Jonathan Druart
6f204fdf96
There is a "debug" parameter we are passing from the controller scripts to C4::Auth::get_template_and_user, but it's not actually used! Test plan: Confirm the assumption Review the changes from this patch Generated with: perl -p -i -e 's#\s*debug\s*=\>\s*(0|1),?\s*##gms' **/*.pl git checkout misc/devel/update_dbix_class_files.pl # Wrong catch + Manual fix in acqui/neworderempty.pl Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
218 lines
7.4 KiB
Perl
Executable file
218 lines
7.4 KiB
Perl
Executable file
#!/usr/bin/perl
|
|
|
|
use Modern::Perl;
|
|
use CGI;
|
|
|
|
use C4::Auth;
|
|
use C4::Koha;
|
|
use C4::Output;
|
|
use C4::Context;
|
|
use Koha::Patron::Password::Recovery
|
|
qw(SendPasswordRecoveryEmail ValidateBorrowernumber GetValidLinkInfo CompletePasswordRecovery DeleteExpiredPasswordRecovery);
|
|
use Koha::Patrons;
|
|
my $query = CGI->new;
|
|
use HTML::Entities;
|
|
use Try::Tiny;
|
|
use List::Util qw/any/;
|
|
|
|
my ( $template, $dummy, $cookie ) = get_template_and_user(
|
|
{
|
|
template_name => "opac-password-recovery.tt",
|
|
query => $query,
|
|
type => "opac",
|
|
authnotrequired => 1,
|
|
}
|
|
);
|
|
|
|
my $email = $query->param('email') // q{};
|
|
my $password = $query->param('newPassword');
|
|
my $repeatPassword = $query->param('repeatPassword');
|
|
my $id = $query->param('id');
|
|
my $uniqueKey = $query->param('uniqueKey');
|
|
my $username = $query->param('username') // q{};
|
|
my $borrower_number;
|
|
|
|
#errors
|
|
my $hasError;
|
|
|
|
#email form error
|
|
my $errNoBorrowerFound;
|
|
my $errNoBorrowerEmail;
|
|
my $errMultipleAccountsForEmail;
|
|
my $errAlreadyStartRecovery;
|
|
my $errResetForbidden;
|
|
|
|
#new password form error
|
|
my $errLinkNotValid;
|
|
|
|
if ( $query->param('sendEmail') || $query->param('resendEmail') ) {
|
|
|
|
#try with the main email
|
|
my $borrower;
|
|
my $search_results;
|
|
# Find the borrower by userid, card number, or email
|
|
if ($username) {
|
|
$search_results = Koha::Patrons->search( { -or => { userid => $username, cardnumber => $username }, login_attempts => { '!=', Koha::Patron::ADMINISTRATIVE_LOCKOUT } } );
|
|
}
|
|
elsif ($email) {
|
|
$search_results = Koha::Patrons->search( { -or => { email => $email, emailpro => $email, B_email => $email }, login_attempts => { '!=', Koha::Patron::ADMINISTRATIVE_LOCKOUT } } );
|
|
}
|
|
|
|
if ( !defined $search_results || $search_results->count < 1) {
|
|
$hasError = 1;
|
|
$errNoBorrowerFound = 1;
|
|
}
|
|
elsif ( $username && $search_results->count > 1) { # Multiple accounts for username
|
|
$hasError = 1;
|
|
$errNoBorrowerFound = 1;
|
|
}
|
|
elsif ( $email && $search_results->count > 1) { # Muliple accounts for E-Mail
|
|
$hasError = 1;
|
|
$errMultipleAccountsForEmail = 1;
|
|
}
|
|
elsif ( $borrower = $search_results->next() ) { # One matching borrower
|
|
|
|
if ( $borrower->category->effective_reset_password ) {
|
|
|
|
my @emails = grep { $_ } ( $borrower->email, $borrower->emailpro, $borrower->B_email );
|
|
|
|
my $firstNonEmptyEmail;
|
|
$firstNonEmptyEmail = $emails[0] if @emails;
|
|
|
|
# Is the given email one of the borrower's ?
|
|
if ( $email && !( any { lc($_) eq lc($email) } @emails ) ) {
|
|
$hasError = 1;
|
|
$errNoBorrowerFound = 1;
|
|
}
|
|
|
|
# If there is no given email, and there is no email on record
|
|
elsif ( !$email && !$firstNonEmptyEmail ) {
|
|
$hasError = 1;
|
|
$errNoBorrowerEmail = 1;
|
|
}
|
|
|
|
# Check if a password reset already issued for this
|
|
# borrower AND we are not asking for a new email
|
|
elsif ( not $query->param('resendEmail') ) {
|
|
if ( ValidateBorrowernumber( $borrower->borrowernumber ) ) {
|
|
$hasError = 1;
|
|
$errAlreadyStartRecovery = 1;
|
|
}
|
|
else {
|
|
DeleteExpiredPasswordRecovery( $borrower->borrowernumber );
|
|
}
|
|
}
|
|
# Set the $email, if we don't have one.
|
|
if ( !$hasError && !$email ) {
|
|
$email = $firstNonEmptyEmail;
|
|
}
|
|
}
|
|
else {
|
|
$hasError = 1;
|
|
$errResetForbidden = 1;
|
|
}
|
|
}
|
|
else { # 0 matching borrower
|
|
$hasError = 1;
|
|
$errNoBorrowerFound = 1;
|
|
}
|
|
if ($hasError) {
|
|
$template->param(
|
|
hasError => 1,
|
|
errNoBorrowerFound => $errNoBorrowerFound,
|
|
errAlreadyStartRecovery => $errAlreadyStartRecovery,
|
|
errNoBorrowerEmail => $errNoBorrowerEmail,
|
|
errMultipleAccountsForEmail => $errMultipleAccountsForEmail,
|
|
errResetForbidden => $errResetForbidden,
|
|
password_recovery => 1,
|
|
email => HTML::Entities::encode($email),
|
|
username => $username
|
|
);
|
|
}
|
|
elsif ( SendPasswordRecoveryEmail( $borrower, $email, scalar $query->param('resendEmail') ) ) { # generate uuid and send recovery email
|
|
$template->param(
|
|
mail_sent => 1,
|
|
email => $email
|
|
);
|
|
}
|
|
else { # if it doesn't work....
|
|
$template->param(
|
|
hasError => 1,
|
|
password_recovery => 1,
|
|
sendmailError => 1
|
|
);
|
|
}
|
|
}
|
|
elsif ( $query->param('passwordReset') ) {
|
|
( $borrower_number, $username ) = GetValidLinkInfo($uniqueKey);
|
|
|
|
my $error;
|
|
my $min_password_length = C4::Context->preference('minPasswordPreference');
|
|
my $require_strong_password = C4::Context->preference('RequireStrongPassword');
|
|
if ( not $borrower_number ) {
|
|
$error = 'errLinkNotValid';
|
|
} elsif ( $password ne $repeatPassword ) {
|
|
$error = 'errPassNotMatch';
|
|
} else {
|
|
my $borrower = Koha::Patrons->find($borrower_number);
|
|
$min_password_length = $borrower->category->effective_min_password_length;
|
|
$require_strong_password = $borrower->category->effective_require_strong_password;
|
|
try {
|
|
$borrower->set_password({ password => $password });
|
|
|
|
CompletePasswordRecovery($uniqueKey);
|
|
$template->param(
|
|
password_reset_done => 1,
|
|
username => $username
|
|
);
|
|
}
|
|
catch {
|
|
if ( $_->isa('Koha::Exceptions::Password::TooShort') ) {
|
|
$error = 'password_too_short';
|
|
}
|
|
elsif ( $_->isa('Koha::Exceptions::Password::WhitespaceCharacters') ) {
|
|
$error = 'password_has_whitespaces';
|
|
}
|
|
elsif ( $_->isa('Koha::Exceptions::Password::TooWeak') ) {
|
|
$error = 'password_too_weak';
|
|
}
|
|
};
|
|
}
|
|
if ( $error ) {
|
|
$template->param(
|
|
new_password => 1,
|
|
email => $email,
|
|
uniqueKey => $uniqueKey,
|
|
hasError => 1,
|
|
$error => 1,
|
|
minPasswordLength => $min_password_length,
|
|
RequireStrongPassword => $require_strong_password
|
|
);
|
|
}
|
|
}
|
|
elsif ($uniqueKey) { #reset password form
|
|
#check if the link is valid
|
|
( $borrower_number, $username ) = GetValidLinkInfo($uniqueKey);
|
|
|
|
if ( !$borrower_number ) {
|
|
$errLinkNotValid = 1;
|
|
}
|
|
|
|
my $borrower = Koha::Patrons->find($borrower_number);
|
|
|
|
$template->param(
|
|
new_password => 1,
|
|
email => $email,
|
|
uniqueKey => $uniqueKey,
|
|
username => $username,
|
|
errLinkNotValid => $errLinkNotValid,
|
|
hasError => ( $errLinkNotValid ? 1 : 0 ),
|
|
minPasswordLength => $borrower->category->effective_min_password_length,
|
|
RequireStrongPassword => $borrower->category->effective_require_strong_password
|
|
);
|
|
}
|
|
else { #password recovery form (to send email)
|
|
$template->param( password_recovery => 1 );
|
|
}
|
|
|
|
output_html_with_http_headers $query, $cookie, $template->output;
|