def getPropertiesForUser(self, user, request=None): info = self.get_spsso().get_attributes(self.REQUEST) or {} # the stupid Plone is unable to handle unicode properties # must encode them from Products.PlonePAS.utils import getCharset charset = getCharset(self) for k,v in info.items(): if isinstance(v, unicode): info[k] = v.encode(charset) elif v and isinstance(v, (tuple, list)) and isinstance(v[0], unicode): info[k] = [c.encode(charset) for c in v] # more conversion might need to become necessary return info
def _make_attribute_statement(self, target, req, subject, member, index): eid = target.eid or req.Issuer.value() auth = self._get_authority() md = auth.metadata_by_id(eid).get_recent_metadata() for sp in md.SPSSODescriptor: for acs in sp.AttributeConsumingService: if index is None and acs.isDefault or index == acs.index: break else: acs = None if acs is not None: break else: acs = None if acs is None: if index is None: return # nothing to do logger.error("could not locate acs %d for %s" % (index, eid)) return "ResourceNotRecognized" # catalog our attribute -- should probably be cached attrs = {} for att in self.objectValues(): attrs[(att.format, att.title)] = att # determine the attributes we are ready to provide from dm.saml2.pyxb.assertion import AttributeStatement, Attribute, AttributeValue av = [] for ra in acs.RequestedAttribute: ran = (ra.NameFormat or normalize_attrname_format("unspecified"), ra.Name) d = attrs.get(ran) if d is None: logger.error("attribute %s requested by %s not found" % (ran, eid)) continue evaluator = d.evaluator if evaluator is None: v = member.getProperty(d.getId(), None) else: v = self.unrestrictedTraverse(evaluator)(member, d, eid) # Plone stupidly converts unicode properties to `str` if isinstance(v, str) and d.type == "string": # convert back to unicode from Products.PlonePAS.utils import getCharset v = unicode(v, getCharset(self)) # potentially, more encodings are necessary xv = xs_convert_to_xml(d.type, v, AttributeValue) if not isinstance(xv, list): xv = xv, aas = dict( NameFormat=d.format, Name=d.title, FriendlyName=ra.FriendlyName or d.getId(), ) att = Attribute(*xv, **aas) av.append(att) if not av: return return AttributeStatement(*av)
def getProperty(self, id, default=_marker): for sheet in self.getOrderedPropertySheets(): if sheet.hasProperty(id): value = sheet.getProperty(id) if isinstance(value, unicode): # XXX Temporarily work around the fact that # property sheets blindly store and return # unicode. This is sub-optimal and should be # dealed with at the property sheets level by # using Zope's converters. charset = getCharset(self) return value.encode(charset) return value return default
def getProperty(self, id, default=_marker): """PAS-specific method to fetch a user's properties. Looks through the ordered property sheets. """ sheets = None if not IPluggableAuthService.providedBy(self.acl_users): return BaseMemberData.getProperty(self, id) else: # It's a PAS! Whee! user = self.getUser() sheets = getattr(user, 'getOrderedPropertySheets', lambda: None)() # we won't always have PlonePAS users, due to acquisition, # nor are guaranteed property sheets if not sheets: return BaseMemberData.getProperty(self, id, default) charset = getCharset(self) # If we made this far, we found a PAS and some property sheets. for sheet in sheets: if sheet.hasProperty(id): # Return the first one that has the property. value = sheet.getProperty(id) if isinstance(value, unicode): # XXX Temporarily work around the fact that # property sheets blindly store and return # unicode. This is sub-optimal and should be # dealed with at the property sheets level by # using Zope's converters. return value.encode(charset) return value # Couldn't find the property in the property sheets. Try to # delegate back to the base implementation. return BaseMemberData.getProperty(self, id, default)