def getRoles(self, user_id):
membrane = IMembraneUserObject(self.context)
if membrane.getUserId() != user_id:
return ()
if not self._in_right_state():
return ()
return self.roles
def testIMembraneUserObject(self):
"""Test the functionality of the IMembraneUserObject interface."""
from Products.membrane.interfaces import IMembraneUserObject
# adapt the person object
u = IMembraneUserObject(self.person)
uid = u.getUserId()
self.failUnlessEqual(uid, 'abc123', "incorrect value for getUserId")
def testIMembraneUserObject(self):
"""Test the functionality of the IMembraneUserObject interface."""
from Products.membrane.interfaces import IMembraneUserObject
# adapt the person object
u = IMembraneUserObject(self.person)
uid = u.getUserId()
self.failUnlessEqual(uid, 'abc123', "incorrect value for getUserId")
def getRoles(self, user_id):
membrane = IMembraneUserObject(self.context)
if membrane.getUserId() != user_id:
return ()
if not self._in_right_state():
return ()
return self.roles
def test_membrane_edit_username_id_accessors(self):
self.profile1.username = '******'
self.assertEquals(self.profiles.objectIds(), [self.userid1])
self.assertEquals(self.profile1.getId(), self.userid1)
adapted = IMembraneUserObject(self.profile1)
self.assertEquals(adapted.getUserId(), self.userid1)
members = api.user.get_users(groupname='Members')
self.assertEquals([x.getId() for x in members], [self.userid1])
def getAllRoles(self):
"""Here we should apparently enumerate all users who should
get an extra role.
"""
if not self._in_right_state():
return
membrane = IMembraneUserObject(self.context)
yield membrane.getUserId(), self.roles
def getAllRoles(self):
"""Here we should apparently enumerate all users who should
get an extra role.
"""
if not self._in_right_state():
return
membrane = IMembraneUserObject(self.context)
yield membrane.getUserId(), self.roles
def authenticateCredentials(self, credentials):
# Should not authenticate when the user is not enabled.
workflow_info = IMembraneUserWorkflow(self.context)
if not workflow_info.in_right_state():
return
if self.verifyCredentials(credentials):
# return (self.getUserId(), self.getUserName())
user = IMembraneUserObject(self.context)
return (user.getUserId(), user.getUserName())
def authenticateCredentials(self, credentials):
# Should not authenticate when the user is not enabled.
workflow_info = IMembraneUserWorkflow(self.context)
if not workflow_info.in_right_state():
return
if self.verifyCredentials(credentials):
# return (self.getUserId(), self.getUserName())
user = IMembraneUserObject(self.context)
return (user.getUserId(), user.getUserName())
def verifyCredentials(self, credentials):
"""Returns True is password is authenticated, False if not.
"""
user = IMembraneUserObject(self.context)
if credentials.get('login') != user.getUserName():
# Should never happen, as the code should then never end
# up here, but better safe than sorry.
return False
if not IProvidePasswordsSchema.providedBy(self.context):
return False
return pw_validate(self.context.password,
credentials.get('password', ''))
def verifyCredentials(self, credentials):
"""Returns True is password is authenticated, False if not.
"""
user = IMembraneUserObject(self.context)
if credentials.get("login") != user.getUserName():
# Should never happen, as the code should then never end
# up here, but better safe than sorry.
return False
password_provider = IProvidePasswordsSchema(self.context)
if not password_provider:
return False
return AuthEncoding.pw_validate(password_provider.password, credentials.get("password", ""))
def test_membrane_move_id_accessors(self):
"""Moving membrane profiles will not work"""
newid = 'my_new_vanity_url'
# just reassigning the id is not enough, have to actually move it
api.content.move(self.profile1, id=newid)
self.assertEquals(self.profiles.objectIds(), [newid])
self.assertEquals(self.profile1.getId(), newid)
adapted = IMembraneUserObject(self.profile1)
self.assertEquals(adapted.getUserId(), newid)
# with or without reindex, this ultimately fails
self.profile1.reindexObject()
members = api.user.get_users(groupname='Members')
self.assertEquals([x.getId() for x in members], [newid]) # FAILS
def test_userid(self):
"""All id-ish accessors behave the same regardless of email setting"""
self.assertTrue(api.user.get('joe_id'))
self.assertFalse(api.user.get('joe_name'))
self.assertFalse(api.user.get('*****@*****.**'))
self.assertEqual(self.member.id, 'joe_id')
self.assertEqual(self.member.getId(), 'joe_id')
self.assertEqual(self.layer['portal']['joe_id'], self.member)
with self.assertRaises(AttributeError):
self.member.getUserId()
adapted = IMembraneUserObject(self.member)
self.assertEqual(adapted.getUserId(), 'joe_id')
with self.assertRaises(AttributeError):
adapted.id
with self.assertRaises(AttributeError):
adapted.getId()
def authenticateCredentials(self, credentials):
# Should not authenticate when the user is not enabled.
workflow_info = IMembraneUserWorkflow(self.context)
loggable_credentials = {
'login': credentials['login'],
'remote_address': credentials['remote_address']
}
if not workflow_info.in_right_state():
logger.info("User login failed for {login} from {remote_address} - workflow in wrong state".format(**loggable_credentials))
return
if not self.verifyCredentials(credentials):
logger.info("User login failed for {login} from {remote_address} - bad credentials".format(**loggable_credentials))
else:
logger.info("User login succeed for {login} from {remote_address}".format(**loggable_credentials))
user = IMembraneUserObject(self.context)
return (user.getUserId(), user.getUserName())
def test_userid(self):
"""All id-ish accessors behave the same regardless of email setting"""
self.assertTrue(api.user.get('joe_id'))
self.assertFalse(api.user.get('joe_name'))
self.assertFalse(api.user.get('*****@*****.**'))
self.assertEqual(self.member.id, 'joe_id')
self.assertEqual(self.member.getId(), 'joe_id')
self.assertEqual(self.layer['portal']['joe_id'], self.member)
with self.assertRaises(AttributeError):
self.member.getUserId()
adapted = IMembraneUserObject(self.member)
self.assertEqual(adapted.getUserId(), 'joe_id')
with self.assertRaises(AttributeError):
adapted.id
with self.assertRaises(AttributeError):
adapted.getId()
def sortable_title(ob, **kw):
"""Sorting users happens by last name"""
user = IMembraneUserObject(ob, None)
if user:
names = [
ob.last_name,
ob.first_name,
]
return u' '.join([name for name in names if name])
return ""
def getRoles(self, principal_id):
"""
give an Owner who is also a 'selfpublisher', the reviewer role
"""
context = self.context
current_roles = list(
DefaultLocalRoleAdapter.getRoles(
self,
principal_id,
))
userid = IMembraneUserObject(context).getUserId()
if principal_id == userid:
current_roles.append('Owner')
return current_roles
def test_name_from_full_name(self):
# We do not want to set a title but instead have the first and
# last name used as title. We do not mind too much if the
# title field itself is empty, as long as we have our ways to
# get the fullname and get a name (basis for id) based on our
# title.
member = self._createType(self.layer['portal'],
'dexterity.membrane.member', 'joe')
name_title = INameFromTitle(member)
self.assertEqual(name_title.title, u'')
member.title = u"Title field"
self.assertEqual(name_title.title, u'')
member.last_name = u"User"
self.assertEqual(name_title.title, u'User')
member.first_name = u"Joe"
self.assertEqual(name_title.title, u'Joe User')
self.assertEqual(
IMembraneUserObject(member).get_full_name(), u'Joe User')
def Title(ob, **kw):
"""Add support for the Title index/metadata from Products.membrane"""
user = IMembraneUserObject(ob, None)
if user:
return user.get_full_name()
return ""
def Title(ob, **kw):
"""Add support for the Title index/metadata from Products.membrane"""
return IMembraneUserObject(ob).get_full_name()
def fullname(self):
# Note: we only define a getter; a setter would be too tricky
# due to the multiple fields that are behind this one
# property.
return IMembraneUserObject(self.context).get_full_name()
def name(self):
return self.context.name or \
IMembraneUserObject(self.context).get_full_name()
def preferred_username(self):
""" """
return self.context.preferred_username or \
IMembraneUserObject(self.context).getUserName()
def sub(self):
""" """
return force_unicode(IMembraneUserObject(self.context).getUserId())
def title(self):
return IMembraneUserObject(self.context).get_full_name()
def test_membrane_getUserName(self):
with self.assertRaises(AttributeError):
self.profile1.getUserName()
adapted = IMembraneUserObject(self.profile1)
self.assertEquals(adapted.getUserName(), self.email1)
def modifyPersonOwnership(event):
"""Let people own their own objects and modify their own user preferences.
Stolen from Plone and CMF core, but made less picky about where users are
found. (and from borg, thanks, optilude!)
"""
context = event.context
# Only run this if FSDPerson is an active membrane type.
fsd_tool = getToolByName(context, 'facultystaffdirectory_tool')
if 'FSDPerson' in fsd_tool.getEnableMembraneTypes():
catalog = getToolByName(context, 'portal_catalog')
userId = IMembraneUserObject(context).getUserId()
userFolder = getToolByName(context, 'acl_users')
user = None
while userFolder is not None:
user = userFolder.getUserById(userId)
if user is not None:
break
container = aq_parent(aq_inner(userFolder))
parent = aq_parent(aq_inner(container))
userFolder = getattr(parent, 'acl_users', None)
if user is None:
raise KeyError, _(u"User %s cannot be found.") % userId
context.changeOwnership(user, False)
def fixPersonRoles(context, userId):
# Remove all other Owners of this Person object. Note that the creator will have an implicit
# owner role. The User Preferences Editor role allows us to allow the user defined by the Person
# to manage their own password and user preferences, but prevent the creator of the Person object
# from modifying those fields.
for owner in context.users_with_local_role('Owner'):
roles = list(context.get_local_roles_for_userid(owner))
roles.remove('Owner')
if roles:
context.manage_setLocalRoles(owner, roles)
else:
context.manage_delLocalRoles([owner])
# Grant 'Owner' and 'User Preferences Editor' to the user defined by this object:
roles = list(context.get_local_roles_for_userid(userId))
roles.extend(['Owner', u'Reviewer', 'User Preferences Editor'])
# eliminate duplicated roles
roles = list(set(roles))
context.manage_setLocalRoles(userId, roles)
# Grant 'Owner' only to any users listed as 'assistants':
for assistant in context.getReferences(
relationship="people_assistants"):
pid = assistant.id
user = userFolder.getUserById(pid)
if user is None:
raise KeyError, _(u"User %s cannot be found.") % pid
roles = list(context.get_local_roles_for_userid(pid))
roles.append('Owner')
context.manage_setLocalRoles(pid, roles)
fixPersonRoles(context, user.getId())
catalog.reindexObject(context)
def test_username(self):
with self.assertRaises(AttributeError):
self.member.getUserName()
adapted = IMembraneUserObject(self.member)
self.assertEqual(adapted.getUserName(), 'joe_name')
def test_username(self):
with self.assertRaises(AttributeError):
self.member.getUserName()
adapted = IMembraneUserObject(self.member)
self.assertEqual(adapted.getUserName(), 'joe_name')
