def render(self): # Test that our installation was successful pau = queryUtility(IAuthentication) if pau is None or type(pau) is not PluggableAuthenticatorPlugin: if pau is not None: st = "PAU not installed correctly: %s" % pau utilities = getUtilitiesFor(IAuthentication) st += "\n Available utilities are: %s" % [u for u in utilities] return st else: return "PAU Utility not found" st = ('Success: Credentials plugins= %s; Authenticator plugins= %s' % (pau.credentialsPlugins, pau.authenticatorPlugins)) roleMgr = IPrincipalRoleManager(self.context) p = roleMgr.getPrincipalsForRole('gfn.Administrator') st += "\n Administrators: %s" %p for ut in pau.credentialsPlugins: if queryUtility(ICredentialsPlugin, name=ut) is None: st += '\n Could not find credentials plugin for %s' % ut for ut in pau.authenticatorPlugins: if queryUtility(IAuthenticatorPlugin, name=ut) is None: st += '\n Could not find authenticator plugin for %s' % ut return st
def clean_roles(context, role_id, setting=Allow): """Remove given role for all principals""" prinrole = IPrincipalRoleManager(context) old = prinrole.getPrincipalsForRole(role_id) for x in old: if x[1] == setting: prinrole.unsetRoleForPrincipal(role_id, x[0])
def clean_roles(context, role_id, setting=Allow): """Remove given role for all principals""" prinrole = IPrincipalRoleManager(context) old = prinrole.getPrincipalsForRole(role_id) for x in old: if x[1] == setting: prinrole.unsetRoleForPrincipal(role_id, x[0])
def __init__(self, *args, **kwargs): ''' Create an administrator with default login and password ''' super(AuthenticatorPlugin, self).__init__(*args, **kwargs) su = InternalPrincipal(login='******', password='******', title=u'Administrator', description=u'The SuperUser') self['admin'] = su roleMgr = IPrincipalRoleManager(grok.getSite()) for uid, _setting in roleMgr.getPrincipalsForRole('gfn.Administrator'): roleMgr.unsetRoleForPrincipal('gfn.Administrator', 'gfn.'+uid) uid = self.getIdByLogin('admin') roleMgr.assignRoleToPrincipal('gfn.Administrator', 'gfn.'+uid)
def update(self): prm = IPrincipalRoleManager(self.context) principals = prm.getPrincipalsForRole('uvc.Editor') self.allowed_principals = [x[0] for x in principals if x[1] is Allow]
class Ownership(object): adapts(IOwnerAware) implements(IOwnership) def __init__(self, context): self._rolemanager = IPrincipalRoleManager(context) self.context = context def _getCurrentOwnerId(self): settings = self._rolemanager.getPrincipalsForRole(OWNER_ROLE) principals = [ principal_id for (principal_id, setting) in settings if sameProxiedObjects(setting, Allow) ] if not principals: return None if len(principals) > 1: raise RuntimeError( 'Object has multiple owners. This should not happen') return principals[0] @apply def owner(): def fget(self): principal_id = self._getCurrentOwnerId() if principal_id is None: return None try: return getUtility(IAuthentication).getPrincipal(principal_id) except PrincipalLookupError: return None def fset(self, new_owner): if not (new_owner is None or IPrincipal.providedBy(new_owner)): raise ValueError('IPrincipal object or None required') if new_owner is None: new_owner_id = None else: new_owner_id = new_owner.id current_owner_id = self._getCurrentOwnerId() if new_owner_id == current_owner_id: return if current_owner_id is not None: self._rolemanager.unsetRoleForPrincipal( OWNER_ROLE, current_owner_id) current_owner = getUtility(IAuthentication).getPrincipal( current_owner_id) else: current_owner = None if new_owner_id: self._rolemanager.assignRoleToPrincipal( OWNER_ROLE, new_owner_id) notify(OwnerChangedEvent(self.context, new_owner, current_owner)) return property(fget, fset)