oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

change to www_ methods everywhere

Browse source
This commit is contained in:
Doug Bell 2010-11-03 18:02:49 -05:00
parent 26853527a0
commit 5a2d4d8d03
7 changed files with 1165 additions and 1096 deletions
Download patch file Download diff file Expand all files Collapse all files

1040
lib/WebGUI/Auth.pm
View file

File diff suppressed because it is too large Load diff

6
lib/WebGUI/Auth/Facebook.pm
View file

@ -223,13 +223,13 @@ sub www_callback {
if ( $userId ) { if ( $userId ) {
my $user = WebGUI::User->new( $session, $userId ); my $user = WebGUI::User->new( $session, $userId );
$self->user( $user ); $self->user( $user );
return $self->login; return $self->SUPER::www_login;
} }
# Otherwise see if their screen name exists and create a user # Otherwise see if their screen name exists and create a user
elsif ( !WebGUI::User->newByUsername( $session, $fbuser->{name}) ) { elsif ( !WebGUI::User->newByUsername( $session, $fbuser->{name}) ) {
my $user = $self->createFacebookUser( $fbuser ); my $user = $self->createFacebookUser( $fbuser );
$self->user( $user ); $self->user( $user );
return $self->login; return $self->SUPER::www_login;
} }
# Otherwise ask them for a new username to use # Otherwise ask them for a new username to use
@ -267,7 +267,7 @@ sub www_setUsername {
if ( !WebGUI::User->newByUsername( $session, $fbuser->{name} ) ) { if ( !WebGUI::User->newByUsername( $session, $fbuser->{name} ) ) {
my $user = $self->createFacebookUser( $fbuser ); my $user = $self->createFacebookUser( $fbuser );
$self->user( $user ); $self->user( $user );
return $self->login; return $self->www_login;
} }
# Username is again taken! Noooooo! # Username is again taken! Noooooo!

521
lib/WebGUI/Auth/LDAP.pm
View file

@ -245,208 +245,6 @@ sub connectToLDAP {
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 createAccount ( message, confirm )
Show the form to create a new LDAP account relationship
=cut
sub createAccount {
my $self = shift;
my $message = shift;
my $confirm = shift || $self->session->form->process("confirm");
my $vars;
if ($self->session->user->isRegistered) {
return $self->displayAccount;
}
elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('inboxInviteUserEnabled')) {
return $self->displayLogin;
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
$self->session->log->error('Unable to create LDAP account as there is no LDAP connection defined');
return $self->displayLogin;
}
$vars->{'create.message'} = $message if ($message);
my $i18n = WebGUI::International->new($self->session,"AuthLDAP");
$vars->{'create.form.ldapConnection.label'} = $i18n->get("ldapConnection");
my $url = $self->session->url->page("op=auth;method=createAccount;connection=");
$vars->{'create.form.ldapConnection'} = WebGUI::Form::selectBox($self->session, {
name=>"ldapConnection",
options=>WebGUI::LDAPLink->getList($self->session,),
value=>[$connection->{ldapLinkId}],
extras=>qq|onchange="location.href='$url'+this.options[this.selectedIndex].value"|
});
my $ldapId = $self->session->form->process("authLDAP_ldapId");
$vars->{'create.form.ldapId'} = WebGUI::Form::text($self->session,{
name =>"authLDAP_ldapId",
value =>$ldapId,
extras => $self->getExtrasStyle($ldapId)
});
$vars->{'create.form.ldapId.label'} = $connection->{ldapIdentityName};
my $ldapPwd = $self->session->form->process("authLDAP_identifier");
$vars->{'create.form.password'} = WebGUI::Form::password($self->session,{
"name"=>"authLDAP_identifier",
"value"=> $ldapPwd,
extras => $self->getExtrasStyle($ldapPwd)
});
$vars->{'create.form.password.label'} = $connection->{ldapPasswordName};
$vars->{'create.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"confirm","value"=>$confirm});
return $self->SUPER::createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
=head2 createAccountSave ( )
Process the form to create a new LDAP account relationship
=cut
sub createAccountSave {
my $self = shift;
my $username = $self->session->form->process('authLDAP_ldapId');
my $password = $self->session->form->process('authLDAP_identifier');
my $error = "";
my $i18n = WebGUI::International->new($self->session);
#Validate user in LDAP
if(!$self->_isValidLDAPUser()){
return $self->createAccount("<h1>".$i18n->get(70)."</h1>".$self->error);
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->createAccount("<h1>".$i18n->get('no ldap link for auth')."</h1>".$self->error);
}
#Get connectDN from settings
my $uri = URI->new($connection->{ldapUrl});
my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme));
my $auth;
if($connection->{connectDn}) {
$auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier});
}
else{
$auth = $ldap->bind;
}
#$ldap->bind;
my $search = $ldap->search (base => $uri->dn, filter=>$connection->{ldapIdentity}."=".$username);
my $connectDN = "";
if (defined $search->entry(0)) {
if ($connection->{ldapUserRDN} eq 'dn') {
$connectDN = $search->entry(0)->dn;
}
else {
$connectDN = $search->entry(0)->get_value($connection->{ldapUserRDN});
}
}
$ldap->unbind;
#Check that username is valid and not a duplicate in the system.
$error .= $self->error if(!$self->validUsername($username));
#Validate profile data.
my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData($self->session);
$error .= $temp;
return $self->createAccount("<li>".$error."</li1>") unless ($error eq "");
#If Email address is not unique, a warning is displayed
if($warning ne "" && !$self->session->form->process("confirm")){
return $self->createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
my $properties;
$properties->{connectDN} = $connectDN;
$properties->{ldapUrl} = $connection->{ldapUrl};
$properties->{ldapConnection} = $connection->{ldapLinkId};
return $self->SUPER::createAccountSave($username,$properties,$password,$profile);
}
#-------------------------------------------------------------------
=head2 deactivateAccount ( )
Show the confirmation form to deactivate the user's account
=cut
sub deactivateAccount {
my $self = shift;
return $self->displayLogin if($self->userId eq '1');
return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
=head2 deactivateAccountConfirm ( )
Confirm the user is deactivating their account.
=cut
sub deactivateAccountConfirm {
my $self = shift;
return $self->displayLogin unless ($self->session->setting->get("selfDeactivation"));
return $self->SUPER::deactivateAccountConfirm;
}
#-------------------------------------------------------------------
=head2 displayAccount ( message )
Display the account details.
=cut
sub displayAccount {
my $self = shift;
my $vars;
return $self->displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
$vars->{displayTitle} = '<h1>'.$i18n->get(61).'</h1>';
$vars->{'account.message'} = $i18n->get(856);
if($self->session->setting->get("useKarma")){
$vars->{'account.form.karma'} = $self->session->user->profileField("karma");
$vars->{'account.form.karma.label'} = $i18n->get(537);
}
########### ACCOUNT SHUNT
#The following is a shunt which allows the displayAccount page to be displayed in the
#Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
#If the account system is calling this method, just return the template
my $op = $self->session->form->get("op");
if($op eq "account") {
return $output;
}
#Otherwise wrap the template into the account layout
my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
return $instance->displayContent($output,1);
}
#-------------------------------------------------------------------
=head2 displayLogin ( message )
Web-facing method to display the login form.
=cut
sub displayLogin {
my $self = shift;
my $vars;
return $self->displayAccount($_[0]) if ($self->isRegistered);
$vars->{'login.message'} = $_[0] if ($_[0]);
return $self->SUPER::displayLogin("login",$vars);
}
#-------------------------------------------------------------------
=head2 editUserForm ( ) =head2 editUserForm ( )
Creates user form elements specific to this Auth Method. Creates user form elements specific to this Auth Method.
@ -677,60 +475,6 @@ sub getLoginTemplateId {
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 login ( )
Process the login form. Create a new account if auto registration is enabled.
=cut
sub login {
my $self = shift;
my $i18n = WebGUI::International->new($self->session);
my $username = $self->session->form->process("username");
my $identifier = $self->session->form->process("identifier");
my $autoRegistration = $self->session->setting->get("automaticLDAPRegistration");
my $hasAuthenticated = 0;
$hasAuthenticated = 1 if ( $self->authenticate($username,$identifier) );
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->displayLogin("<h1>".$i18n->get('no ldap logins')."</h1>".$self->error);
}
# Autoregistration is on and they didn't authenticate yet
if ($autoRegistration && !$hasAuthenticated) {
# See if they are in LDAP and if so that they can bind with the password given.
if($self->_isValidLDAPUser()) {
# Create a WebGUI Account
if ($self->validUsername($username)) {
$self->SUPER::createAccountSave($username, {
connectDN => $self->getConnectDN,
ldapUrl => $connection->{ldapUrl},
ldapConnection => $connection->{ldapLinkId},
},$identifier);
$hasAuthenticated = 1;
# Pull the users profile from LDAP to WebGUI
WebGUI::Workflow::Instance->create($self->session, {
workflowId=>'AuthLDAPworkflow000001',
methodName=>"new",
className=>"WebGUI::User",
parameters=>$self->session->user->userId,
priority=>3
})->start;
}
}
}
return $self->SUPER::login() if $hasAuthenticated; #Standard login routine for login
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
return $self->displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
}
#-------------------------------------------------------------------
=head2 new ( session, userId ) =head2 new ( session, userId )
Create a new Auth instance. C<userId> is the ID of the user to be authenticated. Create a new Auth instance. C<userId> is the ID of the user to be authenticated.
@ -742,14 +486,6 @@ sub new {
my $session = shift; my $session = shift;
my $userId = shift; my $userId = shift;
my $self = $class->SUPER::new($session,$userId); my $self = $class->SUPER::new($session,$userId);
$self->setCallable([
'createAccount','deactivateAccount','displayAccount','displayLogin',
'login','logout','createAccountSave','deactivateAccountConfirm',
]);
#my $connection = $session->scratch->get("ldapConnection") || $session->setting->get("ldapConnection");
#my $ldaplink = WebGUI::LDAPLink->new($session,$connection);
#$self->{_connection} = $ldaplink->get if $ldaplink;
my $i18n = WebGUI::International->new($session, "AuthLDAP"); my $i18n = WebGUI::International->new($session, "AuthLDAP");
my %ldapStatusCode = map { $_ => $i18n->get("LDAPLink_".$_) } my %ldapStatusCode = map { $_ => $i18n->get("LDAPLink_".$_) }
(0..21, 32,33,34,36, 48..54, 64..71, 80); (0..21, 32,33,34,36, 48..54, 64..71, 80);
@ -783,5 +519,262 @@ sub setConnectDN {
$self->{_connectDN} = $_[0]; $self->{_connectDN} = $_[0];
} }
#-------------------------------------------------------------------
=head2 www_createAccount ( message, confirm )
Show the form to create a new LDAP account relationship
=cut
sub www_createAccount {
my $self = shift;
my $message = shift;
my $confirm = shift || $self->session->form->process("confirm");
my $vars;
if ($self->session->user->isRegistered) {
return $self->www_displayAccount;
}
elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('inboxInviteUserEnabled')) {
return $self->www_displayLogin;
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
$self->session->log->error('Unable to create LDAP account as there is no LDAP connection defined');
return $self->www_displayLogin;
}
$vars->{'create.message'} = $message if ($message);
my $i18n = WebGUI::International->new($self->session,"AuthLDAP");
$vars->{'create.form.ldapConnection.label'} = $i18n->get("ldapConnection");
my $url = $self->session->url->page("op=auth;method=createAccount;connection=");
$vars->{'create.form.ldapConnection'} = WebGUI::Form::selectBox($self->session, {
name=>"ldapConnection",
options=>WebGUI::LDAPLink->getList($self->session,),
value=>[$connection->{ldapLinkId}],
extras=>qq|onchange="location.href='$url'+this.options[this.selectedIndex].value"|
});
my $ldapId = $self->session->form->process("authLDAP_ldapId");
$vars->{'create.form.ldapId'} = WebGUI::Form::text($self->session,{
name =>"authLDAP_ldapId",
value =>$ldapId,
extras => $self->getExtrasStyle($ldapId)
});
$vars->{'create.form.ldapId.label'} = $connection->{ldapIdentityName};
my $ldapPwd = $self->session->form->process("authLDAP_identifier");
$vars->{'create.form.password'} = WebGUI::Form::password($self->session,{
"name"=>"authLDAP_identifier",
"value"=> $ldapPwd,
extras => $self->getExtrasStyle($ldapPwd)
});
$vars->{'create.form.password.label'} = $connection->{ldapPasswordName};
$vars->{'create.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"confirm","value"=>$confirm});
return $self->SUPER::www_createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
=head2 www_createAccountSave ( )
Process the form to create a new LDAP account relationship
=cut
sub www_createAccountSave {
my $self = shift;
my $username = $self->session->form->process('authLDAP_ldapId');
my $password = $self->session->form->process('authLDAP_identifier');
my $error = "";
my $i18n = WebGUI::International->new($self->session);
#Validate user in LDAP
if(!$self->_isValidLDAPUser()){
return $self->www_createAccount("<h1>".$i18n->get(70)."</h1>".$self->error);
}
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->www_createAccount("<h1>".$i18n->get('no ldap link for auth')."</h1>".$self->error);
}
#Get connectDN from settings
my $uri = URI->new($connection->{ldapUrl});
my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme));
my $auth;
if($connection->{connectDn}) {
$auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier});
}
else{
$auth = $ldap->bind;
}
#$ldap->bind;
my $search = $ldap->search (base => $uri->dn, filter=>$connection->{ldapIdentity}."=".$username);
my $connectDN = "";
if (defined $search->entry(0)) {
if ($connection->{ldapUserRDN} eq 'dn') {
$connectDN = $search->entry(0)->dn;
}
else {
$connectDN = $search->entry(0)->get_value($connection->{ldapUserRDN});
}
}
$ldap->unbind;
#Check that username is valid and not a duplicate in the system.
$error .= $self->error if(!$self->validUsername($username));
#Validate profile data.
my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData($self->session);
$error .= $temp;
return $self->www_createAccount("<li>".$error."</li1>") unless ($error eq "");
#If Email address is not unique, a warning is displayed
if($warning ne "" && !$self->session->form->process("confirm")){
return $self->www_createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
my $properties;
$properties->{connectDN} = $connectDN;
$properties->{ldapUrl} = $connection->{ldapUrl};
$properties->{ldapConnection} = $connection->{ldapLinkId};
return $self->SUPER::www_createAccountSave($username,$properties,$password,$profile);
}
#-------------------------------------------------------------------
=head2 www_deactivateAccount ( )
Show the confirmation form to deactivate the user's account
=cut
sub www_deactivateAccount {
my $self = shift;
return $self->www_displayLogin if($self->userId eq '1');
return $self->SUPER::www_deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
=head2 www_deactivateAccountConfirm ( )
Confirm the user is deactivating their account.
=cut
sub www_deactivateAccountConfirm {
my $self = shift;
return $self->www_displayLogin unless ($self->session->setting->get("selfDeactivation"));
return $self->SUPER::www_deactivateAccountConfirm;
}
#-------------------------------------------------------------------
=head2 www_displayAccount ( message )
Display the account details.
=cut
sub www_displayAccount {
my $self = shift;
my $vars;
return $self->www_displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
$vars->{displayTitle} = '<h1>'.$i18n->get(61).'</h1>';
$vars->{'account.message'} = $i18n->get(856);
if($self->session->setting->get("useKarma")){
$vars->{'account.form.karma'} = $self->session->user->profileField("karma");
$vars->{'account.form.karma.label'} = $i18n->get(537);
}
########### ACCOUNT SHUNT
#The following is a shunt which allows the displayAccount page to be displayed in the
#Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
#If the account system is calling this method, just return the template
my $op = $self->session->form->get("op");
if($op eq "account") {
return $output;
}
#Otherwise wrap the template into the account layout
my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
return $instance->www_displayContent($output,1);
}
#-------------------------------------------------------------------
=head2 www_displayLogin ( message )
Web-facing method to display the login form.
=cut
sub www_displayLogin {
my $self = shift;
my $vars;
return $self->www_displayAccount($_[0]) if ($self->isRegistered);
$vars->{'login.message'} = $_[0] if ($_[0]);
return $self->SUPER::www_displayLogin("login",$vars);
}
#-------------------------------------------------------------------
=head2 www_login ( )
Process the login form. Create a new account if auto registration is enabled.
=cut
sub www_login {
my $self = shift;
my $i18n = WebGUI::International->new($self->session);
my $username = $self->session->form->process("username");
my $identifier = $self->session->form->process("identifier");
my $autoRegistration = $self->session->setting->get("automaticLDAPRegistration");
my $hasAuthenticated = 0;
$hasAuthenticated = 1 if ( $self->authenticate($username,$identifier) );
my $connection = $self->getLDAPConnection;
if (! $connection) {
return $self->www_displayLogin("<h1>".$i18n->get('no ldap logins')."</h1>".$self->error);
}
# Autoregistration is on and they didn't authenticate yet
if ($autoRegistration && !$hasAuthenticated) {
# See if they are in LDAP and if so that they can bind with the password given.
if($self->_isValidLDAPUser()) {
# Create a WebGUI Account
if ($self->validUsername($username)) {
$self->SUPER::www_createAccountSave($username, {
connectDN => $self->getConnectDN,
ldapUrl => $connection->{ldapUrl},
ldapConnection => $connection->{ldapLinkId},
},$identifier);
$hasAuthenticated = 1;
# Pull the users profile from LDAP to WebGUI
WebGUI::Workflow::Instance->create($self->session, {
workflowId=>'AuthLDAPworkflow000001',
methodName=>"new",
className=>"WebGUI::User",
parameters=>$self->session->user->userId,
priority=>3
})->start;
}
}
}
return $self->SUPER::www_login() if $hasAuthenticated; #Standard login routine for login
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
return $self->www_displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
}
1; 1;

4
lib/WebGUI/Auth/Twitter.pm
View file

@ -227,13 +227,13 @@ sub www_callback {
if ( $userId ) { if ( $userId ) {
my $user = WebGUI::User->new( $session, $userId ); my $user = WebGUI::User->new( $session, $userId );
$self->user( $user ); $self->user( $user );
return $self->login; return $self->SUPER::www_login;
} }
# Otherwise see if their screen name exists and create a user # Otherwise see if their screen name exists and create a user
elsif ( !WebGUI::User->newByUsername( $session, $twitterScreenName ) ) { elsif ( !WebGUI::User->newByUsername( $session, $twitterScreenName ) ) {
my $user = $self->createTwitterUser( $twitterUserId, $twitterScreenName ); my $user = $self->createTwitterUser( $twitterUserId, $twitterScreenName );
$self->user( $user ); $self->user( $user );
return $self->login; return $self->SUPER::www_login;
} }
# Otherwise ask them for a new username to use # Otherwise ask them for a new username to use

618
lib/WebGUI/Auth/WebGUI.pm
View file

@ -22,6 +22,7 @@ use WebGUI::Storage;
use WebGUI::User; use WebGUI::User;
use WebGUI::Form::Captcha; use WebGUI::Form::Captcha;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Deprecate;
use Encode (); use Encode ();
use Tie::IxHash; use Tie::IxHash;
@ -130,203 +131,6 @@ sub authenticate {
return 0; return 0;
} }
#-------------------------------------------------------------------
sub createAccount {
my $self = shift;
my $session = $self->session;
my $form = $session->form;
my $setting = $session->setting;
my $message = shift;
my $confirm = shift || $form->process("confirm");
my $vars = shift || {};
my $i18n = WebGUI::International->new($session);
if ($self->session->user->isRegistered) {
return $self->displayAccount;
}
elsif (!$setting->get("anonymousRegistration") && !$setting->get('inboxInviteUserEnabled')) {
return $self->displayLogin;
}
$vars->{'create.message'} = '<ul>'.$message.'</ul>' if ($message);
$vars->{'useCaptcha' } = $setting->get("webguiUseCaptcha");
if ($vars->{useCaptcha}) {
use WebGUI::Form::Captcha;
my $captcha = WebGUI::Form::Captcha->new($session,{
name => "authWebGUI.captcha",
extras => $self->getExtrasStyle
});
$vars->{'create.form.captcha'}
= $captcha->toHtml . '<span class="formSubtext">' . $captcha->get('subtext').'</span>';
$vars->{'create.form.captcha.label'} = $i18n->get("captcha label","AuthWebGUI");
}
unless($setting->get('webguiUseEmailAsUsername')){
my $username = $form->process("authWebGUI.username");
$vars->{'create.form.username'}
= WebGUI::Form::username($self->session, {
name => "authWebGUI.username",
value => $username,
extras => $self->getExtrasStyle($username)
});
$vars->{'create.form.username.label'} = $i18n->get(50);
}
my $password = $form->process("authWebGUI.identifier");
$vars->{'create.form.password'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifier",
value => $password,
extras => $self->getExtrasStyle($password)
});
$vars->{'create.form.password.label'} = $i18n->get(51);
my $passwordConfirm = $form->process("authWebGUI.identifierConfirm");
$vars->{'create.form.passwordConfirm'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifierConfirm",
value => $passwordConfirm,
extras => $self->getExtrasStyle($passwordConfirm)
});
$vars->{'create.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'create.form.hidden'}
= WebGUI::Form::hidden($self->session, {
"name" => "confirm",
"value" => $confirm
});
$vars->{'recoverPassword.isAllowed' } = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url' } = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label' } = $i18n->get(59);
return $self->SUPER::createAccount("createAccountSave",$vars);
}
#-------------------------------------------------------------------
sub createAccountSave {
my $self = shift;
my $session = $self->session;
my $form = $self->session->form;
my $setting = $self->session->setting;
my $i18n = WebGUI::International->new($session);
# Logged in users cannot see this page
return $self->displayAccount if ($session->user->isRegistered);
# Make sure anonymous registration is enabled
if (!$setting->get("anonymousRegistration") && !$setting->get("inboxInviteUserEnabled")) {
$session->log->security($i18n->get("no registration hack", "AuthWebGUI"));
return $self->displayLogin;
}
my $username;
if($setting->get('webguiUseEmailAsUsername')){
$username = $form->process('email');
}
else{
$username = $form->process('authWebGUI.username');
}
my $password = $form->process('authWebGUI.identifier');
my $passConfirm = $form->process('authWebGUI.identifierConfirm');
# Validate input
my $error;
$error = $self->error unless($self->validUsername($username));
if ($setting->get("webguiUseCaptcha")) {
my $form = WebGUI::Form::Captcha->new($session, {name => 'authWebGUI.captcha'});
if (! $form->getValue) {
$error .= '<li>' . $form->getErrorMessage . '</li>';
}
}
$error .= $self->error unless($self->_isValidPassword($password,$passConfirm));
my $fields = WebGUI::ProfileField->getRegistrationFields($session);
my $retHash = $self->user->validateProfileDataFromForm($fields);
my $profile = $retHash->{profile};
my $temp = "";
my $warning = "";
my $format = "<li>%s</li>";
map { $warning .= sprintf($format,$_) } @{$retHash->{warnings}};
map { $temp .= sprintf($format,$_) } @{$retHash->{errors}};
$error .= $temp;
unless ($error eq "") {
$self->error($error);
return $self->createAccount($error);
}
# If Email address is not unique, a warning is displayed
if ($warning ne "" && !$self->session->form->process("confirm")) {
return $self->createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
# Create the new account
my $properties;
$properties->{ changeUsername } = $setting->get("webguiChangeUsername");
$properties->{ changePassword } = $setting->get("webguiChangePassword");
$properties->{ identifier } = $self->hashPassword($password);
$properties->{ passwordLastUpdated } = time();
$properties->{ passwordTimeout } = $setting->get("webguiPasswordTimeout");
$properties->{ status } = 'Deactivated' if ($setting->get("webguiValidateEmail"));
my $afterCreateMessage = $self->SUPER::createAccountSave($username,$properties,$password,$profile);
# Send validation e-mail if required
if ($setting->get("webguiValidateEmail")) {
my $key = $session->id->generate;
$self->update(emailValidationKey=>$key);
my $mail = WebGUI::Mail::Send->create($self->session, {
to => $profile->{email},
subject => $i18n->get('email address validation email subject','AuthWebGUI')
});
my $var;
$var->{newUser_username} = $username;
$var->{activationUrl} = $session->url->page("op=auth;method=validateEmail;key=".$key, 'full');
my $text =
WebGUI::Asset::Template->newById($self->session,$self->getSetting('accountActivationTemplate'))->process($var);
WebGUI::Macro::process($self->session,\$text);
$mail->addText($text);
$mail->addFooter;
$mail->queue;
$self->user->status("Deactivated");
$session->var->end($session->var->get("sessionId"));
$session->var->start(1,$session->getId);
my $u = WebGUI::User->new($session,1);
$self->{user} = $u;
$self->logout;
return $self->displayLogin($i18n->get('check email for validation','AuthWebGUI'));
}
return $afterCreateMessage;
}
#-------------------------------------------------------------------
sub deactivateAccount {
my $self = shift;
return $self->displayLogin if($self->isVisitor);
return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
sub deactivateAccountConfirm {
my $self = shift;
return $self->displayLogin unless ($self->session->setting->get("selfDeactivation"));
# Keep the username for a nice message
my $username = $self->user->username;
# Deactivate the account
my $response = $self->SUPER::deactivateAccountConfirm;
# If there was a response, it's probably an error
return $response if $response;
# Otherwise show the login form with a friendly message
my $i18n = WebGUI::International->new($self->session);
return $self->displayLogin(sprintf( $i18n->get("deactivateAccount success"), $username ));
}
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 checkField ( ) =head2 checkField ( )
@ -339,51 +143,6 @@ or an empty string if the check was successful.
=cut =cut
#-------------------------------------------------------------------
sub displayAccount {
my $self = shift;
my $vars;
return $self->displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
my $userData = $self->get;
$vars->{'account.message'} = $_[0] if ($_[0]);
$vars->{'account.noform'} = 1;
if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
$vars->{'account.form.username'} = WebGUI::Form::text($self->session,{"name"=>"authWebGUI.username","value"=>$self->username});
$vars->{'account.form.username.label'} = $i18n->get(50);
$vars->{'account.noform'} = 0;
}
if($userData->{changePassword} || (!defined $userData->{changePassword} && $self->session->setting->get("webguiChangePassword"))){
$vars->{'account.form.password'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifier","value"=>"password"});
$vars->{'account.form.password.label'} = $i18n->get(51);
$vars->{'account.form.passwordConfirm'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifierConfirm","value"=>"password"});
$vars->{'account.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'account.noform'} = 0;
}
$vars->{'account.nofields'} = $i18n->get(22,'AuthWebGUI');
return $self->SUPER::displayAccount("updateAccount",$vars);
}
#-------------------------------------------------------------------
=head2 displayLogin ( )
The initial login screen an unauthenticated user sees
=cut
sub displayLogin {
my $self = shift;
my $vars;
return $self->displayAccount($_[0]) if ($self->isRegistered);
my $i18n = WebGUI::International->new($self->session);
$vars->{'login.message'} = '<ul>'.$_[0].'</ul>' if ($_[0]);
$vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url'} = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label'} = $i18n->get(59);
return $self->SUPER::displayLogin("login",$vars);
}
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 editUserForm ( ) =head2 editUserForm ( )
@ -781,15 +540,257 @@ sub hashPassword {
return Digest::MD5::md5_base64(Encode::encode_utf8($password)); return Digest::MD5::md5_base64(Encode::encode_utf8($password));
} }
#-------------------------------------------------------------------
sub www_createAccount {
my $self = shift;
my $session = $self->session;
my $form = $session->form;
my $setting = $session->setting;
my $message = shift;
my $confirm = shift || $form->process("confirm");
my $vars = shift || {};
my $i18n = WebGUI::International->new($session);
if ($self->session->user->isRegistered) {
return $self->www_displayAccount;
}
elsif (!$setting->get("anonymousRegistration") && !$setting->get('inboxInviteUserEnabled')) {
return $self->www_displayLogin;
}
$vars->{'create.message'} = '<ul>'.$message.'</ul>' if ($message);
$vars->{'useCaptcha' } = $setting->get("webguiUseCaptcha");
if ($vars->{useCaptcha}) {
use WebGUI::Form::Captcha;
my $captcha = WebGUI::Form::Captcha->new($session,{
name => "authWebGUI.captcha",
extras => $self->getExtrasStyle
});
$vars->{'create.form.captcha'}
= $captcha->toHtml . '<span class="formSubtext">' . $captcha->get('subtext').'</span>';
$vars->{'create.form.captcha.label'} = $i18n->get("captcha label","AuthWebGUI");
}
unless($setting->get('webguiUseEmailAsUsername')){
my $username = $form->process("authWebGUI.username");
$vars->{'create.form.username'}
= WebGUI::Form::username($self->session, {
name => "authWebGUI.username",
value => $username,
extras => $self->getExtrasStyle($username)
});
$vars->{'create.form.username.label'} = $i18n->get(50);
}
my $password = $form->process("authWebGUI.identifier");
$vars->{'create.form.password'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifier",
value => $password,
extras => $self->getExtrasStyle($password)
});
$vars->{'create.form.password.label'} = $i18n->get(51);
my $passwordConfirm = $form->process("authWebGUI.identifierConfirm");
$vars->{'create.form.passwordConfirm'}
= WebGUI::Form::password($self->session, {
name => "authWebGUI.identifierConfirm",
value => $passwordConfirm,
extras => $self->getExtrasStyle($passwordConfirm)
});
$vars->{'create.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'create.form.hidden'}
= WebGUI::Form::hidden($self->session, {
"name" => "confirm",
"value" => $confirm
});
$vars->{'recoverPassword.isAllowed' } = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url' } = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label' } = $i18n->get(59);
return $self->SUPER::www_createAccount("createAccountSave",$vars);
}
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub login { sub www_createAccountSave {
my $self = shift;
my $session = $self->session;
my $form = $self->session->form;
my $setting = $self->session->setting;
my $i18n = WebGUI::International->new($session);
# Logged in users cannot see this page
return $self->www_displayAccount if ($session->user->isRegistered);
# Make sure anonymous registration is enabled
if (!$setting->get("anonymousRegistration") && !$setting->get("inboxInviteUserEnabled")) {
$session->log->security($i18n->get("no registration hack", "AuthWebGUI"));
return $self->www_displayLogin;
}
my $username;
if($setting->get('webguiUseEmailAsUsername')){
$username = $form->process('email');
}
else{
$username = $form->process('authWebGUI.username');
}
my $password = $form->process('authWebGUI.identifier');
my $passConfirm = $form->process('authWebGUI.identifierConfirm');
# Validate input
my $error;
$error = $self->error unless($self->validUsername($username));
if ($setting->get("webguiUseCaptcha")) {
my $form = WebGUI::Form::Captcha->new($session, {name => 'authWebGUI.captcha'});
if (! $form->getValue) {
$error .= '<li>' . $form->getErrorMessage . '</li>';
}
}
$error .= $self->error unless($self->_isValidPassword($password,$passConfirm));
my $fields = WebGUI::ProfileField->getRegistrationFields($session);
my $retHash = $self->user->validateProfileDataFromForm($fields);
my $profile = $retHash->{profile};
my $temp = "";
my $warning = "";
my $format = "<li>%s</li>";
map { $warning .= sprintf($format,$_) } @{$retHash->{warnings}};
map { $temp .= sprintf($format,$_) } @{$retHash->{errors}};
$error .= $temp;
unless ($error eq "") {
$self->error($error);
return $self->www_createAccount($error);
}
# If Email address is not unique, a warning is displayed
if ($warning ne "" && !$self->session->form->process("confirm")) {
return $self->www_createAccount('<li>'.$i18n->get(1078).'</li>', 1);
}
# Create the new account
my $properties;
$properties->{ changeUsername } = $setting->get("webguiChangeUsername");
$properties->{ changePassword } = $setting->get("webguiChangePassword");
$properties->{ identifier } = $self->hashPassword($password);
$properties->{ passwordLastUpdated } = time();
$properties->{ passwordTimeout } = $setting->get("webguiPasswordTimeout");
$properties->{ status } = 'Deactivated' if ($setting->get("webguiValidateEmail"));
my $afterCreateMessage = $self->SUPER::createAccountSave($username,$properties,$password,$profile);
# Send validation e-mail if required
if ($setting->get("webguiValidateEmail")) {
my $key = $session->id->generate;
$self->update(emailValidationKey=>$key);
my $mail = WebGUI::Mail::Send->create($self->session, {
to => $profile->{email},
subject => $i18n->get('email address validation email subject','AuthWebGUI')
});
my $var;
$var->{newUser_username} = $username;
$var->{activationUrl} = $session->url->page("op=auth;method=validateEmail;key=".$key, 'full');
my $text =
WebGUI::Asset::Template->newById($self->session,$self->getSetting('accountActivationTemplate'))->process($var);
WebGUI::Macro::process($self->session,\$text);
$mail->addText($text);
$mail->addFooter;
$mail->queue;
$self->user->status("Deactivated");
$session->var->end($session->var->get("sessionId"));
$session->var->start(1,$session->getId);
my $u = WebGUI::User->new($session,1);
$self->{user} = $u;
$self->logout;
return $self->www_displayLogin($i18n->get('check email for validation','AuthWebGUI'));
}
return $afterCreateMessage;
}
#-------------------------------------------------------------------
sub www_deactivateAccount {
my $self = shift;
return $self->www_displayLogin if($self->isVisitor);
return $self->SUPER::www_deactivateAccount("deactivateAccountConfirm");
}
#-------------------------------------------------------------------
sub www_deactivateAccountConfirm {
my $self = shift;
return $self->www_displayLogin unless ($self->session->setting->get("selfDeactivation"));
# Keep the username for a nice message
my $username = $self->user->username;
# Deactivate the account
my $response = $self->SUPER::www_deactivateAccountConfirm;
# If there was a response, it's probably an error
return $response if $response;
# Otherwise show the login form with a friendly message
my $i18n = WebGUI::International->new($self->session);
return $self->www_displayLogin(sprintf( $i18n->get("deactivateAccount success"), $username ));
}
#-------------------------------------------------------------------
sub www_displayAccount {
my $self = shift;
my $vars;
return $self->www_displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
my $userData = $self->get;
$vars->{'account.message'} = $_[0] if ($_[0]);
$vars->{'account.noform'} = 1;
if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
$vars->{'account.form.username'} = WebGUI::Form::text($self->session,{"name"=>"authWebGUI.username","value"=>$self->username});
$vars->{'account.form.username.label'} = $i18n->get(50);
$vars->{'account.noform'} = 0;
}
if($userData->{changePassword} || (!defined $userData->{changePassword} && $self->session->setting->get("webguiChangePassword"))){
$vars->{'account.form.password'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifier","value"=>"password"});
$vars->{'account.form.password.label'} = $i18n->get(51);
$vars->{'account.form.passwordConfirm'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifierConfirm","value"=>"password"});
$vars->{'account.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
$vars->{'account.noform'} = 0;
}
$vars->{'account.nofields'} = $i18n->get(22,'AuthWebGUI');
return $self->SUPER::www_displayAccount("updateAccount",$vars);
}
#-------------------------------------------------------------------
=head2 www_displayLogin ( )
The initial login screen an unauthenticated user sees
=cut
sub www_displayLogin {
my $self = shift;
my $vars;
print "WebGUI->www_displayLogin\n";
return $self->www_displayAccount($_[0]) if ($self->isRegistered);
my $i18n = WebGUI::International->new($self->session);
$vars->{'login.message'} = '<ul>'.$_[0].'</ul>' if ($_[0]);
$vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
$vars->{'recoverPassword.url'} = $self->session->url->page('op=auth;method=recoverPassword');
$vars->{'recoverPassword.label'} = $i18n->get(59);
return $self->SUPER::www_displayLogin("login",$vars);
}
#-------------------------------------------------------------------
sub www_login {
my $self = shift; my $self = shift;
if(!$self->authenticate($self->session->form->process("username"),$self->session->form->process("identifier"))){ if(!$self->authenticate($self->session->form->process("username"),$self->session->form->process("identifier"))){
$self->session->http->setStatus(401); $self->session->http->setStatus(401);
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information."); $self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
my $i18n = WebGUI::International->new($self->session); my $i18n = WebGUI::International->new($self->session);
return $self->displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error); return $self->www_displayLogin("<h1>".$i18n->get(70)."</h1>".$self->error);
} }
my $userData = $self->get; my $userData = $self->get;
@ -798,32 +799,16 @@ sub login {
if (time() >= $expireTime){ if (time() >= $expireTime){
my $userId = $self->userId; my $userId = $self->userId;
$self->logout; $self->logout;
return $self->resetExpiredPassword($userId); return $self->www_resetExpiredPassword($userId);
} }
} }
return $self->SUPER::login(); return $self->SUPER::www_login();
}
#-------------------------------------------------------------------
sub new {
my $class = shift;
my $session = shift;
my $userId = $_[0];
my $self = $class->SUPER::new($session,$userId);
$self->setCallable([
'validateEmail','createAccount','deactivateAccount','displayAccount',
'displayLogin','login','logout','recoverPassword','resetExpiredPassword',
'recoverPasswordFinish','createAccountSave','deactivateAccountConfirm',
'resetExpiredPasswordSave','updateAccount', 'emailResetPassword',
'emailResetPasswordFinish',
]);
return $self;
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 recoverPassword ( args ) =head2 www_recoverPassword ( args )
Initiates the password recovery process. Checks for recovery type, Initiates the password recovery process. Checks for recovery type,
and then runs the appropriate method. Arguments to this sub are and then runs the appropriate method. Arguments to this sub are
@ -831,24 +816,26 @@ passed directly to the approprate method.
=cut =cut
sub recoverPassword { sub www_recoverPassword {
my $self = shift; my $self = shift;
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor; return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $type = $self->getPasswordRecoveryType; my $type = $self->getPasswordRecoveryType;
if ($type eq 'profile') { if ($type eq 'profile') {
$self->profileRecoverPassword(@_); $self->www_profileRecoverPassword(@_);
} }
elsif ($type eq 'email') { elsif ($type eq 'email') {
$self->emailRecoverPassword(@_); $self->www_emailRecoverPassword(@_);
} }
} }
deprecate 'recoverPassword' => 'www_recoverPassword';
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 emailRecoverPassword ( $error ) =head2 www_emailRecoverPassword ( $error )
Templated email recovery form. Templated email recovery form.
@ -858,7 +845,7 @@ $error is any error from the system which needs to be reported to the user.
=cut =cut
sub emailRecoverPassword { sub www_emailRecoverPassword {
my $self = shift; my $self = shift;
my $session = $self->session; my $session = $self->session;
my $i18n = WebGUI::International->new($session); my $i18n = WebGUI::International->new($session);
@ -903,13 +890,15 @@ sub emailRecoverPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars); return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
} }
deprecate 'emailRecoverPassword' => 'www_emailRecoverPassword';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub profileRecoverPassword { sub www_profileRecoverPassword {
my $self = shift; my $self = shift;
my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)}; my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)};
return $self->displayLogin unless @fields; return $self->www_displayLogin unless @fields;
my $vars = {}; my $vars = {};
my $i18n = WebGUI::International->new($self->session); my $i18n = WebGUI::International->new($self->session);
@ -948,9 +937,11 @@ sub profileRecoverPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars); return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
} }
deprecate 'profileRecoverPassword' => 'www_profileRecoverPassword';
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 recoverPasswordFinish ( args ) =head2 www_recoverPasswordFinish ( args )
Handles data for recovery of password. Gets password recovery type, Handles data for recovery of password. Gets password recovery type,
and then runs the appropriate method. Arguments are passed directly and then runs the appropriate method. Arguments are passed directly
@ -958,35 +949,37 @@ to the appropriate method.
=cut =cut
sub recoverPasswordFinish { sub www_recoverPasswordFinish {
my $self = shift; my $self = shift;
my $type = $self->getPasswordRecoveryType; my $type = $self->getPasswordRecoveryType;
if ($type eq 'profile') { if ($type eq 'profile') {
$self->profileRecoverPasswordFinish(@_); $self->www_profileRecoverPasswordFinish(@_);
} elsif ($type eq 'email') { } elsif ($type eq 'email') {
$self->emailRecoverPasswordFinish(@_); $self->www_emailRecoverPasswordFinish(@_);
} }
} }
deprecate 'recoverPasswordFinish' => 'www_recoverPasswordFinish';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub profileRecoverPasswordFinish { sub www_profileRecoverPasswordFinish {
my $self = shift; my $self = shift;
my $session = $self->session; my $session = $self->session;
my $i18n = WebGUI::International->new($self->session); my $i18n = WebGUI::International->new($self->session);
my $i18n2 = WebGUI::International->new($self->session, 'AuthWebGUI'); my $i18n2 = WebGUI::International->new($self->session, 'AuthWebGUI');
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor; return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $username; my $username;
if ($self->getSetting('passwordRecoveryRequireUsername')) { if ($self->getSetting('passwordRecoveryRequireUsername')) {
$username = $self->session->form->process('authWebGUI.username'); $username = $self->session->form->process('authWebGUI.username');
return $self->recoverPassword($i18n->get('password recovery no username', 'AuthWebGUI')) unless defined $username; return $self->www_recoverPassword($i18n->get('password recovery no username', 'AuthWebGUI')) unless defined $username;
} }
my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)}; my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)};
return $self->displayLogin unless @fields; return $self->www_displayLogin unless @fields;
my %fieldValues; my %fieldValues;
my @failedRequiredFields; my @failedRequiredFields;
@ -1000,7 +993,7 @@ sub profileRecoverPasswordFinish {
my $errorMessage = '<ul>' . join("\n", map { my $errorMessage = '<ul>' . join("\n", map {
'<li>' . $_->getLabel . ' ' . $i18n->get(451) . '</li>' '<li>' . $_->getLabel . ' ' . $i18n->get(451) . '</li>'
} @failedRequiredFields) . '</ul>'; } @failedRequiredFields) . '</ul>';
return $self->recoverPassword($errorMessage); return $self->www_recoverPassword($errorMessage);
} }
my @fieldNames = keys %fieldValues; my @fieldNames = keys %fieldValues;
@ -1011,10 +1004,10 @@ sub profileRecoverPasswordFinish {
my @userIds = $self->session->db->buildArray($sql, [$self->authMethod, @fieldValues, (defined($username)? ($username) : ())]); my @userIds = $self->session->db->buildArray($sql, [$self->authMethod, @fieldValues, (defined($username)? ($username) : ())]);
if (@userIds == 0) { if (@userIds == 0) {
return $self->recoverPassword($i18n2->get('password recovery no results')); return $self->www_recoverPassword($i18n2->get('password recovery no results'));
} }
elsif (@userIds > 1) { elsif (@userIds > 1) {
return $self->recoverPassword($i18n2->get('password recovery multiple results')); return $self->www_recoverPassword($i18n2->get('password recovery multiple results'));
} }
# Exactly one result. # Exactly one result.
@ -1023,7 +1016,7 @@ sub profileRecoverPasswordFinish {
# Make sure the userId is not disabled # Make sure the userId is not disabled
my $user = WebGUI::User->new($self->session, $userId); my $user = WebGUI::User->new($self->session, $userId);
if ( $user->status ne "Active" ) { if ( $user->status ne "Active" ) {
return $self->recoverPassword( $i18n2->get( 'password recovery disabled' ) ); return $self->www_recoverPassword( $i18n2->get( 'password recovery disabled' ) );
} }
my ($password, $passwordConfirm) = ($self->session->form->process('authWebGUI.identifier'), $self->session->form->process('authWebGUI.identifierConfirm')); my ($password, $passwordConfirm) = ($self->session->form->process('authWebGUI.identifier'), $self->session->form->process('authWebGUI.identifierConfirm'));
@ -1080,17 +1073,19 @@ sub profileRecoverPasswordFinish {
identifier => $self->hashPassword($password), identifier => $self->hashPassword($password),
passwordLastUpdated => time); passwordLastUpdated => time);
$self->_logSecurityMessage; $self->_logSecurityMessage;
return $self->SUPER::login; return $self->SUPER::www_login;
} else { } else {
return $self->recoverPassword('<ul><li>'.$self->error.'</li></ul>'); return $self->www_recoverPassword('<ul><li>'.$self->error.'</li></ul>');
} }
} }
deprecate 'profileRecoverPasswordFinish' => 'www_profileRecoverPasswordFinish';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub emailRecoverPasswordFinish { sub www_emailRecoverPasswordFinish {
my $self = shift; my $self = shift;
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor; return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $i18n = WebGUI::International->new($self->session); my $i18n = WebGUI::International->new($self->session);
my $session = $self->session; my $session = $self->session;
@ -1108,12 +1103,12 @@ sub emailRecoverPasswordFinish {
# return error unless we get a valid user.\ # return error unless we get a valid user.\
unless ($user) { unless ($user) {
return $self->recoverPassword( $i18n->get('recover password not found', 'AuthWebGUI') ); return $self->www_recoverPassword( $i18n->get('recover password not found', 'AuthWebGUI') );
} }
# Make sure the user is Active # Make sure the user is Active
if ( $user->status ne "Active" ) { if ( $user->status ne "Active" ) {
return $self->recoverPassword( $i18n->get( 'password recovery disabled', 'AuthWebGUI' ) ); return $self->www_recoverPassword( $i18n->get( 'password recovery disabled', 'AuthWebGUI' ) );
} }
# generate information necessry to proceed # generate information necessry to proceed
@ -1122,7 +1117,7 @@ sub emailRecoverPasswordFinish {
$email = $user->profileField('email'); $email = $user->profileField('email');
if ( ! $email ) { if ( ! $email ) {
return $self->recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) ); return $self->www_recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) );
} }
my $authsettings = $self->get; my $authsettings = $self->get;
@ -1141,10 +1136,12 @@ sub emailRecoverPasswordFinish {
return "<h1>". $i18n->get('recover password banner', 'AuthWebGUI')." </h1> <br> <br> <h3>". $i18n->get('email recover password finish message', 'AuthWebGUI') . "</h3>"; return "<h1>". $i18n->get('recover password banner', 'AuthWebGUI')." </h1> <br> <br> <h3>". $i18n->get('email recover password finish message', 'AuthWebGUI') . "</h3>";
} }
deprecate emailRecoverPasswordFinish => 'www_emailRecoverPasswordFinish';
#------------------------------------------------------------------- #-------------------------------------------------------------------
# handler for the link generated and mailed by emailRecoverPasswordFinish # handler for the link generated and mailed by emailRecoverPasswordFinish
sub emailResetPassword { sub www_emailResetPassword {
my $self = shift; my $self = shift;
my $errormsg = shift; my $errormsg = shift;
@ -1212,9 +1209,11 @@ sub emailResetPassword {
} }
deprecate 'emailResetPassword' => 'www_emailResetPassword';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub emailResetPasswordFinish { sub www_emailResetPasswordFinish {
my $self = shift; my $self = shift;
my $session = $self->session; my $session = $self->session;
my ($form) = $session->quick(qw/form/); my ($form) = $session->quick(qw/form/);
@ -1238,15 +1237,17 @@ sub emailResetPasswordFinish {
# delete the emailRecoverPasswordVerificationNumber # delete the emailRecoverPasswordVerificationNumber
$self->delete('emailRecoverPasswordVerificationNumber'); $self->delete('emailRecoverPasswordVerificationNumber');
return $self->SUPER::login; return $self->SUPER::www_login;
} else { } else {
return $self->emailResetPassword($self->error); return $self->www_emailResetPassword($self->error);
} }
} }
deprecate emailResetPasswordFinish => 'www_emailResetPasswordFinish';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub resetExpiredPassword { sub www_resetExpiredPassword {
my $self = shift; my $self = shift;
my $uid = shift || $self->session->form->process("uid"); my $uid = shift || $self->session->form->process("uid");
my $vars; my $vars;
@ -1271,8 +1272,10 @@ sub resetExpiredPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getExpiredPasswordTemplateId)->process($vars); return WebGUI::Asset::Template->newById($self->session,$self->getExpiredPasswordTemplateId)->process($vars);
} }
deprecate resetExpiredPassword => 'www_resetExpiredPassword';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub resetExpiredPasswordSave { sub www_resetExpiredPasswordSave {
my $self = shift; my $self = shift;
my ($error,$u,$properties,$msg); my ($error,$u,$properties,$msg);
@ -1284,18 +1287,20 @@ sub resetExpiredPasswordSave {
$error .= '<li>'.$i18n->get(12,'AuthWebGUI').'</li>' if ($self->session->form->process("oldPassword") eq $self->session->form->process("identifier")); $error .= '<li>'.$i18n->get(12,'AuthWebGUI').'</li>' if ($self->session->form->process("oldPassword") eq $self->session->form->process("identifier"));
$error .= $self->error if(!$self->_isValidPassword($self->session->form->process("identifier"),$self->session->form->process("identifierConfirm"))); $error .= $self->error if(!$self->_isValidPassword($self->session->form->process("identifier"),$self->session->form->process("identifierConfirm")));
return $self->resetExpiredPassword($u->userId, "<h1>".$i18n->get(70)."</h1><ul>".$error.'</ul>') if ($error); return $self->www_resetExpiredPassword($u->userId, "<h1>".$i18n->get(70)."</h1><ul>".$error.'</ul>') if ($error);
$properties->{identifier} = $self->hashPassword($self->session->form->process("identifier")); $properties->{identifier} = $self->hashPassword($self->session->form->process("identifier"));
$properties->{passwordLastUpdated} =time(); $properties->{passwordLastUpdated} =time();
$self->update($properties); $self->update($properties);
$self->_logSecurityMessage(); $self->_logSecurityMessage();
return $self->SUPER::login(); return $self->SUPER::www_login();
} }
deprecate resetExpiredPasswordSave => 'www_resetExpiredPasswordSave';
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub validateEmail { sub www_validateEmail {
my $self = shift; my $self = shift;
my $session = $self->session; my $session = $self->session;
my ($userId) = $session->db->quickArray("select userId from authentication where fieldData=? and fieldName='emailValidationKey' and authMethod='WebGUI'", [$session->form->process("key")]); my ($userId) = $session->db->quickArray("select userId from authentication where fieldData=? and fieldName='emailValidationKey' and authMethod='WebGUI'", [$session->form->process("key")]);
@ -1307,19 +1312,20 @@ sub validateEmail {
$self->session->db->write("DELETE FROM authentication WHERE userId = ? AND fieldName = 'emailValidationKey'", [$userId]); $self->session->db->write("DELETE FROM authentication WHERE userId = ? AND fieldName = 'emailValidationKey'", [$userId]);
$message = $i18n->get('email validation confirmed','AuthWebGUI'); $message = $i18n->get('email validation confirmed','AuthWebGUI');
} }
return $self->displayLogin($message); return $self->www_displayLogin($message);
} }
deprecate validateEmail => 'www_validateEmail';
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 updateAccount ( ) =head2 www_updateAccount ( )
Sets properties to update and passes them to the superclass Sets properties to update and passes them to the superclass
=cut =cut
sub updateAccount { sub www_updateAccount {
my $self = shift; my $self = shift;
my $i18n = WebGUI::International->new($self->session); my $i18n = WebGUI::International->new($self->session);
@ -1330,7 +1336,7 @@ sub updateAccount {
my $error = ""; my $error = "";
if($self->isVisitor){ if($self->isVisitor){
return $self->displayLogin; return $self->www_displayLogin;
} }
if($username){ if($username){
@ -1373,8 +1379,10 @@ sub updateAccount {
$self->update($properties); $self->update($properties);
$self->session->user(undef,undef,$u); $self->session->user(undef,undef,$u);
return $self->displayAccount($display); return $self->www_displayAccount($display);
} }
deprecate updateAccount => 'www_updateAccount';
1; 1;

52
lib/WebGUI/Deprecate.pm Normal file
View file

@ -0,0 +1,52 @@
package WebGUI::Deprecate;
=head1 NAME
WebGUI::Deprecate - Warn about subroutine deprecations
=head1 SYNOPSIS
use WebGUI::Deprecate;
deprecate oldMethod => 'newMethod';
sub newMethod { # will get called either way }
=head1 DESCRIPTION
Deprecate a subroutine, spitting out a warning whenever it is used.
=cut
use strict;
use warnings;
use Sub::Exporter -setup => {
exports => [ 'deprecate' ],
groups => {
default => [ 'deprecate' ],
}
};
my %warned;
sub deprecate ($$) {
my ($old_method, $new_method) = @_;
my $package = caller;
no strict 'refs';
no warnings 'redefine';
*{"$package\::$old_method"} = \&{"$package\::$new_method"};
my $proxy_method = sub {
my $self = $_[0];
my $sub = $self->can($old_method);
my $class = ref $self || $self;
if ($sub ne \&{"$package\::$old_method"}) {
my $message = "$class contains the method $old_method. This has been deprecated and replaced with $new_method.";
warn $message unless $warned{$message}++;
$self->$new_method( @_ );
}
goto $sub;
};
*{"$package\::$new_method"} = $proxy_method;
}
1;

12
t/Auth/LDAP.t
View file

@ -65,7 +65,7 @@ $session->request->setup_body({
username => 'Andy Dufresne', username => 'Andy Dufresne',
identifier => 'AndyDufresne', identifier => 'AndyDufresne',
}); });
my $out = $auth->login(); my $out = $auth->www_login();
is( $session->user->getId, $user->getId, 'Andy is logged in' ); is( $session->user->getId, $user->getId, 'Andy is logged in' );
@ -82,7 +82,7 @@ $session->request->setup_body({
}); });
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' ); $auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->createAccountSave; $out = $auth->www_createAccountSave;
is( $session->user->get('username'), 'Ellis Redding', 'Ellis was created' ); is( $session->user->get('username'), 'Ellis Redding', 'Ellis was created' );
WebGUI::Test->addToCleanup( $session->user ); WebGUI::Test->addToCleanup( $session->user );
@ -98,7 +98,7 @@ $session->request->setup_body({
identifier => 'BogsDiamond', identifier => 'BogsDiamond',
}); });
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' ); $auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login; $out = $auth->www_login;
is( $session->user->get('username'), 'Bogs Diamond', 'Bogs was created' ) is( $session->user->get('username'), 'Bogs Diamond', 'Bogs was created' )
or diag( $auth->error ); or diag( $auth->error );
@ -131,7 +131,7 @@ $session->request->setup_body({
identifier => 'BrooksHatley', identifier => 'BrooksHatley',
}); });
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' ); $auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login; $out = $auth->www_login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was created'; is $session->user->get('username'), 'Brooks Hatley', 'Brooks was created';
cmp_deeply( cmp_deeply(
$auth->get, $auth->get,
@ -143,7 +143,7 @@ cmp_deeply(
'authentication information set after creating account' 'authentication information set after creating account'
); );
WebGUI::Test->addToCleanup( $session->user, ); WebGUI::Test->addToCleanup( $session->user, );
$out = $auth->logout; $out = $auth->www_logout;
is $session->user->get('username'), 'Visitor', 'Brooks was logged out'; is $session->user->get('username'), 'Visitor', 'Brooks was logged out';
$ldap->moddn( 'uid=Brooks Hatley,o=shawshank', $ldap->moddn( 'uid=Brooks Hatley,o=shawshank',
@ -164,7 +164,7 @@ $session->request->setup_body({
}); });
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' ); $auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login; $out = $auth->www_login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was logged in after name change'; is $session->user->get('username'), 'Brooks Hatley', 'Brooks was logged in after name change';
cmp_deeply( cmp_deeply(
$auth->get, $auth->get,