[open-ils-commits] [GIT] Evergreen ILS branch rel_2_1 updated. 6d4c3632a3993c14483f729d8b85d64388c7518f
Evergreen Git
git at git.evergreen-ils.org
Tue Oct 4 12:56:15 EDT 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, rel_2_1 has been updated
via 6d4c3632a3993c14483f729d8b85d64388c7518f (commit)
from 14b0f9f9718776dc42141c47d063756cd823d047 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6d4c3632a3993c14483f729d8b85d64388c7518f
Author: Thomas Berezansky <tsbere at mvlc.org>
Date: Sat Sep 24 16:51:20 2011 -0400
Require password to change email/username
Alter backend to check password period, not just for password changes.
Add form elements for asking for current password to JSPac.
Add handling for said form elements where needed.
Signed-off-by: Thomas Berezansky <tsbere at mvlc.org>
Signed-off-by: Bill Erickson <berick at esilibrary.com>
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
index 90ba288..1f96787 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
@@ -1254,9 +1254,10 @@ __PACKAGE__->register_method(
desc => "Update the operator's username",
params => [
{ desc => 'Authentication token', type => 'string' },
- { desc => 'New username', type => 'string' }
+ { desc => 'New username', type => 'string' },
+ { desc => 'Current password', type => 'string' }
],
- return => {desc => '1 on success, Event on error'}
+ return => {desc => '1 on success, Event on error or incorrect current password'}
}
);
@@ -1267,9 +1268,10 @@ __PACKAGE__->register_method(
desc => "Update the operator's email address",
params => [
{ desc => 'Authentication token', type => 'string' },
- { desc => 'New email address', type => 'string' }
+ { desc => 'New email address', type => 'string' },
+ { desc => 'Current password', type => 'string' }
],
- return => {desc => '1 on success, Event on error'}
+ return => {desc => '1 on success, Event on error or incorrect current password'}
}
);
@@ -1282,12 +1284,14 @@ sub update_passwd {
or return $e->die_event;
my $api = $self->api_name;
+ # make sure the original password matches the in-database password
+ if (md5_hex($orig_pw) ne $db_user->passwd) {
+ $e->rollback;
+ return new OpenILS::Event('INCORRECT_PASSWORD');
+ }
+
if( $api =~ /password/o ) {
- # make sure the original password matches the in-database password
- if (md5_hex($orig_pw) ne $db_user->passwd) {
- $e->rollback;
- return new OpenILS::Event('INCORRECT_PASSWORD');
- }
+
$db_user->passwd($new_val);
} else {
diff --git a/Open-ILS/web/opac/skin/default/js/myopac.js b/Open-ILS/web/opac/skin/default/js/myopac.js
index 12fbaf1..638ed08 100644
--- a/Open-ILS/web/opac/skin/default/js/myopac.js
+++ b/Open-ILS/web/opac/skin/default/js/myopac.js
@@ -1057,6 +1057,7 @@ function myopacSaveAddress(row, addr, deleteMe) {
function myOPACUpdateUsername() {
var username = $('myopac_new_username').value;
+ var curpassword = $('myopac_username_current_password').value;
if(username == null || username == "") {
alert($('myopac_username_error').innerHTML);
return;
@@ -1091,7 +1092,7 @@ function myOPACUpdateUsername() {
return;
}
- var req = new Request(UPDATE_USERNAME, G.user.session, username );
+ var req = new Request(UPDATE_USERNAME, G.user.session, username, curpassword );
req.send(true);
if(req.result()) {
@@ -1115,12 +1116,13 @@ function myOPACUpdateUsername() {
function myOPACUpdateEmail() {
var email = $('myopac_new_email').value;
+ var curpassword = $('myopac_email_current_password').value;
if(email == null || email == "") {
alert($('myopac_email_error').innerHTML);
return;
}
- var req = new Request(UPDATE_EMAIL, G.user.session, email );
+ var req = new Request(UPDATE_EMAIL, G.user.session, email, curpassword );
req.send(true);
if(req.result()) {
G.user.email(email);
diff --git a/Open-ILS/web/opac/skin/default/xml/myopac/myopac_summary.xml b/Open-ILS/web/opac/skin/default/xml/myopac/myopac_summary.xml
index 40eda7f..821f870 100644
--- a/Open-ILS/web/opac/skin/default/xml/myopac/myopac_summary.xml
+++ b/Open-ILS/web/opac/skin/default/xml/myopac/myopac_summary.xml
@@ -61,15 +61,26 @@
<td class='color_4 light_border'>&common.username;</td>
<td class='light_border' id='myopac_summary_username'> </td>
<td class='light_border'><a href='javascript:void(0);'
- onclick='unHideMe($("myopac_update_username_row"));$("myopac_new_username").focus();'
+ onclick='unHideMe($("myopac_update_username_row"));$("myopac_username_current_password").focus();'
id='myopac_summary_username_change' style='text-decoration: underline;'>&myopac.summary.change;</a></td>
</tr>
<tr id='myopac_update_username_row' class='hide_me'>
<td class='myopac_update_cell' colspan='3'>
- <span class='myopac_update_span'>&myopac.summary.username.enter; </span>
- <input type='text' size='24' id='myopac_new_username'
- onkeydown='if(userPressedEnter(event)) myOPACUpdateUsername();' />
+
+ <table><tbody>
+ <tr>
+ <td><span class='myopac_update_span'>&myopac.summary.password.current; </span></td>
+ <td><input type='password' size='24' id='myopac_username_current_password'
+ onkeydown='if(userPressedEnter(event)) myOPACUpdateUsername();' /></td>
+ </tr>
+ <tr>
+ <td><span class='myopac_update_span'>&myopac.summary.username.enter; </span></td>
+ <td><input type='text' size='24' id='myopac_new_username'
+ onkeydown='if(userPressedEnter(event)) myOPACUpdateUsername();' /></td>
+ </tr>
+ </tbody></table>
+
<span class='myopac_update_span'>
<button onclick='myOPACUpdateUsername();'>&common.submit;</button>
</span>
@@ -122,15 +133,26 @@
<td class='color_4 light_border'>&myopac.summary.email;</td>
<td class='light_border' id='myopac_summary_email'> </td>
<td class='light_border'><a href='javascript:void(0);'
- onclick='unHideMe($("myopac_update_email_row"));$("myopac_new_email").focus();'
+ onclick='unHideMe($("myopac_update_email_row"));$("myopac_email_current_password").focus();'
id='myopac_summary_email_change' style='text-decoration: underline;'>&myopac.summary.change;</a></td>
</tr>
<tr id='myopac_update_email_row' class='hide_me'>
<td class='myopac_update_cell' colspan='3'>
- <span class='myopac_update_span'>&myopac.summary.email.new; </span>
- <input type='text' size='24' id='myopac_new_email'
- onkeydown='if(userPressedEnter(event)) myOPACUpdateEmail();' />
+
+ <table><tbody>
+ <tr>
+ <td><span class='myopac_update_span'>&myopac.summary.password.current; </span></td>
+ <td><input type='password' size='24' id='myopac_email_current_password'
+ onkeydown='if(userPressedEnter(event)) myOPACUpdateEmail();' /></td>
+ </tr>
+ <tr>
+ <td><span class='myopac_update_span'>&myopac.summary.email.new; </span></td>
+ <td><input type='text' size='24' id='myopac_new_email'
+ onkeydown='if(userPressedEnter(event)) myOPACUpdateEmail();' /></td>
+ </tr>
+ </tbody></table>
+
<span class='myopac_update_span'>
<button onclick='myOPACUpdateEmail();'>&common.submit;</button>
</span>
-----------------------------------------------------------------------
Summary of changes:
.../src/perlmods/lib/OpenILS/Application/Actor.pm | 22 +++++++-----
Open-ILS/web/opac/skin/default/js/myopac.js | 6 ++-
.../skin/default/xml/myopac/myopac_summary.xml | 38 +++++++++++++++----
3 files changed, 47 insertions(+), 19 deletions(-)
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list