X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FMethods%2FResetPassword.py;h=8036969f5e5198bb8c65706ca896a4d17c6f667f;hb=87e18d743c775fc8f3dfb3972e183567d940e7c6;hp=dd76a03de2c5a3d3f12f6100a50f3602fd4eafed;hpb=4f87899ff7aecb0d213ace1208694b288f9cd33d;p=plcapi.git

diff --git a/PLC/Methods/ResetPassword.py b/PLC/Methods/ResetPassword.py
index dd76a03..8036969 100644
--- a/PLC/Methods/ResetPassword.py
+++ b/PLC/Methods/ResetPassword.py
@@ -1,9 +1,9 @@
 import random
 import base64
 import time
-import urllib
+import urllib.request, urllib.parse, urllib.error
 
-from PLC.Debug import log
+from PLC.Logger import logger
 from PLC.Faults import *
 from PLC.Method import Method
 from PLC.Parameter import Parameter, Mixed
@@ -33,28 +33,37 @@ class ResetPassword(Method):
         Auth(),
         Mixed(Person.fields['person_id'],
               Person.fields['email']),
-	Person.fields['verification_key'],
+        Person.fields['verification_key'],
         Person.fields['verification_expires']
         ]
 
     returns = Parameter(int, '1 if verification_key is valid')
 
     def call(self, auth, person_id_or_email, verification_key = None, verification_expires = None):
-	# Get account information
-        persons = Persons(self.api, [person_id_or_email])
+        # Get account information
+        # we need to search in local objects only
+        if isinstance (person_id_or_email, str):
+            filter = {'email': person_id_or_email}
+        else:
+            filter = {'person_id': person_id_or_email}
+        filter['peer_id']=None
+        persons = Persons(self.api, filter)
         if not persons:
-            raise PLCInvalidArgument, "No such account"
+            raise PLCInvalidArgument("No such account")
         person = persons[0]
 
         if person['peer_id'] is not None:
-            raise PLCInvalidArgument, "Not a local account"
+            raise PLCInvalidArgument("Not a local account")
+
+        if not person['enabled']:
+            raise PLCInvalidArgument("Account must be enabled")
 
         # Be paranoid and deny password resets for admins
         if 'admin' in person['roles']:
-            raise PLCInvalidArgument, "Cannot reset admin passwords"
+            raise PLCInvalidArgument("Cannot reset admin passwords")
 
         # Generate 32 random bytes
-        bytes = random.sample(xrange(0, 256), 32)
+        bytes = random.sample(range(0, 256), 32)
         # Base64 encode their string representation
         random_key = base64.b64encode("".join(map(chr, bytes)))
 
@@ -62,9 +71,9 @@ class ResetPassword(Method):
             if person['verification_key'] is None or \
                person['verification_expires'] is None or \
                person['verification_expires'] < time.time():
-                raise PLCPermissionDenied, "Verification key has expired"
+                raise PLCPermissionDenied("Verification key has expired")
             elif person['verification_key'] != verification_key:
-                raise PLCPermissionDenied, "Verification key incorrect"
+                raise PLCPermissionDenied("Verification key incorrect")
             else:
                 # Reset password to random string
                 person['password'] = random_key
@@ -77,7 +86,7 @@ class ResetPassword(Method):
             # Only allow one reset at a time
             if person['verification_expires'] is not None and \
                person['verification_expires'] > time.time():
-                raise PLCPermissionDenied, "Password reset request already pending"
+                raise PLCPermissionDenied("Password reset request already pending")
 
             if verification_expires is None:
                 verification_expires = int(time.time() + (24 * 60 * 60))
@@ -99,19 +108,19 @@ class ResetPassword(Method):
                       'PLC_WWW_SSL_PORT': self.api.config.PLC_WWW_SSL_PORT,
                       'person_id': person['person_id'],
                       # Will be used in a URL, so must quote appropriately
-                      'verification_key': urllib.quote_plus(random_key),
+                      'verification_key': urllib.parse.quote_plus(random_key),
                       'password': random_key,
                       'email': person['email']}
 
             sendmail(self.api,
-                     To = "%s %s <%s>" % (person['first_name'], person['last_name'], person['email']),
-                     Subject = message['subject'],
+                     To = ("%s %s" % (person['first_name'], person['last_name']), person['email']),
+                     Subject = message['subject'] % params,
                      Body = message['template'] % params)
         else:
-            print >> log, "Warning: No message template '%s'" % message-id
+            logger.warning("No message template '%s'" % message_id)
 
-	# Logging variables
-        self.object_ids = [person['person_id']]
+        # Logging variables
+        self.event_objects = {'Person': [person['person_id']]}
         self.message = message_id
 
         return 1