def global_groupfinder(userid, request):
""" Wraps ldap and local groupfinders so we can use one callback
in the auth policy """
groups = None
try:
log.debug("Checking local groups for userid: %s" % (userid))
# FIXME: Getting called twice
groups = local_groupfinder(userid, request)
if groups:
log.debug("Found local groups for userid: %s groups: %s" %
(userid, groups))
except Exception as e:
log.error("%s (%s)" % (Exception, e))
pass
if request.registry.settings['arsenal.use_ldap'] and not groups:
try:
log.debug("Checking ldap groups for userid: %s" % (userid))
groups = ldap_groupfinder(userid, request)
if groups:
log.debug("Found ldap groups for userid: %s groups: %s" %
(userid, groups))
except Exception as e:
log.error("%s (%s)" % (Exception, e))
pass
return groups
def get_authenticated_user(request):
""" Gets all the user information for an authenticated user. Checks groups
and permissions, and returns a dict of everything. """
(first_last, user_id, login, groups, first, last, auth, prd_auth,
admin_auth, cp_auth) = ('', '', '', '', '', '', False, False, False,
False)
user_id = request.authenticated_userid
try:
user = DBSession.query(User).filter(User.user_name == user_id).one()
first = user.first_name
last = user.last_name
# FIXME: Getting called twice
groups = local_groupfinder(user_id, request)
first_last = "%s %s" % (first, last)
auth = True
log.debug("first: {0} last: {1} first_last: {2} auth: {3} groups: {4}".
format(first, last, first_last, auth, groups))
except NoResultFound:
log.debug('No local user for: {0}'.format(user_id))
except Exception as e:
log.error("%s (%s)" % (Exception, e))
if request.registry.settings['arsenal.use_ldap'] and not groups:
try:
(first, last) = format_user(user_id)
groups = ldap_groupfinder(user_id, request)
first_last = "%s %s" % (first, last)
auth = True
except Exception as e:
log.error("%s (%s)" % (Exception, e))
try:
login = validate_username_cookie(
request.cookies['un'],
request.registry.settings['arsenal.cookie_token'])
except:
return HTTPFound(
'/logout?message=Your cookie has been tampered with. You have been logged out'
)
# authenticated user
au = {}
au['user_id'] = user_id
au['login'] = login
au['groups'] = groups
au['first'] = first
au['last'] = last
au['loggedin'] = auth
au['first_last'] = first_last
return (au)
