erp5_credential: support ERP5 Login.

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRecovery_sendPasswordResetLink.xml

@@ -56,7 +56,7 @@ send the password reset link by mail\n
 portal = context.getPortalObject()\n
 \n
 person = context.getDestinationDecisionValue(portal_type="Person")\n
-reference = person.getReference()\n
+reference = context.getReference()\n
 if context.hasDocumentReference():\n
   message_reference = context.getDocumentReference()\n
 else:\n
@@ -66,7 +66,7 @@ if message_reference is None:\n
 notification_message = portal.NotificationTool_getDocumentValue(message_reference,\n
                                                                 context.getLanguage())\n
 \n
-context.REQUEST.set(\'came_from\', context.getUrlString())\n
+context.REQUEST.set(\'came_from\', portal.absolute_url())\n
 \n
 if context.hasStopDate():\n
   kw = {\'expiration_date\':context.getStopDate()}\n

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRecovery_sendUsernameRecoveryMessage.xml

@@ -56,13 +56,14 @@ send the username mail\n
 portal = context.getPortalObject()\n
 \n
 person_list = context.getDestinationDecisionValueList(portal_type="Person")\n
-usernames = []\n
+login_list = []\n
 for person in person_list:\n
-  usernames.append("%s" %person.getReference())\n
+  for login in person.objectValues(portal_type=\'ERP5 Login\'):\n
+    if login.getValidationState() == \'validated\':\n
+      login_list.append(login)\n
 \n
-usernames = " ".join(usernames)\n
+usernames = \' \'.join(login.getReference() for login in login_list)\n
 \n
-reference_list = [x.getReference() for x in person_list]\n
 if context.hasDocumentReference():\n
   message_reference = context.getDocumentReference()\n
 else:\n

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createUser.xml

@@ -64,26 +64,34 @@ portal = context.getPortalObject()\n
 portal_preferences = context.portal_preferences\n
 person = context.getDestinationDecisionValue(portal_type="Person")\n
 \n
+login_list = [x for x in person.objectValues(portal_type=\'ERP5 Login\') \\\n
+              if x.getValidationState() == \'validated\']\n
+if len(login_list):\n
+  login = login_list[0]\n
+else:\n
+  login = person.newContent(portal_type=\'ERP5 Login\')\n
 # Create user of the person only if not exist\n
-if person.hasReference() and person.getPassword():\n
+if person.hasReference() and login.hasPassword():\n
   return person.getReference(), None\n
 \n
 # Set login\n
-login = context.getReference()\n
-if not person.hasReference():\n
-  if not login:\n
+reference = context.getReference()\n
+if not login.hasReference():\n
+  if not reference:\n
     raise ValueError, "Impossible to create an account without login"\n
-  person.setReference(login)\n
+  login.setReference(reference)\n
+  if not person.hasReference():\n
+    person.setReference(reference)\n
 else:\n
-  login = person.getReference()\n
+  reference = person.getReference()\n
 \n
 password = None\n
-# Set password if no password on the person\n
-if not person.getPassword():\n
+# Set password if no password on the Login\n
+if not login.hasPassword():\n
   if context.getPassword():\n
     #User has fill a password\n
     password = context.getPassword()\n
-    person.setEncodedPassword(password)\n
+    login.setEncodedPassword(password)\n
   else:\n
     if not portal_preferences.isPreferredSystemGeneratePassword():\n
       # user will set it trough a credential recovery process\n
@@ -91,27 +99,30 @@ if not person.getPassword():\n
       module = portal.getDefaultModule(portal_type=\'Credential Recovery\')\n
       credential_recovery = module.newContent(\n
                                      portal_type="Credential Recovery",\n
-                                     reference=login,\n
+                                     reference=reference,\n
                                      destination_decision=person.getRelativeUrl(),\n
                                      language=portal.Localizer.get_selected_language())\n
       credential_recovery.submit()\n
     else:\n
       # system should generate a password\n
       password = context.Person_generatePassword(alpha=5, numeric=3)\n
-      person.setPassword(password)\n
+      login.setPassword(password)\n
 \n
   # create a global account\n
   if context.ERP5Site_isSingleSignOnEnable():\n
     #The master manage encoded password and clear password\n
     person.Person_createNewGlobalUserAccount(password=password)\n
     person.Person_validateGlobalUserAccount()\n
+\n
+  if login.getValidationState() == \'draft\':\n
+    login.validate()\n
 else:\n
   #Person has an already an account\n
   if context.ERP5Site_isSingleSignOnEnable():\n
     #Check assignment for the current instance\n
     person.Person_validateGlobalUserAccount()\n
 \n
-return login, password\n
+return reference, password\n
 </string> </value>
         </item>
         <item>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Credential_updatePersonPassword.xml

@@ -56,7 +56,24 @@ Clear \'erp5_content_short\' cache too."""\n
 person = context.getDestinationDecisionValue(portal_type="Person")\n
 \n
 if context.getPassword():\n
-  person.setEncodedPassword(context.getPassword())\n
+  login_list = [login for login in person.objectValues(portal_type=\'ERP5 Login\') \\\n
+                if login.getValidationState() == \'validated\']\n
+  reference = context.getReference()\n
+  if reference:\n
+    for login in login_list:\n
+      if login.getReference() == reference:\n
+        break\n
+    else:\n
+      raise RuntimeError, \'Person %s does not have a validated Login with reference %r\' % \\\n
+          (person.getRelativeUrl(), reference)\n
+  else: # BBB when login reference is not set in Credential Update document.\n
+    if login_list:\n
+      login = sorted(login_list,\n
+                     key=lambda x:x.getReference() == person.getReference(), reverse=True)[0]\n
+    else:\n
+      raise RuntimeError, \'Person %s does not have a validated Login with reference %r\' % \\\n
+          (person.getRelativeUrl(), reference)\n
+  login.setEncodedPassword(context.getPassword())\n
   context.portal_caches.clearCache((\'erp5_content_short\',))\n
 </string> </value>
         </item>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newCredentialRequest.xml

@@ -97,7 +97,8 @@ credential_request.reindexObject(activate_kw=dict(tag=\'Person_setReference_%s\'
 if not context.portal_membership.isAnonymousUser():\n
   person = context.ERP5Site_getAuthenticatedMemberPersonValue()\n
   destination_decision = []\n
-  if person.getReference() == reference:\n
+  if reference in [x.getReference() for x in person.objectValues(portal_type=\'ERP5 Login\')\n
+                   if x.getValidationState() == \'validated\']:\n
     destination_decision.append(person.getRelativeUrl())\n
   if person.getDefaultCareerSubordinationTitle() == corporate_name:\n
     destination_decision.append(person.getDefaultCareerSubordination())\n

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.xml

@@ -61,6 +61,7 @@ else:\n
   module = portal.getDefaultModule(portal_type=\'Credential Update\')\n
   credential_update = module.newContent(\n
     portal_type="Credential Update",\n
+    reference=reference,\n
     first_name=first_name,\n
     last_name=last_name,\n
     gender=gender,\n
@@ -106,7 +107,7 @@ return portal.Base_redirect(keep_items = {\'portal_status_message\': portal_stat
         </item>
         <item>
             <key> <string>_params</string> </key>
-            <value> <string>default_email_text=None, last_name=None, first_name=None, gender=None, nationality=None, password=None, date_of_birth=None, default_telephone_telephone_country=None, default_telephone_text=None, default_mobile_telephone_telephone_country=None, default_mobile_telephone_text=None, default_fax_text=None, default_credential_question_question=None, default_credential_question_question_free_text=None, default_credential_question_answer=None,  function=None, activity_list=None, skill_list=None, default_address_city=None, default_address_street_address=None, default_address_zip_code=None,default_address_region=None,default_image_file=None, description=None, dialog_id=\'\', **kw</string> </value>
+            <value> <string>default_email_text=None, last_name=None, first_name=None, gender=None, nationality=None, password=None, date_of_birth=None, default_telephone_telephone_country=None, default_telephone_text=None, default_mobile_telephone_telephone_country=None, default_mobile_telephone_text=None, default_fax_text=None, default_credential_question_question=None, default_credential_question_question_free_text=None, default_credential_question_answer=None,  function=None, activity_list=None, skill_list=None, default_address_city=None, default_address_street_address=None, default_address_zip_code=None,default_address_region=None,default_image_file=None, description=None, reference=None, dialog_id=\'\', **kw</string> </value>
         </item>
         <item>
             <key> <string>id</string> </key>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_viewNewPersonCredentialUpdateDialog.xml

@@ -93,6 +93,7 @@
                     <key> <string>left</string> </key>
                     <value>
                       <list>
+                        <string>your_reference</string>
                         <string>your_gender</string>
                         <string>your_first_name</string>
                         <string>your_last_name</string>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_viewNewPersonCredentialUpdateDialog/your_reference.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>delegated_list</string> </key>
+            <value>
+              <list>
+                <string>items</string>
+                <string>required</string>
+                <string>title</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>your_reference</string> </value>
+        </item>
+        <item>
+            <key> <string>message_values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>external_validator_failed</string> </key>
+                    <value> <string>The input failed the external validator.</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>overrides</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>target</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>tales</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>items</string> </key>
+                    <value>
+                      <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>required</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>target</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>title</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string>my_list_field</string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string>Base_viewFieldLibrary</string> </value>
+                </item>
+                <item>
+                    <key> <string>items</string> </key>
+                    <value>
+                      <list/>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>required</string> </key>
+                    <value> <int>1</int> </value>
+                </item>
+                <item>
+                    <key> <string>target</string> </key>
+                    <value> <string>Click to edit the target</string> </value>
+                </item>
+                <item>
+                    <key> <string>title</string> </key>
+                    <value> <string>User Login</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="TALESMethod" module="Products.Formulator.TALESField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_text</string> </key>
+            <value> <string>here/Base_getValidatedLoginReferenceList</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

product/ERP5/Tool/PasswordTool.py

@@ -273,11 +273,10 @@ class PasswordTool(BaseTool):
       # XXX: incorrect grammar
       return error("Date has expire.")
     del self._password_request_dict[password_key]
-    persons = self.getPortalObject().acl_users.erp5_users.getUserByLogin(
-      register_user_login)
-    person = persons[0]
-    person._forceSetPassword(password)
-    person.reindexObject()
+    login = self.getPortalObject().acl_users.erp5_users.getLoginObject(
+      register_user_login, 'ERP5 Login')
+    login._forceSetPassword(password)
+    login.reindexObject()
     return redirect(REQUEST, site_url,
                     translateString("Password changed."))
 

product/ERP5/tests/testERP5Credential.py

@@ -430,6 +430,7 @@ class TestERP5Credential(ERP5TypeTestCase):
     credential_update = credential_update_module.newContent(\
         first_name='Homie',
         last_name='Simpsons', # add a 's' to the end of the last_name
+        reference='homie',
         password='new_password',
         default_email_text='homie.simpsons@fox.com',
         destination_decision=homie.getRelativeUrl())
@@ -548,13 +549,19 @@ class TestERP5Credential(ERP5TypeTestCase):
     person_module = portal.getDefaultModule('Person')
     person = person_module.newContent(title='Barney',
                              reference='barney',
-                             password='secret',
                              start_date=DateTime('1970/01/01'),
                              default_email_text='barney@duff.com')
     # create an assignment
     assignment = person.newContent(portal_type='Assignment',
                       function='member')
     assignment.open()
+    # create a login
+    login = person.newContent(
+      portal_type='ERP5 Login',
+      reference=person.getReference(),
+      password='secret',
+    )
+    login.validate()
     sequence.edit(person_reference=person.getReference(),
                   default_email_text=person.getDefaultEmailText())
 
@@ -572,12 +579,18 @@ class TestERP5Credential(ERP5TypeTestCase):
       person_module = portal.getDefaultModule('Person')
       person = person_module.newContent(title=reference,
                                reference=reference,
-                               password='secret',
                                default_email_text=default_email_text)
       # create an assignment
       assignment = person.newContent(portal_type='Assignment',
                         function='member')
       assignment.open()
+      # create a login
+      login = person.newContent(
+        portal_type='ERP5 Login',
+        reference=person.getReference(),
+        password='secret',
+      )
+      login.validate()
       person_list.append(person)
 
     sequence.edit(person_list=person_list,

product/ERP5Security/tests/testERP5Security.py

@@ -314,14 +314,14 @@ class TestUserManagement(ERP5TypeTestCase):
     login = [x for x in pers.objectValues(portal_type='ERP5 Login')][0]
     result = self.portal.portal_preferences.PreferenceTool_setNewPassword(
       dialog_id='PreferenceTool_viewChangePasswordDialog',
-      login=login.getRelativeUrl(),
+      reference=login.getReference(),
       current_password='wrong_secret',
       new_password='new_secret',
     )
     self.assertEqual(result, self.portal.absolute_url()+'/portal_preferences/PreferenceTool_viewChangePasswordDialog?portal_status_message=Current%20password%20is%20wrong.')
     result = self.portal.portal_preferences.PreferenceTool_setNewPassword(
       dialog_id='PreferenceTool_viewChangePasswordDialog',
-      login=login.getRelativeUrl(),
+      reference=login.getReference(),
       current_password='secret',
       new_password='new_secret',
     )