Begins separation of user management functions

This commit is contained in:
Emmanuel Viennet 2021-01-16 14:02:18 +01:00
parent 1476df8ecf
commit 76d7a21ec7
3 changed files with 58 additions and 26 deletions

View File

@ -59,7 +59,7 @@ except:
from sco_utils import * from sco_utils import *
from notes_log import log from notes_log import log
import sco_find_etud import sco_find_etud
from ZScoUsers import pwdFascistCheck import sco_users
class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Implicit): class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Implicit):
@ -201,7 +201,7 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération") raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")
log("trying to change admin password") log("trying to change admin password")
# 1-- check strong password # 1-- check strong password
if pwdFascistCheck(password) != None: if not sco_users.is_valid_password(password):
log("refusing weak password") log("refusing weak password")
return REQUEST.RESPONSE.redirect( return REQUEST.RESPONSE.redirect(
"change_admin_user_form?message=Mot%20de%20passe%20trop%20simple,%20recommencez" "change_admin_user_form?message=Mot%20de%20passe%20trop%20simple,%20recommencez"

View File

@ -47,24 +47,7 @@ from TrivialFormulator import TrivialFormulator, TF
from gen_tables import GenTable from gen_tables import GenTable
import scolars import scolars
import sco_cache import sco_cache
import sco_users
# ----------------- password checking
import cracklib
def pwdFascistCheck(cleartxt):
"returns None if OK"
if (
hasattr(CONFIG, "MIN_PASSWORD_LENGTH")
and CONFIG.MIN_PASSWORD_LENGTH > 0
and len(cleartxt) < CONFIG.MIN_PASSWORD_LENGTH
):
return True # invalid
try:
x = cracklib.FascistCheck(cleartxt)
return None
except ValueError as e:
return str(e)
# --------------- # ---------------
@ -358,10 +341,6 @@ class ZScoUsers(
else: else:
return False return False
def _is_valid_passwd(self, passwd):
"check if passwd is secure enough"
return not pwdFascistCheck(passwd)
def do_change_password(self, user_name, password): def do_change_password(self, user_name, password):
user = self._user_list(args={"user_name": user_name}) user = self._user_list(args={"user_name": user_name})
assert len(user) == 1, "database inconsistency: len(user)=%d" % len(user) assert len(user) == 1, "database inconsistency: len(user)=%d" % len(user)
@ -407,7 +386,7 @@ class ZScoUsers(
% user_name % user_name
) )
else: else:
if not self._is_valid_passwd(password): if not sco_users.is_valid_password(password):
H.append( H.append(
"""<p><b>ce mot de passe n\'est pas assez compliqué !</b><br/>(oui, il faut un mot de passe vraiment compliqué !)</p> """<p><b>ce mot de passe n\'est pas assez compliqué !</b><br/>(oui, il faut un mot de passe vraiment compliqué !)</p>
<p><a href="form_change_password?user_name=%s" class="stdlink">Recommencer</a></p> <p><a href="form_change_password?user_name=%s" class="stdlink">Recommencer</a></p>
@ -890,7 +869,7 @@ class ZScoUsers(
"""Les deux mots de passes ne correspondent pas !""" """Les deux mots de passes ne correspondent pas !"""
) )
return "\n".join(H) + msg + "\n" + tf[1] + F return "\n".join(H) + msg + "\n" + tf[1] + F
if not self._is_valid_passwd(vals["passwd"]): if not sco_users.is_valid_password(vals["passwd"]):
msg = tf_error_message( msg = tf_error_message(
"""Mot de passe trop simple, recommencez !""" """Mot de passe trop simple, recommencez !"""
) )

53
sco_users.py Normal file
View File

@ -0,0 +1,53 @@
# -*- mode: python -*-
# -*- coding: utf-8 -*-
##############################################################################
#
# Gestion scolarite IUT
#
# Copyright (c) 1999 - 2021 Emmanuel Viennet. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# Emmanuel Viennet emmanuel.viennet@viennet.net
#
##############################################################################
"""Fonctions sur les utilisateurs
"""
# Anciennement dans ZScoUsers.py, séparé pour migration
import cracklib # pylint: disable=import-error
import sco_utils as scu
from sco_utils import CONFIG, SCO_ENCODING
def is_valid_password(cleartxt):
"""Check password.
returns True if OK.
"""
if (
hasattr(CONFIG, "MIN_PASSWORD_LENGTH")
and CONFIG.MIN_PASSWORD_LENGTH > 0
and len(cleartxt) < CONFIG.MIN_PASSWORD_LENGTH
):
return False # invalid: too short
try:
_ = cracklib.FascistCheck(cleartxt)
return True
except ValueError:
return False