diff -ur MoinMoin/multiconfig.py MoinMoin2/multiconfig.py --- MoinMoin/multiconfig.py 2005-03-12 15:26:14.000000000 -0600 +++ MoinMoin2/multiconfig.py 2005-03-25 03:59:12.498181700 -0600 @@ -155,6 +155,7 @@ acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read,write" acl_rights_before = u"" acl_rights_after = u"" + acl_rights_createuser = u"All:write" acl_rights_valid = ['read', 'write', 'delete', 'revert', 'admin'] allow_extended_names = 1 diff -ur MoinMoin/userform.py MoinMoin2/userform.py --- MoinMoin/userform.py 2005-03-06 16:15:42.000000000 -0600 +++ MoinMoin2/userform.py 2005-03-26 07:09:47.481875000 -0600 @@ -7,7 +7,7 @@ """ import string, time, re, Cookie -from MoinMoin import config, user, util, wikiutil +from MoinMoin import config, user, util, wikiutil, wikiacl from MoinMoin.util import web, mail, datetime from MoinMoin.widget import html @@ -142,6 +142,8 @@ self.request.setCookie() else: + createuseracl = wikiacl.CreateUserAccessControlList(self.request).may(self.request, self.request.user.name, "write") + # Save user profile theuser = user.User(self.request) @@ -160,12 +162,29 @@ # Is this an existing user trying to change information or a new user? # Name required to be unique. Check if name belong to another user. newuser = 1 - if user.getUserId(self.request, theuser.name): - if theuser.name != self.request.user.name: - return _("This user name already belongs to somebody else.") + + # create key is for existing users creating new users + # save key is for users creating or updating themselves + if form.has_key('save'): + if user.getUserId(self.request, theuser.name): + if theuser.name != self.request.user.name: + return _("This user name already belongs to somebody else.") else: newuser = 0 + # Now that we know if it's a new user or not, we can check the acl + if newuser and not createuseracl: + return _("You are not allowed to create a user account.") + + # create key is for existing users creating new users + # save key is for users creating or updating themselves + if newuser and form.has_key('create'): + theuserisnew = self.request + theuserisnew.saved_cookie = '' + theuserisnew.auth_username = '' + theuser = user.User(theuserisnew) + theuser.name = form['username'][0] + # try to get the password and pw repeat password = form.get('password', [''])[0] password2 = form.get('password2',[''])[0] @@ -256,8 +275,12 @@ # save data and send cookie theuser.save() - self.request.user = theuser - self.request.setCookie() + + # create key is for existing users creating new users + # save key is for users creating or updating themselves + if form.has_key('save'): + self.request.user = theuser + self.request.setCookie() result = _("User preferences saved!") if _debug: @@ -382,20 +405,25 @@ _ = self._ self.make_form() + createuseracl = wikiacl.CreateUserAccessControlList(self.request).may(self.request, self.request.user.name, "write") + if self.request.user.valid: # User preferences interface buttons = [ - ('save', _('Save')), - ('logout', _('Logout')), - ] + ('save', _('Save')) + ] + if createuseracl: + buttons.append(('create', _('Create Profile'))) + buttons.append(('logout', _('Logout'))) else: # Login / register interface buttons = [ # IMPORTANT: login should be first to be the default # button when a user click enter. ('login', _('Login')), - ("save", _('Create Profile')), ] + if createuseracl: + buttons.append(("save", _('Create Profile'))) if self.cfg.mail_smarthost: buttons.append(("login_sendmail", _('Mail me my account data'))) @@ -413,19 +441,29 @@ ' ', ]) - self.make_row(_('Password repeat'), [ - html.INPUT( - type="password", size="36", name="password2", - ), - ' ', _('(Only when changing passwords)'), - ]) + if self.request.user.valid or createuseracl: + self.make_row(_('Password repeat'), [ + html.INPUT( + type="password", size="36", name="password2", + ), + ' ', _('(Only when changing passwords)'), + ]) + + if self.cfg.mail_smarthost and not createuseracl: + self.make_row(_('Email'), [ + html.INPUT( + type="text", size="36", name="email", value=self.request.user.email + ), + ' ', _('(Only for mailing your account data)', formatted=False), + ]) + elif createuseracl: + self.make_row(_('Email'), [ + html.INPUT( + type="text", size="36", name="email", value=self.request.user.email + ), + ' ', + ]) - self.make_row(_('Email'), [ - html.INPUT( - type="text", size="36", name="email", value=self.request.user.email - ), - ' ', - ]) # Show options only if already logged in if self.request.user.valid: diff -ur MoinMoin/wikiacl.py MoinMoin2/wikiacl.py --- MoinMoin/wikiacl.py 2005-01-09 12:48:07.000000000 -0600 +++ MoinMoin2/wikiacl.py 2005-03-25 03:54:21.091931700 -0600 @@ -357,3 +357,28 @@ acl_lines.append(args) return AccessControlList(request, acl_lines) +class CreateUserAccessControlList(AccessControlList): + ''' Access Control List for Creating Users + + Control who may create new user accounts on the system + + Configuration options + + cfg.acl_rights_createuser + Defines who is able to create users. Permission is either + "write" or nothing. + Default: "All:write" + + ''' + + def __init__(self, request): + """Initialize an ACL, starting from . + """ + self.setLines(request.cfg) + + def setLines(self, cfg): + self.clean() + self.addCreateuser(cfg) + + def addCreateuser(self, cfg): + self.addLine(cfg, cfg.acl_rights_createuser, remember=0)