If current logged in user tries to change password do

change authentication cookie as well at client side in same transaction. This way a logged in user is able to change current password without being kicked out of the system within.

If current logged in user tries to change password do
change authentication cookie as well at client side in same transaction. This way a logged in user is able to change current password without being kicked out of the system within.
a2bbaeae · Ivan Tyagov · ee500f0f · a2bbaeae · a2bbaeae · a2bbaeae
Commit a2bbaeae authored Aug 15, 2011 by Ivan Tyagov
3 changed files
--- a/bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Credential_updatePersonPassword.xml
+++ b/bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Credential_updatePersonPassword.xml
@@ -64,6 +64,14 @@ if context.getPassword():\n
            <key> <string>_params</string> </key>
            <value> <string></string> </value>
        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
        <item>
            <key> <string>id</string> </key>
            <value> <string>Credential_updatePersonPassword</string> </value>

--- a/bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.xml
+++ b/bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.xml
@@ -55,7 +55,7 @@ portal = context.getPortalObject()\n
 person = context.ERP5Site_getAuthenticatedMemberPersonValue()\n
 \n
 if person is None:\n
-  portal_status_message = context.Base_translateString("Can\'t find corresponding person, it\'s not possible to update your credentials.")\n
+  portal_status_message = "Can\'t find corresponding person, it\'s not possible to update your credentials."\n
 else:\n
  # create the credential update\n
  module = context.getDefaultModule(portal_type=\'Credential Update\')\n
@@ -89,10 +89,18 @@ else:\n
    credential_update.edit(password=password)\n
 \n
  credential_update.submit()\n
+  portal_status_message = "Credential Update Created."\n
 \n
-  portal_status_message = context.Base_translateString("Credential Update Created.")\n
+  # if we are changing password for current logged in user then do it\n
+  # within same transaction and update client side credentials cookie \n
+  username = person.getReference()\n
+  if password and username == str(portal.portal_membership.getAuthenticatedMember()):\n
+    credential_update.accept()\n
+    portal.cookie_authentication.credentialsChanged(username, username, password)\n
+    portal_status_message = "Password changed."\n
 \n
-return portal.Base_redirect(keep_items = {\'portal_status_message\': portal_status_message})\n
+portal_status_message = context.Base_translateString(portal_status_message)\n
+portal.Base_redirect(keep_items = {\'portal_status_message\': portal_status_message})\n
 </string> </value>
        </item>
        <item>

--- a/bt5/erp5_credential/bt/revision
+++ b/bt5/erp5_credential/bt/revision
-384
\ No newline at end of file
+385
\ No newline at end of file