Summary

• Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

...	...	@@ -14,7 +14,8 @@
14	14	## The name of the class used for storing password reset verification data.
15	15	#set ($verifClass = 'XWiki.ResetPasswordRequestClass')
16	16	#set ($userName = "$!request.get('u')")
17		-#if ($userName == '')## First step, display the form requesting the username
	17	+## First step, display the form requesting the username
	18	+#if ($userName == '' || !$services.csrf.isTokenValid($request.form_token))
18	18	{{translation key="xe.admin.passwordReset.instructions"/}}
19	19
20	20	{{html}}
...	...	@@ -35,21 +35,19 @@
35	35	## Check if the user exists and has a valid email address configured in his profile
36	36	#set ($userObj = '')
37	37	#set ($userObj = $userDoc.getObject('XWiki.XWikiUsers'))
38		- #if (!$userObj)
39		-
40		- {{warning}}$services.localization.render('xe.admin.passwordReset.error.noUser', ["//${escapetool.xml($userName)}//"]){{/warning}}
41		-
42		- #elseif ($userDoc.getObject('XWiki.LDAPProfileClass'))
43		-
44		- {{warning}}$services.localization.render('xe.admin.passwordReset.error.ldapUser', ["//${escapetool.xml($userName)}//"]){{/warning}}
45		-
46		- #else
47		- #set ($userEmail = $userObj.getProperty('email').value)
48		- #if ("$!userEmail" == '')
49		-
50		- {{error}}{{translation key="xe.admin.passwordReset.error.noEmail"/}}{{/error}}
51		-
	39	+ ## If local user does not exist check global user
	40	+ #if (!$userObj && ${xcontext.database} != ${xcontext.mainWikiName})
	41	+ #if ($userName.indexOf('.') != -1)
	42	+ #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:${userName}"))
52	52	#else
	44	+ #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:XWiki.${userName}"))
	45	+ #end
	46	+ #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers'))
	47	+ #end
	48	+ #set ($errorDisplayed = false)
	49	+ #if ($userObj && !$userDoc.getObject('XWiki.LDAPProfileClass'))
	50	+ #set ($userEmail = $userObj.getProperty('email').value)
	51	+ #if ("$!userEmail" != '')
53	53	## Find the object that will hold the verification string
54	54	#set ($verifObj = '')
55	55	#set ($verifObj = $userDoc.getObject($verifClass, true))
...	...	@@ -59,18 +59,19 @@
59	59	#set ($discard = $verifObj.set('verification', $verifStr))
60	60	#set ($discard = $userDoc.saveAsAuthor($services.localization.render('xe.admin.passwordReset.versionComment'), true))
61	61	## Compose the verification URL
62		- #set ($passwordResetURL = $xwiki.getDocument('XWiki.ResetPasswordComplete').getExternalURL('view', "u=${userName}&v=${verifStr}"))
	61	+ #set ($userDocRef = $escapetool.url($services.model.serialize($userDoc.documentReference, 'default')))
	62	+ #set ($passwordResetURL = $xwiki.getDocument("XWiki.ResetPasswordComplete").getExternalURL('view', "u=${userDocRef}&v=${verifStr}"))
63	63	## Send the email
64		- #set ($from = $services.mailsender.configuration.fromAddress)
	64	+ #set ($from = $services.mail.sender.configuration.fromAddress)
65	65	#if ("$!from" == '')
66	66	#set ($from = "no-reply@${request.serverName}")
67	67	#end
68	68	#set ($mailTemplateReference = $services.model.createDocumentReference('', 'XWiki', 'ResetPasswordMailContent'))
69	69	#set ($mailParameters = {'from' : $from, 'to' : $userEmail, 'language' : $xcontext.locale})
70		- #set ($message = $services.mailsender.createMessage('template', $mailTemplateReference, $mailParameters))
	70	+ #set ($message = $services.mail.sender.createMessage('template', $mailTemplateReference, $mailParameters))
71	71	#set ($discard = $message.setType('Reset Password'))
72	72	#macro (displayError $text)
73		-
	73	+ #set ($errorDisplayed = true)
74	74	{{html}}
75	75	<div class="xwikirenderingerror" title="Click to get more details about the error" style="cursor: pointer;">
76	76	$services.localization.render('xe.admin.passwordReset.error.emailFailed')
...	...	@@ -82,28 +82,29 @@
82	82
83	83	#end
84	84	## Check for an error constructing the message!
85		- #if ($services.mailsender.lastError)
86		- #displayError($exceptiontool.getStackTrace($services.mailsender.lastError))
	85	+ #if ($services.mail.sender.lastError)
	86	+ #displayError($exceptiontool.getStackTrace($services.mail.sender.lastError))
87	87	#else
88	88	## Send the message and wait for it to be sent or for any error to be raised.
89		- #set ($mailResult = $services.mailsender.send([$message], 'database'))
	89	+ #set ($mailResult = $services.mail.sender.send([$message], 'database'))
90	90	## Check for errors during the send
91		- #if ($services.mailsender.lastError)
92		- #displayError($exceptiontool.getStackTrace($services.mailsender.lastError))
	91	+ #if ($services.mail.sender.lastError)
	92	+ #displayError($exceptiontool.getStackTrace($services.mail.sender.lastError))
93	93	#else
94	94	#set ($failedMailStatuses = $mailResult.statusResult.getAllErrors())
95	95	#if ($failedMailStatuses.hasNext())
96	96	#set ($mailStatus = $failedMailStatuses.next())
97	97	#displayError($mailStatus.errorDescription)
98		- #else
99		-
100		- {{info}}$services.localization.render('xe.admin.passwordReset.emailSent', ["$userDoc.display('email', $userObj)"]){{/info}}
101		-
102	102	#end
103	103	#end
104	104	#end
105	105	#end
106	106	#end
	103	+ #if (!$errorDisplayed)
	104	+
	105	+ {{info}}$services.localization.render('xe.admin.passwordReset.emailSentToUsername', ["$escapetool.xml(${userName})"]){{/info}}
	106	+
	107	+ #end
107	107	[[{{translation key="xe.admin.passwordReset.error.retry"/}}>>$doc.fullName]] | [[{{translation key="xe.admin.passwordReset.error.recoverUsername"/}}>>ForgotUsername]] | [[{{translation key="xe.admin.passwordReset.login"/}}>>path:$xwiki.getURL('XWiki.XWikiLogin', 'login')]]
108	108	#end
109	109	## Clear private variables, so that they cannot be accessed from the rest of the page (comments, panels...)