1 if(!dojo._hasResource["dojox.form.PasswordValidator"]){ //_hasResource checks added by build. Do not use _hasResource directly in your code.
2 dojo._hasResource["dojox.form.PasswordValidator"] = true;
3 dojo.provide("dojox.form.PasswordValidator");
5 dojo.require("dijit.form._FormWidget");
6 dojo.require("dijit.form.ValidationTextBox");
8 dojo.requireLocalization("dojox.form", "PasswordValidator", null, "ROOT");
10 dojo.declare("dojox.form._ChildTextBox", dijit.form.ValidationTextBox, {
12 // A class that is shared between all our children - extends
13 // ValidationTextBox and provides some shared functionality
15 // containerWidget: widget
16 // Our parent (the PasswordValidator)
17 containerWidget: null,
20 // Don't override this - we are all "password" types
25 // Force-set to empty string (we don't save passwords EVER)...and
26 // since _OldPWBox overrides setValue to check for empty string,
27 // call our parent class directly (not this.inherited())
28 dijit.form.ValidationTextBox.prototype.setValue.call(this, "", true);
29 this._hasBeenBlurred = false;
35 dojo.declare("dojox.form._OldPWBox", dojox.form._ChildTextBox, {
37 // A class representing our "old password" box.
39 // _isPWValid: boolean
40 // Whether or not the password is valid
43 setValue: function(/* anything */ newVal, /* boolean? */ priority){
45 // Updates _isPWValid if this isn't our initial update by calling
46 // our PasswordValidator's pwCheck function
48 newVal = dojox.form._OldPWBox.superclass.getValue.call(this);
50 if(priority !== null){
51 // Priority is passed in as null, explicitly when this is an
52 // update (not initially set). We want to check our password now.
53 this._isPWValid = this.containerWidget.pwCheck(newVal);
55 this.inherited("setValue", arguments);
58 isValid: function(/* boolean */ isFocused){
59 // Take into account the isPWValid setting
60 return this.inherited("isValid", arguments) && this._isPWValid;
63 _update: function(/* event */ e){
64 // Only call validate() if we've been blurred or else we get popups
66 if(this._hasBeenBlurred){ this.validate(true); }
72 // Only returns a value if our container widget is valid. This
73 // is to prevent exposure of "oldPW" too early.
74 if(this.containerWidget.isValid()){
75 return this.inherited("getValue", arguments);
83 dojo.declare("dojox.form._NewPWBox", dojox.form._ChildTextBox, {
85 // A class representing our new password textbox
88 // Whether or not this widget is required (default: true)
93 // Validates our verify box - to make sure that a change to me is
95 this.containerWidget._inputWidgets[2].validate(false);
96 this.inherited(arguments);
100 dojo.declare("dojox.form._VerifyPWBox", dojox.form._ChildTextBox, {
102 // A class representing our verify textbox
104 isValid: function(isFocused){
106 // Validates that we match the "real" password
107 return this.inherited("isValid", arguments) &&
108 (this.getValue() == this.containerWidget._inputWidgets[1].getValue());
112 dojo.declare("dojox.form.PasswordValidator", dijit.form._FormValueWidget, {
114 // A password validation widget that simplifies the "old/new/verify"
115 // style of requesting passwords. You will probably want to override
116 // this class and implement your own pwCheck function.
119 // Whether or not it is required for form submission
122 // inputWidgets: TextBox[]
123 // An array of text boxes that are our components
127 // The name to send our old password as (when form is posted)
130 templateString:"<div dojoAttachPoint=\"containerNode\">\n\t<input type=\"hidden\" name=\"${name}\" value=\"\" dojoAttachPoint=\"focusNode\" />\n</div>\n",
132 _hasBeenBlurred: false,
134 isValid: function(/* boolean */ isFocused){
135 // summary: we are valid if ALL our children are valid
136 return dojo.every(this._inputWidgets, function(i){
137 if(i && i._setStateClass){ i._setStateClass(); }
138 return (!i || i.isValid());
142 validate: function(/* boolean */ isFocused){
143 // summary: Validating this widget validates all our children
144 return dojo.every(dojo.map(this._inputWidgets, function(i){
146 i._hasBeenBlurred = (i._hasBeenBlurred || this._hasBeenBlurred);
150 }, this), "return item;");
154 // summary: Resetting this widget resets all our children
155 this._hasBeenBlurred = false;
156 dojo.forEach(this._inputWidgets, function(i){
157 if(i && i.reset){ i.reset(); }
161 _createSubWidgets: function(){
163 // Turns the inputs inside this widget into "real" validation
164 // widgets - and sets up the needed connections.
165 var widgets = this._inputWidgets,
166 msg = dojo.i18n.getLocalization("dojox.form", "PasswordValidator",
168 dojo.forEach(widgets, function(i, idx){
170 var p = {containerWidget: this}, c;
172 p.name = this.oldName;
173 p.invalidMessage = msg.badPasswordMessage;
174 c = dojox.form._OldPWBox;
176 p.required = this.required;
177 c = dojox.form._NewPWBox;
179 p.invalidMessage = msg.nomatchMessage;
180 c = dojox.form._VerifyPWBox;
182 widgets[idx] = new c(p, i);
187 pwCheck: function(/* string */ password){
189 // Overridable function for validation of the old password box.
191 // This function is called and passed the old password. Return
192 // true if it's OK to continue, and false if it is not.
194 // IMPORTANT SECURITY NOTE: Do NOT EVER EVER EVER check this in
195 // HTML or JavaScript!!!
197 // You will probably want to override this function to callback
198 // to a server to verify the password (the callback will need to
199 // be syncronous) - and it's probably a good idea to validate
200 // it again on form submission before actually doing
201 // anything destructive - that's why the "oldName" value
204 // And don't just fetch the password from the server
205 // either :) Send the test password (probably hashed, for
206 // security) and return from the server a status instead.
208 // Again - DON'T BE INSECURE!!! Security is left as an exercise
213 postCreate: function(){
215 // Sets up the correct widgets. You *MUST* specify one child
216 // text box (a simple HTML <input> element) with pwType="new"
217 // *and* one child text box with pwType="verify". You *MAY*
218 // specify a third child text box with pwType="old" in order to
219 // prompt the user to enter in their old password before the
220 // widget returns that it is valid.
222 this.inherited(arguments);
224 // Turn my inputs into the correct stuff....
225 var widgets = this._inputWidgets = [];
226 dojo.forEach(["old","new","verify"], function(i){
227 widgets.push(dojo.query("input[pwType=" + i + "]",
228 this.containerNode)[0]);
230 if (!widgets[1] || !widgets[2]){
231 throw new Error("Need at least pwType=\"new\" and pwType=\"verify\"");
233 if (this.oldName && !widgets[0]){
234 throw new Error("Need to specify pwType=\"old\" if using oldName");
236 this._createSubWidgets();
239 setAttribute: function(/* string */ attr, /* anything */ value){
240 this.inherited(arguments);
242 // Disabling (or enabling) the container disables (or enables) all
243 // the subwidgets as well - same for requiring
247 dojo.forEach(this._inputWidgets, function(i){
248 if(i && i.setAttribute){ i.setAttribute(attr, value);}
256 getValue: function(){
257 // summary: overridden to return an empty string if we aren't valid.
259 return this._inputWidgets[1].getValue();
267 // places focus on the first invalid input widget - if all
268 // input widgets are valid, the first widget is focused.
270 dojo.forEach(this._inputWidgets, function(i){
271 if(i && !i.isValid() && !f){
276 if(!f){ this._inputWidgets[1].focus(); }