X-Git-Url: https://svn.cri.ensmp.fr/git/Plinn.git/blobdiff_plain/7b145f8e9dea2adbf9616bd40f80be71e557c9bd..ba5dfbeadced3f2773dfee1bad46c9b86d4f4a86:/RegistrationTool.py?ds=inline diff --git a/RegistrationTool.py b/RegistrationTool.py index 953e008..f31a5c6 100644 --- a/RegistrationTool.py +++ b/RegistrationTool.py @@ -36,9 +36,11 @@ from Products.CMFCore.utils import getToolByName from Products.CMFCore.utils import getUtilityByInterfaceName from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups from Products.Plinn.utils import Message as _ +from Products.Plinn.utils import encodeQuopriEmail from DateTime import DateTime from types import TupleType, ListType from uuid import uuid4 +from quopri import encodestring security = ModuleSecurityInfo('Products.Plinn.RegistrationTool') MODE_ANONYMOUS = 'anonymous' @@ -199,14 +201,33 @@ class RegistrationTool(BaseRegistrationTool) : member = mtool.getMemberById(userid) if member : uuid = str(uuid4()) + while self._passwordResetRequests.has_key(uuid) : + uuid = str(uuid4()) self._passwordResetRequests[uuid] = (userid, DateTime() + 1) - mailhost = getUtilityByInterfaceName('Products.MailHost.interfaces.IMailHost') - ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool') utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool') - sender = ptool.getProperty('email_from_address') - to = member.getProperty('email') + ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool') + # fuck : mailhost récupéré avec getUtilityByInterfaceName n'est pas correctement + # wrappé. Un « unrestrictedTraverse » ne marche pas. + # mailhost = getUtilityByInterfaceName('Products.MailHost.interfaces.IMailHost') + portal = utool.getPortalObject() + mailhost = portal.MailHost + sender = encodeQuopriEmail(ptool.getProperty('email_from_name'), ptool.getProperty('email_from_address')) + to = encodeQuopriEmail(member.getMemberFullName(nameBefore=0), member.getProperty('email')) + subject = "=?utf-8?q?%s?=" % encodestring('Password reset') + lines = [] + pr = lines.append + pr('%s/password_reset_form/%s' % (utool(), uuid)) + body = '\n'.join(lines) message = self.echange_mail_template(From=sender, - To=to) + To=to, + Subject=subject, + ContentType = 'text/plain', + charset = 'UTF-8', + body=body) + mailhost.send(message) + return + + return _('Unknown user name. Please retry.') security.declarePrivate('clearExpiredPasswordResetRequests') def clearExpiredPasswordResetRequests(self): @@ -218,16 +239,13 @@ class RegistrationTool(BaseRegistrationTool) : security.declarePublic('resetPassword') - def resetPassword(self, userid, uuid, password, confirm) : + def resetPassword(self, uuid, password, confirm) : record = self._passwordResetRequests.get(uuid) if not record : return _('Invalid reset password request.') - recUserid, expiration = record - - if recUserid != userid : - return _('Invalid userid.') - + userid, expiration = record + now = DateTime() if expiration < now : self.clearExpiredPasswordResetRequests() return _('Your reset password request has expired. You can ask a new one.')