def check_maxtoken_for_user_by_type(user, type_of_token):
'''
This internal function checks the number of assigned tokens to a user
restricted by the policies:
"scope = enrollment", action = "maxtokenTOKENTYPE = <number>"
:param user: to whom the token should belong
:param type_of_token: which type of token should be enrolled or assigned
:raises PolicyException: if maxtoken policy would be violated
'''
_ = context['translate']
if not user or not user.login:
return
client = _get_client()
user_realms = _getUserRealms(user)
log.debug("checking the already assigned tokens for user %r, realms %s"
% (user, user_realms))
# ------------------------------------------------------------------ --
# check the maxtokenTOKENTYPE policy
typed_tokens = linotp.lib.token.getTokens4UserOrSerial(
user, token_type=type_of_token)
for user_realm in user_realms:
policies = get_client_policy(client,
action="maxtoken%s" % type_of_token.upper(),
scope='enrollment',
realm=user_realm,
user=user.login,
userObj=user)
if not policies:
continue
# compare the tokens of the user with the max numbers of the policy
total_maxtoken = get_action_value(
policies, scope='enrollment',
action="maxtoken%s" % type_of_token.upper(), default=-1)
if total_maxtoken == -1 or isinstance(total_maxtoken, bool):
continue
if len(typed_tokens) + 1 > total_maxtoken:
error_msg = _("The maximum number of allowed tokens of type %s "
"per user is exceeded. Check the policies "
"scope=enrollment, action=maxtoken%s"
% (type_of_token, type_of_token.upper()))
raise linotp.lib.policy.MaxTokenTypeUserPolicyException(error_msg)
def check_maxtoken_for_user(user):
'''
This internal function checks the number of assigned tokens to a user
restricted by the policies:
"scope = enrollment", action = "maxtoken = <number>"
:param user: to whom the token should belong
:raises PolicyException: if maxtoken policy would be violated
'''
_ = context['translate']
if not user or not user.login:
return
client = _get_client()
user_realms = _getUserRealms(user)
log.debug("checking the already assigned tokens for user %r, realms %s" %
(user, user_realms))
# ----------------------------------------------------------------------- --
# check the maxtoken policy
action = "maxtoken"
tokens = linotp.lib.token.getTokens4UserOrSerial(user, "")
for user_realm in user_realms:
policies = get_client_policy(client,
scope='enrollment',
action=action,
realm=user_realm,
user=user.login,
userObj=user)
if not policies:
continue
total_maxtoken = get_action_value(policies,
scope='enrollment',
action=action,
default=-1)
if total_maxtoken == -1 or isinstance(total_maxtoken, bool):
continue
if len(tokens) + 1 > total_maxtoken:
error_msg = _("The maximum number of allowed tokens "
"per user is exceeded. Check the "
"policies scope=enrollment, "
"action=maxtoken")
raise linotp.lib.policy.MaxTokenUserPolicyException(error_msg)