def setGroupsForPrincipal(event):
"""Set local group information when a principal is created.
Note: IUnauthenticatedPrincipal does not provide IGroupAwarePrincipal which
is just wrong and makes the conditions a little bit complicated.
"""
principal = event.principal
# set only groups for group aware principals or unauthenticated which are
# group aware too. This allows us to apply local roles to unautenticated
# principals which allows to apply permissions/roles via local groups which
# the application does not provide at global level.
if not (IGroupAwarePrincipal.providedBy(principal) or
IUnauthenticatedPrincipal.providedBy(principal)):
return
authentication = event.authentication
for name, plugin in authentication.getAuthenticatorPlugins():
if not interfaces.IGroupContainer.providedBy(plugin):
continue
# set groups for principals but not a group to itself. This could happen
# for global defined groups
principal.groups.extend(
[id for id in plugin.getGroupsForPrincipal(principal.id)
if id != principal.id])
def specialGroups(event):
"""Set groups for IGroupAwarePrincipal."""
principal = event.principal
# only apply to non groups because it will end in cycle dependencies
# since the principal will have tis role anyway
if (IGroup.providedBy(principal) or
not (IGroupAwarePrincipal.providedBy(principal) or
IUnauthenticatedPrincipal.providedBy(principal))):
return
# global utility registered by everybodyGroup directive
everyone = zope.component.queryUtility(IEveryoneGroup)
if everyone is not None and everyone.id != principal.id and \
everyone.id not in principal.groups:
principal.groups.append(everyone.id)
if IUnauthenticatedPrincipal.providedBy(principal):
# global utility registered by unauthenticatedGroup directive
unAuthGroup = zope.component.queryUtility(IUnauthenticatedGroup)
if unAuthGroup is not None and unAuthGroup.id != principal.id and \
unAuthGroup.id not in principal.groups:
principal.groups.append(unAuthGroup.id)
else:
# global utility registered by authenticatedGroup directive
authGroup = zope.component.queryUtility(IAuthenticatedGroup)
if authGroup is not None and authGroup.id != principal.id and \
authGroup.id not in principal.groups:
principal.groups.append(authGroup.id)
def getGroups(self, type=None):
if type is None:
type = IPrincipal
principal = self.principal
if IGroupAwarePrincipal.providedBy(principal):
if principal.groups:
seen = set()
principals = getUtility(IAuthentication)
stack = [iter(principal.groups)]
if IGroup.providedBy(principal):
stack.append(iter([principal.id]))
while stack:
try:
group_id = stack[-1].next()
except StopIteration:
stack.pop()
else:
if group_id not in seen:
group = principals.getPrincipal(group_id)
seen.add(group_id)
stack.append(iter(group.groups))
if type.providedBy(group):
yield group
def specialGroups(event):
principal = event.principal
if (IGroup.providedBy(principal) or
not IGroupAwarePrincipal.providedBy(principal)):
return
everyone = component.queryUtility(IEveryoneGroup)
if everyone is not None:
principal.groups.append(everyone.id)
auth = component.queryUtility(IAuthenticatedGroup)
if auth is not None:
principal.groups.append(auth.id)
def specialGroups(event):
principal = event.principal
if (IGroup.providedBy(principal) or
not IGroupAwarePrincipal.providedBy(principal)):
return
everyone = component.queryUtility(IEveryoneGroup)
if everyone is not None:
principal.groups.append(everyone.id)
auth = component.queryUtility(IAuthenticatedGroup)
if auth is not None:
principal.groups.append(auth.id)
def setGroupsForPrincipal(event):
"""Set group information when a principal is created"""
principal = event.principal
if not IGroupAwarePrincipal.providedBy(principal):
return
authentication = event.authentication
for name, plugin in authentication.getAuthenticatorPlugins():
if not IGroupFolder.providedBy(plugin):
continue
groupfolder = plugin
principal.groups.extend(
[authentication.prefix + id
for id in groupfolder.getGroupsForPrincipal(principal.id)
])
id = principal.id
prefix = authentication.prefix + groupfolder.prefix
if id.startswith(prefix) and id[len(prefix):] in groupfolder:
alsoProvides(principal, IGroup)
def setGroupsForPrincipal(event):
"""Set group information when a principal is created"""
principal = event.principal
if not IGroupAwarePrincipal.providedBy(principal):
return
authentication = event.authentication
for name, plugin in authentication.getAuthenticatorPlugins():
if not IGroupFolder.providedBy(plugin):
continue
groupfolder = plugin
principal.groups.extend(
[authentication.prefix + id
for id in groupfolder.getGroupsForPrincipal(principal.id)
])
id = principal.id
prefix = authentication.prefix + groupfolder.prefix
if id.startswith(prefix) and id[len(prefix):] in groupfolder:
alsoProvides(principal, IGroup)
def getPortalGroups(self):
"""Returns portal wide groups."""
for principal in principalRegistry.getPrincipals(''):
if IGroupAwarePrincipal.providedBy(principal):
continue
yield principal.id, principal.title
def getPortalGroups(self):
"""Returns portal wide groups."""
for principal in principalRegistry.getPrincipals(''):
if IGroupAwarePrincipal.providedBy(principal):
continue
yield principal.id, principal.title
