def validate_email(self, action, data):
context = aq_inner(self.context)
error_keys = [
error.field.getName()
for error
in action.form.widgets.errors
]
if 'email' not in error_keys:
registration = getToolByName(context, 'portal_registration')
registry = getUtility(IRegistry)
security_settings = registry.forInterface(
ISecuritySchema, prefix="plone")
if security_settings.use_email_as_login:
err_str = ''
try:
id_allowed = registration.isMemberIdAllowed(data['email'])
except Unauthorized:
err_str = MESSAGE_EMAIL_CANNOT_CHANGE
else:
if not id_allowed:
# only allow if unchanged
if self._differentEmail(data['email']):
err_str = MESSAGE_EMAIL_IN_USE
if err_str:
notifyWidgetActionExecutionError(action, 'email', err_str)
def validate_password(self, action, data):
context = aq_inner(self.context)
registration = getToolByName(context, 'portal_registration')
membertool = getToolByName(context, 'portal_membership')
# check if password is correct
current_password = data.get('current_password')
if current_password:
if isinstance(current_password, unicode):
current_password = current_password.encode('utf8')
if not membertool.testCurrentPassword(current_password):
# add error to current_password widget
err_str = _(u"Incorrect value for current password")
notifyWidgetActionExecutionError(action,
'current_password', err_str)
# check if passwords are same and valid according to plugin
new_password = data.get('new_password')
new_password_ctl = data.get('new_password_ctl')
if new_password and new_password_ctl:
err_str = registration.testPasswordValidity(new_password,
new_password_ctl)
if err_str:
# add error to new_password widget
notifyWidgetActionExecutionError(action,
'new_password', err_str)
notifyWidgetActionExecutionError(action,
'new_password_ctl', err_str)
def validate_email(self, action, data):
context = aq_inner(self.context)
error_keys = [
error.field.getName()
for error
in action.form.widgets.errors
]
if 'email' not in error_keys:
registration = getToolByName(context, 'portal_registration')
properties = getToolByName(context, 'portal_properties')
if properties.site_properties.getProperty('use_email_as_login'):
err_str = ''
try:
id_allowed = registration.isMemberIdAllowed(data['email'])
except Unauthorized:
err_str = MESSAGE_EMAIL_CANNOT_CHANGE
else:
if not id_allowed:
# only allow if unchanged
if self._differentEmail(data['email']):
err_str = MESSAGE_EMAIL_IN_USE
if err_str:
notifyWidgetActionExecutionError(action, 'email', err_str)
def validate_registration(self, action, data):
"""Specific business logic for this join form. Note: all this logic
was taken directly from the old validate_registration.py script in
Products/CMFPlone/skins/plone_login/join_form_validate.vpy
"""
# CSRF protection
CheckAuthenticator(self.request)
registration = getToolByName(self.context, 'portal_registration')
error_keys = [
error.field.getName() for error in action.form.widgets.errors
]
form_field_names = [f for f in self.fields]
portal = getUtility(ISiteRoot)
# passwords should match
if 'password' in form_field_names:
assert ('password_ctl' in form_field_names)
# Skip this check if password fields already have an error
if not ('password' in error_keys or 'password_ctl' in error_keys):
password = data.get('password')
password_ctl = data.get('password_ctl')
if password != password_ctl:
err_str = _(u'Passwords do not match.')
notifyWidgetActionExecutionError(action, 'password',
err_str)
notifyWidgetActionExecutionError(action, 'password_ctl',
err_str)
# Password field checked against RegistrationTool
if 'password' in form_field_names:
# Skip this check if password fields already have an error
if 'password' not in error_keys:
password = data.get('password')
if password:
# Use PAS to test validity
err_str = registration.testPasswordValidity(password)
if err_str:
notifyWidgetActionExecutionError(
action, 'password', err_str)
settings = self._get_security_settings()
if settings.use_email_as_login:
username_field = 'email'
else:
username_field = 'username'
# The term 'username' is not clear. It may be the user id or
# the login name. So here we try to be explicit.
# Generate a nice user id and store that in the data.
user_id = self.generate_user_id(data)
# Generate a nice login name and store that in the data.
login_name = self.generate_login_name(data)
# Do several checks to see if the user id and the login name
# are valid.
#
# Skip these checks if username was already in error list.
#
# Note that if we cannot generate a unique user id, it is not
# necessarily the fault of the username field, but it
# certainly is the most likely cause in a standard Plone
# setup.
# check if username is valid
# Skip this check if username was already in error list
if username_field not in error_keys:
# user id may not be the same as the portal id.
if user_id == portal.getId():
err_str = _(u"This username is reserved. Please choose a "
"different name.")
notifyWidgetActionExecutionError(action, username_field,
err_str)
# Check if user id is allowed by the member id pattern.
if username_field not in error_keys:
if not registration.isMemberIdAllowed(user_id):
err_str = _(u"The login name you selected is already in use "
"or is not valid. Please choose another.")
notifyWidgetActionExecutionError(action, username_field,
err_str)
if username_field not in error_keys:
# Check the uniqueness of the login name, not only when
# use_email_as_login is true, but always.
pas = getToolByName(self, 'acl_users')
results = pas.searchUsers(name=login_name, exact_match=True)
if results:
err_str = _(u"The login name you selected is already in use "
"or is not valid. Please choose another.")
notifyWidgetActionExecutionError(action, username_field,
err_str)
if 'password' in form_field_names and 'password' not in error_keys:
# Admin can either set a password or mail the user (or both).
if not (data['password'] or data['mail_me']):
err_str = _('msg_no_password_no_mail_me',
default=u"You must set a password or choose to "
"send an email.")
# set error on password field
notifyWidgetActionExecutionError(action, 'password', err_str)
notifyWidgetActionExecutionError(action, 'mail_me', err_str)
def validate_registration(self, action, data):
"""Specific business logic for this join form. Note: all this logic
was taken directly from the old validate_registration.py script in
Products/CMFPlone/skins/plone_login/join_form_validate.vpy
"""
# CSRF protection
CheckAuthenticator(self.request)
registration = getToolByName(self.context, 'portal_registration')
error_keys = [
error.field.getName()
for error
in action.form.widgets.errors
]
form_field_names = [f for f in self.fields]
portal = getUtility(ISiteRoot)
# passwords should match
if 'password' in form_field_names:
assert('password_ctl' in form_field_names)
# Skip this check if password fields already have an error
if not ('password' in error_keys or 'password_ctl' in error_keys):
password = data.get('password')
password_ctl = data.get('password_ctl')
if password != password_ctl:
err_str = _(u'Passwords do not match.')
notifyWidgetActionExecutionError(action,
'password', err_str)
notifyWidgetActionExecutionError(action,
'password_ctl', err_str)
# Password field checked against RegistrationTool
if 'password' in form_field_names:
# Skip this check if password fields already have an error
if 'password' not in error_keys:
password = data.get('password')
if password:
# Use PAS to test validity
err_str = registration.testPasswordValidity(password)
if err_str:
notifyWidgetActionExecutionError(action,
'password', err_str)
settings = self._get_security_settings()
if settings.use_email_as_login:
username_field = 'email'
else:
username_field = 'username'
# The term 'username' is not clear. It may be the user id or
# the login name. So here we try to be explicit.
# Generate a nice user id and store that in the data.
user_id = self.generate_user_id(data)
# Generate a nice login name and store that in the data.
login_name = self.generate_login_name(data)
# Do several checks to see if the user id and the login name
# are valid.
#
# Skip these checks if username was already in error list.
#
# Note that if we cannot generate a unique user id, it is not
# necessarily the fault of the username field, but it
# certainly is the most likely cause in a standard Plone
# setup.
# check if username is valid
# Skip this check if username was already in error list
if username_field not in error_keys:
# user id may not be the same as the portal id.
if user_id == portal.getId():
err_str = _(u"This username is reserved. Please choose a "
"different name.")
notifyWidgetActionExecutionError(action,
username_field, err_str)
# Check if user id is allowed by the member id pattern.
if username_field not in error_keys:
if not registration.isMemberIdAllowed(user_id):
err_str = _(u"The login name you selected is already in use "
"or is not valid. Please choose another.")
notifyWidgetActionExecutionError(action,
username_field, err_str)
if username_field not in error_keys:
# Check the uniqueness of the login name, not only when
# use_email_as_login is true, but always.
pas = getToolByName(self, 'acl_users')
results = pas.searchUsers(name=login_name, exact_match=True)
if results:
err_str = _(u"The login name you selected is already in use "
"or is not valid. Please choose another.")
notifyWidgetActionExecutionError(action,
username_field, err_str)
if 'password' in form_field_names and 'password' not in error_keys:
# Admin can either set a password or mail the user (or both).
if not (data['password'] or data['mail_me']):
err_str = _('msg_no_password_no_mail_me',
default=u"You must set a password or choose to "
"send an email.")
# set error on password field
notifyWidgetActionExecutionError(action, 'password', err_str)
notifyWidgetActionExecutionError(action, 'mail_me', err_str)