Commit f5ff59b8 authored by Jérome Perrin's avatar Jérome Perrin

Handle the case when the user requesting a password reset does not have an

email address


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@36982 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 1911d90e
...@@ -72,22 +72,33 @@ class PasswordTool(BaseTool): ...@@ -72,22 +72,33 @@ class PasswordTool(BaseTool):
if user_login is None: if user_login is None:
user_login = REQUEST["user_login"] user_login = REQUEST["user_login"]
# check user exists msg = None
# check user exists, and have an email
user_list = self.getPortalObject().acl_users.\ user_list = self.getPortalObject().acl_users.\
erp5_users.getUserByLogin(user_login) erp5_users.getUserByLogin(user_login)
if len(user_list) == 0: if len(user_list) == 0:
msg = translateString("User ${user} does not exist.", msg = translateString("User ${user} does not exist.",
mapping={'user':user_login}) mapping={'user':user_login})
else:
# We use checked_permission to prevent errors when trying to acquire
# email from organisation
user = user_list[0]
email_value = user.getDefaultEmailValue(
checked_permission='Access content information')
if email_value is None or not email_value.asText():
msg = translateString(
"User ${user} does not have an email address, please contact site "
"administrator directly", mapping={'user':user_login})
if msg:
if REQUEST is not None: if REQUEST is not None:
parameter = urlencode(dict(portal_status_message=msg)) parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % \ ret_url = '%s/login_form?%s' % \
(self.getPortalObject().absolute_url(), (self.getPortalObject().absolute_url(),
parameter) parameter)
return REQUEST.RESPONSE.redirect( ret_url ) return REQUEST.RESPONSE.redirect( ret_url )
else:
return msg return msg
user = user_list[0].getObject()
# generate a random string # generate a random string
random_url = self._generateUUID() random_url = self._generateUUID()
parameter = urlencode(dict(reset_key=random_url)) parameter = urlencode(dict(reset_key=random_url))
......
...@@ -437,6 +437,40 @@ class TestPasswordTool(ERP5TypeTestCase): ...@@ -437,6 +437,40 @@ class TestPasswordTool(ERP5TypeTestCase):
self.tic() self.tic()
self._assertUserExists('userZ ', 'newZ2') self._assertUserExists('userZ ', 'newZ2')
def test_no_email_on_person(self):
person = self.portal.person_module.newContent(portal_type="Person",
reference="user",
password="password",)
assignment = person.newContent(portal_type='Assignment')
assignment.open()
transaction.commit()
self.tic()
self.logout()
ret = self.portal.portal_password.mailPasswordResetRequest(user_login='user')
self.assertEquals("User user does not have an email address, please contact"
" site administrator directly", str(ret))
def test_acquired_email_on_person(self):
organisation = self.portal.organisation_module.newContent(
portal_type='Organisation',
default_email_text="organisation@example.com",)
person = self.portal.person_module.newContent(portal_type="Person",
reference="user",
password="password",
default_career_subordination_value=organisation)
assignment = person.newContent(portal_type='Assignment')
assignment.open()
transaction.commit()
self.tic()
self._assertUserExists('user', 'password')
self.logout()
ret = self.portal.portal_password.mailPasswordResetRequest(user_login='user')
self.assertEquals("User user does not have an email address, please contact"
" site administrator directly", str(ret))
class TestPasswordToolWithCRM(TestPasswordTool): class TestPasswordToolWithCRM(TestPasswordTool):
""" """
Test reset of password Test reset of password
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment