1 # -*- coding: utf-8 -*-
2 ##############################################################################
4 # OpenERP, Open Source Management Solution
5 # Copyright (C) 2012-today OpenERP SA (<http://www.openerp.com>)
7 # This program is free software: you can redistribute it and/or modify
8 # it under the terms of the GNU Affero General Public License as
9 # published by the Free Software Foundation, either version 3 of the
10 # License, or (at your option) any later version
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU Affero General Public License for more details
17 # You should have received a copy of the GNU Affero General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>
20 ##############################################################################
25 from openerp.addons.auth_signup.res_users import SignupError
26 from openerp.addons.web.controllers.main import ensure_db
27 from openerp import http
28 from openerp.http import request
29 from openerp.tools.translate import _
31 _logger = logging.getLogger(__name__)
33 class AuthSignupHome(openerp.addons.web.controllers.main.Home):
36 def web_login(self, *args, **kw):
38 response = super(AuthSignupHome, self).web_login(*args, **kw)
39 response.qcontext.update(self.get_auth_signup_config())
40 if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
41 # Redirect if already logged in and redirect param is present
42 return http.redirect_with_hash(request.params.get('redirect'))
45 @http.route('/web/signup', type='http', auth='public', website=True, multilang=True)
46 def web_auth_signup(self, *args, **kw):
47 qcontext = self.get_auth_signup_qcontext()
49 if not qcontext.get('token') and not qcontext.get('signup_enabled'):
50 raise werkzeug.exceptions.NotFound()
52 if 'error' not in qcontext and request.httprequest.method == 'POST':
54 self.do_signup(qcontext)
55 return super(AuthSignupHome, self).web_login(*args, **kw)
56 except (SignupError, AssertionError), e:
57 qcontext['error'] = _(e.message)
59 return request.render('auth_signup.signup', qcontext)
61 @http.route('/web/reset_password', type='http', auth='public', website=True, multilang=True)
62 def web_auth_reset_password(self, *args, **kw):
63 qcontext = self.get_auth_signup_qcontext()
65 if not qcontext.get('token') and not qcontext.get('reset_password_enabled'):
66 raise werkzeug.exceptions.NotFound()
68 if 'error' not in qcontext and request.httprequest.method == 'POST':
70 if qcontext.get('token'):
71 self.do_signup(qcontext)
72 return super(AuthSignupHome, self).web_login(*args, **kw)
74 login = qcontext.get('login')
75 assert login, "No login provided."
76 res_users = request.registry.get('res.users')
77 res_users.reset_password(request.cr, openerp.SUPERUSER_ID, login)
78 qcontext['message'] = _("An email has been sent with credentials to reset your password")
80 qcontext['error'] = _("Could not reset your password")
81 _logger.exception('error when resetting password')
83 qcontext['error'] = _(e.message)
86 return request.render('auth_signup.reset_password', qcontext)
88 def get_auth_signup_config(self):
89 """retrieve the module config (which features are enabled) for the login page"""
91 icp = request.registry.get('ir.config_parameter')
93 'signup_enabled': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.allow_uninvited') == 'True',
94 'reset_password_enabled': icp.get_param(request.cr, openerp.SUPERUSER_ID, 'auth_signup.reset_password') == 'True',
97 def get_auth_signup_qcontext(self):
98 """ Shared helper returning the rendering context for signup and reset password """
99 qcontext = request.params.copy()
100 qcontext.update(self.get_auth_signup_config())
101 if qcontext.get('token'):
103 # retrieve the user info (name, login or email) corresponding to a signup token
104 res_partner = request.registry.get('res.partner')
105 token_infos = res_partner.signup_retrieve_info(request.cr, openerp.SUPERUSER_ID, qcontext.get('token'))
106 for k, v in token_infos.items():
107 qcontext.setdefault(k, v)
109 qcontext['error'] = _("Invalid signup token")
112 def do_signup(self, qcontext):
113 """ Shared helper that creates a res.partner out of a token """
114 values = dict((key, qcontext.get(key)) for key in ('login', 'name', 'password'))
115 assert any([k for k in values.values()]), "The form was not properly filled in."
116 assert values.get('password') == qcontext.get('confirm_password'), "Passwords do not match; please retype them."
117 self._signup_with_values(qcontext.get('token'), values)
120 def _signup_with_values(self, token, values):
121 db, login, password = request.registry['res.users'].signup(request.cr, openerp.SUPERUSER_ID, values, token)
122 request.cr.commit() # as authenticate will use its own cursor we need to commit the current transaction
123 uid = request.session.authenticate(db, login, password)
125 raise SignupError(_('Authentification Failed.'))
127 # vim:expandtab:tabstop=4:softtabstop=4:shiftwidth=4: