Package: python-moinmoin
Version: 1.5.3-1.1
Severity: wishlist
Tags: patch
The attached patch adds a configuration option for an account-creation
password. If a wiki specifies an account-creation password, the user creation
form requires this password in order to create an account. This serves as an
anti-spam measure, as well as a means to limit account creation to users who
have previously contacted another user for the password.
Thanks to Jamey Sharp for testing and feedback on this patch.
- Josh Triplett
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.20-rc6
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
diff -Naur moin-1.5.3.orig/MoinMoin/multiconfig.py moin-1.5.3/MoinMoin/multiconfig.py
--- moin-1.5.3.orig/MoinMoin/multiconfig.py 2006-04-07 11:22:01.000000000 -0700
+++ moin-1.5.3/MoinMoin/multiconfig.py 2007-02-17 17:55:29.000000000 -0800
@@ -163,7 +163,10 @@
class DefaultConfig:
""" default config values """
-
+
+ account_creation_password = None
+ account_creation_password_help = ''
+
# All acl_right lines must use unicode!
acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read,write"
acl_rights_before = u""
@@ -418,6 +421,8 @@
##('', _('Date format'), [self._dtfmt_select()])
##('', _('Preferred language'), [self._lang_select()])
]
+ # Need to create this now, since _ gets deleted before __init__
+ account_creation_password_text = _('Account-creation password')
user_form_defaults = { # key: default
'name': '',
'aliasname': '',
@@ -436,7 +441,7 @@
user_form_remove = []
# attributes we do NOT save to the userpref file
- user_transient_fields = ['id', 'valid', 'may', 'auth_username', 'trusted', 'password', 'password2', 'auth_method', 'auth_attribs']
+ user_transient_fields = ['id', 'valid', 'may', 'auth_username', 'trusted', 'password', 'password2', 'account_creation_password', 'auth_method', 'auth_attribs']
user_homewiki = 'Self' # interwiki name for where user homepages are located
@@ -511,6 +516,16 @@
# check if mail is possible and set flag:
self.mail_enabled = (self.mail_smarthost is not None or self.mail_sendmail is not None) and self.mail_from
+ # If the configuration includes an account-creation password, add the
+ # corresponding form field.
+ if self.account_creation_password is not None:
+
+ self.user_form_fields.append(
+ ('account_creation_password',
+ self.account_creation_password_text, "password", "36",
+ self.account_creation_password_help))
+ self.user_form_defaults['account_creation_password'] = ''
+
def _config_check(self):
""" Check namespace and warn about unknown names
diff -Naur moin-1.5.3.orig/MoinMoin/userform.py moin-1.5.3/MoinMoin/userform.py
--- moin-1.5.3.orig/MoinMoin/userform.py 2006-03-26 13:17:26.000000000 -0800
+++ moin-1.5.3/MoinMoin/userform.py 2007-02-17 17:51:00.000000000 -0800
@@ -102,6 +102,15 @@
except KeyError:
return _("Empty user name. Please enter a user name.")
+ # Require account-creation password if any
+ if (self.cfg.account_creation_password is not None
+ and (form.get('account_creation_password', [''])[0]
+ != self.cfg.account_creation_password)):
+ if not form.get('account_creation_password', [''])[0]:
+ return _("You must specify the account-creation password to create an account.") + self.cfg.account_creation_password_help
+ else:
+ return _("Incorrect account-creation password. You must specify the correct account-creation password to create an account.") + self.cfg.account_creation_password_help
+
# Don't allow users with invalid names
if not user.isValidName(self.request, theuser.name):
return _("""Invalid user name {{{'%s'}}}.
@@ -293,7 +302,8 @@
already_handled = ['name', 'password', 'password2', 'email',
'aliasname', 'edit_rows', 'editor_default',
'editor_ui', 'tz_offset', 'datetime_fmt',
- 'theme_name', 'language']
+ 'theme_name', 'language',
+ 'account_creation_password']
for field in self.cfg.user_form_fields:
key = field[0]
if ((key in self.cfg.user_form_disable)
@@ -589,7 +599,8 @@
('cancel', _('Cancel')),
]
for key, label, type, length, textafter in self.cfg.user_form_fields:
- if key in ('name', 'password', 'password2', 'email'):
+ if key in ('name', 'password', 'password2', 'email',
+ 'account_creation_password'):
self.make_row(_(label),
[ html.INPUT(type=type, size=length, name=key,
value=''),
