Back to index

moin  1.9.0~rc2
newaccount.py
Go to the documentation of this file.
00001 # -*- coding: iso-8859-1 -*-
00002 """
00003     MoinMoin - create account action
00004 
00005     @copyright: 2007 MoinMoin:JohannesBerg
00006     @license: GNU GPL, see COPYING for details.
00007 """
00008 
00009 from MoinMoin import user, wikiutil
00010 from MoinMoin.Page import Page
00011 from MoinMoin.widget import html
00012 from MoinMoin.security.textcha import TextCha
00013 from MoinMoin.auth import MoinAuth
00014 
00015 
00016 def _create_user(request):
00017     _ = request.getText
00018     form = request.form
00019 
00020     if request.method != 'POST':
00021         return
00022 
00023     if not TextCha(request).check_answer_from_form():
00024         return _('TextCha: Wrong answer! Go back and try again...')
00025 
00026     # Create user profile
00027     theuser = user.User(request, auth_method="new-user")
00028 
00029     # Require non-empty name
00030     try:
00031         theuser.name = form['name']
00032     except KeyError:
00033         return _("Empty user name. Please enter a user name.")
00034 
00035     # Don't allow creating users with invalid names
00036     if not user.isValidName(request, theuser.name):
00037         return _("""Invalid user name {{{'%s'}}}.
00038 Name may contain any Unicode alpha numeric character, with optional one
00039 space between words. Group page name is not allowed.""", wiki=True) % wikiutil.escape(theuser.name)
00040 
00041     # Name required to be unique. Check if name belong to another user.
00042     if user.getUserId(request, theuser.name):
00043         return _("This user name already belongs to somebody else.")
00044 
00045     # try to get the password and pw repeat
00046     password = form.get('password1', '')
00047     password2 = form.get('password2', '')
00048 
00049     # Check if password is given and matches with password repeat
00050     if password != password2:
00051         return _("Passwords don't match!")
00052     if not password:
00053         return _("Please specify a password!")
00054 
00055     pw_checker = request.cfg.password_checker
00056     if pw_checker:
00057         pw_error = pw_checker(request, theuser.name, password)
00058         if pw_error:
00059             return _("Password not acceptable: %s") % pw_error
00060 
00061     # Encode password
00062     if password and not password.startswith('{SHA}'):
00063         try:
00064             theuser.enc_password = user.encodePassword(password)
00065         except UnicodeError, err:
00066             # Should never happen
00067             return "Can't encode password: %s" % str(err)
00068 
00069     # try to get the email, for new users it is required
00070     email = wikiutil.clean_input(form.get('email', ''))
00071     theuser.email = email.strip()
00072     if not theuser.email and 'email' not in request.cfg.user_form_remove:
00073         return _("Please provide your email address. If you lose your"
00074                  " login information, you can get it by email.")
00075 
00076     # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py
00077     if theuser.email and request.cfg.user_email_unique:
00078         if user.get_by_email_address(request, theuser.email):
00079             return _("This email already belongs to somebody else.")
00080 
00081     # save data
00082     theuser.save()
00083 
00084     result = _("User account created! You can use this account to login now...")
00085     return result
00086 
00087 
00088 def _create_form(request):
00089     _ = request.getText
00090     url = request.page.url(request)
00091     ret = html.FORM(action=url)
00092     ret.append(html.INPUT(type='hidden', name='action', value='newaccount'))
00093     lang_attr = request.theme.ui_lang_attr()
00094     ret.append(html.Raw('<div class="userpref"%s>' % lang_attr))
00095     tbl = html.TABLE(border="0")
00096     ret.append(tbl)
00097     ret.append(html.Raw('</div>'))
00098 
00099     row = html.TR()
00100     tbl.append(row)
00101     row.append(html.TD().append(html.STRONG().append(
00102                                   html.Text(_("Name")))))
00103     cell = html.TD()
00104     row.append(cell)
00105     cell.append(html.INPUT(type="text", size="36", name="name"))
00106     cell.append(html.Text(' ' + _("(Use FirstnameLastname)")))
00107 
00108     row = html.TR()
00109     tbl.append(row)
00110     row.append(html.TD().append(html.STRONG().append(
00111                                   html.Text(_("Password")))))
00112     row.append(html.TD().append(html.INPUT(type="password", size="36",
00113                                            name="password1")))
00114 
00115     row = html.TR()
00116     tbl.append(row)
00117     row.append(html.TD().append(html.STRONG().append(
00118                                   html.Text(_("Password repeat")))))
00119     row.append(html.TD().append(html.INPUT(type="password", size="36",
00120                                            name="password2")))
00121 
00122     row = html.TR()
00123     tbl.append(row)
00124     row.append(html.TD().append(html.STRONG().append(html.Text(_("Email")))))
00125     row.append(html.TD().append(html.INPUT(type="text", size="36",
00126                                            name="email")))
00127 
00128     textcha = TextCha(request)
00129     if textcha.is_enabled():
00130         row = html.TR()
00131         tbl.append(row)
00132         row.append(html.TD().append(html.STRONG().append(
00133                                       html.Text(_('TextCha (required)')))))
00134         td = html.TD()
00135         if textcha:
00136             td.append(textcha.render())
00137         row.append(td)
00138 
00139     row = html.TR()
00140     tbl.append(row)
00141     row.append(html.TD())
00142     td = html.TD()
00143     row.append(td)
00144     td.append(html.INPUT(type="submit", name="create",
00145                          value=_('Create Profile')))
00146 
00147     return unicode(ret)
00148 
00149 def execute(pagename, request):
00150     found = False
00151     for auth in request.cfg.auth:
00152         if isinstance(auth, MoinAuth):
00153             found = True
00154             break
00155 
00156     if not found:
00157         # we will not have linked, so forbid access
00158         request.makeForbidden(403, 'No MoinAuth in auth list')
00159         return
00160 
00161     page = Page(request, pagename)
00162     _ = request.getText
00163     form = request.form
00164 
00165     submitted = form.has_key('create')
00166 
00167     if submitted: # user pressed create button
00168         request.theme.add_msg(_create_user(request), "dialog")
00169         return page.send_page()
00170     else: # show create form
00171         request.theme.send_title(_("Create Account"), pagename=pagename)
00172 
00173         request.write(request.formatter.startContent("content"))
00174 
00175         # THIS IS A BIG HACK. IT NEEDS TO BE CLEANED UP
00176         request.write(_create_form(request))
00177 
00178         request.write(request.formatter.endContent())
00179 
00180         request.theme.send_footer(pagename)
00181         request.theme.send_closing_html()
00182