diff --git a/modules/websession/lib/webaccount.py b/modules/websession/lib/webaccount.py
index 1359a9ba6..2d380159e 100644
--- a/modules/websession/lib/webaccount.py
+++ b/modules/websession/lib/webaccount.py
@@ -1,329 +1,364 @@
## $Id$
## CDSware User account information implementation. Useful for youraccount pages.
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
## read config variables:
#include "config.wml"
#include "configbis.wml"
import sys
import string
import cgi
from config import *
from webpage import page
from dbquery import run_sql
from webuser import getUid,isGuestUser
from access_control_admin import acc_findUserRoleActions
from access_control_config import CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS
imagesurl = "%s/img" % weburl
# perform_info(): display the main features of CDS personalize
def perform_info(req):
out = ""
uid = getUid(req)
out += """<P>The CDS Search offers you a possibility to personalize the interface, to set up your own personal library
of documents, or to set up an automatic alert query that would run periodically and would notify you of search
results by email.</P>
<blockquote>
<dl>
<dt>
<A href="./set">Your Settings</A>
<dd>Set or change your account Email address or password.
Specify your preferences about the way the interface looks like.
<dt><A href="../youralerts.py/display">Your Searches</A>
<dd>View all the searches you performed during the last 30 days.
<dt><A href="../yourbaskets.py/display">Your Baskets</A>
<dd>With baskets you can define specific collections of items,
store interesting records you want to access later or share with others."""
if isGuestUser(uid):
out+= warning_guest_user(type="baskets")
out += """
<dt><A href="../youralerts.py/list">Your Alerts</A>
<dd>Subscribe to a search which will be run periodically by our service. The result can be sent to you
via Email or stored in one of your baskets."""
if isGuestUser(uid):
out+= warning_guest_user(type="alerts")
if cfg_cern_site:
out += """
<dt><A href="http://weblib.cern.ch/cgi-bin/checkloan?uid=&version=2">Your Loans</A>
<dd>Check out book you have on load, submit borrowing requests, etc. Requires CERN ID."""
out += """
</dl>
</blockquote>"""
return out
def perform_youradminactivities(uid):
"""Return text for the `Your Admin Activities' box. Analyze
whether user UID has some admin roles, and if yes, then print
suitable links for the actions he can do. If he's not admin,
print a simple non-authorized message."""
if isGuestUser(uid):
return """You seem to be the guest user. You have to <a href="../youraccount.py/login">login</a> first."""
out = ""
your_role_actions = acc_findUserRoleActions(uid)
your_roles = []
your_admin_activities = []
for (role, action) in your_role_actions:
if role not in your_roles:
your_roles.append(role)
if not your_roles:
out += "<p>You are not authorized to access administrative functions."
else:
out += "<p>You seem to be <em>%s</em>. " % string.join(your_roles, ", ")
out += "Here are some interesting web admin links for you:"
# add actions found by the RBAC:
for (role, action) in your_role_actions:
if action not in your_admin_activities:
your_admin_activities.append(action)
# add all actions if user is superadmin, to make sure he'll see all
# (since it is not necessary for the superadmin to be connected to actions in RBAC tables):
if "superadmin" in your_roles:
for action in ["cfgbibformat", "cfgbibrank", "cfgbibindex", "cfgwebaccess", "cfgwebsearch", "cfgwebsubmit"]:
if action not in your_admin_activities:
your_admin_activities.append(action)
# print proposed links:
for action in your_admin_activities:
if action == "cfgbibformat":
out += """<br> <a href="%s/admin/bibformat/">Configure BibFormat</a>""" % weburl
if action == "cfgbibrank":
out += """<br> <a href="%s/admin/bibrank/bibrankadmin.py">Configure BibRank</a>""" % weburl
if action == "cfgbibindex":
out += """<br> <a href="%s/admin/bibindex/bibindexadmin.py">Configure BibIndex</a>""" % weburl
if action == "cfgwebaccess":
out += """<br> <a href="%s/admin/webaccess/">Configure WebAccess</a>""" % weburl
if action == "cfgwebsearch":
out += """<br> <a href="%s/admin/websearch/websearchadmin.py">Configure WebSearch</a>""" % weburl
if action == "cfgwebsubmit":
out += """<br> <a href="%s/admin/websubmit/">Configure WebSubmit</a>""" % weburl
out += """<br>For more admin-level activities, see the complete <a href="%s/admin/">Admin Area</a>.""" % weburl
return out
# perform_display_account(): display a dynamic page that shows the user's account
def perform_display_account(req,data,bask,aler,sear):
uid = getUid(req)
#your account
if isGuestUser(uid):
user ="guest"
accBody = """You are logged in as guest. You may want to <A href="../youraccount.py/login">login</A> as a regular user <BR><BR>
"""
bask=aler="""The <strong class=headline>guest</strong> users need to <A href="../youraccount.py/login">register</A> first"""
sear="No queries found"
else:
user = data[0]
accBody ="""You are logged in as %s. You may want to a) <A href="../youraccount.py/logout">logout</A>; b) edit your <A href="../youraccount.py/set">email address or password</a>.<BR><BR>
"""%user
out =""
out +=template_account("Your Account",accBody)
#your baskets
out +=template_account("Your Baskets",bask)
out +=template_account("Your Alert Searches",aler)
out +=template_account("Your Searches",sear)
out +=template_account("Your Submissions",
"""You can consult the list of <a href="%s/yoursubmissions.py">your submissions</a>
and inquire about their status.""" % weburl)
out +=template_account("Your Approvals",
"""You can consult the list of <a href="%s/yourapprovals.py">your approvals</a>
with the documents you approved or refereed.""" % weburl)
out +=template_account("Your Administrative Activities", perform_youradminactivities(uid))
return out
# template_account() : it is a template for print each of the options from the user's account
def template_account(title,body):
out =""
out +="""
<table class="searchbox" width="90%%" summary="" >
<thead>
<tr>
<th class="searchboxheader">%s</th>
</tr>
</thead>
<tbody>
<tr>
<td class="searchboxbody">%s</td>
</tr>
</tbody>
</table>""" % (title, body)
return out
# warning_guest_user(): It returns an alert message,showing that the user is a guest user and should log into the system
def warning_guest_user(type):
msg="""You are logged in as a guest user, so your %s will disappear at the end of the current session. If you wish you can
<a href="../youraccount.py/login">login or register here</a>.
"""%type
return """<table class="errorbox" summary="">
<thead>
<tr>
<th class="errorboxheader">%s</th>
</tr>
</thead>
</table>""" % msg
## perform_delete():delete the account of the user, not implement yet
def perform_delete():
out = """<p>Deleting your account"""
return out
## perform_set(email,password): edit your account parameters, email and password.
def perform_set(email,password):
text = """
<body>
<p><big><strong class=headline>Edit account parameters</strong></big>
<form method="post" action="../youraccount.py/change">
<p>If you want to change your email address or password, please set new values in the form below.
<table>
<tr><td align=right><strong>New email address:</strong><br><small class=important>(mandatory)</small></td><td><input type="text" size="25" name="email" value="%s"><br><small><span class=quicknote>Example:</span> <span class=example>johndoe@example.com</span></small></td><td></td></tr>
<tr><td align=right><strong>New password:</strong></td><td align=left><input type="password" size="25" name="password" value="%s"><br><small><span class=quicknote>Note:</span> The password phrase may contain punctuation, spaces, etc.</small></td><td><input type="hidden" name="action" value="edit"></td></tr>
<tr><td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" value="Set new values"></code> </td></tr>
</table>
</form>
</body>
"""%(email,password)
return text
-
-## perform_ask(): ask for the user's email and password, for login into the system
-def perform_ask(referer=''):
- text = """
- <p>If you already have an account, please log in by choosing the <strong class=headline>login
- </strong> button below. <br>"""
+
+## create_register_page_box(): register a new account
+def create_register_page_box(referer=''):
+
+ text = ""
if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
- text += """If you don't own an account yet, please enter the values of your preference and choose the <strong class=headline>register</strong> button."""
+ text += """Please enter the values of your preference and choose the <strong class=headline>register</strong> button."""
if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS == 1:
text += "The account will not be possible to use before it has been verified and activated."
elif CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 2:
text += """It is not possible to create an account yourself. Contact <a href="mailto:<SUPPORTEMAIL>"><SUPPORTEMAIL></a> if you want an account."""
text += """
- <form method="post" action="../youraccount.py/login">
+ <form method="post" action="../youraccount.py/register">
<input type="hidden" name="referer" value="%s">
<table>
<tr>
<td align=right><strong>Email address:</strong><br><small class=important>(mandatory)</small>
</td>
<td><input type="text" size="25" name="p_email" value="">
<br><small><span class=quicknote>Example:</span> <span class=example>johndoe@example.com</span></small></td>
<td></td>
</tr>
<tr>
<td align=right><strong>Password:</strong>
<br><small class=quicknote>(optional)</small>
</td>
<td align=left><input type="password" size="25" name="p_pw" value="">
<br><small><span class=quicknote>Note:
</span> The password phrase may contain punctuation, spaces, etc.
</small>
</td>
<td>
</td>
</tr>
+ <tr>""" % (cgi.escape(referer))
+ if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
+ text += """<td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" name="action" value="register"></code></td>"""
+ text += """</tr>
+ </table>
+ <p><strong>Note:</strong> Please do not use valuable passwords such as your Unix, AFS or NICE passwords with this service. Your email address will stay strictly confidential and will not be disclosed to any third party. It will be used to identify you for personal services of %s. For example, you may set up an automatic alert search that will look for new preprints and will notify you daily of new arrivals by email.
+ """ % (cdsname)
+ return text
+
+## create_login_page_box(): ask for the user's email and password, for login into the system
+def create_login_page_box(referer=''):
+ text = """
+ <p>If you already have an account, please log in by choosing the <strong class=headline>login
+ </strong> button below. <br>"""
+ if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
+ text += """If you don't own an account yet, please choose the <strong class=headline>register</strong> button."""
+ elif CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 2:
+ text += """It is not possible to create an account yourself. Contact <a href="mailto:<SUPPORTEMAIL>"><SUPPORTEMAIL></a> if you want an account."""
+ text += """
+ <form method="post" action="../youraccount.py/login">
+ <input type="hidden" name="referer" value="%s">
+
+ <table>
+ <tr>
+ <td align=right><strong>Email address:</strong>
+ </td>
+ <td><input type="text" size="25" name="p_email" value=""></td>
+ <td></td>
+ </tr>
+ <tr>
+ <td align=right><strong>Password:</strong>
+ </td>
+ <td align=left><input type="password" size="25" name="p_pw" value="">
+ </td>
+ <td>
+ </td>
+ </tr>
<tr>
- <td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" name="action" value="login"></code> """ % (cgi.escape(referer))
+ <td align=center colspan=3> <code class=blocknote><input class="formbutton" type="submit" name="action" value="login"></code>""" % (cgi.escape(referer))
if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
text += """<code class=blocknote><input class="formbutton" type="submit" name="action" value="register"></code>"""
text += """ (<a href="./lost">Lost your password?</a>)
</td>
</tr>
</table>
<p><strong>Note:</strong> Please do not use valuable passwords such as your Unix, AFS or NICE passwords with this service. Your email address will stay strictly confidential and will not be disclosed to any third party. It will be used to identify you for personal services of %s. For example, you may set up an automatic alert search that will look for new preprints and will notify you daily of new arrivals by email.
- </form>
""" % (cdsname)
return text
# perform_logout: display the message of not longer authorized,
def perform_logout(req):
out =""
out+="""
You are no longer recognized. If you wish you can <A href="./login">login here</A>.
"""
return out
#def perform_lost: ask the user for his email, in order to send him the lost password
def perform_lost():
out =""
out +="""
<body>
<big><strong class=headline>Lost your password?</strong></big>
<form method="post" action="../youraccount.py/send_email">
If you have lost your password string, please enter the email address of your cds.cern.ch account.
The lost password will be emailed to the owner of that account.
<table>
<tr>
<td align=right><strong>Email address:</strong></td>
<td><input type="text" size="25" name="p_email" value=""><br><IMG src="%s/r.gif" alt=""> <small><span class=quicknote>Example:</span> <span class=example>johndoe@example.com</span></small></td>
<td><input type="hidden" name="action" value="lost"></td>
</tr>
<tr>
<td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" value="Fetch password"></code></td>
</tr>
</table>
</form>
</body>
"""%imagesurl
return out
# perform_emailSent(email): confirm that the password has been emailed to 'email' address
def perform_emailSent(email):
out =""
out +="Okay, password has been emailed to %s"%email
return out
# peform_emailMessage : display a error message when the email introduced is not correct, and sugest to try again
def perform_emailMessage(eMsg):
out =""
out +="""
<body>
%s <A href="../youraccount.py/lost">Try again</A>
</body>
"""%eMsg
return out
# perform_back(): template for return to a previous page, used for login,register and setting
def perform_back(mess,act):
out =""
out+="""
<body>
<table>
<tr>
<td align=center>%s
<A href="./%s">%s</A></td>
</tr>
</table>
</body>
"""%(mess,act,act)
return out
diff --git a/modules/websession/lib/webaccount.py.wml b/modules/websession/lib/webaccount.py.wml
index 1359a9ba6..2d380159e 100644
--- a/modules/websession/lib/webaccount.py.wml
+++ b/modules/websession/lib/webaccount.py.wml
@@ -1,329 +1,364 @@
## $Id$
## CDSware User account information implementation. Useful for youraccount pages.
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
## read config variables:
#include "config.wml"
#include "configbis.wml"
import sys
import string
import cgi
from config import *
from webpage import page
from dbquery import run_sql
from webuser import getUid,isGuestUser
from access_control_admin import acc_findUserRoleActions
from access_control_config import CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS
imagesurl = "%s/img" % weburl
# perform_info(): display the main features of CDS personalize
def perform_info(req):
out = ""
uid = getUid(req)
out += """<P>The CDS Search offers you a possibility to personalize the interface, to set up your own personal library
of documents, or to set up an automatic alert query that would run periodically and would notify you of search
results by email.</P>
<blockquote>
<dl>
<dt>
<A href="./set">Your Settings</A>
<dd>Set or change your account Email address or password.
Specify your preferences about the way the interface looks like.
<dt><A href="../youralerts.py/display">Your Searches</A>
<dd>View all the searches you performed during the last 30 days.
<dt><A href="../yourbaskets.py/display">Your Baskets</A>
<dd>With baskets you can define specific collections of items,
store interesting records you want to access later or share with others."""
if isGuestUser(uid):
out+= warning_guest_user(type="baskets")
out += """
<dt><A href="../youralerts.py/list">Your Alerts</A>
<dd>Subscribe to a search which will be run periodically by our service. The result can be sent to you
via Email or stored in one of your baskets."""
if isGuestUser(uid):
out+= warning_guest_user(type="alerts")
if cfg_cern_site:
out += """
<dt><A href="http://weblib.cern.ch/cgi-bin/checkloan?uid=&version=2">Your Loans</A>
<dd>Check out book you have on load, submit borrowing requests, etc. Requires CERN ID."""
out += """
</dl>
</blockquote>"""
return out
def perform_youradminactivities(uid):
"""Return text for the `Your Admin Activities' box. Analyze
whether user UID has some admin roles, and if yes, then print
suitable links for the actions he can do. If he's not admin,
print a simple non-authorized message."""
if isGuestUser(uid):
return """You seem to be the guest user. You have to <a href="../youraccount.py/login">login</a> first."""
out = ""
your_role_actions = acc_findUserRoleActions(uid)
your_roles = []
your_admin_activities = []
for (role, action) in your_role_actions:
if role not in your_roles:
your_roles.append(role)
if not your_roles:
out += "<p>You are not authorized to access administrative functions."
else:
out += "<p>You seem to be <em>%s</em>. " % string.join(your_roles, ", ")
out += "Here are some interesting web admin links for you:"
# add actions found by the RBAC:
for (role, action) in your_role_actions:
if action not in your_admin_activities:
your_admin_activities.append(action)
# add all actions if user is superadmin, to make sure he'll see all
# (since it is not necessary for the superadmin to be connected to actions in RBAC tables):
if "superadmin" in your_roles:
for action in ["cfgbibformat", "cfgbibrank", "cfgbibindex", "cfgwebaccess", "cfgwebsearch", "cfgwebsubmit"]:
if action not in your_admin_activities:
your_admin_activities.append(action)
# print proposed links:
for action in your_admin_activities:
if action == "cfgbibformat":
out += """<br> <a href="%s/admin/bibformat/">Configure BibFormat</a>""" % weburl
if action == "cfgbibrank":
out += """<br> <a href="%s/admin/bibrank/bibrankadmin.py">Configure BibRank</a>""" % weburl
if action == "cfgbibindex":
out += """<br> <a href="%s/admin/bibindex/bibindexadmin.py">Configure BibIndex</a>""" % weburl
if action == "cfgwebaccess":
out += """<br> <a href="%s/admin/webaccess/">Configure WebAccess</a>""" % weburl
if action == "cfgwebsearch":
out += """<br> <a href="%s/admin/websearch/websearchadmin.py">Configure WebSearch</a>""" % weburl
if action == "cfgwebsubmit":
out += """<br> <a href="%s/admin/websubmit/">Configure WebSubmit</a>""" % weburl
out += """<br>For more admin-level activities, see the complete <a href="%s/admin/">Admin Area</a>.""" % weburl
return out
# perform_display_account(): display a dynamic page that shows the user's account
def perform_display_account(req,data,bask,aler,sear):
uid = getUid(req)
#your account
if isGuestUser(uid):
user ="guest"
accBody = """You are logged in as guest. You may want to <A href="../youraccount.py/login">login</A> as a regular user <BR><BR>
"""
bask=aler="""The <strong class=headline>guest</strong> users need to <A href="../youraccount.py/login">register</A> first"""
sear="No queries found"
else:
user = data[0]
accBody ="""You are logged in as %s. You may want to a) <A href="../youraccount.py/logout">logout</A>; b) edit your <A href="../youraccount.py/set">email address or password</a>.<BR><BR>
"""%user
out =""
out +=template_account("Your Account",accBody)
#your baskets
out +=template_account("Your Baskets",bask)
out +=template_account("Your Alert Searches",aler)
out +=template_account("Your Searches",sear)
out +=template_account("Your Submissions",
"""You can consult the list of <a href="%s/yoursubmissions.py">your submissions</a>
and inquire about their status.""" % weburl)
out +=template_account("Your Approvals",
"""You can consult the list of <a href="%s/yourapprovals.py">your approvals</a>
with the documents you approved or refereed.""" % weburl)
out +=template_account("Your Administrative Activities", perform_youradminactivities(uid))
return out
# template_account() : it is a template for print each of the options from the user's account
def template_account(title,body):
out =""
out +="""
<table class="searchbox" width="90%%" summary="" >
<thead>
<tr>
<th class="searchboxheader">%s</th>
</tr>
</thead>
<tbody>
<tr>
<td class="searchboxbody">%s</td>
</tr>
</tbody>
</table>""" % (title, body)
return out
# warning_guest_user(): It returns an alert message,showing that the user is a guest user and should log into the system
def warning_guest_user(type):
msg="""You are logged in as a guest user, so your %s will disappear at the end of the current session. If you wish you can
<a href="../youraccount.py/login">login or register here</a>.
"""%type
return """<table class="errorbox" summary="">
<thead>
<tr>
<th class="errorboxheader">%s</th>
</tr>
</thead>
</table>""" % msg
## perform_delete():delete the account of the user, not implement yet
def perform_delete():
out = """<p>Deleting your account"""
return out
## perform_set(email,password): edit your account parameters, email and password.
def perform_set(email,password):
text = """
<body>
<p><big><strong class=headline>Edit account parameters</strong></big>
<form method="post" action="../youraccount.py/change">
<p>If you want to change your email address or password, please set new values in the form below.
<table>
<tr><td align=right><strong>New email address:</strong><br><small class=important>(mandatory)</small></td><td><input type="text" size="25" name="email" value="%s"><br><small><span class=quicknote>Example:</span> <span class=example>johndoe@example.com</span></small></td><td></td></tr>
<tr><td align=right><strong>New password:</strong></td><td align=left><input type="password" size="25" name="password" value="%s"><br><small><span class=quicknote>Note:</span> The password phrase may contain punctuation, spaces, etc.</small></td><td><input type="hidden" name="action" value="edit"></td></tr>
<tr><td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" value="Set new values"></code> </td></tr>
</table>
</form>
</body>
"""%(email,password)
return text
-
-## perform_ask(): ask for the user's email and password, for login into the system
-def perform_ask(referer=''):
- text = """
- <p>If you already have an account, please log in by choosing the <strong class=headline>login
- </strong> button below. <br>"""
+
+## create_register_page_box(): register a new account
+def create_register_page_box(referer=''):
+
+ text = ""
if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
- text += """If you don't own an account yet, please enter the values of your preference and choose the <strong class=headline>register</strong> button."""
+ text += """Please enter the values of your preference and choose the <strong class=headline>register</strong> button."""
if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS == 1:
text += "The account will not be possible to use before it has been verified and activated."
elif CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 2:
text += """It is not possible to create an account yourself. Contact <a href="mailto:<SUPPORTEMAIL>"><SUPPORTEMAIL></a> if you want an account."""
text += """
- <form method="post" action="../youraccount.py/login">
+ <form method="post" action="../youraccount.py/register">
<input type="hidden" name="referer" value="%s">
<table>
<tr>
<td align=right><strong>Email address:</strong><br><small class=important>(mandatory)</small>
</td>
<td><input type="text" size="25" name="p_email" value="">
<br><small><span class=quicknote>Example:</span> <span class=example>johndoe@example.com</span></small></td>
<td></td>
</tr>
<tr>
<td align=right><strong>Password:</strong>
<br><small class=quicknote>(optional)</small>
</td>
<td align=left><input type="password" size="25" name="p_pw" value="">
<br><small><span class=quicknote>Note:
</span> The password phrase may contain punctuation, spaces, etc.
</small>
</td>
<td>
</td>
</tr>
+ <tr>""" % (cgi.escape(referer))
+ if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
+ text += """<td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" name="action" value="register"></code></td>"""
+ text += """</tr>
+ </table>
+ <p><strong>Note:</strong> Please do not use valuable passwords such as your Unix, AFS or NICE passwords with this service. Your email address will stay strictly confidential and will not be disclosed to any third party. It will be used to identify you for personal services of %s. For example, you may set up an automatic alert search that will look for new preprints and will notify you daily of new arrivals by email.
+ """ % (cdsname)
+ return text
+
+## create_login_page_box(): ask for the user's email and password, for login into the system
+def create_login_page_box(referer=''):
+ text = """
+ <p>If you already have an account, please log in by choosing the <strong class=headline>login
+ </strong> button below. <br>"""
+ if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
+ text += """If you don't own an account yet, please choose the <strong class=headline>register</strong> button."""
+ elif CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 2:
+ text += """It is not possible to create an account yourself. Contact <a href="mailto:<SUPPORTEMAIL>"><SUPPORTEMAIL></a> if you want an account."""
+ text += """
+ <form method="post" action="../youraccount.py/login">
+ <input type="hidden" name="referer" value="%s">
+
+ <table>
+ <tr>
+ <td align=right><strong>Email address:</strong>
+ </td>
+ <td><input type="text" size="25" name="p_email" value=""></td>
+ <td></td>
+ </tr>
+ <tr>
+ <td align=right><strong>Password:</strong>
+ </td>
+ <td align=left><input type="password" size="25" name="p_pw" value="">
+ </td>
+ <td>
+ </td>
+ </tr>
<tr>
- <td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" name="action" value="login"></code> """ % (cgi.escape(referer))
+ <td align=center colspan=3> <code class=blocknote><input class="formbutton" type="submit" name="action" value="login"></code>""" % (cgi.escape(referer))
if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1:
text += """<code class=blocknote><input class="formbutton" type="submit" name="action" value="register"></code>"""
text += """ (<a href="./lost">Lost your password?</a>)
</td>
</tr>
</table>
<p><strong>Note:</strong> Please do not use valuable passwords such as your Unix, AFS or NICE passwords with this service. Your email address will stay strictly confidential and will not be disclosed to any third party. It will be used to identify you for personal services of %s. For example, you may set up an automatic alert search that will look for new preprints and will notify you daily of new arrivals by email.
- </form>
""" % (cdsname)
return text
# perform_logout: display the message of not longer authorized,
def perform_logout(req):
out =""
out+="""
You are no longer recognized. If you wish you can <A href="./login">login here</A>.
"""
return out
#def perform_lost: ask the user for his email, in order to send him the lost password
def perform_lost():
out =""
out +="""
<body>
<big><strong class=headline>Lost your password?</strong></big>
<form method="post" action="../youraccount.py/send_email">
If you have lost your password string, please enter the email address of your cds.cern.ch account.
The lost password will be emailed to the owner of that account.
<table>
<tr>
<td align=right><strong>Email address:</strong></td>
<td><input type="text" size="25" name="p_email" value=""><br><IMG src="%s/r.gif" alt=""> <small><span class=quicknote>Example:</span> <span class=example>johndoe@example.com</span></small></td>
<td><input type="hidden" name="action" value="lost"></td>
</tr>
<tr>
<td align=center colspan=3><code class=blocknote><input class="formbutton" type="submit" value="Fetch password"></code></td>
</tr>
</table>
</form>
</body>
"""%imagesurl
return out
# perform_emailSent(email): confirm that the password has been emailed to 'email' address
def perform_emailSent(email):
out =""
out +="Okay, password has been emailed to %s"%email
return out
# peform_emailMessage : display a error message when the email introduced is not correct, and sugest to try again
def perform_emailMessage(eMsg):
out =""
out +="""
<body>
%s <A href="../youraccount.py/lost">Try again</A>
</body>
"""%eMsg
return out
# perform_back(): template for return to a previous page, used for login,register and setting
def perform_back(mess,act):
out =""
out+="""
<body>
<table>
<tr>
<td align=center>%s
<A href="./%s">%s</A></td>
</tr>
</table>
</body>
"""%(mess,act,act)
return out
diff --git a/modules/websession/web/youraccount.py b/modules/websession/web/youraccount.py
index d3df669bb..2d15f764f 100644
--- a/modules/websession/web/youraccount.py
+++ b/modules/websession/web/youraccount.py
@@ -1,289 +1,314 @@
## $Id$
## CDSware User account information.
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
## read config variables:
#include "config.wml"
#include "configbis.wml"
<protect>## $Id$ </protect>
<protect>## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.</protect>
"""CDSware ACCOUNT HANDLING"""
__lastupdated__ = """<: print `date +"%d %b %Y %H:%M:%S %Z"`; :>"""
## fill config variables:
pylibdir = "<LIBDIR>/python"
import sys
sys.path.append('%s' % pylibdir)
from cdsware import webuser
from cdsware.config import weburl,cdsname,cdslang,supportemail
from cdsware.webpage import page
from cdsware import webaccount
from cdsware import webbasket
from cdsware import webalert
from cdsware import webuser
from cdsware.access_control_config import *
from mod_python import apache
import smtplib
def set(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/set")
data = webuser.getDataUid(req,uid)
email = data[0]
passw = data[1]
return page(title="Your Settings",
body=webaccount.perform_set(email,passw),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Your Settings",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def change(req,email=None,password=None,ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/change")
if webuser.checkemail(email):
change = webuser.updateDataUser(req,uid,email,password)
return display(req, ln)
else :
return display(req, ln)
def lost(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/lost")
return page(title="Login",
body=webaccount.perform_lost(),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def display(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/display")
if webuser.isGuestUser(uid):
return page(title="Your Account",
body=webaccount.perform_info(req),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
data = webuser.getDataUid(req,uid)
bask = webbasket.account_list_baskets(uid)
aler = webalert.account_list_alerts(uid)
sear = webalert.account_list_searches(uid)
return page(title="Your Account",
body=webaccount.perform_display_account(req,data,bask,aler,sear),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def send_email(req, p_email=None, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/send_email")
passw = webuser.givePassword(p_email)
if passw == -999:
eMsg = "The entered e-mail address doesn't exist in the database"
return page(title="Your Account",
body=webaccount.perform_emailMessage(eMsg),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
fromaddr = "From: %s" % supportemail
toaddrs = "To: " + p_email
to = toaddrs + "\n"
sub = "Subject: Credentials for %s\n\n" % cdsname
body = "Here are your user credentials for %s:\n\n" % cdsname
body += " username: %s\n password: %s\n\n" % (p_email, passw)
body += "You can login at %s/youraccount.py/login" % weburl
msg = to + sub + body
server = smtplib.SMTP('localhost')
server.set_debuglevel(1)
try:
server.sendmail(fromaddr, toaddrs, msg)
except smtplib.SMTPRecipientsRefused,e:
eMsg = "The entered e-mail address is incorrect, please check that it is written correctly (e.g. johndoe@example.com)"
return page(title="Your Account",
body=webaccount.perform_emailMessage(eMsg),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
server.quit()
return page(title="Your Account",
body=webaccount.perform_emailSent(p_email),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def youradminactivities(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/youradminactivities")
return page(title="Your Administrative Activities",
body=webaccount.perform_youradminactivities(uid),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def delete(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/delete")
return page(title="Delete Account",
body=webaccount.perform_delete(),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def logout(req, ln=cdslang):
uid = webuser.logoutUser(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/logout")
return page(title="Logout",
body=webaccount.perform_logout(req),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def login(req, p_email=None, p_pw=None, action='login', referer='', ln=cdslang):
uid = webuser.getUid(req)
- if action =='login':
-
+ if action =='register':
+ return page(title="Register",
+ body=webaccount.create_register_page_box(referer),
+ navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
+ description="CDS Personalize, Main page",
+ keywords="CDS, personalize",
+ uid=uid,
+ language=ln,
+ lastupdated=__lastupdated__)
+ elif action =='login':
if p_email==None:
return page(title="Login",
- body=webaccount.perform_ask(referer),
+ body=webaccount.create_login_page_box(referer),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
iden = webuser.loginUser(p_email,p_pw)
if len(iden)>0:
uid = webuser.update_Uid(req,p_email,p_pw)
uid2 = webuser.getUid(req)
if uid2 == -1:
webuser.logoutUser(req)
return webuser.page_not_authorized(req, "../youraccount.py/login?ln=%s" % ln, uid=uid)
# login successful!
if referer:
req.err_headers_out.add("Location", referer)
raise apache.SERVER_RETURN, apache.HTTP_MOVED_PERMANENTLY
else:
return display(req)
else:
if webuser.userNotExist(p_email,p_pw) or p_email=='' or p_email==' ':
mess ="Your are not logged into the system, because this user is unknown."
else:
mess ="Your are not logged into the system, because you have introduced a wrong password."
act = "login"
return page(title="Login",
body=webaccount.perform_back(mess,act),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
+
+def register(req, p_email=None, p_pw=None, action='login', referer='', ln=cdslang):
+ uid = webuser.getUid(req)
+
+ if p_email==None:
+ return page(title="Register",
+ body=webaccount.create_register_page_box(referer),
+ navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
+ description="CDS Personalize, Main page",
+ keywords="CDS, personalize",
+ uid=uid,
+ language=ln,
+ lastupdated=__lastupdated__)
+
+ mess=""
+ act=""
+ ruid=webuser.registerUser(req,p_email,p_pw)
+ if ruid==1:
+ uid=webuser.update_Uid(req,p_email,p_pw)
+ mess = "Your account has been successfully created."
+ title = "Account created"
+ if CFG_ACCESS_CONTROL_NOTIFY_USER_ABOUT_NEW_ACCOUNT == 1:
+ mess += " An email has been sent to the given address with the account information."
+ if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 1:
+ mess += " A second email will be sent when the account has been activated and can be used."
+ else:
+ mess += """ To continue to your account, press <a href="%s/youraccount.py/display?ln=%s">here</a>""" % (weburl, ln)
+ elif ruid ==-1 :
+ mess ="The user already exists in the database, please try again"
+ act = "register"
+ title = "Register failure"
else:
- mess=""
- act=""
- ruid=webuser.registerUser(req,p_email,p_pw)
- if ruid==1:
- uid=webuser.update_Uid(req,p_email,p_pw)
- mess = "Your account has been successfully created."
- if CFG_ACCESS_CONTROL_NOTIFY_USER_ABOUT_NEW_ACCOUNT == 1:
- mess += " An email has been sent to the given address with the account information."
- if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 1:
- mess += " A second email will be sent when the account has been activated and can be used."
- else:
- mess += """ To continue to your account, press <a href="%s/youraccount.py/display?ln=%s">here</a>""" % (weburl, ln)
- elif ruid ==-1 :
- mess ="The user already exists in the database, please try again"
- act = "login"
- else:
- mess ="Your are not registered into the system please try again"
- act = "login"
- return page(title="Register failure",
- body=webaccount.perform_back(mess,act),
- navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
- description="CDS Personalize, Main page",
- keywords="CDS, personalize",
- uid=uid,
- language=ln,
- lastupdated=__lastupdated__)
+ mess ="Your are not registered into the system please try again"
+ act = "register"
+ title = "Register failure"
+
+ return page(title=title,
+ body=webaccount.perform_back(mess,act),
+ navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
+ description="CDS Personalize, Main page",
+ keywords="CDS, personalize",
+ uid=uid,
+ language=ln,
+ lastupdated=__lastupdated__)
diff --git a/modules/websession/web/youraccount.py.wml b/modules/websession/web/youraccount.py.wml
index d3df669bb..2d15f764f 100644
--- a/modules/websession/web/youraccount.py.wml
+++ b/modules/websession/web/youraccount.py.wml
@@ -1,289 +1,314 @@
## $Id$
## CDSware User account information.
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
## read config variables:
#include "config.wml"
#include "configbis.wml"
<protect>## $Id$ </protect>
<protect>## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.</protect>
"""CDSware ACCOUNT HANDLING"""
__lastupdated__ = """<: print `date +"%d %b %Y %H:%M:%S %Z"`; :>"""
## fill config variables:
pylibdir = "<LIBDIR>/python"
import sys
sys.path.append('%s' % pylibdir)
from cdsware import webuser
from cdsware.config import weburl,cdsname,cdslang,supportemail
from cdsware.webpage import page
from cdsware import webaccount
from cdsware import webbasket
from cdsware import webalert
from cdsware import webuser
from cdsware.access_control_config import *
from mod_python import apache
import smtplib
def set(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/set")
data = webuser.getDataUid(req,uid)
email = data[0]
passw = data[1]
return page(title="Your Settings",
body=webaccount.perform_set(email,passw),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Your Settings",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def change(req,email=None,password=None,ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/change")
if webuser.checkemail(email):
change = webuser.updateDataUser(req,uid,email,password)
return display(req, ln)
else :
return display(req, ln)
def lost(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/lost")
return page(title="Login",
body=webaccount.perform_lost(),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def display(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/display")
if webuser.isGuestUser(uid):
return page(title="Your Account",
body=webaccount.perform_info(req),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
data = webuser.getDataUid(req,uid)
bask = webbasket.account_list_baskets(uid)
aler = webalert.account_list_alerts(uid)
sear = webalert.account_list_searches(uid)
return page(title="Your Account",
body=webaccount.perform_display_account(req,data,bask,aler,sear),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def send_email(req, p_email=None, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/send_email")
passw = webuser.givePassword(p_email)
if passw == -999:
eMsg = "The entered e-mail address doesn't exist in the database"
return page(title="Your Account",
body=webaccount.perform_emailMessage(eMsg),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
fromaddr = "From: %s" % supportemail
toaddrs = "To: " + p_email
to = toaddrs + "\n"
sub = "Subject: Credentials for %s\n\n" % cdsname
body = "Here are your user credentials for %s:\n\n" % cdsname
body += " username: %s\n password: %s\n\n" % (p_email, passw)
body += "You can login at %s/youraccount.py/login" % weburl
msg = to + sub + body
server = smtplib.SMTP('localhost')
server.set_debuglevel(1)
try:
server.sendmail(fromaddr, toaddrs, msg)
except smtplib.SMTPRecipientsRefused,e:
eMsg = "The entered e-mail address is incorrect, please check that it is written correctly (e.g. johndoe@example.com)"
return page(title="Your Account",
body=webaccount.perform_emailMessage(eMsg),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
server.quit()
return page(title="Your Account",
body=webaccount.perform_emailSent(p_email),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def youradminactivities(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/youradminactivities")
return page(title="Your Administrative Activities",
body=webaccount.perform_youradminactivities(uid),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def delete(req, ln=cdslang):
uid = webuser.getUid(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/delete")
return page(title="Delete Account",
body=webaccount.perform_delete(),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def logout(req, ln=cdslang):
uid = webuser.logoutUser(req)
if uid == -1:
return webuser.page_not_authorized(req, "../youraccount.py/logout")
return page(title="Logout",
body=webaccount.perform_logout(req),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
def login(req, p_email=None, p_pw=None, action='login', referer='', ln=cdslang):
uid = webuser.getUid(req)
- if action =='login':
-
+ if action =='register':
+ return page(title="Register",
+ body=webaccount.create_register_page_box(referer),
+ navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
+ description="CDS Personalize, Main page",
+ keywords="CDS, personalize",
+ uid=uid,
+ language=ln,
+ lastupdated=__lastupdated__)
+ elif action =='login':
if p_email==None:
return page(title="Login",
- body=webaccount.perform_ask(referer),
+ body=webaccount.create_login_page_box(referer),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
iden = webuser.loginUser(p_email,p_pw)
if len(iden)>0:
uid = webuser.update_Uid(req,p_email,p_pw)
uid2 = webuser.getUid(req)
if uid2 == -1:
webuser.logoutUser(req)
return webuser.page_not_authorized(req, "../youraccount.py/login?ln=%s" % ln, uid=uid)
# login successful!
if referer:
req.err_headers_out.add("Location", referer)
raise apache.SERVER_RETURN, apache.HTTP_MOVED_PERMANENTLY
else:
return display(req)
else:
if webuser.userNotExist(p_email,p_pw) or p_email=='' or p_email==' ':
mess ="Your are not logged into the system, because this user is unknown."
else:
mess ="Your are not logged into the system, because you have introduced a wrong password."
act = "login"
return page(title="Login",
body=webaccount.perform_back(mess,act),
navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
description="CDS Personalize, Main page",
keywords="CDS, personalize",
uid=uid,
language=ln,
lastupdated=__lastupdated__)
+
+def register(req, p_email=None, p_pw=None, action='login', referer='', ln=cdslang):
+ uid = webuser.getUid(req)
+
+ if p_email==None:
+ return page(title="Register",
+ body=webaccount.create_register_page_box(referer),
+ navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
+ description="CDS Personalize, Main page",
+ keywords="CDS, personalize",
+ uid=uid,
+ language=ln,
+ lastupdated=__lastupdated__)
+
+ mess=""
+ act=""
+ ruid=webuser.registerUser(req,p_email,p_pw)
+ if ruid==1:
+ uid=webuser.update_Uid(req,p_email,p_pw)
+ mess = "Your account has been successfully created."
+ title = "Account created"
+ if CFG_ACCESS_CONTROL_NOTIFY_USER_ABOUT_NEW_ACCOUNT == 1:
+ mess += " An email has been sent to the given address with the account information."
+ if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 1:
+ mess += " A second email will be sent when the account has been activated and can be used."
+ else:
+ mess += """ To continue to your account, press <a href="%s/youraccount.py/display?ln=%s">here</a>""" % (weburl, ln)
+ elif ruid ==-1 :
+ mess ="The user already exists in the database, please try again"
+ act = "register"
+ title = "Register failure"
else:
- mess=""
- act=""
- ruid=webuser.registerUser(req,p_email,p_pw)
- if ruid==1:
- uid=webuser.update_Uid(req,p_email,p_pw)
- mess = "Your account has been successfully created."
- if CFG_ACCESS_CONTROL_NOTIFY_USER_ABOUT_NEW_ACCOUNT == 1:
- mess += " An email has been sent to the given address with the account information."
- if CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS >= 1:
- mess += " A second email will be sent when the account has been activated and can be used."
- else:
- mess += """ To continue to your account, press <a href="%s/youraccount.py/display?ln=%s">here</a>""" % (weburl, ln)
- elif ruid ==-1 :
- mess ="The user already exists in the database, please try again"
- act = "login"
- else:
- mess ="Your are not registered into the system please try again"
- act = "login"
- return page(title="Register failure",
- body=webaccount.perform_back(mess,act),
- navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
- description="CDS Personalize, Main page",
- keywords="CDS, personalize",
- uid=uid,
- language=ln,
- lastupdated=__lastupdated__)
+ mess ="Your are not registered into the system please try again"
+ act = "register"
+ title = "Register failure"
+
+ return page(title=title,
+ body=webaccount.perform_back(mess,act),
+ navtrail="""<a class="navtrail" href="%s/youraccount.py/display?ln=%s">Your Account</a>""" % (weburl, ln),
+ description="CDS Personalize, Main page",
+ keywords="CDS, personalize",
+ uid=uid,
+ language=ln,
+ lastupdated=__lastupdated__)