示例#1
0
    def _do_create(self, req):
        mgr = AccountManager(self.env)

        user = req.args.get('user')
        if not user:
            req.hdf['registration.error'] = 'Username cannot be empty.'
            return

        if mgr.has_user(user):
            req.hdf['registration.error'] = \
                'Another account with that name already exists.'
            return

        # disallow registration of accounts which have existing permissions
        permission_system = perm.PermissionSystem(self.env)
        if permission_system.get_user_permissions(user) != \
           permission_system.get_user_permissions('authenticated'):
            req.hdf['registration.error'] = \
                'Another account with that name already exists.'
            return

        password = req.args.get('password')
        if not password:
            req.hdf['registration.error'] = 'Password cannot be empty.'
            return

        if password != req.args.get('password_confirm'):
            req.hdf['registration.error'] = 'The passwords must match.'
            return

        mgr.set_password(user, password)
        req.redirect(self.env.href.login())
示例#2
0
 def process_request(self, req):
     if 'email_verification_token' not in req.session:
         chrome.add_notice(req, 'Your email is already verified')
     elif req.method != 'POST':
         pass
     elif 'resend' in req.args:
         mgr = AccountManager(self.env)
         mgr._notify(
             'email_verification_requested', 
             req.authname, 
             req.session['email_verification_token']
         )
         chrome.add_notice(req,
                 'A notification email has been resent to %s.',
                 req.session.get('email'))
     elif 'verify' in req.args:
         if req.args['token'] == req.session['email_verification_token']:
             del req.session['email_verification_token']
             chrome.add_notice(req, 'Thank you for verifying your email address')
         else:
             chrome.add_warning(req, 'Invalid verification token')
     data = {}
     if 'token' in req.args:
         data['token'] = req.args['token']
     return 'verify_email.html', data, None
示例#3
0
    def _do_create(self, req):
        mgr = AccountManager(self.env)

        user = req.args.get('user')
        if not user:
            req.hdf['registration.error'] = 'Username cannot be empty.'
            return

        if mgr.has_user(user):
            req.hdf['registration.error'] = \
                'Another account with that name already exists.'
            return

        # disallow registration of accounts which have existing permissions
        permission_system = perm.PermissionSystem(self.env)
        if permission_system.get_user_permissions(user) != \
           permission_system.get_user_permissions('authenticated'):
            req.hdf['registration.error'] = \
                'Another account with that name already exists.'
            return

        password = req.args.get('password')
        if not password:
            req.hdf['registration.error'] = 'Password cannot be empty.'
            return

        if password != req.args.get('password_confirm'):
            req.hdf['registration.error'] = 'The passwords must match.'
            return

        mgr.set_password(user, password)
        req.redirect(self.env.href.login())
示例#4
0
def _create_user(req, env, check_permissions=True):
    mgr = AccountManager(env)

    user = req.args.get('user')
    name = req.args.get('name')
    email = req.args.get('email')
    acctmgr = {'username' : user,
               'name' : name,
               'email' : email,
              }
    error = TracError('')
    error.acctmgr = acctmgr
    if not user:
        error.message = 'Username cannot be empty.'
        raise error

    if mgr.has_user(user):
        error.message = 'Another account with that name already exists.'
        raise error

    if check_permissions:
        # disallow registration of accounts which have existing permissions
        permission_system = perm.PermissionSystem(env)
        if permission_system.get_user_permissions(user) != \
           permission_system.get_user_permissions('authenticated'):
            error.message = 'Another account with that name already exists.'
            raise error

#     password = req.args.get('password')
#     if not password:
#         error.message = 'Password cannot be empty.'
#         raise error

#     if password != req.args.get('password_confirm'):
#         error.message = 'The passwords must match.'
#         raise error

    db = env.get_db_cnx()
    cursor = db.cursor()
    cursor.execute("REPLACE INTO session "
                   "(sid, authenticated, last_visit) "
                   "VALUES (%s, 1, 0)",
                   (user,))

    for key in ('name', 'email'):
        value = req.args.get(key)
        if not value:
            continue
        cursor.execute("REPLACE INTO session_attribute "
                       "(sid,authenticated,name,value) "
                       "VALUES (%s,1,%s,%s)",
                       (user, key, value))
    db.commit()

    try:
        mgr.set_password(user, "setinldap")
    except TracError, e:
        e.acctmgr = acctmgr
        raise e
示例#5
0
    def _do_delete(self, req):
        user = req.authname
        mgr = AccountManager(self.env)

        password = req.args.get('password')
        if not password:
            return {'delete_error': 'Password cannot be empty.'}
        if not mgr.check_password(user, password):
            return {'delete_error': 'Password is incorrect.'}

        mgr.delete_user(user)
        req.redirect(req.href.logout())
示例#6
0
    def _do_delete(self, req):
        user = req.authname
        mgr = AccountManager(self.env)
        password = req.args.get('password')
        if not password:
            req.hdf['account.delete_error'] = 'Password cannot be empty.'
            return
        if not mgr.check_password(user, password):
            req.hdf['account.delete_error'] = 'Password is incorrect.'
            return

        mgr.delete_user(user)
        req.redirect(self.env.href.logout())
示例#7
0
def _create_user(req, env, check_permissions=True):
    mgr = AccountManager(env)

    user = req.args.get('user')
    if not user:
        raise TracError('Username cannot be empty.')

    if mgr.has_user(user):
        raise TracError('Another account with that name already exists.')

    if check_permissions:
        # disallow registration of accounts which have existing permissions
        permission_system = perm.PermissionSystem(env)
        if permission_system.get_user_permissions(user) != \
           permission_system.get_user_permissions('authenticated'):
            raise TracError('Another account with that name already exists.')

    password = req.args.get('password')
    if not password:
        raise TracError('Password cannot be empty.')

    if password != req.args.get('password_confirm'):
        raise TracError('The passwords must match.')

    mgr.set_password(user, password)

    db = env.get_db_cnx()
    cursor = db.cursor()
    cursor.execute(
        "SELECT count(*) FROM session "
        "WHERE sid=%s AND authenticated=1", (user, ))
    exists, = cursor.fetchone()
    if not exists:
        cursor.execute(
            "INSERT INTO session "
            "(sid, authenticated, last_visit) "
            "VALUES (%s, 1, 0)", (user, ))

    for key in ('name', 'email'):
        value = req.args.get(key)
        if not value:
            continue
        cursor.execute(
            "UPDATE session_attribute SET value=%s "
            "WHERE name=%s AND sid=%s AND authenticated=1", (value, key, user))
        if not cursor.rowcount:
            cursor.execute(
                "INSERT INTO session_attribute "
                "(sid,authenticated,name,value) "
                "VALUES (%s,1,%s,%s)", (user, key, value))
    db.commit()
示例#8
0
def _create_user(req, env, check_permissions=True):
    mgr = AccountManager(env)

    user = req.args.get('user')
    if not user:
        raise TracError('Username cannot be empty.')

    if mgr.has_user(user):
        raise TracError('Another account with that name already exists.')

    if check_permissions:
        # disallow registration of accounts which have existing permissions
        permission_system = perm.PermissionSystem(env)
        if permission_system.get_user_permissions(user) != \
           permission_system.get_user_permissions('authenticated'):
            raise TracError('Another account with that name already exists.')

    password = req.args.get('password')
    if not password:
        raise TracError('Password cannot be empty.')

    if password != req.args.get('password_confirm'):
        raise TracError('The passwords must match.')

    mgr.set_password(user, password)

    db = env.get_db_cnx()
    cursor = db.cursor()
    cursor.execute("SELECT count(*) FROM session "
                   "WHERE sid=%s AND authenticated=1",
                   (user,))
    exists, = cursor.fetchone()
    if not exists:
        cursor.execute("INSERT INTO session "
                       "(sid, authenticated, last_visit) "
                       "VALUES (%s, 1, 0)",
                       (user,))

    for key in ('name', 'email'):
        value = req.args.get(key)
        if not value:
            continue
        cursor.execute("UPDATE session_attribute SET value=%s "
                       "WHERE name=%s AND sid=%s AND authenticated=1",
                       (value, key, user))
        if not cursor.rowcount:
            cursor.execute("INSERT INTO session_attribute "
                           "(sid,authenticated,name,value) "
                           "VALUES (%s,1,%s,%s)",
                           (user, key, value))
    db.commit()
示例#9
0
    def _do_reset_password(self, req):
        if req.authname != 'anonymous':
            req.hdf['reset.logged_in'] = True
            req.hdf['account_href'] = req.href.account()
            return
        if req.method == 'POST':
            username = req.args.get('username')
            email = req.args.get('email')
            if not username:
                req.hdf['reset.error'] = 'Username is required'
                return
            if not email:
                req.hdf['reset.error'] = 'Email is required'
                return
            for username_, name, email_ in self.env.get_known_users():
                if username_ == username and email_ == email:
                    break
            else:
                req.hdf['reset.error'] = 'Username and email must match.'
                return

            notifier = PasswordResetNotification(self.env)

            if email != notifier.email_map.get(username):
                req.hdf['reset.error'] = 'The email and username do not ' \
                                         'match a known account.'
                return

            new_password = self._random_password()
            notifier.notify(username, new_password)
            AccountManager(self.env).set_password(username, new_password)
            req.hdf['reset.sent_to_email'] = email
示例#10
0
 def _remote_user(self, req):
     user = req.args.get('user')
     password = req.args.get('password')
     if not user or not password:
         return None
     if AccountManager(self.env).check_password(user, password):
         return user
     return None
示例#11
0
def _create_user(req, env, check_permissions=True):
    mgr = AccountManager(env)

    user = req.args.get('user')
    name = req.args.get('name')
    email = req.args.get('email')
    acctmgr = {'username' : user,
               'name' : name,
               'email' : email,
              }
    error = TracError('')
    error.acctmgr = acctmgr
    if not user:
        error.message = 'Username cannot be empty.'
        raise error

    if mgr.has_user(user):
        error.message = 'Another account with that name already exists.'
        raise error

    if check_permissions:
        # disallow registration of accounts which have existing permissions
        permission_system = perm.PermissionSystem(env)
        if permission_system.get_user_permissions(user) != \
           permission_system.get_user_permissions('authenticated'):
            error.message = 'Another account with that name already exists.'
            raise error

    password = req.args.get('password')
    if not password:
        error.message = 'Password cannot be empty.'
        raise error

    if password != req.args.get('password_confirm'):
        error.message = 'The passwords must match.'
        raise error

    if not email:
        error.message = 'You must provide an Email';
        raise error

    try:
        mgr.set_password(user, password)
    except TracError, e:
        e.acctmge = acctmgr
        raise e
示例#12
0
    def _do_reset_password(self, req):
        if req.authname and req.authname != 'anonymous':
            return {'logged_in': True}
        if req.method != 'POST':
            return {}
        username = req.args.get('username')
        email = req.args.get('email')
        if not username:
            return {'error': 'Username is required'}
        if not email:
            return {'error': 'Email is required'}

        new_password = self._random_password()
        mgr = AccountManager(self.env)
        try:
            mgr._notify('password_reset', username, email, new_password)
        except Exception, e:
            return {'error': ','.join(e.args)}
示例#13
0
    def _do_change_password(self, req):
        user = req.authname
        mgr = AccountManager(self.env)

        old_password = req.args.get('old_password')
        if not old_password:
            return {'save_error': 'Old Password cannot be empty.'}
        if not mgr.check_password(user, old_password):
            return {'save_error': 'Old Password is incorrect.'}

        password = req.args.get('password')
        if not password:
            return {'save_error': 'Password cannot be empty.'}

        if password != req.args.get('password_confirm'):
            return {'save_error': 'The passwords must match.'}

        mgr.set_password(user, password)
        return {'message': 'Password successfully updated.'}
示例#14
0
 def _do_account(self, req):
     if req.authname == 'anonymous':
         req.redirect(self.env.href.wiki())
     action = req.args.get('action')
     delete_enabled = AccountManager(self.env).supports('delete_user')
     req.hdf['delete_enabled'] = delete_enabled
     if req.method == 'POST':
         if action == 'change_password':
             self._do_change_password(req)
         elif action == 'delete':
             self._do_delete(req)
示例#15
0
 def _enable_check(self, log=False):
     writable = AccountManager(self.env).supports('set_password')
     ignore_case = auth.LoginModule(self.env).ignore_case
     if log:
         if not writable:
             self.log.warn('RegistrationModule is disabled because the '
                           'password store does not support writing.')
         if ignore_case:
             self.log.warn('RegistrationModule is disabled because '
                           'ignore_auth_case is enabled in trac.ini.  '
                           'This setting needs disabled to support '
                           'registration.')
     return writable and not ignore_case
示例#16
0
    def _do_change_password(self, req):
        user = req.authname
        mgr = AccountManager(self.env)
        old_password = req.args.get('old_password')
        if not old_password:
            req.hdf['account.save_error'] = 'Old Password cannot be empty.'
            return
        if not mgr.check_password(user, old_password):
            req.hdf['account.save_error'] = 'Old Password is incorrect.'
            return

        password = req.args.get('password')
        if not password:
            req.hdf['account.save_error'] = 'Password cannot be empty.'
            return

        if password != req.args.get('password_confirm'):
            req.hdf['account.save_error'] = 'The passwords must match.'
            return

        mgr.set_password(user, password)
        req.hdf['account.message'] = 'Password successfully updated.'
示例#17
0
    def _do_change_password(self, req):
        user = req.authname
        password = req.args.get('password')
        if not password:
            req.hdf['account.error'] = 'Password cannot be empty.'
            return

        if password != req.args.get('password_confirm'):
            req.hdf['account.error'] = 'The passwords must match.'
            return

        AccountManager(self.env).set_password(user, password)
        req.hdf['account.message'] = 'Password successfully updated.'
示例#18
0
    def _do_reset_password(self, req):
        if req.authname and req.authname != 'anonymous':
            return {'logged_in': True}
        if req.method != 'POST':
            return {}
        username = req.args.get('username')
        email = req.args.get('email')
        if not username:
            return {'error': 'Username is required'}
        if not email:
            return {'error': 'Email is required'}

        notifier = PasswordResetNotification(self.env)

        if email != notifier.email_map.get(username):
            return {'error': 'The email and username do not '
                             'match a known account.'}

        new_password = self._random_password()
        notifier.notify(username, new_password)
        mgr = AccountManager(self.env)
        mgr.set_password(username, new_password)
        if mgr.force_passwd_change:
            db = self.env.get_db_cnx()
            cursor = db.cursor()
            cursor.execute("UPDATE session_attribute SET value=%s "
                           "WHERE name=%s AND sid=%s AND authenticated=1",
                           (1, "force_change_passwd", username))
            if not cursor.rowcount:
                cursor.execute("INSERT INTO session_attribute "
                               "(sid,authenticated,name,value) "
                               "VALUES (%s,1,%s,%s)",
                               (username, "force_change_passwd", 1))
            db.commit()

        return {'sent_to_email': email}
示例#19
0
    def post_process_request(self, req, template, data, content_type):
        if not req.session.authenticated:
            # Anonymous users should register and perms should be tweaked so
            # that anonymous users can't edit wiki pages and change or create
            # tickets. As such, this email verifying code won't be used on them
            return template, data, content_type

        email = req.session.get('email')
        # Only send verification if the user actually entered en email address.
        if email and email != req.session.get('email_verification_sent_to'):
            req.session['email_verification_token'] = self._gen_token()
            req.session['email_verification_sent_to'] = email
            mgr = AccountManager(self.env)
            mgr._notify(
                'email_verification_requested', 
                req.authname, 
                req.session['email_verification_token']
            )
            chrome.add_notice(req, Markup(tag.span(
                    'An email has been sent to ', email,
                    ' with a token to ',
                    tag.a(href=req.href.verify_email())(
                        'verify your new email address'))))
        return template, data, content_type
示例#20
0
 def _write_check(self, log=False):
     writable = AccountManager(self.env).supports('set_password')
     if not writable and log:
         self.log.warn('AccountModule is disabled because the password '
                       'store does not support writing.')
     return writable
示例#21
0
 def _do_delete(self, req):
     user = req.authname
     AccountManager(self.env).delete_user(user)
     req.redirect(self.env.href.logout())