From 133a7756fce9f77b9ec3beb8e590cf6e1e626a73 Mon Sep 17 00:00:00 2001
From: phasefx <phasefx@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Thu, 3 Jun 2010 19:33:11 +0000
Subject: [PATCH] org unit setting for requiring a matching email for password
 reset requests (no UI support yet)

git-svn-id: svn://svn.open-ils.org/ILS/trunk@16584 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/src/perlmods/OpenILS/Application/Actor.pm   | 13 +++++++++++--
 Open-ILS/src/sql/Pg/002.schema.config.sql            |  2 +-
 Open-ILS/src/sql/Pg/950.data.seed-values.sql         | 16 ++++++++++++++++
 .../0290.data.org-setting-password-reset-request.sql | 20 ++++++++++++++++++++
 4 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 Open-ILS/src/sql/Pg/upgrade/0290.data.org-setting-password-reset-request.sql

diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
index 4a347ba119..dc7058f785 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
@@ -3696,12 +3696,13 @@ __PACKAGE__->register_method(
         params => [
             { desc => 'user_id_type', type => 'string' },
             { desc => 'user_id', type => 'string' },
+            { desc => 'optional (based on library setting) matching email address for authorizing request', type => 'string' },
         ],
         return => {desc => '1 on success, Event on error'}
     }
 );
 sub request_password_reset {
-    my($self, $conn, $user_id_type, $user_id) = @_;
+    my($self, $conn, $user_id_type, $user_id, $email) = @_;
 
     # Check to see if password reset requests are already being throttled:
     # 0. Check cache to see if we're in throttle mode (avoid hitting database)
@@ -3726,12 +3727,20 @@ sub request_password_reset {
         }
         $user = $card->usr;
     }
-
+    
     # If the user doesn't have an email address, we can't help them
     if (!$user->email) {
         $e->die_event;
         return OpenILS::Event->new('PATRON_NO_EMAIL_ADDRESS');
     }
+    
+    my $email_must_match = $U->ou_ancestor_setting_value($user->home_ou, 'circ.password_reset_request_requires_matching_email');
+    if ($email_must_match) {
+        if ($user->email ne $email) {
+            return OpenILS::Event->new('EMAIL_VERIFICATION_FAILED');
+        }
+    }
+
     _reset_password_request($conn, $e, $user);
 }
 
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 2b3bbe6c8d..6c20c9ed56 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -65,7 +65,7 @@ CREATE TABLE config.upgrade_log (
     install_date    TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
 );
 
-INSERT INTO config.upgrade_log (version) VALUES ('0289'); -- phasefx
+INSERT INTO config.upgrade_log (version) VALUES ('0290'); -- phasefx
 
 CREATE TABLE config.bib_source (
 	id		SERIAL	PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index d0a1b118e5..10a48e897d 100644
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -2079,6 +2079,22 @@ INSERT INTO config.org_unit_setting_type ( name, label, description, datatype )
         'bool'
 );
 
+-- 0290.data.org-setting-password-reset-request.sql
+INSERT INTO config.org_unit_setting_type ( name, label, description, datatype ) VALUES (
+        'circ.password_reset_request_requires_matching_email',
+        oils_i18n_gettext(
+            'circ.password_reset_request_requires_matching_email',
+            'Circulation: Require matching email address for password reset requests', 
+            'coust', 
+            'label'),
+        oils_i18n_gettext(
+            'circ.password_reset_request_requires_matching_email',
+            'Circulation: Require matching email address for password reset requests', 
+            'coust', 
+            'description'),
+        'bool'
+);
+
 -- Org_unit_setting_type(s) that need an fm_class:
 INSERT into config.org_unit_setting_type
 ( name, label, description, datatype, fm_class ) VALUES
diff --git a/Open-ILS/src/sql/Pg/upgrade/0290.data.org-setting-password-reset-request.sql b/Open-ILS/src/sql/Pg/upgrade/0290.data.org-setting-password-reset-request.sql
new file mode 100644
index 0000000000..b00b4174da
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/0290.data.org-setting-password-reset-request.sql
@@ -0,0 +1,20 @@
+BEGIN;
+
+INSERT INTO config.upgrade_log (version) VALUES ('0290'); -- phasefx
+
+INSERT INTO config.org_unit_setting_type ( name, label, description, datatype ) VALUES (
+        'circ.password_reset_request_requires_matching_email',
+        oils_i18n_gettext(
+            'circ.password_reset_request_requires_matching_email',
+            'Circulation: Require matching email address for password reset requests', 
+            'coust', 
+            'label'),
+        oils_i18n_gettext(
+            'circ.password_reset_request_requires_matching_email',
+            'Circulation: Require matching email address for password reset requests', 
+            'coust', 
+            'description'),
+        'bool'
+);
+
+COMMIT;
-- 
2.11.0