oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

change to www_ methods everywhere

Browse source
This commit is contained in:
Doug Bell 2010-11-03 18:02:49 -05:00
parent 26853527a0
commit 5a2d4d8d03
7 changed files with 1165 additions and 1096 deletions
Download patch file Download diff file Expand all files Collapse all files

1040
lib/WebGUI/Auth.pm
View file

File diff suppressed because it is too large Load diff

6
lib/WebGUI/Auth/Facebook.pm
View file

@ -223,13 +223,13 @@ sub www_callback {
if ( $userId ) {
my $user = WebGUI::User->new( $session, $userId );
$self->user( $user );
return $self->login;
return $self->SUPER::www_login;
}
# Otherwise see if their screen name exists and create a user
elsif ( !WebGUI::User->newByUsername( $session, $fbuser->{name}) ) {
my $user = $self->createFacebookUser( $fbuser );
$self->user( $user );
return $self->login;
return $self->SUPER::www_login;
}
# Otherwise ask them for a new username to use
@ -267,7 +267,7 @@ sub www_setUsername {
if ( !WebGUI::User->newByUsername( $session, $fbuser->{name} ) ) {
my $user = $self->createFacebookUser( $fbuser );
$self->user( $user );
return $self->login;
return $self->www_login;
}
# Username is again taken! Noooooo!

521
lib/WebGUI/Auth/LDAP.pm
View file

@ -245,208 +245,6 @@ sub connectToLDAP {
#-------------------------------------------------------------------
=head2 createAccount ( message, confirm )
Show the form to create a new LDAP account relationship
=cut
sub createAccount {
my $self = shift;
my $message = shift;
my $confirm = shift || $self->session->form->process("confirm");
my $vars;
if ($self->session->user->isRegistered) {
return $self->displayAccount;
}
elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('inboxInviteUserEnabled')) {
return $self->displayLogin;
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
$self->session->log->error('Unable to create LDAP account as there is no LDAP connection defined');
return $self->displayLogin;
}
$vars->{'create.message'} = $message if ($message);
my $i18n = WebGUI::International->new($self->session,"AuthLDAP");
$vars->{'create.form.ldapConnection.label'} = $i18n->get("ldapConnection");
my $url = $self->session->url->page("op=auth;method=createAccount;connection=");
$vars->{'create.form.ldapConnection'} = WebGUI::Form::selectBox($self->session, {
name=>"ldapConnection",
options=>WebGUI::LDAPLink->getList($self->session,),
value=>[$connection->{ldapLinkId}],
extras=>qq|onchange="location.href='$url'+this.options[this.selectedIndex].value"|
});
my $ldapId = $self->session->form->process("authLDAP_ldapId");
$vars->{'create.form.ldapId'} = WebGUI::Form::text($self->session,{
name =>"authLDAP_ldapId",
value =>$ldapId,
extras => $self->getExtrasStyle($ldapId)
});
$vars->{'create.form.ldapId.label'} = $connection->{ldapIdentityName};
my $ldapPwd = $self->session->form->process("authLDAP_identifier");
$vars->{'create.form.password'} = WebGUI::Form::password($self->session,{
"name"=>"authLDAP_identifier",
"value"=> $ldapPwd,
extras => $self->getExtrasStyle($ldapPwd)
});
$vars->{'create.form.password.label'} = $connection->{ldapPasswordName};
$vars->{'create.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"confirm","value"=>$confirm});
return $self->SUPER::createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
=head2 createAccountSave ( )
Process the form to create a new LDAP account relationship
=cut
sub createAccountSave {
my $self = shift;
my $username = $self->session->form->process('authLDAP_ldapId');
my $password = $self->session->form->process('authLDAP_identifier');
my $error = "";
my $i18n = WebGUI::International->new($self->session);
#Validate user in LDAP
if(!$self->_isValidLDAPUser()){
return $self->createAccount("<h1>".$i18n->get(70)."</h1>".$self->error);
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->createAccount("<h1>".$i18n->get('no ldap link for auth')."</h1>".$self->error);
}
#Get connectDN from settings
my $uri = URI->new($connection->{ldapUrl});
my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme));
my $auth;
if($connection->{connectDn}) {
$auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier});
}
else{
$auth = $ldap->bind;
}
#$ldap->bind;
my $search = $ldap->search (base => $uri->dn, filter=>$connection->{ldapIdentity}."=".$username);
my $connectDN = "";
if (defined $search->entry(0)) {
if ($connection->{ldapUserRDN} eq 'dn') {
$connectDN = $search->entry(0)->dn;
}
else {
$connectDN = $search->entry(0)->get_value($connection->{ldapUserRDN});
}
}
$ldap->unbind;
#Check that username is valid and not a duplicate in the system.
$error .= $self->error if(!$self->validUsername($username));
#Validate profile data.
my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData($self->session);
$error .= $temp;
return $self->createAccount("<li>".$error."</li1>") unless ($error eq "");
#If Email address is not unique, a warning is displayed
if($warning ne "" && !$self->session->form->process("confirm")){
return $self->createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
my $properties;
$properties->{connectDN} = $connectDN;
$properties->{ldapUrl} = $connection->{ldapUrl};
$properties->{ldapConnection} = $connection->{ldapLinkId};
return $self->SUPER::createAccountSave($username,$properties,$password,$profile);
}
#-------------------------------------------------------------------
=head2 deactivateAccount ( )
Show the confirmation form to deactivate the user's account
=cut
sub deactivateAccount {
my $self = shift;
return $self->displayLogin if($self->userId eq '1');
return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
=head2 deactivateAccountConfirm ( )
Confirm the user is deactivating their account.
=cut
sub deactivateAccountConfirm {
my $self = shift;
return $self->displayLogin unless ($self->session->setting->get("selfDeactivation"));
return $self->SUPER::deactivateAccountConfirm;
}
#-------------------------------------------------------------------
=head2 displayAccount ( message )
Display the account details.
=cut
sub displayAccount {
my $self = shift;
my $vars;
return $self->displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
$vars->{displayTitle} = '<h1>'.$i18n->get(61).'</h1>';
$vars->{'account.message'} = $i18n->get(856);
if($self->session->setting->get("useKarma")){
$vars->{'account.form.karma'} = $self->session->user->profileField("karma");
$vars->{'account.form.karma.label'} = $i18n->get(537);
}
########### ACCOUNT SHUNT
#The following is a shunt which allows the displayAccount page to be displayed in the
#Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
#If the account system is calling this method, just return the template
my $op = $self->session->form->get("op");
if($op eq "account") {
return $output;
}
#Otherwise wrap the template into the account layout
my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
return $instance->displayContent($output,1);
}
#-------------------------------------------------------------------
=head2 displayLogin ( message )
Web-facing method to display the login form.
=cut
sub displayLogin {
my $self = shift;
my $vars;
return $self->displayAccount($_[0]) if ($self->isRegistered);
$vars->{'login.message'} = $_[0] if ($_[0]);
return $self->SUPER::displayLogin("login",$vars);
}
#-------------------------------------------------------------------
=head2 editUserForm ( )
Creates user form elements specific to this Auth Method.
@ -677,60 +475,6 @@ sub getLoginTemplateId {
#-------------------------------------------------------------------
=head2 login ( )
Process the login form. Create a new account if auto registration is enabled.
=cut
sub login {
my $self = shift;
my $i18n = WebGUI::International->new($self->session);
my $username = $self->session->form->process("username");
my $identifier = $self->session->form->process("identifier");
my $autoRegistration = $self->session->setting->get("automaticLDAPRegistration");
my $hasAuthenticated = 0;
$hasAuthenticated = 1 if ( $self->authenticate($username,$identifier) );
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->displayLogin("<h1>".$i18n->get('no ldap logins')."</h1>".$self->error);
}
# Autoregistration is on and they didn't authenticate yet
if ($autoRegistration && !$hasAuthenticated) {
# See if they are in LDAP and if so that they can bind with the password given.
if($self->_isValidLDAPUser()) {
# Create a WebGUI Account
if ($self->validUsername($username)) {
$self->SUPER::createAccountSave($username, {
connectDN => $self->getConnectDN,
ldapUrl => $connection->{ldapUrl},
ldapConnection => $connection->{ldapLinkId},
},$identifier);
$hasAuthenticated = 1;
# Pull the users profile from LDAP to WebGUI
WebGUI::Workflow::Instance->create($self->session, {
workflowId=>'AuthLDAPworkflow000001',
methodName=>"new",
className=>"WebGUI::User",
parameters=>$self->session->user->userId,
priority=>3
})->start;
}
}
}
return $self->SUPER::login() if $hasAuthenticated; #Standard login routine for login
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
return $self->displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
}
#-------------------------------------------------------------------
=head2 new ( session, userId )
Create a new Auth instance. C<userId> is the ID of the user to be authenticated.
@ -742,14 +486,6 @@ sub new {
my $session = shift;
my $userId = shift;
my $self = $class->SUPER::new($session,$userId);
$self->setCallable([
'createAccount','deactivateAccount','displayAccount','displayLogin',
'login','logout','createAccountSave','deactivateAccountConfirm',
]);
#my $connection = $session->scratch->get("ldapConnection") || $session->setting->get("ldapConnection");
#my $ldaplink = WebGUI::LDAPLink->new($session,$connection);
#$self->{_connection} = $ldaplink->get if $ldaplink;
my $i18n = WebGUI::International->new($session, "AuthLDAP");
my %ldapStatusCode = map { $_ => $i18n->get("LDAPLink_".$_) }
(0..21, 32,33,34,36, 48..54, 64..71, 80);
@ -783,5 +519,262 @@ sub setConnectDN {
$self->{_connectDN} = $_[0];
}
#-------------------------------------------------------------------
=head2 www_createAccount ( message, confirm )
Show the form to create a new LDAP account relationship
=cut
sub www_createAccount {
my $self = shift;
my $message = shift;
my $confirm = shift || $self->session->form->process("confirm");
my $vars;
if ($self->session->user->isRegistered) {
return $self->www_displayAccount;
}
elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('inboxInviteUserEnabled')) {
return $self->www_displayLogin;
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
$self->session->log->error('Unable to create LDAP account as there is no LDAP connection defined');
return $self->www_displayLogin;
}
$vars->{'create.message'} = $message if ($message);
my $i18n = WebGUI::International->new($self->session,"AuthLDAP");
$vars->{'create.form.ldapConnection.label'} = $i18n->get("ldapConnection");
my $url = $self->session->url->page("op=auth;method=createAccount;connection=");
$vars->{'create.form.ldapConnection'} = WebGUI::Form::selectBox($self->session, {
name=>"ldapConnection",
options=>WebGUI::LDAPLink->getList($self->session,),
value=>[$connection->{ldapLinkId}],
extras=>qq|onchange="location.href='$url'+this.options[this.selectedIndex].value"|
});
my $ldapId = $self->session->form->process("authLDAP_ldapId");
$vars->{'create.form.ldapId'} = WebGUI::Form::text($self->session,{
name =>"authLDAP_ldapId",
value =>$ldapId,
extras => $self->getExtrasStyle($ldapId)
});
$vars->{'create.form.ldapId.label'} = $connection->{ldapIdentityName};
my $ldapPwd = $self->session->form->process("authLDAP_identifier");
$vars->{'create.form.password'} = WebGUI::Form::password($self->session,{
"name"=>"authLDAP_identifier",
"value"=> $ldapPwd,
extras => $self->getExtrasStyle($ldapPwd)
});
$vars->{'create.form.password.label'} = $connection->{ldapPasswordName};
$vars->{'create.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"confirm","value"=>$confirm});
return $self->SUPER::www_createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
=head2 www_createAccountSave ( )
Process the form to create a new LDAP account relationship
=cut
sub www_createAccountSave {
my $self = shift;
my $username = $self->session->form->process('authLDAP_ldapId');
my $password = $self->session->form->process('authLDAP_identifier');
my $error = "";
my $i18n = WebGUI::International->new($self->session);
#Validate user in LDAP
if(!$self->_isValidLDAPUser()){
return $self->www_createAccount("<h1>".$i18n->get(70)."</h1>".$self->error);
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->www_createAccount("<h1>".$i18n->get('no ldap link for auth')."</h1>".$self->error);
}
#Get connectDN from settings
my $uri = URI->new($connection->{ldapUrl});
my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme));
my $auth;
if($connection->{connectDn}) {
$auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier});
}
else{
$auth = $ldap->bind;
}
#$ldap->bind;
my $search = $ldap->search (base => $uri->dn, filter=>$connection->{ldapIdentity}."=".$username);
my $connectDN = "";
if (defined $search->entry(0)) {
if ($connection->{ldapUserRDN} eq 'dn') {
$connectDN = $search->entry(0)->dn;
}
else {
$connectDN = $search->entry(0)->get_value($connection->{ldapUserRDN});
}
}
$ldap->unbind;
#Check that username is valid and not a duplicate in the system.
$error .= $self->error if(!$self->validUsername($username));
#Validate profile data.
my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData($self->session);
$error .= $temp;
return $self->www_createAccount("<li>".$error."</li1>") unless ($error eq "");
#If Email address is not unique, a warning is displayed
if($warning ne "" && !$self->session->form->process("confirm")){
return $self->www_createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
my $properties;
$properties->{connectDN} = $connectDN;
$properties->{ldapUrl} = $connection->{ldapUrl};
$properties->{ldapConnection} = $connection->{ldapLinkId};
return $self->SUPER::www_createAccountSave($username,$properties,$password,$profile);
}
#-------------------------------------------------------------------
=head2 www_deactivateAccount ( )
Show the confirmation form to deactivate the user's account
=cut
sub www_deactivateAccount {
my $self = shift;
return $self->www_displayLogin if($self->userId eq '1');
return $self->SUPER::www_deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
=head2 www_deactivateAccountConfirm ( )
Confirm the user is deactivating their account.
=cut
sub www_deactivateAccountConfirm {
my $self = shift;
return $self->www_displayLogin unless ($self->session->setting->get("selfDeactivation"));
return $self->SUPER::www_deactivateAccountConfirm;
}
#-------------------------------------------------------------------
=head2 www_displayAccount ( message )
Display the account details.
=cut
sub www_displayAccount {
my $self = shift;
my $vars;
return $self->www_displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
$vars->{displayTitle} = '<h1>'.$i18n->get(61).'</h1>';
$vars->{'account.message'} = $i18n->get(856);
if($self->session->setting->get("useKarma")){
$vars->{'account.form.karma'} = $self->session->user->profileField("karma");
$vars->{'account.form.karma.label'} = $i18n->get(537);
}
########### ACCOUNT SHUNT
#The following is a shunt which allows the displayAccount page to be displayed in the
#Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
#If the account system is calling this method, just return the template
my $op = $self->session->form->get("op");
if($op eq "account") {
return $output;
}
#Otherwise wrap the template into the account layout
my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
return $instance->www_displayContent($output,1);
}
#-------------------------------------------------------------------
=head2 www_displayLogin ( message )
Web-facing method to display the login form.
=cut
sub www_displayLogin {
my $self = shift;
my $vars;
return $self->www_displayAccount($_[0]) if ($self->isRegistered);
$vars->{'login.message'} = $_[0] if ($_[0]);
return $self->SUPER::www_displayLogin("login",$vars);
}
#-------------------------------------------------------------------
=head2 www_login ( )
Process the login form. Create a new account if auto registration is enabled.
=cut
sub www_login {
my $self = shift;
my $i18n = WebGUI::International->new($self->session);
my $username = $self->session->form->process("username");
my $identifier = $self->session->form->process("identifier");
my $autoRegistration = $self->session->setting->get("automaticLDAPRegistration");
my $hasAuthenticated = 0;
$hasAuthenticated = 1 if ( $self->authenticate($username,$identifier) );
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->www_displayLogin("<h1>".$i18n->get('no ldap logins')."</h1>".$self->error);
}
# Autoregistration is on and they didn't authenticate yet
if ($autoRegistration && !$hasAuthenticated) {
# See if they are in LDAP and if so that they can bind with the password given.
if($self->_isValidLDAPUser()) {
# Create a WebGUI Account
if ($self->validUsername($username)) {
$self->SUPER::www_createAccountSave($username, {
connectDN => $self->getConnectDN,
ldapUrl => $connection->{ldapUrl},
ldapConnection => $connection->{ldapLinkId},
},$identifier);
$hasAuthenticated = 1;
# Pull the users profile from LDAP to WebGUI
WebGUI::Workflow::Instance->create($self->session, {
workflowId=>'AuthLDAPworkflow000001',
methodName=>"new",
className=>"WebGUI::User",
parameters=>$self->session->user->userId,
priority=>3
})->start;
}
}
}
return $self->SUPER::www_login() if $hasAuthenticated; #Standard login routine for login
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
return $self->www_displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
}
1;

4
lib/WebGUI/Auth/Twitter.pm
View file

@ -227,13 +227,13 @@ sub www_callback {
if ( $userId ) {
my $user = WebGUI::User->new( $session, $userId );
$self->user( $user );
return $self->login;
return $self->SUPER::www_login;
}
# Otherwise see if their screen name exists and create a user
elsif ( !WebGUI::User->newByUsername( $session, $twitterScreenName ) ) {
my $user = $self->createTwitterUser( $twitterUserId, $twitterScreenName );
$self->user( $user );
return $self->login;
return $self->SUPER::www_login;
}
# Otherwise ask them for a new username to use

626
lib/WebGUI/Auth/WebGUI.pm
View file

@ -22,6 +22,7 @@ use WebGUI::Storage;
use WebGUI::User;
use WebGUI::Form::Captcha;
use WebGUI::Macro;
use WebGUI::Deprecate;
use Encode ();
use Tie::IxHash;
@ -130,203 +131,6 @@ sub authenticate {
return 0;
}
#-------------------------------------------------------------------
sub createAccount {
my $self = shift;
my $session = $self->session;
my $form = $session->form;
my $setting = $session->setting;
my $message = shift;
my $confirm = shift || $form->process("confirm");
my $vars = shift || {};
my $i18n = WebGUI::International->new($session);
if ($self->session->user->isRegistered) {
return $self->displayAccount;
}
elsif (!$setting->get("anonymousRegistration") && !$setting->get('inboxInviteUserEnabled')) {
return $self->displayLogin;
}
$vars->{'create.message'} = '<ul>'.$message.'</ul>' if ($message);
$vars->{'useCaptcha' } = $setting->get("webguiUseCaptcha");
if ($vars->{useCaptcha}) {
use WebGUI::Form::Captcha;
my $captcha = WebGUI::Form::Captcha->new($session,{
name => "authWebGUI.captcha",
extras => $self->getExtrasStyle
});
$vars->{'create.form.captcha'}
= $captcha->toHtml . '<span class="formSubtext">' . $captcha->get('subtext').'</span>';
$vars->{'create.form.captcha.label'} = $i18n->get("captcha label","AuthWebGUI");
}
unless($setting->get('webguiUseEmailAsUsername')){
my $username = $form->process("authWebGUI.username");
$vars->{'create.form.username'}
= WebGUI::Form::username($self->session, {
name => "authWebGUI.username",
value => $username,
extras => $self->getExtrasStyle($username)
});
$vars->{'create.form.username.label'} = $i18n->get(50);
}
my $password = $form->process("authWebGUI.identifier");
$vars->{'create.form.password'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifier",
value => $password,
extras => $self->getExtrasStyle($password)
});
$vars->{'create.form.password.label'} = $i18n->get(51);
my $passwordConfirm = $form->process("authWebGUI.identifierConfirm");
$vars->{'create.form.passwordConfirm'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifierConfirm",
value => $passwordConfirm,
extras => $self->getExtrasStyle($passwordConfirm)
});
$vars->{'create.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'create.form.hidden'}
= WebGUI::Form::hidden($self->session, {
"name" => "confirm",
"value" => $confirm
});
$vars->{'recoverPassword.isAllowed' } = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url' } = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label' } = $i18n->get(59);
return $self->SUPER::createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
sub createAccountSave {
my $self = shift;
my $session = $self->session;
my $form = $self->session->form;
my $setting = $self->session->setting;
my $i18n = WebGUI::International->new($session);
# Logged in users cannot see this page
return $self->displayAccount if ($session->user->isRegistered);
# Make sure anonymous registration is enabled
if (!$setting->get("anonymousRegistration") && !$setting->get("inboxInviteUserEnabled")) {
$session->log->security($i18n->get("no registration hack", "AuthWebGUI"));
return $self->displayLogin;
}
my $username;
if($setting->get('webguiUseEmailAsUsername')){
$username = $form->process('email');
}
else{
$username = $form->process('authWebGUI.username');
}
my $password = $form->process('authWebGUI.identifier');
my $passConfirm = $form->process('authWebGUI.identifierConfirm');
# Validate input
my $error;
$error = $self->error unless($self->validUsername($username));
if ($setting->get("webguiUseCaptcha")) {
my $form = WebGUI::Form::Captcha->new($session, {name => 'authWebGUI.captcha'});
if (! $form->getValue) {
$error .= '<li>' . $form->getErrorMessage . '</li>';
}
}
$error .= $self->error unless($self->_isValidPassword($password,$passConfirm));
my $fields = WebGUI::ProfileField->getRegistrationFields($session);
my $retHash = $self->user->validateProfileDataFromForm($fields);
my $profile = $retHash->{profile};
my $temp = "";
my $warning = "";
my $format = "<li>%s</li>";
map { $warning .= sprintf($format,$_) } @{$retHash->{warnings}};
map { $temp .= sprintf($format,$_) } @{$retHash->{errors}};
$error .= $temp;
unless ($error eq "") {
$self->error($error);
return $self->createAccount($error);
}
# If Email address is not unique, a warning is displayed
if ($warning ne "" && !$self->session->form->process("confirm")) {
return $self->createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
# Create the new account
my $properties;
$properties->{ changeUsername } = $setting->get("webguiChangeUsername");
$properties->{ changePassword } = $setting->get("webguiChangePassword");
$properties->{ identifier } = $self->hashPassword($password);
$properties->{ passwordLastUpdated } = time();
$properties->{ passwordTimeout } = $setting->get("webguiPasswordTimeout");
$properties->{ status } = 'Deactivated' if ($setting->get("webguiValidateEmail"));
my $afterCreateMessage = $self->SUPER::createAccountSave($username,$properties,$password,$profile);
# Send validation e-mail if required
if ($setting->get("webguiValidateEmail")) {
my $key = $session->id->generate;
$self->update(emailValidationKey=>$key);
my $mail = WebGUI::Mail::Send->create($self->session, {
to => $profile->{email},
subject => $i18n->get('email address validation email subject','AuthWebGUI')
});
my $var;
$var->{newUser_username} = $username;
$var->{activationUrl} = $session->url->page("op=auth;method=validateEmail;key=".$key, 'full');
my $text =
WebGUI::Asset::Template->newById($self->session,$self->getSetting('accountActivationTemplate'))->process($var);
WebGUI::Macro::process($self->session,\$text);
$mail->addText($text);
$mail->addFooter;
$mail->queue;
$self->user->status("Deactivated");
$session->var->end($session->var->get("sessionId"));
$session->var->start(1,$session->getId);
my $u = WebGUI::User->new($session,1);
$self->{user} = $u;
$self->logout;
return $self->displayLogin($i18n->get('check email for validation','AuthWebGUI'));
}
return $afterCreateMessage;
}
#-------------------------------------------------------------------
sub deactivateAccount {
my $self = shift;
return $self->displayLogin if($self->isVisitor);
return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
sub deactivateAccountConfirm {
my $self = shift;
return $self->displayLogin unless ($self->session->setting->get("selfDeactivation"));
# Keep the username for a nice message
my $username = $self->user->username;
# Deactivate the account
my $response = $self->SUPER::deactivateAccountConfirm;
# If there was a response, it's probably an error
return $response if $response;
# Otherwise show the login form with a friendly message
my $i18n = WebGUI::International->new($self->session);
return $self->displayLogin(sprintf( $i18n->get("deactivateAccount success"), $username ));
}
#-------------------------------------------------------------------
=head2 checkField ( )
@ -339,51 +143,6 @@ or an empty string if the check was successful.
=cut
#-------------------------------------------------------------------
sub displayAccount {
my $self = shift;
my $vars;
return $self->displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
my $userData = $self->get;
$vars->{'account.message'} = $_[0] if ($_[0]);
$vars->{'account.noform'} = 1;
if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
$vars->{'account.form.username'} = WebGUI::Form::text($self->session,{"name"=>"authWebGUI.username","value"=>$self->username});
$vars->{'account.form.username.label'} = $i18n->get(50);
$vars->{'account.noform'} = 0;
}
if($userData->{changePassword} || (!defined $userData->{changePassword} && $self->session->setting->get("webguiChangePassword"))){
$vars->{'account.form.password'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifier","value"=>"password"});
$vars->{'account.form.password.label'} = $i18n->get(51);
$vars->{'account.form.passwordConfirm'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifierConfirm","value"=>"password"});
$vars->{'account.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'account.noform'} = 0;
}
$vars->{'account.nofields'} = $i18n->get(22,'AuthWebGUI');
return $self->SUPER::displayAccount("updateAccount",$vars);
}
#-------------------------------------------------------------------
=head2 displayLogin ( )
The initial login screen an unauthenticated user sees
=cut
sub displayLogin {
my $self = shift;
my $vars;
return $self->displayAccount($_[0]) if ($self->isRegistered);
my $i18n = WebGUI::International->new($self->session);
$vars->{'login.message'} = '<ul>'.$_[0].'</ul>' if ($_[0]);
$vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url'} = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label'} = $i18n->get(59);
return $self->SUPER::displayLogin("login",$vars);
}
#-------------------------------------------------------------------
=head2 editUserForm ( )
@ -781,15 +540,257 @@ sub hashPassword {
return Digest::MD5::md5_base64(Encode::encode_utf8($password));
}
#-------------------------------------------------------------------
sub www_createAccount {
my $self = shift;
my $session = $self->session;
my $form = $session->form;
my $setting = $session->setting;
my $message = shift;
my $confirm = shift || $form->process("confirm");
my $vars = shift || {};
my $i18n = WebGUI::International->new($session);
if ($self->session->user->isRegistered) {
return $self->www_displayAccount;
}
elsif (!$setting->get("anonymousRegistration") && !$setting->get('inboxInviteUserEnabled')) {
return $self->www_displayLogin;
}
$vars->{'create.message'} = '<ul>'.$message.'</ul>' if ($message);
$vars->{'useCaptcha' } = $setting->get("webguiUseCaptcha");
if ($vars->{useCaptcha}) {
use WebGUI::Form::Captcha;
my $captcha = WebGUI::Form::Captcha->new($session,{
name => "authWebGUI.captcha",
extras => $self->getExtrasStyle
});
$vars->{'create.form.captcha'}
= $captcha->toHtml . '<span class="formSubtext">' . $captcha->get('subtext').'</span>';
$vars->{'create.form.captcha.label'} = $i18n->get("captcha label","AuthWebGUI");
}
unless($setting->get('webguiUseEmailAsUsername')){
my $username = $form->process("authWebGUI.username");
$vars->{'create.form.username'}
= WebGUI::Form::username($self->session, {
name => "authWebGUI.username",
value => $username,
extras => $self->getExtrasStyle($username)
});
$vars->{'create.form.username.label'} = $i18n->get(50);
}
my $password = $form->process("authWebGUI.identifier");
$vars->{'create.form.password'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifier",
value => $password,
extras => $self->getExtrasStyle($password)
});
$vars->{'create.form.password.label'} = $i18n->get(51);
my $passwordConfirm = $form->process("authWebGUI.identifierConfirm");
$vars->{'create.form.passwordConfirm'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifierConfirm",
value => $passwordConfirm,
extras => $self->getExtrasStyle($passwordConfirm)
});
$vars->{'create.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'create.form.hidden'}
= WebGUI::Form::hidden($self->session, {
"name" => "confirm",
"value" => $confirm
});
$vars->{'recoverPassword.isAllowed' } = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url' } = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label' } = $i18n->get(59);
return $self->SUPER::www_createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
sub login {
sub www_createAccountSave {
my $self = shift;
my $session = $self->session;
my $form = $self->session->form;
my $setting = $self->session->setting;
my $i18n = WebGUI::International->new($session);
# Logged in users cannot see this page
return $self->www_displayAccount if ($session->user->isRegistered);
# Make sure anonymous registration is enabled
if (!$setting->get("anonymousRegistration") && !$setting->get("inboxInviteUserEnabled")) {
$session->log->security($i18n->get("no registration hack", "AuthWebGUI"));
return $self->www_displayLogin;
}
my $username;
if($setting->get('webguiUseEmailAsUsername')){
$username = $form->process('email');
}
else{
$username = $form->process('authWebGUI.username');
}
my $password = $form->process('authWebGUI.identifier');
my $passConfirm = $form->process('authWebGUI.identifierConfirm');
# Validate input
my $error;
$error = $self->error unless($self->validUsername($username));
if ($setting->get("webguiUseCaptcha")) {
my $form = WebGUI::Form::Captcha->new($session, {name => 'authWebGUI.captcha'});
if (! $form->getValue) {
$error .= '<li>' . $form->getErrorMessage . '</li>';
}
}
$error .= $self->error unless($self->_isValidPassword($password,$passConfirm));
my $fields = WebGUI::ProfileField->getRegistrationFields($session);
my $retHash = $self->user->validateProfileDataFromForm($fields);
my $profile = $retHash->{profile};
my $temp = "";
my $warning = "";
my $format = "<li>%s</li>";
map { $warning .= sprintf($format,$_) } @{$retHash->{warnings}};
map { $temp .= sprintf($format,$_) } @{$retHash->{errors}};
$error .= $temp;
unless ($error eq "") {
$self->error($error);
return $self->www_createAccount($error);
}
# If Email address is not unique, a warning is displayed
if ($warning ne "" && !$self->session->form->process("confirm")) {
return $self->www_createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
# Create the new account
my $properties;
$properties->{ changeUsername } = $setting->get("webguiChangeUsername");
$properties->{ changePassword } = $setting->get("webguiChangePassword");
$properties->{ identifier } = $self->hashPassword($password);
$properties->{ passwordLastUpdated } = time();
$properties->{ passwordTimeout } = $setting->get("webguiPasswordTimeout");
$properties->{ status } = 'Deactivated' if ($setting->get("webguiValidateEmail"));
my $afterCreateMessage = $self->SUPER::createAccountSave($username,$properties,$password,$profile);
# Send validation e-mail if required
if ($setting->get("webguiValidateEmail")) {
my $key = $session->id->generate;
$self->update(emailValidationKey=>$key);
my $mail = WebGUI::Mail::Send->create($self->session, {
to => $profile->{email},
subject => $i18n->get('email address validation email subject','AuthWebGUI')
});
my $var;
$var->{newUser_username} = $username;
$var->{activationUrl} = $session->url->page("op=auth;method=validateEmail;key=".$key, 'full');
my $text =
WebGUI::Asset::Template->newById($self->session,$self->getSetting('accountActivationTemplate'))->process($var);
WebGUI::Macro::process($self->session,\$text);
$mail->addText($text);
$mail->addFooter;
$mail->queue;
$self->user->status("Deactivated");
$session->var->end($session->var->get("sessionId"));
$session->var->start(1,$session->getId);
my $u = WebGUI::User->new($session,1);
$self->{user} = $u;
$self->logout;
return $self->www_displayLogin($i18n->get('check email for validation','AuthWebGUI'));
}
return $afterCreateMessage;
}
#-------------------------------------------------------------------
sub www_deactivateAccount {
my $self = shift;
return $self->www_displayLogin if($self->isVisitor);
return $self->SUPER::www_deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
sub www_deactivateAccountConfirm {
my $self = shift;
return $self->www_displayLogin unless ($self->session->setting->get("selfDeactivation"));
# Keep the username for a nice message
my $username = $self->user->username;
# Deactivate the account
my $response = $self->SUPER::www_deactivateAccountConfirm;
# If there was a response, it's probably an error
return $response if $response;
# Otherwise show the login form with a friendly message
my $i18n = WebGUI::International->new($self->session);
return $self->www_displayLogin(sprintf( $i18n->get("deactivateAccount success"), $username ));
}
#-------------------------------------------------------------------
sub www_displayAccount {
my $self = shift;
my $vars;
return $self->www_displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
my $userData = $self->get;
$vars->{'account.message'} = $_[0] if ($_[0]);
$vars->{'account.noform'} = 1;
if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
$vars->{'account.form.username'} = WebGUI::Form::text($self->session,{"name"=>"authWebGUI.username","value"=>$self->username});
$vars->{'account.form.username.label'} = $i18n->get(50);
$vars->{'account.noform'} = 0;
}
if($userData->{changePassword} || (!defined $userData->{changePassword} && $self->session->setting->get("webguiChangePassword"))){
$vars->{'account.form.password'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifier","value"=>"password"});
$vars->{'account.form.password.label'} = $i18n->get(51);
$vars->{'account.form.passwordConfirm'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifierConfirm","value"=>"password"});
$vars->{'account.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'account.noform'} = 0;
}
$vars->{'account.nofields'} = $i18n->get(22,'AuthWebGUI');
return $self->SUPER::www_displayAccount("updateAccount",$vars);
}
#-------------------------------------------------------------------
=head2 www_displayLogin ( )
The initial login screen an unauthenticated user sees
=cut
sub www_displayLogin {
my $self = shift;
my $vars;
print "WebGUI->www_displayLogin\n";
return $self->www_displayAccount($_[0]) if ($self->isRegistered);
my $i18n = WebGUI::International->new($self->session);
$vars->{'login.message'} = '<ul>'.$_[0].'</ul>' if ($_[0]);
$vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url'} = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label'} = $i18n->get(59);
return $self->SUPER::www_displayLogin("login",$vars);
}
#-------------------------------------------------------------------
sub www_login {
my $self = shift;
if(!$self->authenticate($self->session->form->process("username"),$self->session->form->process("identifier"))){
$self->session->http->setStatus(401);
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
my $i18n = WebGUI::International->new($self->session);
return $self->displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
return $self->www_displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
}
my $userData = $self->get;
@ -798,32 +799,16 @@ sub login {
if (time() >= $expireTime){
my $userId = $self->userId;
$self->logout;
return $self->resetExpiredPassword($userId);
return $self->www_resetExpiredPassword($userId);
}
}
return $self->SUPER::login();
}
#-------------------------------------------------------------------
sub new {
my $class = shift;
my $session = shift;
my $userId = $_[0];
my $self = $class->SUPER::new($session,$userId);
$self->setCallable([
'validateEmail','createAccount','deactivateAccount','displayAccount',
'displayLogin','login','logout','recoverPassword','resetExpiredPassword',
'recoverPasswordFinish','createAccountSave','deactivateAccountConfirm',
'resetExpiredPasswordSave','updateAccount', 'emailResetPassword',
'emailResetPasswordFinish',
]);
return $self;
return $self->SUPER::www_login();
}
#-------------------------------------------------------------------
=head2 recoverPassword ( args )
=head2 www_recoverPassword ( args )
Initiates the password recovery process. Checks for recovery type,
and then runs the appropriate method. Arguments to this sub are
@ -831,24 +816,26 @@ passed directly to the approprate method.
=cut
sub recoverPassword {
sub www_recoverPassword {
my $self = shift;
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $type = $self->getPasswordRecoveryType;
if ($type eq 'profile') {
$self->profileRecoverPassword(@_);
$self->www_profileRecoverPassword(@_);
}
elsif ($type eq 'email') {
$self->emailRecoverPassword(@_);
$self->www_emailRecoverPassword(@_);
}
}
deprecate 'recoverPassword' => 'www_recoverPassword';
#-------------------------------------------------------------------
=head2 emailRecoverPassword ( $error )
=head2 www_emailRecoverPassword ( $error )
Templated email recovery form.
@ -858,7 +845,7 @@ $error is any error from the system which needs to be reported to the user.
=cut
sub emailRecoverPassword {
sub www_emailRecoverPassword {
my $self = shift;
my $session = $self->session;
my $i18n = WebGUI::International->new($session);
@ -902,14 +889,16 @@ sub emailRecoverPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
}
deprecate 'emailRecoverPassword' => 'www_emailRecoverPassword';
#-------------------------------------------------------------------
sub profileRecoverPassword {
sub www_profileRecoverPassword {
my $self = shift;
my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)};
return $self->displayLogin unless @fields;
return $self->www_displayLogin unless @fields;
my $vars = {};
my $i18n = WebGUI::International->new($self->session);
@ -947,10 +936,12 @@ sub profileRecoverPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
}
deprecate 'profileRecoverPassword' => 'www_profileRecoverPassword';
#-------------------------------------------------------------------
=head2 recoverPasswordFinish ( args )
=head2 www_recoverPasswordFinish ( args )
Handles data for recovery of password. Gets password recovery type,
and then runs the appropriate method. Arguments are passed directly
@ -958,35 +949,37 @@ to the appropriate method.
=cut
sub recoverPasswordFinish {
sub www_recoverPasswordFinish {
my $self = shift;
my $type = $self->getPasswordRecoveryType;
if ($type eq 'profile') {
$self->profileRecoverPasswordFinish(@_);
$self->www_profileRecoverPasswordFinish(@_);
} elsif ($type eq 'email') {
$self->emailRecoverPasswordFinish(@_);
$self->www_emailRecoverPasswordFinish(@_);
}
}
}
deprecate 'recoverPasswordFinish' => 'www_recoverPasswordFinish';
#-------------------------------------------------------------------
sub profileRecoverPasswordFinish {
sub www_profileRecoverPasswordFinish {
my $self = shift;
my $session = $self->session;
my $i18n = WebGUI::International->new($self->session);
my $i18n2 = WebGUI::International->new($self->session, 'AuthWebGUI');
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $username;
if ($self->getSetting('passwordRecoveryRequireUsername')) {
$username = $self->session->form->process('authWebGUI.username');
return $self->recoverPassword($i18n->get('password recovery no username', 'AuthWebGUI')) unless defined $username;
return $self->www_recoverPassword($i18n->get('password recovery no username', 'AuthWebGUI')) unless defined $username;
}
my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)};
return $self->displayLogin unless @fields;
return $self->www_displayLogin unless @fields;
my %fieldValues;
my @failedRequiredFields;
@ -1000,7 +993,7 @@ sub profileRecoverPasswordFinish {
my $errorMessage = '<ul>' . join("\n", map {
'<li>' . $_->getLabel . ' ' . $i18n->get(451) . '</li>'
} @failedRequiredFields) . '</ul>';
return $self->recoverPassword($errorMessage);
return $self->www_recoverPassword($errorMessage);
}
my @fieldNames = keys %fieldValues;
@ -1011,10 +1004,10 @@ sub profileRecoverPasswordFinish {
my @userIds = $self->session->db->buildArray($sql, [$self->authMethod, @fieldValues, (defined($username)? ($username) : ())]);
if (@userIds == 0) {
return $self->recoverPassword($i18n2->get('password recovery no results'));
return $self->www_recoverPassword($i18n2->get('password recovery no results'));
}
elsif (@userIds > 1) {
return $self->recoverPassword($i18n2->get('password recovery multiple results'));
return $self->www_recoverPassword($i18n2->get('password recovery multiple results'));
}
# Exactly one result.
@ -1023,7 +1016,7 @@ sub profileRecoverPasswordFinish {
# Make sure the userId is not disabled
my $user = WebGUI::User->new($self->session, $userId);
if ( $user->status ne "Active" ) {
return $self->recoverPassword( $i18n2->get( 'password recovery disabled' ) );
return $self->www_recoverPassword( $i18n2->get( 'password recovery disabled' ) );
}
my ($password, $passwordConfirm) = ($self->session->form->process('authWebGUI.identifier'), $self->session->form->process('authWebGUI.identifierConfirm'));
@ -1080,17 +1073,19 @@ sub profileRecoverPasswordFinish {
identifier => $self->hashPassword($password),
passwordLastUpdated => time);
$self->_logSecurityMessage;
return $self->SUPER::login;
return $self->SUPER::www_login;
} else {
return $self->recoverPassword('<ul><li>'.$self->error.'</li></ul>');
return $self->www_recoverPassword('<ul><li>'.$self->error.'</li></ul>');
}
}
deprecate 'profileRecoverPasswordFinish' => 'www_profileRecoverPasswordFinish';
#-------------------------------------------------------------------
sub emailRecoverPasswordFinish {
sub www_emailRecoverPasswordFinish {
my $self = shift;
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $i18n = WebGUI::International->new($self->session);
my $session = $self->session;
@ -1108,12 +1103,12 @@ sub emailRecoverPasswordFinish {
# return error unless we get a valid user.\
unless ($user) {
return $self->recoverPassword( $i18n->get('recover password not found', 'AuthWebGUI') );
return $self->www_recoverPassword( $i18n->get('recover password not found', 'AuthWebGUI') );
}
# Make sure the user is Active
if ( $user->status ne "Active" ) {
return $self->recoverPassword( $i18n->get( 'password recovery disabled', 'AuthWebGUI' ) );
return $self->www_recoverPassword( $i18n->get( 'password recovery disabled', 'AuthWebGUI' ) );
}
# generate information necessry to proceed
@ -1122,7 +1117,7 @@ sub emailRecoverPasswordFinish {
$email = $user->profileField('email');
if ( ! $email ) {
return $self->recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) );
return $self->www_recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) );
}
my $authsettings = $self->get;
@ -1141,10 +1136,12 @@ sub emailRecoverPasswordFinish {
return "<h1>". $i18n->get('recover password banner', 'AuthWebGUI')." </h1> <br> <br> <h3>". $i18n->get('email recover password finish message', 'AuthWebGUI') . "</h3>";
}
deprecate emailRecoverPasswordFinish => 'www_emailRecoverPasswordFinish';
#-------------------------------------------------------------------
# handler for the link generated and mailed by emailRecoverPasswordFinish
sub emailResetPassword {
sub www_emailResetPassword {
my $self = shift;
my $errormsg = shift;
@ -1212,9 +1209,11 @@ sub emailResetPassword {
}
deprecate 'emailResetPassword' => 'www_emailResetPassword';
#-------------------------------------------------------------------
sub emailResetPasswordFinish {
sub www_emailResetPasswordFinish {
my $self = shift;
my $session = $self->session;
my ($form) = $session->quick(qw/form/);
@ -1238,15 +1237,17 @@ sub emailResetPasswordFinish {
# delete the emailRecoverPasswordVerificationNumber
$self->delete('emailRecoverPasswordVerificationNumber');
return $self->SUPER::login;
return $self->SUPER::www_login;
} else {
return $self->emailResetPassword($self->error);
return $self->www_emailResetPassword($self->error);
}
}
deprecate emailResetPasswordFinish => 'www_emailResetPasswordFinish';
#-------------------------------------------------------------------
sub resetExpiredPassword {
sub www_resetExpiredPassword {
my $self = shift;
my $uid = shift || $self->session->form->process("uid");
my $vars;
@ -1271,8 +1272,10 @@ sub resetExpiredPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getExpiredPasswordTemplateId)->process($vars);
}
deprecate resetExpiredPassword => 'www_resetExpiredPassword';
#-------------------------------------------------------------------
sub resetExpiredPasswordSave {
sub www_resetExpiredPasswordSave {
my $self = shift;
my ($error,$u,$properties,$msg);
@ -1284,18 +1287,20 @@ sub resetExpiredPasswordSave {
$error .= '<li>'.$i18n->get(12,'AuthWebGUI').'</li>' if ($self->session->form->process("oldPassword") eq $self->session->form->process("identifier"));
$error .= $self->error if(!$self->_isValidPassword($self->session->form->process("identifier"),$self->session->form->process("identifierConfirm")));
return $self->resetExpiredPassword($u->userId, "<h1>".$i18n->get(70)."</h1><ul>".$error.'</ul>') if ($error);
return $self->www_resetExpiredPassword($u->userId, "<h1>".$i18n->get(70)."</h1><ul>".$error.'</ul>') if ($error);
$properties->{identifier} = $self->hashPassword($self->session->form->process("identifier"));
$properties->{passwordLastUpdated} =time();
$self->update($properties);
$self->_logSecurityMessage();
return $self->SUPER::login();
return $self->SUPER::www_login();
}
deprecate resetExpiredPasswordSave => 'www_resetExpiredPasswordSave';
#-------------------------------------------------------------------
sub validateEmail {
sub www_validateEmail {
my $self = shift;
my $session = $self->session;
my ($userId) = $session->db->quickArray("select userId from authentication where fieldData=? and fieldName='emailValidationKey' and authMethod='WebGUI'", [$session->form->process("key")]);
@ -1307,19 +1312,20 @@ sub validateEmail {
$self->session->db->write("DELETE FROM authentication WHERE userId = ? AND fieldName = 'emailValidationKey'", [$userId]);
$message = $i18n->get('email validation confirmed','AuthWebGUI');
}
return $self->displayLogin($message);
return $self->www_displayLogin($message);
}
deprecate validateEmail => 'www_validateEmail';
#-------------------------------------------------------------------
=head2 updateAccount ( )
=head2 www_updateAccount ( )
Sets properties to update and passes them to the superclass
=cut
sub updateAccount {
sub www_updateAccount {
my $self = shift;
my $i18n = WebGUI::International->new($self->session);
@ -1330,7 +1336,7 @@ sub updateAccount {
my $error = "";
if($self->isVisitor){
return $self->displayLogin;
return $self->www_displayLogin;
}
if($username){
@ -1373,8 +1379,10 @@ sub updateAccount {
$self->update($properties);
$self->session->user(undef,undef,$u);
return $self->displayAccount($display);
return $self->www_displayAccount($display);
}
deprecate updateAccount => 'www_updateAccount';
1;

52
lib/WebGUI/Deprecate.pm Normal file
View file

@ -0,0 +1,52 @@
package WebGUI::Deprecate;
=head1 NAME
WebGUI::Deprecate - Warn about subroutine deprecations
=head1 SYNOPSIS
use WebGUI::Deprecate;
deprecate oldMethod => 'newMethod';
sub newMethod { # will get called either way }
=head1 DESCRIPTION
Deprecate a subroutine, spitting out a warning whenever it is used.
=cut
use strict;
use warnings;
use Sub::Exporter -setup => {
exports => [ 'deprecate' ],
groups => {
default => [ 'deprecate' ],
}
};
my %warned;
sub deprecate ($$) {
my ($old_method, $new_method) = @_;
my $package = caller;
no strict 'refs';
no warnings 'redefine';
*{"$package\::$old_method"} = \&{"$package\::$new_method"};
my $proxy_method = sub {
my $self = $_[0];
my $sub = $self->can($old_method);
my $class = ref $self || $self;
if ($sub ne \&{"$package\::$old_method"}) {
my $message = "$class contains the method $old_method. This has been deprecated and replaced with $new_method.";
warn $message unless $warned{$message}++;
$self->$new_method( @_ );
}
goto $sub;
};
*{"$package\::$new_method"} = $proxy_method;
}
1;

12
t/Auth/LDAP.t
View file

@ -65,7 +65,7 @@ $session->request->setup_body({
username => 'Andy Dufresne',
identifier => 'AndyDufresne',
});
my $out = $auth->login();
my $out = $auth->www_login();
is( $session->user->getId, $user->getId, 'Andy is logged in' );
@ -82,7 +82,7 @@ $session->request->setup_body({
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->createAccountSave;
$out = $auth->www_createAccountSave;
is( $session->user->get('username'), 'Ellis Redding', 'Ellis was created' );
WebGUI::Test->addToCleanup( $session->user );
@ -98,7 +98,7 @@ $session->request->setup_body({
identifier => 'BogsDiamond',
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login;
$out = $auth->www_login;
is( $session->user->get('username'), 'Bogs Diamond', 'Bogs was created' )
or diag( $auth->error );
@ -131,7 +131,7 @@ $session->request->setup_body({
identifier => 'BrooksHatley',
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login;
$out = $auth->www_login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was created';
cmp_deeply(
$auth->get,
@ -143,7 +143,7 @@ cmp_deeply(
'authentication information set after creating account'
);
WebGUI::Test->addToCleanup( $session->user, );
$out = $auth->logout;
$out = $auth->www_logout;
is $session->user->get('username'), 'Visitor', 'Brooks was logged out';
$ldap->moddn( 'uid=Brooks Hatley,o=shawshank',
@ -164,7 +164,7 @@ $session->request->setup_body({
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login;
$out = $auth->www_login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was logged in after name change';
cmp_deeply(
$auth->get,