def BrowserID_checkUserExistence(self):
hash = self.REQUEST.get('__ac_browser_id_hash')
try:
user_dict = BrowserID_getServerToken(self, hash)
except KeyError:
return False
user = user_dict['login']
tag = '%s_user_creation_in_progress' % user
person_list = getUserByLogin(self.getPortalObject(), user)
if len(person_list) == 0:
if self.getPortalObject().portal_activities.countMessageWithTag(tag) == 0:
user_entry = {'reference': user,
'email': user[4:],
'first_name': None,
'last_name': None}
self.Base_createOauth2User(tag, **user_entry)
return False
else:
return True
"""Returns the name of the owner of current document
"""
owner_id_list = [i[0] for i in context.get_local_roles() if 'Owner' in i[1]]
if owner_id_list:
from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(context.getPortalObject(), tuple(owner_id_list))
if found_user_list:
return found_user_list[0].getTitle()
return owner_id_list[0]
"""Find and returns Person object for current logged in user.
Returns None if no corresponding person, for example when not using ERP5Security.ERP5UserManager.
"""
portal = context.getPortalObject()
if user_name is None:
user_name = portal.portal_membership.getAuthenticatedMember()
from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(portal, str(user_name))
if len(found_user_list) == 1:
return found_user_list[0]
from DateTime import DateTime
from Products.ERP5Security.ERP5UserManager import getUserByLogin
person_list = getUserByLogin(context, login)
if not person_list:
return False, []
person = person_list[0]
if person.getPassword(format='palo_md5') != password:
return False, []
now = DateTime()
group_set = set()
for assignment in person.contentValues(portal_type='Assignment'):
if assignment.getValidationState() == 'open' and (
assignment.getStartDate() is None or
assignment.getStartDate() <= now <= assignment.getStopDate()):
# XXX below is sample implementation, as it must match the groups defined in PALO
if assignment.isMemberOf("function/palo"):
group_set.add(assignment.getGroupReference())
if assignment.isMemberOf("function/palo_admin"):
group_set.add("admin")
return True, list(group_set)
"""Returns the name of the owner of current document
"""
owner_id_list = [i[0] for i in context.get_local_roles() if 'Owner' in i[1]]
if owner_id_list:
from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(context.getPortalObject(),
tuple(owner_id_list))
if found_user_list:
return found_user_list[0].getTitle()
return owner_id_list[0]
"""Find and returns Person object for current logged in user. Returns None if no corresponding person, for example when not using ERP5Security.ERP5UserManager. """ portal = context.getPortalObject() if user_name is None: user_name = portal.portal_membership.getAuthenticatedMember() from Products.ERP5Security.ERP5UserManager import getUserByLogin found_user_list = getUserByLogin(portal, str(user_name)) if len(found_user_list) == 1: return found_user_list[0]
def extractCredentials(self, request):
""" Extract Oauth2 credentials from the request header. """
Base_createOauth2User = getattr(self.getPortalObject(),
'Base_createOauth2User', None)
if Base_createOauth2User is None:
LOG('ERP5ExternalOauth2ExtractionPlugin', INFO,
'No Base_createOauth2User script available, install '
'erp5_credential_oauth2, disabled authentication.')
return DumbHTTPExtractor().extractCredentials(request)
creds = {}
token = None
if request._auth is not None:
# 1st - try to fetch from Authorization header
if self.header_string.lower() in request._auth.lower():
l = request._auth.split()
if len(l) == 2:
token = l[1]
if token is None:
# no token
return DumbHTTPExtractor().extractCredentials(request)
# token is available
user = None
user_entry = None
try:
user = self.getToken(self.prefix + token)
except KeyError:
user_entry = self.getUserEntry(token)
if user_entry is not None:
user = user_entry['reference']
if user is None:
# fallback to default way
return DumbHTTPExtractor().extractCredentials(request)
tag = '%s_user_creation_in_progress' % user.encode('hex')
if self.getPortalObject().portal_activities.countMessageWithTag(tag) > 0:
self.REQUEST['USER_CREATION_IN_PROGRESS'] = user
else:
# create the user if not found
person_list = getUserByLogin(self.getPortalObject(), user)
if len(person_list) == 0:
sm = getSecurityManager()
if sm.getUser().getId() != SUPER_USER:
newSecurityManager(self, self.getUser(SUPER_USER))
try:
self.REQUEST['USER_CREATION_IN_PROGRESS'] = user
if user_entry is None:
user_entry = self.getUserEntry(token)
try:
self.Base_createOauth2User(tag, **user_entry)
except Exception:
LOG('ERP5ExternalOauth2ExtractionPlugin', ERROR,
'Issue while calling creation script:', error=True)
raise
finally:
setSecurityManager(sm)
try:
self.setToken(self.prefix + token, user)
except KeyError:
# allow to work w/o cache
pass
creds['external_login'] = user
creds['remote_host'] = request.get('REMOTE_HOST', '')
try:
creds['remote_address'] = request.getClientAddr()
except AttributeError:
creds['remote_address'] = request.get('REMOTE_ADDR', '')
return creds
