Permalink
Browse files

Item14506: Implement RESTchangeEmail

REST script for changing email addresses.
  • Loading branch information...
1 parent 81de4e2 commit 28d3b40ebaced534dd8cc2c2b1f17fda1b90c77d @gac410 gac410 committed Oct 13, 2017
@@ -1,4 +1,4 @@
-%META:TOPICINFO{author="ProjectContributor" date="1434484983" format="1.1" version="1"}%
+%META:TOPICINFO{author="ProjectContributor" date="1507866190" format="1.1" version="1"}%
%META:TOPICPARENT{name="UserToolsCategory"}%
---+ %MAKETEXT{"Change E-mail Address"}%
Change registered email address
@@ -23,7 +23,7 @@ Change registered email address
%MAKETEXT{"*Administrators:* You can change user's e-mail address using this form. Enter the users [[[_1]][username]] or [[[_1]][WikiName]] and the new e-mail address." args="%SYSTEMWEB%.UserName, %SYSTEMWEB%.WikiName"}%
"}%
-<form name="manage" action="%SCRIPTURLPATH{"manage"}%/%WEB%/%TOPIC%" method="post">
+<form name="changeEmail" action="%SCRIPTURLPATH{"rest"}%/PasswordManagementPlugin/changeEmail" method="post">
<div class="foswikiFormSteps">
<div class="foswikiFormStep">
*%MAKETEXT{"After submitting this form your e-mail will be changed, and you will be returned to this form."}%*
@@ -35,7 +35,7 @@ Change registered email address
%TABLE{databg="transparent" tableborder="0" tablerules="none"}%
| | %MAKETEXT{"Fields marked [_1] are required" args="=<span class='foswikiAlert'>*</span>="}% |
| %IF{"$USERNAME ingroup 'AdminGroup'" then="%MAKETEXT{"[[[_1]][username]]:" args="%SYSTEMWEB%.UserName"}%" else="%MAKETEXT{"Your [[[_1]][username]]:" args="%SYSTEMWEB%.UserName"}%"}% | <input type="text" name="username" value="%URLPARAM{"username" default="%USERNAME%"}%" size="40" class="foswikiInputField" /> =<span class="foswikiAlert">*</span>= |%IF{"$USERNAME ingroup 'AdminGroup'" else="
-| %MAKETEXT{"Password:"}% | <input %NOTMODIFYABLE% type=\"password\" name=\"oldpassword\" value=\"%URLPARAM{oldpassword}%\" size=\"40\" class=\"foswikiInputField\" /> =<span class=\"foswikiAlert\">*</span>= |"}%
+| %MAKETEXT{"Password:"}% | <input %NOTMODIFYABLE% type=\"password\" name=\"password\" value=\"%URLPARAM{password}%\" size=\"40\" class=\"foswikiInputField\" /> =<span class=\"foswikiAlert\">*</span>= |"}%
| %MAKETEXT{"New e-mails (space-separated list):"}% | <input type="text" name="email" size="40" class="foswikiInputField" /> =<span class="foswikiAlert">*</span>= |
</div>
<div class="foswikiFormStep foswikiLast">
@@ -19,9 +19,10 @@ package Foswiki::Plugins::PasswordManagementPlugin;
use strict;
use warnings;
-our $VERSION = '1.01';
-our $RELEASE = '02 Oct 2017';
-our $SHORTDESCRIPTION = '=REST= interface for managing User passwords and Emails.';
+our $VERSION = '1.01';
+our $RELEASE = '02 Oct 2017';
+our $SHORTDESCRIPTION =
+ '=REST= interface for managing User passwords and Emails.';
our $NO_PREFS_IN_TOPIC = 1;
use Assert;
@@ -43,7 +44,7 @@ sub initPlugin {
Foswiki::Func::registerRESTHandler(
'resetPassword', \&_RESTresetPassword,
- validate => $Foswiki::cfg{Validation}{Method} eq 'none' ? 0 : 1,
+ validate => $Foswiki::cfg{Validation}{Method} eq 'none' ? 0 : 1,
authenticate => 0,
http_allow => 'POST',
description => 'Generate a Passord reset token and email to the user.',
@@ -58,7 +59,7 @@ sub initPlugin {
);
Foswiki::Func::registerRESTHandler(
- 'changeEmail', \&_RESTchangegEmail,
+ 'changeEmail', \&_RESTchangeEmail,
authenticate => 1,
validate => $Foswiki::cfg{Validation}{Method} eq 'none' ? 0 : 1,
http_allow => 'POST',
@@ -82,10 +83,10 @@ Generate a reset for a user's passord
sub _RESTresetPassword {
require Foswiki::Plugins::PasswordManagementPlugin::Core;
- return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTresetPassword(@_);
+ return
+ Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTresetPassword(@_);
}
-
=begin TML
---++ =sub _RESTchangePassword=
@@ -99,10 +100,10 @@ Generate a reset for a user's passord
sub _RESTchangePassword {
require Foswiki::Plugins::PasswordManagementPlugin::Core;
- return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangePassword(@_);
+ return
+ Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangePassword(@_);
}
-
=begin TML
---++ =sub _RESTchangeEmail=
@@ -116,10 +117,10 @@ Generate a reset for a user's passord
sub _RESTchangeEmail {
require Foswiki::Plugins::PasswordManagementPlugin::Core;
- return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangeEmail(@_);
+ return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangeEmail(
+ @_);
}
-
=pod
---++ Invocation examples
@@ -46,8 +46,8 @@ sub _RESTresetPassword {
unless ( $Foswiki::cfg{EnableEmail} ) {
throw Foswiki::OopsException(
'password',
- topic => $Foswiki::cfg{HomeTopicName},
- def => 'email_disabled',
+ topic => $Foswiki::cfg{HomeTopicName},
+ def => 'email_disabled',
);
}
@@ -74,10 +74,8 @@ sub _RESTresetPassword {
my $cuidList = $users->findUserByEmail($userName);
if ( scalar @$cuidList > 1 ) {
- throw Foswiki::OopsException(
- 'password',
- def => 'non_unique_email',
- );
+ throw Foswiki::OopsException( 'password',
+ def => 'non_unique_email', );
}
else {
$userName = @$cuidList[0];
@@ -364,6 +362,134 @@ sub _sendEmail {
return $results;
}
+=begin TML
+
+---++ StaticMethod _RESTchangeEmail( $session )
+
+Change the user's email. Details of the user and password
+are passed in CGI parameters.
+
+=cut
+
+sub _RESTchangeEmail {
+ my $session = shift;
+
+ my $topic = $session->{topicName};
+ my $webName = $session->{webName};
+ my $query = $session->{request};
+ my $requestUser = $session->{user};
+
+ my $login = $query->param('username');
+ my $password = $query->param('password');
+ my $email = $query->param('email');
+
+ if ( $login eq $Foswiki::cfg{AdminUserLogin}
+ || $login eq $Foswiki::cfg{AdminUserWikiName} )
+ {
+ throw Foswiki::OopsException(
+ 'password',
+ web => $webName,
+ topic => $topic,
+ def => 'not_admin',
+ );
+ }
+
+ if ( !$session->inContext('passwords_modifyable') ) {
+ throw Foswiki::OopsException(
+ 'password',
+ web => $session->{webName},
+ topic => $session->{topicName},
+ def => 'passwords_disabled'
+ );
+ }
+
+ my $users = $session->{users}; # Get the Foswiki::Users object
+
+ my $user = Foswiki::Func::getCanonicalUserID($login);
+ unless ( $user && $session->{users}->userExists($user) ) {
+ throw Foswiki::OopEexception(
+ 'password',
+ status => 200,
+ topic => $Foswiki::cfg{hometopicname},
+ def => 'not_a_user',
+ params => [$user],
+ );
+ }
+
+ unless ( defined $password || $users->isAdmin($requestUser) ) {
+ throw Foswiki::OopsException(
+ 'password',
+ web => $webName,
+ topic => $topic,
+ def => 'missing_fields',
+ params => ['password']
+ );
+ }
+
+ unless ( $users->isAdmin($requestUser)
+ && !length($password) )
+ {
+ unless ( $users->checkPassword( $login, $password ) ) {
+ throw Foswiki::OopsException(
+ 'password',
+ web => $webName,
+ topic => $topic,
+ def => 'wrong_password'
+ );
+ }
+ }
+
+ my $cUID = $users->getCanonicalUserID($login);
+
+ # Determine that the cUID exists.
+ unless ( defined $cUID ) {
+ throw Foswiki::OopsException(
+ 'password',
+ web => $webName,
+ topic => $topic,
+ def => 'not_a_user',
+ params => [$login]
+ );
+ }
+
+ # check valid email addresses - space between each
+ if ( defined $email
+ && $email !~ /($Foswiki::regex{emailAddrRegex}\s*)+/ )
+ {
+ throw Foswiki::OopsException(
+ 'password',
+ web => $webName,
+ topic => $topic,
+ def => 'bad_email',
+ params => [$email]
+ );
+ }
+
+ if ( defined $email ) {
+
+ my $oldEmails = join( ', ', $users->getEmails($cUID) );
+ my $return = $users->setEmails( $cUID, split( /\s+/, $email ) );
+ $session->logger->log(
+ {
+ level => 'info',
+ action => 'changepasswd',
+ webTopic => $webName . '.' . $topic,
+ extra => "from $oldEmails to $email for $login",
+ }
+ );
+ }
+
+ # must be just email
+ throw Foswiki::OopsException(
+ 'password',
+ status => 200,
+ web => $webName,
+ topic => $topic,
+ def => 'email_changed',
+ params => [ $email, Foswiki::Func::getWikiUserName($login) ]
+ );
+}
+
1;
__END__
@@ -1,3 +1,4 @@
+data/System/ChangeEmailAddress.txt 0664
data/System/ChangePassword.txt 0664
data/System/PasswordManagementPlugin.txt 0664
data/System/ResetPassword.txt 0664

0 comments on commit 28d3b40

Please sign in to comment.