def getPropertiesForUser(self, user, request=None):
info = self.get_spsso().get_attributes(self.REQUEST) or {}
# the stupid Plone is unable to handle unicode properties
# must encode them
from Products.PlonePAS.utils import getCharset
charset = getCharset(self)
for k,v in info.items():
if isinstance(v, unicode): info[k] = v.encode(charset)
elif v and isinstance(v, (tuple, list)) and isinstance(v[0], unicode):
info[k] = [c.encode(charset) for c in v]
# more conversion might need to become necessary
return info
def _make_attribute_statement(self, target, req, subject, member, index):
eid = target.eid or req.Issuer.value()
auth = self._get_authority()
md = auth.metadata_by_id(eid).get_recent_metadata()
for sp in md.SPSSODescriptor:
for acs in sp.AttributeConsumingService:
if index is None and acs.isDefault or index == acs.index: break
else: acs = None
if acs is not None: break
else: acs = None
if acs is None:
if index is None: return # nothing to do
logger.error("could not locate acs %d for %s" % (index, eid))
return "ResourceNotRecognized"
# catalog our attribute -- should probably be cached
attrs = {}
for att in self.objectValues():
attrs[(att.format, att.title)] = att
# determine the attributes we are ready to provide
from dm.saml2.pyxb.assertion import AttributeStatement, Attribute, AttributeValue
av = []
for ra in acs.RequestedAttribute:
ran = (ra.NameFormat
or normalize_attrname_format("unspecified"), ra.Name)
d = attrs.get(ran)
if d is None:
logger.error("attribute %s requested by %s not found" %
(ran, eid))
continue
evaluator = d.evaluator
if evaluator is None: v = member.getProperty(d.getId(), None)
else: v = self.unrestrictedTraverse(evaluator)(member, d, eid)
# Plone stupidly converts unicode properties to `str`
if isinstance(v, str) and d.type == "string":
# convert back to unicode
from Products.PlonePAS.utils import getCharset
v = unicode(v, getCharset(self))
# potentially, more encodings are necessary
xv = xs_convert_to_xml(d.type, v, AttributeValue)
if not isinstance(xv, list): xv = xv,
aas = dict(
NameFormat=d.format,
Name=d.title,
FriendlyName=ra.FriendlyName or d.getId(),
)
att = Attribute(*xv, **aas)
av.append(att)
if not av: return
return AttributeStatement(*av)
def getProperty(self, id, default=_marker):
for sheet in self.getOrderedPropertySheets():
if sheet.hasProperty(id):
value = sheet.getProperty(id)
if isinstance(value, unicode):
# XXX Temporarily work around the fact that
# property sheets blindly store and return
# unicode. This is sub-optimal and should be
# dealed with at the property sheets level by
# using Zope's converters.
charset = getCharset(self)
return value.encode(charset)
return value
return default
def _make_attribute_statement(self, target, req, subject, member, index):
eid = target.eid or req.Issuer.value()
auth = self._get_authority()
md = auth.metadata_by_id(eid).get_recent_metadata()
for sp in md.SPSSODescriptor:
for acs in sp.AttributeConsumingService:
if index is None and acs.isDefault or index == acs.index: break
else: acs = None
if acs is not None: break
else: acs = None
if acs is None:
if index is None: return # nothing to do
logger.error("could not locate acs %d for %s" % (index, eid))
return "ResourceNotRecognized"
# catalog our attribute -- should probably be cached
attrs = {}
for att in self.objectValues(): attrs[(att.format, att.title)] = att
# determine the attributes we are ready to provide
from dm.saml2.pyxb.assertion import AttributeStatement, Attribute, AttributeValue
av = []
for ra in acs.RequestedAttribute:
ran = (ra.NameFormat or normalize_attrname_format("unspecified"), ra.Name)
d = attrs.get(ran)
if d is None:
logger.error("attribute %s requested by %s not found" % (ran, eid))
continue
evaluator = d.evaluator
if evaluator is None: v = member.getProperty(d.getId(), None)
else: v = self.unrestrictedTraverse(evaluator)(member, d, eid)
# Plone stupidly converts unicode properties to `str`
if isinstance(v, str) and d.type == "string":
# convert back to unicode
from Products.PlonePAS.utils import getCharset
v = unicode(v, getCharset(self))
# potentially, more encodings are necessary
xv = xs_convert_to_xml(d.type, v, AttributeValue)
if not isinstance(xv, list): xv = xv,
aas = dict(
NameFormat=d.format,
Name=d.title,
FriendlyName=ra.FriendlyName or d.getId(),
)
att = Attribute(*xv, **aas)
av.append(att)
if not av: return
return AttributeStatement(*av)
def getProperty(self, id, default=_marker):
"""PAS-specific method to fetch a user's properties. Looks
through the ordered property sheets.
"""
sheets = None
if not IPluggableAuthService.providedBy(self.acl_users):
return BaseMemberData.getProperty(self, id)
else:
# It's a PAS! Whee!
user = self.getUser()
sheets = getattr(user, 'getOrderedPropertySheets', lambda: None)()
# we won't always have PlonePAS users, due to acquisition,
# nor are guaranteed property sheets
if not sheets:
return BaseMemberData.getProperty(self, id, default)
charset = getCharset(self)
# If we made this far, we found a PAS and some property sheets.
for sheet in sheets:
if sheet.hasProperty(id):
# Return the first one that has the property.
value = sheet.getProperty(id)
if isinstance(value, unicode):
# XXX Temporarily work around the fact that
# property sheets blindly store and return
# unicode. This is sub-optimal and should be
# dealed with at the property sheets level by
# using Zope's converters.
return value.encode(charset)
return value
# Couldn't find the property in the property sheets. Try to
# delegate back to the base implementation.
return BaseMemberData.getProperty(self, id, default)
