def test_authenticated_user(self):
self.layer.new_request()
self.assertTrue(authenticated_user(self.layer.current_request) is None)
with self.layer.authenticated('manager'):
user = authenticated_user(self.layer.current_request)
self.assertTrue(IUser.providedBy(user))
self.assertEqual(user.name, 'manager')
def local_manager_gid(self):
"""Group id of local manager group of current authenticated member.
Currently a user can be assigned only to one local manager group. If
mode than one local manager group is configured, an error is raised.
"""
config = self.root['settings']['ugm_localmanager'].attrs
user = security.authenticated_user(get_current_request())
if not user:
return None
gids = user.group_ids
adm_gids = list()
for gid in gids:
rule = config.get(gid)
if rule:
adm_gids.append(gid)
if len(adm_gids) == 0:
return None
if len(adm_gids) > 1:
msg = (u"Authenticated member defined in local manager "
u"groups %s but only one management group allowed for "
u"each user. Please contact System Administrator in "
u"order to fix this problem.")
exc = msg % ', '.join(["'%s'" % gid for gid in adm_gids])
raise Exception(exc)
return adm_gids[0]
def local_manager_gid(self):
"""Group id of local manager group of current authenticated member.
Currently a user can be assigned only to one local manager group. If
more than one local manager group is configured, an error is raised.
"""
settings = localmanager_settings(self.root)
user = security.authenticated_user(get_current_request())
if not user:
return None
gids = user.group_ids
adm_gids = list()
for gid in gids:
rule = settings.attrs.get(gid)
if rule:
adm_gids.append(gid)
if len(adm_gids) == 0:
return None
if len(adm_gids) > 1:
msg = (u"Authenticated member defined in local manager "
u"groups %s but only one management group allowed for "
u"each user. Please contact System Administrator in "
u"order to fix this problem.")
exc = msg % ', '.join(["'%s'" % gid for gid in sorted(adm_gids)])
raise Exception(exc)
return adm_gids[0]
def local_manager_consider_for_user(self):
"""Flag whether local manager ACL should be considered for current
authenticated user.
"""
if not self.local_management_enabled:
return False
request = get_current_request()
if authenticated_userid(request) == security.ADMIN_USER:
return False
roles = security.authenticated_user(request).roles
if 'admin' in roles or 'manager' in roles:
return False
return True
def local_manager_consider_for_user(self):
"""Flag whether local manager ACL should be considered for current
authenticated user.
"""
if not self.local_management_enabled:
return False
request = get_current_request()
if request.authenticated_userid == security.ADMIN_USER:
return False
roles = security.authenticated_user(request).roles
if 'admin' in roles or 'manager' in roles:
return False
return True