def render(self):
# Test that our installation was successful
pau = queryUtility(IAuthentication)
if pau is None or type(pau) is not PluggableAuthenticatorPlugin:
if pau is not None:
st = "PAU not installed correctly: %s" % pau
utilities = getUtilitiesFor(IAuthentication)
st += "\n Available utilities are: %s" % [u for u in utilities]
return st
else:
return "PAU Utility not found"
st = ('Success: Credentials plugins= %s; Authenticator plugins= %s' %
(pau.credentialsPlugins, pau.authenticatorPlugins))
roleMgr = IPrincipalRoleManager(self.context)
p = roleMgr.getPrincipalsForRole('gfn.Administrator')
st += "\n Administrators: %s" %p
for ut in pau.credentialsPlugins:
if queryUtility(ICredentialsPlugin, name=ut) is None:
st += '\n Could not find credentials plugin for %s' % ut
for ut in pau.authenticatorPlugins:
if queryUtility(IAuthenticatorPlugin, name=ut) is None:
st += '\n Could not find authenticator plugin for %s' % ut
return st
def clean_roles(context, role_id, setting=Allow):
"""Remove given role for all principals"""
prinrole = IPrincipalRoleManager(context)
old = prinrole.getPrincipalsForRole(role_id)
for x in old:
if x[1] == setting:
prinrole.unsetRoleForPrincipal(role_id, x[0])
def clean_roles(context, role_id, setting=Allow):
"""Remove given role for all principals"""
prinrole = IPrincipalRoleManager(context)
old = prinrole.getPrincipalsForRole(role_id)
for x in old:
if x[1] == setting:
prinrole.unsetRoleForPrincipal(role_id, x[0])
def __init__(self, *args, **kwargs):
''' Create an administrator with default login and password
'''
super(AuthenticatorPlugin, self).__init__(*args, **kwargs)
su = InternalPrincipal(login='******', password='******', title=u'Administrator',
description=u'The SuperUser')
self['admin'] = su
roleMgr = IPrincipalRoleManager(grok.getSite())
for uid, _setting in roleMgr.getPrincipalsForRole('gfn.Administrator'):
roleMgr.unsetRoleForPrincipal('gfn.Administrator', 'gfn.'+uid)
uid = self.getIdByLogin('admin')
roleMgr.assignRoleToPrincipal('gfn.Administrator', 'gfn.'+uid)
def update(self):
prm = IPrincipalRoleManager(self.context)
principals = prm.getPrincipalsForRole('uvc.Editor')
self.allowed_principals = [x[0] for x in principals if x[1] is Allow]
class Ownership(object):
adapts(IOwnerAware)
implements(IOwnership)
def __init__(self, context):
self._rolemanager = IPrincipalRoleManager(context)
self.context = context
def _getCurrentOwnerId(self):
settings = self._rolemanager.getPrincipalsForRole(OWNER_ROLE)
principals = [
principal_id for (principal_id, setting) in settings
if sameProxiedObjects(setting, Allow)
]
if not principals:
return None
if len(principals) > 1:
raise RuntimeError(
'Object has multiple owners. This should not happen')
return principals[0]
@apply
def owner():
def fget(self):
principal_id = self._getCurrentOwnerId()
if principal_id is None:
return None
try:
return getUtility(IAuthentication).getPrincipal(principal_id)
except PrincipalLookupError:
return None
def fset(self, new_owner):
if not (new_owner is None or IPrincipal.providedBy(new_owner)):
raise ValueError('IPrincipal object or None required')
if new_owner is None:
new_owner_id = None
else:
new_owner_id = new_owner.id
current_owner_id = self._getCurrentOwnerId()
if new_owner_id == current_owner_id:
return
if current_owner_id is not None:
self._rolemanager.unsetRoleForPrincipal(
OWNER_ROLE, current_owner_id)
current_owner = getUtility(IAuthentication).getPrincipal(
current_owner_id)
else:
current_owner = None
if new_owner_id:
self._rolemanager.assignRoleToPrincipal(
OWNER_ROLE, new_owner_id)
notify(OwnerChangedEvent(self.context, new_owner, current_owner))
return property(fget, fset)
