Package: python-moinmoin Version: 1.5.3-1.1 Severity: wishlist Tags: patch The attached patch adds a configuration option for an account-creation password. If a wiki specifies an account-creation password, the user creation form requires this password in order to create an account. This serves as an anti-spam measure, as well as a means to limit account creation to users who have previously contacted another user for the password.
Thanks to Jamey Sharp for testing and feedback on this patch. - Josh Triplett -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.20-rc6 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
diff -Naur moin-1.5.3.orig/MoinMoin/multiconfig.py moin-1.5.3/MoinMoin/multiconfig.py --- moin-1.5.3.orig/MoinMoin/multiconfig.py 2006-04-07 11:22:01.000000000 -0700 +++ moin-1.5.3/MoinMoin/multiconfig.py 2007-02-17 17:55:29.000000000 -0800 @@ -163,7 +163,10 @@ class DefaultConfig: """ default config values """ - + + account_creation_password = None + account_creation_password_help = '' + # All acl_right lines must use unicode! acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read,write" acl_rights_before = u"" @@ -418,6 +421,8 @@ ##('', _('Date format'), [self._dtfmt_select()]) ##('', _('Preferred language'), [self._lang_select()]) ] + # Need to create this now, since _ gets deleted before __init__ + account_creation_password_text = _('Account-creation password') user_form_defaults = { # key: default 'name': '', 'aliasname': '', @@ -436,7 +441,7 @@ user_form_remove = [] # attributes we do NOT save to the userpref file - user_transient_fields = ['id', 'valid', 'may', 'auth_username', 'trusted', 'password', 'password2', 'auth_method', 'auth_attribs'] + user_transient_fields = ['id', 'valid', 'may', 'auth_username', 'trusted', 'password', 'password2', 'account_creation_password', 'auth_method', 'auth_attribs'] user_homewiki = 'Self' # interwiki name for where user homepages are located @@ -511,6 +516,16 @@ # check if mail is possible and set flag: self.mail_enabled = (self.mail_smarthost is not None or self.mail_sendmail is not None) and self.mail_from + # If the configuration includes an account-creation password, add the + # corresponding form field. + if self.account_creation_password is not None: + + self.user_form_fields.append( + ('account_creation_password', + self.account_creation_password_text, "password", "36", + self.account_creation_password_help)) + self.user_form_defaults['account_creation_password'] = '' + def _config_check(self): """ Check namespace and warn about unknown names diff -Naur moin-1.5.3.orig/MoinMoin/userform.py moin-1.5.3/MoinMoin/userform.py --- moin-1.5.3.orig/MoinMoin/userform.py 2006-03-26 13:17:26.000000000 -0800 +++ moin-1.5.3/MoinMoin/userform.py 2007-02-17 17:51:00.000000000 -0800 @@ -102,6 +102,15 @@ except KeyError: return _("Empty user name. Please enter a user name.") + # Require account-creation password if any + if (self.cfg.account_creation_password is not None + and (form.get('account_creation_password', [''])[0] + != self.cfg.account_creation_password)): + if not form.get('account_creation_password', [''])[0]: + return _("You must specify the account-creation password to create an account.") + self.cfg.account_creation_password_help + else: + return _("Incorrect account-creation password. You must specify the correct account-creation password to create an account.") + self.cfg.account_creation_password_help + # Don't allow users with invalid names if not user.isValidName(self.request, theuser.name): return _("""Invalid user name {{{'%s'}}}. @@ -293,7 +302,8 @@ already_handled = ['name', 'password', 'password2', 'email', 'aliasname', 'edit_rows', 'editor_default', 'editor_ui', 'tz_offset', 'datetime_fmt', - 'theme_name', 'language'] + 'theme_name', 'language', + 'account_creation_password'] for field in self.cfg.user_form_fields: key = field[0] if ((key in self.cfg.user_form_disable) @@ -589,7 +599,8 @@ ('cancel', _('Cancel')), ] for key, label, type, length, textafter in self.cfg.user_form_fields: - if key in ('name', 'password', 'password2', 'email'): + if key in ('name', 'password', 'password2', 'email', + 'account_creation_password'): self.make_row(_(label), [ html.INPUT(type=type, size=length, name=key, value=''),