def setUp(self):
self.sm = getGlobalSiteManager()
self.manager = KeyManager(self.key_size)
self.sm.registerUtility(self.manager, provided=IKeyManager,
event=False)
# Tests modify the user object so we better make sure it is *our*
# user object and not the built-in Anonymous User.
newSecurityManager(None, User('dummy', 'secret', (), ()))
def test_setObject_set_owner_with_user(self):
om = self._makeOne()
user = User('user', '123', (), ()).__of__(FauxRoot())
newSecurityManager(None, user)
si = SimpleItem('user_creation')
self.assertEqual(si.__ac_local_roles__, None)
om._setObject('user_creation', si)
self.assertEqual(si.__ac_local_roles__, {'user': ['Owner']})
def test_setObject_no_set_owner_with_user(self):
om = self._makeOne()
user = User('user', '123', (), ()).__of__(FauxRoot())
newSecurityManager(None, user)
si = SimpleItem('should_be_okay')
self.assertEqual(si.__ac_local_roles__, None)
om._setObject('should_be_okay', si, set_owner=0)
self.assertEqual(si.__ac_local_roles__, None)
def onEdit(self, created):
'''Triggered when a User is created or updated.'''
login = self.login
# Is it a local User or a LDAP User?
isLocal = self.source == 'zodb'
# Ensure correctness of some infos about this user.
if isLocal:
self.updateTitle()
self.ensureAdminIsManager()
if created:
# Create the corresponding Zope user.
from AccessControl.User import User as ZopeUser
password = self.encryptPassword(self.password1)
zopeUser = ZopeUser(login, password, self.roles, ())
# Add it in acl_users if it is a local user.
if isLocal:
self.o.acl_users.data[login] = zopeUser
# Add it in self.o._zopeUser if it is a LDAP user
else:
self.o._zopeUser = zopeUser
# Remove our own password copies
self.password1 = self.password2 = ''
else:
# Update the login itself if the user has changed it.
oldLogin = self.o._oldLogin
if oldLogin and (oldLogin != login):
self.setLogin(oldLogin, login)
del self.o._oldLogin
# Update roles at the Zope level.
zopeUser = self.getZopeUser()
zopeUser.roles = self.roles
# Update the password if the user has entered new ones.
rq = self.request
if rq.has_key('password1'):
self.setPassword(rq['password1'])
self.password1 = self.password2 = ''
# "self" must be owned by its Zope user.
if 'Owner' not in self.o.get_local_roles_for_userid(login):
self.o.manage_addLocalRoles(login, ('Owner', ))
# If the user was created by anon|system, anon|system can't stay Owner.
for login in ('anon', 'system'):
if login in self.o.__ac_local_roles__:
del self.o.__ac_local_roles__[login]
return self._callCustom('onEdit', created)
def deserialize(self, event, state):
obj = event.obj
assert isinstance(obj, UserFolder)
obj.data = PersistentMapping()
for id, password, roles, domains in state:
user = User(id, password, roles, domains)
obj.data[id] = user
event.deserialized(id, user)
event.upos.append(obj.data)
event.upos.extend(obj.data.values())
def onEdit(self, created):
'''Triggered when a User is created or updated.'''
login = self.login
# Is it a local User or a LDAP User?
isLocal = self.source == 'zodb'
# Ensure correctness of some infos about this user.
if isLocal:
self.updateTitle()
self.ensureAdminIsManager()
if created:
# Create the corresponding Zope user.
from AccessControl.User import User as ZopeUser
password = self.encryptPassword(self.password1)
zopeUser = ZopeUser(login, password, self.roles, ())
# Add it in acl_users if it is a local user.
if isLocal: self.o.acl_users.data[login] = zopeUser
# Add it in self.o._zopeUser if it is a LDAP user
else: self.o._zopeUser = zopeUser
# Remove our own password copies
self.password1 = self.password2 = ''
else:
# Update the login itself if the user has changed it.
oldLogin = self.o._oldLogin
if oldLogin and (oldLogin != login):
self.setLogin(oldLogin, login)
del self.o._oldLogin
# Update roles at the Zope level.
zopeUser = self.getZopeUser()
zopeUser.roles = self.roles
# Update the password if the user has entered new ones.
rq = self.request
if rq.has_key('password1'):
self.setPassword(rq['password1'])
self.password1 = self.password2 = ''
# "self" must be owned by its Zope user.
if 'Owner' not in self.o.get_local_roles_for_userid(login):
self.o.manage_addLocalRoles(login, ('Owner',))
# If the user was created by anon|system, anon|system can't stay Owner.
for login in ('anon', 'system'):
if login in self.o.__ac_local_roles__:
del self.o.__ac_local_roles__[login]
return self._callCustom('onEdit', created)
def onEdit(self, created):
'''Triggered when a User is created or updated'''
login = self.login
# Is it a local User or a LDAP User?
isLocal = self.source == 'zodb'
# Ensure correctness of some infos about this user
if isLocal:
self.updateTitle()
self.ensureAdminIsManager()
if created:
# Create the corresponding Zope user
from AccessControl.User import User as ZopeUser
password = self.encryptPassword(self.password3)
zopeUser = ZopeUser(login, password, self.roles, ())
# Add it in acl_users if it is a local user.
if isLocal: self.o.acl_users.data[login] = zopeUser
# Add it in self.o._zopeUser if it is a LDAP or SSO user
else: self.o._zopeUser = zopeUser
# Remove our own password copies
self.password3 = self.password4 = ''
else:
# Update the login itself if the user has changed it
oldLogin = self.o._oldLogin
if oldLogin and (oldLogin != login):
self.setLogin(oldLogin, login)
del self.o._oldLogin
# Update roles at the Zope level
zopeUser = self.getZopeUser()
zopeUser.roles = self.roles
# Update the password if the user has entered new ones
rq = self.request
if rq.get('page', 'main') == 'passwords':
self.setPassword(rq['password1'])
self.password1 = self.password2 = ''
# "self" must be owned by its Zope user
self.addLocalRole(login, 'Owner')
# If the user was created by anon|system, anon|system can't stay Owner
self.deleteLocalRole(('anon', 'system'))
return self._callCustom('onEdit', created)
def testGetUserId(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getId(), 'chris')
def testGetDomains(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getDomains(), ())
def testGetRoles(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getRoles(), ('Manager', 'Authenticated'))
def testGetPassword(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f._getPassword(), '123')
def testBaseUserGetIdEqualGetName(self):
# this is true for the default user type, but will not
# always be true for extended user types going forward (post-2.6)
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getId(), f.getUserName())
def testGetUserId(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getId(), 'chris')
def testBaseUserGetIdEqualGetName(self):
# this is true for the default user type, but will not
# always be true for extended user types going forward (post-2.6)
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getId(), f.getUserName())
def testRepr(self):
f = User('flo', '123', ['Manager'], [])
self.assertEqual(repr(f), "<User 'flo'>")
def testGetDomains(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getDomains(), ())
def testGetRoles(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f.getRoles(), ('Manager', 'Authenticated'))
def testGetPassword(self):
f = User('chris', '123', ['Manager'], [])
self.assertEqual(f._getPassword(), '123')
