PasswordTool: new method analyzePassword

When authentication policy is in used, this method allows for checking that the provided password can be used for the login referenced by this password_key

PasswordTool: new method analyzePassword
When authentication policy is in used, this method allows for checking that the provided password can be used for the login referenced by this password_key
9801d402 · Jérome Perrin · 033da3c0 · 9801d402
Commit 9801d402 authored Oct 24, 2016 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 0 deletions

product/ERP5/Tool/PasswordTool.py product/ERP5/Tool/PasswordTool.py +19 -0

No files found.
--- a/product/ERP5/Tool/PasswordTool.py
+++ b/product/ERP5/Tool/PasswordTool.py
@@ -229,6 +229,25 @@ class PasswordTool(BaseTool):
      if date < current_date:
        del password_request_dict[key]
+  security.declarePublic('analyzePassword')
+  def analyzePassword(self, password, password_key):
+    """Analyze password validity in the context of the login.
+    Returns a list of messages as returned by IEncryptedPassword.analyzePassword
+    """
+    portal = self.getPortalObject()
+    if not portal.portal_preferences.isAuthenticationPolicyEnabled():
+      return []
+    try:
+      register_user_login, expiration_date = self._password_request_dict[
+        password_key]
+    except KeyError:
+      return []
+    user_list = portal.acl_users.erp5_users.getUserByLogin(register_user_login)
+    if user_list:
+      return user_list[0].analyzePassword(password)
+    return []
  security.declarePublic('changeUserPassword')
  def changeUserPassword(self, password, password_key, password_confirm=None,
                         user_login=None, REQUEST=None, **kw):