![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 16e8a82)
raw | patch | inline | side by side (parent: 16e8a82)
| author | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Thu, 10 Apr 2003 05:12:42 +0000 (05:12 +0000) | ||
| committer | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Thu, 10 Apr 2003 05:12:42 +0000 (05:12 +0000) |
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1655 57a73879-2fb5-44c3-a270-3262357dd7e2
diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index ffeca51e51b51a34de3e7511828f792e26e61a46..3c59776b5b6d5d7d01484ead40fc89be1966087e 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
-# $Id: client.py,v 1.112 2003-04-10 04:32:46 richard Exp $
+# $Id: client.py,v 1.113 2003-04-10 05:12:41 richard Exp $
__doc__ = """
WWW request handler (also used in the stand-alone server).
# this var must contain a file to write the mail to
SENDMAILDEBUG = os.environ.get('SENDMAILDEBUG', '')
+# used by a couple of routines
+chars = string.letters+string.digits
# XXX actually _use_ FormError
class FormError(ValueError):
# Let the user know what's going on
self.ok_message.append(_('You are logged out'))
- chars = string.letters+string.digits
def registerAction(self):
'''Attempt to create a new user based on the contents of the form
and then set the cookie.
pass
# generate the one-time-key and store the props for later
- otk = ''.join([random.choice(self.chars) for x in range(32)])
+ otk = ''.join([random.choice(chars) for x in range(32)])
for propname, proptype in self.db.user.getprops().items():
value = props.get(propname, None)
if value is None:
self.opendb('admin')
# change the password
- newpw = ''.join([random.choice(self.chars) for x in range(8)])
+ newpw = password.generatePassword()
cl = self.db.user
# XXX we need to make the "default" page be able to display errors!
return
# generate the one-time-key and store the props for later
- otk = ''.join([random.choice(self.chars) for x in range(32)])
+ otk = ''.join([random.choice(chars) for x in range(32)])
self.db.otks.set(otk, uid=uid, __time=time.time())
# send the email
diff --git a/roundup/mailgw.py b/roundup/mailgw.py
index 94594de1a938d88703409e2c841be2f9998ba8c5..468a3b7f2f25cfbd2add7fdf6d4325da176da930 100644 (file)
--- a/roundup/mailgw.py
+++ b/roundup/mailgw.py
an exception, the original message is bounced back to the sender with the
explanatory message given in the exception.
-$Id: mailgw.py,v 1.113 2003-03-24 02:54:35 richard Exp $
+$Id: mailgw.py,v 1.114 2003-04-10 05:12:41 richard Exp $
'''
import string, re, os, mimetools, cStringIO, smtplib, socket, binascii, quopri
import time, random, sys
import traceback, MimeWriter, rfc822
-import hyperdb, date, password
-import rfc2822
+from roundup import hyperdb, date, password, rfc2822
SENDMAILDEBUG = os.environ.get('SENDMAILDEBUG', '')
if create:
return db.user.create(username=address, address=address,
realname=realname, roles=db.config.NEW_EMAIL_USER_ROLES,
+ password=password.Password(password.generatePassword()),
**user_props)
else:
return 0
diff --git a/roundup/password.py b/roundup/password.py
index 8400f67a1bfc59c7a980aa6d6ff6a89a32153b9d..a2f01f52c4c71e569f5b877f3f419c46a3272a03 100644 (file)
--- a/roundup/password.py
+++ b/roundup/password.py
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: password.py,v 1.8 2002-12-18 23:57:09 richard Exp $
+# $Id: password.py,v 1.9 2003-04-10 05:12:41 richard Exp $
__doc__ = """
Password handling (encoding, decoding).
"""
-import sha, re, string
+import sha, re, string, random
try:
import crypt
except:
raise ValueError, 'Unknown encryption scheme "%s"'%scheme
return s
+def generatePassword(length=8):
+ chars = string.letters+string.digits
+ return ''.join([random.choice(chars) for x in range(length)])
+
class Password:
'''The class encapsulates a Password property type value in the database.
index 4be969b1dde4681d3f8c85742e79ad70b779e33c..0bd0bf3399ec4b03c36cb15cccf32816320c4e9e 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: dbinit.py,v 1.33 2003-01-27 16:40:37 kedder Exp $
+# $Id: dbinit.py,v 1.34 2003-04-10 05:12:42 richard Exp $
import os
#
# SECURITY SETTINGS
#
- # new permissions for this schema
+ # See the configuration and customisation document for information
+ # about security setup.
+ # Add new Permissions for this schema
for cl in 'issue', 'file', 'msg', 'user', 'query', 'keyword':
db.security.addPermission(name="Edit", klass=cl,
description="User is allowed to edit "+cl)
db.security.addPermission(name="View", klass=cl,
description="User is allowed to access "+cl)
- # Assign the access and edit permissions for issue, file and message
+ # Assign the access and edit Permissions for issue, file and message
# to regular users now
for cl in 'issue', 'file', 'msg', 'query', 'keyword':
p = db.security.getPermission('View', cl)
db.security.addPermissionToRole('User', p)
p = db.security.getPermission('Edit', cl)
db.security.addPermissionToRole('User', p)
+
# and give the regular users access to the web and email interface
p = db.security.getPermission('Web Access')
db.security.addPermissionToRole('User', p)
index 3360fe0175c238dba55a37df9a56f498dbc77faf..da5c4c60a2b030296157e73ac3d7c3b1e898794f 100644 (file)
a[href]:link { color:blue; text-decoration: none; }
a[href] { color:blue; text-decoration: none; }
-a.classhelp:hover { font-weight: bold; }
-a.classhelp:link { font-weight: bold; }
-a.classhelp { font-weight: bold; }
-
table.body {
border: 0;
padding: 0;