From 89b8e31c659f43f3aec0ee75dec92fbfac16e237 Mon Sep 17 00:00:00 2001
From: Ivan Tyagov <ivan@nexedi.com>
Date: Wed, 27 Jul 2011 14:58:14 +0300
Subject: [PATCH] Notify password expire event and leave implementation (if
 any) to respective iLoginAccountProvider implementation class.

---
 product/ERP5Security/ERP5UserManager.py | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/product/ERP5Security/ERP5UserManager.py b/product/ERP5Security/ERP5UserManager.py
index 93bcb33206..eb491b5843 100644
--- a/product/ERP5Security/ERP5UserManager.py
+++ b/product/ERP5Security/ERP5UserManager.py
@@ -150,7 +150,7 @@ class ERP5UserManager(BasePlugin):
                        assignment.getStopDate() < login_date:
                   continue
                 valid_assignment_list.append(assignment)
-                
+
               if pw_validate(user.getPassword(), password) and \
                      len(valid_assignment_list) and user \
                      .getValidationState() != 'deleted': #user.getCareerRole() == 'internal':
@@ -187,9 +187,14 @@ class ERP5UserManager(BasePlugin):
           # file a failed authentication attempt
           user.notifyLoginFailure()
           return None
-          
-        # check if user account is blocked and if password is expired or not
-        if user.isLoginBlocked() or user.isPasswordExpired(): 
+        
+        # check if password is expired
+        if user.isPasswordExpired():
+          user.notifyPasswordExpire()
+          return None
+        
+        # check if user account is blocked
+        if user.isLoginBlocked():
           return None
         
         return authentication_result
-- 
2.30.9