def getRoles(self, user_id): membrane = IMembraneUserObject(self.context) if membrane.getUserId() != user_id: return () if not self._in_right_state(): return () return self.roles
def testIMembraneUserObject(self): """Test the functionality of the IMembraneUserObject interface.""" from Products.membrane.interfaces import IMembraneUserObject # adapt the person object u = IMembraneUserObject(self.person) uid = u.getUserId() self.failUnlessEqual(uid, 'abc123', "incorrect value for getUserId")
def test_membrane_edit_username_id_accessors(self): self.profile1.username = '******' self.assertEquals(self.profiles.objectIds(), [self.userid1]) self.assertEquals(self.profile1.getId(), self.userid1) adapted = IMembraneUserObject(self.profile1) self.assertEquals(adapted.getUserId(), self.userid1) members = api.user.get_users(groupname='Members') self.assertEquals([x.getId() for x in members], [self.userid1])
def getAllRoles(self): """Here we should apparently enumerate all users who should get an extra role. """ if not self._in_right_state(): return membrane = IMembraneUserObject(self.context) yield membrane.getUserId(), self.roles
def authenticateCredentials(self, credentials): # Should not authenticate when the user is not enabled. workflow_info = IMembraneUserWorkflow(self.context) if not workflow_info.in_right_state(): return if self.verifyCredentials(credentials): # return (self.getUserId(), self.getUserName()) user = IMembraneUserObject(self.context) return (user.getUserId(), user.getUserName())
def verifyCredentials(self, credentials): """Returns True is password is authenticated, False if not. """ user = IMembraneUserObject(self.context) if credentials.get('login') != user.getUserName(): # Should never happen, as the code should then never end # up here, but better safe than sorry. return False if not IProvidePasswordsSchema.providedBy(self.context): return False return pw_validate(self.context.password, credentials.get('password', ''))
def verifyCredentials(self, credentials): """Returns True is password is authenticated, False if not. """ user = IMembraneUserObject(self.context) if credentials.get("login") != user.getUserName(): # Should never happen, as the code should then never end # up here, but better safe than sorry. return False password_provider = IProvidePasswordsSchema(self.context) if not password_provider: return False return AuthEncoding.pw_validate(password_provider.password, credentials.get("password", ""))
def test_membrane_move_id_accessors(self): """Moving membrane profiles will not work""" newid = 'my_new_vanity_url' # just reassigning the id is not enough, have to actually move it api.content.move(self.profile1, id=newid) self.assertEquals(self.profiles.objectIds(), [newid]) self.assertEquals(self.profile1.getId(), newid) adapted = IMembraneUserObject(self.profile1) self.assertEquals(adapted.getUserId(), newid) # with or without reindex, this ultimately fails self.profile1.reindexObject() members = api.user.get_users(groupname='Members') self.assertEquals([x.getId() for x in members], [newid]) # FAILS
def test_userid(self): """All id-ish accessors behave the same regardless of email setting""" self.assertTrue(api.user.get('joe_id')) self.assertFalse(api.user.get('joe_name')) self.assertFalse(api.user.get('*****@*****.**')) self.assertEqual(self.member.id, 'joe_id') self.assertEqual(self.member.getId(), 'joe_id') self.assertEqual(self.layer['portal']['joe_id'], self.member) with self.assertRaises(AttributeError): self.member.getUserId() adapted = IMembraneUserObject(self.member) self.assertEqual(adapted.getUserId(), 'joe_id') with self.assertRaises(AttributeError): adapted.id with self.assertRaises(AttributeError): adapted.getId()
def authenticateCredentials(self, credentials): # Should not authenticate when the user is not enabled. workflow_info = IMembraneUserWorkflow(self.context) loggable_credentials = { 'login': credentials['login'], 'remote_address': credentials['remote_address'] } if not workflow_info.in_right_state(): logger.info("User login failed for {login} from {remote_address} - workflow in wrong state".format(**loggable_credentials)) return if not self.verifyCredentials(credentials): logger.info("User login failed for {login} from {remote_address} - bad credentials".format(**loggable_credentials)) else: logger.info("User login succeed for {login} from {remote_address}".format(**loggable_credentials)) user = IMembraneUserObject(self.context) return (user.getUserId(), user.getUserName())
def sortable_title(ob, **kw): """Sorting users happens by last name""" user = IMembraneUserObject(ob, None) if user: names = [ ob.last_name, ob.first_name, ] return u' '.join([name for name in names if name]) return ""
def getRoles(self, principal_id): """ give an Owner who is also a 'selfpublisher', the reviewer role """ context = self.context current_roles = list( DefaultLocalRoleAdapter.getRoles( self, principal_id, )) userid = IMembraneUserObject(context).getUserId() if principal_id == userid: current_roles.append('Owner') return current_roles
def test_name_from_full_name(self): # We do not want to set a title but instead have the first and # last name used as title. We do not mind too much if the # title field itself is empty, as long as we have our ways to # get the fullname and get a name (basis for id) based on our # title. member = self._createType(self.layer['portal'], 'dexterity.membrane.member', 'joe') name_title = INameFromTitle(member) self.assertEqual(name_title.title, u'') member.title = u"Title field" self.assertEqual(name_title.title, u'') member.last_name = u"User" self.assertEqual(name_title.title, u'User') member.first_name = u"Joe" self.assertEqual(name_title.title, u'Joe User') self.assertEqual( IMembraneUserObject(member).get_full_name(), u'Joe User')
def Title(ob, **kw): """Add support for the Title index/metadata from Products.membrane""" user = IMembraneUserObject(ob, None) if user: return user.get_full_name() return ""
def Title(ob, **kw): """Add support for the Title index/metadata from Products.membrane""" return IMembraneUserObject(ob).get_full_name()
def fullname(self): # Note: we only define a getter; a setter would be too tricky # due to the multiple fields that are behind this one # property. return IMembraneUserObject(self.context).get_full_name()
def name(self): return self.context.name or \ IMembraneUserObject(self.context).get_full_name()
def preferred_username(self): """ """ return self.context.preferred_username or \ IMembraneUserObject(self.context).getUserName()
def sub(self): """ """ return force_unicode(IMembraneUserObject(self.context).getUserId())
def title(self): return IMembraneUserObject(self.context).get_full_name()
def test_membrane_getUserName(self): with self.assertRaises(AttributeError): self.profile1.getUserName() adapted = IMembraneUserObject(self.profile1) self.assertEquals(adapted.getUserName(), self.email1)
def modifyPersonOwnership(event): """Let people own their own objects and modify their own user preferences. Stolen from Plone and CMF core, but made less picky about where users are found. (and from borg, thanks, optilude!) """ context = event.context # Only run this if FSDPerson is an active membrane type. fsd_tool = getToolByName(context, 'facultystaffdirectory_tool') if 'FSDPerson' in fsd_tool.getEnableMembraneTypes(): catalog = getToolByName(context, 'portal_catalog') userId = IMembraneUserObject(context).getUserId() userFolder = getToolByName(context, 'acl_users') user = None while userFolder is not None: user = userFolder.getUserById(userId) if user is not None: break container = aq_parent(aq_inner(userFolder)) parent = aq_parent(aq_inner(container)) userFolder = getattr(parent, 'acl_users', None) if user is None: raise KeyError, _(u"User %s cannot be found.") % userId context.changeOwnership(user, False) def fixPersonRoles(context, userId): # Remove all other Owners of this Person object. Note that the creator will have an implicit # owner role. The User Preferences Editor role allows us to allow the user defined by the Person # to manage their own password and user preferences, but prevent the creator of the Person object # from modifying those fields. for owner in context.users_with_local_role('Owner'): roles = list(context.get_local_roles_for_userid(owner)) roles.remove('Owner') if roles: context.manage_setLocalRoles(owner, roles) else: context.manage_delLocalRoles([owner]) # Grant 'Owner' and 'User Preferences Editor' to the user defined by this object: roles = list(context.get_local_roles_for_userid(userId)) roles.extend(['Owner', u'Reviewer', 'User Preferences Editor']) # eliminate duplicated roles roles = list(set(roles)) context.manage_setLocalRoles(userId, roles) # Grant 'Owner' only to any users listed as 'assistants': for assistant in context.getReferences( relationship="people_assistants"): pid = assistant.id user = userFolder.getUserById(pid) if user is None: raise KeyError, _(u"User %s cannot be found.") % pid roles = list(context.get_local_roles_for_userid(pid)) roles.append('Owner') context.manage_setLocalRoles(pid, roles) fixPersonRoles(context, user.getId()) catalog.reindexObject(context)
def test_username(self): with self.assertRaises(AttributeError): self.member.getUserName() adapted = IMembraneUserObject(self.member) self.assertEqual(adapted.getUserName(), 'joe_name')