diff --git a/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference.xml b/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference.xml index a340e5f72b0725ddddee40369e5bf1b3bcedd3d9..b0e94b1efe32389c0f1f54756bc90391b790250d 100644 --- a/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference.xml +++ b/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference.xml @@ -34,7 +34,7 @@ </item> <item> <key> <string>last_id</string> </key> - <value> <string>11</string> </value> + <value> <string>12</string> </value> </item> <item> <key> <string>portal_type</string> </key> diff --git a/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference/preferred_authentication_policy_enabled_property.xml b/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference/preferred_authentication_policy_enabled_property.xml new file mode 100644 index 0000000000000000000000000000000000000000..6096a0771e8c72799ed0b8a5bf646ff8e39b02a5 --- /dev/null +++ b/bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference/preferred_authentication_policy_enabled_property.xml @@ -0,0 +1,40 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <global name="Standard Property" module="erp5.portal_type"/> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>categories</string> </key> + <value> + <tuple> + <string>elementary_type/boolean</string> + </tuple> + </value> + </item> + <item> + <key> <string>description</string> </key> + <value> <string>If checked will enforce authentication policy rules site wide.</string> </value> + </item> + <item> + <key> <string>id</string> </key> + <value> <string>preferred_authentication_policy_enabled_property</string> </value> + </item> + <item> + <key> <string>portal_type</string> </key> + <value> <string>Standard Property</string> </value> + </item> + <item> + <key> <string>preference</string> </key> + <value> <int>1</int> </value> + </item> + <item> + <key> <string>property_default</string> </key> + <value> <string>python: False</string> </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_isPasswordValid.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_isPasswordValid.xml index 6dfc5c419721ddd5bfd90845d2a7bfd897b9f238..e7fafda7c514240d08e766bc0fc7ef8e8337ae9e 100644 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_isPasswordValid.xml +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_isPasswordValid.xml @@ -73,14 +73,13 @@ def doValidation(person, password):\n if result<=0:\n message = context.Base_translateString(message_dict[result])\n raise ValidationError(\'external_validator_failed\', context, error_text=message)\n + return result\n \n -# do only for authenticated members\n -if not portal.portal_membership.isAnonymousUser():\n - # find Person object (or authenticated member) and validate it on it (password recovered for an existing account)\n - user_login = request.get(\'field_user_login\', None)\n - person = context.ERP5Site_getAuthenticatedMemberPersonValue(user_login)\n - if person is not None:\n - return doValidation(person, password)\n +user_login = request.get(\'field_user_login\', None)\n +# find Person object (or authenticated member) and validate it on it (password recovered for an existing account)\n +person = context.ERP5Site_getAuthenticatedMemberPersonValue(user_login)\n +if person is not None:\n + return doValidation(person, password)\n \n # use a temp object (new account created)\n first_name = request.get(\'field_your_first_name\', None) \n @@ -99,6 +98,14 @@ return doValidation(person, password)\n <key> <string>_params</string> </key> <value> <string>password, request</string> </value> </item> + <item> + <key> <string>_proxy_roles</string> </key> + <value> + <tuple> + <string>Manager</string> + </tuple> + </value> + </item> <item> <key> <string>id</string> </key> <value> <string>Base_isPasswordValid</string> </value> diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_validatePasswordsMatch.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_validatePasswordsMatch.xml similarity index 97% rename from bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_validatePasswordsMatch.xml rename to bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_validatePasswordsMatch.xml index 72b3f7da6e9c4f4b84f61df4d2d95d1c51978a09..367cd72762568f167b67c166bb443b9e362e9c10 100644 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_validatePasswordsMatch.xml +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Base_validatePasswordsMatch.xml @@ -68,7 +68,7 @@ return 0\n </item> <item> <key> <string>id</string> </key> - <value> <string>Person_validatePasswordsMatch</string> </value> + <value> <string>Base_validatePasswordsMatch</string> </value> </item> </dictionary> </pickle> diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/ERP5Site_isAuthenticationPolicyEnabled.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/ERP5Site_isAuthenticationPolicyEnabled.xml deleted file mode 100644 index 785b335cb0a6596ff26b2eb53b71c50d787f6600..0000000000000000000000000000000000000000 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/ERP5Site_isAuthenticationPolicyEnabled.xml +++ /dev/null @@ -1,81 +0,0 @@ -<?xml version="1.0"?> -<ZopeData> - <record id="1" aka="AAAAAAAAAAE="> - <pickle> - <global name="PythonScript" module="Products.PythonScripts.PythonScript"/> - </pickle> - <pickle> - <dictionary> - <item> - <key> <string>Script_magic</string> </key> - <value> <int>3</int> </value> - </item> - <item> - <key> <string>_bind_names</string> </key> - <value> - <object> - <klass> - <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/> - </klass> - <tuple/> - <state> - <dictionary> - <item> - <key> <string>_asgns</string> </key> - <value> - <dictionary> - <item> - <key> <string>name_container</string> </key> - <value> <string>container</string> </value> - </item> - <item> - <key> <string>name_context</string> </key> - <value> <string>context</string> </value> - </item> - <item> - <key> <string>name_m_self</string> </key> - <value> <string>script</string> </value> - </item> - <item> - <key> <string>name_subpath</string> </key> - <value> <string>traverse_subpath</string> </value> - </item> - </dictionary> - </value> - </item> - </dictionary> - </state> - </object> - </value> - </item> - <item> - <key> <string>_body</string> </key> - <value> <string>"""\n - Determine if a security policy is enabled or not by reading System Preferences.\n -"""\n -from Products.ERP5Type.Cache import CachingMethod\n -\n -def _isAuthenticationPolicyEnabled():\n - portal = context.getPortalObject()\n - portal_preferences = portal.portal_preferences\n - return portal_preferences.getPreferredMaxAuthenticationFailure() or \\\n - portal_preferences.getPreferredMaxPasswordLifetimeDuration()\n -\n -_isAuthenticationPolicyEnabled = CachingMethod(_isAuthenticationPolicyEnabled,\n - id=\'Person_isAuthenticationPolicyEnabled\',\n - cache_factory=\'erp5_content_short\')\n -return _isAuthenticationPolicyEnabled()\n -</string> </value> - </item> - <item> - <key> <string>_params</string> </key> - <value> <string></string> </value> - </item> - <item> - <key> <string>id</string> </key> - <value> <string>ERP5Site_isAuthenticationPolicyEnabled</string> </value> - </item> - </dictionary> - </pickle> - </record> -</ZopeData> diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_isLoginBlocked.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_isLoginBlocked.xml index f815485bdf14d7000ef0106e89f48d851bc53532..35e6610dd6f7656703fe074222e1dd7120a35a6a 100644 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_isLoginBlocked.xml +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_isLoginBlocked.xml @@ -61,7 +61,7 @@ request = context.REQUEST\n portal = context.getPortalObject()\n portal_preferences = portal.portal_preferences\n \n -if not context.ERP5Site_isAuthenticationPolicyEnabled():\n +if not portal_preferences.isAuthenticationPolicyEnabled():\n # no policy, no sense to block account\n return 0\n \n diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyLoginFailure.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyLoginFailure.xml index b13b007ac0408ba4d832780bb0021c792e45039a..e3535f1d9ad5ead52ae80d402441e473b1b06847 100644 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyLoginFailure.xml +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_notifyLoginFailure.xml @@ -57,8 +57,9 @@ """\n from DateTime import DateTime\n portal = context.getPortalObject()\n +portal_preferences = portal.portal_preferences\n \n -if not context.ERP5Site_isAuthenticationPolicyEnabled():\n +if not portal_preferences.isAuthenticationPolicyEnabled():\n # no policy, no sense to file failure\n return 0\n \n diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_unblockLogin.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_unblockLogin.xml index bc355f7222f5e0381afe0830f405e894a0c9bea5..f29d037bbd388c7bddb686c204e8adcecdc1cf3f 100644 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_unblockLogin.xml +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_unblockLogin.xml @@ -52,7 +52,7 @@ <key> <string>_body</string> </key> <value> <string>portal = context.getPortalObject()\n \n -if not portal.ERP5Site_isAuthenticationPolicyEnabled():\n +if not portal.portal_preferences.isAuthenticationPolicyEnabled():\n # no policy, no sense to block account\n return 0\n \n diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy.xml index 584bc633b31d177fef043e2ad3e5706e6aee1348..2a2d3a18c5d70185f2428ae6c87d9a12a6c3702c 100644 --- a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy.xml +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy.xml @@ -79,6 +79,7 @@ <key> <string>left</string> </key> <value> <list> + <string>my_preferred_authentication_policy_enabled</string> <string>my_preferred_max_authentication_failure</string> <string>my_preferred_authentication_failure_check_duration</string> <string>my_preferred_authentication_failure_block_duration</string> diff --git a/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy/my_preferred_authentication_policy_enabled.xml b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy/my_preferred_authentication_policy_enabled.xml new file mode 100644 index 0000000000000000000000000000000000000000..6b80e3a688318d77a4767d9af280459d7eeb7539 --- /dev/null +++ b/bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy/my_preferred_authentication_policy_enabled.xml @@ -0,0 +1,96 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <global name="ProxyField" module="Products.ERP5Form.ProxyField"/> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>delegated_list</string> </key> + <value> + <list> + <string>title</string> + </list> + </value> + </item> + <item> + <key> <string>id</string> </key> + <value> <string>my_preferred_authentication_policy_enabled</string> </value> + </item> + <item> + <key> <string>message_values</string> </key> + <value> + <dictionary> + <item> + <key> <string>external_validator_failed</string> </key> + <value> <string>The input failed the external validator.</string> </value> + </item> + </dictionary> + </value> + </item> + <item> + <key> <string>overrides</string> </key> + <value> + <dictionary> + <item> + <key> <string>field_id</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>form_id</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>target</string> </key> + <value> <string></string> </value> + </item> + </dictionary> + </value> + </item> + <item> + <key> <string>tales</string> </key> + <value> + <dictionary> + <item> + <key> <string>field_id</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>form_id</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>target</string> </key> + <value> <string></string> </value> + </item> + </dictionary> + </value> + </item> + <item> + <key> <string>values</string> </key> + <value> + <dictionary> + <item> + <key> <string>field_id</string> </key> + <value> <string>my_checkbox</string> </value> + </item> + <item> + <key> <string>form_id</string> </key> + <value> <string>Base_viewFieldLibrary</string> </value> + </item> + <item> + <key> <string>target</string> </key> + <value> <string>Click to edit the target</string> </value> + </item> + <item> + <key> <string>title</string> </key> + <value> <string>Enable Authentication Policy</string> </value> + </item> + </dictionary> + </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/interactions/changePassword.xml b/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/interactions/changePassword.xml index 7395b64192ff24da941888015b327ff7953b1def..cd1ee95c997f0aa8844cdd47955deb53909ba970 100644 --- a/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/interactions/changePassword.xml +++ b/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/interactions/changePassword.xml @@ -27,7 +27,9 @@ <item> <key> <string>after_script_name</string> </key> <value> - <tuple/> + <list> + <string>Person_changePassword</string> + </list> </value> </item> <item> @@ -55,8 +57,10 @@ <value> <list> <string>setPassword</string> - <string>setEncodedPassword</string> + <string>_setPassword</string> <string>_forceSetPassword</string> + <string>edit</string> + <string>setEncodedPassword</string> </list> </value> </item> @@ -75,9 +79,7 @@ <item> <key> <string>script_name</string> </key> <value> - <list> - <string>Person_changePassword</string> - </list> + <tuple/> </value> </item> <item> diff --git a/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/scripts/Person_changePassword.xml b/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/scripts/Person_changePassword.xml index 2d65720ce816e61beed6569093c7df1c6ce0ba4d..a65e2d961286bac0988499fb1ac1bdbe81c9577d 100644 --- a/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/scripts/Person_changePassword.xml +++ b/bt5/erp5_authentication_policy/WorkflowTemplateItem/portal_workflow/password_interaction_workflow/scripts/Person_changePassword.xml @@ -62,11 +62,11 @@ if number_of_last_password_to_check is not None and number_of_last_password_to_c person.setLastPasswordModificationDate(DateTime())\n old_password_list = person.getLastChangedPasswordValueList()\n current_password = person.getPassword()\n - if current_password is not None:\n + if current_password is not None and current_password not in old_password_list:\n # we care only if password is set\n old_password_list.append(current_password)\n - person.setLastChangedPasswordValueList(old_password_list)\n - #context.log(\'%s %s %s\' %(person.getPassword(), person.getLastPasswordModificationDate(), old_password_list))\n + person.setLastChangedPasswordValueList(old_password_list)\n + context.log(\'%s %s %s\' %(person.getPassword(), person.getLastPasswordModificationDate(), old_password_list))\n </string> </value> </item> <item> diff --git a/bt5/erp5_authentication_policy/bt/revision b/bt5/erp5_authentication_policy/bt/revision index c7930257dfef505fd996e1d6f22f2f35149990d0..301160a93062df23030a69f4b5e4d9bf71866ee9 100644 --- a/bt5/erp5_authentication_policy/bt/revision +++ b/bt5/erp5_authentication_policy/bt/revision @@ -1 +1 @@ -7 \ No newline at end of file +8 \ No newline at end of file