diff --git a/CHANGES.txt b/CHANGES.txt
index 3a66e3f..95ac758 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -11,6 +11,8 @@ Changelog
- Amend browser.txt test to the new p.a.registry-based control panels
(Plone 5 only).
[timo]
+- Added userid information in reset mail (useful when the administrator resets a user password)
+ [sgeulette]
2.1.1 (2014-10-22)
diff --git a/Products/PasswordResetTool/skins/PasswordReset/mail_password_template.pt b/Products/PasswordResetTool/skins/PasswordReset/mail_password_template.pt
index 792967e..d5a57a1 100644
--- a/Products/PasswordResetTool/skins/PasswordReset/mail_password_template.pt
+++ b/Products/PasswordResetTool/skins/PasswordReset/mail_password_template.pt
@@ -3,12 +3,22 @@
member python:options['member'];
portal_state context/@@plone_portal_state;
view context/@@passwordreset_view;
+ isAnon context/@@plone_portal_state/anonymous;
reset python:options['reset']"
>From:
To:
Subject:
Precedence: bulk
+
+The site administrator asks you to reset your password for '' userid. Your old password doesn't work anymore.
+
+
+ tal:omit-tag=""
+ tal:condition="isAnon">
If you didn't expect to receive this email, please ignore it. Your password has not been changed.
Request made from IP address >> form.getControl(name='userid').value = 'jsmith'
>>> form.submit()
+We check if the old password always works.
+
+ >>> browser.open('http://nohost/plone/login')
+ >>> browser.getControl(name='__ac_name').value = 'jsmith'
+ >>> browser.getControl(name='__ac_password').value = 'secret'
+ >>> browser.getControl(name='submit').click()
+
+We should be logged in now:
+
+ >>> "You are now logged in" in browser.contents
+ True
+
+Log out again:
+
+ >>> browser.getLink('Log out').click()
+ >>> "You are now logged out" in browser.contents
+ True
+
As part of our test setup, we replaced the original MailHost with our
own version. Our version doesn't mail messages, it just collects them
in a list called ``messages``:
@@ -170,13 +189,17 @@ then we extract the address that lets us reset our password:
>>> msg = quopri.decodestring(msg)
>>> "To: jsmith@example.com" in msg
True
+ >>> "The site administrator asks you to reset your password for 'jsmith' userid" in msg
+ False
>>> please_visit_text = "The following link will take you to a page where you can reset your password for Plone site site:"
>>> please_visit_text in msg
True
>>> url_index = msg.index(please_visit_text) + len(please_visit_text)
>>> address = msg[url_index:].strip().split()[0]
- >>> address # doctest: +ELLIPSIS
+ >>> address # doctest: +ELLIPSIS
'http://nohost/plone/passwordreset/...'
+ >>> "If you didn't expect to receive this email" in msg
+ True
Now that we have the address, we will reset our password:
@@ -221,6 +244,9 @@ Log out again:
- Register a member (with send email checked???)
- Log out
- Log in as the new member
+ - A manager resets a user password
+ - Check if this is a hard reset (old password is changed)
+ - Check the received mail
First, we want to login as the portal owner:
@@ -261,6 +287,56 @@ We want to logout and login as the new member:
>>> browser.getLink('Log out').click()
+Again, we want to login as the portal owner:
+
+ >>> browser.open('http://nohost/plone/login')
+ >>> browser.getControl(name='__ac_name').value = SITE_OWNER_NAME
+ >>> browser.getControl(name='__ac_password').value = SITE_OWNER_PASSWORD
+ >>> browser.getControl(name='submit').click()
+ >>> "You are now logged in" in browser.contents
+ True
+
+We navigate to the Users Overview page and reset a password user:
+
+ >>> browser.getLink('Site Setup').click()
+ >>> browser.getLink('Users and Groups').click()
+ >>> resets = browser.getControl(name='users.resetpassword:records')
+ >>> reset = resets.getControl(value='wsmith')
+ >>> reset.selected = True
+ >>> browser.getControl(name="form.button.Modify").click()
+ >>> "Changes applied." in browser.contents
+ True
+ >>> browser.getLink('Log out').click()
+ >>> "You are now logged out" in browser.contents
+ True
+
+We check if the old password is well changed.
+
+ >>> browser.open('http://nohost/plone/login')
+ >>> browser.getControl(name='__ac_name').value = 'wsmith'
+ >>> browser.getControl(name='__ac_password').value = 'supersecret'
+ >>> browser.getControl(name='submit').click()
+
+We should not be logged in:
+
+ >>> "Login failed" in browser.contents
+ True
+
+We should have received an e-mail at this point:
+
+ >>> mailhost = layer['portal'].MailHost
+ >>> len(mailhost.messages)
+ 2
+ >>> import quopri
+ >>> msg = quopri.decodestring(str(mailhost.messages[-1]))
+ >>> "The site administrator asks you to reset your password for 'wsmith' userid" in msg
+ True
+ >>> please_visit_text = "The following link will take you to a page where you can reset your password for Plone site site:"
+ >>> please_visit_text in msg
+ True
+ >>> "If you didn't expect to receive this email" in msg
+ False
+
1B. User joins with e-mail validation enabled and forgets password
------------------------------------------------------------------
@@ -311,7 +387,7 @@ We should have received an e-mail at this point:
>>> mailhost = layer['portal'].MailHost
>>> len(mailhost.messages)
- 2
+ 3
>>> msg = str(mailhost.messages[-1])
Now that we have the message, we want to look at its contents, and
@@ -397,7 +473,7 @@ We should have received an e-mail at this point:
>>> mailhost = layer['portal'].MailHost
>>> len(mailhost.messages)
- 3
+ 4
>>> msg = str(mailhost.messages[-1])
Now that we have the message, we want to look at its contents, and