def render(self, request):
session = get_current_session(request)
authresponse = self._checkAuth(request)
if authresponse != None:
return authresponse
else:
return Resource.render(self, request)
def _checkAuth(self, request):
if self.noUser: # If resource doesn't require user at all...
get_current_session(request).requestIsAllowed = requestIsAllowed
return None
if not self.webauth.is_initialized():
return self.serverUninitializedResponse(request)
if not self.webauth.requestIsAuthenticated(request):
get_current_session(request).requestIsAllowed = requestIsAllowed
return self.loginResponse(request)
if type(self.required_capabilities) == types.DictionaryType:
try:
cs = self.required_capabilities[request.method]
except KeyError, e:
cs = None
def _set_session_authinfo(self, request, callerdeferred, user):
session = get_current_session(request)
session.user = user
try:
session.roles = [Roles.get(r) for r in session.user.role_names]
except InvalidRoleError, e:
log.err("Failed to resolve user role: %s" %e)
callerdeferred.errback(None)
return
def requestIsAllowed(request, cap):
session = get_current_session(request)
try:
roles = session.roles
except AttributeError:
e = "Forbidding access due to unknown role in requestIsAllowed()"
log.err(e, system="webauth")
return False
if cap is None:
return True
for role in roles:
if role.has_all_capabilities(cap):
return True
return False
def requestIsAllowed(request, cap):
session = get_current_session(request)
try:
roles = session.roles
except AttributeError:
e = "Forbidding access due to unknown role in requestIsAllowed()"
log.err(e, system="webauth")
return False
if not cap: #modificato da Valerio, vuoto vuol dire pari a FALSE
return True
for role in roles:
if role.has_all_capabilities(cap):
return True
return False
def requestIsAuthenticated(self, request):
session = get_current_session(request)
if hasattr(session, "roles"):
return True
if not self.directorymanager or not self.directorymanager.supports_authentication():
session.requestIsAllowed = requestIsAllowed
user = User("assumed-admin", set(("Superuser",)))
session.user = user
roles = [ Roles.get(r) for r in user.role_names ]
session.roles = roles
session.language = "en"
return True
return False
def requestIsAuthenticated(self, request):
session = get_current_session(request)
#session.user: lo stesso che viene definito in authenticateUser al momento del login
if not hasattr(session, "user"):
#if no user has logged in, no request can be autheticated
return False
if not self.directorymanager or not self.directorymanager.supports_authentication():
#devo controllare che i roles dell'utente siano compatibili con quelli associati a questa risorsa
session.requestIsAllowed = requestIsAllowed
roles = [ Roles.get(r) for r in session.user.role_names ]
session.roles = roles
session.language = session.user.language
return True
return False
def _auth_errback(self, failure, request, callerdeferred):
log.err("Failure during authentication: %s" %failure)
get_current_session(request).expire()
callerdeferred.errback(None)
def failedLogin(self, request):
request.write("User not found.")
get_current_session(request).expire()
request.finish()
return server.NOT_DONE_YET
