I'm having problems setting member properties from a PAS plugin. I'm
looking for feedback on my approach to solving this use case, and help
on resolving the problem.
The use case
Implement simple password expiry in Plone. There are other solutions but
those I've looked at so far have had to override many of the standard
plone_login templates thus making the implementation future-brittle.
Use an IUpdateCredentialPlugin so that when a member logs the password
age is examined.
If it is now expired then set the standard property must_change_password
After which Plone's regular must_change_password mechanism in
plone_login skins takes over.
I suppose one of the downsides is that this means that it will be
examined on each user REQUEST? This could be optimized away I suppose
When I update member properties from an updateCredentials() method
they revert back by the time the REQUEST is finished.
Here's an example updateCredentials() method that sets the e-mail:
def updateCredentials(self, request, response, login, new_password):
mtool = getToolByName(self, 'portal_membership', None)
if not mtool:
member = mtool.getMemberById(login)
if not member:
logger.debug("changed members email")
assert member.getProperty('email') == '[EMAIL PROTECTED]'
And a doctest which fails:
>>> browser.getLink('Log in').click()
>>> browser.getControl(name='__ac_name').value = PTC.default_user
>>> browser.getControl(name='__ac_password').value =
This next one fails but should succeed....
By looking into the logs I can see that indeed the handler is getting called
and the assertion succeeds. Somewhere along the line the property
I'm looking for feedback to know if I'm on the right track or if there
is a better approach I should looking at. If the approach is ok, I would
appreciate some tips of tracking down the bug (PAS, PlonePAS?).
Zope-PAS mailing list