[Testbot] Plone 5.0 - Python 2.7 - Build # 3133 - Fixed! - 0 failure(s)

jenkins at plone.org jenkins at plone.org
Sat Aug 30 06:55:26 UTC 2014


-------------------------------------------------------------------------------
Plone 5.0 - Python 2.7 - Build # 3133 - Fixed!
-------------------------------------------------------------------------------

http://jenkins.plone.org/job/plone-5.0-python-2.7/3133/


-------------------------------------------------------------------------------
CHANGES
-------------------------------------------------------------------------------

Repository: Products.CMFPlone
Branch: refs/heads/master
Date: 2014-08-30T07:24:18+02:00
Author: Timo Stollenwerk (tisto) <tisto at plone.org>
Commit: https://github.com/plone/Products.CMFPlone/commit/f6f4456542ea91f97ad053270fb1b37fbb20583f

Revert "Plip10359 - move security controlpanel from plone.app.controlpanel"

Files changed:
M Products/CMFPlone/controlpanel/bbb/configure.zcml
M Products/CMFPlone/controlpanel/browser/configure.zcml
M Products/CMFPlone/controlpanel/configure.zcml
M Products/CMFPlone/controlpanel/events.py
M Products/CMFPlone/interfaces/__init__.py
M Products/CMFPlone/interfaces/controlpanel.py
M Products/CMFPlone/profiles/dependencies/registry.xml
M Products/CMFPlone/testing.py
D Products/CMFPlone/controlpanel/bbb/security.py
D Products/CMFPlone/controlpanel/browser/emaillogin.pt
D Products/CMFPlone/controlpanel/browser/security.py
D Products/CMFPlone/controlpanel/events.zcml
D Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
D Products/CMFPlone/controlpanel/utils.py
D Products/CMFPlone/tests/robot/test_controlpanel_security.robot

diff --git a/Products/CMFPlone/controlpanel/bbb/configure.zcml b/Products/CMFPlone/controlpanel/bbb/configure.zcml
index 4713645..c647f0b 100644
--- a/Products/CMFPlone/controlpanel/bbb/configure.zcml
+++ b/Products/CMFPlone/controlpanel/bbb/configure.zcml
@@ -7,7 +7,6 @@
   <adapter factory=".maintenance.MaintenanceControlPanelAdapter" />
   <adapter factory=".navigation.NavigationControlPanelAdapter" />
   <adapter factory=".search.SearchControlPanelAdapter" />
-  <adapter factory=".security.SecurityControlPanelAdapter" />
   <adapter factory=".site.SiteControlPanelAdapter" />
 
 </configure>
diff --git a/Products/CMFPlone/controlpanel/bbb/security.py b/Products/CMFPlone/controlpanel/bbb/security.py
deleted file mode 100644
index 2d05160..0000000
--- a/Products/CMFPlone/controlpanel/bbb/security.py
+++ /dev/null
@@ -1,78 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces.siteroot import IPloneSiteRoot
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.registry.interfaces import IRegistry
-from zope.component import adapts
-from zope.component import getUtility
-from zope.interface import implements
-from zope.site.hooks import getSite
-
-
-class SecurityControlPanelAdapter(object):
-
-    adapts(IPloneSiteRoot)
-    implements(ISecuritySchema)
-
-    def __init__(self, context):
-        self.portal = getSite()
-        self.pmembership = getToolByName(context, 'portal_membership')
-        registry = getUtility(IRegistry)
-        self.settings = registry.forInterface(
-            ISecuritySchema, prefix="plone")
-
-    def get_enable_self_reg(self):
-        return self.settings.enable_self_reg
-
-    def set_enable_self_reg(self, value):
-        # additional processing in the event handler
-        self.settings.enable_self_reg = value
-
-    enable_self_reg = property(get_enable_self_reg, set_enable_self_reg)
-
-    def get_enable_user_pwd_choice(self):
-        return self.settings.enable_user_pwd_choice
-
-    def set_enable_user_pwd_choice(self, value):
-        self.settings.enable_user_pwd_choice = value
-
-    enable_user_pwd_choice = property(get_enable_user_pwd_choice,
-                                      set_enable_user_pwd_choice)
-
-    def get_enable_user_folders(self):
-        return self.settings.enable_user_folders
-
-    def set_enable_user_folders(self, value):
-        # additional processing in the event handler
-        self.settings.enable_user_folders = value
-
-    enable_user_folders = property(get_enable_user_folders,
-                                   set_enable_user_folders)
-
-    def get_allow_anon_views_about(self):
-        return self.settings.allow_anon_views_about
-
-    def set_allow_anon_views_about(self, value):
-        self.settings.allow_anon_views_about = value
-
-    allow_anon_views_about = property(get_allow_anon_views_about,
-                                      set_allow_anon_views_about)
-
-    def get_use_email_as_login(self):
-        return self.settings.use_email_as_login
-
-    def set_use_email_as_login(self, value):
-        # additional processing in the event handler
-        self.settings.use_email_as_login = value
-
-    use_email_as_login = property(get_use_email_as_login,
-                                  set_use_email_as_login)
-
-    def get_use_uuid_as_userid(self):
-        return self.settings.use_uuid_as_userid
-
-    def set_use_uuid_as_userid(self, value):
-        self.settings.use_uuid_as_userid = value
-
-    use_uuid_as_userid = property(get_use_uuid_as_userid,
-                                  set_use_uuid_as_userid)
diff --git a/Products/CMFPlone/controlpanel/browser/configure.zcml b/Products/CMFPlone/controlpanel/browser/configure.zcml
index 551d824..bf55faf 100644
--- a/Products/CMFPlone/controlpanel/browser/configure.zcml
+++ b/Products/CMFPlone/controlpanel/browser/configure.zcml
@@ -35,23 +35,6 @@
     permission="plone.app.controlpanel.Search"
     />
 
-  <!-- Security Control Panel -->
-  <browser:page
-    name="security-controlpanel"
-    for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-    class=".security.SecurityControlPanel"
-    permission="plone.app.controlpanel.Security"
-    />
-
-  <!-- Security Control Panel - EMail Login -->
-  <browser:page
-    for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-    name="migrate-to-emaillogin"
-    class=".security.EmailLogin"
-    template="emaillogin.pt"
-    permission="cmf.ManagePortal"
-    />
-
   <!-- Site Control Panel -->
   <browser:page
     name="site-controlpanel"
diff --git a/Products/CMFPlone/controlpanel/browser/emaillogin.pt b/Products/CMFPlone/controlpanel/browser/emaillogin.pt
deleted file mode 100644
index 16c3949..0000000
--- a/Products/CMFPlone/controlpanel/browser/emaillogin.pt
+++ /dev/null
@@ -1,67 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-  <metal:main metal:fill-slot="prefs_configlet_content">
-    <h1 class="documentFirstHeading"
-        i18n:translate="heading_find_duplicate_login_names">
-      Find duplicate login names
-    </h1>
-
-    <p i18n:translate="help_duplicate_login_names">
-      Switching the email login setting in the
-      <a i18n:name="link"
-         tal:attributes="href string:${context/portal_url}/@@security-controlpanel"
-         i18n:translate="">Security settings</a>
-      on or off automatically changes the login name for existing users.
-      This may fail when there are duplicates.
-      On this page you can search for duplicates.
-    </p>
-
-    <div tal:condition="request/form/submitted|nothing">
-      <div tal:condition="view/duplicates">
-        <p i18n:translate="msg_login_duplicates_found">
-          The following login names would be used by more than one account:
-        </p>
-        <ul>
-          <ol tal:repeat="dup view/duplicates">
-            <span tal:content="python:dup[0]" />:
-            <span tal:repeat="account python:dup[1]" tal:content="account" />
-          </ol>
-        </ul>
-      </div>
-      <div tal:condition="not:view/duplicates">
-        <p i18n:translate="msg_no_login_duplicates_found">
-          No login names found that are used by more than one account.
-        </p>
-      </div>
-    </div>
-
-    <form action=""
-          name="emaillogin-migrate"
-          method="post"
-          class="enableUnloadProtection enableAutoFocus">
-      <div class="formControls">
-        <input type="hidden" name="submitted" value="submitted" id="submitted" />
-        <input class="context"
-               type="submit"
-               name="check_email"
-               value="Check for duplicate emails"
-               i18n:attributes="value label_check_duplicate_emails" />
-        <br />
-        <input class="context"
-               type="submit"
-               name="check_userid"
-               value="Check for duplicate lower case user ids"
-               i18n:attributes="value label_check_duplicate_user_ids" />
-      </div>
-    </form>
-
-  </metal:main>
-</body>
-</html>
diff --git a/Products/CMFPlone/controlpanel/browser/security.py b/Products/CMFPlone/controlpanel/browser/security.py
deleted file mode 100644
index 1026f27..0000000
--- a/Products/CMFPlone/controlpanel/browser/security.py
+++ /dev/null
@@ -1,127 +0,0 @@
-from Acquisition import aq_inner
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.Five.browser import BrowserView
-from collections import defaultdict
-from plone.app.registry.browser import controlpanel
-
-import logging
-
-logger = logging.getLogger('Products.CMFPlone')
-
-
-class SecurityControlPanelForm(controlpanel.RegistryEditForm):
-
-    id = "SecurityControlPanel"
-    label = _(u"Security settings")
-    schema = ISecuritySchema
-    schema_prefix = "plone"
-
-
-class SecurityControlPanel(controlpanel.ControlPanelFormWrapper):
-    form = SecurityControlPanelForm
-
-
-class EmailLogin(BrowserView):
-    """View to help in migrating to or from using email as login.
-
-    We used to change the login name of existing users here, but that
-    is now done by checking or unchecking the option in the security
-    control panel.  Here you can only search for duplicates.
-    """
-
-    duplicates = []
-
-    def __call__(self):
-        if self.request.form.get('check_email'):
-            self.duplicates = self.check_email()
-        elif self.request.form.get('check_userid'):
-            self.duplicates = self.check_userid()
-        return self.index()
-
-    @property
-    def _email_list(self):
-        context = aq_inner(self.context)
-        pas = getToolByName(context, 'acl_users')
-        emails = defaultdict(list)
-        orig_transform = pas.login_transform
-        try:
-            if not orig_transform:
-                # Temporarily set this to lower, as that will happen
-                # when turning emaillogin on.
-                pas.login_transform = 'lower'
-            for user in pas.getUsers():
-                if user is None:
-                    # Created in the ZMI?
-                    continue
-                email = user.getProperty('email', '')
-                if email:
-                    email = pas.applyTransform(email)
-                else:
-                    logger.warn("User %s has no email address.",
-                                user.getUserId())
-                    # Add the normal login name anyway.
-                    email = pas.applyTransform(user.getUserName())
-                emails[email].append(user.getUserId())
-        finally:
-            pas.login_transform = orig_transform
-            return emails
-
-    def check_email(self):
-        duplicates = []
-        for email, userids in self._email_list.items():
-            if len(userids) > 1:
-                logger.warn("Duplicate accounts for email address %s: %r",
-                            email, userids)
-                duplicates.append((email, userids))
-
-        return duplicates
-
-    @property
-    def _userid_list(self):
-        # user ids are unique, but their lowercase version might not
-        # be unique.
-        context = aq_inner(self.context)
-        pas = getToolByName(context, 'acl_users')
-        userids = defaultdict(list)
-        orig_transform = pas.login_transform
-        try:
-            if not orig_transform:
-                # Temporarily set this to lower, as that will happen
-                # when turning emaillogin on.
-                pas.login_transform = 'lower'
-            for user in pas.getUsers():
-                if user is None:
-                    continue
-                login_name = pas.applyTransform(user.getUserName())
-                userids[login_name].append(user.getUserId())
-        finally:
-            pas.login_transform = orig_transform
-            return userids
-
-    def check_userid(self):
-        duplicates = []
-        for login_name, userids in self._userid_list.items():
-            if len(userids) > 1:
-                logger.warn("Duplicate accounts for lower case user id "
-                            "%s: %r", login_name, userids)
-                duplicates.append((login_name, userids))
-
-        return duplicates
-
-    def switch_to_email(self):
-        # This is not used and is only here for backwards
-        # compatibility.  It avoids a test failure in
-        # Products.CMFPlone.
-        # XXX: check if this can be removed
-        migrate_to_email_login(self.context)
-
-    def switch_to_userid(self):
-        # This is not used and is only here for backwards
-        # compatibility.  It avoids a test failure in
-        # Products.CMFPlone.
-        # XXX: check if this can be removed
-        migrate_from_email_login(self.context)
diff --git a/Products/CMFPlone/controlpanel/configure.zcml b/Products/CMFPlone/controlpanel/configure.zcml
index 93d5b49..1b49eda 100644
--- a/Products/CMFPlone/controlpanel/configure.zcml
+++ b/Products/CMFPlone/controlpanel/configure.zcml
@@ -7,6 +7,4 @@
   <include package=".bbb" />
   <include package=".browser" />
 
-  <include file="events.zcml" />
-
 </configure>
diff --git a/Products/CMFPlone/controlpanel/events.py b/Products/CMFPlone/controlpanel/events.py
index 4e5a96e..206ba47 100644
--- a/Products/CMFPlone/controlpanel/events.py
+++ b/Products/CMFPlone/controlpanel/events.py
@@ -1,18 +1,9 @@
-from Products.CMFCore.ActionInformation import Action
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import IConfigurationChangedEvent
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.utils import safe_hasattr
-from plone.registry.interfaces import IRecordModifiedEvent
 from zope.component import adapter
 from zope.component import queryUtility
 from zope.interface import implements
 from zope.ramcache.interfaces.ram import IRAMCache
-from zope.site.hooks import getSite
 
+from Products.CMFPlone.interfaces import IConfigurationChangedEvent
 
 class ConfigurationChangedEvent(object):
     implements(IConfigurationChangedEvent)
@@ -27,102 +18,3 @@ def handleConfigurationChangedEvent(event):
     util = queryUtility(IRAMCache)
     if util is not None:
         util.invalidateAll()
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_self_reg(obj, event):
-    """Additional configuration when the ``enable_self_reg``
-    setting is updated in the ``Security```control panel.
-
-    If the setting is enabled, the ``Add portal member`` permission is
-    added to ``Anonymous`` role to allow self registration for anonymous
-    users. If the setting is disabled, this permission is removed.
-    """
-    if event.record.fieldName != 'enable_self_reg':
-        return
-
-    portal = getSite()
-    value = event.newValue
-    app_perms = portal.rolesOfPermission(
-        permission='Add portal member')
-    reg_roles = []
-
-    for app_perm in app_perms:
-        if app_perm['selected'] == 'SELECTED':
-            reg_roles.append(app_perm['name'])
-    if value is True and 'Anonymous' not in reg_roles:
-        reg_roles.append('Anonymous')
-    if value is False and 'Anonymous' in reg_roles:
-        reg_roles.remove('Anonymous')
-
-    portal.manage_permission('Add portal member', roles=reg_roles,
-                             acquire=0)
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_user_folders(obj, event):
-    """Additional configuration when the ``enable_user_folders``
-    setting is updated in the ``Security```control panel.
-
-    If the setting is enabled, a new user action is added with a link to
-    the personal folder. If the setting is disabled, the action is hidden.
-    """
-    if event.record.fieldName != 'enable_user_folders':
-        return
-
-    portal = getSite()
-    value = event.newValue
-
-    membership = getToolByName(portal, 'portal_membership')
-    membership.memberareaCreationFlag = value
-
-    # support the 'my folder' user action #8417
-    portal_actions = getToolByName(portal, 'portal_actions', None)
-    if portal_actions is not None:
-        object_category = getattr(portal_actions, 'user', None)
-        if value and not safe_hasattr(object_category, 'mystuff'):
-            # add action
-            _add_mystuff_action(object_category)
-        elif safe_hasattr(object_category, 'mystuff'):
-            a = getattr(object_category, 'mystuff')
-            a.visible = bool(value)    # show/hide action
-
-
-def _add_mystuff_action(object_category):
-    new_action = Action(
-        'mystuff',
-        title=_(u'My Folder'),
-        description='',
-        url_expr='string:${portal/portal_membership/getHomeUrl}',
-        available_expr='python:(member is not None) and \
-            (portal.portal_membership.getHomeFolder() is not None) ',
-        permissions=('View',),
-        visible=True,
-        i18n_domain='plone'
-    )
-    object_category._setObject('mystuff', new_action)
-    # move action to top, at least before the logout action
-    object_category.moveObjectsToTop(('mystuff'))
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_use_email_as_login(obj, event):
-    """Additional configuration when the ``use_email_as_login``
-    setting is updated in the ``Security```control panel.
-
-    If the setting is enabled, existing users' login names are migrated
-    to email. If the setting is disabled, then the login names are migrated
-    back to user ids.
-    """
-    if event.record.fieldName != 'use_email_as_login':
-        return
-
-    value = event.newValue
-    if value == event.oldValue:
-        # no change
-        return
-    context = getSite()
-    if value:
-        migrate_to_email_login(context)
-    else:
-        migrate_from_email_login(context)
diff --git a/Products/CMFPlone/controlpanel/events.zcml b/Products/CMFPlone/controlpanel/events.zcml
deleted file mode 100644
index 665959b..0000000
--- a/Products/CMFPlone/controlpanel/events.zcml
+++ /dev/null
@@ -1,5 +0,0 @@
-<configure xmlns="http://namespaces.zope.org/zope">
-  <subscriber handler=".events.handle_enable_self_reg" />
-  <subscriber handler=".events.handle_enable_user_folders" />
-  <subscriber handler=".events.handle_use_email_as_login" />
-</configure>
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
deleted file mode 100644
index c2cb8e9..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
+++ /dev/null
@@ -1,130 +0,0 @@
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelAdapterTest(unittest.TestCase):
-
-    layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
-    def setUp(self):
-        self.portal = self.layer['portal']
-        self.request = self.layer['request']
-        setRoles(self.portal, TEST_USER_ID, ['Manager'])
-        self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
-    def test_adapter_lookup(self):
-        self.assertTrue(getAdapter(self.portal, ISecuritySchema))
-
-    def test_get_enable_self_reg_setting(self):
-        self.assertEquals(
-            self.security_settings.enable_self_reg,
-            False
-        )
-
-    def test_set_enable_self_reg_setting(self):
-        self.security_settings.enable_self_reg = False
-        self.assertEquals(
-            self.security_settings.enable_self_reg,
-            False
-        )
-        self.security_settings.enable_self_reg = True
-        self.assertEquals(
-            self.security_settings.enable_self_reg,
-            True
-        )
-
-    def test_get_enable_user_pwd_choice_setting(self):
-        self.assertEquals(
-            self.security_settings.enable_user_pwd_choice,
-            False
-        )
-
-    def test_set_enable_user_pwd_choice_setting(self):
-        self.security_settings.enable_user_pwd_choice = False
-        self.assertEquals(
-            self.security_settings.enable_user_pwd_choice,
-            False
-        )
-        self.security_settings.enable_user_pwd_choice = True
-        self.assertEquals(
-            self.security_settings.enable_user_pwd_choice,
-            True
-        )
-
-    def test_get_enable_user_folders_setting(self):
-        self.assertEquals(
-            self.security_settings.enable_user_folders,
-            False
-        )
-
-    def test_set_enable_user_folders_setting(self):
-        self.security_settings.enable_user_folders = False
-        self.assertEquals(
-            self.security_settings.enable_user_folders,
-            False
-        )
-        self.security_settings.enable_user_folders = True
-        self.assertEquals(
-            self.security_settings.enable_user_folders,
-            True
-        )
-
-    def test_get_allow_anon_views_about_setting(self):
-        self.assertEquals(
-            self.security_settings.allow_anon_views_about,
-            False
-        )
-
-    def test_set_allow_anon_views_about_setting(self):
-        self.security_settings.allow_anon_views_about = False
-        self.assertEquals(
-            self.security_settings.allow_anon_views_about,
-            False
-        )
-        self.security_settings.allow_anon_views_about = True
-        self.assertEquals(
-            self.security_settings.allow_anon_views_about,
-            True
-        )
-
-    def test_get_use_email_as_login_setting(self):
-        self.assertEquals(
-            self.security_settings.use_email_as_login,
-            False
-        )
-
-    def test_set_use_email_as_login_setting(self):
-        self.security_settings.use_email_as_login = False
-        self.assertEquals(
-            self.security_settings.use_email_as_login,
-            False
-        )
-        self.security_settings.use_email_as_login = True
-        self.assertEquals(
-            self.security_settings.use_email_as_login,
-            True
-        )
-
-    def test_get_use_uuid_as_userid_setting(self):
-        self.assertEquals(
-            self.security_settings.use_uuid_as_userid,
-            False
-        )
-
-    def test_set_use_uuid_as_userid_setting(self):
-        self.security_settings.use_uuid_as_userid = False
-        self.assertEquals(
-            self.security_settings.use_uuid_as_userid,
-            False
-        )
-        self.security_settings.use_uuid_as_userid = True
-        self.assertEquals(
-            self.security_settings.use_uuid_as_userid,
-            True
-        )
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
deleted file mode 100644
index 098cd47..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
+++ /dev/null
@@ -1,103 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-from plone.app.testing import SITE_OWNER_NAME, SITE_OWNER_PASSWORD
-from plone.registry.interfaces import IRegistry
-from plone.testing.z2 import Browser
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityControlPanelFunctionalTest(unittest.TestCase):
-    """Test that changes in the security control panel are actually
-    stored in the registry.
-    """
-
-    layer = PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-
-    def setUp(self):
-        self.app = self.layer['app']
-        self.portal = self.layer['portal']
-        self.portal_url = self.portal.absolute_url()
-        registry = getUtility(IRegistry)
-        self.settings = registry.forInterface(
-            ISecuritySchema, prefix="plone")
-        self.browser = Browser(self.app)
-        self.browser.handleErrors = False
-        self.browser.addHeader(
-            'Authorization',
-            'Basic %s:%s' % (SITE_OWNER_NAME, SITE_OWNER_PASSWORD,)
-        )
-
-    def test_security_control_panel_link(self):
-        self.browser.open(
-            "%s/plone_control_panel" % self.portal_url)
-        self.browser.getLink('Security').click()
-
-    def test_security_control_panel_backlink(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.assertTrue("Plone Configuration" in self.browser.contents)
-
-    def test_security_control_panel_sidebar(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getLink('Site Setup').click()
-        self.assertEqual(
-            self.browser.url,
-            'http://nohost/plone/@@overview-controlpanel')
-
-    def test_enable_self_reg(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl('Enable self-registration').selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.enable_self_reg, True)
-
-    def test_enable_user_pwd_choice(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            'Let users select their own passwords').selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.enable_user_pwd_choice, True)
-
-    def test_enable_user_folders(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            'Enable User Folders').selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.enable_user_folders, True)
-
-    def test_allow_anon_views_about(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            "Allow anyone to view 'about' information").selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.allow_anon_views_about, True)
-
-    def test_use_email_as_login(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            "Use email address as login name").selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.use_email_as_login, True)
-
-    def test_use_uuid_as_userid(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            "Use UUID user ids").selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.use_uuid_as_userid, True)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
deleted file mode 100644
index b5ff729..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
+++ /dev/null
@@ -1,141 +0,0 @@
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelEventsTest(unittest.TestCase):
-
-    layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
-    def setUp(self):
-        self.portal = self.layer['portal']
-        self.request = self.layer['request']
-        setRoles(self.portal, TEST_USER_ID, ['Manager'])
-        self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
-    def _create_user(self, user_id=None, email=None):
-        """Helper function for creating a test user."""
-        registration = getToolByName(self.portal, 'portal_registration', None)
-        registration.addMember(
-            user_id,
-            'password',
-            ['Member'],
-            properties={'email': email, 'username': user_id}
-        )
-        membership = getToolByName(self.portal, 'portal_membership', None)
-        return membership.getMemberById(user_id)
-
-    def _is_self_reg_enabled(self):
-        """Helper function to determine if self registration was properly
-        enabled.
-        """
-        app_perms = self.portal.rolesOfPermission(
-            permission='Add portal member')
-        for app_perm in app_perms:
-            if app_perm['name'] == 'Anonymous' \
-               and app_perm['selected'] == 'SELECTED':
-                return True
-        return False
-
-    def test_handle_enable_self_reg_condition_check(self):
-        """Check that this event handler is not run for other ISecuritySchema
-        records.
-        """
-        self.assertFalse(self._is_self_reg_enabled())
-        self.security_settings.use_uuid_as_userid = True
-        self.assertFalse(self._is_self_reg_enabled())
-
-    def test_handle_enable_self_reg_disabled(self):
-        self.security_settings.enable_self_reg = False
-        self.assertFalse(self._is_self_reg_enabled())
-
-    def test_handle_enable_self_reg_enabled(self):
-        self.security_settings.enable_self_reg = True
-        self.assertTrue(self._is_self_reg_enabled())
-
-    def test_handle_enable_user_folders_condition_check(self):
-        """Check that this event handler is not run for other ISecuritySchema
-        records.
-        """
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-        self.security_settings.use_uuid_as_userid = True
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-
-    def test_handle_enable_user_folders_enabled_no_mystuff_yet(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if we enable the setting, mystuff action should be added
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-        self.security_settings.enable_user_folders = True
-        self.assertTrue('mystuff' in portal_actions['user'].keys())
-        self.assertTrue(portal_actions['user']['mystuff'].visible)
-
-    def test_handle_enable_user_folders_enabled_has_mystuff(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if we enable the setting, disable it, then enable it again,
-        # the mystuff action should still be there and visible
-        self.security_settings.enable_user_folders = True
-        self.security_settings.enable_user_folders = False
-        self.security_settings.enable_user_folders = True
-
-        self.assertTrue('mystuff' in portal_actions['user'].keys())
-        self.assertTrue(portal_actions['user']['mystuff'].visible)
-
-    def test_handle_enable_user_folders_disabled_no_mystuff_yet(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if the mystuff action is not there yet, this should have no effect
-        self.security_settings.enable_user_folders = False
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-
-    def test_handle_enable_user_folders_disabled_has_mystuff(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if the setting was enabled and then disabled, the mystuff action
-        # should be hidden
-        self.security_settings.enable_user_folders = True
-        self.security_settings.enable_user_folders = False
-        self.assertTrue('mystuff' in portal_actions['user'].keys())
-        self.assertFalse(portal_actions['user']['mystuff'].visible)
-
-    def test_handle_use_email_as_login_condition_check(self):
-        """Check that this event handler is not run for other ISecuritySchema
-        records.
-        """
-        self._create_user(user_id='joe', email='joe at test.com')
-        pas = getToolByName(self.portal, 'acl_users')
-
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-        self.security_settings.use_uuid_as_userid = True
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-
-    def test_handle_use_email_as_login_enabled(self):
-        self._create_user(user_id='joe', email='joe at test.com')
-        pas = getToolByName(self.portal, 'acl_users')
-
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-        self.assertEquals(len(pas.searchUsers(name='joe')), 1)
-
-        # if we enable use_email_as_login, login name should be migrated
-        # to email
-        self.security_settings.use_email_as_login = True
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 1)
-
-    def test_handle_use_email_as_login_disabled(self):
-        self._create_user(user_id='joe', email='joe at test.com')
-        pas = getToolByName(self.portal, 'acl_users')
-
-        # if we enable use_email_as_login, then disabled it, the login name
-        # should be migrated back to user id
-        self.security_settings.use_email_as_login = True
-        self.security_settings.use_email_as_login = False
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-        self.assertEquals(len(pas.searchUsers(name='joe')), 1)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
deleted file mode 100644
index 3b29843..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
+++ /dev/null
@@ -1,56 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from plone.app.testing import TEST_USER_ID, setRoles
-from plone.registry.interfaces import IRegistry
-from zope.component import getMultiAdapter
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityRegistryIntegrationTest(unittest.TestCase):
-    """Test that the security settings are stored as plone.app.registry
-    settings.
-    """
-
-    layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
-    def setUp(self):
-        self.portal = self.layer['portal']
-        self.request = self.layer['request']
-        setRoles(self.portal, TEST_USER_ID, ['Manager'])
-        registry = getUtility(IRegistry)
-        self.settings = registry.forInterface(
-            ISecuritySchema, prefix="plone")
-
-    def test_security_controlpanel_view(self):
-        view = getMultiAdapter((self.portal, self.portal.REQUEST),
-                               name="security-controlpanel")
-        view = view.__of__(self.portal)
-        self.assertTrue(view())
-
-    def test_plone_app_registry_in_controlpanel(self):
-        self.controlpanel = getToolByName(self.portal, "portal_controlpanel")
-        self.assertTrue('plone.app.registry' in [a.getAction(self)['id']
-                            for a in self.controlpanel.listActions()])
-
-    def test_enable_self_reg_setting(self):
-        self.assertTrue(hasattr(self.settings, 'enable_self_reg'))
-
-    def test_enable_user_pwd_choice_setting(self):
-        self.assertTrue(hasattr(self.settings, 'enable_user_pwd_choice'))
-
-    def test_enable_user_folders_setting(self):
-        self.assertTrue(hasattr(self.settings, 'enable_user_folders'))
-
-    def test_allow_anon_views_about_setting(self):
-        self.assertTrue(hasattr(self.settings, 'allow_anon_views_about'))
-
-    def test_use_email_as_login_setting(self):
-        self.assertTrue(hasattr(self.settings, 'use_email_as_login'))
-
-    def test_use_uuid_as_userid_setting(self):
-        self.assertTrue(hasattr(self.settings, 'use_uuid_as_userid'))
diff --git a/Products/CMFPlone/controlpanel/utils.py b/Products/CMFPlone/controlpanel/utils.py
deleted file mode 100644
index 851ca34..0000000
--- a/Products/CMFPlone/controlpanel/utils.py
+++ /dev/null
@@ -1,52 +0,0 @@
-from Products.CMFCore.utils import getToolByName
-
-import logging
-
-
-logger = logging.getLogger('Products.CMFPlone.controlpanel')
-
-
-def migrate_to_email_login(context):
-    pas = getToolByName(context, 'acl_users')
-
-    # We want the login name to be lowercase here.  This is new in
-    # PAS.  Using 'manage_changeProperties' would change the login
-    # names immediately, but we want to do that explicitly ourselves
-    # and set the lowercase email address as login name, instead of
-    # the lower case user id.
-    #pas.manage_changeProperties(login_transform='lower')
-    pas.login_transform = 'lower'
-
-    # Update the users.
-    for user in pas.getUsers():
-        if user is None:
-            continue
-        user_id = user.getUserId()
-        email = user.getProperty('email', '')
-        if email:
-            login_name = pas.applyTransform(email)
-            pas.updateLoginName(user_id, login_name)
-        else:
-            logger.warn("User %s has no email address.", user_id)
-
-
-def migrate_from_email_login(context):
-    pas = getToolByName(context, 'acl_users')
-
-    # Whether the login name is lowercase or not does not really
-    # matter for this use case, but it may be better not to change
-    # it at this point.
-
-    # XXX
-    pas.login_transform = ''
-
-    # We do want to update the users.
-    for user in pas.getUsers():
-        if user is None:
-            continue
-        user_id = user.getUserId()
-        # If we keep the transform to lowercase, then we must apply it
-        # here as well, otherwise some users will not be able to
-        # login, as their user id may be mixed or upper case.
-        login_name = pas.applyTransform(user_id)
-        pas.updateLoginName(user_id, login_name)
diff --git a/Products/CMFPlone/interfaces/__init__.py b/Products/CMFPlone/interfaces/__init__.py
index 2002944..20862b4 100644
--- a/Products/CMFPlone/interfaces/__init__.py
+++ b/Products/CMFPlone/interfaces/__init__.py
@@ -9,7 +9,6 @@
 from controlpanel import IMaintenanceSchema
 from controlpanel import INavigationSchema
 from controlpanel import ISearchSchema
-from controlpanel import ISecuritySchema
 from controlpanel import ISiteSchema
 from controlpanel import ITypesSchema
 from events import IConfigurationChangedEvent
diff --git a/Products/CMFPlone/interfaces/controlpanel.py b/Products/CMFPlone/interfaces/controlpanel.py
index c2f7172..c0f8656 100644
--- a/Products/CMFPlone/interfaces/controlpanel.py
+++ b/Products/CMFPlone/interfaces/controlpanel.py
@@ -207,70 +207,6 @@ class ISearchSchema(Interface):
     )
 
 
-class ISecuritySchema(Interface):
-
-    enable_self_reg = schema.Bool(
-        title=_(u'Enable self-registration'),
-        description=_(
-            u"Allows users to register themselves on the site. If "
-            u"not selected, only site managers can add new users."),
-        default=False,
-        required=False)
-
-    enable_user_pwd_choice = schema.Bool(
-        title=_(u'Let users select their own passwords'),
-        description=_(
-            u"If not selected, a URL will be generated and "
-            u"e-mailed. Users are instructed to follow the link to "
-            u"reach a page where they can change their password and "
-            u"complete the registration process; this also verifies "
-            u"that they have entered a valid email address."),
-        default=False,
-        required=False)
-
-    enable_user_folders = schema.Bool(
-        title=_(u'Enable User Folders'),
-        description=_(
-            u"If selected, home folders where users can create "
-            u"content will be created when they log in."),
-        default=False,
-        required=False)
-
-    allow_anon_views_about = schema.Bool(
-        title=_(u"Allow anyone to view 'about' information"),
-        description=_(
-            u"If not selected only logged-in users will be able to "
-            u"view information about who created an item and when it "
-            u"was modified."),
-        default=False,
-        required=False)
-
-    use_email_as_login = schema.Bool(
-        title=_(u'Use email address as login name'),
-        description=_(
-            u"Allows users to login with their email address instead "
-            u"of specifying a separate login name. This also updates "
-            u"the login name of existing users, which may take a "
-            u"while on large sites. The login name is saved as "
-            u"lower case, but to be userfriendly it does not matter "
-            u"which case you use to login. When duplicates are found, "
-            u"saving this form will fail. You can use the "
-            u"@@migrate-to-emaillogin page to show the duplicates."),
-        default=False,
-        required=False)
-
-    use_uuid_as_userid = schema.Bool(
-        title=_(u'Use UUID user ids'),
-        description=_(
-            u"Use automatically generated UUIDs as user id for new users. "
-            u"When not turned on, the default is to use the same as the "
-            u"login name, or when using the email address as login name we "
-            u"generate a user id based on the fullname."),
-        default=False,
-        required=False)
-
-
-# XXX: Why does ISiteSchema inherit from ILockSettings here ???
 class ISiteSchema(ILockSettings):
 
     site_title = schema.TextLine(
diff --git a/Products/CMFPlone/profiles/dependencies/registry.xml b/Products/CMFPlone/profiles/dependencies/registry.xml
index 2a5c8f4..09916f8 100644
--- a/Products/CMFPlone/profiles/dependencies/registry.xml
+++ b/Products/CMFPlone/profiles/dependencies/registry.xml
@@ -8,8 +8,6 @@
            prefix="plone" />
   <records interface="Products.CMFPlone.interfaces.ISearchSchema"
            prefix="plone" />
-  <records interface="Products.CMFPlone.interfaces.ISecuritySchema"
-           prefix="plone" />
   <records interface="Products.CMFPlone.interfaces.ISiteSchema"
            prefix="plone" />
   <records interface="Products.CMFPlone.interfaces.IDateAndTimeSchema"
diff --git a/Products/CMFPlone/testing.py b/Products/CMFPlone/testing.py
index d33a8c0..ac5895a 100644
--- a/Products/CMFPlone/testing.py
+++ b/Products/CMFPlone/testing.py
@@ -43,15 +43,6 @@ def setUpPloneSite(self, portal):
             id="test-folder",
             title=u"Test Folder"
         )
-        # XXX: this is needed for tests that rely on the Members folder to be
-        # present. This folder is otherwise created by a setup handler in
-        # ATContentTypes, but that package is optional now.
-        if 'Members' not in portal.keys():
-            portal.invokeFactory(
-                "Folder",
-                id="Members",
-                title=u"Members"
-            )
 
     def tearDownPloneSite(self, portal):
         login(portal, 'admin')
diff --git a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot b/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
deleted file mode 100644
index 18e030d..0000000
--- a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
+++ /dev/null
@@ -1,152 +0,0 @@
-*** Settings ***
-
-Resource  plone/app/robotframework/keywords.robot
-Resource  plone/app/robotframework/saucelabs.robot
-
-Library  Remote  ${PLONE_URL}/RobotRemote
-
-Resource  common.robot
-
-Test Setup  Open SauceLabs test browser
-Test Teardown  Run keywords  Report test status  Close all browsers
-
-
-*** Test Cases ***************************************************************
-
-Scenario: Enable self registration in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I save the settings
-  Given an anonymous user
-    and the front page
-   Then the registration link is shown in the page
-
-Scenario: Enable users to select their own passwords in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I save the settings
-  Given an anonymous user
-    and the registration form
-   Then the password field is shown in the page
-
-Scenario: Enable user folders in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I enable user folders
-    and I save the settings
-  Given an anonymous user
-   When I register to the site
-    and I login to the site
-   Then the user folder should be created
-
-Scenario: Enable use email as login in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I enable use email as login
-    and I save the settings
-  Given an anonymous user
-    and the registration form
-   Then the email field is shown in the page
-     and the username field is not shown in the page
-
-Scenario: Enable use uuid as uid in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I enable uuid as user id
-    and I save the settings
-  Given an anonymous user
-   When I register to the site
-    and I login to the site
-   Then uuid should be used for user id
-
-
-*** Keywords *****************************************************************
-
-# --- GIVEN ------------------------------------------------------------------
-
-a logged-in site administrator
-  Enable autologin as  Site Administrator
-
-an anonymous user
-  Disable autologin
-
-the security control panel
-  Go to  ${PLONE_URL}/@@security-controlpanel
-
-the registration form
-  Go to  ${PLONE_URL}/@@register
-
-the front page
-  Go to  ${PLONE_URL}
-
-# --- WHEN -------------------------------------------------------------------
-
-I enable self registration
-  Select Checkbox  form.widgets.enable_self_reg:list
-
-I enable users to select their own passwords
-  Select Checkbox  form.widgets.enable_user_pwd_choice:list
-
-I enable use email as login
-  Select Checkbox  form.widgets.use_email_as_login:list
-
-I enable user folders
-  Select Checkbox  form.widgets.enable_user_folders:list
-
-I enable uuid as user id
-  Select Checkbox  form.widgets.use_uuid_as_userid:list
-
-I save the settings
-  Click Button  Save
-  Wait until page contains  Changes saved
-
-I register to the site
-  Go to  ${PLONE_URL}/@@register
-  Input Text  form.widgets.username  joe
-  Input Text  form.widgets.email  joe at test.com
-  Input Text  form.widgets.password  supersecret
-  Input Text  form.widgets.password_ctl  supersecret
-  Click Button  Register
-
-I login to the site
-  Go to  ${PLONE_URL}/login
-  Input Text  __ac_name  joe
-  Input Text  __ac_password  supersecret
-  Click Button  Log in
-  Wait until page contains  You are now logged in
-
-
-# --- THEN -------------------------------------------------------------------
-
-The registration link is shown in the page
-  Element Should Be Visible  xpath=//a[@id='personaltools-join']
-
-The password field is shown in the page
-  Element Should Be Visible  xpath=//input[@id='form-widgets-password']
-
-The email field is shown in the page
-  Element Should Be Visible  xpath=//input[@id='form-widgets-email']
-
-The username field is not shown in the page
-  Element Should Not Be Visible  xpath=//input[@id='form-widgets-username']
-
-The user folder should be created
-  Go to  ${PLONE_URL}/Members/joe
-  Element Should Contain  css=h1.documentFirstHeading  joe
-  Page should Not contain  This page does not seem to exist
-
-# XXX: Here we can't really test that this is a uuid, since it's random, so
-# we just check that user id is not equal to username or email
-uuid should be used for user id
-  ${userid}=  Get Text  user-name
-  Should Not Be Equal As Strings  ${userid}  joe
-  Should Not Be Equal As Strings  ${userid}  joe at test.com


Repository: Products.CMFPlone
Branch: refs/heads/master
Date: 2014-08-30T07:24:40+02:00
Author: Timo Stollenwerk (tisto) <tisto at plone.org>
Commit: https://github.com/plone/Products.CMFPlone/commit/927c47f370b224fe6bdfc0af889b9f1371ce857a

Merge pull request #269 from plone/revert-264-plip10359-security-controlpanel

Revert "Plip10359 - move security controlpanel from plone.app.controlpan...

Files changed:
M Products/CMFPlone/controlpanel/bbb/configure.zcml
M Products/CMFPlone/controlpanel/browser/configure.zcml
M Products/CMFPlone/controlpanel/configure.zcml
M Products/CMFPlone/controlpanel/events.py
M Products/CMFPlone/interfaces/__init__.py
M Products/CMFPlone/interfaces/controlpanel.py
M Products/CMFPlone/profiles/dependencies/registry.xml
M Products/CMFPlone/testing.py
D Products/CMFPlone/controlpanel/bbb/security.py
D Products/CMFPlone/controlpanel/browser/emaillogin.pt
D Products/CMFPlone/controlpanel/browser/security.py
D Products/CMFPlone/controlpanel/events.zcml
D Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
D Products/CMFPlone/controlpanel/utils.py
D Products/CMFPlone/tests/robot/test_controlpanel_security.robot

diff --git a/Products/CMFPlone/controlpanel/bbb/configure.zcml b/Products/CMFPlone/controlpanel/bbb/configure.zcml
index 4713645..c647f0b 100644
--- a/Products/CMFPlone/controlpanel/bbb/configure.zcml
+++ b/Products/CMFPlone/controlpanel/bbb/configure.zcml
@@ -7,7 +7,6 @@
   <adapter factory=".maintenance.MaintenanceControlPanelAdapter" />
   <adapter factory=".navigation.NavigationControlPanelAdapter" />
   <adapter factory=".search.SearchControlPanelAdapter" />
-  <adapter factory=".security.SecurityControlPanelAdapter" />
   <adapter factory=".site.SiteControlPanelAdapter" />
 
 </configure>
diff --git a/Products/CMFPlone/controlpanel/bbb/security.py b/Products/CMFPlone/controlpanel/bbb/security.py
deleted file mode 100644
index 2d05160..0000000
--- a/Products/CMFPlone/controlpanel/bbb/security.py
+++ /dev/null
@@ -1,78 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces.siteroot import IPloneSiteRoot
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.registry.interfaces import IRegistry
-from zope.component import adapts
-from zope.component import getUtility
-from zope.interface import implements
-from zope.site.hooks import getSite
-
-
-class SecurityControlPanelAdapter(object):
-
-    adapts(IPloneSiteRoot)
-    implements(ISecuritySchema)
-
-    def __init__(self, context):
-        self.portal = getSite()
-        self.pmembership = getToolByName(context, 'portal_membership')
-        registry = getUtility(IRegistry)
-        self.settings = registry.forInterface(
-            ISecuritySchema, prefix="plone")
-
-    def get_enable_self_reg(self):
-        return self.settings.enable_self_reg
-
-    def set_enable_self_reg(self, value):
-        # additional processing in the event handler
-        self.settings.enable_self_reg = value
-
-    enable_self_reg = property(get_enable_self_reg, set_enable_self_reg)
-
-    def get_enable_user_pwd_choice(self):
-        return self.settings.enable_user_pwd_choice
-
-    def set_enable_user_pwd_choice(self, value):
-        self.settings.enable_user_pwd_choice = value
-
-    enable_user_pwd_choice = property(get_enable_user_pwd_choice,
-                                      set_enable_user_pwd_choice)
-
-    def get_enable_user_folders(self):
-        return self.settings.enable_user_folders
-
-    def set_enable_user_folders(self, value):
-        # additional processing in the event handler
-        self.settings.enable_user_folders = value
-
-    enable_user_folders = property(get_enable_user_folders,
-                                   set_enable_user_folders)
-
-    def get_allow_anon_views_about(self):
-        return self.settings.allow_anon_views_about
-
-    def set_allow_anon_views_about(self, value):
-        self.settings.allow_anon_views_about = value
-
-    allow_anon_views_about = property(get_allow_anon_views_about,
-                                      set_allow_anon_views_about)
-
-    def get_use_email_as_login(self):
-        return self.settings.use_email_as_login
-
-    def set_use_email_as_login(self, value):
-        # additional processing in the event handler
-        self.settings.use_email_as_login = value
-
-    use_email_as_login = property(get_use_email_as_login,
-                                  set_use_email_as_login)
-
-    def get_use_uuid_as_userid(self):
-        return self.settings.use_uuid_as_userid
-
-    def set_use_uuid_as_userid(self, value):
-        self.settings.use_uuid_as_userid = value
-
-    use_uuid_as_userid = property(get_use_uuid_as_userid,
-                                  set_use_uuid_as_userid)
diff --git a/Products/CMFPlone/controlpanel/browser/configure.zcml b/Products/CMFPlone/controlpanel/browser/configure.zcml
index 551d824..bf55faf 100644
--- a/Products/CMFPlone/controlpanel/browser/configure.zcml
+++ b/Products/CMFPlone/controlpanel/browser/configure.zcml
@@ -35,23 +35,6 @@
     permission="plone.app.controlpanel.Search"
     />
 
-  <!-- Security Control Panel -->
-  <browser:page
-    name="security-controlpanel"
-    for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-    class=".security.SecurityControlPanel"
-    permission="plone.app.controlpanel.Security"
-    />
-
-  <!-- Security Control Panel - EMail Login -->
-  <browser:page
-    for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-    name="migrate-to-emaillogin"
-    class=".security.EmailLogin"
-    template="emaillogin.pt"
-    permission="cmf.ManagePortal"
-    />
-
   <!-- Site Control Panel -->
   <browser:page
     name="site-controlpanel"
diff --git a/Products/CMFPlone/controlpanel/browser/emaillogin.pt b/Products/CMFPlone/controlpanel/browser/emaillogin.pt
deleted file mode 100644
index 16c3949..0000000
--- a/Products/CMFPlone/controlpanel/browser/emaillogin.pt
+++ /dev/null
@@ -1,67 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-  <metal:main metal:fill-slot="prefs_configlet_content">
-    <h1 class="documentFirstHeading"
-        i18n:translate="heading_find_duplicate_login_names">
-      Find duplicate login names
-    </h1>
-
-    <p i18n:translate="help_duplicate_login_names">
-      Switching the email login setting in the
-      <a i18n:name="link"
-         tal:attributes="href string:${context/portal_url}/@@security-controlpanel"
-         i18n:translate="">Security settings</a>
-      on or off automatically changes the login name for existing users.
-      This may fail when there are duplicates.
-      On this page you can search for duplicates.
-    </p>
-
-    <div tal:condition="request/form/submitted|nothing">
-      <div tal:condition="view/duplicates">
-        <p i18n:translate="msg_login_duplicates_found">
-          The following login names would be used by more than one account:
-        </p>
-        <ul>
-          <ol tal:repeat="dup view/duplicates">
-            <span tal:content="python:dup[0]" />:
-            <span tal:repeat="account python:dup[1]" tal:content="account" />
-          </ol>
-        </ul>
-      </div>
-      <div tal:condition="not:view/duplicates">
-        <p i18n:translate="msg_no_login_duplicates_found">
-          No login names found that are used by more than one account.
-        </p>
-      </div>
-    </div>
-
-    <form action=""
-          name="emaillogin-migrate"
-          method="post"
-          class="enableUnloadProtection enableAutoFocus">
-      <div class="formControls">
-        <input type="hidden" name="submitted" value="submitted" id="submitted" />
-        <input class="context"
-               type="submit"
-               name="check_email"
-               value="Check for duplicate emails"
-               i18n:attributes="value label_check_duplicate_emails" />
-        <br />
-        <input class="context"
-               type="submit"
-               name="check_userid"
-               value="Check for duplicate lower case user ids"
-               i18n:attributes="value label_check_duplicate_user_ids" />
-      </div>
-    </form>
-
-  </metal:main>
-</body>
-</html>
diff --git a/Products/CMFPlone/controlpanel/browser/security.py b/Products/CMFPlone/controlpanel/browser/security.py
deleted file mode 100644
index 1026f27..0000000
--- a/Products/CMFPlone/controlpanel/browser/security.py
+++ /dev/null
@@ -1,127 +0,0 @@
-from Acquisition import aq_inner
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.Five.browser import BrowserView
-from collections import defaultdict
-from plone.app.registry.browser import controlpanel
-
-import logging
-
-logger = logging.getLogger('Products.CMFPlone')
-
-
-class SecurityControlPanelForm(controlpanel.RegistryEditForm):
-
-    id = "SecurityControlPanel"
-    label = _(u"Security settings")
-    schema = ISecuritySchema
-    schema_prefix = "plone"
-
-
-class SecurityControlPanel(controlpanel.ControlPanelFormWrapper):
-    form = SecurityControlPanelForm
-
-
-class EmailLogin(BrowserView):
-    """View to help in migrating to or from using email as login.
-
-    We used to change the login name of existing users here, but that
-    is now done by checking or unchecking the option in the security
-    control panel.  Here you can only search for duplicates.
-    """
-
-    duplicates = []
-
-    def __call__(self):
-        if self.request.form.get('check_email'):
-            self.duplicates = self.check_email()
-        elif self.request.form.get('check_userid'):
-            self.duplicates = self.check_userid()
-        return self.index()
-
-    @property
-    def _email_list(self):
-        context = aq_inner(self.context)
-        pas = getToolByName(context, 'acl_users')
-        emails = defaultdict(list)
-        orig_transform = pas.login_transform
-        try:
-            if not orig_transform:
-                # Temporarily set this to lower, as that will happen
-                # when turning emaillogin on.
-                pas.login_transform = 'lower'
-            for user in pas.getUsers():
-                if user is None:
-                    # Created in the ZMI?
-                    continue
-                email = user.getProperty('email', '')
-                if email:
-                    email = pas.applyTransform(email)
-                else:
-                    logger.warn("User %s has no email address.",
-                                user.getUserId())
-                    # Add the normal login name anyway.
-                    email = pas.applyTransform(user.getUserName())
-                emails[email].append(user.getUserId())
-        finally:
-            pas.login_transform = orig_transform
-            return emails
-
-    def check_email(self):
-        duplicates = []
-        for email, userids in self._email_list.items():
-            if len(userids) > 1:
-                logger.warn("Duplicate accounts for email address %s: %r",
-                            email, userids)
-                duplicates.append((email, userids))
-
-        return duplicates
-
-    @property
-    def _userid_list(self):
-        # user ids are unique, but their lowercase version might not
-        # be unique.
-        context = aq_inner(self.context)
-        pas = getToolByName(context, 'acl_users')
-        userids = defaultdict(list)
-        orig_transform = pas.login_transform
-        try:
-            if not orig_transform:
-                # Temporarily set this to lower, as that will happen
-                # when turning emaillogin on.
-                pas.login_transform = 'lower'
-            for user in pas.getUsers():
-                if user is None:
-                    continue
-                login_name = pas.applyTransform(user.getUserName())
-                userids[login_name].append(user.getUserId())
-        finally:
-            pas.login_transform = orig_transform
-            return userids
-
-    def check_userid(self):
-        duplicates = []
-        for login_name, userids in self._userid_list.items():
-            if len(userids) > 1:
-                logger.warn("Duplicate accounts for lower case user id "
-                            "%s: %r", login_name, userids)
-                duplicates.append((login_name, userids))
-
-        return duplicates
-
-    def switch_to_email(self):
-        # This is not used and is only here for backwards
-        # compatibility.  It avoids a test failure in
-        # Products.CMFPlone.
-        # XXX: check if this can be removed
-        migrate_to_email_login(self.context)
-
-    def switch_to_userid(self):
-        # This is not used and is only here for backwards
-        # compatibility.  It avoids a test failure in
-        # Products.CMFPlone.
-        # XXX: check if this can be removed
-        migrate_from_email_login(self.context)
diff --git a/Products/CMFPlone/controlpanel/configure.zcml b/Products/CMFPlone/controlpanel/configure.zcml
index 93d5b49..1b49eda 100644
--- a/Products/CMFPlone/controlpanel/configure.zcml
+++ b/Products/CMFPlone/controlpanel/configure.zcml
@@ -7,6 +7,4 @@
   <include package=".bbb" />
   <include package=".browser" />
 
-  <include file="events.zcml" />
-
 </configure>
diff --git a/Products/CMFPlone/controlpanel/events.py b/Products/CMFPlone/controlpanel/events.py
index 4e5a96e..206ba47 100644
--- a/Products/CMFPlone/controlpanel/events.py
+++ b/Products/CMFPlone/controlpanel/events.py
@@ -1,18 +1,9 @@
-from Products.CMFCore.ActionInformation import Action
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import IConfigurationChangedEvent
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.utils import safe_hasattr
-from plone.registry.interfaces import IRecordModifiedEvent
 from zope.component import adapter
 from zope.component import queryUtility
 from zope.interface import implements
 from zope.ramcache.interfaces.ram import IRAMCache
-from zope.site.hooks import getSite
 
+from Products.CMFPlone.interfaces import IConfigurationChangedEvent
 
 class ConfigurationChangedEvent(object):
     implements(IConfigurationChangedEvent)
@@ -27,102 +18,3 @@ def handleConfigurationChangedEvent(event):
     util = queryUtility(IRAMCache)
     if util is not None:
         util.invalidateAll()
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_self_reg(obj, event):
-    """Additional configuration when the ``enable_self_reg``
-    setting is updated in the ``Security```control panel.
-
-    If the setting is enabled, the ``Add portal member`` permission is
-    added to ``Anonymous`` role to allow self registration for anonymous
-    users. If the setting is disabled, this permission is removed.
-    """
-    if event.record.fieldName != 'enable_self_reg':
-        return
-
-    portal = getSite()
-    value = event.newValue
-    app_perms = portal.rolesOfPermission(
-        permission='Add portal member')
-    reg_roles = []
-
-    for app_perm in app_perms:
-        if app_perm['selected'] == 'SELECTED':
-            reg_roles.append(app_perm['name'])
-    if value is True and 'Anonymous' not in reg_roles:
-        reg_roles.append('Anonymous')
-    if value is False and 'Anonymous' in reg_roles:
-        reg_roles.remove('Anonymous')
-
-    portal.manage_permission('Add portal member', roles=reg_roles,
-                             acquire=0)
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_user_folders(obj, event):
-    """Additional configuration when the ``enable_user_folders``
-    setting is updated in the ``Security```control panel.
-
-    If the setting is enabled, a new user action is added with a link to
-    the personal folder. If the setting is disabled, the action is hidden.
-    """
-    if event.record.fieldName != 'enable_user_folders':
-        return
-
-    portal = getSite()
-    value = event.newValue
-
-    membership = getToolByName(portal, 'portal_membership')
-    membership.memberareaCreationFlag = value
-
-    # support the 'my folder' user action #8417
-    portal_actions = getToolByName(portal, 'portal_actions', None)
-    if portal_actions is not None:
-        object_category = getattr(portal_actions, 'user', None)
-        if value and not safe_hasattr(object_category, 'mystuff'):
-            # add action
-            _add_mystuff_action(object_category)
-        elif safe_hasattr(object_category, 'mystuff'):
-            a = getattr(object_category, 'mystuff')
-            a.visible = bool(value)    # show/hide action
-
-
-def _add_mystuff_action(object_category):
-    new_action = Action(
-        'mystuff',
-        title=_(u'My Folder'),
-        description='',
-        url_expr='string:${portal/portal_membership/getHomeUrl}',
-        available_expr='python:(member is not None) and \
-            (portal.portal_membership.getHomeFolder() is not None) ',
-        permissions=('View',),
-        visible=True,
-        i18n_domain='plone'
-    )
-    object_category._setObject('mystuff', new_action)
-    # move action to top, at least before the logout action
-    object_category.moveObjectsToTop(('mystuff'))
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_use_email_as_login(obj, event):
-    """Additional configuration when the ``use_email_as_login``
-    setting is updated in the ``Security```control panel.
-
-    If the setting is enabled, existing users' login names are migrated
-    to email. If the setting is disabled, then the login names are migrated
-    back to user ids.
-    """
-    if event.record.fieldName != 'use_email_as_login':
-        return
-
-    value = event.newValue
-    if value == event.oldValue:
-        # no change
-        return
-    context = getSite()
-    if value:
-        migrate_to_email_login(context)
-    else:
-        migrate_from_email_login(context)
diff --git a/Products/CMFPlone/controlpanel/events.zcml b/Products/CMFPlone/controlpanel/events.zcml
deleted file mode 100644
index 665959b..0000000
--- a/Products/CMFPlone/controlpanel/events.zcml
+++ /dev/null
@@ -1,5 +0,0 @@
-<configure xmlns="http://namespaces.zope.org/zope">
-  <subscriber handler=".events.handle_enable_self_reg" />
-  <subscriber handler=".events.handle_enable_user_folders" />
-  <subscriber handler=".events.handle_use_email_as_login" />
-</configure>
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
deleted file mode 100644
index c2cb8e9..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
+++ /dev/null
@@ -1,130 +0,0 @@
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelAdapterTest(unittest.TestCase):
-
-    layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
-    def setUp(self):
-        self.portal = self.layer['portal']
-        self.request = self.layer['request']
-        setRoles(self.portal, TEST_USER_ID, ['Manager'])
-        self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
-    def test_adapter_lookup(self):
-        self.assertTrue(getAdapter(self.portal, ISecuritySchema))
-
-    def test_get_enable_self_reg_setting(self):
-        self.assertEquals(
-            self.security_settings.enable_self_reg,
-            False
-        )
-
-    def test_set_enable_self_reg_setting(self):
-        self.security_settings.enable_self_reg = False
-        self.assertEquals(
-            self.security_settings.enable_self_reg,
-            False
-        )
-        self.security_settings.enable_self_reg = True
-        self.assertEquals(
-            self.security_settings.enable_self_reg,
-            True
-        )
-
-    def test_get_enable_user_pwd_choice_setting(self):
-        self.assertEquals(
-            self.security_settings.enable_user_pwd_choice,
-            False
-        )
-
-    def test_set_enable_user_pwd_choice_setting(self):
-        self.security_settings.enable_user_pwd_choice = False
-        self.assertEquals(
-            self.security_settings.enable_user_pwd_choice,
-            False
-        )
-        self.security_settings.enable_user_pwd_choice = True
-        self.assertEquals(
-            self.security_settings.enable_user_pwd_choice,
-            True
-        )
-
-    def test_get_enable_user_folders_setting(self):
-        self.assertEquals(
-            self.security_settings.enable_user_folders,
-            False
-        )
-
-    def test_set_enable_user_folders_setting(self):
-        self.security_settings.enable_user_folders = False
-        self.assertEquals(
-            self.security_settings.enable_user_folders,
-            False
-        )
-        self.security_settings.enable_user_folders = True
-        self.assertEquals(
-            self.security_settings.enable_user_folders,
-            True
-        )
-
-    def test_get_allow_anon_views_about_setting(self):
-        self.assertEquals(
-            self.security_settings.allow_anon_views_about,
-            False
-        )
-
-    def test_set_allow_anon_views_about_setting(self):
-        self.security_settings.allow_anon_views_about = False
-        self.assertEquals(
-            self.security_settings.allow_anon_views_about,
-            False
-        )
-        self.security_settings.allow_anon_views_about = True
-        self.assertEquals(
-            self.security_settings.allow_anon_views_about,
-            True
-        )
-
-    def test_get_use_email_as_login_setting(self):
-        self.assertEquals(
-            self.security_settings.use_email_as_login,
-            False
-        )
-
-    def test_set_use_email_as_login_setting(self):
-        self.security_settings.use_email_as_login = False
-        self.assertEquals(
-            self.security_settings.use_email_as_login,
-            False
-        )
-        self.security_settings.use_email_as_login = True
-        self.assertEquals(
-            self.security_settings.use_email_as_login,
-            True
-        )
-
-    def test_get_use_uuid_as_userid_setting(self):
-        self.assertEquals(
-            self.security_settings.use_uuid_as_userid,
-            False
-        )
-
-    def test_set_use_uuid_as_userid_setting(self):
-        self.security_settings.use_uuid_as_userid = False
-        self.assertEquals(
-            self.security_settings.use_uuid_as_userid,
-            False
-        )
-        self.security_settings.use_uuid_as_userid = True
-        self.assertEquals(
-            self.security_settings.use_uuid_as_userid,
-            True
-        )
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
deleted file mode 100644
index 098cd47..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
+++ /dev/null
@@ -1,103 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-from plone.app.testing import SITE_OWNER_NAME, SITE_OWNER_PASSWORD
-from plone.registry.interfaces import IRegistry
-from plone.testing.z2 import Browser
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityControlPanelFunctionalTest(unittest.TestCase):
-    """Test that changes in the security control panel are actually
-    stored in the registry.
-    """
-
-    layer = PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-
-    def setUp(self):
-        self.app = self.layer['app']
-        self.portal = self.layer['portal']
-        self.portal_url = self.portal.absolute_url()
-        registry = getUtility(IRegistry)
-        self.settings = registry.forInterface(
-            ISecuritySchema, prefix="plone")
-        self.browser = Browser(self.app)
-        self.browser.handleErrors = False
-        self.browser.addHeader(
-            'Authorization',
-            'Basic %s:%s' % (SITE_OWNER_NAME, SITE_OWNER_PASSWORD,)
-        )
-
-    def test_security_control_panel_link(self):
-        self.browser.open(
-            "%s/plone_control_panel" % self.portal_url)
-        self.browser.getLink('Security').click()
-
-    def test_security_control_panel_backlink(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.assertTrue("Plone Configuration" in self.browser.contents)
-
-    def test_security_control_panel_sidebar(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getLink('Site Setup').click()
-        self.assertEqual(
-            self.browser.url,
-            'http://nohost/plone/@@overview-controlpanel')
-
-    def test_enable_self_reg(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl('Enable self-registration').selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.enable_self_reg, True)
-
-    def test_enable_user_pwd_choice(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            'Let users select their own passwords').selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.enable_user_pwd_choice, True)
-
-    def test_enable_user_folders(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            'Enable User Folders').selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.enable_user_folders, True)
-
-    def test_allow_anon_views_about(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            "Allow anyone to view 'about' information").selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.allow_anon_views_about, True)
-
-    def test_use_email_as_login(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            "Use email address as login name").selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.use_email_as_login, True)
-
-    def test_use_uuid_as_userid(self):
-        self.browser.open(
-            "%s/@@security-controlpanel" % self.portal_url)
-        self.browser.getControl(
-            "Use UUID user ids").selected = True
-        self.browser.getControl('Save').click()
-
-        self.assertEqual(self.settings.use_uuid_as_userid, True)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
deleted file mode 100644
index b5ff729..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
+++ /dev/null
@@ -1,141 +0,0 @@
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelEventsTest(unittest.TestCase):
-
-    layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
-    def setUp(self):
-        self.portal = self.layer['portal']
-        self.request = self.layer['request']
-        setRoles(self.portal, TEST_USER_ID, ['Manager'])
-        self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
-    def _create_user(self, user_id=None, email=None):
-        """Helper function for creating a test user."""
-        registration = getToolByName(self.portal, 'portal_registration', None)
-        registration.addMember(
-            user_id,
-            'password',
-            ['Member'],
-            properties={'email': email, 'username': user_id}
-        )
-        membership = getToolByName(self.portal, 'portal_membership', None)
-        return membership.getMemberById(user_id)
-
-    def _is_self_reg_enabled(self):
-        """Helper function to determine if self registration was properly
-        enabled.
-        """
-        app_perms = self.portal.rolesOfPermission(
-            permission='Add portal member')
-        for app_perm in app_perms:
-            if app_perm['name'] == 'Anonymous' \
-               and app_perm['selected'] == 'SELECTED':
-                return True
-        return False
-
-    def test_handle_enable_self_reg_condition_check(self):
-        """Check that this event handler is not run for other ISecuritySchema
-        records.
-        """
-        self.assertFalse(self._is_self_reg_enabled())
-        self.security_settings.use_uuid_as_userid = True
-        self.assertFalse(self._is_self_reg_enabled())
-
-    def test_handle_enable_self_reg_disabled(self):
-        self.security_settings.enable_self_reg = False
-        self.assertFalse(self._is_self_reg_enabled())
-
-    def test_handle_enable_self_reg_enabled(self):
-        self.security_settings.enable_self_reg = True
-        self.assertTrue(self._is_self_reg_enabled())
-
-    def test_handle_enable_user_folders_condition_check(self):
-        """Check that this event handler is not run for other ISecuritySchema
-        records.
-        """
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-        self.security_settings.use_uuid_as_userid = True
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-
-    def test_handle_enable_user_folders_enabled_no_mystuff_yet(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if we enable the setting, mystuff action should be added
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-        self.security_settings.enable_user_folders = True
-        self.assertTrue('mystuff' in portal_actions['user'].keys())
-        self.assertTrue(portal_actions['user']['mystuff'].visible)
-
-    def test_handle_enable_user_folders_enabled_has_mystuff(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if we enable the setting, disable it, then enable it again,
-        # the mystuff action should still be there and visible
-        self.security_settings.enable_user_folders = True
-        self.security_settings.enable_user_folders = False
-        self.security_settings.enable_user_folders = True
-
-        self.assertTrue('mystuff' in portal_actions['user'].keys())
-        self.assertTrue(portal_actions['user']['mystuff'].visible)
-
-    def test_handle_enable_user_folders_disabled_no_mystuff_yet(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if the mystuff action is not there yet, this should have no effect
-        self.security_settings.enable_user_folders = False
-        self.assertFalse('mystuff' in portal_actions['user'].keys())
-
-    def test_handle_enable_user_folders_disabled_has_mystuff(self):
-        portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
-        # if the setting was enabled and then disabled, the mystuff action
-        # should be hidden
-        self.security_settings.enable_user_folders = True
-        self.security_settings.enable_user_folders = False
-        self.assertTrue('mystuff' in portal_actions['user'].keys())
-        self.assertFalse(portal_actions['user']['mystuff'].visible)
-
-    def test_handle_use_email_as_login_condition_check(self):
-        """Check that this event handler is not run for other ISecuritySchema
-        records.
-        """
-        self._create_user(user_id='joe', email='joe at test.com')
-        pas = getToolByName(self.portal, 'acl_users')
-
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-        self.security_settings.use_uuid_as_userid = True
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-
-    def test_handle_use_email_as_login_enabled(self):
-        self._create_user(user_id='joe', email='joe at test.com')
-        pas = getToolByName(self.portal, 'acl_users')
-
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-        self.assertEquals(len(pas.searchUsers(name='joe')), 1)
-
-        # if we enable use_email_as_login, login name should be migrated
-        # to email
-        self.security_settings.use_email_as_login = True
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 1)
-
-    def test_handle_use_email_as_login_disabled(self):
-        self._create_user(user_id='joe', email='joe at test.com')
-        pas = getToolByName(self.portal, 'acl_users')
-
-        # if we enable use_email_as_login, then disabled it, the login name
-        # should be migrated back to user id
-        self.security_settings.use_email_as_login = True
-        self.security_settings.use_email_as_login = False
-        self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-        self.assertEquals(len(pas.searchUsers(name='joe')), 1)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
deleted file mode 100644
index 3b29843..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
+++ /dev/null
@@ -1,56 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
-    PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from plone.app.testing import TEST_USER_ID, setRoles
-from plone.registry.interfaces import IRegistry
-from zope.component import getMultiAdapter
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityRegistryIntegrationTest(unittest.TestCase):
-    """Test that the security settings are stored as plone.app.registry
-    settings.
-    """
-
-    layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
-    def setUp(self):
-        self.portal = self.layer['portal']
-        self.request = self.layer['request']
-        setRoles(self.portal, TEST_USER_ID, ['Manager'])
-        registry = getUtility(IRegistry)
-        self.settings = registry.forInterface(
-            ISecuritySchema, prefix="plone")
-
-    def test_security_controlpanel_view(self):
-        view = getMultiAdapter((self.portal, self.portal.REQUEST),
-                               name="security-controlpanel")
-        view = view.__of__(self.portal)
-        self.assertTrue(view())
-
-    def test_plone_app_registry_in_controlpanel(self):
-        self.controlpanel = getToolByName(self.portal, "portal_controlpanel")
-        self.assertTrue('plone.app.registry' in [a.getAction(self)['id']
-                            for a in self.controlpanel.listActions()])
-
-    def test_enable_self_reg_setting(self):
-        self.assertTrue(hasattr(self.settings, 'enable_self_reg'))
-
-    def test_enable_user_pwd_choice_setting(self):
-        self.assertTrue(hasattr(self.settings, 'enable_user_pwd_choice'))
-
-    def test_enable_user_folders_setting(self):
-        self.assertTrue(hasattr(self.settings, 'enable_user_folders'))
-
-    def test_allow_anon_views_about_setting(self):
-        self.assertTrue(hasattr(self.settings, 'allow_anon_views_about'))
-
-    def test_use_email_as_login_setting(self):
-        self.assertTrue(hasattr(self.settings, 'use_email_as_login'))
-
-    def test_use_uuid_as_userid_setting(self):
-        self.assertTrue(hasattr(self.settings, 'use_uuid_as_userid'))
diff --git a/Products/CMFPlone/controlpanel/utils.py b/Products/CMFPlone/controlpanel/utils.py
deleted file mode 100644
index 851ca34..0000000
--- a/Products/CMFPlone/controlpanel/utils.py
+++ /dev/null
@@ -1,52 +0,0 @@
-from Products.CMFCore.utils import getToolByName
-
-import logging
-
-
-logger = logging.getLogger('Products.CMFPlone.controlpanel')
-
-
-def migrate_to_email_login(context):
-    pas = getToolByName(context, 'acl_users')
-
-    # We want the login name to be lowercase here.  This is new in
-    # PAS.  Using 'manage_changeProperties' would change the login
-    # names immediately, but we want to do that explicitly ourselves
-    # and set the lowercase email address as login name, instead of
-    # the lower case user id.
-    #pas.manage_changeProperties(login_transform='lower')
-    pas.login_transform = 'lower'
-
-    # Update the users.
-    for user in pas.getUsers():
-        if user is None:
-            continue
-        user_id = user.getUserId()
-        email = user.getProperty('email', '')
-        if email:
-            login_name = pas.applyTransform(email)
-            pas.updateLoginName(user_id, login_name)
-        else:
-            logger.warn("User %s has no email address.", user_id)
-
-
-def migrate_from_email_login(context):
-    pas = getToolByName(context, 'acl_users')
-
-    # Whether the login name is lowercase or not does not really
-    # matter for this use case, but it may be better not to change
-    # it at this point.
-
-    # XXX
-    pas.login_transform = ''
-
-    # We do want to update the users.
-    for user in pas.getUsers():
-        if user is None:
-            continue
-        user_id = user.getUserId()
-        # If we keep the transform to lowercase, then we must apply it
-        # here as well, otherwise some users will not be able to
-        # login, as their user id may be mixed or upper case.
-        login_name = pas.applyTransform(user_id)
-        pas.updateLoginName(user_id, login_name)
diff --git a/Products/CMFPlone/interfaces/__init__.py b/Products/CMFPlone/interfaces/__init__.py
index 2002944..20862b4 100644
--- a/Products/CMFPlone/interfaces/__init__.py
+++ b/Products/CMFPlone/interfaces/__init__.py
@@ -9,7 +9,6 @@
 from controlpanel import IMaintenanceSchema
 from controlpanel import INavigationSchema
 from controlpanel import ISearchSchema
-from controlpanel import ISecuritySchema
 from controlpanel import ISiteSchema
 from controlpanel import ITypesSchema
 from events import IConfigurationChangedEvent
diff --git a/Products/CMFPlone/interfaces/controlpanel.py b/Products/CMFPlone/interfaces/controlpanel.py
index c2f7172..c0f8656 100644
--- a/Products/CMFPlone/interfaces/controlpanel.py
+++ b/Products/CMFPlone/interfaces/controlpanel.py
@@ -207,70 +207,6 @@ class ISearchSchema(Interface):
     )
 
 
-class ISecuritySchema(Interface):
-
-    enable_self_reg = schema.Bool(
-        title=_(u'Enable self-registration'),
-        description=_(
-            u"Allows users to register themselves on the site. If "
-            u"not selected, only site managers can add new users."),
-        default=False,
-        required=False)
-
-    enable_user_pwd_choice = schema.Bool(
-        title=_(u'Let users select their own passwords'),
-        description=_(
-            u"If not selected, a URL will be generated and "
-            u"e-mailed. Users are instructed to follow the link to "
-            u"reach a page where they can change their password and "
-            u"complete the registration process; this also verifies "
-            u"that they have entered a valid email address."),
-        default=False,
-        required=False)
-
-    enable_user_folders = schema.Bool(
-        title=_(u'Enable User Folders'),
-        description=_(
-            u"If selected, home folders where users can create "
-            u"content will be created when they log in."),
-        default=False,
-        required=False)
-
-    allow_anon_views_about = schema.Bool(
-        title=_(u"Allow anyone to view 'about' information"),
-        description=_(
-            u"If not selected only logged-in users will be able to "
-            u"view information about who created an item and when it "
-            u"was modified."),
-        default=False,
-        required=False)
-
-    use_email_as_login = schema.Bool(
-        title=_(u'Use email address as login name'),
-        description=_(
-            u"Allows users to login with their email address instead "
-            u"of specifying a separate login name. This also updates "
-            u"the login name of existing users, which may take a "
-            u"while on large sites. The login name is saved as "
-            u"lower case, but to be userfriendly it does not matter "
-            u"which case you use to login. When duplicates are found, "
-            u"saving this form will fail. You can use the "
-            u"@@migrate-to-emaillogin page to show the duplicates."),
-        default=False,
-        required=False)
-
-    use_uuid_as_userid = schema.Bool(
-        title=_(u'Use UUID user ids'),
-        description=_(
-            u"Use automatically generated UUIDs as user id for new users. "
-            u"When not turned on, the default is to use the same as the "
-            u"login name, or when using the email address as login name we "
-            u"generate a user id based on the fullname."),
-        default=False,
-        required=False)
-
-
-# XXX: Why does ISiteSchema inherit from ILockSettings here ???
 class ISiteSchema(ILockSettings):
 
     site_title = schema.TextLine(
diff --git a/Products/CMFPlone/profiles/dependencies/registry.xml b/Products/CMFPlone/profiles/dependencies/registry.xml
index 2a5c8f4..09916f8 100644
--- a/Products/CMFPlone/profiles/dependencies/registry.xml
+++ b/Products/CMFPlone/profiles/dependencies/registry.xml
@@ -8,8 +8,6 @@
            prefix="plone" />
   <records interface="Products.CMFPlone.interfaces.ISearchSchema"
            prefix="plone" />
-  <records interface="Products.CMFPlone.interfaces.ISecuritySchema"
-           prefix="plone" />
   <records interface="Products.CMFPlone.interfaces.ISiteSchema"
            prefix="plone" />
   <records interface="Products.CMFPlone.interfaces.IDateAndTimeSchema"
diff --git a/Products/CMFPlone/testing.py b/Products/CMFPlone/testing.py
index d33a8c0..ac5895a 100644
--- a/Products/CMFPlone/testing.py
+++ b/Products/CMFPlone/testing.py
@@ -43,15 +43,6 @@ def setUpPloneSite(self, portal):
             id="test-folder",
             title=u"Test Folder"
         )
-        # XXX: this is needed for tests that rely on the Members folder to be
-        # present. This folder is otherwise created by a setup handler in
-        # ATContentTypes, but that package is optional now.
-        if 'Members' not in portal.keys():
-            portal.invokeFactory(
-                "Folder",
-                id="Members",
-                title=u"Members"
-            )
 
     def tearDownPloneSite(self, portal):
         login(portal, 'admin')
diff --git a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot b/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
deleted file mode 100644
index 18e030d..0000000
--- a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
+++ /dev/null
@@ -1,152 +0,0 @@
-*** Settings ***
-
-Resource  plone/app/robotframework/keywords.robot
-Resource  plone/app/robotframework/saucelabs.robot
-
-Library  Remote  ${PLONE_URL}/RobotRemote
-
-Resource  common.robot
-
-Test Setup  Open SauceLabs test browser
-Test Teardown  Run keywords  Report test status  Close all browsers
-
-
-*** Test Cases ***************************************************************
-
-Scenario: Enable self registration in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I save the settings
-  Given an anonymous user
-    and the front page
-   Then the registration link is shown in the page
-
-Scenario: Enable users to select their own passwords in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I save the settings
-  Given an anonymous user
-    and the registration form
-   Then the password field is shown in the page
-
-Scenario: Enable user folders in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I enable user folders
-    and I save the settings
-  Given an anonymous user
-   When I register to the site
-    and I login to the site
-   Then the user folder should be created
-
-Scenario: Enable use email as login in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I enable use email as login
-    and I save the settings
-  Given an anonymous user
-    and the registration form
-   Then the email field is shown in the page
-     and the username field is not shown in the page
-
-Scenario: Enable use uuid as uid in the Security Control Panel
-  Given a logged-in site administrator
-    and the security control panel
-   When I enable self registration
-    and I enable users to select their own passwords
-    and I enable uuid as user id
-    and I save the settings
-  Given an anonymous user
-   When I register to the site
-    and I login to the site
-   Then uuid should be used for user id
-
-
-*** Keywords *****************************************************************
-
-# --- GIVEN ------------------------------------------------------------------
-
-a logged-in site administrator
-  Enable autologin as  Site Administrator
-
-an anonymous user
-  Disable autologin
-
-the security control panel
-  Go to  ${PLONE_URL}/@@security-controlpanel
-
-the registration form
-  Go to  ${PLONE_URL}/@@register
-
-the front page
-  Go to  ${PLONE_URL}
-
-# --- WHEN -------------------------------------------------------------------
-
-I enable self registration
-  Select Checkbox  form.widgets.enable_self_reg:list
-
-I enable users to select their own passwords
-  Select Checkbox  form.widgets.enable_user_pwd_choice:list
-
-I enable use email as login
-  Select Checkbox  form.widgets.use_email_as_login:list
-
-I enable user folders
-  Select Checkbox  form.widgets.enable_user_folders:list
-
-I enable uuid as user id
-  Select Checkbox  form.widgets.use_uuid_as_userid:list
-
-I save the settings
-  Click Button  Save
-  Wait until page contains  Changes saved
-
-I register to the site
-  Go to  ${PLONE_URL}/@@register
-  Input Text  form.widgets.username  joe
-  Input Text  form.widgets.email  joe at test.com
-  Input Text  form.widgets.password  supersecret
-  Input Text  form.widgets.password_ctl  supersecret
-  Click Button  Register
-
-I login to the site
-  Go to  ${PLONE_URL}/login
-  Input Text  __ac_name  joe
-  Input Text  __ac_password  supersecret
-  Click Button  Log in
-  Wait until page contains  You are now logged in
-
-
-# --- THEN -------------------------------------------------------------------
-
-The registration link is shown in the page
-  Element Should Be Visible  xpath=//a[@id='personaltools-join']
-
-The password field is shown in the page
-  Element Should Be Visible  xpath=//input[@id='form-widgets-password']
-
-The email field is shown in the page
-  Element Should Be Visible  xpath=//input[@id='form-widgets-email']
-
-The username field is not shown in the page
-  Element Should Not Be Visible  xpath=//input[@id='form-widgets-username']
-
-The user folder should be created
-  Go to  ${PLONE_URL}/Members/joe
-  Element Should Contain  css=h1.documentFirstHeading  joe
-  Page should Not contain  This page does not seem to exist
-
-# XXX: Here we can't really test that this is a uuid, since it's random, so
-# we just check that user id is not equal to username or email
-uuid should be used for user id
-  ${userid}=  Get Text  user-name
-  Should Not Be Equal As Strings  ${userid}  joe
-  Should Not Be Equal As Strings  ${userid}  joe at test.com




-------------------------------------------------------------------------------


More information about the Testbot mailing list