def sendmailUser_mask(req, id, err=0):
v = getAdminStdVars(req)
v["path"] = req.path[1:]
if id in["execute", "execu"]:
userid = req.params.get("userid")
user = getUser(userid)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(userid, path[-1])
password = makeRandomPassword()
user.resetPassword(password)
text = req.params.get("text")
text = text.replace("[wird eingesetzt]", password)
try:
mail.sendmail(req.params.get("from"), req.params.get("email"), req.params.get("subject"), text)
except mail.SocketError:
print "Socket error while sending mail"
req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR)
return req.getTAL("web/admin/modules/user.html", v, macro="sendmailerror")
return req.getTAL("web/admin/modules/user.html", v, macro="sendmaildone")
user = getUser(id)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(id, path[-1])
collections = []
seen = {}
access = acl.AccessData(user=user)
for node in getAllCollections():
if access.hasReadAccess(node):
if access.hasWriteAccess(node):
collections.append(node.name + " (lesen/schreiben)")
seen[node.id] = None
for node in tree.getRoot("collections").getChildren():
if access.hasReadAccess(node) and node.id not in seen:
collections.append(node.name + " (nur lesen)")
x = {}
x["name"] = "%s %s" % (user.getFirstName(), user.getLastName())
if(x["name"] == ""):
x["name"] = user.getName()
x["host"] = config.get("host.name")
x["login"] = user.getName()
x["isEditor"] = user.isEditor()
x["collections"] = list()
x["groups"] = user.getGroups()
x["groups"].sort()
x["language"] = lang(req)
x["collections"] = collections
x["collections"].sort()
v["mailtext"] = req.getTAL("web/admin/modules/user.html", x, macro="emailtext").strip()
v["email"] = user.getEmail()
v["userid"] = user.getName()
return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
def pwdforgotten(req):
if len(req.params) > 3: # user changed to browsing
return buildURL(req)
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
if req.params.get("action",
"") == "activate": # do activation of new password
id, key = req.params.get("key").replace("/", "").split('-')
targetuser = users.getUser(id)
if targetuser.get("newpassword.activation_key") == key:
newpassword = targetuser.get("newpassword.password")
if newpassword:
targetuser.set("password", newpassword)
print "password reset for user '%s' (id=%s) reset" % (
targetuser.getName(), targetuser.id)
targetuser.removeAttribute("newpassword.password")
targetuser.set("newpassword.time_activated",
date.format_date())
logging.getLogger('usertracing').info(
"new password activated for user: %s - was requested: %s by %s"
% (targetuser.getName(),
targetuser.get("newpassword.time_requested"),
targetuser.get("newpassword.request_ip")))
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"),
{"username": targetuser.getName()},
macro="pwdforgotten_password_activated"))
return httpstatus.HTTP_OK
else:
print "invalid key: wrong key or already used key"
navframe.write(
req,
req.getTAL(
theme.getTemplate("login.html"),
{"message": "pwdforgotten_password_invalid_key"},
macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
elif "user" in req.params: # create email with activation information
username = req.params.get("user", "")
if username == '':
req.params['error'] = "pwdforgotten_noentry"
else:
targetuser = users.getUser(username)
if not targetuser or not targetuser.canChangePWD():
logging.getLogger('usertracing').info(
"new password requested for non-existing user: "******"pwdforgotten_nosuchuser"
else:
password = users.makeRandomPassword()
randomkey = mkKey()
targetuser.set("newpassword.password",
hashlib.md5(password).hexdigest())
targetuser.set("newpassword.time_requested",
date.format_date())
targetuser.set("newpassword.activation_key", randomkey)
targetuser.set("newpassword.request_ip", req.ip)
v = {}
v["name"] = targetuser.getName()
v["host"] = config.get("host.name")
v["login"] = targetuser.getName()
v["language"] = lang(req)
v["activationlink"] = v[
"host"] + "/pwdforgotten?action=activate&key=%s-%s" % (
targetuser.id, randomkey)
v["email"] = targetuser.getEmail()
v["userid"] = targetuser.getName()
# going to send the mail
try:
mailtext = req.getTAL(theme.getTemplate("login.html"),
v,
macro="emailtext")
mailtext = mailtext.strip().replace(
"[$newpassword]",
password).replace("[wird eingesetzt]", password)
mail.sendmail(config.get("email.admin"),
targetuser.getEmail(),
t(lang(req), "pwdforgotten_email_subject"),
mailtext)
logging.getLogger('usertracing').info(
"new password requested for user: %s - activation email sent"
% username)
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"),
{"message": "pwdforgotten_butmailnowsent"},
macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
except mail.SocketError:
print "Socket error while sending mail"
logging.getLogger('usertracing').info(
"new password requested for user: %s - failed to send activation email"
% username)
return req.getTAL(
theme.getTemplate("login.html"),
{"message": "pwdforgotten_emailsenderror"},
macro="pwdforgotten_message")
# standard operation
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"), {
"error": req.params.get("error"),
"user": users.getUserFromRequest(req)
},
macro="pwdforgotten"))
return httpstatus.HTTP_OK
def sendmailUser_mask(req, id, err=0):
v = getAdminStdVars(req)
v["path"] = req.path[1:]
if id in ["execute", "execu"]:
userid = req.params.get("userid")
user = getUser(userid)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(userid, path[-1])
password = makeRandomPassword()
user.resetPassword(password)
text = req.params.get("text")
text = text.replace("[wird eingesetzt]", password)
try:
mail.sendmail(req.params.get("from"), req.params.get("email"),
req.params.get("subject"), text)
except mail.SocketError:
print "Socket error while sending mail"
req.setStatus(httpstatus.HTTP_INTERNAL_SERVER_ERROR)
return req.getTAL("web/admin/modules/user.html",
v,
macro="sendmailerror")
return req.getTAL("web/admin/modules/user.html",
v,
macro="sendmaildone")
user = getUser(id)
if not user:
path = req.path[1:].split("/")
user = getExternalUser(id, path[-1])
collections = []
seen = {}
access = acl.AccessData(user=user)
for node in getAllCollections():
if access.hasReadAccess(node):
if access.hasWriteAccess(node):
collections.append(node.name + " (lesen/schreiben)")
seen[node.id] = None
for node in tree.getRoot("collections").getChildren():
if access.hasReadAccess(node) and node.id not in seen:
collections.append(node.name + " (nur lesen)")
x = {}
x["name"] = "%s %s" % (user.getFirstName(), user.getLastName())
if (x["name"] == ""):
x["name"] = user.getName()
x["host"] = config.get("host.name")
x["login"] = user.getName()
x["isEditor"] = user.isEditor()
x["collections"] = list()
x["groups"] = user.getGroups()
x["groups"].sort()
x["language"] = lang(req)
x["collections"] = collections
x["collections"].sort()
v["mailtext"] = req.getTAL("web/admin/modules/user.html",
x,
macro="emailtext").strip()
v["email"] = user.getEmail()
v["userid"] = user.getName()
return req.getTAL("web/admin/modules/user.html", v, macro="sendmail")
def pwdforgotten(req):
if len(req.params) > 3: # user changed to browsing
return buildURL(req)
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
if req.params.get("action", "") == "activate": # do activation of new password
id, key = req.params.get("key").replace("/", "").split('-')
targetuser = users.getUser(id)
if targetuser.get("newpassword.activation_key") == key:
newpassword = targetuser.get("newpassword.password")
if newpassword:
targetuser.set("password", newpassword)
print "password reset for user '%s' (id=%s) reset" % (targetuser.getName(), targetuser.id)
targetuser.removeAttribute("newpassword.password")
targetuser.set("newpassword.time_activated", date.format_date())
logging.getLogger('usertracing').info(
"new password activated for user: %s - was requested: %s by %s" %
(targetuser.getName(),
targetuser.get("newpassword.time_requested"),
targetuser.get("newpassword.request_ip")))
navframe.write(
req, req.getTAL(
theme.getTemplate("login.html"), {
"username": targetuser.getName()}, macro="pwdforgotten_password_activated"))
return httpstatus.HTTP_OK
else:
print "invalid key: wrong key or already used key"
navframe.write(
req, req.getTAL(
theme.getTemplate("login.html"), {
"message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
elif "user" in req.params: # create email with activation information
username = req.params.get("user", "")
if username == '':
req.params['error'] = "pwdforgotten_noentry"
else:
targetuser = users.getUser(username)
if not targetuser or not targetuser.canChangePWD():
logging.getLogger('usertracing').info("new password requested for non-existing user: "******"pwdforgotten_nosuchuser"
else:
password = users.makeRandomPassword()
randomkey = mkKey()
targetuser.set("newpassword.password", hashlib.md5(password).hexdigest())
targetuser.set("newpassword.time_requested", date.format_date())
targetuser.set("newpassword.activation_key", randomkey)
targetuser.set("newpassword.request_ip", req.ip)
v = {}
v["name"] = targetuser.getName()
v["host"] = config.get("host.name")
v["login"] = targetuser.getName()
v["language"] = lang(req)
v["activationlink"] = v["host"] + "/pwdforgotten?action=activate&key=%s-%s" % (targetuser.id, randomkey)
v["email"] = targetuser.getEmail()
v["userid"] = targetuser.getName()
# going to send the mail
try:
mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext")
mailtext = mailtext.strip().replace("[$newpassword]", password).replace("[wird eingesetzt]", password)
mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext)
logging.getLogger('usertracing').info("new password requested for user: %s - activation email sent" % username)
navframe.write(
req, req.getTAL(
theme.getTemplate("login.html"), {
"message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message"))
return httpstatus.HTTP_OK
except mail.SocketError:
print "Socket error while sending mail"
logging.getLogger('usertracing').info(
"new password requested for user: %s - failed to send activation email" % username)
return req.getTAL(
theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message")
# standard operation
navframe.write(req, req.getTAL(theme.getTemplate("login.html"), {
"error": req.params.get("error"), "user": users.getUserFromRequest(req)}, macro="pwdforgotten"))
return httpstatus.HTTP_OK
