def updateGroup(self,
group_id,
predicate,
title=None,
description=None,
active=None):
""" Update a group definition.
o Raise KeyError if we don't have an existing group definition
for 'group_id'.
o Don't update 'title', 'description', or 'active' unless supplied.
"""
if group_id not in self.listGroupIds():
raise KeyError, 'Invalid group ID: %s' % group_id
group = self._getOb(group_id)
group._setPredicate(predicate)
if title is not None:
group.title = title
if description is not None:
group.description = description
if active is not None:
group.active = active
# This method changes the enumerateGroups return value
view_name = createViewName('enumerateGroups')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateGroups', group_id)
self.ZCacheable_invalidate(view_name=view_name)
def invalidateCacheForChangedUser(self, user_id):
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateUsers', user_id)
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('getUserInfo', user_id)
self.ZCacheable_invalidate(view_name=view_name)
def updateGroup(self, group_id, predicate, title=None, description=None,
active=None):
""" Update a group definition.
o Raise KeyError if we don't have an existing group definition
for 'group_id'.
o Don't update 'title', 'description', or 'active' unless supplied.
"""
if group_id not in self.listGroupIds():
raise KeyError('Invalid group ID: %s' % group_id)
group = self._getOb(group_id)
group._setPredicate(predicate)
if title is not None:
group.title = title
if description is not None:
group.description = description
if active is not None:
group.active = active
# This method changes the enumerateGroups return value
view_name = createViewName('enumerateGroups')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateGroups', group_id)
self.ZCacheable_invalidate(view_name=view_name)
def updateEveryLoginName(self, quit_on_first_error=True):
# Update all login names to their canonical value. This
# should be done after changing the login_transform property
# of pas. You can set quit_on_first_error to False to report
# all errors before quitting with an error. This can be
# useful if you want to know how many problems there are, if
# any.
pas = self._getPAS()
transform = pas._get_login_transform_method()
if not transform:
logger.warn("PAS has a non-existing, empty or wrong "
"login_transform property.")
return
# Make a fresh mapping, as we do not want to add or remove
# items to the original mapping while we are iterating over
# it.
new_login_to_userid = OOBTree()
errors = []
for old_login_name, user_id in self._login_to_userid.items():
new_login_name = transform(old_login_name)
if new_login_name in new_login_to_userid:
logger.error("User id %s: login name %r already taken.",
user_id, new_login_name)
errors.append(new_login_name)
if quit_on_first_error:
break
new_login_to_userid[new_login_name] = user_id
if new_login_name != old_login_name:
self._userid_to_login[user_id] = new_login_name
# Also, remove from the cache
view_name = createViewName('enumerateUsers', user_id)
self.ZCacheable_invalidate(view_name=view_name)
logger.debug("User id %s: changed login name from %r to %r.",
user_id, old_login_name, new_login_name)
# If there were errors, we do not want to save any changes.
if errors:
logger.error("There were %d errors when updating login names. "
"quit_on_first_error was %r", len(errors),
quit_on_first_error)
# Make sure the exception we raise is not swallowed.
self._dont_swallow_my_exceptions = True
raise ValueError("Transformed login names are not unique: %s." %
', '.join(errors))
# Make sure we did not lose any users.
assert(len(self._login_to_userid.keys())
== len(new_login_to_userid.keys()))
# Empty the main cache.
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
# Store the new login mapping.
self._login_to_userid = new_login_to_userid
def testCacheTwoQueries(self):
self.plugin.getPropertiesForUser(self.user)
self.plugin.getPropertiesForUser(self.other_user)
view_name = createViewName('getPropertiesForUser', self.username)
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
view_name = createViewName('getPropertiesForUser', 'user_2')
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
def updateEveryLoginName(self, quit_on_first_error=True):
# Update all login names to their canonical value. This
# should be done after changing the login_transform property
# of pas. You can set quit_on_first_error to False to report
# all errors before quitting with an error. This can be
# useful if you want to know how many problems there are, if
# any.
pas = self._getPAS()
transform = pas._get_login_transform_method()
if not transform:
logger.warn("PAS has a non-existing, empty or wrong "
"login_transform property.")
return
# Make a fresh mapping, as we do not want to add or remove
# items to the original mapping while we are iterating over
# it.
new_login_to_userid = OOBTree()
errors = []
for old_login_name, user_id in self._login_to_userid.items():
new_login_name = transform(old_login_name)
if new_login_name in new_login_to_userid:
logger.error("User id %s: login name %r already taken.",
user_id, new_login_name)
errors.append(new_login_name)
if quit_on_first_error:
break
new_login_to_userid[new_login_name] = user_id
if new_login_name != old_login_name:
self._userid_to_login[user_id] = new_login_name
# Also, remove from the cache
view_name = createViewName('enumerateUsers', user_id)
self.ZCacheable_invalidate(view_name=view_name)
logger.debug("User id %s: changed login name from %r to %r.",
user_id, old_login_name, new_login_name)
# If there were errors, we do not want to save any changes.
if errors:
logger.error("There were %d errors when updating login names. "
"quit_on_first_error was %r", len(errors),
quit_on_first_error)
# Make sure the exception we raise is not swallowed.
self._dont_swallow_my_exceptions = True
raise ValueError("Transformed login names are not unique: %s." %
', '.join(errors))
# Make sure we did not lose any users.
assert(len(self._login_to_userid.keys())
== len(new_login_to_userid.keys()))
# Empty the main cache.
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
# Store the new login mapping.
self._login_to_userid = new_login_to_userid
def testTwoQueres(self):
self.plugin.getRolesForPrincipal(self.username)
self.plugin.getRolesForPrincipal('xx')
view_name = createViewName('getRolesForPrincipal', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
view_name = createViewName('getRolesForPrincipal', 'xx')
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def testCacheTwoQueries(self):
props = self.plugin.getPropertiesForUser(self.user)
props = self.plugin.getPropertiesForUser(self.other_user)
view_name = createViewName('getPropertiesForUser', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
view_name = createViewName('getPropertiesForUser', 'user_2')
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def testTwoQueres(self):
user = TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
self.plugin.doAddUser("User1", self.password)
user1 = TrivialUser("User1")
self.plugin.getRolesForPrincipal(user1)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1')
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
def testSingleQuery(self):
user = TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
def updateUserInfo(self, user, set_id, set_info):
if set_id is not None:
raise NotImplementedError, "Cannot currently rename the user id of a user"
users_table = self.getProperty('users_table')
users_col_username = self.getProperty('users_col_username')
realFields = self.remapKeys(set_info, reverse=True)
sql = 'UPDATE %s SET ' % users_table
for key, value in realFields.items():
_type = 'string'
if type(value) == types.FloatType:
_type = 'float'
elif type(value) == types.IntType:
_type = 'int'
sql += ('%s' % WRAPCHAR) + key + '%s=<dtml-sqlvar %s type=%s>,' % (WRAPCHAR, key, _type)
sql = sql[:-1]
sql += " WHERE %s='%s'" % (users_col_username, user.getUserName())
params = ' '.join(realFields.keys())
sqlMethod = SQL('query', 'Update user info', self._connection, params, sql)
sqlMethod = sqlMethod.__of__(self)
data = dict(realFields)
data[users_col_username] = user.getUserName()
sqlMethod(**data)
view_name = createViewName('getPropertiesForUser', user.getUserName())
cached_info = self.ZCacheable_invalidate(view_name=view_name)
def testInitialUserCacheIsEmpty(self):
view_name = createViewName('getUserInfo', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
keywords=dict(auth=False),
default=_marker)
self.failUnless(user is _marker)
def getRolesForPrincipal(self, principal, request=None):
""" principal -> ( role_1, ... role_N )
o Return a sequence of role names which the principal has.
o May assign roles based on values in the REQUEST object, if present.
"""
principal_id = principal
if not isinstance(principal_id, basestring):
principal_id = principal.getId()
view_name = createViewName('getRolesForPrincipal', principal_id)
cached_info = self.ZCacheable_get(view_name)
if cached_info is not None:
return cached_info
session = Session()
principal = self.getPrincipal(principal)
if principal is None:
return ()
roles = tuple(principal.roles)
self.ZCacheable_set(roles, view_name)
return roles
def getRolesForPrincipal(self, principal, request=None ):
""" principal -> ( role_1, ... role_N )
o Return a sequence of role names which the principal has.
o May assign roles based on values in the REQUEST object, if present.
"""
principal_id = principal
if not isinstance(principal_id, basestring):
principal_id = principal.getId()
view_name = createViewName('getRolesForPrincipal', principal_id)
cached_info = self.ZCacheable_get(view_name)
if cached_info is not None:
return cached_info
session = Session()
principal = self.getPrincipal(principal)
if principal is None:
return ()
roles = tuple(principal.roles)
self.ZCacheable_set(roles, view_name)
return roles
def _verifyGroup(self, plugins, group_id=None, title=None):
""" group_id -> boolean
This method based on PluggableAuthService._verifyUser
"""
criteria = {}
if group_id is not None:
criteria[ 'id' ] = group_id
criteria[ 'exact_match' ] = True
if title is not None:
criteria[ 'title' ] = title
if criteria:
view_name = createViewName('_verifyGroup', group_id)
enumerators = plugins.listPlugins(IGroupEnumerationPlugin)
for enumerator_id, enumerator in enumerators:
try:
info = enumerator.enumerateGroups(**criteria)
if info:
return info[0]['id']
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.info(
'PluggableAuthService: GroupEnumerationPlugin %s error',
enumerator_id, exc_info=1)
return 0
def addGroup( self
, group_id
, predicate
, title=''
, description=''
, active=True
):
""" Add a group definition.
o Raise KeyError if we have an existing group definition
for 'group_id'.
"""
if group_id in self.listGroupIds():
raise KeyError, 'Duplicate group ID: %s' % group_id
info = DynamicGroupDefinition( group_id
, predicate
, title
, description
, active
)
self._setObject( group_id, info )
# This method changes the enumerateGroups return value
view_name = createViewName('enumerateGroups')
self.ZCacheable_invalidate(view_name=view_name)
def testCacheStartsEmpty(self):
view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is _marker)
def removeGroup(self, group_id, REQUEST=None):
""" Remove a group definition.
o Raise KeyError if we don't have an existing group definition
for 'group_id'.
"""
if group_id not in self.listGroupIds():
raise KeyError, 'Invalid group ID: %s' % group_id
self._delObject(group_id)
# This method changes the enumerateGroups return value
view_name = createViewName('enumerateGroups')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateGroups', group_id)
self.ZCacheable_invalidate(view_name=view_name)
def testCacheSingleQuery(self):
self.plugin.getPropertiesForUser(self.user)
view_name = createViewName('getPropertiesForUser', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def getGroupsForPrincipal(self, principal, request=None):
""" get the groups information from REQUEST upon login
"""
if request is None:
if hasattr(self, 'REQUEST'):
request = self.REQUEST
else:
return []
view_name = createViewName('getGroupsForPrincipal',
principal.getId())
cached_info = self.ZCacheable_get(view_name)
if cached_info is not None:
return cached_info
groups = []
authUser = request.environ.get('HTTP_EPPN')
if authUser and authUser == principal.getId():
units = request.environ.get('HTTP_KULOUNUMBER')
if units:
groups = units.split(';')
groups.extend(self.getAffiliations(request, groups))
else:
return ()
groups = tuple(groups)
self.ZCacheable_set(groups, view_name)
return groups
def removeUser(self, user_id):
if self._user_passwords.get(user_id) is None:
raise KeyError, 'Invalid user ID: %s' % user_id
login_name = self._userid_to_login[user_id]
del self._user_passwords[user_id]
del self._login_to_userid[login_name]
del self._userid_to_login[user_id]
# Also, remove from the cache
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateUsers', user_id)
self.ZCacheable_invalidate(view_name=view_name)
def getPropertiesForUser(self, user, request=None):
"""Get property values for a user or group.
Returns a dictionary of values or a PropertySheet.
"""
view_name = createViewName('getPropertiesForUser', user)
cached_info = self.ZCacheable_get(view_name=view_name)
if cached_info is not None:
return MutablePropertySheet(self.id, **cached_info)
data = None
session = Session()
if user.isGroup():
groups = session.query(domain.Group).filter(
domain.Group.group_principal_id == user.getUserName()).all()
if len(groups) == 1:
group = groups[0]
data = {
'title' : group.short_name or u"",
'description' : group.description or u"",
}
else:
users = session.query(domain.User).filter(
domain.User.login == user.getUserName()).all()
if len(users) == 1:
b_user = users[0]
data = {
'fullname' : u"%s %s" %(b_user.first_name, b_user.last_name),
'email' : b_user.email or u"",
'description' : b_user.description or u"",
'notification': b_user.recieve_notification or False,
}
if data:
self.ZCacheable_set(data, view_name=view_name)
sheet = MutablePropertySheet(self.id, **data)
return sheet
def addGroup( self
, group_id
, predicate
, title=''
, description=''
, active=True
):
""" Add a group definition.
o Raise KeyError if we have an existing group definition
for 'group_id'.
"""
if group_id in self.listGroupIds():
raise KeyError('Duplicate group ID: %s' % group_id)
info = DynamicGroupDefinition( group_id
, predicate
, title
, description
, active
)
self._setObject( group_id, info )
# This method changes the enumerateGroups return value
view_name = createViewName('enumerateGroups')
self.ZCacheable_invalidate(view_name=view_name)
def getPropertiesForUser(self, user, request=None):
"""Get property values for a user or group.
Returns a dictionary of values or a PropertySheet.
"""
view_name = createViewName('getPropertiesForUser', user)
cached_info = self.ZCacheable_get(view_name=view_name)
if cached_info is not None:
return MutablePropertySheet(self.id, **cached_info)
data = None
session = Session()
if user.isGroup():
groups = session.query(domain.Group).filter(
domain.Group.group_principal_id == user.getUserName()).all()
if len(groups) == 1:
group = groups[0]
data = {
'title': group.short_name or u"",
'description': group.description or u"",
}
else:
users = session.query(domain.User).filter(
domain.User.login == user.getUserName()).all()
if len(users) == 1:
b_user = users[0]
data = {
'fullname':
u"%s %s" % (b_user.first_name, b_user.last_name),
'email': b_user.email or u"",
'description': b_user.description or u"",
'notification': b_user.recieve_notification or False,
}
if data:
self.ZCacheable_set(data, view_name=view_name)
sheet = MutablePropertySheet(self.id, **data)
return sheet
def enumerateGroups(self,
id=None,
exact_match=False,
sort_by=None,
max_results=None,
**kw):
""" See IGroupEnumerationPlugin.
"""
group_info = []
group_ids = []
plugin_id = self.getId()
view_name = createViewName('enumerateGroups', id)
# Look in the cache first...
keywords = copy.deepcopy(kw)
keywords.update({
'id': id,
'exact_match': exact_match,
'sort_by': sort_by,
'max_results': max_results
})
cached_info = self.ZCacheable_get(view_name=view_name,
keywords=keywords,
default=None)
if cached_info is not None:
return tuple(cached_info)
if isinstance(id, str):
id = [id]
if exact_match and id:
group_ids.extend(id)
if group_ids:
group_filter = None
else: # Searching
group_ids = self.listGroupIds()
group_filter = _DynamicGroupFilter(id, **kw)
for group_id in group_ids:
url = '/%s/%s/manage_propertiesForm' % (self.absolute_url(1),
group_id)
info = {}
info.update(self.getGroupInfo(group_id))
info['pluginid'] = plugin_id
info['properties_url'] = url
info['members_url'] = url
if not group_filter or group_filter(info):
if info['active']:
group_info.append(info)
# Put the computed value into the cache
self.ZCacheable_set(group_info, view_name=view_name, keywords=keywords)
return tuple(group_info)
def createUser(self, user_id, name):
keywords = {'user_id':user_id, 'name':name}
view_name = createViewName('enumerateUsers', user_id or name)
cached_info = self.ZCacheable_get( view_name=view_name
, keywords=keywords
, default=None
)
if cached_info is not None:
data = cached_info
partner = OdooPartner(user_id, name)
self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
partner.addPropertysheet( 'odoo', data )
return partner
users = []
conn = getUtility(interfaces.IOdooPasUtility)
main_user = conn.login()
args = [('login', '=', user_id)]
uids = conn.search('res.users', args=args)
if not uids:
return None
datas = conn.read('res.users', uids, fields=['login', 'name', 'email', 'partner_id'])
data = datas[0]
if data.get('id'):
del data['id']
if data.get('partner_id'):
data['partner_id'] = data['partner_id'][0]
data['fullname'] = data['name']
partner = OdooPartner(user_id, name)
self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
partner.addPropertysheet( 'odoo', data )
return partner
def removeUser(self, user_id):
if self._user_passwords.get(user_id) is None:
raise KeyError('Invalid user ID: %s' % user_id)
login_name = self._userid_to_login[user_id]
del self._user_passwords[user_id]
del self._login_to_userid[login_name]
del self._userid_to_login[user_id]
# Also, remove from the cache
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateUsers', user_id)
self.ZCacheable_invalidate(view_name=view_name)
def testCacheStartsEmpty(self):
view_name = createViewName('getPropertiesForUser', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
keywords=dict(auth=False),
default=_marker)
self.failUnless(user is _marker)
def removeGroup(self, group_id):
""" Remove a group definition.
o Raise KeyError if we don't have an existing group definition
for 'group_id'.
"""
if group_id not in self.listGroupIds():
raise KeyError('Invalid group ID: %s' % group_id)
self._delObject(group_id)
# This method changes the enumerateGroups return value
view_name = createViewName('enumerateGroups')
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName('enumerateGroups', group_id)
self.ZCacheable_invalidate(view_name=view_name)
def removeUser(self, user_id):
""" """
# Remove the user from all persistent dicts
if user_id not in self._useridentities_by_userid:
# invalid userid
return
del self._useridentities_by_userid[user_id]
plugin_id = self.getPluginIdByUserId(user_id)
if plugin_id:
del self._userid_by_identityinfo[plugin_id]
# Also, remove from the cache
view_name = createViewName("enumerateUsers")
self.ZCacheable_invalidate(view_name=view_name)
view_name = createViewName("enumerateUsers", user_id)
self.ZCacheable_invalidate(view_name=view_name)
def assignRolesToPrincipal(self, roles, principal_id):
"""Assign a specific set of roles, and only those roles, to a
principal.
o no return value
o insert and delete roles on the SQL Backend based on the roles
parameter
"""
ignored_roles = ('Authenticated', 'Anonymous', 'Owner')
roles = [role_id for role_id in roles if role_id not in ignored_roles]
# remove actual roles that are not in the roles parameter
actual_roles = self.getRolesForPrincipal(
principal_id, ignore_groups=True
)
self.doRemoveRolesFromPrincipal(
[role for role in actual_roles if role not in roles], principal_id)
# insert new roles
for role in roles:
if role not in ignored_roles:
self.doAssignRoleToPrincipal(
principal_id, role, invalidate_cache=False
)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id
)
self.ZCacheable_invalidate(view_name)
def assignRolesToPrincipal(self, roles, principal_id):
"""Assign a specific set of roles, and only those roles, to a
principal.
o no return value
o insert and delete roles on the SQL Backend based on the roles
parameter
"""
ignored_roles = ('Authenticated', 'Anonymous', 'Owner')
roles = [role_id for role_id in roles if role_id not in ignored_roles]
# remove actual roles that are not in the roles parameter
actual_roles = self.getRolesForPrincipal(principal_id,
ignore_groups=True)
self.doRemoveRolesFromPrincipal(
[role for role in actual_roles if role not in roles], principal_id)
# insert new roles
for role in roles:
if role not in ignored_roles:
self.doAssignRoleToPrincipal(principal_id,
role,
invalidate_cache=False)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id)
self.ZCacheable_invalidate(view_name)
def getPropertiesForUser(self, user, request=None):
"""Get property values for a user or group.
Returns a dictionary of values or a PropertySheet.
"""
view_name = createViewName('getPropertiesForUser', user)
cached_info = self.ZCacheable_get(view_name=view_name)
if cached_info is not None:
return MutablePropertySheet(self.id, **cached_info)
data = None
if user.isGroup():
http_obj = httplib2.Http()
query = '/++rest++brs/groups?'
params = urllib.urlencode({'user_name': user.getUserName()})
resp, content = http_obj.request(connection_url() + query + params,
"GET")
data = simplejson.loads(content)
else:
http_obj = httplib2.Http()
query = '/++rest++brs/users?'
params = urllib.urlencode({'user_name': user.getUserName()})
resp, content = http_obj.request(connection_url() + query + params,
"GET")
data = simplejson.loads(content)
if data:
self.ZCacheable_set(data, view_name=view_name)
sheet = MutablePropertySheet(self.id, **data)
return sheet
def createUser(self, user_id, name):
keywords = {'user_id': user_id, 'name': name}
view_name = createViewName('enumerateUsers', user_id or name)
cached_info = self.ZCacheable_get(view_name=view_name,
keywords=keywords,
default=None)
if cached_info is not None:
data = cached_info
partner = OdooPartner(user_id, name)
self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
partner.addPropertysheet('odoo', data)
return partner
users = []
conn = getUtility(interfaces.IOdooPasUtility)
main_user = conn.login()
args = [('login', '=', user_id)]
uids = conn.search('res.users', args=args)
if not uids:
return None
datas = conn.read('res.users',
uids,
fields=['login', 'name', 'email', 'partner_id'])
data = datas[0]
if data.get('id'):
del data['id']
if data.get('partner_id'):
data['partner_id'] = data['partner_id'][0]
data['fullname'] = data['name']
partner = OdooPartner(user_id, name)
self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
partner.addPropertysheet('odoo', data)
return partner
def addUser(self, user_id, login_name, password):
users = []
conn = getUtility(interfaces.IOdooPasUtility)
user = conn.login()
conn.create('res.users', {'login': user_id, 'new_password': password})
# enumerateUsers return value has changed
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
def testAssignRolesZapsCache(self):
self.plugin.getRolesForPrincipal(self.username)
self.plugin.assignRolesToPrincipal(('henchman',), self.username)
view_name = createViewName('getRolesForPrincipal', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is _marker)
def setPropertiesForUser(self, user, propertysheet):
session = Session()
_user = session.query(model.User).filter_by(
name=user.getUserName()).first()
for name, value in propertysheet.propertyItems():
self.doSetProperty(_user, name, value)
view_name = createViewName('getPropertiesForUser', user)
cached_info = self.ZCacheable_invalidate(view_name=view_name)
def testSingleQuery(self):
user=TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def testNoAuthGetUserIsCached(self):
self.plugin.getUserInfo(self.username, auth=False)
view_name = createViewName('getUserInfo', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
keywords=dict(auth=False),
default=_marker)
self.failUnless(user is not _marker)
def testAssignRoleKeepsCacheIfToldSo(self):
user = TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', False)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
def testAssignRoleKeepsCacheIfToldSo(self):
self.plugin.getRolesForPrincipal(self.username)
self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', True)
view_name = createViewName('getRolesForPrincipal', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def addUser( self, user_id, login_name, password ):
users = []
conn = getUtility(interfaces.IOdooPasUtility)
user = conn.login()
conn.create('res.users', {'login':user_id, 'new_password':password})
# enumerateUsers return value has changed
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
def setPropertiesForUser(self, user, propertysheet):
session = Session()
_user = session.query(
model.User).filter_by(name=user.getUserName()).first()
for name, value in propertysheet.propertyItems():
self.doSetProperty(_user, name, value)
view_name = createViewName('getPropertiesForUser', user)
cached_info = self.ZCacheable_invalidate(view_name=view_name)
def testAssignRolesZapsCache(self):
user = TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
self.plugin.assignRolesToPrincipal(('henchman', ), self.username)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is _marker)
def testTwoQueres(self):
user=TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
self.plugin.doAddUser("User1", self.password)
user1=TrivialUser("User1")
self.plugin.getRolesForPrincipal(user1)
view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1')
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def testAuthGetUserIsNotCached(self):
config.CACHE_PASSWORDS=False
self.plugin.getUserInfo(self.username, auth=True)
view_name = createViewName('getUserInfo', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
keywords=dict(auth=True),
default=_marker)
self.failUnless(user is _marker)
def testAssignRoleKeepsCacheIfToldSo(self):
user=TrivialUser(self.username)
self.plugin.getRolesForPrincipal(user)
self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', False)
view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
default=_marker)
self.failUnless(user is not _marker)
def updateGroup(self, group_id, title=None, description=None):
session = Session()
principal = session.query(self.principal_class).\
filter_by(zope_id=group_id).first()
if title:
self.doSetProperty(principal, 'title', title)
if description:
self.doSetProperty(principal, 'description', description)
view_name = createViewName('getPropertiesForUser', group_id)
self.ZCacheable_invalidate(view_name=view_name)
def updateGroup(self, group_id, title=None, description=None):
session = Session()
principal = session.query(self.principal_class).\
filter_by(zope_id=group_id).first()
if title:
self.doSetProperty(principal, 'title', title)
if description:
self.doSetProperty(principal, 'description', description)
view_name = createViewName('getPropertiesForUser', group_id)
self.ZCacheable_invalidate(view_name=view_name)
def testUpdateZapsCache(self):
props = self.plugin.getPropertiesForUser(self.user)
self.plugin.updateUserInfo(self.user, set_id=None,
set_info=dict(firstname='Jane'))
view_name = createViewName('getPropertiesForUser', self.username)
user = self.plugin.ZCacheable_get(
view_name=view_name,
keywords=dict(auth=False),
default=_marker)
self.failUnless(user is _marker)
def testUpdateZapsCache(self):
self.plugin.getPropertiesForUser(self.user)
info = {
'fullname': u'Jane Doe',
}
sheet = MutablePropertySheet("memberdata", **info)
self.plugin.setPropertiesForUser(self.user, sheet)
view_name = createViewName('getPropertiesForUser', self.username)
user = self.plugin.ZCacheable_get(view_name=view_name,
keywords=dict(auth=False),
default=_marker)
self.failUnless(user is _marker)
def updateUserInfo(self, user, set_id, set_info):
if set_id is not None:
raise NotImplementedError, \
"Cannot currently rename the user id of a user"
session = Session()
_user = session.query(
model.User).filter_by(name=user.getUserName()).first()
for name, value in set_info.items():
self.doSetProperty(_user, name, value)
view_name = createViewName('getPropertiesForUser', user.getUserName())
cached_info = self.ZCacheable_invalidate(view_name=view_name)
def addUser(self, user_id, login_name, password):
if self._user_passwords.get(user_id) is not None:
raise KeyError, 'Duplicate user ID: %s' % user_id
if self._login_to_userid.get(login_name) is not None:
raise KeyError, 'Duplicate login name: %s' % login_name
self._user_passwords[user_id] = self._pw_encrypt(password)
self._login_to_userid[login_name] = user_id
self._userid_to_login[user_id] = login_name
# enumerateUsers return value has changed
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
def setPropertiesForUser(self, user, propertysheet):
if user.isGroup():
pass
#we do not set any attributes from plone here
else:
h = httplib2.Http()
query = '/++rest++brs/users'
data = {'login': user.getUserName()}
params = urllib.urlencode(data)
resp, content = h.request(connection_url() + query + params, "GET")
if propertysheet.getProperty('email'):
data['email'] = propertysheet.getProperty('email')
if propertysheet.getProperty('notification') != None:
data['receive_notification'] = propertysheet.getProperty(
'notification')
view_name = createViewName('getPropertiesForUser', user)
cached_info = self.ZCacheable_invalidate(view_name=view_name)
def doAssignRoleToPrincipal(self, principal_id, role, _no_cache=False):
""" Create a principal/role association in a Role Manager
o Return a Boolean indicating whether the role was assigned or not
"""
principal = self.getPrincipal(principal_id)
if principal is None or role in principal.roles:
return False
principal.roles.add(role)
if not _no_cache:
view_name = createViewName('getRolesForPrincipal', principal_id)
self.ZCacheable_invalidate(view_name)
return True
def _verifyGroup(self, plugins, group_id=None, title=None):
""" group_id -> boolean
This method based on PluggableAuthService._verifyUser
"""
criteria = {}
if group_id is not None:
criteria['id'] = group_id
criteria['exact_match'] = True
if title is not None:
criteria['title'] = title
if criteria:
view_name = createViewName('_verifyGroup', group_id or title)
cached_info = self.ZCacheable_get(view_name=view_name,
keywords=criteria,
default=None)
if cached_info is not None:
return cached_info
enumerators = plugins.listPlugins(IGroupEnumerationPlugin)
for enumerator_id, enumerator in enumerators:
try:
info = enumerator.enumerateGroups(**criteria)
if info:
id = info[0]['id']
# Put the computed value into the cache
self.ZCacheable_set(id,
view_name=view_name,
keywords=criteria)
return id
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger = logging.getLogger('membrane')
logger.debug('GroupEnumerationPlugin %s error' %
enumerator_id,
exc_info=True)
return 0
def removeRoleFromPrincipal(self, role_id, principal_id):
""" Remove a role from a principal (user or group).
o Return a boolean indicating whether the role was already present.
o Raise KeyError if 'role_id' is unknown.
o Ignore requests to remove a role not already assigned to the
principal.
"""
roles = self.getRolesForPrincipal(principal_id, ignore_groups=True)
if role_id in roles:
self.doRemoveRolesFromPrincipal([role_id], principal_id)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id)
self.ZCacheable_invalidate(view_name)
return True
return False
def testDoRemoveRoleFromPrincipalZapsCache(self):
self.plugin.doAddUser("User1", self.password)
self.plugin.assignRolesToPrincipal((
'First',
'Second',
), 'User1')
roles = self.plugin.getRolesForPrincipal('User1')
self.assertTrue('First' in roles)
self.assertTrue('Second' in roles)
view_name = createViewName(
'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1')
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is not _marker)
self.plugin.doRemoveRoleFromPrincipal('User1', 'First')
user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
self.failUnless(user is _marker)
def addUser(self, user_id, login_name, password):
"""Original ZODBUserManager.addUser, modified to check if
incoming password is already encypted.
This support clean migration from default user source.
Should go into PAS.
"""
if self._user_passwords.get(user_id) is not None:
raise KeyError('Duplicate user ID: %s' % user_id)
if self._login_to_userid.get(login_name) is not None:
raise KeyError('Duplicate login name: %s' % login_name)
if not AuthEncoding.is_encrypted(password):
password = AuthEncoding.pw_encrypt(password)
self._user_passwords[user_id] = password
self._login_to_userid[login_name] = user_id
self._userid_to_login[user_id] = login_name
# enumerateUsers return value has changed
view_name = createViewName('enumerateUsers')
self.ZCacheable_invalidate(view_name=view_name)
def setPropertiesForUser(self, user, propertysheet):
username = user.getId()
principal = self._get_principal_by_id(username)
properties = propertysheet.propertyItems()
for name, value in properties:
self.doSetProperty(principal, name, value)
try:
event = PropertiesUpdated(user, properties)
except TypeError:
# BBB: See Launchpad #795086
event = object.__new__(PropertiesUpdated)
event.object = user
event.principal = user
event.properties = properties
# XXX: This event is not fired by PAS!
notify(event)
view_name = createViewName('getPropertiesForUser', user)
self.ZCacheable_invalidate(view_name=view_name)
