from OFS.SimpleItem import SimpleItem from zope.interface import implements from Globals import Persistent, InitializeClass from AccessControl import ClassSecurityInfo, getSecurityManager from config import perm_edit from interfaces import IUser, iMDPortal from utils import getLanguage, translate class User(Persistent, SimpleItem): """ user object """ implements(IUser) meta_type = "User" security = ClassSecurityInfo() def __init__(self, _id): self.id = _id self._firstname = '' self._lastname = '' self._email = '' SimpleItem.__init__(self) def getUsername(self): return self.id def getEmail(self): return self._email def setEmail(self, e): self._email = e def getFullName(self): f = self.getFirstName() l = self.getLastName() if not f and not l: return self.getId() return f+' '+l def getFirstName(self): return self._firstname def setFirstName(self, f): self._firstname = f def getLastName(self): return self._lastname def setLastName(self, s): self._lastname = s security.declareProtected(perm_edit, 'changeProfile') def changeProfile(self, REQUEST, firstname, lastname, email, chgProfile # button ): """ change user profile information """ self.setFirstName(firstname) self.setLastName(lastname) self.setEmail(email) return REQUEST.RESPONSE.redirect('desktop.html') security.declareProtected(perm_edit, 'changePassword') def changePassword(self, REQUEST, currentpassword, newpassword, renewpassword): """ change user's password """ al = self.restrictedTraverse('../../alert.html') al.setNext(self.absolute_url()+'/profile.html') # see if all fields are filled in if not currentpassword or not newpassword or newpassword != renewpassword: ms = 'Passwords do not match!' al.setMessage(translate(self, ms, getLanguage(REQUEST))) return al() # first search a user from acl_users currUser = getSecurityManager().getUser() if str(currUser) != self.getId(): # someone changing password on behalf of user? # TODO: do some role checking here? pass users = self.acl_users.searchUsers(id=self.getId()) if len(users) != 1: ms = 'System error. Cannot change password' al.setMessage(translate(self, ms, getLanguage(REQUEST))) return al() # found user. try authenticating first u = users[0] um = getattr(self.acl_users, u.get('pluginid')) if um.authenticateCredentials({'login': self.getId(), 'password': currentpassword}) is None: ms = 'changing_pass_wrong_current' al.setMessage(translate(self, ms, getLanguage(REQUEST))) return al() # TODO: check authenticateCredentials return value to see if it matches current user's id? # all done, change password um.updateUserPassword(self.getId(), newpassword) # not updating when current user does not match current user object if str(currUser) != self.getId(): um.updateCredentials(REQUEST, REQUEST.RESPONSE, self.getId(), newpassword) ms = 'user_changes_password_success' al.setMessage(translate(self, ms, getLanguage(REQUEST))) al.setColor('green') al.setNext(self.absolute_url()+'/desktop.html') return al() InitializeClass(User)