Skip to content

erp5
erp5
Commit 6442a049 authored by Rafael Monnerat's avatar Rafael Monnerat
Browse files
Options

Change the way Person_getDataDict is invoked. This prevents any information... 

Change the way Person_getDataDict is invoked. This prevents any information leak. Send user email also, this is required when user decides to reset their own password from Auth. Server.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@40136 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 1b8bd13f
Hide whitespace changes
Inline Side-by-side
Showing with 30 additions and 18 deletions
bt5/erp5_wizard/SkinTemplateItem/portal_skins/erp5_wizard/Person_createNewGlobalUserAccount.xml
View file @ 6442a049
...@@ -54,12 +54,14 @@ ...@@ -54,12 +54,14 @@
\n \n
if person is None:\n if person is None:\n
person = context\n person = context\n
kw = person.Person_getDataDict()\n \n
kw = context.Person_getDataDict(person=person)\n
kw[\'password\'] = password\n kw[\'password\'] = password\n
\n \n
# explicitly check if username is unique\n # explicitly check if username is unique\n
if portal.Base_validatePersonReference(kw[\'reference\'], context.REQUEST):\n if portal.Base_validatePersonReference(kw[\'reference\'], context.REQUEST):\n
# create user in Authentification Server\n # create user in Authentification Server\n
kw[\'start_assignment\'] = len(person.Person_getAvailableAssignmentValueList())\n
portal.portal_wizard.callRemoteProxyMethod(\n portal.portal_wizard.callRemoteProxyMethod(\n
\'WitchTool_createNewGlobalUserAccountFromExpressInstance\', \\\n \'WitchTool_createNewGlobalUserAccountFromExpressInstance\', \\\n
use_cache = 0, \\\n use_cache = 0, \\\n
...@@ -119,6 +121,7 @@ else:\n ...@@ -119,6 +121,7 @@ else:\n
<string>None</string> <string>None</string>
<string>_write_</string> <string>_write_</string>
<string>_getitem_</string> <string>_getitem_</string>
<string>len</string>
<string>_apply_</string> <string>_apply_</string>
<string>ValueError</string> <string>ValueError</string>
</tuple> </tuple>
......
bt5/erp5_wizard/SkinTemplateItem/portal_skins/erp5_wizard/Person_getDataDict.xml
View file @ 6442a049
...@@ -50,13 +50,10 @@ ...@@ -50,13 +50,10 @@
</item> </item>
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>if person is None:\n <value> <string>return {\'reference\': person.getReference(),\n
person = context\n
\n
kw = {\'reference\': person.getReference(),\n
\'validation_state\': person.getValidationState(),\n \'validation_state\': person.getValidationState(),\n
\'email\': person.getDefaultEmailText(),\n
\'erp5_uid\': context.ERP5Site_getExpressInstanceUid()}\n \'erp5_uid\': context.ERP5Site_getExpressInstanceUid()}\n
return kw\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
...@@ -102,10 +99,8 @@ return kw\n ...@@ -102,10 +99,8 @@ return kw\n
<value> <value>
<tuple> <tuple>
<string>person</string> <string>person</string>
<string>None</string>
<string>context</string>
<string>_getattr_</string> <string>_getattr_</string>
<string>kw</string> <string>context</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
bt5/erp5_wizard/SkinTemplateItem/portal_skins/erp5_wizard/Person_invalidateGlobalUserAccount.xml
View file @ 6442a049
...@@ -60,15 +60,20 @@ if person is None:\n ...@@ -60,15 +60,20 @@ if person is None:\n
person = context\n person = context\n
\n \n
reference = person.getReference()\n reference = person.getReference()\n
if reference is not None and \\\n assignment_len = len(person.Person_getAvailableAssignmentValueList())\n
len(person.Person_getAvailableAssignmentValueList()) == 0:\n if reference is not None and assignment_len == 0:\n
# invalidate user in Authentification Server only if its a loggable user in current instance\n # invalidate user in Authentification Server only if \n
kw = person.Person_getDataDict()\n # its a loggable user in current instance\n
kw = context.Person_getDataDict(person=person)\n
context.portal_wizard.callRemoteProxyMethod(\n context.portal_wizard.callRemoteProxyMethod(\n
\'WitchTool_invalidateGlobalUserAccountFromExpressInstance\', \\\n \'WitchTool_invalidateGlobalUserAccountFromExpressInstance\', \\\n
use_cache = 0, \\\n use_cache = 0, \\\n
ignore_exceptions = 0, \\\n ignore_exceptions = 0, \\\n
**kw)\n **kw)\n
else:\n
log("Unable to invalidate remote global account for "\\\n
"%s (reference=%s , len(assignment_list)=%s)" % (person.getRelativeUrl(), \n
reference, assignment_len))\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
...@@ -118,7 +123,9 @@ if reference is not None and \\\n ...@@ -118,7 +123,9 @@ if reference is not None and \\\n
<string>_getattr_</string> <string>_getattr_</string>
<string>reference</string> <string>reference</string>
<string>len</string> <string>len</string>
<string>assignment_len</string>
<string>_apply_</string> <string>_apply_</string>
<string>log</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
bt5/erp5_wizard/SkinTemplateItem/portal_skins/erp5_wizard/Person_synchroniseExistingAccountWithInstance.xml
View file @ 6442a049
...@@ -55,7 +55,7 @@ ...@@ -55,7 +55,7 @@
if person is None:\n if person is None:\n
person = context\n person = context\n
\n \n
kw = person.Person_getDataDict()\n kw = context.Person_getDataDict(person=person)\n
\n \n
# explicitly check if username is unique\n # explicitly check if username is unique\n
if portal.WizardTool_isPersonReferencePresent(kw[\'reference\']):\n if portal.WizardTool_isPersonReferencePresent(kw[\'reference\']):\n
......
bt5/erp5_wizard/SkinTemplateItem/portal_skins/erp5_wizard/Person_validateGlobalUserAccount.xml
View file @ 6442a049
...@@ -58,20 +58,24 @@ ...@@ -58,20 +58,24 @@
Only validate remote person/assigments if person \n Only validate remote person/assigments if person \n
has reference and valid assigments. \n has reference and valid assigments. \n
"""\n """\n
\n from Products.ERP5Type.Log import log\n
if person is None:\n if person is None:\n
person = context\n person = context\n
\n \n
reference = person.getReference()\n reference = person.getReference()\n
if reference is not None and \\\n assignment_len = len(person.Person_getAvailableAssignmentValueList())\n
len(person.Person_getAvailableAssignmentValueList()) > 0:\n if reference is not None and assignment_len > 0:\n
# validate user in Nexedi ERP5 only if its a loggable user in current instance\n # validate user in Nexedi ERP5 only if its a loggable user in current instance\n
kw = person.Person_getDataDict()\n kw = context.Person_getDataDict(person=person)\n
context.portal_wizard.callRemoteProxyMethod(\n context.portal_wizard.callRemoteProxyMethod(\n
\'WitchTool_validateGlobalUserAccountFromExpressInstance\', \\\n \'WitchTool_validateGlobalUserAccountFromExpressInstance\', \\\n
use_cache = 0, \\\n use_cache = 0, \\\n
ignore_exceptions = 0, \\\n ignore_exceptions = 0, \\\n
**kw)\n **kw)\n
else:\n
log("Unable to validate remote global account for "\\\n
"%s (reference=%s , len(assignment_list)=%s)" % (person.getRelativeUrl(), \n
reference, assignment_len))\n
]]></string> </value> ]]></string> </value>
...@@ -118,11 +122,14 @@ if reference is not None and \\\n ...@@ -118,11 +122,14 @@ if reference is not None and \\\n
<tuple> <tuple>
<string>person</string> <string>person</string>
<string>kw</string> <string>kw</string>
<string>Products.ERP5Type.Log</string>
<string>log</string>
<string>None</string> <string>None</string>
<string>context</string> <string>context</string>
<string>_getattr_</string> <string>_getattr_</string>
<string>reference</string> <string>reference</string>
<string>len</string> <string>len</string>
<string>assignment_len</string>
<string>_apply_</string> <string>_apply_</string>
</tuple> </tuple>
</value> </value>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7