def _do_reset_password(self, req):
if req.authname != 'anonymous':
req.hdf['reset.logged_in'] = True
req.hdf['account_href'] = req.href.account()
return
if req.method == 'POST':
username = req.args.get('username')
email = req.args.get('email')
if not username:
req.hdf['reset.error'] = 'Username is required'
return
if not email:
req.hdf['reset.error'] = 'Email is required'
return
for username_, name, email_ in self.env.get_known_users():
if username_ == username and email_ == email:
break
else:
req.hdf['reset.error'] = 'Username and email must match.'
return
notifier = PasswordResetNotification(self.env)
if email != notifier.email_map.get(username):
req.hdf['reset.error'] = 'The email and username do not ' \
'match a known account.'
return
new_password = self._random_password()
notifier.notify(username, new_password)
AccountManager(self.env).set_password(username, new_password)
req.hdf['reset.sent_to_email'] = email
def _do_create(self, req):
mgr = AccountManager(self.env)
user = req.args.get('user')
if not user:
req.hdf['registration.error'] = 'Username cannot be empty.'
return
if mgr.has_user(user):
req.hdf['registration.error'] = \
'Another account with that name already exists.'
return
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(self.env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
req.hdf['registration.error'] = \
'Another account with that name already exists.'
return
password = req.args.get('password')
if not password:
req.hdf['registration.error'] = 'Password cannot be empty.'
return
if password != req.args.get('password_confirm'):
req.hdf['registration.error'] = 'The passwords must match.'
return
mgr.set_password(user, password)
req.redirect(self.env.href.login())
def _remote_user(self, req):
user = req.args.get('user')
password = req.args.get('password')
if not user or not password:
return None
if AccountManager(self.env).check_password(user, password):
return user
return None
def _do_account(self, req):
if req.authname == 'anonymous':
req.redirect(self.env.href.wiki())
action = req.args.get('action')
delete_enabled = AccountManager(self.env).supports('delete_user')
req.hdf['delete_enabled'] = delete_enabled
if req.method == 'POST':
if action == 'change_password':
self._do_change_password(req)
elif action == 'delete':
self._do_delete(req)
def _enable_check(self, log=False):
writable = AccountManager(self.env).supports('set_password')
ignore_case = auth.LoginModule(self.env).ignore_case
if log:
if not writable:
self.log.warn('RegistrationModule is disabled because the '
'password store does not support writing.')
if ignore_case:
self.log.warn('RegistrationModule is disabled because '
'ignore_auth_case is enabled in trac.ini. '
'This setting needs disabled to support '
'registration.')
return writable and not ignore_case
def _do_delete(self, req):
user = req.authname
mgr = AccountManager(self.env)
password = req.args.get('password')
if not password:
req.hdf['account.delete_error'] = 'Password cannot be empty.'
return
if not mgr.check_password(user, password):
req.hdf['account.delete_error'] = 'Password is incorrect.'
return
mgr.delete_user(user)
req.redirect(self.env.href.logout())
def _do_change_password(self, req):
user = req.authname
password = req.args.get('password')
if not password:
req.hdf['account.error'] = 'Password cannot be empty.'
return
if password != req.args.get('password_confirm'):
req.hdf['account.error'] = 'The passwords must match.'
return
AccountManager(self.env).set_password(user, password)
req.hdf['account.message'] = 'Password successfully updated.'
def _create_user(req, env, check_permissions=True):
mgr = AccountManager(env)
user = req.args.get('user')
if not user:
raise TracError('Username cannot be empty.')
if mgr.has_user(user):
raise TracError('Another account with that name already exists.')
if check_permissions:
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
raise TracError('Another account with that name already exists.')
password = req.args.get('password')
if not password:
raise TracError('Password cannot be empty.')
if password != req.args.get('password_confirm'):
raise TracError('The passwords must match.')
mgr.set_password(user, password)
db = env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"SELECT count(*) FROM session "
"WHERE sid=%s AND authenticated=1", (user, ))
exists, = cursor.fetchone()
if not exists:
cursor.execute(
"INSERT INTO session "
"(sid, authenticated, last_visit) "
"VALUES (%s, 1, 0)", (user, ))
for key in ('name', 'email'):
value = req.args.get(key)
if not value:
continue
cursor.execute(
"UPDATE session_attribute SET value=%s "
"WHERE name=%s AND sid=%s AND authenticated=1", (value, key, user))
if not cursor.rowcount:
cursor.execute(
"INSERT INTO session_attribute "
"(sid,authenticated,name,value) "
"VALUES (%s,1,%s,%s)", (user, key, value))
db.commit()
def _do_change_password(self, req):
user = req.authname
mgr = AccountManager(self.env)
old_password = req.args.get('old_password')
if not old_password:
req.hdf['account.save_error'] = 'Old Password cannot be empty.'
return
if not mgr.check_password(user, old_password):
req.hdf['account.save_error'] = 'Old Password is incorrect.'
return
password = req.args.get('password')
if not password:
req.hdf['account.save_error'] = 'Password cannot be empty.'
return
if password != req.args.get('password_confirm'):
req.hdf['account.save_error'] = 'The passwords must match.'
return
mgr.set_password(user, password)
req.hdf['account.message'] = 'Password successfully updated.'
def _write_check(self, log=False):
writable = AccountManager(self.env).supports('set_password')
if not writable and log:
self.log.warn('AccountModule is disabled because the password '
'store does not support writing.')
return writable
def _do_delete(self, req):
user = req.authname
AccountManager(self.env).delete_user(user)
req.redirect(self.env.href.logout())
