Пример #1
0
    def updateGroup(self,
                    group_id,
                    predicate,
                    title=None,
                    description=None,
                    active=None):
        """ Update a group definition.

        o Raise KeyError if we don't have an existing group definition
          for 'group_id'.

        o Don't update 'title', 'description', or 'active' unless supplied.
        """
        if group_id not in self.listGroupIds():
            raise KeyError, 'Invalid group ID: %s' % group_id

        group = self._getOb(group_id)

        group._setPredicate(predicate)

        if title is not None:
            group.title = title

        if description is not None:
            group.description = description

        if active is not None:
            group.active = active

        # This method changes the enumerateGroups return value
        view_name = createViewName('enumerateGroups')
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName('enumerateGroups', group_id)
        self.ZCacheable_invalidate(view_name=view_name)
Пример #2
0
 def invalidateCacheForChangedUser(self, user_id):
     view_name = createViewName('enumerateUsers')
     self.ZCacheable_invalidate(view_name=view_name)
     view_name = createViewName('enumerateUsers', user_id)
     self.ZCacheable_invalidate(view_name=view_name)
     view_name = createViewName('getUserInfo', user_id)
     self.ZCacheable_invalidate(view_name=view_name)
    def updateGroup(self, group_id, predicate, title=None, description=None,
                    active=None):
        """ Update a group definition.

        o Raise KeyError if we don't have an existing group definition
          for 'group_id'.

        o Don't update 'title', 'description', or 'active' unless supplied.
        """
        if group_id not in self.listGroupIds():
            raise KeyError('Invalid group ID: %s' % group_id)

        group = self._getOb(group_id)

        group._setPredicate(predicate)

        if title is not None:
            group.title = title

        if description is not None:
            group.description = description

        if active is not None:
            group.active = active

        # This method changes the enumerateGroups return value
        view_name = createViewName('enumerateGroups')
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName('enumerateGroups', group_id)
        self.ZCacheable_invalidate(view_name=view_name)
    def updateEveryLoginName(self, quit_on_first_error=True):
        # Update all login names to their canonical value.  This
        # should be done after changing the login_transform property
        # of pas.  You can set quit_on_first_error to False to report
        # all errors before quitting with an error.  This can be
        # useful if you want to know how many problems there are, if
        # any.
        pas = self._getPAS()
        transform = pas._get_login_transform_method()
        if not transform:
            logger.warn("PAS has a non-existing, empty or wrong "
                        "login_transform property.")
            return

        # Make a fresh mapping, as we do not want to add or remove
        # items to the original mapping while we are iterating over
        # it.
        new_login_to_userid = OOBTree()
        errors = []
        for old_login_name, user_id in self._login_to_userid.items():
            new_login_name = transform(old_login_name)
            if new_login_name in new_login_to_userid:
                logger.error("User id %s: login name %r already taken.",
                             user_id, new_login_name)
                errors.append(new_login_name)
                if quit_on_first_error:
                    break
            new_login_to_userid[new_login_name] = user_id
            if new_login_name != old_login_name:
                self._userid_to_login[user_id] = new_login_name
                # Also, remove from the cache
                view_name = createViewName('enumerateUsers', user_id)
                self.ZCacheable_invalidate(view_name=view_name)
                logger.debug("User id %s: changed login name from %r to %r.",
                             user_id, old_login_name, new_login_name)

        # If there were errors, we do not want to save any changes.
        if errors:
            logger.error("There were %d errors when updating login names. "
                         "quit_on_first_error was %r", len(errors),
                         quit_on_first_error)
            # Make sure the exception we raise is not swallowed.
            self._dont_swallow_my_exceptions = True
            raise ValueError("Transformed login names are not unique: %s." %
                             ', '.join(errors))

        # Make sure we did not lose any users.
        assert(len(self._login_to_userid.keys())
               == len(new_login_to_userid.keys()))
        # Empty the main cache.
        view_name = createViewName('enumerateUsers')
        self.ZCacheable_invalidate(view_name=view_name)
        # Store the new login mapping.
        self._login_to_userid = new_login_to_userid
Пример #5
0
    def testCacheTwoQueries(self):
        self.plugin.getPropertiesForUser(self.user)
        self.plugin.getPropertiesForUser(self.other_user)

        view_name = createViewName('getPropertiesForUser', self.username)
        user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
        self.failUnless(user is not _marker)

        view_name = createViewName('getPropertiesForUser', 'user_2')
        user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
        self.failUnless(user is not _marker)
    def updateEveryLoginName(self, quit_on_first_error=True):
        # Update all login names to their canonical value.  This
        # should be done after changing the login_transform property
        # of pas.  You can set quit_on_first_error to False to report
        # all errors before quitting with an error.  This can be
        # useful if you want to know how many problems there are, if
        # any.
        pas = self._getPAS()
        transform = pas._get_login_transform_method()
        if not transform:
            logger.warn("PAS has a non-existing, empty or wrong "
                        "login_transform property.")
            return

        # Make a fresh mapping, as we do not want to add or remove
        # items to the original mapping while we are iterating over
        # it.
        new_login_to_userid = OOBTree()
        errors = []
        for old_login_name, user_id in self._login_to_userid.items():
            new_login_name = transform(old_login_name)
            if new_login_name in new_login_to_userid:
                logger.error("User id %s: login name %r already taken.",
                             user_id, new_login_name)
                errors.append(new_login_name)
                if quit_on_first_error:
                    break
            new_login_to_userid[new_login_name] = user_id
            if new_login_name != old_login_name:
                self._userid_to_login[user_id] = new_login_name
                # Also, remove from the cache
                view_name = createViewName('enumerateUsers', user_id)
                self.ZCacheable_invalidate(view_name=view_name)
                logger.debug("User id %s: changed login name from %r to %r.",
                             user_id, old_login_name, new_login_name)

        # If there were errors, we do not want to save any changes.
        if errors:
            logger.error("There were %d errors when updating login names. "
                         "quit_on_first_error was %r", len(errors),
                         quit_on_first_error)
            # Make sure the exception we raise is not swallowed.
            self._dont_swallow_my_exceptions = True
            raise ValueError("Transformed login names are not unique: %s." %
                             ', '.join(errors))

        # Make sure we did not lose any users.
        assert(len(self._login_to_userid.keys())
               == len(new_login_to_userid.keys()))
        # Empty the main cache.
        view_name = createViewName('enumerateUsers')
        self.ZCacheable_invalidate(view_name=view_name)
        # Store the new login mapping.
        self._login_to_userid = new_login_to_userid
Пример #7
0
    def testTwoQueres(self):
        self.plugin.getRolesForPrincipal(self.username)
        self.plugin.getRolesForPrincipal('xx')

        view_name = createViewName('getRolesForPrincipal', self.username)
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)
        self.failUnless(user is not _marker)

        view_name = createViewName('getRolesForPrincipal', 'xx')
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)
        self.failUnless(user is not _marker)
    def testCacheTwoQueries(self):
        props = self.plugin.getPropertiesForUser(self.user)
        props = self.plugin.getPropertiesForUser(self.other_user)

        view_name = createViewName('getPropertiesForUser', self.username)
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)
        self.failUnless(user is not _marker)

        view_name = createViewName('getPropertiesForUser', 'user_2')
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)
        self.failUnless(user is not _marker)
Пример #9
0
    def testTwoQueres(self):
        user = TrivialUser(self.username)
        self.plugin.getRolesForPrincipal(user)
        self.plugin.doAddUser("User1", self.password)
        user1 = TrivialUser("User1")
        self.plugin.getRolesForPrincipal(user1)

        view_name = createViewName(
            'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
        user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
        self.failUnless(user is not _marker)

        view_name = createViewName(
            'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1')
        user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
        self.failUnless(user is not _marker)
Пример #10
0
 def testSingleQuery(self):
     user = TrivialUser(self.username)
     self.plugin.getRolesForPrincipal(user)
     view_name = createViewName(
         'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
     user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
     self.failUnless(user is not _marker)
Пример #11
0
    def updateUserInfo(self, user, set_id, set_info):
        if set_id is not None:
            raise NotImplementedError, "Cannot currently rename the user id of a user"

        users_table = self.getProperty('users_table')
        users_col_username = self.getProperty('users_col_username')

        realFields = self.remapKeys(set_info, reverse=True)

        sql = 'UPDATE %s SET ' % users_table
        for key, value in realFields.items():
            _type = 'string'
            if type(value) == types.FloatType:
                _type = 'float'
            elif type(value) == types.IntType:
                _type = 'int'

            sql += ('%s' % WRAPCHAR) + key + '%s=<dtml-sqlvar %s type=%s>,' % (WRAPCHAR, key, _type)
        sql = sql[:-1]
        sql += " WHERE %s='%s'" % (users_col_username, user.getUserName())

        params = ' '.join(realFields.keys())
        sqlMethod = SQL('query', 'Update user info', self._connection, params, sql)
        sqlMethod = sqlMethod.__of__(self)

        data = dict(realFields)
        data[users_col_username] = user.getUserName()

        sqlMethod(**data)

        view_name = createViewName('getPropertiesForUser', user.getUserName())
        cached_info = self.ZCacheable_invalidate(view_name=view_name)
Пример #12
0
 def testInitialUserCacheIsEmpty(self):
     view_name = createViewName('getUserInfo', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             keywords=dict(auth=False),
             default=_marker)
     self.failUnless(user is _marker)
Пример #13
0
    def getRolesForPrincipal(self, principal, request=None):
        """ principal -> ( role_1, ... role_N )

        o Return a sequence of role names which the principal has.

        o May assign roles based on values in the REQUEST object, if present.
        """

        principal_id = principal
        if not isinstance(principal_id, basestring):
            principal_id = principal.getId()
        view_name = createViewName('getRolesForPrincipal', principal_id)
        cached_info = self.ZCacheable_get(view_name)
        if cached_info is not None:
            return cached_info

        session = Session()

        principal = self.getPrincipal(principal)
        if principal is None:
            return ()

        roles = tuple(principal.roles)
        self.ZCacheable_set(roles, view_name)
        return roles
Пример #14
0
    def getRolesForPrincipal(self, principal, request=None ):

        """ principal -> ( role_1, ... role_N )

        o Return a sequence of role names which the principal has.

        o May assign roles based on values in the REQUEST object, if present.
        """

        principal_id = principal
        if not isinstance(principal_id, basestring):
            principal_id = principal.getId()
        view_name = createViewName('getRolesForPrincipal', principal_id)
        cached_info = self.ZCacheable_get(view_name)
        if cached_info is not None:
            return cached_info

        session = Session()

        principal = self.getPrincipal(principal)
        if principal is None:
            return ()

        roles = tuple(principal.roles)
        self.ZCacheable_set(roles, view_name)
        return roles
Пример #15
0
    def _verifyGroup(self, plugins, group_id=None, title=None):

        """ group_id -> boolean
        This method based on PluggableAuthService._verifyUser
        """
        criteria = {}

        if group_id is not None:
            criteria[ 'id' ] = group_id
            criteria[ 'exact_match' ] = True

        if title is not None:
            criteria[ 'title' ] = title

        if criteria:
            view_name = createViewName('_verifyGroup', group_id)
            enumerators = plugins.listPlugins(IGroupEnumerationPlugin)

            for enumerator_id, enumerator in enumerators:
                try:
                    info = enumerator.enumerateGroups(**criteria)

                    if info:
                        return info[0]['id']

                except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
                    logger.info(
                        'PluggableAuthService: GroupEnumerationPlugin %s error',
                        enumerator_id, exc_info=1)

        return 0
Пример #16
0
    def addGroup( self
                , group_id
                , predicate
                , title=''
                , description=''
                , active=True
                ):

        """ Add a group definition.

        o Raise KeyError if we have an existing group definition
          for 'group_id'.
        """
        if group_id in self.listGroupIds():
            raise KeyError, 'Duplicate group ID: %s' % group_id

        info = DynamicGroupDefinition( group_id
                                     , predicate
                                     , title
                                     , description
                                     , active
                                     )

        self._setObject( group_id, info )

        # This method changes the enumerateGroups return value
        view_name = createViewName('enumerateGroups')
        self.ZCacheable_invalidate(view_name=view_name)
    def testCacheStartsEmpty(self):
        view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)

        self.failUnless(user is _marker)
Пример #18
0
    def removeGroup(self, group_id, REQUEST=None):
        """ Remove a group definition.

        o Raise KeyError if we don't have an existing group definition
          for 'group_id'.
        """
        if group_id not in self.listGroupIds():
            raise KeyError, 'Invalid group ID: %s' % group_id

        self._delObject(group_id)

        # This method changes the enumerateGroups return value
        view_name = createViewName('enumerateGroups')
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName('enumerateGroups', group_id)
        self.ZCacheable_invalidate(view_name=view_name)
 def testCacheSingleQuery(self):
     self.plugin.getPropertiesForUser(self.user)
     view_name = createViewName('getPropertiesForUser', self.username)
     user = self.plugin.ZCacheable_get(
         view_name=view_name,
         default=_marker)
     self.failUnless(user is not _marker)
Пример #20
0
 def getGroupsForPrincipal(self, principal, request=None):
     """ get the groups information from REQUEST upon login
     """
     if request is None:
         if hasattr(self, 'REQUEST'):
             request = self.REQUEST
         else:
             return []
     view_name = createViewName('getGroupsForPrincipal',
                                principal.getId())
     cached_info = self.ZCacheable_get(view_name)
     if cached_info is not None:
         return cached_info
     groups = []
     authUser = request.environ.get('HTTP_EPPN')
     if authUser and authUser == principal.getId():
         units = request.environ.get('HTTP_KULOUNUMBER')
         if units:
             groups = units.split(';')
         groups.extend(self.getAffiliations(request, groups))
     else:
         return ()
     groups = tuple(groups)
     self.ZCacheable_set(groups, view_name)
     return groups
Пример #21
0
    def removeUser(self, user_id):

        if self._user_passwords.get(user_id) is None:
            raise KeyError, 'Invalid user ID: %s' % user_id

        login_name = self._userid_to_login[user_id]

        del self._user_passwords[user_id]
        del self._login_to_userid[login_name]
        del self._userid_to_login[user_id]

        # Also, remove from the cache
        view_name = createViewName('enumerateUsers')
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName('enumerateUsers', user_id)
        self.ZCacheable_invalidate(view_name=view_name)
Пример #22
0
 def getPropertiesForUser(self, user, request=None):
     """Get property values for a user or group.
     Returns a dictionary of values or a PropertySheet.
     """
     view_name = createViewName('getPropertiesForUser', user)
     cached_info = self.ZCacheable_get(view_name=view_name)
     if cached_info is not None:
         return MutablePropertySheet(self.id, **cached_info)
     data = None
     session = Session()
     if user.isGroup():
         groups = session.query(domain.Group).filter(
             domain.Group.group_principal_id == user.getUserName()).all()
         if len(groups) == 1:
             group = groups[0]
             data =  { 
                 'title' : group.short_name or u"",
                 'description' : group.description or u"",
                 }
     else:
         users = session.query(domain.User).filter(
             domain.User.login == user.getUserName()).all()
         if len(users) == 1:
             b_user = users[0]
             data =  {
                 'fullname' : u"%s %s" %(b_user.first_name, b_user.last_name),
                 'email' : b_user.email or u"",
                 'description' : b_user.description or u"",
                 'notification': b_user.recieve_notification or False,
                 }
     if data:
         self.ZCacheable_set(data, view_name=view_name)
         sheet = MutablePropertySheet(self.id, **data)
         return sheet
    def addGroup( self
                , group_id
                , predicate
                , title=''
                , description=''
                , active=True
                ):

        """ Add a group definition.

        o Raise KeyError if we have an existing group definition
          for 'group_id'.
        """
        if group_id in self.listGroupIds():
            raise KeyError('Duplicate group ID: %s' % group_id)

        info = DynamicGroupDefinition( group_id
                                     , predicate
                                     , title
                                     , description
                                     , active
                                     )

        self._setObject( group_id, info )

        # This method changes the enumerateGroups return value
        view_name = createViewName('enumerateGroups')
        self.ZCacheable_invalidate(view_name=view_name)
Пример #24
0
 def getPropertiesForUser(self, user, request=None):
     """Get property values for a user or group.
     Returns a dictionary of values or a PropertySheet.
     """
     view_name = createViewName('getPropertiesForUser', user)
     cached_info = self.ZCacheable_get(view_name=view_name)
     if cached_info is not None:
         return MutablePropertySheet(self.id, **cached_info)
     data = None
     session = Session()
     if user.isGroup():
         groups = session.query(domain.Group).filter(
             domain.Group.group_principal_id == user.getUserName()).all()
         if len(groups) == 1:
             group = groups[0]
             data = {
                 'title': group.short_name or u"",
                 'description': group.description or u"",
             }
     else:
         users = session.query(domain.User).filter(
             domain.User.login == user.getUserName()).all()
         if len(users) == 1:
             b_user = users[0]
             data = {
                 'fullname':
                 u"%s %s" % (b_user.first_name, b_user.last_name),
                 'email': b_user.email or u"",
                 'description': b_user.description or u"",
                 'notification': b_user.recieve_notification or False,
             }
     if data:
         self.ZCacheable_set(data, view_name=view_name)
         sheet = MutablePropertySheet(self.id, **data)
         return sheet
Пример #25
0
    def enumerateGroups(self,
                        id=None,
                        exact_match=False,
                        sort_by=None,
                        max_results=None,
                        **kw):
        """ See IGroupEnumerationPlugin.
        """
        group_info = []
        group_ids = []
        plugin_id = self.getId()
        view_name = createViewName('enumerateGroups', id)

        # Look in the cache first...
        keywords = copy.deepcopy(kw)
        keywords.update({
            'id': id,
            'exact_match': exact_match,
            'sort_by': sort_by,
            'max_results': max_results
        })
        cached_info = self.ZCacheable_get(view_name=view_name,
                                          keywords=keywords,
                                          default=None)

        if cached_info is not None:
            return tuple(cached_info)

        if isinstance(id, str):
            id = [id]

        if exact_match and id:
            group_ids.extend(id)

        if group_ids:
            group_filter = None

        else:  # Searching
            group_ids = self.listGroupIds()
            group_filter = _DynamicGroupFilter(id, **kw)

        for group_id in group_ids:

            url = '/%s/%s/manage_propertiesForm' % (self.absolute_url(1),
                                                    group_id)
            info = {}
            info.update(self.getGroupInfo(group_id))

            info['pluginid'] = plugin_id
            info['properties_url'] = url
            info['members_url'] = url

            if not group_filter or group_filter(info):
                if info['active']:
                    group_info.append(info)

        # Put the computed value into the cache
        self.ZCacheable_set(group_info, view_name=view_name, keywords=keywords)

        return tuple(group_info)
Пример #26
0
 def createUser(self, user_id, name):
     keywords = {'user_id':user_id, 'name':name}
     view_name = createViewName('enumerateUsers', user_id or name)
     cached_info = self.ZCacheable_get( view_name=view_name
                                      , keywords=keywords
                                      , default=None
                                      )
     if cached_info is not None:
         data = cached_info
         partner = OdooPartner(user_id, name)
         self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
         partner.addPropertysheet( 'odoo', data )
         return partner
     users = []
     conn = getUtility(interfaces.IOdooPasUtility)
     main_user = conn.login()
     args = [('login', '=', user_id)]
     uids = conn.search('res.users', args=args)
     if not uids:
         return None
     datas = conn.read('res.users', uids, fields=['login', 'name', 'email', 'partner_id'])
     data = datas[0]
     if data.get('id'):
         del data['id']
     if data.get('partner_id'):
         data['partner_id'] = data['partner_id'][0]
     data['fullname'] = data['name']
     partner = OdooPartner(user_id, name)
     self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
     partner.addPropertysheet( 'odoo', data )
     return partner
    def removeUser(self, user_id):

        if self._user_passwords.get(user_id) is None:
            raise KeyError('Invalid user ID: %s' % user_id)

        login_name = self._userid_to_login[user_id]

        del self._user_passwords[user_id]
        del self._login_to_userid[login_name]
        del self._userid_to_login[user_id]

        # Also, remove from the cache
        view_name = createViewName('enumerateUsers')
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName('enumerateUsers', user_id)
        self.ZCacheable_invalidate(view_name=view_name)
 def testCacheStartsEmpty(self):
     view_name = createViewName('getPropertiesForUser', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             keywords=dict(auth=False),
             default=_marker)
     self.failUnless(user is _marker)
    def removeGroup(self, group_id):
        """ Remove a group definition.

        o Raise KeyError if we don't have an existing group definition
          for 'group_id'.
        """
        if group_id not in self.listGroupIds():
            raise KeyError('Invalid group ID: %s' % group_id)

        self._delObject(group_id)

        # This method changes the enumerateGroups return value
        view_name = createViewName('enumerateGroups')
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName('enumerateGroups', group_id)
        self.ZCacheable_invalidate(view_name=view_name)
Пример #30
0
    def removeUser(self, user_id):
        """ """
        # Remove the user from all persistent dicts
        if user_id not in self._useridentities_by_userid:
            # invalid userid
            return
        del self._useridentities_by_userid[user_id]

        plugin_id = self.getPluginIdByUserId(user_id)
        if plugin_id:
            del self._userid_by_identityinfo[plugin_id]
        # Also, remove from the cache
        view_name = createViewName("enumerateUsers")
        self.ZCacheable_invalidate(view_name=view_name)
        view_name = createViewName("enumerateUsers", user_id)
        self.ZCacheable_invalidate(view_name=view_name)
Пример #31
0
    def assignRolesToPrincipal(self, roles, principal_id):
        """Assign a specific set of roles, and only those roles, to a
        principal.

        o no return value
        o insert and delete roles on the SQL Backend based on the roles
          parameter
        """
        ignored_roles = ('Authenticated', 'Anonymous', 'Owner')
        roles = [role_id for role_id in roles if role_id not in ignored_roles]

        # remove actual roles that are not in the roles parameter
        actual_roles = self.getRolesForPrincipal(
            principal_id, ignore_groups=True
            )

        self.doRemoveRolesFromPrincipal(
            [role for role in actual_roles if role not in roles], principal_id)

        # insert new roles
        for role in roles:
            if role not in ignored_roles:
                self.doAssignRoleToPrincipal(
                    principal_id, role, invalidate_cache=False
                    )

        view_name = createViewName(
            'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id
            )

        self.ZCacheable_invalidate(view_name)
Пример #32
0
    def assignRolesToPrincipal(self, roles, principal_id):
        """Assign a specific set of roles, and only those roles, to a
        principal.

        o no return value
        o insert and delete roles on the SQL Backend based on the roles
          parameter
        """
        ignored_roles = ('Authenticated', 'Anonymous', 'Owner')
        roles = [role_id for role_id in roles if role_id not in ignored_roles]

        # remove actual roles that are not in the roles parameter
        actual_roles = self.getRolesForPrincipal(principal_id,
                                                 ignore_groups=True)

        self.doRemoveRolesFromPrincipal(
            [role for role in actual_roles if role not in roles], principal_id)

        # insert new roles
        for role in roles:
            if role not in ignored_roles:
                self.doAssignRoleToPrincipal(principal_id,
                                             role,
                                             invalidate_cache=False)

        view_name = createViewName(
            'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id)

        self.ZCacheable_invalidate(view_name)
Пример #33
0
    def getPropertiesForUser(self, user, request=None):
        """Get property values for a user or group.
        Returns a dictionary of values or a PropertySheet.
        """
        view_name = createViewName('getPropertiesForUser', user)
        cached_info = self.ZCacheable_get(view_name=view_name)
        if cached_info is not None:
            return MutablePropertySheet(self.id, **cached_info)
        data = None
        if user.isGroup():
            http_obj = httplib2.Http()
            query = '/++rest++brs/groups?'
            params = urllib.urlencode({'user_name': user.getUserName()})
            resp, content = http_obj.request(connection_url() + query + params,
                                             "GET")
            data = simplejson.loads(content)

        else:
            http_obj = httplib2.Http()
            query = '/++rest++brs/users?'
            params = urllib.urlencode({'user_name': user.getUserName()})
            resp, content = http_obj.request(connection_url() + query + params,
                                             "GET")
            data = simplejson.loads(content)

        if data:
            self.ZCacheable_set(data, view_name=view_name)
            sheet = MutablePropertySheet(self.id, **data)
            return sheet
Пример #34
0
 def createUser(self, user_id, name):
     keywords = {'user_id': user_id, 'name': name}
     view_name = createViewName('enumerateUsers', user_id or name)
     cached_info = self.ZCacheable_get(view_name=view_name,
                                       keywords=keywords,
                                       default=None)
     if cached_info is not None:
         data = cached_info
         partner = OdooPartner(user_id, name)
         self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
         partner.addPropertysheet('odoo', data)
         return partner
     users = []
     conn = getUtility(interfaces.IOdooPasUtility)
     main_user = conn.login()
     args = [('login', '=', user_id)]
     uids = conn.search('res.users', args=args)
     if not uids:
         return None
     datas = conn.read('res.users',
                       uids,
                       fields=['login', 'name', 'email', 'partner_id'])
     data = datas[0]
     if data.get('id'):
         del data['id']
     if data.get('partner_id'):
         data['partner_id'] = data['partner_id'][0]
     data['fullname'] = data['name']
     partner = OdooPartner(user_id, name)
     self.ZCacheable_set(data, view_name=view_name, keywords=keywords)
     partner.addPropertysheet('odoo', data)
     return partner
Пример #35
0
 def addUser(self, user_id, login_name, password):
     users = []
     conn = getUtility(interfaces.IOdooPasUtility)
     user = conn.login()
     conn.create('res.users', {'login': user_id, 'new_password': password})
     # enumerateUsers return value has changed
     view_name = createViewName('enumerateUsers')
     self.ZCacheable_invalidate(view_name=view_name)
 def testAssignRolesZapsCache(self):
     self.plugin.getRolesForPrincipal(self.username)
     self.plugin.assignRolesToPrincipal(('henchman',), self.username)
     view_name = createViewName('getRolesForPrincipal', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             default=_marker)
     self.failUnless(user is _marker)
Пример #37
0
 def setPropertiesForUser(self, user, propertysheet):
     session = Session()
     _user = session.query(model.User).filter_by(
         name=user.getUserName()).first()
     for name, value in propertysheet.propertyItems():
         self.doSetProperty(_user, name, value)
     view_name = createViewName('getPropertiesForUser', user) 
     cached_info = self.ZCacheable_invalidate(view_name=view_name)
 def testSingleQuery(self):
     user=TrivialUser(self.username)
     self.plugin.getRolesForPrincipal(user)
     view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             default=_marker)
     self.failUnless(user is not _marker)
Пример #39
0
 def testNoAuthGetUserIsCached(self):
     self.plugin.getUserInfo(self.username, auth=False)
     view_name = createViewName('getUserInfo', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             keywords=dict(auth=False),
             default=_marker)
     self.failUnless(user is not _marker)
Пример #40
0
 def testAssignRoleKeepsCacheIfToldSo(self):
     user = TrivialUser(self.username)
     self.plugin.getRolesForPrincipal(user)
     self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', False)
     view_name = createViewName(
         'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
     user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
     self.failUnless(user is not _marker)
 def testAssignRoleKeepsCacheIfToldSo(self):
     self.plugin.getRolesForPrincipal(self.username)
     self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', True)
     view_name = createViewName('getRolesForPrincipal', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             default=_marker)
     self.failUnless(user is not _marker)
Пример #42
0
 def addUser( self, user_id, login_name, password ):
     users = []
     conn = getUtility(interfaces.IOdooPasUtility)
     user = conn.login()
     conn.create('res.users', {'login':user_id, 'new_password':password})
     # enumerateUsers return value has changed
     view_name = createViewName('enumerateUsers')
     self.ZCacheable_invalidate(view_name=view_name)
Пример #43
0
 def setPropertiesForUser(self, user, propertysheet):
     session = Session()
     _user = session.query(
         model.User).filter_by(name=user.getUserName()).first()
     for name, value in propertysheet.propertyItems():
         self.doSetProperty(_user, name, value)
     view_name = createViewName('getPropertiesForUser', user)
     cached_info = self.ZCacheable_invalidate(view_name=view_name)
Пример #44
0
 def testAssignRolesZapsCache(self):
     user = TrivialUser(self.username)
     self.plugin.getRolesForPrincipal(user)
     self.plugin.assignRolesToPrincipal(('henchman', ), self.username)
     view_name = createViewName(
         'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
     user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
     self.failUnless(user is _marker)
    def testTwoQueres(self):
        user=TrivialUser(self.username)
        self.plugin.getRolesForPrincipal(user)
        self.plugin.doAddUser("User1", self.password)
        user1=TrivialUser("User1")
        self.plugin.getRolesForPrincipal(user1)

        view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)
        self.failUnless(user is not _marker)

        view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1')
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                default=_marker)
        self.failUnless(user is not _marker)
Пример #46
0
 def testAuthGetUserIsNotCached(self):
     config.CACHE_PASSWORDS=False
     self.plugin.getUserInfo(self.username, auth=True)
     view_name = createViewName('getUserInfo', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             keywords=dict(auth=True),
             default=_marker)
     self.failUnless(user is _marker)
 def testAssignRoleKeepsCacheIfToldSo(self):
     user=TrivialUser(self.username)
     self.plugin.getRolesForPrincipal(user)
     self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', False)
     view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username)
     user = self.plugin.ZCacheable_get(
             view_name=view_name,
             default=_marker)
     self.failUnless(user is not _marker)
Пример #48
0
    def updateGroup(self, group_id, title=None, description=None):
        session = Session()
        principal = session.query(self.principal_class).\
            filter_by(zope_id=group_id).first()
        if title:
            self.doSetProperty(principal, 'title', title)
        if description:
            self.doSetProperty(principal, 'description', description)

        view_name = createViewName('getPropertiesForUser', group_id)
        self.ZCacheable_invalidate(view_name=view_name)
Пример #49
0
    def updateGroup(self, group_id, title=None, description=None):
        session = Session()
        principal = session.query(self.principal_class).\
                filter_by(zope_id=group_id).first()
        if title:
            self.doSetProperty(principal, 'title', title)
        if description:
            self.doSetProperty(principal, 'description', description)

        view_name = createViewName('getPropertiesForUser', group_id)
        self.ZCacheable_invalidate(view_name=view_name)
    def testUpdateZapsCache(self):
        props = self.plugin.getPropertiesForUser(self.user)
        self.plugin.updateUserInfo(self.user, set_id=None,
                set_info=dict(firstname='Jane'))

        view_name = createViewName('getPropertiesForUser', self.username)
        user = self.plugin.ZCacheable_get(
                view_name=view_name,
                keywords=dict(auth=False),
                default=_marker)
        self.failUnless(user is _marker)
Пример #51
0
    def testUpdateZapsCache(self):
        self.plugin.getPropertiesForUser(self.user)
        info = {
            'fullname': u'Jane Doe',
        }
        sheet = MutablePropertySheet("memberdata", **info)
        self.plugin.setPropertiesForUser(self.user, sheet)

        view_name = createViewName('getPropertiesForUser', self.username)
        user = self.plugin.ZCacheable_get(view_name=view_name,
                                          keywords=dict(auth=False),
                                          default=_marker)
        self.failUnless(user is _marker)
Пример #52
0
    def updateUserInfo(self, user, set_id, set_info):
        if set_id is not None:
            raise NotImplementedError, \
                  "Cannot currently rename the user id of a user"

        session = Session()
        _user = session.query(
            model.User).filter_by(name=user.getUserName()).first()
        for name, value in set_info.items():
            self.doSetProperty(_user, name, value)

        view_name = createViewName('getPropertiesForUser', user.getUserName())
        cached_info = self.ZCacheable_invalidate(view_name=view_name)
Пример #53
0
    def addUser(self, user_id, login_name, password):

        if self._user_passwords.get(user_id) is not None:
            raise KeyError, 'Duplicate user ID: %s' % user_id

        if self._login_to_userid.get(login_name) is not None:
            raise KeyError, 'Duplicate login name: %s' % login_name

        self._user_passwords[user_id] = self._pw_encrypt(password)
        self._login_to_userid[login_name] = user_id
        self._userid_to_login[user_id] = login_name

        # enumerateUsers return value has changed
        view_name = createViewName('enumerateUsers')
        self.ZCacheable_invalidate(view_name=view_name)
Пример #54
0
 def setPropertiesForUser(self, user, propertysheet):
     if user.isGroup():
         pass
         #we do not set any attributes from plone here
     else:
         h = httplib2.Http()
         query = '/++rest++brs/users'
         data = {'login': user.getUserName()}
         params = urllib.urlencode(data)
         resp, content = h.request(connection_url() + query + params, "GET")
         if propertysheet.getProperty('email'):
             data['email'] = propertysheet.getProperty('email')
         if propertysheet.getProperty('notification') != None:
             data['receive_notification'] = propertysheet.getProperty(
                 'notification')
     view_name = createViewName('getPropertiesForUser', user)
     cached_info = self.ZCacheable_invalidate(view_name=view_name)
Пример #55
0
    def doAssignRoleToPrincipal(self, principal_id, role, _no_cache=False):
        """ Create a principal/role association in a Role Manager

        o Return a Boolean indicating whether the role was assigned or not
        """

        principal = self.getPrincipal(principal_id)
        if principal is None or role in principal.roles:
            return False

        principal.roles.add(role)

        if not _no_cache:
            view_name = createViewName('getRolesForPrincipal', principal_id)
            self.ZCacheable_invalidate(view_name)

        return True
Пример #56
0
    def _verifyGroup(self, plugins, group_id=None, title=None):
        """ group_id -> boolean
        This method based on PluggableAuthService._verifyUser
        """
        criteria = {}

        if group_id is not None:
            criteria['id'] = group_id
            criteria['exact_match'] = True

        if title is not None:
            criteria['title'] = title

        if criteria:
            view_name = createViewName('_verifyGroup', group_id or title)
            cached_info = self.ZCacheable_get(view_name=view_name,
                                              keywords=criteria,
                                              default=None)

            if cached_info is not None:
                return cached_info

            enumerators = plugins.listPlugins(IGroupEnumerationPlugin)

            for enumerator_id, enumerator in enumerators:
                try:
                    info = enumerator.enumerateGroups(**criteria)

                    if info:
                        id = info[0]['id']
                        # Put the computed value into the cache
                        self.ZCacheable_set(id,
                                            view_name=view_name,
                                            keywords=criteria)
                        return id

                except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
                    logger = logging.getLogger('membrane')
                    logger.debug('GroupEnumerationPlugin %s error' %
                                 enumerator_id,
                                 exc_info=True)

        return 0
Пример #57
0
    def removeRoleFromPrincipal(self, role_id, principal_id):
        """ Remove a role from a principal (user or group).

        o Return a boolean indicating whether the role was already present.

        o Raise KeyError if 'role_id' is unknown.

        o Ignore requests to remove a role not already assigned to the
          principal.
        """
        roles = self.getRolesForPrincipal(principal_id, ignore_groups=True)
        if role_id in roles:
            self.doRemoveRolesFromPrincipal([role_id], principal_id)

            view_name = createViewName(
                'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id)
            self.ZCacheable_invalidate(view_name)
            return True

        return False
Пример #58
0
    def testDoRemoveRoleFromPrincipalZapsCache(self):
        self.plugin.doAddUser("User1", self.password)

        self.plugin.assignRolesToPrincipal((
            'First',
            'Second',
        ), 'User1')
        roles = self.plugin.getRolesForPrincipal('User1')
        self.assertTrue('First' in roles)
        self.assertTrue('Second' in roles)

        view_name = createViewName(
            'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1')
        user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
        self.failUnless(user is not _marker)

        self.plugin.doRemoveRoleFromPrincipal('User1', 'First')

        user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker)
        self.failUnless(user is _marker)
Пример #59
0
    def addUser(self, user_id, login_name, password):
        """Original ZODBUserManager.addUser, modified to check if
        incoming password is already encypted.

        This support clean migration from default user source.
        Should go into PAS.
        """
        if self._user_passwords.get(user_id) is not None:
            raise KeyError('Duplicate user ID: %s' % user_id)

        if self._login_to_userid.get(login_name) is not None:
            raise KeyError('Duplicate login name: %s' % login_name)

        if not AuthEncoding.is_encrypted(password):
            password = AuthEncoding.pw_encrypt(password)
        self._user_passwords[user_id] = password
        self._login_to_userid[login_name] = user_id
        self._userid_to_login[user_id] = login_name

        # enumerateUsers return value has changed
        view_name = createViewName('enumerateUsers')
        self.ZCacheable_invalidate(view_name=view_name)
Пример #60
0
    def setPropertiesForUser(self, user, propertysheet):
        username = user.getId()
        principal = self._get_principal_by_id(username)
        properties = propertysheet.propertyItems()

        for name, value in properties:
            self.doSetProperty(principal, name, value)

        try:
            event = PropertiesUpdated(user, properties)
        except TypeError:
            # BBB: See Launchpad #795086
            event = object.__new__(PropertiesUpdated)
            event.object = user
            event.principal = user
            event.properties = properties

        # XXX: This event is not fired by PAS!
        notify(event)

        view_name = createViewName('getPropertiesForUser', user)
        self.ZCacheable_invalidate(view_name=view_name)