From eda67ed4588d0a07a91896b90337bdbc8cc4c8f1 Mon Sep 17 00:00:00 2001
From: Dan Scott <dscott@laurentian.ca>
Date: Thu, 11 Jul 2013 13:04:53 -0400
Subject: [PATCH] Remove JSPAC-oriented PasswordReset.pm interface

A native TPAC interface for resetting passwords arrived some time ago,
and the i18n for PasswordReset.pm predated the more standardized
approach taken by TPAC. So... kill the JSPAC interface and save
ourselves a little bit of Apache overhead in the process.

Signed-off-by: Dan Scott <dscott@laurentian.ca>
Signed-off-by: Bill Erickson <berick@esilibrary.com>
---
 Open-ILS/examples/apache/eg.conf.in           |   1 -
 Open-ILS/examples/apache/eg_startup.in        |   1 -
 Open-ILS/examples/apache/eg_vhost.conf.in     |  15 --
 Open-ILS/examples/apache_24/eg.conf.in        |   1 -
 Open-ILS/examples/apache_24/eg_vhost.conf.in  |  15 --
 Open-ILS/src/perlmods/MANIFEST                |   1 -
 .../perlmods/lib/OpenILS/WWW/PasswordReset.pm | 219 ------------------
 Open-ILS/src/perlmods/t/15-OpenILS-WWW.t      |   3 +-
 .../templates/password-reset/request-form.tt2 |  33 ---
 .../templates/password-reset/reset-form.tt2   |  17 --
 .../templates/password-reset/strings.en-US    |  15 --
 .../templates/password-reset/strings.fr-CA    |  15 --
 12 files changed, 1 insertion(+), 335 deletions(-)
 delete mode 100644 Open-ILS/src/perlmods/lib/OpenILS/WWW/PasswordReset.pm
 delete mode 100644 Open-ILS/src/templates/password-reset/request-form.tt2
 delete mode 100644 Open-ILS/src/templates/password-reset/reset-form.tt2
 delete mode 100644 Open-ILS/src/templates/password-reset/strings.en-US
 delete mode 100644 Open-ILS/src/templates/password-reset/strings.fr-CA

diff --git a/Open-ILS/examples/apache/eg.conf.in b/Open-ILS/examples/apache/eg.conf.in
index d095e15b2a..acc495ce1a 100644
--- a/Open-ILS/examples/apache/eg.conf.in
+++ b/Open-ILS/examples/apache/eg.conf.in
@@ -18,7 +18,6 @@ PerlRequire /etc/apache2/eg_startup
 PerlChildInitHandler OpenILS::WWW::Reporter::child_init
 PerlChildInitHandler OpenILS::WWW::SuperCat::child_init
 PerlChildInitHandler OpenILS::WWW::AddedContent::child_init
-PerlChildInitHandler OpenILS::WWW::PasswordReset::child_init
 PerlChildInitHandler OpenILS::WWW::AutoSuggest::child_init
 
 # ----------------------------------------------------------------------------------
diff --git a/Open-ILS/examples/apache/eg_startup.in b/Open-ILS/examples/apache/eg_startup.in
index 9460258b54..12f4ea5a1c 100755
--- a/Open-ILS/examples/apache/eg_startup.in
+++ b/Open-ILS/examples/apache/eg_startup.in
@@ -11,7 +11,6 @@ use OpenILS::WWW::Proxy ('@sysconfdir@/opensrf_core.xml');
 use OpenILS::WWW::Vandelay qw( @sysconfdir@/opensrf_core.xml );
 use OpenILS::WWW::TemplateBatchBibUpdate qw( @sysconfdir@/opensrf_core.xml );
 use OpenILS::WWW::EGWeb;
-use OpenILS::WWW::PasswordReset ('@sysconfdir@/opensrf_core.xml');
 use OpenILS::WWW::IDL2js ('@sysconfdir@/opensrf_core.xml');
 use OpenILS::WWW::FlatFielder;
 
diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in
index bf58315a12..66819b8823 100644
--- a/Open-ILS/examples/apache/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache/eg_vhost.conf.in
@@ -294,21 +294,6 @@ RewriteRule .? - [E=locale:%{HTTP:Accept-Language}]
     allow from all
 </LocationMatch>
 
-# ----------------------------------------------------------------------------------
-# Self-serve password interface
-# ----------------------------------------------------------------------------------
-<Location /opac/password>
-    SetHandler perl-script
-    PerlHandler OpenILS::WWW::PasswordReset::password_reset
-    Options +ExecCGI
-    PerlSendHeader On
-    allow from all
-
-    # Force clients to use HTTPS
-    RewriteCond %{HTTPS} !=on [NC]
-    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
-</Location>
-
 # ----------------------------------------------------------------------------------
 # Supercat feeds
 # ----------------------------------------------------------------------------------
diff --git a/Open-ILS/examples/apache_24/eg.conf.in b/Open-ILS/examples/apache_24/eg.conf.in
index a62c476f8b..fb5e00bf2a 100644
--- a/Open-ILS/examples/apache_24/eg.conf.in
+++ b/Open-ILS/examples/apache_24/eg.conf.in
@@ -18,7 +18,6 @@ PerlRequire /etc/apache2/eg_startup
 PerlChildInitHandler OpenILS::WWW::Reporter::child_init
 PerlChildInitHandler OpenILS::WWW::SuperCat::child_init
 PerlChildInitHandler OpenILS::WWW::AddedContent::child_init
-PerlChildInitHandler OpenILS::WWW::PasswordReset::child_init
 PerlChildInitHandler OpenILS::WWW::AutoSuggest::child_init
 
 # ----------------------------------------------------------------------------------
diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in
index f8537d4cf4..57378c774f 100644
--- a/Open-ILS/examples/apache_24/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in
@@ -298,21 +298,6 @@ RewriteRule .? - [E=locale:%{HTTP:Accept-Language}]
     Require all granted 
 </LocationMatch>
 
-# ----------------------------------------------------------------------------------
-# Self-serve password interface
-# ----------------------------------------------------------------------------------
-<Location /opac/password>
-    SetHandler perl-script
-    PerlHandler OpenILS::WWW::PasswordReset::password_reset
-    Options +ExecCGI
-    PerlSendHeader On
-    Require all granted 
-
-    # Force clients to use HTTPS
-    RewriteCond %{HTTPS} !=on [NC]
-    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
-</Location>
-
 # ----------------------------------------------------------------------------------
 # Supercat feeds
 # ----------------------------------------------------------------------------------
diff --git a/Open-ILS/src/perlmods/MANIFEST b/Open-ILS/src/perlmods/MANIFEST
index 9f30b977ec..aec48d804a 100644
--- a/Open-ILS/src/perlmods/MANIFEST
+++ b/Open-ILS/src/perlmods/MANIFEST
@@ -164,7 +164,6 @@ lib/OpenILS/WWW/BadDebt.pm
 lib/OpenILS/WWW/EGWeb.pm
 lib/OpenILS/WWW/Exporter.pm
 lib/OpenILS/WWW/IDL2js.pm
-lib/OpenILS/WWW/PasswordReset.pm
 lib/OpenILS/WWW/Proxy.pm
 lib/OpenILS/WWW/Redirect.pm
 lib/OpenILS/WWW/Reporter.pm
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/PasswordReset.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/PasswordReset.pm
deleted file mode 100644
index 150a586ea0..0000000000
--- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/PasswordReset.pm
+++ /dev/null
@@ -1,219 +0,0 @@
-package OpenILS::WWW::PasswordReset;
-
-# Copyright (C) 2010 Laurentian University
-# Dan Scott <dscott@laurentian.ca>
-# 
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
-
-use strict; use warnings;
-
-use Apache2::Log;
-use Apache2::Const -compile => qw(OK REDIRECT DECLINED NOT_FOUND :log);
-use APR::Const    -compile => qw(:error SUCCESS);
-use Apache2::RequestRec ();
-use Apache2::RequestIO ();
-use Apache2::RequestUtil;
-use CGI;
-use Template;
-
-use OpenSRF::EX qw(:try);
-use OpenSRF::Utils qw/:datetime/;
-use OpenSRF::Utils::Cache;
-use OpenSRF::System;
-use OpenSRF::AppSession;
-
-use OpenILS::Utils::Fieldmapper;
-use OpenSRF::Utils::Logger qw/$logger/;
-use OpenILS::Application::AppUtils;
-use OpenILS::Utils::CStoreEditor qw/:funcs/;
-
-my $log = 'OpenSRF::Utils::Logger';
-my $U = 'OpenILS::Application::AppUtils';
-
-my ($bootstrap, $actor, $templates);
-my $i18n = {};
-my $init_done = 0; # has child_init been called?
-
-sub import {
-    my $self = shift;
-    $bootstrap = shift;
-}
-
-sub child_init {
-    OpenSRF::System->bootstrap_client( config_file => $bootstrap );
-    
-    my $conf = OpenSRF::Utils::SettingsClient->new();
-    my $idl = $conf->config_value("IDL");
-    Fieldmapper->import(IDL => $idl);
-    $templates = $conf->config_value("dirs", "templates");
-    $actor = OpenSRF::AppSession->create('open-ils.actor');
-    load_i18n();
-    $init_done = 1;
-    return Apache2::Const::OK;
-}
-
-sub password_reset {
-    my $apache = shift;
-
-    child_init() unless $init_done;
-
-    return Apache2::Const::DECLINED if (-e $apache->filename);
-
-    $apache->content_type('text/html');
-
-    my $cgi = new CGI;
-    my $ctx = {};
-
-    $ctx->{'uri'} = $apache->uri;
-
-    # Get our locale from the URL
-    (my $locale = $apache->path_info) =~ s{^.*?/([a-z]{2}-[A-Z]{2})/.*?$}{$1};
-    if (!$locale) {
-        $locale = 'en-US';
-    }
-
-    # If locale exists, use it; otherwise fall back to en-US
-    if (exists $i18n->{$locale}) {
-        $ctx->{'i18n'} = $i18n->{$locale};
-    } else {
-        $ctx->{'i18n'} = $i18n->{'en-US'};
-    }
-
-    my $tt = Template->new({
-        INCLUDE_PATH => $templates
-    }) || die "$Template::ERROR\n";
-
-    # Get our UUID: if no UUID, then display barcode / username / email prompt
-    (my $uuid = $apache->path_info) =~ s{^/$locale/([^/]*?)$}{$1};
-    $logger->info("Password reset: UUID = $uuid");
-
-    if (!$uuid) {
-        request_password_reset($apache, $cgi, $tt, $ctx);
-    } else {
-        reset_password($apache, $cgi, $tt, $ctx, $uuid);
-    }
-}
-
-sub reset_password {
-    my ($apache, $cgi, $tt, $ctx, $uuid) = @_;
-
-    my $password_1 = $cgi->param('pwd1');
-    my $password_2 = $cgi->param('pwd2');
-
-    $ctx->{'title'} = $ctx->{'i18n'}{'TITLE'};
-    $ctx->{'password_prompt'} = $ctx->{'i18n'}{'PASSWORD_PROMPT'};
-    $ctx->{'password_prompt2'} = $ctx->{'i18n'}{'PASSWORD_PROMPT2'};
-
-    # In case non-matching passwords slip through our funky Web interface
-    if ($password_1 and $password_2 and ($password_1 ne $password_2)) {
-        $ctx->{'status'} = {
-            style => 'error',
-            msg => $ctx->{'i18n'}{'NO_MATCH'}
-        };
-        $tt->process('password-reset/reset-form.tt2', $ctx)
-            || die $tt->error();
-        return Apache2::Const::OK;
-    }
-
-    if ($password_1 and $password_2 and ($password_1 eq $password_2)) {
-        my $response = $actor->request('open-ils.actor.patron.password_reset.commit', $uuid, $password_1)->gather();
-        if (ref($response) && $response->{'textcode'}) {
-
-            if ($response->{'textcode'} eq 'PATRON_NOT_AN_ACTIVE_PASSWORD_RESET_REQUEST') {
-                $ctx->{'status'} = { 
-                    style => 'error',
-                    msg => $ctx->{'i18n'}{'NOT_ACTIVE'}
-
-                };
-            }
-            if ($response->{'textcode'} eq 'PATRON_PASSWORD_WAS_NOT_STRONG') {
-                $ctx->{'status'} = { 
-                    style => 'error',
-                    msg => $ctx->{'i18n'}{'NOT_STRONG'}
-
-                };
-            }
-            $tt->process('password-reset/reset-form.tt2', $ctx)
-                || die $tt->error();
-            return Apache2::Const::OK;
-        }
-        $ctx->{'status'} = { 
-            style => 'success',
-            msg => $ctx->{'i18n'}{'SUCCESS'}
-        };
-    }
-
-    # Either the password change was successful, or this is their first time through
-    $tt->process('password-reset/reset-form.tt2', $ctx)
-        || die $tt->error();
-
-    return Apache2::Const::OK;
-}
-
-# Load our localized strings - lame, need to convert to Locale::Maketext
-sub load_i18n {
-    foreach my $string_bundle (glob("$templates/password-reset/strings.*")) {
-        open(I18NFH, '<', $string_bundle);
-        (my $locale = $string_bundle) =~ s/^.*\.([a-z]{2}-[A-Z]{2})$/$1/;
-        $logger->debug("Loaded locale [$locale] from file: [$string_bundle]");
-        while(<I18NFH>) {
-            my ($string_id, $string) = ($_ =~ m/^(.+?)=(.*?)$/);
-            $i18n->{$locale}{$string_id} = $string;
-        }
-        close(I18NFH);
-    }
-}
-
-sub request_password_reset {
-    my ($apache, $cgi, $tt, $ctx) = @_;
-
-    my $barcode = $cgi->param('barcode');
-    my $username = $cgi->param('username');
-    my $email = $cgi->param('email');
-
-    if (!($barcode or $username or $email)) {
-        $ctx->{'status'} = {
-            style => 'plain',
-            msg => $ctx->{'i18n'}{'IDENTIFY_YOURSELF'}
-        };
-        $tt->process('password-reset/request-form.tt2', $ctx)
-            || die $tt->error();
-        return Apache2::Const::OK;
-    } elsif ($barcode) {
-        my $response = $actor->request('open-ils.actor.patron.password_reset.request', 'barcode', $barcode)->gather();
-        $ctx->{'status'} = {
-            style => 'plain',
-            msg => $ctx->{'i18n'}{'REQUEST_SUCCESS'}
-        };
-        # Hide form
-        $tt->process('password-reset/request-form.tt2', $ctx)
-            || die $tt->error();
-        return Apache2::Const::OK;
-    } elsif ($username) {
-        my $response = $actor->request('open-ils.actor.patron.password_reset.request', 'username', $username)->gather();
-        $ctx->{'status'} = {
-            style => 'plain',
-            msg => $ctx->{'i18n'}{'REQUEST_SUCCESS'}
-        };
-        # Hide form
-        $tt->process('password-reset/request-form.tt2', $ctx)
-            || die $tt->error();
-        return Apache2::Const::OK;
-    }
-}
-
-1;
-
-# vim: et:ts=4:sw=4
diff --git a/Open-ILS/src/perlmods/t/15-OpenILS-WWW.t b/Open-ILS/src/perlmods/t/15-OpenILS-WWW.t
index 355449b9e8..d55e809519 100644
--- a/Open-ILS/src/perlmods/t/15-OpenILS-WWW.t
+++ b/Open-ILS/src/perlmods/t/15-OpenILS-WWW.t
@@ -1,12 +1,11 @@
 #!perl -T
 
-use Test::More tests => 10;
+use Test::More tests => 9;
 
 use_ok( 'OpenILS::WWW::BadDebt' );
 use_ok( 'OpenILS::WWW::EGWeb' );
 use_ok( 'OpenILS::WWW::Exporter' );
 use_ok( 'OpenILS::WWW::IDL2js' );
-use_ok( 'OpenILS::WWW::PasswordReset' );
 use_ok( 'OpenILS::WWW::Proxy' );
 use_ok( 'OpenILS::WWW::Redirect' );
 use_ok( 'OpenILS::WWW::TemplateBatchBibUpdate' );
diff --git a/Open-ILS/src/templates/password-reset/request-form.tt2 b/Open-ILS/src/templates/password-reset/request-form.tt2
deleted file mode 100644
index 10079cf5f6..0000000000
--- a/Open-ILS/src/templates/password-reset/request-form.tt2
+++ /dev/null
@@ -1,33 +0,0 @@
-<html>
-<head>
-  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-  <title>[% i18n.REQUEST_TITLE %]</title>
-  <link rel="stylesheet" type="text/css" href="/js/dojo/dijit/themes/tundra/tundra.css" />
-  <style type="text/css">
-    body, html { font-family:helvetica,arial,sans-serif; }
-  </style>
-</head>
-<body class="tundra">
-  <h1>[% i18n.REQUEST_TITLE %]</h1>
-  <p class='[% status.style %]'>[% status.msg %]</p>
-  <form method="post" action="[% uri %]" id="requestPwdReset">
-    <table>
-      <tr>
-        <td><label for="barcode">[% i18n.BARCODE_PROMPT %] </label></td>
-        <td><input type="text" id="barcode" name="barcode" dojoType="dijit.form.TextBox"/></td>
-      </tr>
-      <tr>
-        <td><label for="username">[% i18n.USERNAME_PROMPT %] </label></td>
-        <td><input type="text" id="username" name="username" dojoType="dijit.form.TextBox"/></td>
-      </tr>
-    </table>
-    <!--<label for="email">[% i18n.EMAIL_PROMPT %] </label><input type="text" name="email"/></br>-->
-    <button name="submit" id="submitButton" type="submit" dojoType="dijit.form.Button">[% i18n.BUTTON_SUBMIT %]</button>
-  </form>
-</body>
-<script type="text/javascript" src="/js/dojo/dojo/dojo.js" djConfig="parseOnLoad: true"></script>
-<script type="text/javascript">
-  dojo.require("dijit.form.Button");
-  dojo.require("dijit.form.ValidationTextBox");
-</script>
-</html>
diff --git a/Open-ILS/src/templates/password-reset/reset-form.tt2 b/Open-ILS/src/templates/password-reset/reset-form.tt2
deleted file mode 100644
index 81a8258ef6..0000000000
--- a/Open-ILS/src/templates/password-reset/reset-form.tt2
+++ /dev/null
@@ -1,17 +0,0 @@
-<html>
-<head>
-  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-  <title>[% title %]</title>
-</head>
-<body>
-  <h1>[% title %]</h1>
-<p class='[% status.style %]'>[% status.msg %]</p>
-<form method="post" action="[% uri %]">
-    <div>
-        <label for="pwd1">[% password_prompt %] </label><input type="password" name="pwd1"/></br>
-        <label for="pwd2">[% password_prompt2 %]  </label><input type="password" name="pwd2"/></br>
-        <button name="submit" id="submitButton" type="submit">[% i18n.BUTTON_SUBMIT %]</button>
-    </div>
-</form>
-</body>
-</html>
diff --git a/Open-ILS/src/templates/password-reset/strings.en-US b/Open-ILS/src/templates/password-reset/strings.en-US
deleted file mode 100644
index 9b85980243..0000000000
--- a/Open-ILS/src/templates/password-reset/strings.en-US
+++ /dev/null
@@ -1,15 +0,0 @@
-BUTTON_SUBMIT=Submit
-REQUEST_TITLE=Library system password reset request form
-IDENTIFY_YOURSELF=Please enter your user name or barcode to identify your library account and request a password reset.
-REQUEST_SUCCESS=Your user name or barcode has been submitted for a password reset. If a matching account with an email address is found, you will soon receive an email at that address with further instructions for resetting your password.
-BARCODE_PROMPT=Barcode:
-USERNAME_PROMPT=User name:
-EMAIL_PROMPT=Email address associated with the account:
-NO_SESSION=Could not find the requested password reset session.
-NO_MATCH=Passwords did not match. Please try again
-NOT_ACTIVE=This was not an active password reset request. Your password has not been reset.
-NOT_STRONG=The password you chose was not considered complex enough to protect your account. Your password has not been reset.
-SUCCESS=Password has been reset.
-TITLE=Library system password reset
-PASSWORD_PROMPT=New password: 
-PASSWORD_PROMPT2=Re-enter new password: 
diff --git a/Open-ILS/src/templates/password-reset/strings.fr-CA b/Open-ILS/src/templates/password-reset/strings.fr-CA
deleted file mode 100644
index 2dad2aca7d..0000000000
--- a/Open-ILS/src/templates/password-reset/strings.fr-CA
+++ /dev/null
@@ -1,15 +0,0 @@
-BUTTON_SUBMIT=Envoyer
-REQUEST_TITLE=Formulaire de demande de réinitialisation du mot de passe du réseau de la Bibliothèque
-IDENTIFY_YOURSELF=Entrez votre nom d’utilisateur ou votre code à barres pour indiquer votre compte de bibliothèque et demander la réinitialisation de votre mot de passe.
-REQUEST_SUCCESS=Votre nom d’utilisateur ou votre code à barres a été présenté pour la réinitialisation de votre mot de passe. S’il existe un compte correspondant assorti d’une adresse électronique, vous recevrez bientôt à cette adresse un message contenant les instructions pour réinitialiser votre mot de passe.
-BARCODE_PROMPT=Code à barres :
-USERNAME_PROMPT=Nom d’utilisateur :
-EMAIL_PROMPT=Adresse électronique liée au compte :
-NO_SESSION=Impossible de trouver la session de réinitialisation du mot de passe demandée.
-NO_MATCH=Les mots de passe ne concordent pas. Veuillez réessayer.
-NOT_ACTIVE=Cette demande de réinitialisation du mot de passe est inactive. Votre mot de passe n’a pas été réinitialisé.
-NOT_STRONG=Le mot de passe que vous avez choisi n’est pas assez complexe pour protéger votre compte. Votre mot de passe n’a pas été réinitialisé.
-SUCCESS=Mot de passe réinitialisé.
-TITLE=Réinitialiser le mot de passe du réseau de la Bibliothèque
-PASSWORD_PROMPT=Nouveau mot de passe :
-PASSWORD_PROMPT2=Entrez de nouveau le mot de passe :
-- 
2.43.2