Mercurial > p > roundup > code
changeset 5253:2d61e39b89c8
Issue2550716 Email address displayed after password reset request (fix)
Change the message displayed upon password reset using an account name
to no longer expose the email address. Password reset triggered using
an email address will still display the user supplied email address.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 26 Aug 2017 20:27:08 -0400 |
| parents | 39c9f69c3f31 |
| children | 3639f4b55936 |
| files | roundup/cgi/actions.py |
| diffstat | 1 files changed, 4 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/roundup/cgi/actions.py Thu Jun 01 08:59:18 2017 +0200 +++ b/roundup/cgi/actions.py Sat Aug 26 20:27:08 2017 -0400 @@ -976,7 +976,10 @@ if not self.client.standard_message([address], subject, body): return - self.client.add_ok_message(self._('Email sent to %s') % address) + if 'username' in self.form: + self.client.add_ok_message(self._('Email sent to primary notification address for %s.') % name) + else: + self.client.add_ok_message(self._('Email sent to %s.') % address) class RegoCommon(Action): def finishRego(self):