예제 #1
0
def BrowserID_checkUserExistence(self):
  hash = self.REQUEST.get('__ac_browser_id_hash')
  try:
    user_dict = BrowserID_getServerToken(self, hash)
  except KeyError:
    return False
  user = user_dict['login']
  tag = '%s_user_creation_in_progress' % user
  person_list = getUserByLogin(self.getPortalObject(), user)
  if len(person_list) == 0:
    if self.getPortalObject().portal_activities.countMessageWithTag(tag) == 0:
      user_entry = {'reference': user,
        'email': user[4:],
        'first_name': None,
        'last_name': None}
      self.Base_createOauth2User(tag, **user_entry)
    return False
  else:
    return True
예제 #2
0
"""Returns the name of the owner of current document
"""
owner_id_list = [i[0] for i in context.get_local_roles() if 'Owner' in i[1]]
if owner_id_list:
  from Products.ERP5Security.ERP5UserManager import getUserByLogin
  found_user_list = getUserByLogin(context.getPortalObject(), tuple(owner_id_list))
  if found_user_list:
    return found_user_list[0].getTitle()
  return owner_id_list[0]
예제 #3
0
"""Find and returns Person object for current logged in user.
Returns None if no corresponding person, for example when not using ERP5Security.ERP5UserManager.
"""
portal = context.getPortalObject()
if user_name is None:
    user_name = portal.portal_membership.getAuthenticatedMember()

from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(portal, str(user_name))
if len(found_user_list) == 1:
    return found_user_list[0]
예제 #4
0
from DateTime import DateTime
from Products.ERP5Security.ERP5UserManager import getUserByLogin

person_list = getUserByLogin(context, login)
if not person_list:
  return False, []

person = person_list[0]
if person.getPassword(format='palo_md5') != password:
  return False, []

now = DateTime()
group_set = set()
for assignment in person.contentValues(portal_type='Assignment'):
  if assignment.getValidationState() == 'open' and (
    assignment.getStartDate() is None or
    assignment.getStartDate() <= now <= assignment.getStopDate()):

    # XXX below is sample implementation, as it must match the groups defined in PALO
    if assignment.isMemberOf("function/palo"):
      group_set.add(assignment.getGroupReference())

    if assignment.isMemberOf("function/palo_admin"):
      group_set.add("admin")

return True, list(group_set)
예제 #5
0
"""Returns the name of the owner of current document
"""
owner_id_list = [i[0] for i in context.get_local_roles() if 'Owner' in i[1]]
if owner_id_list:
    from Products.ERP5Security.ERP5UserManager import getUserByLogin
    found_user_list = getUserByLogin(context.getPortalObject(),
                                     tuple(owner_id_list))
    if found_user_list:
        return found_user_list[0].getTitle()
    return owner_id_list[0]
"""Find and returns Person object for current logged in user.
Returns None if no corresponding person, for example when not using ERP5Security.ERP5UserManager.
"""
portal = context.getPortalObject()
if user_name is None:
  user_name = portal.portal_membership.getAuthenticatedMember()

from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(portal, str(user_name))
if len(found_user_list) == 1:
  return found_user_list[0]
  def extractCredentials(self, request):
    """ Extract Oauth2 credentials from the request header. """
    Base_createOauth2User = getattr(self.getPortalObject(),
      'Base_createOauth2User', None)
    if Base_createOauth2User is None:
      LOG('ERP5ExternalOauth2ExtractionPlugin', INFO,
          'No Base_createOauth2User script available, install '
            'erp5_credential_oauth2, disabled authentication.')
      return DumbHTTPExtractor().extractCredentials(request)

    creds = {}
    token = None
    if request._auth is not None:
      # 1st - try to fetch from Authorization header
      if self.header_string.lower() in request._auth.lower():
        l = request._auth.split()
        if len(l) == 2:
          token = l[1]

    if token is None:
      # no token
      return DumbHTTPExtractor().extractCredentials(request)

    # token is available
    user = None
    user_entry = None
    try:
      user = self.getToken(self.prefix + token)
    except KeyError:
      user_entry = self.getUserEntry(token)
      if user_entry is not None:
        user = user_entry['reference']

    if user is None:
      # fallback to default way
      return DumbHTTPExtractor().extractCredentials(request)

    tag = '%s_user_creation_in_progress' % user.encode('hex')

    if self.getPortalObject().portal_activities.countMessageWithTag(tag) > 0:
      self.REQUEST['USER_CREATION_IN_PROGRESS'] = user
    else:
      # create the user if not found
      person_list = getUserByLogin(self.getPortalObject(), user)
      if len(person_list) == 0:
        sm = getSecurityManager()
        if sm.getUser().getId() != SUPER_USER:
          newSecurityManager(self, self.getUser(SUPER_USER))
        try:
          self.REQUEST['USER_CREATION_IN_PROGRESS'] = user
          if user_entry is None:
            user_entry = self.getUserEntry(token)
          try:
            self.Base_createOauth2User(tag, **user_entry)
          except Exception:
            LOG('ERP5ExternalOauth2ExtractionPlugin', ERROR,
              'Issue while calling creation script:', error=True)
            raise
        finally:
          setSecurityManager(sm)
    try:
      self.setToken(self.prefix + token, user)
    except KeyError:
      # allow to work w/o cache
      pass
    creds['external_login'] = user
    creds['remote_host'] = request.get('REMOTE_HOST', '')
    try:
      creds['remote_address'] = request.getClientAddr()
    except AttributeError:
      creds['remote_address'] = request.get('REMOTE_ADDR', '')
    return creds