Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
144
Merge Requests
144
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
erp5
Commits
67271e05
Commit
67271e05
authored
Oct 27, 2016
by
Kazuhiko Shiozaki
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
erp5_credential: migrate to ERP5 Login authentication.
parent
3e4709b9
Changes
13
Hide whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
283 additions
and
27 deletions
+283
-27
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Base_getValidatedLoginReferenceList.py
...ns/erp5_credential/Base_getValidatedLoginReferenceList.py
+5
-0
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Base_getValidatedLoginReferenceList.xml
...s/erp5_credential/Base_getValidatedLoginReferenceList.xml
+62
-0
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRecovery_sendPasswordResetLink.py
...p5_credential/CredentialRecovery_sendPasswordResetLink.py
+1
-1
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRecovery_sendUsernameRecoveryMessage.py
...dential/CredentialRecovery_sendUsernameRecoveryMessage.py
+5
-4
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createUser.py
...tal_skins/erp5_credential/CredentialRequest_createUser.py
+23
-12
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Credential_updatePersonPassword.py
..._skins/erp5_credential/Credential_updatePersonPassword.py
+19
-1
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newCredentialRecovery.py
...l_skins/erp5_credential/ERP5Site_newCredentialRecovery.py
+6
-3
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newCredentialRequest.py
...al_skins/erp5_credential/ERP5Site_newCredentialRequest.py
+2
-1
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.py
...ins/erp5_credential/ERP5Site_newPersonCredentialUpdate.py
+8
-2
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.xml
...ns/erp5_credential/ERP5Site_newPersonCredentialUpdate.xml
+1
-1
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_viewNewPersonCredentialUpdateDialog.xml
...edential/ERP5Site_viewNewPersonCredentialUpdateDialog.xml
+1
-0
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_viewNewPersonCredentialUpdateDialog/your_reference.xml
...te_viewNewPersonCredentialUpdateDialog/your_reference.xml
+135
-0
product/ERP5/tests/testERP5Credential.py
product/ERP5/tests/testERP5Credential.py
+15
-2
No files found.
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Base_getValidatedLoginReferenceList.py
0 → 100644
View file @
67271e05
person
=
context
.
ERP5Site_getAuthenticatedMemberPersonValue
()
if
person
is
not
None
:
return
[
login
for
login
in
person
.
objectValues
(
portal_type
=
'ERP5 Login'
)]
else
:
return
[]
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Base_getValidatedLoginReferenceList.xml
0 → 100644
View file @
67271e05
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"PythonScript"
module=
"Products.PythonScripts.PythonScript"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
Script_magic
</string>
</key>
<value>
<int>
3
</int>
</value>
</item>
<item>
<key>
<string>
_bind_names
</string>
</key>
<value>
<object>
<klass>
<global
name=
"NameAssignments"
module=
"Shared.DC.Scripts.Bindings"
/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key>
<string>
_asgns
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
name_container
</string>
</key>
<value>
<string>
container
</string>
</value>
</item>
<item>
<key>
<string>
name_context
</string>
</key>
<value>
<string>
context
</string>
</value>
</item>
<item>
<key>
<string>
name_m_self
</string>
</key>
<value>
<string>
script
</string>
</value>
</item>
<item>
<key>
<string>
name_subpath
</string>
</key>
<value>
<string>
traverse_subpath
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key>
<string>
_params
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
Base_getValidatedLoginReferenceList
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRecovery_sendPasswordResetLink.py
View file @
67271e05
...
...
@@ -4,7 +4,7 @@ send the password reset link by mail
portal
=
context
.
getPortalObject
()
person
=
context
.
getDestinationDecisionValue
(
portal_type
=
"Person"
)
reference
=
person
.
getReference
()
reference
=
context
.
getReference
()
if
context
.
hasDocumentReference
():
message_reference
=
context
.
getDocumentReference
()
else
:
...
...
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRecovery_sendUsernameRecoveryMessage.py
View file @
67271e05
...
...
@@ -4,13 +4,14 @@ send the username mail
portal
=
context
.
getPortalObject
()
person_list
=
context
.
getDestinationDecisionValueList
(
portal_type
=
"Person"
)
usernames
=
[]
login_list
=
[]
for
person
in
person_list
:
usernames
.
append
(
"%s"
%
person
.
getReference
())
for
login
in
person
.
objectValues
(
portal_type
=
'ERP5 Login'
):
if
login
.
getValidationState
()
==
'validated'
:
login_list
.
append
(
login
)
usernames
=
" "
.
join
(
usernames
)
usernames
=
' '
.
join
(
login
.
getReference
()
for
login
in
login_list
)
reference_list
=
[
x
.
getReference
()
for
x
in
person_list
]
if
context
.
hasDocumentReference
():
message_reference
=
context
.
getDocumentReference
()
else
:
...
...
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createUser.py
View file @
67271e05
...
...
@@ -12,26 +12,34 @@ portal = context.getPortalObject()
portal_preferences
=
context
.
portal_preferences
person
=
context
.
getDestinationDecisionValue
(
portal_type
=
"Person"
)
login_list
=
[
x
for
x
in
person
.
objectValues
(
portal_type
=
'ERP5 Login'
)
\
if
x
.
getValidationState
()
==
'validated'
]
if
len
(
login_list
):
login
=
login_list
[
0
]
else
:
login
=
person
.
newContent
(
portal_type
=
'ERP5 Login'
)
# Create user of the person only if not exist
if
person
.
hasReference
()
and
person
.
get
Password
():
if
person
.
hasReference
()
and
login
.
has
Password
():
return
person
.
getReference
(),
None
# Set login
login
=
context
.
getReference
()
if
not
perso
n
.
hasReference
():
if
not
login
:
reference
=
context
.
getReference
()
if
not
logi
n
.
hasReference
():
if
not
reference
:
raise
ValueError
,
"Impossible to create an account without login"
person
.
setReference
(
login
)
login
.
setReference
(
reference
)
if
not
person
.
hasReference
():
person
.
setReference
(
reference
)
else
:
login
=
person
.
getReference
()
reference
=
person
.
getReference
()
password
=
None
# Set password if no password on the
perso
n
if
not
person
.
get
Password
():
# Set password if no password on the
Logi
n
if
not
login
.
has
Password
():
if
context
.
getPassword
():
#User has fill a password
password
=
context
.
getPassword
()
perso
n
.
setEncodedPassword
(
password
)
logi
n
.
setEncodedPassword
(
password
)
else
:
if
not
portal_preferences
.
isPreferredSystemGeneratePassword
():
# user will set it trough a credential recovery process
...
...
@@ -39,24 +47,27 @@ if not person.getPassword():
module
=
portal
.
getDefaultModule
(
portal_type
=
'Credential Recovery'
)
credential_recovery
=
module
.
newContent
(
portal_type
=
"Credential Recovery"
,
reference
=
login
,
reference
=
reference
,
destination_decision
=
person
.
getRelativeUrl
(),
language
=
portal
.
Localizer
.
get_selected_language
())
credential_recovery
.
submit
()
else
:
# system should generate a password
password
=
context
.
Person_generatePassword
(
alpha
=
5
,
numeric
=
3
)
perso
n
.
setPassword
(
password
)
logi
n
.
setPassword
(
password
)
# create a global account
if
context
.
ERP5Site_isSingleSignOnEnable
():
#The master manage encoded password and clear password
person
.
Person_createNewGlobalUserAccount
(
password
=
password
)
person
.
Person_validateGlobalUserAccount
()
if
login
.
getValidationState
()
==
'draft'
:
login
.
validate
()
else
:
#Person has an already an account
if
context
.
ERP5Site_isSingleSignOnEnable
():
#Check assignment for the current instance
person
.
Person_validateGlobalUserAccount
()
return
login
,
password
return
reference
,
password
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/Credential_updatePersonPassword.py
View file @
67271e05
...
...
@@ -4,5 +4,23 @@ Clear 'erp5_content_short' cache too."""
person
=
context
.
getDestinationDecisionValue
(
portal_type
=
"Person"
)
if
context
.
getPassword
():
person
.
setEncodedPassword
(
context
.
getPassword
())
login_list
=
[
login
for
login
in
person
.
objectValues
(
portal_type
=
'ERP5 Login'
)
\
if
login
.
getValidationState
()
==
'validated'
]
reference
=
context
.
getReference
()
if
reference
:
for
login
in
login_list
:
if
login
.
getReference
()
==
reference
:
break
else
:
raise
RuntimeError
,
'Person %s does not have a validated Login with reference %r'
%
\
(
person
.
getRelativeUrl
(),
reference
)
else
:
# BBB when login reference is not set in Credential Update document.
if
login_list
:
login
=
sorted
(
login_list
,
key
=
lambda
x
:
x
.
getReference
()
==
person
.
getReference
(),
reverse
=
True
)[
0
]
else
:
raise
RuntimeError
,
'Person %s does not have a validated Login with reference %r'
%
\
(
person
.
getRelativeUrl
(),
reference
)
login
.
setEncodedPassword
(
context
.
getPassword
())
context
.
portal_caches
.
clearCache
((
'erp5_content_short'
,))
return
login
.
getReference
()
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newCredentialRecovery.py
View file @
67271e05
...
...
@@ -40,15 +40,18 @@ if default_email_text is not None:
else
:
# Case for recovery of password
if
person_list
is
None
:
person_module
=
portal
.
getDefaultModule
(
'Person'
)
result
=
person_module
.
searchFolder
(
reference
=
{
'query'
:
reference
,
'key'
:
'ExactMatch'
})
result
=
portal
.
portal_catalog
(
portal_type
=
(
"ERP5 Login"
),
parent_portal_type
=
"Person"
,
reference
=
{
'query'
:
reference
,
'key'
:
'ExactMatch'
},
)
if
len
(
result
)
!=
1
:
portal_status_message
=
portal
.
Base_translateString
(
"Can't find corresponding person, it's not possible to recover your credentials."
)
if
web_site
is
not
None
:
return
web_site
.
Base_redirect
(
''
,
keep_items
=
dict
(
portal_status_message
=
portal_status_message
))
return
portal
.
Base_redirect
(
''
,
keep_items
=
dict
(
portal_status_message
=
portal_status_message
))
person_list
=
[
result
[
0
].
getObject
(),]
person_list
=
[
result
[
0
].
getObject
()
.
getParentValue
()
,]
# Check the response
person
=
person_list
[
0
]
...
...
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newCredentialRequest.py
View file @
67271e05
...
...
@@ -45,7 +45,8 @@ credential_request.reindexObject(activate_kw=dict(tag='Person_setReference_%s' %
if
not
context
.
portal_membership
.
isAnonymousUser
():
person
=
context
.
ERP5Site_getAuthenticatedMemberPersonValue
()
destination_decision
=
[]
if
person
.
getReference
()
==
reference
:
if
reference
in
[
x
.
getReference
()
for
x
in
person
.
objectValues
(
portal_type
=
'ERP5 Login'
)
if
x
.
getValidationState
()
==
'validated'
]:
destination_decision
.
append
(
person
.
getRelativeUrl
())
if
person
.
getDefaultCareerSubordinationTitle
()
==
corporate_name
:
destination_decision
.
append
(
person
.
getDefaultCareerSubordination
())
...
...
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.py
View file @
67271e05
...
...
@@ -9,6 +9,7 @@ else:
module
=
portal
.
getDefaultModule
(
portal_type
=
'Credential Update'
)
credential_update
=
module
.
newContent
(
portal_type
=
"Credential Update"
,
reference
=
reference
,
first_name
=
first_name
,
last_name
=
last_name
,
gender
=
gender
,
...
...
@@ -44,9 +45,14 @@ else:
# within same transaction and update client side credentials cookie
username
=
person
.
getReference
()
if
password
and
username
==
str
(
portal
.
portal_membership
.
getAuthenticatedMember
()):
credential_update
.
accept
()
portal
.
cookie_authentication
.
credentialsChanged
(
username
,
username
,
password
)
# The password is updated synchronously and the the rest of the credential Update is done later
login_reference
=
credential_update
.
Credential_updatePersonPassword
(
)
portal_status_message
=
"Password changed."
context
.
getPortalObject
().
cookie_authentication
.
credentialsChanged
(
username
,
login_reference
,
password
,
)
portal_status_message
=
context
.
Base_translateString
(
portal_status_message
)
return
portal
.
Base_redirect
(
keep_items
=
{
'portal_status_message'
:
portal_status_message
})
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newPersonCredentialUpdate.xml
View file @
67271e05
...
...
@@ -50,7 +50,7 @@
</item>
<item>
<key>
<string>
_params
</string>
</key>
<value>
<string>
default_email_text=None, last_name=None, first_name=None, gender=None, nationality=None, password=None, date_of_birth=None, default_telephone_telephone_country=None, default_telephone_text=None, default_mobile_telephone_telephone_country=None, default_mobile_telephone_text=None, default_fax_text=None, default_credential_question_question=None, default_credential_question_question_free_text=None, default_credential_question_answer=None, function=None, activity_list=None, skill_list=None, default_address_city=None, default_address_street_address=None, default_address_zip_code=None,default_address_region=None,default_image_file=None, description=None, dialog_id=\'\', **kw
</string>
</value>
<value>
<string>
default_email_text=None, last_name=None, first_name=None, gender=None, nationality=None, password=None, date_of_birth=None, default_telephone_telephone_country=None, default_telephone_text=None, default_mobile_telephone_telephone_country=None, default_mobile_telephone_text=None, default_fax_text=None, default_credential_question_question=None, default_credential_question_question_free_text=None, default_credential_question_answer=None, function=None, activity_list=None, skill_list=None, default_address_city=None, default_address_street_address=None, default_address_zip_code=None,default_address_region=None,default_image_file=None, description=None,
reference=None,
dialog_id=\'\', **kw
</string>
</value>
</item>
<item>
<key>
<string>
_proxy_roles
</string>
</key>
...
...
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_viewNewPersonCredentialUpdateDialog.xml
View file @
67271e05
...
...
@@ -93,6 +93,7 @@
<key>
<string>
left
</string>
</key>
<value>
<list>
<string>
your_reference
</string>
<string>
your_gender
</string>
<string>
your_first_name
</string>
<string>
your_last_name
</string>
...
...
bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_viewNewPersonCredentialUpdateDialog/your_reference.xml
0 → 100644
View file @
67271e05
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"ProxyField"
module=
"Products.ERP5Form.ProxyField"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
delegated_list
</string>
</key>
<value>
<list>
<string>
items
</string>
<string>
required
</string>
<string>
title
</string>
</list>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
your_reference
</string>
</value>
</item>
<item>
<key>
<string>
message_values
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
external_validator_failed
</string>
</key>
<value>
<string>
The input failed the external validator.
</string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
overrides
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string></string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
tales
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
items
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
required
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string></string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
values
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string>
my_list_field
</string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string>
Base_viewFieldLibrary
</string>
</value>
</item>
<item>
<key>
<string>
items
</string>
</key>
<value>
<list/>
</value>
</item>
<item>
<key>
<string>
required
</string>
</key>
<value>
<int>
1
</int>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string>
Click to edit the target
</string>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string>
User Login
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"TALESMethod"
module=
"Products.Formulator.TALESField"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_text
</string>
</key>
<value>
<string>
here/Base_getValidatedLoginReferenceList
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
product/ERP5/tests/testERP5Credential.py
View file @
67271e05
...
...
@@ -430,6 +430,7 @@ class TestERP5Credential(ERP5TypeTestCase):
credential_update
=
credential_update_module
.
newContent
(
\
first_name
=
'Homie'
,
last_name
=
'Simpsons'
,
# add a 's' to the end of the last_name
reference
=
'homie'
,
password
=
'new_password'
,
default_email_text
=
'homie.simpsons@fox.com'
,
destination_decision
=
homie
.
getRelativeUrl
())
...
...
@@ -548,13 +549,19 @@ class TestERP5Credential(ERP5TypeTestCase):
person_module
=
portal
.
getDefaultModule
(
'Person'
)
person
=
person_module
.
newContent
(
title
=
'Barney'
,
reference
=
'barney'
,
password
=
'secret'
,
start_date
=
DateTime
(
'1970/01/01'
),
default_email_text
=
'barney@duff.com'
)
# create an assignment
assignment
=
person
.
newContent
(
portal_type
=
'Assignment'
,
function
=
'member'
)
assignment
.
open
()
# create a login
login
=
person
.
newContent
(
portal_type
=
'ERP5 Login'
,
reference
=
person
.
getReference
(),
password
=
'secret'
,
)
login
.
validate
()
sequence
.
edit
(
person_reference
=
person
.
getReference
(),
default_email_text
=
person
.
getDefaultEmailText
())
...
...
@@ -572,12 +579,18 @@ class TestERP5Credential(ERP5TypeTestCase):
person_module
=
portal
.
getDefaultModule
(
'Person'
)
person
=
person_module
.
newContent
(
title
=
reference
,
reference
=
reference
,
password
=
'secret'
,
default_email_text
=
default_email_text
)
# create an assignment
assignment
=
person
.
newContent
(
portal_type
=
'Assignment'
,
function
=
'member'
)
assignment
.
open
()
# create a login
login
=
person
.
newContent
(
portal_type
=
'ERP5 Login'
,
reference
=
person
.
getReference
(),
password
=
'secret'
,
)
login
.
validate
()
person_list
.
append
(
person
)
sequence
.
edit
(
person_list
=
person_list
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment