def test_ugm_backend(self):
backend = ugm_backend.ugm
self.assertTrue(IUgm.providedBy(backend))
self.assertTrue(backend is ugm_backend.ugm)
ugm_backend.initialize()
self.assertFalse(backend is ugm_backend.ugm)
def setUp(self, args=None):
super(UGMLayer, self).setUp(args)
path = pkg_resources.resource_filename('cone.ugm.testing', 'ldap.xml')
ugm_backend.load('ldap', {'ldap.config': path})
ugm_backend.initialize()
ugm = ugm_backend.ugm
roles = ['viewer', 'editor', 'admin', 'manager']
def create_user(uid):
data = {
'cn': uid,
'sn': uid,
'mail': '*****@*****.**' % uid,
}
user = ugm.users.create(uid, **data)
ugm()
ugm.users.passwd(uid, None, 'secret')
return user
for uid in ['viewer', 'editor', 'admin', 'manager', 'max', 'sepp']:
user = create_user(uid)
if uid in roles:
user.add_role(uid)
for uid in ['localmanager_1', 'localmanager_2']:
create_user(uid)
for gid, uid in [
('admin_group_1', 'localmanager_1'),
('admin_group_2', 'localmanager_2')
]:
group = ugm.groups.create(gid)
group.add(uid)
ugm()
def make_app(self):
super(SQLLayer, self).make_app(
**{
'cone.plugins': '\n'.join(['cone.sql', 'cone.ugm']),
'ugm.backend': 'sql',
'ugm.config': testing.ugm_config,
'ugm.localmanager_config': testing.localmanager_config,
'sql.binary_attrs': 'portrait'
})
ugm_backend.initialize()
def make_app(self):
kw = dict()
plugins = ['cone.sql']
if CONE_UGM_INSTALLED:
plugins.append('cone.ugm')
kw['ugm.backend'] = 'sql'
kw['ugm.config'] = testing.ugm_config
kw['ugm.localmanager_config'] = testing.localmanager_config
kw['sql.binary_attrs'] = 'portrait'
kw['cone.plugins'] = '\n'.join(plugins)
super(SQLLayer, self).make_app(**kw)
if CONE_UGM_INSTALLED:
ugm_backend.initialize()
def make_app(self):
ugm_users_file = os.path.join(self.ugm_dir, 'users')
ugm_groups_file = os.path.join(self.ugm_dir, 'groups')
ugm_roles_file = os.path.join(self.ugm_dir, 'roles')
ugm_datadir = os.path.join(self.ugm_dir, 'data')
super(UGMLayer, self).make_app(
**{
'cone.plugins': '\n'.join(['cone.ugm']),
'ugm.backend': 'file',
'ugm.config': ugm_config,
'ugm.localmanager_config': localmanager_config,
'ugm.users_file': ugm_users_file,
'ugm.groups_file': ugm_groups_file,
'ugm.roles_file': ugm_roles_file,
'ugm.datadir': ugm_datadir
})
ugm_backend.initialize()
def test_FileUGMFactory(self):
self.assertTrue('file' in ugm_backend.registry)
self.assertTrue(ugm_backend.registry['file'] is FileUGMFactory)
ugm_backend.load('file', {
'ugm.users_file': 'users',
'ugm.groups_file': 'groups',
'ugm.roles_file': 'roles',
'ugm.datadir': 'userdata'
})
ugm_backend.initialize()
ugm = ugm_backend.ugm
self.assertTrue(isinstance(ugm, FileUgm))
self.assertEqual(ugm.users_file, 'users')
self.assertEqual(ugm.groups_file, 'groups')
self.assertEqual(ugm.roles_file, 'roles')
self.assertEqual(ugm.data_directory, 'userdata')
def make_app(self):
super(LDAPLayer, self).make_app(
**{
'cone.plugins': '\n'.join(['cone.ldap', 'cone.ugm']),
'ugm.backend': 'ldap',
'ugm.config': testing.ugm_config,
'ugm.localmanager_config': testing.localmanager_config,
'ldap.server_config': ldap_server_config,
'ldap.users_config': ldap_users_config,
'ldap.groups_config': ldap_groups_config,
'ldap.roles_config': ldap_roles_config
})
settings = get_root()['settings']
settings['ldap_users'].create_container()
settings['ldap_groups'].create_container()
settings['ldap_roles'].create_container()
ugm_backend.initialize()
def test_FileUGMFactory(self):
self.assertTrue('file' in ugm_backend.registry)
self.assertTrue(ugm_backend.registry['file'] is FileUGMFactory)
ugm_backend.load(
'file', {
'ugm.users_file': 'users',
'ugm.groups_file': 'groups',
'ugm.roles_file': 'roles',
'ugm.datadir': 'userdata'
})
ugm_backend.initialize()
ugm = ugm_backend.ugm
self.assertTrue(isinstance(ugm, FileUgm))
self.assertEqual(ugm.users_file, 'users')
self.assertEqual(ugm.groups_file, 'groups')
self.assertEqual(ugm.roles_file, 'roles')
self.assertEqual(ugm.data_directory, 'userdata')
def test_ugm_backend(self):
ugm_backend.registry = dict()
ugm_backend.name = None
ugm_backend.factory = None
ugm_backend.ugm = None
class DummyUGM(object):
pass
@ugm_backend('dummy')
class DummyUGMFactory(UGMFactory):
def __init__(self, settings):
pass
def __call__(self):
return DummyUGM()
self.assertEqual(ugm_backend.registry, {'dummy': DummyUGMFactory})
err = self.expect_error(ValueError, ugm_backend.load, 'inexistent', {})
self.assertEqual(str(err), 'Unknown UGM backend "inexistent"')
err = self.expect_error(ValueError, ugm_backend.initialize)
self.assertEqual(str(err), 'UGM backend not loaded')
self.assertEqual(ugm_backend.name, None)
self.assertEqual(ugm_backend.factory, None)
self.assertEqual(ugm_backend.ugm, None)
ugm_backend.load('dummy', {})
self.assertEqual(ugm_backend.name, 'dummy')
self.assertTrue(isinstance(ugm_backend.factory, DummyUGMFactory))
self.assertEqual(ugm_backend.ugm, None)
ugm_backend.initialize()
self.assertTrue(isinstance(ugm_backend.ugm, DummyUGM))
ugm = ugm_backend.ugm
ugm_backend.initialize()
self.assertFalse(ugm is ugm_backend.ugm)
def test_ugm_backend(self):
ugm_backend.registry = dict()
ugm_backend.name = None
ugm_backend.factory = None
ugm_backend.ugm = None
class DummyUGM(object):
pass
@ugm_backend('dummy')
class DummyUGMFactory(UGMFactory):
def __init__(self, settings):
pass
def __call__(self):
return DummyUGM()
self.assertEqual(ugm_backend.registry, {'dummy': DummyUGMFactory})
err = self.expect_error(ValueError, ugm_backend.load, 'inexistent', {})
self.assertEqual(str(err), 'Unknown UGM backend "inexistent"')
err = self.expect_error(ValueError, ugm_backend.initialize)
self.assertEqual(str(err), 'UGM backend not loaded')
self.assertEqual(ugm_backend.name, None)
self.assertEqual(ugm_backend.factory, None)
self.assertEqual(ugm_backend.ugm, None)
ugm_backend.load('dummy', {})
self.assertEqual(ugm_backend.name, 'dummy')
self.assertTrue(isinstance(ugm_backend.factory, DummyUGMFactory))
self.assertEqual(ugm_backend.ugm, None)
ugm_backend.initialize()
self.assertTrue(isinstance(ugm_backend.ugm, DummyUGM))
ugm = ugm_backend.ugm
ugm_backend.initialize()
self.assertFalse(ugm is ugm_backend.ugm)
def save(self, widget, data):
# XXX: user data.write(model)
model = self.model
for attr_name in [
'users_account_expiration', 'users_expires_attr',
'users_expires_unit', 'user_id_autoincrement',
'user_id_autoincrement_prefix', 'user_id_autoincrement_start',
'users_portrait', 'users_portrait_attr',
'users_portrait_accept', 'users_portrait_width',
'users_portrait_height', 'users_local_management_enabled',
'users_login_name_attr', 'users_exposed_attributes',
'users_form_attrmap', 'users_listing_columns',
'users_listing_default_column', 'groups_form_attrmap',
'groups_listing_columns', 'groups_listing_default_column',
'roles_principal_roles_enabled'
]:
val = data.fetch('ugm_settings.%s' % attr_name).extracted
setattr(model.attrs, attr_name, val)
model()
model.invalidate()
ugm_backend.initialize()
def test_utils(self):
server_settings = ugm_server(root)
self.assertTrue(isinstance(server_settings, ServerSettings))
self.assertEqual(server_settings.name, 'ugm_server')
users_settings = ugm_users(root)
self.assertTrue(isinstance(users_settings, UsersSettings))
self.assertEqual(users_settings.name, 'ugm_users')
groups_settings = ugm_groups(root)
self.assertTrue(isinstance(groups_settings, GroupsSettings))
self.assertEqual(groups_settings.name, 'ugm_groups')
self.assertEqual(ugm_backend.name, 'ldap')
backend = ugm_backend.ugm
self.assertTrue(isinstance(backend, Ugm))
self.assertEqual(backend.name, 'ldap_ugm')
self.assertTrue(backend is ugm_backend.ugm)
ugm_backend.initialize()
self.assertFalse(backend is ugm_backend.ugm)
def initialize_ugm_backend():
if ugm_backend.name == 'ldap':
ugm_backend.initialize()
def main(global_config, **settings):
"""Returns WSGI application.
"""
# set authentication related application properties
security.ADMIN_USER = settings.get('cone.admin_user')
security.ADMIN_PASSWORD = settings.get('cone.admin_password')
auth_secret = settings.pop('cone.auth_secret', 'secret')
auth_cookie_name = settings.pop('cone.auth_cookie_name', 'auth_tkt')
auth_secure = settings.pop('cone.auth_secure', False)
auth_include_ip = settings.pop('cone.auth_include_ip', False)
auth_timeout = settings.pop('cone.auth_timeout', None)
auth_reissue_time = settings.pop('cone.auth_reissue_time', None)
if auth_reissue_time is not None:
auth_reissue_time = int(auth_reissue_time)
auth_max_age = settings.pop('cone.auth_max_age', None)
if auth_max_age is not None:
auth_max_age = int(auth_max_age)
auth_http_only = settings.pop('cone.auth_http_only', False)
auth_path = settings.pop('cone.auth_path', "/")
auth_wild_domain = settings.pop('cone.auth_wild_domain', True)
auth_policy = auth_tkt_factory(
secret=auth_secret,
cookie_name=auth_cookie_name,
secure=auth_secure,
include_ip=auth_include_ip,
timeout=auth_timeout,
reissue_time=auth_reissue_time,
max_age=auth_max_age,
http_only=auth_http_only,
path=auth_path,
wild_domain=auth_wild_domain,
)
configure_root(settings)
if settings.get('testing.hook_global_registry'):
globalreg = getGlobalSiteManager()
config = Configurator(registry=globalreg)
config.setup_registry(root_factory=get_root, settings=settings)
else:
config = Configurator(root_factory=get_root, settings=settings)
# set authentication and authorization policies
config.set_authentication_policy(auth_policy)
config.set_authorization_policy(acl_factory())
config.commit()
# begin configuration
config.begin()
# include general dependencies
config.include(pyramid_chameleon)
config.include(pyramid_zcml)
# add translation
config.add_translation_dirs('cone.app:locale/')
# XXX: register yafowil and all yafowil addon widget locales.
# provide locales either in yafowil resources or as entry points in
# all yafowil packages providing translations
# static routes
config.add_route("favicon", "/favicon.ico")
# XXX: robots.txt
# XXX: humans.txt
# register static resources
config.add_view(browser.static_resources, name='static')
# scan browser package
config.scan(browser)
# load zcml
config.load_zcml('configure.zcml')
# read plugin configurator
plugins = settings.get('cone.plugins', '')
plugins = plugins.split('\n')
plugins = [pl for pl in plugins if pl and not pl.startswith('#')]
for plugin in plugins:
try:
importlib.import_module(plugin)
except ImportError:
msg = 'Cannot import plugin {}\n{}'.format(plugin,
format_traceback())
logger.error(msg)
continue
try:
config.load_zcml('{}:configure.zcml'.format(plugin))
except IOError: # pragma: no cover
msg = 'No configure.zcml in {}'.format(plugin)
logger.info(msg)
# execute main hooks
filtered_hooks = list()
for hook in main_hooks:
for plugin in plugins:
if hook.__module__.startswith(plugin):
filtered_hooks.append(hook)
continue
for hook in filtered_hooks:
hook(config, global_config, settings)
# load and initialize UGM
backend_name = settings.get('ugm.backend')
# B/C
if not backend_name:
backend_name = settings.get('cone.auth_impl')
if backend_name:
try:
ugm_backend.load(backend_name, settings)
ugm_backend.initialize()
except Exception: # pragma: no cover
msg = 'Failed to create UGM backend:\n{}'.format(
format_traceback())
logger.error(msg)
user_display_attr = settings.get('ugm.user_display_attr')
if user_display_attr:
ugm_backend.user_display_attr = user_display_attr
group_display_attr = settings.get('ugm.group_display_attr')
if group_display_attr:
ugm_backend.group_display_attr = group_display_attr
# register yafowil static resources
# done after addon config - addon code may disable yafowil resource groups
configure_yafowil_addon_resources(config)
# end configuration
config.end()
# return wsgi app
return config.make_wsgi_app()
def main(global_config, **settings):
"""Returns WSGI application.
"""
# set authentication related application properties
security.ADMIN_USER = settings.get('cone.admin_user')
security.ADMIN_PASSWORD = settings.get('cone.admin_password')
auth_secret = settings.pop('cone.auth_secret', 'secret')
auth_cookie_name = settings.pop('cone.auth_cookie_name', 'auth_tkt')
auth_secure = settings.pop('cone.auth_secure', False)
auth_include_ip = settings.pop('cone.auth_include_ip', False)
auth_timeout = settings.pop('cone.auth_timeout', None)
auth_reissue_time = settings.pop('cone.auth_reissue_time', None)
if auth_reissue_time is not None:
auth_reissue_time = int(auth_reissue_time)
auth_max_age = settings.pop('cone.auth_max_age', None)
if auth_max_age is not None:
auth_max_age = int(auth_max_age)
auth_http_only = settings.pop('cone.auth_http_only', False)
auth_path = settings.pop('cone.auth_path', "/")
auth_wild_domain = settings.pop('cone.auth_wild_domain', True)
auth_policy = auth_tkt_factory(
secret=auth_secret,
cookie_name=auth_cookie_name,
secure=auth_secure,
include_ip=auth_include_ip,
timeout=auth_timeout,
reissue_time=auth_reissue_time,
max_age=auth_max_age,
http_only=auth_http_only,
path=auth_path,
wild_domain=auth_wild_domain,
)
configure_root(settings)
if settings.get('testing.hook_global_registry'):
globalreg = getGlobalSiteManager()
config = Configurator(registry=globalreg)
config.setup_registry(root_factory=get_root, settings=settings)
else:
config = Configurator(root_factory=get_root, settings=settings)
# set authentication and authorization policies
config.set_authentication_policy(auth_policy)
config.set_authorization_policy(acl_factory())
config.commit()
# begin configuration
config.begin()
# include general dependencies
config.include(pyramid_chameleon)
config.include(pyramid_zcml)
# register default layout adapter
config.registry.registerAdapter(default_layout)
# add translation
config.add_translation_dirs('cone.app:locale/')
# XXX: register yafowil and all yafowil addon widget locales.
# provide locales either in yafowil resources or as entry points in
# all yafowil packages providing translations
# static routes
config.add_route("favicon", "/favicon.ico")
# XXX: robots.txt
# XXX: humans.txt
# register static resources
config.add_view(browser.static_resources, name='static')
# scan browser package
config.scan(browser)
# load zcml
config.load_zcml('configure.zcml')
# read plugin configurator
plugins = settings.get('cone.plugins', '')
plugins = plugins.split('\n')
plugins = [pl for pl in plugins if pl and not pl.startswith('#')]
for plugin in plugins:
try:
importlib.import_module(plugin)
except ImportError:
msg = 'Cannot import plugin {}\n{}'.format(
plugin,
format_traceback()
)
logger.error(msg)
continue
try:
config.load_zcml('{}:configure.zcml'.format(plugin))
except IOError: # pragma: no cover
msg = 'No configure.zcml in {}'.format(plugin)
logger.info(msg)
# execute main hooks
filtered_hooks = list()
for hook in main_hooks:
for plugin in plugins:
if hook.__module__.startswith(plugin):
filtered_hooks.append(hook)
continue
for hook in filtered_hooks:
hook(config, global_config, settings)
# load and initialize UGM
backend_name = settings.get('ugm.backend')
# B/C
if not backend_name:
backend_name = settings.get('cone.auth_impl')
if backend_name:
try:
ugm_backend.load(backend_name, settings)
ugm_backend.initialize()
except Exception: # pragma: no cover
msg = 'Failed to create UGM backend:\n{}'.format(format_traceback())
logger.error(msg)
# register yafowil static resources
# done after addon config - addon code may disable yafowil resource groups
configure_yafowil_addon_resources(config)
# end configuration
config.end()
# return wsgi app
return config.make_wsgi_app()
