Item14506: Implement RESTchangeEmail

REST script for changing email addresses.
foswiki · Oct 13, 2017 · 28d3b40 · 28d3b40
1 parent 81de4e2
commit 28d3b40
Show file tree

Hide file tree

Showing 4 changed files with 148 additions and 20 deletions.
diff --git a/...ontrib/data/System/ChangeEmailAddress.txt → ...Plugin/data/System/ChangeEmailAddress.txt b/...ontrib/data/System/ChangeEmailAddress.txt → ...Plugin/data/System/ChangeEmailAddress.txt
@@ -1,4 +1,4 @@
-%META:TOPICINFO{author="ProjectContributor" date="1434484983" format="1.1" version="1"}%
+%META:TOPICINFO{author="ProjectContributor" date="1507866190" format="1.1" version="1"}%
 %META:TOPICPARENT{name="UserToolsCategory"}%
 ---+ %MAKETEXT{"Change E-mail Address"}%
 Change registered email address
@@ -23,7 +23,7 @@ Change registered email address
 %MAKETEXT{"*Administrators:* You can change user's e-mail address using this form. Enter the users [[[_1]][username]] or [[[_1]][WikiName]] and the new e-mail address." args="%SYSTEMWEB%.UserName, %SYSTEMWEB%.WikiName"}%
 "}%
 
-<form name="manage" action="%SCRIPTURLPATH{"manage"}%/%WEB%/%TOPIC%" method="post">
+<form name="changeEmail" action="%SCRIPTURLPATH{"rest"}%/PasswordManagementPlugin/changeEmail" method="post">
 <div class="foswikiFormSteps">
 <div class="foswikiFormStep">
 *%MAKETEXT{"After submitting this form your e-mail will be changed, and you will be returned to this form."}%*
@@ -35,7 +35,7 @@ Change registered email address
 %TABLE{databg="transparent" tableborder="0" tablerules="none"}%
 | | %MAKETEXT{"Fields marked [_1] are required" args="=<span class='foswikiAlert'>*</span>="}% |
 |  %IF{"$USERNAME ingroup 'AdminGroup'" then="%MAKETEXT{"[[[_1]][username]]:" args="%SYSTEMWEB%.UserName"}%" else="%MAKETEXT{"Your [[[_1]][username]]:" args="%SYSTEMWEB%.UserName"}%"}% | <input type="text" name="username" value="%URLPARAM{"username" default="%USERNAME%"}%" size="40" class="foswikiInputField" /> =<span class="foswikiAlert">*</span>= |%IF{"$USERNAME ingroup 'AdminGroup'" else="
-|  %MAKETEXT{"Password:"}% | <input %NOTMODIFYABLE% type=\"password\" name=\"oldpassword\" value=\"%URLPARAM{oldpassword}%\" size=\"40\" class=\"foswikiInputField\" /> =<span class=\"foswikiAlert\">*</span>= |"}%
+|  %MAKETEXT{"Password:"}% | <input %NOTMODIFYABLE% type=\"password\" name=\"password\" value=\"%URLPARAM{password}%\" size=\"40\" class=\"foswikiInputField\" /> =<span class=\"foswikiAlert\">*</span>= |"}%
 |  %MAKETEXT{"New e-mails (space-separated list):"}% | <input type="text" name="email" size="40" class="foswikiInputField" /> =<span class="foswikiAlert">*</span>= |
 </div>
 <div class="foswikiFormStep foswikiLast">

diff --git a/PasswordManagementPlugin/lib/Foswiki/Plugins/PasswordManagementPlugin.pm b/PasswordManagementPlugin/lib/Foswiki/Plugins/PasswordManagementPlugin.pm
@@ -19,9 +19,10 @@ package Foswiki::Plugins::PasswordManagementPlugin;
 use strict;
 use warnings;
 
-our $VERSION           = '1.01';
-our $RELEASE           = '02 Oct 2017';
-our $SHORTDESCRIPTION  = '=REST= interface for managing User passwords and Emails.';
+our $VERSION = '1.01';
+our $RELEASE = '02 Oct 2017';
+our $SHORTDESCRIPTION =
+  '=REST= interface for managing User passwords and Emails.';
 our $NO_PREFS_IN_TOPIC = 1;
 
 use Assert;
@@ -43,7 +44,7 @@ sub initPlugin {
 
     Foswiki::Func::registerRESTHandler(
         'resetPassword', \&_RESTresetPassword,
-        validate     => $Foswiki::cfg{Validation}{Method} eq 'none' ? 0 : 1,
+        validate => $Foswiki::cfg{Validation}{Method} eq 'none' ? 0 : 1,
         authenticate => 0,
         http_allow   => 'POST',
         description  => 'Generate a Passord reset token and email to the user.',
@@ -58,7 +59,7 @@ sub initPlugin {
     );
 
     Foswiki::Func::registerRESTHandler(
-        'changeEmail', \&_RESTchangegEmail,
+        'changeEmail', \&_RESTchangeEmail,
         authenticate => 1,
         validate     => $Foswiki::cfg{Validation}{Method} eq 'none' ? 0 : 1,
         http_allow   => 'POST',
@@ -82,10 +83,10 @@ Generate a reset for a user's passord
 
 sub _RESTresetPassword {
     require Foswiki::Plugins::PasswordManagementPlugin::Core;
-    return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTresetPassword(@_);
+    return
+      Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTresetPassword(@_);
 }
 
-
 =begin TML
 
 ---++ =sub _RESTchangePassword=
@@ -99,10 +100,10 @@ Generate a reset for a user's passord
 
 sub _RESTchangePassword {
     require Foswiki::Plugins::PasswordManagementPlugin::Core;
-    return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangePassword(@_);
+    return
+      Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangePassword(@_);
 }
 
-
 =begin TML
 
 ---++ =sub _RESTchangeEmail=
@@ -116,10 +117,10 @@ Generate a reset for a user's passord
 
 sub _RESTchangeEmail {
     require Foswiki::Plugins::PasswordManagementPlugin::Core;
-    return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangeEmail(@_);
+    return Foswiki::Plugins::PasswordManagementPlugin::Core::_RESTchangeEmail(
+        @_);
 }
 
-
 =pod
 
 ---++ Invocation examples

diff --git a/PasswordManagementPlugin/lib/Foswiki/Plugins/PasswordManagementPlugin/Core.pm b/PasswordManagementPlugin/lib/Foswiki/Plugins/PasswordManagementPlugin/Core.pm
@@ -46,8 +46,8 @@ sub _RESTresetPassword {
     unless ( $Foswiki::cfg{EnableEmail} ) {
         throw Foswiki::OopsException(
             'password',
-            topic  => $Foswiki::cfg{HomeTopicName},
-            def    => 'email_disabled',
+            topic => $Foswiki::cfg{HomeTopicName},
+            def   => 'email_disabled',
         );
     }
 
@@ -74,10 +74,8 @@ sub _RESTresetPassword {
         my $cuidList = $users->findUserByEmail($userName);
 
         if ( scalar @$cuidList > 1 ) {
-            throw Foswiki::OopsException(
-                'password',
-                def   => 'non_unique_email',
-            );
+            throw Foswiki::OopsException( 'password',
+                def => 'non_unique_email', );
         }
         else {
             $userName = @$cuidList[0];
@@ -364,6 +362,134 @@ sub _sendEmail {
     return $results;
 }
 
+=begin TML
+
+---++ StaticMethod _RESTchangeEmail( $session )
+
+Change the user's email. Details of the user and password
+are passed in CGI parameters.
+
+=cut
+
+sub _RESTchangeEmail {
+    my $session = shift;
+
+    my $topic       = $session->{topicName};
+    my $webName     = $session->{webName};
+    my $query       = $session->{request};
+    my $requestUser = $session->{user};
+
+    my $login    = $query->param('username');
+    my $password = $query->param('password');
+    my $email    = $query->param('email');
+
+    if (   $login eq $Foswiki::cfg{AdminUserLogin}
+        || $login eq $Foswiki::cfg{AdminUserWikiName} )
+    {
+        throw Foswiki::OopsException(
+            'password',
+            web   => $webName,
+            topic => $topic,
+            def   => 'not_admin',
+        );
+    }
+
+    if ( !$session->inContext('passwords_modifyable') ) {
+        throw Foswiki::OopsException(
+            'password',
+            web   => $session->{webName},
+            topic => $session->{topicName},
+            def   => 'passwords_disabled'
+        );
+    }
+
+    my $users = $session->{users};    # Get the Foswiki::Users object
+
+    my $user = Foswiki::Func::getCanonicalUserID($login);
+    unless ( $user && $session->{users}->userExists($user) ) {
+        throw Foswiki::OopEexception(
+            'password',
+            status => 200,
+            topic  => $Foswiki::cfg{hometopicname},
+            def    => 'not_a_user',
+            params => [$user],
+        );
+    }
+
+    unless ( defined $password || $users->isAdmin($requestUser) ) {
+        throw Foswiki::OopsException(
+            'password',
+            web    => $webName,
+            topic  => $topic,
+            def    => 'missing_fields',
+            params => ['password']
+        );
+    }
+
+    unless ( $users->isAdmin($requestUser)
+        && !length($password) )
+    {
+        unless ( $users->checkPassword( $login, $password ) ) {
+            throw Foswiki::OopsException(
+                'password',
+                web   => $webName,
+                topic => $topic,
+                def   => 'wrong_password'
+            );
+        }
+    }
+
+    my $cUID = $users->getCanonicalUserID($login);
+
+    # Determine that the cUID exists.
+    unless ( defined $cUID ) {
+        throw Foswiki::OopsException(
+            'password',
+            web    => $webName,
+            topic  => $topic,
+            def    => 'not_a_user',
+            params => [$login]
+        );
+    }
+
+    # check valid email addresses - space between each
+    if ( defined $email
+        && $email !~ /($Foswiki::regex{emailAddrRegex}\s*)+/ )
+    {
+        throw Foswiki::OopsException(
+            'password',
+            web    => $webName,
+            topic  => $topic,
+            def    => 'bad_email',
+            params => [$email]
+        );
+    }
+
+    if ( defined $email ) {
+
+        my $oldEmails = join( ', ', $users->getEmails($cUID) );
+        my $return = $users->setEmails( $cUID, split( /\s+/, $email ) );
+        $session->logger->log(
+            {
+                level    => 'info',
+                action   => 'changepasswd',
+                webTopic => $webName . '.' . $topic,
+                extra    => "from $oldEmails to $email for $login",
+            }
+        );
+    }
+
+    # must be just email
+    throw Foswiki::OopsException(
+        'password',
+        status => 200,
+        web    => $webName,
+        topic  => $topic,
+        def    => 'email_changed',
+        params => [ $email, Foswiki::Func::getWikiUserName($login) ]
+    );
+}
+
 1;
 
 __END__

diff --git a/PasswordManagementPlugin/lib/Foswiki/Plugins/PasswordManagementPlugin/MANIFEST b/PasswordManagementPlugin/lib/Foswiki/Plugins/PasswordManagementPlugin/MANIFEST
@@ -1,3 +1,4 @@
+data/System/ChangeEmailAddress.txt 0664
 data/System/ChangePassword.txt 0664
 data/System/PasswordManagementPlugin.txt 0664
 data/System/ResetPassword.txt 0664