Changeset 346

Timestamp:

06/29/08 10:57:38 (5 years ago)

Author:

dgynn

Message:

updating accountmanagerplugin to  th:rev:3857

Location:

trunk/trac-hacks/accountmanagerplugin/acct_mgr

Files:

• htfile.py (modified) (1 diff)
• pwhash.py (modified) (2 diffs)
• templates/login.html (modified) (1 diff)
• templates/prefs_account.html (modified) (2 diffs)
• templates/register.html (modified) (1 diff)
• templates/reset_password.html (modified) (1 diff)
• templates/verify_email.html (added)
• templates/verify_email.txt (added)
• tests/__init__.py (modified) (2 diffs)
• tests/db.py (modified) (1 diff)
• tests/functional (added)
• tests/functional/__init__.py (added)
• tests/functional/smtpd.py (added)
• tests/functional/testcases.py (added)
• tests/functional/testenv.py (added)
• tests/functional/tester.py (added)
• tests/htfile.py (modified) (1 diff)
• util.py (modified) (1 diff)
• web_ui.py (modified) (7 diffs)

trunk/trac-hacks/accountmanagerplugin/acct_mgr/htfile.py

@@ -84 +84 @@
                         print userline
                     matched = True
-                else:
+                elif line.endswith('\n'):
                     print line,
+                else: # make sure the last line has a newline
+                    print line
         except EnvironmentError, e:
             if e.errno == errno.ENOENT:

trunk/trac-hacks/accountmanagerplugin/acct_mgr/pwhash.py

@@ -17 +17 @@
 
 from md5crypt import md5crypt
+from acct_mgr.util import urandom
 
 class IPasswordHashMethod(Interface):
@@ -64 +65 @@
     crypt = None
 
-# os.urandom was added in Python 2.4
-# try to fall back on reading from /dev/urandom on older Python versions
-try:
-    from os import urandom
-except ImportError:
-    from random import randrange
-    def urandom(n):
-        return ''.join([chr(randrange(256)) for _ in xrange(n)])
-
 def salt():
     s = ''

trunk/trac-hacks/accountmanagerplugin/acct_mgr/templates/login.html

@@ -25 +25 @@
       </div>
 
-      <form method="post" action="">
+      <form method="post" id="acctmgr_loginform" action="">
         <input type="hidden" name="referer" value="${referer}" />
         <div>

trunk/trac-hacks/accountmanagerplugin/acct_mgr/templates/prefs_account.html

@@ -20 +20 @@
     </div>
 
-    <form method="post" action=""
+    <form method="post" action="" id="acctmgr_delete_account"
           onsubmit="return confirm('Are you sure you want to delete your account?');">
       <div class="field">
@@ -44 +44 @@
       <h2>Error</h2>
       <p>$account.error</p>
-    </div>
-    <div class="system-message" py:if="account.force_change_passwd">
-      <h2>Immediate action required</h2>
-      <p>You are required to change password because of a recent
-        password change request.</p>
-      <p><strong>Please change your password now.</strong></p>
     </div>
     <p py:if="account.message">$account.message</p>

trunk/trac-hacks/accountmanagerplugin/acct_mgr/templates/register.html

@@ -24 +24 @@
       </div>
 
-      <form method="post" action="">
+      <form method="post" id="acctmgr_registerform" action="">
         <fieldset>
           <legend>Required</legend>

trunk/trac-hacks/accountmanagerplugin/acct_mgr/templates/reset_password.html

@@ -41 +41 @@
       <p py:if="reset.message">$reset.message</p>
 
-      <form method="post" action="">
+      <form method="post" id="acctmgr_passwd_reset" action="">
         <div>
           <label>Username:

trunk/trac-hacks/accountmanagerplugin/acct_mgr/tests/__init__.py

@@ -12 +12 @@
 import doctest
 import unittest
+try:
+    import twill, subprocess
+    INCLUDE_FUNCTIONAL_TESTS = True
+except ImportError:    
+    INCLUDE_FUNCTIONAL_TESTS = False
 
 def suite():
@@ -18 +23 @@
     suite.addTest(htfile.suite())
     suite.addTest(db.suite())
+    if INCLUDE_FUNCTIONAL_TESTS:
+        from acct_mgr.tests.functional import suite as functional_suite
+        suite.addTest(functional_suite())
     return suite
 
 if __name__ == '__main__':
+    import sys
+    if '--skip-functional-tests' in sys.argv:
+        sys.argv.remove('--skip-functional-tests')
+        INCLUDE_FUNCTIONAL_TESTS = False
     unittest.main(defaultTest='suite')

trunk/trac-hacks/accountmanagerplugin/acct_mgr/tests/db.py

@@ -22 +22 @@
     def setUp(self):
         #self.basedir = os.path.realpath(tempfile.mkdtemp())
-        self.env = EnvironmentStub()
+        self.env = EnvironmentStub(enable=['trac.*', 'acct_mgr.*'])
         self.env.config.set('account-manager', 'password_store',
                             'SessionStore')

trunk/trac-hacks/accountmanagerplugin/acct_mgr/tests/htfile.py

@@ -86 +86 @@
                                'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
 
+    def test_add_with_no_trailing_newline(self):
+        filename = self._create_file('test_add_with_no_trailing_newline',
+                                     content='user:$apr1$'
+                                             'xW/09...$fb150dT95SoL1HwXtHS/I0')
+        self.env.config.set('account-manager', 'password_file', filename)
+        self.assertTrue(self.store.check_password('user', 'password'))
+        self.store.set_password('user2', 'password2')
+        self.assertTrue(self.store.check_password('user', 'password'))
+        self.assertTrue(self.store.check_password('user2', 'password2'))
+
 
 def suite():

trunk/trac-hacks/accountmanagerplugin/acct_mgr/util.py

@@ -23 +23 @@
             return path
         return os.path.normpath(os.path.join(instance.env.path, path))
+
+
+# os.urandom was added in Python 2.4
+# try to fall back on pseudo-random values if it's not available
+try:
+    from os import urandom
+except ImportError:
+    from random import randrange
+    def urandom(n):
+        return ''.join([chr(randrange(256)) for _ in xrange(n)])
+
+

trunk/trac-hacks/accountmanagerplugin/acct_mgr/web_ui.py

@@ -10 +10 @@
 # Author: Matthew Good <trac@matt-good.net>
 
+import base64
+import os
 import random
 import string
@@ -21 +23 @@
 from trac.web.api import IAuthenticator
 from trac.web.main import IRequestHandler, IRequestFilter
+from trac.web import chrome
 from trac.web.chrome import INavigationContributor, ITemplateProvider
 from genshi.builder import tag
 
 from api import AccountManager
+from acct_mgr.util import urandom
 
 def _create_user(req, env, check_permissions=True):
@@ -79 +83 @@
 
 
-class PasswordResetNotification(NotifyEmail):
-    template_name = 'reset_password_email.txt'
+class SingleUserNofification(NotifyEmail):
+    """Helper class used for account email notifications which should only be
+    sent to one persion, not including the rest of the normally CCed users
+    """
     _username = None
 
@@ -95 +101 @@
             return None
 
-    def notify(self, username, password):
+    def notify(self, username, subject):
         # save the username for use in `get_smtp_address`
         self._username = username
+        old_public_cc = self.config.getbool('notification', 'use_public_cc')
+        # override public cc option so that the user's email is included in the To: field
+        self.config.set('notification', 'use_public_cc', 'true')
+        try:
+            NotifyEmail.notify(self, username, subject)
+        finally:
+            self.config.set('notification', 'use_public_cc', old_public_cc)
+
+
+class PasswordResetNotification(SingleUserNofification):
+    template_name = 'reset_password_email.txt'
+
+    def notify(self, username, password):
         self.data.update({
             'account': {
@@ -111 +130 @@
         subject = '[%s] Trac password reset for user: %s' % (projname, username)
 
-        NotifyEmail.notify(self, username, subject)
+        SingleUserNofification.notify(self, username, subject)
 
 
@@ -195 +214 @@
         data = {'delete_enabled': delete_enabled}
         force_change_password = req.session.get('force_change_passwd', False)
-        if force_change_password:
-            data['force_change_passwd'] = True
         if req.method == 'POST':
             if action == 'save':
                 data.update(self._do_change_password(req))
                 if force_change_password:
-                    data['force_change_passwd'] = False
                     del(req.session['force_change_passwd'])
                     req.session.save()
+                    chrome.add_notice(req, MessageWrapper(tag(
+                        "Thank you for taking the time to update your password."
+                    )))
+                    force_change_password = False
             elif action == 'delete' and delete_enabled:
                 data.update(self._do_delete(req))
             else:
                 data.update({'error': 'Invalid action'})
+        if force_change_password:
+            chrome.add_warning(req, MessageWrapper(tag(
+                "You are required to change password because of a recent "
+                "password change request. ",
+                tag.b("Please change your password now."))))
         return data
 
@@ -453 +478 @@
         return [resource_filename(__name__, 'templates')]
 
+
+class MessageWrapper(object):
+    """Wrapper for add_warning and add_notice to work around the requirement
+    for a % operator."""
+    def __init__(self, body):
+        self.body = body
+
+    def __mod__(self, rhs):
+        return self.body
+
+
+class EmailVerificationNotification(SingleUserNofification):
+    template_name = 'verify_email.txt'
+
+    def notify(self, username, token):
+        self.data.update({
+            'account': {
+                'username': username,
+                'token': token,
+            },
+            'verify': {
+                'link': self.env.abs_href.verify_email(token=token),
+            }
+        })
+
+        projname = self.config.get('project', 'name')
+        subject = '[%s] Trac email verification for user: %s' % (projname, username)
+
+        SingleUserNofification.notify(self, username, subject)
+
+
+class EmailVerificationModule(Component):
+    implements(IRequestFilter, IRequestHandler)
+
+    # IRequestFilter methods
+
+    def pre_process_request(self, req, handler):
+        if not req.session.authenticated:
+            # Anonymous users should register and perms should be tweaked so
+            # that anonymous users can't edit wiki pages and change or create
+            # tickets. As such, this email verifying code won't be used on them
+            return handler
+        if handler is not self and 'email_verification_token' in req.session:
+            chrome.add_warning(req, MessageWrapper(tag.span(
+                    'Your permissions have been limited until you ',
+                    tag.a(href=req.href.verify_email())(
+                          'verify your email address'))))
+            req.perm = perm.PermissionCache(self.env, 'anonymous')
+        return handler
+
+    def post_process_request(self, req, template, data, content_type):
+        if not req.session.authenticated:
+            # Anonymous users should register and perms should be tweaked so
+            # that anonymous users can't edit wiki pages and change or create
+            # tickets. As such, this email verifying code won't be used on them
+            return template, data, content_type
+        if req.session.get('email') != req.session.get('email_verification_sent_to'):
+            req.session['email_verification_token'] = self._gen_token()
+            req.session['email_verification_sent_to'] = req.session.get('email')
+            self._send_email(req)
+            chrome.add_notice(req, MessageWrapper(tag.span(
+                    'An email has been sent to ', req.session['email'],
+                    ' with a token to ',
+                    tag.a(href=req.href.verify_email())(
+                        'verify your new email address'))))
+        return template, data, content_type
+
+    # IRequestHandler methods
+
+    def match_request(self, req):
+        return req.path_info == '/verify_email'
+
+    def process_request(self, req):
+        if 'email_verification_token' not in req.session:
+            chrome.add_notice(req, 'Your email is already verified')
+        elif req.method != 'POST':
+            pass
+        elif 'resend' in req.args:
+            self._send_email(req)
+            chrome.add_notice(req,
+                    'A notification email has been resent to %s.',
+                    req.session.get('email'))
+        elif 'verify' in req.args:
+            if req.args['token'] == req.session['email_verification_token']:
+                del req.session['email_verification_token']
+                chrome.add_notice(req, 'Thank you for verifying your email address')
+            else:
+                chrome.add_warning(req, 'Invalid verification token')
+        data = {}
+        if 'token' in req.args:
+            data['token'] = req.args['token']
+        return 'verify_email.html', data, None
+
+    def _gen_token(self):
+        return base64.urlsafe_b64encode(urandom(6))
+
+    def _send_email(self, req):
+        notifier = EmailVerificationNotification(self.env)
+        notifier.notify(req.authname, req.session['email_verification_token'])