def _reset_password_enabled(self, log=False): try: self.store.hash_method except AttributeError: return False return is_enabled(self.env, self.__class__) and \ self.reset_password and (self._write_check(log) != []) and \ is_enabled(self.env, self.store.__class__) and \ self.store.hash_method and True or False
def process_request(self, req): if req.authname != 'anonymous': req.redirect(req.href.prefs('account')) action = req.args.get('action') data = { 'acctmgr': { 'username': None, 'name': None, 'email': None, }, '_dgettext': dgettext, } data['verify_account_enabled'] = is_enabled( self.env, EmailVerificationModule) and self.acctmgr.verify_email if req.method == 'POST' and action == 'create': try: _create_user(req, self.env) except TracError, e: data['registration_error'] = e.message data['acctmgr'] = getattr(e, 'acctmgr', '') else: chrome.add_notice( req, Markup( tag.span( Markup( _("""Registration has been finished successfully. You may login as user %(user)s now.""", user=tag.b(req.args.get('username'))))))) req.redirect(req.href.login())
def render_registration_fields(self, req, data): """Add an email address text input field to the registration form.""" # Preserve last input for editing on failure instead of typing # everything again. old_value = req.args.get('email', '').strip() insert = tag.label(_("Email:"), tag.input(type='text', name='email', size=20, class_='textwidget', value=old_value) ) # Deferred import required to aviod circular import dependencies. from acct_mgr.web_ui import AccountModule reset_password = AccountModule(self.env).reset_password_enabled verify_account = is_enabled(self.env, EmailVerificationModule) and \ AccountManager(self.env).verify_email if verify_account: # TRANSLATOR: Registration form hints for a mandatory input field. hint = tag.p(_("""The email address is required for Trac to send you a verification token."""), class_='hint') if reset_password: hint = tag(hint, tag.p(_( """Entering your email address will also enable you to reset your password if you ever forget it."""), class_='hint') ) return tag(insert, hint), data elif reset_password: # TRANSLATOR: Registration form hint, if email input is optional. hint = tag.p(_("""Entering your email address will enable you to reset your password if you ever forget it."""), class_='hint') return dict(optional=tag(insert, hint)), data else: # Always return the email text input itself as optional field. return dict(optional=insert), data
def __init__(self, *args, **kwargs): self.email_enabled = True if self.config.getbool('announcer', 'email_enabled') != True and \ self.config.getbool('notification', 'smtp_enabled') != True: self.email_enabled = False if is_enabled(self.env, self.__class__) == True: self.env.log.warn(self.__class__.__name__ + \ ' can\'t work because of missing email setup.')
def __init__(self): c = self.config if is_enabled(self.env, self.__class__) and \ is_enabled(self.env, auth.LoginModule): # Disable auth.LoginModule to handle login requests alone. self.env.log.info("Concurrent enabled login modules found, " "fixing configuration ...") c.set('components', 'trac.web.auth.loginmodule', 'disabled') c.save() self.env.log.info("trac.web.auth.LoginModule disabled, " "giving preference to %s." % self.__class__) self.cookie_lifetime = c.getint('trac', 'auth_cookie_lifetime', 0) if not self.cookie_lifetime > 0: # Set the session to expire after some time and not # when the browser is closed - what is Trac core default). self.cookie_lifetime = 86400 * 30 # AcctMgr default = 30 days self.auth_share_participants = []
def validate_registration(self, req): acctmgr = AccountManager(self.env) username = acctmgr.handle_username_casing( req.args.get('username', '').strip()) if self.username_regexp != "" and \ not re.match(self.username_regexp.strip(), username): raise RegistrationError( N_("Username %s doesn't match local naming policy."), tag.b(username)) email = req.args.get('email', '').strip() if acctmgr.verify_email and is_enabled(self.env, EmailCheck) and \ is_enabled(self.env, EmailVerificationModule): if self.email_regexp.strip() != "" and \ not re.match(self.email_regexp.strip(), email): raise RegistrationError( N_("The email address specified appears to be invalid. " "Please specify a valid email address."))
def validate_registration(self, req): acctmgr = AccountManager(self.env) username = acctmgr.handle_username_casing( req.args.get('username', '').strip()) if self.username_regexp != "" and \ not re.match(self.username_regexp.strip(), username): raise RegistrationError(N_( "Username %s doesn't match local naming policy."), tag.b(username) ) email = req.args.get('email', '').strip() if acctmgr.verify_email and is_enabled(self.env, EmailCheck) and \ is_enabled(self.env, EmailVerificationModule): if self.email_regexp.strip() != "" and \ not re.match(self.email_regexp.strip(), email): raise RegistrationError(N_( "The email address specified appears to be invalid. " "Please specify a valid email address.") )
def validate_registration(self, req): acctmgr = AccountManager(self.env) email = req.args.get('email', '').strip() if is_enabled(self.env, EmailVerificationModule) and \ acctmgr.verify_email: if not email: raise RegistrationError( N_("You must specify a valid email address.")) elif email_associated(self.env, email): raise RegistrationError( N_("The email address specified is already in use. " "Please specify a different one."))
def _enable_check(self, log=False): env = self.env writable = self.acctmgr.supports('set_password') ignore_case = auth.LoginModule(env).ignore_case if log: if not writable: self.log.warn('RegistrationModule is disabled because the ' 'password store does not support writing.') if ignore_case: self.log.debug('RegistrationModule will allow lowercase ' 'usernames only and convert them forcefully ' 'as required, while \'ignore_auth_case\' is ' 'enabled in [trac] section of your trac.ini.') return is_enabled(env, self.__class__) and writable
def process_request(self, req): acctmgr = self.acctmgr if req.authname != 'anonymous': req.redirect(req.href.prefs('account')) action = req.args.get('action') name = req.args.get('name', '').strip() username = acctmgr.handle_username_casing( req.args.get('username', '').strip()) data = { '_dgettext': dgettext, 'acctmgr': dict(name=name, username=username), 'ignore_auth_case': self.config.getbool('trac', 'ignore_auth_case') } verify_enabled = is_enabled(self.env, EmailVerificationModule) and \ acctmgr.verify_email data['verify_account_enabled'] = verify_enabled if req.method == 'POST' and action == 'create': try: # Check request and prime account on success. acctmgr.validate_registration(req) except RegistrationError, e: # Attempt deferred translation. message = gettext(e.message) # Check for (matching number of) message arguments before # attempting string substitution. if e.msg_args and \ len(e.msg_args) == len(re.findall('%s', message)): message = message % e.msg_args chrome.add_warning(req, Markup(message)) else: if verify_enabled: chrome.add_notice( req, Markup( tag.span( Markup( _("""Your username has been successfully registered but your account still requires activation. Please login as user %(user)s, and follow the instructions.""", user=tag.b(username)))))) req.redirect(req.href.login()) chrome.add_notice( req, Markup( tag.span( Markup( _("""Registration has been finished successfully. You may log in as user %(user)s now.""", user=tag.b(username)))))) req.redirect(req.href.login())
def validate_registration(self, req): acctmgr = AccountManager(self.env) email = req.args.get('email', '').strip() if is_enabled(self.env, EmailVerificationModule) and \ acctmgr.verify_email: if not email: raise RegistrationError(N_( "You must specify a valid email address.") ) elif email_associated(self.env, email): raise RegistrationError(N_( "The email address specified is already in use. " "Please specify a different one.") )
def process_request(self, req): acctmgr = self.acctmgr if req.authname != 'anonymous': req.redirect(req.href.prefs('account')) action = req.args.get('action') name = req.args.get('name', '').strip() username = acctmgr.handle_username_casing(req.args.get('username', '').strip()) data = { '_dgettext': dgettext, 'acctmgr': dict(name=name, username=username), 'ignore_auth_case': self.config.getbool('trac', 'ignore_auth_case') } verify_enabled = is_enabled(self.env, EmailVerificationModule) and \ acctmgr.verify_email data['verify_account_enabled'] = verify_enabled if req.method == 'POST' and action == 'create': try: # Check request and prime account on success. acctmgr.validate_registration(req) except RegistrationError, e: # Attempt deferred translation. message = gettext(e.message) # Check for (matching number of) message arguments before # attempting string substitution. if e.msg_args and \ len(e.msg_args) == len(re.findall('%s', message)): message = message % e.msg_args chrome.add_warning(req, Markup(message)) else: if verify_enabled: chrome.add_notice(req, Markup(tag.span(Markup(_( """Your username has been successfully registered but your account still requires activation. Please login as user %(user)s, and follow the instructions.""", user=tag.b(username))))) ) req.redirect(req.href.login()) chrome.add_notice(req, Markup(tag.span(Markup(_( """Registration has been finished successfully. You may log in as user %(user)s now.""", user=tag.b(username))))) ) req.redirect(req.href.login())
def render_registration_fields(self, req, data): """Add an email address text input field to the registration form.""" # Preserve last input for editing on failure instead of typing # everything again. old_value = req.args.get('email', '').strip() insert = tag.label( _("Email:"), tag.input(type='text', name='email', size=20, class_='textwidget', value=old_value)) # Deferred import required to aviod circular import dependencies. from acct_mgr.web_ui import AccountModule reset_password = AccountModule(self.env).reset_password_enabled verify_account = is_enabled(self.env, EmailVerificationModule) and \ AccountManager(self.env).verify_email if verify_account: # TRANSLATOR: Registration form hints for a mandatory input field. hint = tag.p(_("""The email address is required for Trac to send you a verification token."""), class_='hint') if reset_password: hint = tag( hint, tag.p(_("""Entering your email address will also enable you to reset your password if you ever forget it."""), class_='hint')) return tag(insert, hint), data elif reset_password: # TRANSLATOR: Registration form hint, if email input is optional. hint = tag.p(_("""Entering your email address will enable you to reset your password if you ever forget it."""), class_='hint') return dict(optional=tag(insert, hint)), data else: # Always return the email text input itself as optional field. return dict(optional=insert), data
def process_request(self, req): if req.authname != 'anonymous': req.redirect(req.href.prefs('account')) action = req.args.get('action') data = {'acctmgr' : { 'username' : None, 'name' : None, 'email' : None, }, '_dgettext': dgettext, } data['verify_account_enabled'] = is_enabled( self.env, EmailVerificationModule) and self.acctmgr.verify_email if req.method == 'POST' and action == 'create': try: _create_user(req, self.env) except TracError, e: data['registration_error'] = e.message data['acctmgr'] = getattr(e, 'acctmgr', '') else: chrome.add_notice(req, Markup(tag.span(Markup(_( """Registration has been finished successfully. You may login as user %(user)s now.""", user=tag.b(req.args.get('username'))))))) req.redirect(req.href.login())
def _do_acct_details(self, req): username = req.args.get('user') if not username: # Accessing user account details without username is not useful, # so we revert such request immediately. add_warning( req, Markup( tag.span( tag_( "Please choose account by username from list to proceed." )))) req.redirect(req.href.admin('accounts', 'users')) acctmgr = self.acctmgr guard = self.guard if req.args.get('update'): req.redirect(req.href.admin('accounts', 'users', user=username)) elif req.args.get('delete') or req.args.get('release'): # delete failed login attempts, evaluating attempts count if guard.failed_count(username, reset=True) > 0: add_notice( req, Markup( tag.span( Markup( _("Failed login attempts for user %(user)s deleted", user=tag.b(username)))))) elif req.args.get('list'): req.redirect(req.href.admin('accounts', 'users')) data = { '_dgettext': dgettext, 'user': username, } stores = StoreOrder(stores=acctmgr.stores, list=acctmgr.password_store) user_store = acctmgr.find_user_store(username) if not user_store is None: data['user_store'] = user_store.__class__.__name__ data['store_order_num'] = stores[user_store] data['ignore_auth_case'] = \ self.config.getbool('trac', 'ignore_auth_case') for username_, name, email in self.env.get_known_users(): if username_ == username: data['name'] = name if email: data['email'] = email break ts_seen = last_seen(self.env, username) if ts_seen is not None: data['last_visit'] = format_datetime(ts_seen[0][1], tzinfo=req.tz) attempts = [] attempts_count = guard.failed_count(username, reset=None) if attempts_count > 0: for attempt in guard.get_failed_log(username): t = format_datetime(to_datetime(attempt['time']), tzinfo=req.tz) attempts.append({'ipnr': attempt['ipnr'], 'time': t}) data['attempts'] = attempts data['attempts_count'] = attempts_count data['pretty_lock_time'] = guard.pretty_lock_time(username, next=True) data['lock_count'] = guard.lock_count(username) if guard.user_locked(username) is True: data['user_locked'] = True data['release_time'] = guard.pretty_release_time(req, username) if is_enabled(self.env, EmailVerificationModule) and \ acctmgr.verify_email is True: data['verification'] = 'enabled' data['email_verified'] = email_verified(self.env, username, email) self.log.debug('AcctMgr:admin:_do_acct_details for user \"' + \ username + '\", email \"' + str(email) + '\": ' + \ str(data['email_verified'])) add_stylesheet(req, 'acct_mgr/acct_mgr.css') data['url'] = req.href.admin('accounts', 'users', user=username) return 'account_details.html', data
def _do_acct_details(self, req): username = req.args.get('user') if not username: # Accessing user account details without username is not useful, # so we revert such request immediately. add_warning(req, Markup(tag.span(tag_( "Please choose account by username from list to proceed." )))) req.redirect(req.href.admin('accounts', 'users')) acctmgr = self.acctmgr guard = self.guard if req.args.get('update'): req.redirect(req.href.admin('accounts', 'users', user=username)) elif req.args.get('delete') or req.args.get('release'): # delete failed login attempts, evaluating attempts count if guard.failed_count(username, reset=True) > 0: add_notice(req, Markup(tag.span(Markup(_( "Failed login attempts for user %(user)s deleted", user=tag.b(username) ))))) elif req.args.get('list'): req.redirect(req.href.admin('accounts', 'users')) data = {'_': _, 'user': username, } stores = StoreOrder(stores=acctmgr.stores, list=acctmgr.password_store) user_store = acctmgr.find_user_store(username) if not user_store is None: data['user_store'] = user_store.__class__.__name__ data['store_order_num'] = stores[user_store] data['ignore_auth_case'] = \ self.config.getbool('trac', 'ignore_auth_case') for username_, name, email in self.env.get_known_users(): if username_ == username: data['name'] = name if email: data['email'] = email break ts_seen = acctmgr.last_seen(username) if ts_seen is not None: data['last_visit'] = format_datetime(ts_seen[0][1], tzinfo=req.tz) attempts = [] attempts_count = guard.failed_count(username, reset = None) if attempts_count > 0: for attempt in guard.get_failed_log(username): t = format_datetime(to_datetime( attempt['time']), tzinfo=req.tz) attempts.append({'ipnr': attempt['ipnr'], 'time': t}) data['attempts'] = attempts data['attempts_count'] = attempts_count data['pretty_lock_time'] = guard.pretty_lock_time(username, next=True) data['lock_count'] = guard.lock_count(username) if guard.user_locked(username) is True: data['user_locked'] = True data['release_time'] = guard.pretty_release_time(req, username) if is_enabled(self.env, EmailVerificationModule) and \ acctmgr.verify_email is True: data['verification'] = 'enabled' data['email_verified'] = acctmgr.email_verified(username, email) self.log.debug('AcctMgr:admin:_do_acct_details for user \"' + \ username + '\", email \"' + str(email) + '\": ' + \ str(data['email_verified'])) add_stylesheet(req, 'acct_mgr/acct_mgr.css') data['url'] = req.href.admin('accounts', 'users', user=username) return 'account_details.html', data
def enabled(self): # Admin must disable the built-in authentication to use this one. return not is_enabled(self.env, auth.LoginModule)
def _reset_password_enabled(self, log=False): return is_enabled(self.env, self.__class__) and \ self.reset_password and (self._write_check(log) != []) and \ is_enabled(self.env, self.store.__class__) and \ self.store.hash_method
def _reset_password_enabled(self, log=False): return is_enabled(self.env, self.__class__) and \ self.reset_password and (self._write_check(log) != [])
def enabled(self): # Trac built-in authentication must be disabled to use this one. return is_enabled(self.env, self.__class__) and \ not is_enabled(self.env, auth.LoginModule)