-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jordan Baker wrote:
> I'm having problems setting member properties from a PAS plugin. I'm > looking for feedback on my approach to solving this use case, and help > on resolving the problem. > > The use case > ------------ > > Implement simple password expiry in Plone. There are other solutions but > those I've looked at so far have had to override many of the standard > plone_login templates thus making the implementation future-brittle. > > Potential Solution > ------------------ > > Use an IUpdateCredentialPlugin so that when a member logs the password > age is examined. Those plugins are only called when a user is manually changing their password, which is pretty much the opposite of what you need (if they are changing it, then expiration is moot, no?) > If it is now expired then set the standard property must_change_password > to True. You want to hook into the 'IPropertiesPlugin' chain, and get a chance to set the property on the newly-minted user object there. You might also add custom 'IRolesPlugin' / 'IGroupsPlugin' plugin which granted acccess, or group membership, only if that property was not present. > After which Plone's regular must_change_password mechanism in > plone_login skins takes over. > > I suppose one of the downsides is that this means that it will be > examined on each user REQUEST? This could be optimized away I suppose > somehow... The performance hit is going to be pretty negligible here, compared to the cost of rendering Plone's main_template. > Major Roadblock > --------------- > > When I update member properties from an updateCredentials() method > they revert back by the time the REQUEST is finished. Your plugin isn't even being *called* in t normal request. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 [EMAIL PROTECTED] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHGjh9+gerLs4ltQ4RAor9AJ9cMXYL1nJg8JXE79bGs/lNFuNQZwCeL+L3 wwu/syEOBcc2bcUWsniYfy4= =k4Zs -----END PGP SIGNATURE----- _______________________________________________ Zope-PAS mailing list [email protected] http://mail.zope.org/mailman/listinfo/zope-pas
