Hi all!
I am new to the list, so here goes a BIG FAT THANKS to all of you guys doing all this hard work so we can enjoy a nice, clutter-free webmail. Kudos! :)
Now, I just set up a simple postfix+dovecot+postgres virtual-domain mail server, and I want the users of this setup to be able to change their passwords without "bothering me" :)
I checked the available tickets first, and found out that there is at least one ticket (#1484558) that asks for pretty much the same stuff that I wanted, so I decided to code it and see if you want it into the tree.
I uploaded my patch to TRAC, and I am sending the patch and my comment posted there by email simply for redundancy's sake :)
--- Posted to TRAC, http://trac.roundcube.net/ticket/1484558 ---
My patch implements a simple RPC dialog so that admins can set a nice URL in the main.config via a new config variable ($rcmail_config['change_password_rpc']) pointing to where the change-password requests will be POSTed from the simple GUI form.
I have added a tab called 'Passwords' in the 'Personal Settings', showing the so-common form with username, old pass, new pass and confirm pass. I also show the IMAP server, in case this information could be relevant to the admin changing the password.
By letting the user choose the username, a user with more than one identity can change all the passwords easily. In any case, in a further patch, it would be good to limit the username field to only the identities of the user.
I have also added an example file of an RPC similar to one I use to change my user passwords in my setup described above. I have added it to the SVN tree so that the diff showed it nicely, but surely this should only be in an examples folder, as it is not RC job to do all that.
I have tried to code everything following the RC style, but no-one is perfect. Please tell me if I should change files around, etc.
* Limit the username field to only the identities of the user.
* Add one of those "password strength meters" to the form so that
users can see when their passwords are crap weak :)
* Clean up the RPC part and generalize it so that more backends
(such as the one requested in this ticket) can be plugged in.
As a side note, I think that this functionality could be generalised into a core component for password changing so that RC could play nicely with other RPCs indicating the password encoding scheme, etc. Perhaps, it could be generalised into a "plugin" architecture, where the plugins could talk RPC to other web services :-? I will go and see if you guys have stuff published on your wiki about the plugin architecture :)
Anyways, hope you find it useful!
Cheers,
On Jan 8, 2008 3:24 AM, J. Javier Maestro roundcube-devel@nosys.es wrote:
Hi all!
I am new to the list, so here goes a BIG FAT THANKS to all of you guys doing all this hard work so we can enjoy a nice, clutter-free webmail. Kudos! :)
Now, I just set up a simple postfix+dovecot+postgres virtual-domain mail server, and I want the users of this setup to be able to change their passwords without "bothering me" :)
I checked the available tickets first, and found out that there is at least one ticket (#1484558) that asks for pretty much the same stuff that I wanted, so I decided to code it and see if you want it into the tree.
I uploaded my patch to TRAC, and I am sending the patch and my comment posted there by email simply for redundancy's sake :)
--- Posted to TRAC, http://trac.roundcube.net/ticket/1484558 ---
PATCH: (against rev. 950)
My patch implements a simple RPC dialog so that admins can set a nice URL in the main.config via a new config variable ($rcmail_config['change_password_rpc']) pointing to where the change-password requests will be POSTed from the simple GUI form.
I have added a tab called 'Passwords' in the 'Personal Settings', showing the so-common form with username, old pass, new pass and confirm pass. I also show the IMAP server, in case this information could be relevant to the admin changing the password.
By letting the user choose the username, a user with more than one identity can change all the passwords easily. In any case, in a further patch, it would be good to limit the username field to only the identities of the user.
I have also added an example file of an RPC similar to one I use to change my user passwords in my setup described above. I have added it to the SVN tree so that the diff showed it nicely, but surely this should only be in an examples folder, as it is not RC job to do all that.
I have tried to code everything following the RC style, but no-one is perfect. Please tell me if I should change files around, etc.
Whishlist:
* Limit the username field to only the identities of the user. * Add one of those "password strength meters" to the form so that users can see when their passwords are crap weak :) * Clean up the RPC part and generalize it so that more backends (such as the one requested in this ticket) can be plugged in.
As a side note, I think that this functionality could be generalised into a core component for password changing so that RC could play nicely with other RPCs indicating the password encoding scheme, etc. Perhaps, it could be generalised into a "plugin" architecture, where the plugins could talk RPC to other web services :-? I will go and see if you guys have stuff published on your wiki about the plugin architecture :)
Anyways, hope you find it useful!
Cheers,
-- J. Javier Maestro jjmaestro@nosys.es Socio Consultor - Nosys AJjV S.L.
--- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/Xs/+xcKcymH/change_passwords-pat.tgz Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< ---
Good job, very interesting feature but IMO too centric to a certain setup to be included right away.
I have some plans to commit some changes in the coming days and clean up all code so we can finally merge some branches and continue to work on the Plugin API. This would likely to be included as a plugin and not in "core".
Till _______________________________________________ List info: http://lists.roundcube.net/dev/
On Jan Tue 08 2008 03:40, till wrote:
On Jan 8, 2008 3:24 AM, J. Javier Maestro roundcube-devel@nosys.es wrote:
Good job, very interesting feature
Thanks! :)
but IMO too centric to a certain setup to be included right away.
Well, I tried to make it as black-box as possible, meaning that from RC's perspective, there is only: - an extra tab with its extra hooks - a function that sends a POST to the RPC that might answer SUCCESS or FAILURE. This function show the OK or ERR messages.
The only thing I consider specific is the RPC example file I sent, which is a quick and dirty hack to show how it could be done with dovecot, etc.
I have some plans to commit some changes in the coming days and clean up all code so we can finally merge some branches and continue to work on the Plugin API. This would likely to be included as a plugin and not in "core".
Great :) We have the same thoughts then ;)
Thanks for the feedback,
Well...
<rant mode on>
I have just registered in the forums and I just found out that there are ***many*** (as in jesus-christ-sooo-many), almost exact solutions to this problem, under the "plugins" forum.
I think my solution is cleaner than a few that I have seen because it delegates the password changing by RPC.
In any case... I don't understand why there is sooooo much un-ordered stuff in the forums and why people don't spend the time to actually go to TRAC and open-close-comment, etc, on the tickets, and submit patches, clean and ordered patches, so that people can benefit faster from their work.
Perhaps a sticky post reminding people to actually do that might work :-?
</rant mode off>
There, I said it out loud... 8)
cheers,
On Jan 8, 2008 4:12 AM, J. Javier Maestro roundcube-devel@nosys.es wrote:
Well...
<rant mode on>
I have just registered in the forums and I just found out that there are ***many*** (as in jesus-christ-sooo-many), almost exact solutions to this problem, under the "plugins" forum.
I think my solution is cleaner than a few that I have seen because it delegates the password changing by RPC.
In any case... I don't understand why there is sooooo much un-ordered stuff in the forums and why people don't spend the time to actually go to TRAC and open-close-comment, etc, on the tickets, and submit patches, clean and ordered patches, so that people can benefit faster from their work.
Perhaps a sticky post reminding people to actually do that might work :-?
</rant mode off>
There, I said it out loud... 8)
cheers,
I hear you - I pretty much share your opinion. I also have no time to monitor mailinglists, trac, forum and IRC. I would welcome it a lot if people got used to using trac so we got that on record and now a dozen sources to merge/combine/monitor. :)
Till _______________________________________________ List info: http://lists.roundcube.net/dev/