From: richard Date: Sun, 15 Sep 2002 22:41:15 +0000 (+0000) Subject: . password edit now has a confirmation field X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=12a4d1f7f0e4922bae11222edee94e66d987e59e;p=roundup.git . password edit now has a confirmation field . registration error punts back to register page git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1168 57a73879-2fb5-44c3-a270-3262357dd7e2 --- diff --git a/CHANGES.txt b/CHANGES.txt index db67d44..adbc1e2 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -4,6 +4,9 @@ are given with the most recent entry first. 2002-09-?? 0.5.0 ???? . handling of None for Date/Interval/Password values in export/import . handling of journal values in export/import + . password edit now has a confirmation field + . registration error punts back to register page + 2002-09-13 0.5.0 beta2 . all backends now have a .close() method, and it's used everywhere diff --git a/TODO.txt b/TODO.txt index 9f5eaee..917c33d 100644 --- a/TODO.txt +++ b/TODO.txt @@ -53,10 +53,6 @@ pending web rewritten documentation (can come after the beta though so customisation doc pending web allow multilink selections to select a "none" element to allow people with broken browsers to select nothing? -pending web password edit fields should always appear in pairs - for - confirmation -pending web write a _generic.item -pending dist include the HTML in docs bug web request.url is incorrect in cgi-bin environments bug web do something about file.newitem diff --git a/doc/customizing.txt b/doc/customizing.txt index 96d3229..e6c8b1e 100644 --- a/doc/customizing.txt +++ b/doc/customizing.txt @@ -2,7 +2,7 @@ Customising Roundup =================== -:Version: $Revision: 1.34 $ +:Version: $Revision: 1.35 $ .. This document borrows from the ZopeBook section on ZPT. The original is at: http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx @@ -951,9 +951,9 @@ _value the value of the property if any There are several methods available on these wrapper objects: -=========== ============================================================= +=========== ================================================================= Method Description -=========== ============================================================= +=========== ================================================================= plain render a "plain" representation of the property field render a form edit field for the property stext only on String properties - render the value of the @@ -963,6 +963,9 @@ multiline only on String properties - render a multiline form edit field for the property email only on String properties - render the value of the property as an obscured email address +confirm only on Password properties - render a second form edit field for + the property, used for confirmation that the user typed the + password correctly. Generates a field with name "name:confirm". reldate only on Date properties - render the interval between the date and now pretty only on Interval properties - render the interval in a @@ -971,7 +974,7 @@ menu only on Link and Multilink properties - render a form select list for this property reverse only on Multilink properties - produce a list of the linked items in reverse order -=========== ============================================================= +=========== ================================================================= The request variable ~~~~~~~~~~~~~~~~~~~~ @@ -982,9 +985,9 @@ The request variable is packed with information about the current request. .. taken from roundup.cgi.templating.HTMLRequest docstring -=========== ================================================================ +=========== ================================================================= Variable Holds -=========== ================================================================ +=========== ================================================================= form the CGI form as a cgi.FieldStorage env the CGI environment variables url the current URL path for this request @@ -993,13 +996,13 @@ user a HTMLUser instance for this user classname the current classname (possibly None) template the current template (suffix, also possibly None) form the current CGI form variables in a FieldStorage -=========== ================================================================ +=========== ================================================================= **Index page specific variables (indexing arguments)** -=========== ================================================================ +=========== ================================================================= Variable Holds -=========== ================================================================ +=========== ================================================================= columns dictionary of the columns to display in an index page show a convenience access to columns - request/show/colname will be true if the columns should be displayed, false otherwise @@ -1008,13 +1011,13 @@ group index grouping property (direction, column name) filter properties to filter the index on filterspec values to filter the index on search_text text to perform a full-text search on for an index -=========== ================================================================ +=========== ================================================================= There are several methods available on the request variable: -=============== ============================================================ +=============== ============================================================= Method Description -=============== ============================================================ +=============== ============================================================= description render a description of the request - handle for the page title indexargs_form render the current index args as form elements @@ -1024,7 +1027,7 @@ base_javascript render some javascript that is used by other components of batch run the current index args through a filter and return a list of items (see `hyperdb item wrapper`_, and `batching`_) -=============== ============================================================ +=============== ============================================================= The form variable ::::::::::::::::: @@ -1067,11 +1070,11 @@ The util variable Note: this is implemented by the roundup.cgi.templating.TemplatingUtils class. -=============== ============================================================ +=============== ============================================================= Method Description -=============== ============================================================ +=============== ============================================================= Batch return a batch object using the supplied list -=============== ============================================================ +=============== ============================================================= Batching :::::::: diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py index 4275c87..9bb6ab5 100644 --- a/roundup/cgi/client.py +++ b/roundup/cgi/client.py @@ -1,4 +1,4 @@ -# $Id: client.py,v 1.32 2002-09-13 00:08:44 richard Exp $ +# $Id: client.py,v 1.33 2002-09-15 22:41:15 richard Exp $ __doc__ = """ WWW request handler (also used in the stand-alone server). @@ -596,6 +596,7 @@ class Client: self.db.commit() except ValueError, message: self.error_message.append(message) + return # log the new user in self.user = cl.get(self.userid, 'username') @@ -1134,6 +1135,14 @@ def parsePropsFromForm(db, cl, form, nodeid=0, num_re=re.compile('^\d+$')): if not value: # ignore empty password values continue + if not form.has_key('%s:confirm'%key): + raise ValueError, 'Password and confirmation text do not match' + confirm = form['%s:confirm'%key] + if isinstance(confirm, type([])): + raise ValueError, 'You have submitted more than one value'\ + ' for the %s property'%key + if value != confirm.value: + raise ValueError, 'Password and confirmation text do not match' value = password.Password(value) elif isinstance(proptype, hyperdb.Date): if value: diff --git a/roundup/cgi/templating.py b/roundup/cgi/templating.py index 2425f68..baa60c3 100644 --- a/roundup/cgi/templating.py +++ b/roundup/cgi/templating.py @@ -767,10 +767,18 @@ class PasswordHTMLProperty(HTMLProperty): return _('*encrypted*') def field(self, size = 30): - ''' Render a form edit field for the property + ''' Render a form edit field for the property. ''' return ''%(self._name, size) + def confirm(self, size = 30): + ''' Render a second form edit field for the property, used for + confirmation that the user typed the password correctly. Generates + a field with name "name:confirm". + ''' + return ''%( + self._name, size) + class NumberHTMLProperty(HTMLProperty): def plain(self): ''' Render a "plain" representation of the property diff --git a/roundup/templates/classic/html/user.item b/roundup/templates/classic/html/user.item index bee5ca1..ac5046e 100644 --- a/roundup/templates/classic/html/user.item +++ b/roundup/templates/classic/html/user.item @@ -21,6 +21,10 @@ You are not allowed to view this page. Login Password password + + Confirm Password + password + Roles
+ + + + @@ -22,6 +26,10 @@ You are not allowed to view this page. + + + +
Login Password password
Confirm Passwordpassword
Roles