Add new preference which allows site admin to control

password generation (either system sets it(default) or system generates
a Credential Recovery process which allows user set it through one time
active link)

bt5/erp5_credential/PropertySheetTemplateItem/portal_property_sheets/CredentialPreference.xml

@@ -30,7 +30,7 @@
         </item>
         <item>
             <key> <string>last_id</string> </key>
-            <value> <string>3</string> </value>
+            <value> <string>4</string> </value>
         </item>
         <item>
             <key> <string>portal_type</string> </key>

bt5/erp5_credential/PropertySheetTemplateItem/portal_property_sheets/CredentialPreference/preferred_system_generate_password_property.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Standard Property" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>categories</string> </key>
+            <value>
+              <tuple>
+                <string>elementary_type/boolean</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value> <string>If checked system will automatically generate password else user will be allowed to set it through a Credential Recovery.</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>preferred_system_generate_password_property</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Standard Property</string> </value>
+        </item>
+        <item>
+            <key> <string>preference</string> </key>
+            <value> <int>1</int> </value>
+        </item>
+        <item>
+            <key> <string>property_default</string> </key>
+            <value> <string>python: True</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createPersonAndAssignment.xml

@@ -50,15 +50,20 @@
         </item>
         <item>
             <key> <string>_body</string> </key>
-            <value> <string>"""For a credential request as context, we set the related person informations,\n
-the assignments of the person and send notificaiton email\n
-Proxy:\n
-Auditor -- allow to get credential request informations"""\n
+            <value> <string>"""\n
+  For a credential request as context, we set the related person informations,\n
+  the assignments of the person and send notificaiton email\n
+  Proxy:\n
+  Auditor -- allow to get credential request informations\n
+"""\n
 \n
 # check the script is not called from a url\n
 if REQUEST is not None:\n
   return None\n
 \n
+portal = context.getPortalObject()\n
+portal_preferences = context.portal_preferences\n
+\n
 # XXX by default we don\'t want to automatically create/update organisation\n
 # Someone should confirm this informations before creating the organisation\n
 #if context.getOrganisationTitle():\n
@@ -83,8 +88,10 @@ login, password = context.CredentialRequest_createUser()\n
 # Update Local Roles\n
 context.CredentialRequest_updateLocalRolesOnSecurityGroups()\n
 \n
-# Send notification in activities\n
-context.activate(activity=\'SQLQueue\').CredentialRequest_sendAcceptedNotification(login, password)\n
+if portal_preferences.isPreferredSystemGeneratePassword():\n
+  # Send notification in activities only if we already generated and set password\n
+  # else a Credential Recovery process will take care\n
+  context.activate(activity=\'SQLQueue\').CredentialRequest_sendAcceptedNotification(login, password)\n
 </string> </value>
         </item>
         <item>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_createUser.xml

@@ -50,13 +50,18 @@
         </item>
         <item>
             <key> <string>_body</string> </key>
-            <value> <string>"""Set reference and password to create a user. Create a global user if SSO enable.\n
-Proxy:\n
-Manager -- allow to set password on all account"""\n
+            <value> <string>"""\n
+  Set reference and password to create a user. Create a global user if SSO enable.\n
+  Proxy:\n
+  Manager -- allow to set password on all account\n
+"""\n
+\n
 #Don\'t allow to call from url\n
 if REQUEST:\n
   raise ValueError, "You can not call this script from the url"\n
 \n
+portal = context.getPortalObject()\n
+portal_preferences = context.portal_preferences\n
 person = context.getDestinationDecisionValue(portal_type="Person")\n
 \n
 # Create user of the person only if not exist\n
@@ -80,9 +85,20 @@ if not person.getPassword():\n
     password = context.getPassword()\n
     person.setEncodedPassword(password)\n
   else:\n
-    #We should generate a password\n
-    password = context.Person_generatePassword(alpha=5, numeric=3)\n
-    person.setPassword(password)\n
+    if not portal_preferences.isPreferredSystemGeneratePassword():\n
+      # user will set it trough a credential recovery process\n
+      password = None\n
+      module = portal.getDefaultModule(portal_type=\'Credential Recovery\')\n
+      credential_recovery = module.newContent(\n
+                portal_type="Credential Recovery",\n
+                reference=login,\n
+                destination_decision=person.getRelativeUrl(),\n
+                language=portal.Localizer.get_selected_language())\n
+      credential_recovery.submit()\n
+    else:\n
+      # system should generate a password\n
+      password = context.Person_generatePassword(alpha=5, numeric=3)\n
+      person.setPassword(password)\n
 \n
   # create a global account\n
   if context.ERP5Site_isSingleSignOnEnable():\n
@@ -95,7 +111,7 @@ else:\n
     #Check assignment for the current instance\n
     person.Person_validateGlobalUserAccount()\n
 \n
-if password.startswith(\'{SSHA}\'):\n
+if password is not None and password.startswith(\'{SSHA}\'):\n
   #password is encoded, set it to None to script witch send the password to user\n
   password = None\n
 \n

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/CredentialRequest_sendAcceptedNotification.xml

@@ -50,13 +50,15 @@
         </item>
         <item>
             <key> <string>_body</string> </key>
-            <value> <string>"""Send an email after accept a credential request\n
-Proxy: Assignee, Assignor, Member -- allow to send notification by mail\n
+            <value> <string>"""\n
+  Send an email after accept a credential request\n
+  Proxy: Assignee, Assignor, Member -- allow to send notification by mail\n
 \n
-Example of notification message:\n
- Congratulation, the creation of you new Instance Name account \'${login_name}\' is finished.\\nYour password is \'${login_password}\'\\nThank you"))\n
- Congratulation, the creation of you new Instance Name account \'${user_id}\' is finished.\\n\\nThank you",\n
+  Example of notification message:\n
+    Congratulation, the creation of you new Instance Name account \'${login_name}\' is finished.\\nYour password is \'${login_password}\'\\nThank you"))\n
+    Congratulation, the creation of you new Instance Name account \'${user_id}\' is finished.\\n\\nThank you",\n
 """\n
+\n
 portal = context.getPortalObject()\n
 recipient = context.getDestinationDecisionValue(portal_type="Person")\n
 \n

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/ERP5Site_newCredentialRecovery.xml

@@ -50,11 +50,12 @@
         </item>
         <item>
             <key> <string>_body</string> </key>
-            <value> <string>\'\'\'\n
+            <value> <string>"""\n
   This script is used to create the new credential recovery\n
   Proxy : Manager proxy role is required to make possible for \n
 anonymous to create a new Credential Recovery\n
-\'\'\'\n
+"""\n
+\n
 def createCredentialRecovery(**kw):\n
   module = portal.getDefaultModule(portal_type=\'Credential Recovery\')\n
   credential_recovery = module.newContent(\n

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/SystemPreference_viewCredential.xml

@@ -112,6 +112,7 @@
                       <list>
                         <string>my_preferred_ask_credential_question</string>
                         <string>my_preferred_email_verification_check</string>
+                        <string>my_preferred_system_generate_password</string>
                       </list>
                     </value>
                 </item>

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/SystemPreference_viewCredential/my_preferred_system_generate_password.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>delegated_list</string> </key>
+            <value>
+              <list>
+                <string>title</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>my_preferred_system_generate_password</string> </value>
+        </item>
+        <item>
+            <key> <string>message_values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>external_validator_failed</string> </key>
+                    <value> <string>The input failed the external validator.</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>overrides</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>target</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>tales</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>target</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string>my_checkbox</string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string>Base_viewFieldLibrary</string> </value>
+                </item>
+                <item>
+                    <key> <string>target</string> </key>
+                    <value> <string>Click to edit the target</string> </value>
+                </item>
+                <item>
+                    <key> <string>title</string> </key>
+                    <value> <string>System Generate Password</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_credential/bt/revision

-380
+381
\ No newline at end of file