[Checkins] SVN: z3c.password/branches/adamg-options/src/z3c/password/principal. lockOutPeriod did not work as expected

Adam Groszer agroszer at gmail.com
Sun Jun 14 10:43:36 EDT 2009 

Log message for revision 100950:
  lockOutPeriod did not work as expected

Changed:
  U   z3c.password/branches/adamg-options/src/z3c/password/principal.py
  U   z3c.password/branches/adamg-options/src/z3c/password/principal.txt

-=-
Modified: z3c.password/branches/adamg-options/src/z3c/password/principal.py
===================================================================
--- z3c.password/branches/adamg-options/src/z3c/password/principal.py	2009-06-14 14:15:47 UTC (rev 100949)
+++ z3c.password/branches/adamg-options/src/z3c/password/principal.py	2009-06-14 14:43:36 UTC (rev 100950)
@@ -58,7 +58,9 @@
 
         if not ignoreFailures and self.lastFailedAttempt is not None:
             attempts = self._maxFailedAttempts()
-            if attempts is not None and self.failedAttempts > attempts:
+            #this one needs to be >=, because... data just does not
+            #get saved on an exception when running under of a full Zope env.
+            if attempts is not None and self.failedAttempts >= attempts:
                 lockPeriod = self._lockOutPeriod()
                 if lockPeriod is not None:
                     #check if the user locked himself

Modified: z3c.password/branches/adamg-options/src/z3c/password/principal.txt
===================================================================
--- z3c.password/branches/adamg-options/src/z3c/password/principal.txt	2009-06-14 14:15:47 UTC (rev 100949)
+++ z3c.password/branches/adamg-options/src/z3c/password/principal.txt	2009-06-14 14:43:36 UTC (rev 100950)
@@ -409,16 +409,10 @@
   >>> user.checkPassword('456456')
   False
 
-  >>> NOW = datetime.datetime(2009, 6, 14, 13, 0)+datetime.timedelta(minutes=4)
-  >>> user.checkPassword('456456')
-  Traceback (most recent call last):
-  ...
-  TooManyLoginFailures: The password was entered incorrectly too often.
-
 The timestamp of the last bad try is recorded:
 
   >>> user.lastFailedAttempt
-  datetime.datetime(2009, 6, 14, 13, 4)
+  datetime.datetime(2009, 6, 14, 13, 3)
 
 The user cannot login within the next 60 minutes.
 
@@ -493,16 +487,10 @@
   >>> user.checkPassword('456456')
   False
 
-  >>> NOW = datetime.datetime(2009, 6, 14, 13, 0)+datetime.timedelta(minutes=4)
-  >>> user.checkPassword('456456')
-  Traceback (most recent call last):
-  ...
-  TooManyLoginFailures: The password was entered incorrectly too often.
-
 The timestamp of the last bad try is recorded:
 
   >>> user.lastFailedAttempt
-  datetime.datetime(2009, 6, 14, 13, 4)
+  datetime.datetime(2009, 6, 14, 13, 3)
 
 The user cannot login within the next 60 minutes.

More information about the Checkins mailing list