def _do_create(self, req):
mgr = AccountManager(self.env)
user = req.args.get('user')
if not user:
req.hdf['registration.error'] = 'Username cannot be empty.'
return
if mgr.has_user(user):
req.hdf['registration.error'] = \
'Another account with that name already exists.'
return
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(self.env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
req.hdf['registration.error'] = \
'Another account with that name already exists.'
return
password = req.args.get('password')
if not password:
req.hdf['registration.error'] = 'Password cannot be empty.'
return
if password != req.args.get('password_confirm'):
req.hdf['registration.error'] = 'The passwords must match.'
return
mgr.set_password(user, password)
req.redirect(self.env.href.login())
def _do_create(self, req):
mgr = AccountManager(self.env)
user = req.args.get('user')
if not user:
req.hdf['registration.error'] = 'Username cannot be empty.'
return
if mgr.has_user(user):
req.hdf['registration.error'] = \
'Another account with that name already exists.'
return
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(self.env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
req.hdf['registration.error'] = \
'Another account with that name already exists.'
return
password = req.args.get('password')
if not password:
req.hdf['registration.error'] = 'Password cannot be empty.'
return
if password != req.args.get('password_confirm'):
req.hdf['registration.error'] = 'The passwords must match.'
return
mgr.set_password(user, password)
req.redirect(self.env.href.login())
def _create_user(req, env, check_permissions=True):
mgr = AccountManager(env)
user = req.args.get('user')
name = req.args.get('name')
email = req.args.get('email')
acctmgr = {'username' : user,
'name' : name,
'email' : email,
}
error = TracError('')
error.acctmgr = acctmgr
if not user:
error.message = 'Username cannot be empty.'
raise error
if mgr.has_user(user):
error.message = 'Another account with that name already exists.'
raise error
if check_permissions:
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
error.message = 'Another account with that name already exists.'
raise error
# password = req.args.get('password')
# if not password:
# error.message = 'Password cannot be empty.'
# raise error
# if password != req.args.get('password_confirm'):
# error.message = 'The passwords must match.'
# raise error
db = env.get_db_cnx()
cursor = db.cursor()
cursor.execute("REPLACE INTO session "
"(sid, authenticated, last_visit) "
"VALUES (%s, 1, 0)",
(user,))
for key in ('name', 'email'):
value = req.args.get(key)
if not value:
continue
cursor.execute("REPLACE INTO session_attribute "
"(sid,authenticated,name,value) "
"VALUES (%s,1,%s,%s)",
(user, key, value))
db.commit()
try:
mgr.set_password(user, "setinldap")
except TracError, e:
e.acctmgr = acctmgr
raise e
def _create_user(req, env, check_permissions=True):
mgr = AccountManager(env)
user = req.args.get('user')
if not user:
raise TracError('Username cannot be empty.')
if mgr.has_user(user):
raise TracError('Another account with that name already exists.')
if check_permissions:
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
raise TracError('Another account with that name already exists.')
password = req.args.get('password')
if not password:
raise TracError('Password cannot be empty.')
if password != req.args.get('password_confirm'):
raise TracError('The passwords must match.')
mgr.set_password(user, password)
db = env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"SELECT count(*) FROM session "
"WHERE sid=%s AND authenticated=1", (user, ))
exists, = cursor.fetchone()
if not exists:
cursor.execute(
"INSERT INTO session "
"(sid, authenticated, last_visit) "
"VALUES (%s, 1, 0)", (user, ))
for key in ('name', 'email'):
value = req.args.get(key)
if not value:
continue
cursor.execute(
"UPDATE session_attribute SET value=%s "
"WHERE name=%s AND sid=%s AND authenticated=1", (value, key, user))
if not cursor.rowcount:
cursor.execute(
"INSERT INTO session_attribute "
"(sid,authenticated,name,value) "
"VALUES (%s,1,%s,%s)", (user, key, value))
db.commit()
def _create_user(req, env, check_permissions=True):
mgr = AccountManager(env)
user = req.args.get('user')
if not user:
raise TracError('Username cannot be empty.')
if mgr.has_user(user):
raise TracError('Another account with that name already exists.')
if check_permissions:
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
raise TracError('Another account with that name already exists.')
password = req.args.get('password')
if not password:
raise TracError('Password cannot be empty.')
if password != req.args.get('password_confirm'):
raise TracError('The passwords must match.')
mgr.set_password(user, password)
db = env.get_db_cnx()
cursor = db.cursor()
cursor.execute("SELECT count(*) FROM session "
"WHERE sid=%s AND authenticated=1",
(user,))
exists, = cursor.fetchone()
if not exists:
cursor.execute("INSERT INTO session "
"(sid, authenticated, last_visit) "
"VALUES (%s, 1, 0)",
(user,))
for key in ('name', 'email'):
value = req.args.get(key)
if not value:
continue
cursor.execute("UPDATE session_attribute SET value=%s "
"WHERE name=%s AND sid=%s AND authenticated=1",
(value, key, user))
if not cursor.rowcount:
cursor.execute("INSERT INTO session_attribute "
"(sid,authenticated,name,value) "
"VALUES (%s,1,%s,%s)",
(user, key, value))
db.commit()
def _create_user(req, env, check_permissions=True):
mgr = AccountManager(env)
user = req.args.get('user')
name = req.args.get('name')
email = req.args.get('email')
acctmgr = {'username' : user,
'name' : name,
'email' : email,
}
error = TracError('')
error.acctmgr = acctmgr
if not user:
error.message = 'Username cannot be empty.'
raise error
if mgr.has_user(user):
error.message = 'Another account with that name already exists.'
raise error
if check_permissions:
# disallow registration of accounts which have existing permissions
permission_system = perm.PermissionSystem(env)
if permission_system.get_user_permissions(user) != \
permission_system.get_user_permissions('authenticated'):
error.message = 'Another account with that name already exists.'
raise error
password = req.args.get('password')
if not password:
error.message = 'Password cannot be empty.'
raise error
if password != req.args.get('password_confirm'):
error.message = 'The passwords must match.'
raise error
if not email:
error.message = 'You must provide an Email';
raise error
try:
mgr.set_password(user, password)
except TracError, e:
e.acctmge = acctmgr
raise e
def _do_change_password(self, req):
user = req.authname
mgr = AccountManager(self.env)
old_password = req.args.get('old_password')
if not old_password:
return {'save_error': 'Old Password cannot be empty.'}
if not mgr.check_password(user, old_password):
return {'save_error': 'Old Password is incorrect.'}
password = req.args.get('password')
if not password:
return {'save_error': 'Password cannot be empty.'}
if password != req.args.get('password_confirm'):
return {'save_error': 'The passwords must match.'}
mgr.set_password(user, password)
return {'message': 'Password successfully updated.'}
def _do_change_password(self, req):
user = req.authname
mgr = AccountManager(self.env)
old_password = req.args.get('old_password')
if not old_password:
req.hdf['account.save_error'] = 'Old Password cannot be empty.'
return
if not mgr.check_password(user, old_password):
req.hdf['account.save_error'] = 'Old Password is incorrect.'
return
password = req.args.get('password')
if not password:
req.hdf['account.save_error'] = 'Password cannot be empty.'
return
if password != req.args.get('password_confirm'):
req.hdf['account.save_error'] = 'The passwords must match.'
return
mgr.set_password(user, password)
req.hdf['account.message'] = 'Password successfully updated.'
def _do_reset_password(self, req):
if req.authname and req.authname != 'anonymous':
return {'logged_in': True}
if req.method != 'POST':
return {}
username = req.args.get('username')
email = req.args.get('email')
if not username:
return {'error': 'Username is required'}
if not email:
return {'error': 'Email is required'}
notifier = PasswordResetNotification(self.env)
if email != notifier.email_map.get(username):
return {'error': 'The email and username do not '
'match a known account.'}
new_password = self._random_password()
notifier.notify(username, new_password)
mgr = AccountManager(self.env)
mgr.set_password(username, new_password)
if mgr.force_passwd_change:
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute("UPDATE session_attribute SET value=%s "
"WHERE name=%s AND sid=%s AND authenticated=1",
(1, "force_change_passwd", username))
if not cursor.rowcount:
cursor.execute("INSERT INTO session_attribute "
"(sid,authenticated,name,value) "
"VALUES (%s,1,%s,%s)",
(username, "force_change_passwd", 1))
db.commit()
return {'sent_to_email': email}
