-#sub post_new_object_callback {
-# my( $cgi, $access_user ) = @_;
-#
-# if ( length($cgi->param('_password')) ) {
-# my $password = scalar($cgi->param('_password'));
-# my $error = $access_user->is_password_allowed($password);
-# #XXX and then bubble the error back up to the UI
-# }
-#}
+sub post_new_object_callback {
+ my( $cgi, $access_user ) = @_;
+
+ return '' unless length($cgi->param('_password'));
+
+ my $password = scalar($cgi->param('_password'));
+ $access_user->is_password_allowed($password)
+ || $access_user->change_password_fields($password);
+}