{}"))
user = self._get_user(self._get_user_id)
# Disable CSRF protection
if "IDisableCSRFProtection" in dir(plone.protect.interfaces):
alsoProvides(self.request,
plone.protect.interfaces.IDisableCSRFProtection)
security = getAdapter(self.context, ISecuritySchema)
if self.can_manage_users:
for key, value in user_settings_to_update.items():
if key == "password":
self._change_user_password(user, value)
elif key == "username":
set_own_login_name(user, value)
else:
# If the portrait is already set but has not been changed change it,
# then the serialized value comes again in the request as a string,
# no data on it, then we should not set it since it will fail
if key == "portrait" and isinstance(value, dict):
self.set_member_portrait(user, value)
user.setMemberProperties(mapping={key: value},
force_empty=True)
roles = user_settings_to_update.get("roles", {})
if roles:
to_add = [key for key, enabled in roles.items() if enabled]
to_remove = [
key for key, enabled in roles.items() if not enabled
]
target_roles = set(user.getRoles()) - set(to_remove)
target_roles = target_roles | set(to_add)
acl_users = getToolByName(self.context, "acl_users")
acl_users.userFolderEditUser(
principal_id=user.id,
password=None,
roles=target_roles,
domains=user.getDomains(),
)
elif self._get_current_user == self._get_user_id:
for key, value in user_settings_to_update.items():
if (key == "password" and security.enable_user_pwd_choice
and self.can_set_own_password):
self._change_user_password(user, value)
else:
# If the portrait is already set but has not been changed change it,
# then the serialized value comes again in the request as a string,
# no data on it, then we should not set it since it will fail
if key == "portrait" and isinstance(value, dict):
self.set_member_portrait(user, value)
user.setMemberProperties(mapping={key: value},
force_empty=True)
else:
if self._is_anonymous:
return self._error(
401,
"Unauthorized",
"You are not authorized to perform this "
"action",
)
else:
return self._error(
403, "Forbidden", "You can't update the "
"properties of this user")
return self.reply_no_content()
