introducing protected mode: if active, people will need the server password to register on private servers. fixes #16

16 years ago · 19c452e837
7 changed files with 70 additions and 6 deletions
--- a/pyweb/mumble/forms.py
+++ b/pyweb/mumble/forms.py
@ -45,11 +45,47 @@ class MumbleForm( ModelForm ):
 class MumbleUserForm( ModelForm ):
 	"""The user registration form used to register an account."""
 	def clean_name( self ):
 		name = self.cleaned_data['name'];
 		if not self.instance.id and len( self.server.ctl.getRegisteredPlayers( self.server.srvid, name ) ) > 0:
 			raise forms.ValidationError( _( "Another player already registered that name." ) );
 		return name;
 	def clean_password( self ):
 		pw = self.cleaned_data['password'];
 		if not pw:
 			raise forms.ValidationError( _( "Cannot register player without a password!" ) );
 		return pw;
 	class Meta:
 		model   = MumbleUser;
 		fields  = ( 'name', 'password' );
 class MumbleUserPasswordForm( MumbleUserForm ):
 	"""The user registration form used to register an account on a private server in protected mode."""
 	serverpw = forms.CharField(
 		label=_('Server Password'),
 		help_text=_('This server is private and protected mode is active. Please enter the server password.'),
 		widget=forms.PasswordInput(render_value=False)
 		);
 	def clean_serverpw( self ):
 		# Validate the password
 		serverpw = self.cleaned_data['serverpw'];
 		if self.server.passwd != serverpw:
 			raise forms.ValidationError( _( "The password you entered is incorrect." ) );
 		return serverpw;
 	def clean( self ):
 		# prevent save() from trying to store the password in the Model instance
 		# clean() will be called after clean_serverpw(), so it has already been validated here.
 		if 'serverpw' in self.cleaned_data:
 			del( self.cleaned_data['serverpw'] );
 		return self.cleaned_data;
 class MumbleTextureForm( Form ):
 	"""The form used to upload a new image to be set as texture."""
 	texturefile = forms.ImageField();
--- a/pyweb/mumble/locale/de/LC_MESSAGES/django.mo
+++ b/pyweb/mumble/locale/de/LC_MESSAGES/django.mo
--- a/pyweb/mumble/locale/de/LC_MESSAGES/django.po
+++ b/pyweb/mumble/locale/de/LC_MESSAGES/django.po
@ -363,3 +363,10 @@ msgstr "Registrierung"
 msgid "Administration"
 msgstr "Administration"
 msgid "This server is private and protected mode is active. Please enter the server password."
 msgstr "Dieser Server ist privat und der Registrierungsschutz ist aktiv. Bitte gib das Serverpasswort ein."
 msgid "The password you entered is incorrect."
 msgstr "Das eingegebene Passwort ist falsch"
--- a/pyweb/mumble/locale/la/LC_MESSAGES/django.mo
+++ b/pyweb/mumble/locale/la/LC_MESSAGES/django.mo
--- a/pyweb/mumble/locale/la/LC_MESSAGES/django.po
+++ b/pyweb/mumble/locale/la/LC_MESSAGES/django.po
@ -1,4 +1,4 @@
 # German translation file for Mumble-Django.
 # (Iggypay) Latin translation file for Mumble-Django.
 #
 # Copyright (C) 2009, Michael "Svedrin" Ziegler <diese-addy@funzt-halt.net>
 #
@ -359,3 +359,9 @@ msgstr "Egistrationray"
 msgid "Administration"
 msgstr "Inistrationadmay"
 msgid "This server is private and protected mode is active. Please enter the server password."
 msgstr "Isthay erversay is ivatepray and otectedpray odemay is iveactay. Easeplay erentay the erversay asswordpay."
 msgid "The password you entered is incorrect."
 msgstr "The asswordpay you eredentay is orrectincay."
--- a/pyweb/mumble/views.py
+++ b/pyweb/mumble/views.py
@ -21,6 +21,7 @@ from django.template			import RequestContext
 from django.http			import Http404, HttpResponse, HttpResponseRedirect
 from django.core.urlresolvers		import reverse
 from django.contrib.auth.decorators	import login_required
 from django.conf			import settings
 from models				import Mumble, MumbleUser
 from forms				import *
@ -61,12 +62,11 @@ def show( request, server ):
 	if isAdmin:
 		if request.method == 'POST' and "mode" in request.POST and request.POST['mode'] == 'admin':
 			adminform = MumbleForm( request.POST, instance=srv );
 			# In case we redisplay the page, it was displayed with errors on the admin form, so tell
 			# Ext to show the admin form tab first.
 			displayTab = 1;
 			if adminform.is_valid():
 				adminform.save();
 				return HttpResponseRedirect( '/mumble/%d' % int(server) );
 			else:
 				displayTab = 2;
 		else:
 			adminform = MumbleForm( instance=srv );
 	else:
@ -76,11 +76,18 @@ def show( request, server ):
 	user = None;
 	if request.user.is_authenticated():
 		# Unregistered users may or may not need a password to register.
 		if settings.PROTECTED_MODE and srv.passwd:
 			unregged_user_form = MumbleUserPasswordForm;
 		else:
 			unregged_user_form = MumbleUserForm;
 		if request.method == 'POST' and 'mode' in request.POST and request.POST['mode'] == 'reg':
 			try:
 				user    = MumbleUser.objects.get( server=srv, owner=request.user );
 			except MumbleUser.DoesNotExist:
 				regform = MumbleUserForm( request.POST );
 				regform = unregged_user_form( request.POST );
 				regform.server = srv;
 				if regform.is_valid():
 					model = regform.save( commit=False );
 					model.isAdmin = False;
@ -88,16 +95,20 @@ def show( request, server ):
 					model.owner   = request.user;
 					model.save();
 					return HttpResponseRedirect( '/mumble/%d' % int(server) );
 				else:
 					displayTab = 1;
 			else:
 				regform = MumbleUserForm( request.POST, instance=user );
 				if regform.is_valid():
 					regform.save();
 					return HttpResponseRedirect( '/mumble/%d' % int(server) );
 				else:
 					displayTab = 1;
 		else:
 			try:
 				user  = MumbleUser.objects.get( server=srv, owner=request.user );
 			except MumbleUser.DoesNotExist:
 				regform = MumbleUserForm();
 				regform = unregged_user_form();
 			else:
 				regform = MumbleUserForm( instance=user );
 				registered = True;
--- a/pyweb/settings.py
+++ b/pyweb/settings.py
@ -71,6 +71,10 @@ ACCOUNT_ACTIVATION_DAYS = 30
 # Default mumble port. If your server runs under this port, it will not be included in the links in the Channel Viewer.
 MUMBLE_DEFAULT_PORT = 64738
 # Protect the registration form for private servers?
 # If set to True, people will need to enter the server password in order to create accounts.
 PROTECTED_MODE = False
 # Database settings for Mumble-Django's database. These do NOT need to point to Murmur's database,
 # Mumble-Django should use its own!
 DATABASE_ENGINE = 'sqlite3'