set new email rego user password to random string

Author: Richard Jones

roundup/cgi/client.py

@@ -1,4 +1,4 @@
-# $Id: client.py,v 1.112 2003-04-10 04:32:46 richard Exp $
+# $Id: client.py,v 1.113 2003-04-10 05:12:41 richard Exp $
 
 __doc__ = """
 WWW request handler (also used in the stand-alone server).
@@ -31,6 +31,8 @@ class  NotModified(HTTPException):
 # this var must contain a file to write the mail to
 SENDMAILDEBUG = os.environ.get('SENDMAILDEBUG', '')
 
+# used by a couple of routines
+chars = string.letters+string.digits
 
 # XXX actually _use_ FormError
 class FormError(ValueError):
@@ -694,7 +696,6 @@ def logout_action(self):
         # Let the user know what's going on
         self.ok_message.append(_('You are logged out'))
 
-    chars = string.letters+string.digits
     def registerAction(self):
         '''Attempt to create a new user based on the contents of the form
         and then set the cookie.
@@ -721,7 +722,7 @@ def registerAction(self):
             pass
 
         # generate the one-time-key and store the props for later
-        otk = ''.join([random.choice(self.chars) for x in range(32)])
+        otk = ''.join([random.choice(chars) for x in range(32)])
         for propname, proptype in self.db.user.getprops().items():
             value = props.get(propname, None)
             if value is None:
@@ -885,7 +886,7 @@ def passResetAction(self):
                 self.opendb('admin')
 
             # change the password
-            newpw = ''.join([random.choice(self.chars) for x in range(8)])
+            newpw = password.generatePassword()
 
             cl = self.db.user
 # XXX we need to make the "default" page be able to display errors!
@@ -939,7 +940,7 @@ def passResetAction(self):
             return
 
         # generate the one-time-key and store the props for later
-        otk = ''.join([random.choice(self.chars) for x in range(32)])
+        otk = ''.join([random.choice(chars) for x in range(32)])
         self.db.otks.set(otk, uid=uid, __time=time.time())
 
         # send the email

roundup/mailgw.py

@@ -73,15 +73,14 @@ class node. Any parts of other types are each stored in separate files
 an exception, the original message is bounced back to the sender with the
 explanatory message given in the exception. 
 
-$Id: mailgw.py,v 1.113 2003-03-24 02:54:35 richard Exp $
+$Id: mailgw.py,v 1.114 2003-04-10 05:12:41 richard Exp $
 '''
 
 import string, re, os, mimetools, cStringIO, smtplib, socket, binascii, quopri
 import time, random, sys
 import traceback, MimeWriter, rfc822
-import hyperdb, date, password
 
-import rfc2822
+from roundup import hyperdb, date, password, rfc2822
 
 SENDMAILDEBUG = os.environ.get('SENDMAILDEBUG', '')
 
@@ -1026,6 +1025,7 @@ def uidFromAddress(db, address, create=1, **user_props):
     if create:
         return db.user.create(username=address, address=address,
             realname=realname, roles=db.config.NEW_EMAIL_USER_ROLES,
+            password=password.Password(password.generatePassword()),
             **user_props)
     else:
         return 0

roundup/password.py

@@ -15,13 +15,13 @@
 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
 # 
-# $Id: password.py,v 1.8 2002-12-18 23:57:09 richard Exp $
+# $Id: password.py,v 1.9 2003-04-10 05:12:41 richard Exp $
 
 __doc__ = """
 Password handling (encoding, decoding).
 """
 
-import sha, re, string
+import sha, re, string, random
 try:
     import crypt
 except:
@@ -48,6 +48,10 @@ def encodePassword(plaintext, scheme, other=None):
         raise ValueError, 'Unknown encryption scheme "%s"'%scheme
     return s
 
+def generatePassword(length=8):
+    chars = string.letters+string.digits
+    return ''.join([random.choice(chars) for x in range(length)])
+
 class Password:
     '''The class encapsulates a Password property type value in the database. 
 

roundup/templates/classic/dbinit.py

@@ -15,7 +15,7 @@
 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
 # 
-# $Id: dbinit.py,v 1.33 2003-01-27 16:40:37 kedder Exp $
+# $Id: dbinit.py,v 1.34 2003-04-10 05:12:42 richard Exp $
 
 import os
 
@@ -96,20 +96,23 @@ def open(name=None):
     #
     # SECURITY SETTINGS
     #
-    # new permissions for this schema
+    # See the configuration and customisation document for information
+    # about security setup.
+    # Add new Permissions for this schema
     for cl in 'issue', 'file', 'msg', 'user', 'query', 'keyword':
         db.security.addPermission(name="Edit", klass=cl,
             description="User is allowed to edit "+cl)
         db.security.addPermission(name="View", klass=cl,
             description="User is allowed to access "+cl)
 
-    # Assign the access and edit permissions for issue, file and message
+    # Assign the access and edit Permissions for issue, file and message
     # to regular users now
     for cl in 'issue', 'file', 'msg', 'query', 'keyword':
         p = db.security.getPermission('View', cl)
         db.security.addPermissionToRole('User', p)
         p = db.security.getPermission('Edit', cl)
         db.security.addPermissionToRole('User', p)
+
     # and give the regular users access to the web and email interface
     p = db.security.getPermission('Web Access')
     db.security.addPermissionToRole('User', p)

roundup/templates/classic/html/style.css

@@ -7,10 +7,6 @@ a[href]:hover { color:blue; text-decoration: underline; }
 a[href]:link { color:blue; text-decoration: none; }
 a[href] { color:blue; text-decoration: none; }
 
-a.classhelp:hover { font-weight: bold; }
-a.classhelp:link { font-weight: bold; }
-a.classhelp { font-weight: bold; }
-
 table.body {
   border: 0;
   padding: 0;