def _do_create(self, req): mgr = AccountManager(self.env) user = req.args.get('user') if not user: req.hdf['registration.error'] = 'Username cannot be empty.' return if mgr.has_user(user): req.hdf['registration.error'] = \ 'Another account with that name already exists.' return # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(self.env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): req.hdf['registration.error'] = \ 'Another account with that name already exists.' return password = req.args.get('password') if not password: req.hdf['registration.error'] = 'Password cannot be empty.' return if password != req.args.get('password_confirm'): req.hdf['registration.error'] = 'The passwords must match.' return mgr.set_password(user, password) req.redirect(self.env.href.login())
def _create_user(req, env, check_permissions=True): mgr = AccountManager(env) user = req.args.get('user') name = req.args.get('name') email = req.args.get('email') acctmgr = {'username' : user, 'name' : name, 'email' : email, } error = TracError('') error.acctmgr = acctmgr if not user: error.message = 'Username cannot be empty.' raise error if mgr.has_user(user): error.message = 'Another account with that name already exists.' raise error if check_permissions: # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): error.message = 'Another account with that name already exists.' raise error # password = req.args.get('password') # if not password: # error.message = 'Password cannot be empty.' # raise error # if password != req.args.get('password_confirm'): # error.message = 'The passwords must match.' # raise error db = env.get_db_cnx() cursor = db.cursor() cursor.execute("REPLACE INTO session " "(sid, authenticated, last_visit) " "VALUES (%s, 1, 0)", (user,)) for key in ('name', 'email'): value = req.args.get(key) if not value: continue cursor.execute("REPLACE INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,%s,%s)", (user, key, value)) db.commit() try: mgr.set_password(user, "setinldap") except TracError, e: e.acctmgr = acctmgr raise e
def _create_user(req, env, check_permissions=True): mgr = AccountManager(env) user = req.args.get('user') if not user: raise TracError('Username cannot be empty.') if mgr.has_user(user): raise TracError('Another account with that name already exists.') if check_permissions: # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): raise TracError('Another account with that name already exists.') password = req.args.get('password') if not password: raise TracError('Password cannot be empty.') if password != req.args.get('password_confirm'): raise TracError('The passwords must match.') mgr.set_password(user, password) db = env.get_db_cnx() cursor = db.cursor() cursor.execute( "SELECT count(*) FROM session " "WHERE sid=%s AND authenticated=1", (user, )) exists, = cursor.fetchone() if not exists: cursor.execute( "INSERT INTO session " "(sid, authenticated, last_visit) " "VALUES (%s, 1, 0)", (user, )) for key in ('name', 'email'): value = req.args.get(key) if not value: continue cursor.execute( "UPDATE session_attribute SET value=%s " "WHERE name=%s AND sid=%s AND authenticated=1", (value, key, user)) if not cursor.rowcount: cursor.execute( "INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,%s,%s)", (user, key, value)) db.commit()
def _create_user(req, env, check_permissions=True): mgr = AccountManager(env) user = req.args.get('user') if not user: raise TracError('Username cannot be empty.') if mgr.has_user(user): raise TracError('Another account with that name already exists.') if check_permissions: # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): raise TracError('Another account with that name already exists.') password = req.args.get('password') if not password: raise TracError('Password cannot be empty.') if password != req.args.get('password_confirm'): raise TracError('The passwords must match.') mgr.set_password(user, password) db = env.get_db_cnx() cursor = db.cursor() cursor.execute("SELECT count(*) FROM session " "WHERE sid=%s AND authenticated=1", (user,)) exists, = cursor.fetchone() if not exists: cursor.execute("INSERT INTO session " "(sid, authenticated, last_visit) " "VALUES (%s, 1, 0)", (user,)) for key in ('name', 'email'): value = req.args.get(key) if not value: continue cursor.execute("UPDATE session_attribute SET value=%s " "WHERE name=%s AND sid=%s AND authenticated=1", (value, key, user)) if not cursor.rowcount: cursor.execute("INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,%s,%s)", (user, key, value)) db.commit()
def _create_user(req, env, check_permissions=True): mgr = AccountManager(env) user = req.args.get('user') name = req.args.get('name') email = req.args.get('email') acctmgr = {'username' : user, 'name' : name, 'email' : email, } error = TracError('') error.acctmgr = acctmgr if not user: error.message = 'Username cannot be empty.' raise error if mgr.has_user(user): error.message = 'Another account with that name already exists.' raise error if check_permissions: # disallow registration of accounts which have existing permissions permission_system = perm.PermissionSystem(env) if permission_system.get_user_permissions(user) != \ permission_system.get_user_permissions('authenticated'): error.message = 'Another account with that name already exists.' raise error password = req.args.get('password') if not password: error.message = 'Password cannot be empty.' raise error if password != req.args.get('password_confirm'): error.message = 'The passwords must match.' raise error if not email: error.message = 'You must provide an Email'; raise error try: mgr.set_password(user, password) except TracError, e: e.acctmge = acctmgr raise e
def _do_change_password(self, req): user = req.authname mgr = AccountManager(self.env) old_password = req.args.get('old_password') if not old_password: return {'save_error': 'Old Password cannot be empty.'} if not mgr.check_password(user, old_password): return {'save_error': 'Old Password is incorrect.'} password = req.args.get('password') if not password: return {'save_error': 'Password cannot be empty.'} if password != req.args.get('password_confirm'): return {'save_error': 'The passwords must match.'} mgr.set_password(user, password) return {'message': 'Password successfully updated.'}
def _do_change_password(self, req): user = req.authname mgr = AccountManager(self.env) old_password = req.args.get('old_password') if not old_password: req.hdf['account.save_error'] = 'Old Password cannot be empty.' return if not mgr.check_password(user, old_password): req.hdf['account.save_error'] = 'Old Password is incorrect.' return password = req.args.get('password') if not password: req.hdf['account.save_error'] = 'Password cannot be empty.' return if password != req.args.get('password_confirm'): req.hdf['account.save_error'] = 'The passwords must match.' return mgr.set_password(user, password) req.hdf['account.message'] = 'Password successfully updated.'
def _do_reset_password(self, req): if req.authname and req.authname != 'anonymous': return {'logged_in': True} if req.method != 'POST': return {} username = req.args.get('username') email = req.args.get('email') if not username: return {'error': 'Username is required'} if not email: return {'error': 'Email is required'} notifier = PasswordResetNotification(self.env) if email != notifier.email_map.get(username): return {'error': 'The email and username do not ' 'match a known account.'} new_password = self._random_password() notifier.notify(username, new_password) mgr = AccountManager(self.env) mgr.set_password(username, new_password) if mgr.force_passwd_change: db = self.env.get_db_cnx() cursor = db.cursor() cursor.execute("UPDATE session_attribute SET value=%s " "WHERE name=%s AND sid=%s AND authenticated=1", (1, "force_change_passwd", username)) if not cursor.rowcount: cursor.execute("INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,%s,%s)", (username, "force_change_passwd", 1)) db.commit() return {'sent_to_email': email}