[Zope-PAS] Problem setting member properties from PAS IUpdateCredentialPlugin

Jordan Baker jbb at scryent.com
Sat Oct 20 07:38:01 EDT 2007 

I'm having problems setting member properties from a PAS plugin.  I'm 
looking for feedback on my approach to solving this use case, and help 
on resolving the problem.

The use case
------------

Implement simple password expiry in Plone. There are other solutions but
those I've looked at so far have had to override many of the standard
plone_login templates thus making the implementation future-brittle.

Potential Solution
------------------

Use an IUpdateCredentialPlugin so that when a member logs the password 
age is examined.

If it is now expired then set the standard property must_change_password
to True.

After which Plone's regular must_change_password mechanism in 
plone_login skins takes over.

I suppose one of the downsides is that this means that it will be
examined on each user REQUEST? This could be optimized away I suppose 
somehow...

Major Roadblock
---------------

When I update member properties from an updateCredentials() method
they revert back by the time the REQUEST is finished.

Here's an example updateCredentials() method that sets the e-mail:

     def updateCredentials(self, request, response, login, new_password):
         mtool = getToolByName(self, 'portal_membership', None)
         if not mtool:
             return
         member = mtool.getMemberById(login)
         if not member:
             return
         member.setMemberProperties(dict(email="foo at bar.com"))
         logger.debug("changed members email")
         assert member.getProperty('email') == 'foo at bar.com'
         return

And a doctest which fails:

       >>> browser.getLink('Log in').click()
       >>> browser.getControl(name='__ac_name').value = PTC.default_user
       >>> browser.getControl(name='__ac_password').value = 
PTC.default_password
       >>> browser.getControl(name='submit').click()

       This next one fails but should succeed....
       >>> member.getProperty('email')
       "foo at bar.com"

By looking into the logs I can see that indeed the handler is getting called
and the assertion succeeds. Somewhere along the line the property 
changes are
reverting.


I'm looking for feedback to know if I'm on the right track or if there 
is a better approach I should looking at. If the approach is ok, I would 
appreciate some tips of tracking down the bug (PAS, PlonePAS?).

Thanks,

-jordan (hexsprite)

More information about the Zope-PAS mailing list