def login(pas, userid, ip):
""" Handle a login for emc.auth.
This method takes care of all the standard work that needs to be
done when a user logs in:
- sending a logged-in event
"""
user = pas.getUserById(userid)
if user is None:
return
loginEvent = NormalUserloginEvent(
userid=getfullname_orid(user),
datetime=datetime.datetime.now().strftime(fmt),
ip=ip,
type=0,
description="",
result=1)
if loginEvent.available():
if loginEvent.is_normal_user():
event.notify(loginEvent)
else:
loginEvent = AddloginEvent(
adminid=getfullname_orid(user),
userid="",
datetime=datetime.datetime.now().strftime(fmt),
ip=ip,
type=0,
description="",
result=1)
event.notify(loginEvent)
def timeout(REQUEST):
"""Publicly accessible method to log out a user
"""
user = getSecurityManager().getUser()
if user is None:
return
logoutEvent = NormalUserlogoutEvent(
userid=getfullname_orid(user),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="session超时",
result=1)
if logoutEvent.available():
if logoutEvent.is_normal_user():
event.notify(logoutEvent)
else:
logoutEvent = AddlogoutEvent(
adminid=getfullname_orid(user),
userid=" ",
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="session超时",
result=1)
event.notify(logoutEvent)
def _doAddUser(self, login, password, roles, domains, groups=None, **kw):
"""Masking of PAS._doAddUser to add groups param."""
_old_doAddUser = getattr(self, getattr(_doAddUser, ORIG_NAME))
retval = _old_doAddUser(login, password, roles, domains)
mtool = getToolByName(self, 'portal_membership')
current = mtool.getAuthenticatedMember()
ucurrent = getfullname_orid(current)
if not bool(ucurrent): return retval
descrip = ""
if bool(retval):
if len(roles) != 0:
dsn = list2str(roles)
descrip = u",并指派了%s角色" % dsn
if groups is not None:
_userSetGroups(self, login, groups)
dsn = list2str(groups)
if bool(descrip): descrip = u",并分配了(%s)组(%s)" % (dsn, descrip)
else:
descrip = u",并分配了(%s)组" % dsn
crtEvent = CreateMemberEvent(
adminid=ucurrent,
userid=login,
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description=descrip,
result=1)
if crtEvent.available():
notify(crtEvent)
return retval
def _doDelUser(self, id):
"""
Given a user id, hand off to a deleter plugin if available.
"""
plugins = self._getOb('plugins')
mtool = getToolByName(self, 'portal_membership')
current = mtool.getAuthenticatedMember()
userdeleters = plugins.listPlugins(IUserManagement)
if not userdeleters:
raise NotImplementedError("There is no plugin that can delete users.")
for userdeleter_id, userdeleter in userdeleters:
try:
user = mtool.getMemberById(id)
userdeleter.doDeleteUser(id)
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
pass
else:
notify(PrincipalDeleted(id))
delEvent = DeleteMemberEvent(
adminid=getfullname_orid(current),
userid=user.getProperty('fullname', user.getId()),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="delete user",
result=1)
if delEvent.available():
notify(delEvent)
def logout(self, REQUEST):
"""Publicly accessible method to log out a user
"""
user = getSecurityManager().getUser()
if user is None: return
logoutEvent = NormalUserlogoutEvent(
userid=getfullname_orid(user),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="",
result=1)
if logoutEvent.available():
if logoutEvent.is_normal_user():
event.notify(logoutEvent)
else:
logoutEvent = AddlogoutEvent(
adminid=getfullname_orid(user),
userid=" ",
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="",
result=1)
event.notify(logoutEvent)
self.resetCredentials(REQUEST, REQUEST['RESPONSE'])
# Little bit of a hack: Issuing a redirect to the same place
# where the user was so that in the second request the now-destroyed
# credentials can be acted upon to e.g. go back to the login page
referrer = REQUEST.get('HTTP_REFERER') # optional header
#referrer = "192.168.0.5/v4/public/index.php?action=logout"
if referrer:
REQUEST['RESPONSE'].redirect(referrer)
def objectModified(obj,event):
"ObjectCreated event handler"
from emc.kb.interfaces import IUserLogLocator
from zope.component import getUtility
from plone import api
adminid = obj.creators
created = obj.created().strftime(fmt)
ip = get_ip()
if ip=="":ip='127.0.0.1'
if len(adminid):adminid=adminid[0]
user = api.user.get(username=adminid)
user = getfullname_orid(user)
values = {'userid':user,'datetime':created,
'ip':ip,'type':0,'operlevel':5,'result':1,'description':u''}
values['description'] = u"%s修改了:%s" % (user,obj.title)
locator = getUtility(IUserLogLocator)
locator.add(values)
def detectLogsetChange(settings, event):
user = getSecurityManager().getUser()
if user is None: return
ip = get_ip()
if ip == "": ip = ' '
adminid = getfullname_orid(user)
values = {
'adminid': adminid,
'userid': u'log设置',
'datetime': datetime.datetime.now().strftime(fmt),
'ip': ip,
'type': 0,
'operlevel': 4,
'result': 1,
'description': u''
}
values['description'] = u"%s更改了log设置:%s,由%s改为%s" % (
adminid, event.record.fieldName, event.oldValue, event.newValue)
locator = getUtility(IAdminLogLocator)
locator.add(values)
def objectModified(obj, event):
"ObjectCreated event handler"
adminid = obj.creators
created = obj.created().strftime(fmt)
ip = get_ip()
if ip == "": ip = '127.0.0.1'
if len(adminid): adminid = adminid[0]
user = api.user.get(username=adminid)
user = getfullname_orid(user)
values = {
'userid': user,
'datetime': created,
'ip': ip,
'type': 0,
'operlevel': 5,
'result': 1,
'description': u''
}
values['description'] = u"%s修改了:%s" % (user, obj.title)
locator = queryUtility(IDbapi, name='userlog')
locator.add(values)
def _doChangeUser(self,
principal_id,
password,
roles,
domains=(),
groups=None,
REQUEST=None,
**kw):
"""
Given a principal id, change its password, roles, domains, if
respective plugins for such exist.
XXX domains are currently ignored.
"""
# Might be called with 'None' as password from the Plone UI, in
# prefs_users_overview when resetPassword is not set.
mtool = getToolByName(self, 'portal_membership')
current = mtool.getAuthenticatedMember()
guest = mtool.getMemberById(principal_id)
if password is not None:
try:
self.userSetPassword(principal_id, password)
except:
pass
else:
chgEvent = ChangeMemberEvent(
adminid=getfullname_orid(current),
userid=getfullname_orid(guest),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description=u"更新密码",
result=1)
if chgEvent.available():
notify(chgEvent)
plugins = self._getOb('plugins')
# user = mtool.getMemberById(principal_id)
rmanagers = plugins.listPlugins(IRoleAssignerPlugin)
if not (rmanagers):
raise NotImplementedError("There is no plugin that can modify roles")
if bool(roles):
dsn = list2str(roles)
for rid, rmanager in rmanagers:
rmanager.assignRolesToPrincipal(roles, principal_id)
chgEvent = ChangeMemberEvent(
adminid=getfullname_orid(current),
userid=getfullname_orid(guest),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description=u"并更新了角色%s" % dsn,
result=1)
if chgEvent.available():
notify(chgEvent)
if groups is not None:
_userSetGroups(self, principal_id, groups)
dsn = list2str(groups)
notify(
ChangeMemberEvent(adminid=current.getProperty(
'fullname', current.getId()),
userid=getfullname_orid(guest),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description=u"并更新了组%s" % dsn,
result=1))
return True
def loginUser(self, REQUEST=None):
""" Handle a login for the current user.
This method takes care of all the standard work that needs to be
done when a user logs in:
- clear the copy/cut/paste clipboard
- PAS credentials update
- sending a logged-in event
- storing the login time
- create the member area if it does not exist
"""
user = getSecurityManager().getUser()
if user is None:
return
try:
home = self.getHomeFolder(user.getId())
except:
home = None
res = self.setLoginTimes()
res = res and not home
loginEvent = NormalUserloginEvent(
userid=getfullname_orid(user),
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="",
result=1)
if loginEvent.available():
if loginEvent.is_normal_user():
event.notify(loginEvent)
else:
loginEvent = AddloginEvent(
adminid=getfullname_orid(user),
userid=" ",
datetime=datetime.datetime.now().strftime(fmt),
ip=get_ip(),
type=0,
description="",
result=1)
event.notify(loginEvent)
if res:
event.notify(UserInitialLoginInEvent(user))
self.createMemberArea()
event.notify(MemberAreaCreatedEvent(user))
else:
event.notify(UserLoggedInEvent(user))
if REQUEST is None:
REQUEST = getattr(self, 'REQUEST', None)
if REQUEST is None:
return
# Expire the clipboard
if REQUEST.get('__cp', None) is not None:
REQUEST.RESPONSE.expireCookie('__cp', path='/')
try:
pas = getToolByName(self, 'acl_users')
pas.credentials_cookie_auth.login()
except AttributeError:
# The cookie plugin may not be present
pass
def render(self):
method = self.request.get('REQUEST_METHOD', 'GET')
# import pdb
# pdb.set_trace()
if (method != 'POST'):
return self.request.response.redirect(self.context.absolute_url())
if self.request.form.get('form.button.Cancel'):
return self.request.response.redirect(self.context.absolute_url())
searchview = self.searchview()
# datadic receive front ajax post data
datadic = self.request.form
start = int(datadic['start']) # batch search start position
size = int(datadic['size']) # batch search size
sortcolumn = datadic['sortcolumn']
sortdirection = datadic['sortdirection']
keyword = (datadic['searchabletext']).strip()
# origquery = searchview.getPathQuery()
origquery = {}
# default reverse,as is desc
origquery['sort_on'] = sortcolumn
# sql db sortt_order:asc,desc
origquery['sort_order'] = sortdirection
#模糊搜索
if keyword != "":
origquery['SearchableText'] = '%' + keyword + '%'
else:
origquery['SearchableText'] = ""
#origquery provide batch search
origquery['size'] = size
origquery['start'] = start
#totalquery search all
totalquery = origquery.copy()
totalquery['size'] = 0
# search all size = 0 return numbers of recorders
totalnum = searchview.search_multicondition(totalquery)
origquery.update({"size": totalnum})
resultDicLists = searchview.search_multicondition(origquery)
del origquery
del totalquery
if totalnum == 0: return
#fire a log event
user = api.user.get_current()
ip = get_ip(self.request)
if user is None:
return
des = "从用户日志表导出了%s条日志" % totalnum
loginEvent = NormalUserloginEvent(
userid=getfullname_orid(user),
datetime=datetime.datetime.now().strftime(fmt),
ip=ip,
type=0,
description=des,
result=1)
if loginEvent.available():
if loginEvent.is_normal_user():
event.notify(loginEvent)
else:
des = "从管理员日志表导出了%s条日志" % totalnum
loginEvent = AddloginEvent(
adminid=getfullname_orid(user),
userid="",
datetime=datetime.datetime.now().strftime(fmt),
ip=ip,
type=0,
description=des,
result=1)
event.notify(loginEvent)
return self.exportData(resultDicLists)
