slapos_jio: Fix up set new password on ERP5 Login

Mostly handle the response a bit better, and log out user if he changes the current login. This prevents his account get blocked.

slapos_jio: Fix up set new password on ERP5 Login
Mostly handle the response a bit better, and log out user if he changes the current login. This prevents his account get blocked.
ddfae815 · Rafael Monnerat · 2cd628ef · ddfae815 · ddfae815 · ddfae815
Commit ddfae815 authored Jun 02, 2020 by Rafael Monnerat
4 changed files
--- a/master/bt5/slapos_jio/PathTemplateItem/web_page_module/rjs_gadget_erp5_page_slap_erp5_login_view_js.js
+++ b/master/bt5/slapos_jio/PathTemplateItem/web_page_module/rjs_gadget_erp5_page_slap_erp5_login_view_js.js
-/*global window, rJS, RSVP, jIO, Blob */
+/*global window, rJS, RSVP, jIO, Blob, UriTemplate */
 /*jslint nomen: true, indent: 2, maxerr: 3 */
-(function (window, rJS, RSVP) {
+(function (window, rJS, RSVP, jIO, UriTemplate) {
  "use strict";
  rJS(window)
@@ -18,6 +18,9 @@
    .declareAcquiredMethod("notifySubmitted", 'notifySubmitted')
    .declareAcquiredMethod("jio_allDocs", "jio_allDocs")
    .declareAcquiredMethod("getTranslationList", "getTranslationList")
+    .declareAcquiredMethod("redirect", "redirect")
    /////////////////////////////////////////////////////////////////
    // declared methods
@@ -55,13 +58,59 @@
              }
            }
          }
-          return gadget.getSetting("hateoas_url")
+          return gadget.jio_getAttachment('acl_users', 'links')
-            .push(function (hateoas_url) {
+            .push(function (links) {
-              return gadget.jio_putAttachment(gadget.state.jio_key,
+              var logout_url_template = links._links.logout.href;
-                hateoas_url + gadget.state.jio_key + "/Login_edit", doc)
+              return gadget.getSetting("hateoas_url")
-                  .push(function () {
+                .push(function (hateoas_url) {
+                  return gadget.jio_putAttachment(gadget.state.jio_key,
+                      hateoas_url + gadget.state.jio_key + "/Login_edit", doc);
+                })
+                .push(function (response) {
+                  var redirect_url;
+                  if (response.target === undefined) {
+                    return gadget.notifySubmitted({message: gadget.message2_translation, status: 'success'});
+                  }
+                  // This is probably not ok
+                  if (response.target.status === 200 && response.target.responseURL.search("login_form")) {
+                    // The script required to launch a redirect
+                    return gadget.notifySubmitted({message: gadget.message2_translation, status: 'success'})
+                      .push(function () {
+                        return gadget.getUrlFor({
+                          command: 'display',
+                          absolute_url: true,
+                          options: {"jio_key": "/", "page": "slapos"}
+                        })
+                      })
+                      .push(function (came_from) {
+                        return gadget.redirect({
+                          command: 'raw',
+                          options: {
+                            url: UriTemplate.parse(logout_url_template).expand({came_from: came_from})
+                          }
+                        });
+                      });
+                  }
                  return gadget.notifySubmitted({message: gadget.message2_translation, status: 'success'});
                });
+            })
+            .push(undefined, function (error) {
+              return gadget.getTranslationList(["Unknown Error, please open a ticket."])
+                .push(function (error_message) {
+                  if (error.target === undefined) {
+                    // received a cancelation so just skip
+                    return gadget;
+                  }
+                  return jIO.util.readBlobAsText(error.target.response)
+                    .then(function (evt) {
+                      if (error.target.status === 406) {
+                        return gadget.notifySubmitted({message: JSON.parse(evt.target.result),
+                                                       status: 'error'});
+                      }
+                      return gadget.notifySubmitted({message: error_message[0],
+                                                     status: 'error'});
+                    });
+                });
            });
        });
    })
@@ -165,4 +214,4 @@
          return gadget.updateHeader(header_dict);
        });
    });
-}(window, rJS, RSVP));
+}(window, rJS, RSVP, jIO, UriTemplate));
\ No newline at end of file
--- a/master/bt5/slapos_jio/PathTemplateItem/web_page_module/rjs_gadget_erp5_page_slap_erp5_login_view_js.xml
+++ b/master/bt5/slapos_jio/PathTemplateItem/web_page_module/rjs_gadget_erp5_page_slap_erp5_login_view_js.xml
@@ -242,7 +242,7 @@
            </item>
            <item>
                <key> <string>serial</string> </key>
-                <value> <string>982.32731.27456.12475</string> </value>
+                <value> <string>984.18874.65411.51899</string> </value>
            </item>
            <item>
                <key> <string>state</string> </key>
@@ -260,7 +260,7 @@
                    </tuple>
                    <state>
                      <tuple>
-                        <float>1584351592.43</float>
+                        <float>1591061632.49</float>
                        <string>UTC</string>
                      </tuple>
                    </state>

--- a/master/bt5/slapos_jio/SkinTemplateItem/portal_skins/slapos_hal_json_style/Login_edit.py
+++ b/master/bt5/slapos_jio/SkinTemplateItem/portal_skins/slapos_hal_json_style/Login_edit.py
 from zExceptions import Unauthorized
+import json
 edit_kw = {}
 person = context.getPortalObject().portal_membership.getAuthenticatedMember().getUserValue()
 if person != context.getParentValue():
  raise Unauthorized
+original_login = context.getReference()
 if reference is not None:
  edit_kw["reference"] = reference
@@ -19,3 +21,17 @@ if len(edit_kw):
 # This will raise if login is duplicated. 
 # XXX Improve this later by 
 context.Base_checkConsistency()
+current_username = context.getPortalObject().portal_membership.getAuthenticatedMember().getUserName()
+if current_username == original_login:
+  # We should logout immediately
+  if context.REQUEST.has_key('portal_skin'):
+    context.portal_skins.clearSkinCookie()
+  context.REQUEST.RESPONSE.expireCookie('__ac', path='/')
+  context.REQUEST.RESPONSE.expireCookie('__ac_google_hash', path='/')
+  context.REQUEST.RESPONSE.expireCookie('__ac_facebook_hash', path='/')
+  context.REQUEST.RESPONSE.setHeader('Location', context.getPermanentURL(context))
+  context.REQUEST.RESPONSE.setStatus('303')
+return json.dumps(context.getRelativeUrl())
--- a/master/bt5/slapos_jio/SkinTemplateItem/portal_skins/slapos_hal_json_style/Login_edit.xml
+++ b/master/bt5/slapos_jio/SkinTemplateItem/portal_skins/slapos_hal_json_style/Login_edit.xml
@@ -50,7 +50,7 @@
        </item>
        <item>
            <key> <string>_params</string> </key>
-            <value> <string>reference=None, password=None </string> </value>
+            <value> <string>reference=None, password=None</string> </value>
        </item>
        <item>
            <key> <string>_proxy_roles</string> </key>