Your message dated Sun, 28 Jun 2009 14:53:20 +0200
with message-id <[email protected]>
and subject line Password protect account-creation
has caused the Debian Bug report #411312,
regarding python-moinmoin: Please include patch for account-creation password 
anti-spam measure
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
411312: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=411312
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: python-moinmoin
Version: 1.5.3-1.1
Severity: wishlist
Tags: patch

The attached patch adds a configuration option for an account-creation
password.  If a wiki specifies an account-creation password, the user creation
form requires this password in order to create an account.  This serves as an
anti-spam measure, as well as a means to limit account creation to users who
have previously contacted another user for the password.

Thanks to Jamey Sharp for testing and feedback on this patch.

- Josh Triplett

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.20-rc6
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
diff -Naur moin-1.5.3.orig/MoinMoin/multiconfig.py moin-1.5.3/MoinMoin/multiconfig.py
--- moin-1.5.3.orig/MoinMoin/multiconfig.py	2006-04-07 11:22:01.000000000 -0700
+++ moin-1.5.3/MoinMoin/multiconfig.py	2007-02-17 17:55:29.000000000 -0800
@@ -163,7 +163,10 @@
 
 class DefaultConfig:
     """ default config values """
-    
+
+    account_creation_password = None
+    account_creation_password_help = ''
+
     # All acl_right lines must use unicode!
     acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read,write"
     acl_rights_before = u""
@@ -418,6 +421,8 @@
         ##('', _('Date format'), [self._dtfmt_select()])
         ##('', _('Preferred language'), [self._lang_select()])
     ]
+    # Need to create this now, since _ gets deleted before __init__
+    account_creation_password_text = _('Account-creation password')
     user_form_defaults = { # key: default
         'name': '',
         'aliasname': '',
@@ -436,7 +441,7 @@
     user_form_remove = []
     
     # attributes we do NOT save to the userpref file
-    user_transient_fields =  ['id', 'valid', 'may', 'auth_username', 'trusted', 'password', 'password2', 'auth_method', 'auth_attribs']
+    user_transient_fields =  ['id', 'valid', 'may', 'auth_username', 'trusted', 'password', 'password2', 'account_creation_password', 'auth_method', 'auth_attribs']
 
     user_homewiki = 'Self' # interwiki name for where user homepages are located
 
@@ -511,6 +516,16 @@
         # check if mail is possible and set flag:
         self.mail_enabled = (self.mail_smarthost is not None or self.mail_sendmail is not None) and self.mail_from
 
+        # If the configuration includes an account-creation password, add the
+        # corresponding form field.
+        if self.account_creation_password is not None:
+                    
+            self.user_form_fields.append(
+                ('account_creation_password',
+                 self.account_creation_password_text, "password", "36",
+                 self.account_creation_password_help))
+            self.user_form_defaults['account_creation_password'] = ''
+
     def _config_check(self):
         """ Check namespace and warn about unknown names
         
diff -Naur moin-1.5.3.orig/MoinMoin/userform.py moin-1.5.3/MoinMoin/userform.py
--- moin-1.5.3.orig/MoinMoin/userform.py	2006-03-26 13:17:26.000000000 -0800
+++ moin-1.5.3/MoinMoin/userform.py	2007-02-17 17:51:00.000000000 -0800
@@ -102,6 +102,15 @@
             except KeyError:
                 return _("Empty user name. Please enter a user name.")
 
+            # Require account-creation password if any
+            if (self.cfg.account_creation_password is not None
+                and (form.get('account_creation_password', [''])[0]
+                     != self.cfg.account_creation_password)):
+                if not form.get('account_creation_password', [''])[0]:
+                    return _("You must specify the account-creation password to create an account.") + self.cfg.account_creation_password_help
+                else:
+                    return _("Incorrect account-creation password.  You must specify the correct account-creation password to create an account.") + self.cfg.account_creation_password_help
+
             # Don't allow users with invalid names
             if not user.isValidName(self.request, theuser.name):
                 return _("""Invalid user name {{{'%s'}}}.
@@ -293,7 +302,8 @@
             already_handled = ['name', 'password', 'password2', 'email',
                                'aliasname', 'edit_rows', 'editor_default',
                                'editor_ui', 'tz_offset', 'datetime_fmt',
-                               'theme_name', 'language']
+                               'theme_name', 'language',
+                               'account_creation_password']
             for field in self.cfg.user_form_fields:
                 key = field[0]
                 if ((key in self.cfg.user_form_disable)
@@ -589,7 +599,8 @@
                 ('cancel', _('Cancel')),
             ]
             for key, label, type, length, textafter in self.cfg.user_form_fields:
-                if key in ('name', 'password', 'password2', 'email'):
+                if key in ('name', 'password', 'password2', 'email',
+                           'account_creation_password'):
                     self.make_row(_(label),
                               [ html.INPUT(type=type, size=length, name=key,
                                            value=''),

--- End Message ---
--- Begin Message ---
fixed 411312 1.6.2-1
fixed 411312 1.7.1-2
#The patch is obsolete.
tag 411312 -patch
thanks

Moinmoin, since 1.6.0-beta2, has a feature named TextCha.

You can achieve the feature you want by enabling Textcha, and put one
single challenge in you wiki configuration file, like :

textchas = {
       'en' : {
            u"What's the password?":ur"(MySecret),
       }
    }

Then you want to let them without typing the password again and again,
so you can also add the directive:
   textchas_disabled_group = u"MyFriendsGroup"

Then contributors should add their names to that page, with a bullet,
like:
 * JohnDoe

Regards,

Franklin



--- End Message ---

Reply via email to