def updateGroup(self, group_id, predicate, title=None, description=None, active=None): """ Update a group definition. o Raise KeyError if we don't have an existing group definition for 'group_id'. o Don't update 'title', 'description', or 'active' unless supplied. """ if group_id not in self.listGroupIds(): raise KeyError, 'Invalid group ID: %s' % group_id group = self._getOb(group_id) group._setPredicate(predicate) if title is not None: group.title = title if description is not None: group.description = description if active is not None: group.active = active # This method changes the enumerateGroups return value view_name = createViewName('enumerateGroups') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateGroups', group_id) self.ZCacheable_invalidate(view_name=view_name)
def invalidateCacheForChangedUser(self, user_id): view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateUsers', user_id) self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('getUserInfo', user_id) self.ZCacheable_invalidate(view_name=view_name)
def updateGroup(self, group_id, predicate, title=None, description=None, active=None): """ Update a group definition. o Raise KeyError if we don't have an existing group definition for 'group_id'. o Don't update 'title', 'description', or 'active' unless supplied. """ if group_id not in self.listGroupIds(): raise KeyError('Invalid group ID: %s' % group_id) group = self._getOb(group_id) group._setPredicate(predicate) if title is not None: group.title = title if description is not None: group.description = description if active is not None: group.active = active # This method changes the enumerateGroups return value view_name = createViewName('enumerateGroups') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateGroups', group_id) self.ZCacheable_invalidate(view_name=view_name)
def updateEveryLoginName(self, quit_on_first_error=True): # Update all login names to their canonical value. This # should be done after changing the login_transform property # of pas. You can set quit_on_first_error to False to report # all errors before quitting with an error. This can be # useful if you want to know how many problems there are, if # any. pas = self._getPAS() transform = pas._get_login_transform_method() if not transform: logger.warn("PAS has a non-existing, empty or wrong " "login_transform property.") return # Make a fresh mapping, as we do not want to add or remove # items to the original mapping while we are iterating over # it. new_login_to_userid = OOBTree() errors = [] for old_login_name, user_id in self._login_to_userid.items(): new_login_name = transform(old_login_name) if new_login_name in new_login_to_userid: logger.error("User id %s: login name %r already taken.", user_id, new_login_name) errors.append(new_login_name) if quit_on_first_error: break new_login_to_userid[new_login_name] = user_id if new_login_name != old_login_name: self._userid_to_login[user_id] = new_login_name # Also, remove from the cache view_name = createViewName('enumerateUsers', user_id) self.ZCacheable_invalidate(view_name=view_name) logger.debug("User id %s: changed login name from %r to %r.", user_id, old_login_name, new_login_name) # If there were errors, we do not want to save any changes. if errors: logger.error("There were %d errors when updating login names. " "quit_on_first_error was %r", len(errors), quit_on_first_error) # Make sure the exception we raise is not swallowed. self._dont_swallow_my_exceptions = True raise ValueError("Transformed login names are not unique: %s." % ', '.join(errors)) # Make sure we did not lose any users. assert(len(self._login_to_userid.keys()) == len(new_login_to_userid.keys())) # Empty the main cache. view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name) # Store the new login mapping. self._login_to_userid = new_login_to_userid
def testCacheTwoQueries(self): self.plugin.getPropertiesForUser(self.user) self.plugin.getPropertiesForUser(self.other_user) view_name = createViewName('getPropertiesForUser', self.username) user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker) view_name = createViewName('getPropertiesForUser', 'user_2') user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testTwoQueres(self): self.plugin.getRolesForPrincipal(self.username) self.plugin.getRolesForPrincipal('xx') view_name = createViewName('getRolesForPrincipal', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker) view_name = createViewName('getRolesForPrincipal', 'xx') user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testCacheTwoQueries(self): props = self.plugin.getPropertiesForUser(self.user) props = self.plugin.getPropertiesForUser(self.other_user) view_name = createViewName('getPropertiesForUser', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker) view_name = createViewName('getPropertiesForUser', 'user_2') user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testTwoQueres(self): user = TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) self.plugin.doAddUser("User1", self.password) user1 = TrivialUser("User1") self.plugin.getRolesForPrincipal(user1) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1') user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testSingleQuery(self): user = TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def updateUserInfo(self, user, set_id, set_info): if set_id is not None: raise NotImplementedError, "Cannot currently rename the user id of a user" users_table = self.getProperty('users_table') users_col_username = self.getProperty('users_col_username') realFields = self.remapKeys(set_info, reverse=True) sql = 'UPDATE %s SET ' % users_table for key, value in realFields.items(): _type = 'string' if type(value) == types.FloatType: _type = 'float' elif type(value) == types.IntType: _type = 'int' sql += ('%s' % WRAPCHAR) + key + '%s=<dtml-sqlvar %s type=%s>,' % (WRAPCHAR, key, _type) sql = sql[:-1] sql += " WHERE %s='%s'" % (users_col_username, user.getUserName()) params = ' '.join(realFields.keys()) sqlMethod = SQL('query', 'Update user info', self._connection, params, sql) sqlMethod = sqlMethod.__of__(self) data = dict(realFields) data[users_col_username] = user.getUserName() sqlMethod(**data) view_name = createViewName('getPropertiesForUser', user.getUserName()) cached_info = self.ZCacheable_invalidate(view_name=view_name)
def testInitialUserCacheIsEmpty(self): view_name = createViewName('getUserInfo', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, keywords=dict(auth=False), default=_marker) self.failUnless(user is _marker)
def getRolesForPrincipal(self, principal, request=None): """ principal -> ( role_1, ... role_N ) o Return a sequence of role names which the principal has. o May assign roles based on values in the REQUEST object, if present. """ principal_id = principal if not isinstance(principal_id, basestring): principal_id = principal.getId() view_name = createViewName('getRolesForPrincipal', principal_id) cached_info = self.ZCacheable_get(view_name) if cached_info is not None: return cached_info session = Session() principal = self.getPrincipal(principal) if principal is None: return () roles = tuple(principal.roles) self.ZCacheable_set(roles, view_name) return roles
def getRolesForPrincipal(self, principal, request=None ): """ principal -> ( role_1, ... role_N ) o Return a sequence of role names which the principal has. o May assign roles based on values in the REQUEST object, if present. """ principal_id = principal if not isinstance(principal_id, basestring): principal_id = principal.getId() view_name = createViewName('getRolesForPrincipal', principal_id) cached_info = self.ZCacheable_get(view_name) if cached_info is not None: return cached_info session = Session() principal = self.getPrincipal(principal) if principal is None: return () roles = tuple(principal.roles) self.ZCacheable_set(roles, view_name) return roles
def _verifyGroup(self, plugins, group_id=None, title=None): """ group_id -> boolean This method based on PluggableAuthService._verifyUser """ criteria = {} if group_id is not None: criteria[ 'id' ] = group_id criteria[ 'exact_match' ] = True if title is not None: criteria[ 'title' ] = title if criteria: view_name = createViewName('_verifyGroup', group_id) enumerators = plugins.listPlugins(IGroupEnumerationPlugin) for enumerator_id, enumerator in enumerators: try: info = enumerator.enumerateGroups(**criteria) if info: return info[0]['id'] except _SWALLOWABLE_PLUGIN_EXCEPTIONS: logger.info( 'PluggableAuthService: GroupEnumerationPlugin %s error', enumerator_id, exc_info=1) return 0
def addGroup( self , group_id , predicate , title='' , description='' , active=True ): """ Add a group definition. o Raise KeyError if we have an existing group definition for 'group_id'. """ if group_id in self.listGroupIds(): raise KeyError, 'Duplicate group ID: %s' % group_id info = DynamicGroupDefinition( group_id , predicate , title , description , active ) self._setObject( group_id, info ) # This method changes the enumerateGroups return value view_name = createViewName('enumerateGroups') self.ZCacheable_invalidate(view_name=view_name)
def testCacheStartsEmpty(self): view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is _marker)
def removeGroup(self, group_id, REQUEST=None): """ Remove a group definition. o Raise KeyError if we don't have an existing group definition for 'group_id'. """ if group_id not in self.listGroupIds(): raise KeyError, 'Invalid group ID: %s' % group_id self._delObject(group_id) # This method changes the enumerateGroups return value view_name = createViewName('enumerateGroups') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateGroups', group_id) self.ZCacheable_invalidate(view_name=view_name)
def testCacheSingleQuery(self): self.plugin.getPropertiesForUser(self.user) view_name = createViewName('getPropertiesForUser', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def getGroupsForPrincipal(self, principal, request=None): """ get the groups information from REQUEST upon login """ if request is None: if hasattr(self, 'REQUEST'): request = self.REQUEST else: return [] view_name = createViewName('getGroupsForPrincipal', principal.getId()) cached_info = self.ZCacheable_get(view_name) if cached_info is not None: return cached_info groups = [] authUser = request.environ.get('HTTP_EPPN') if authUser and authUser == principal.getId(): units = request.environ.get('HTTP_KULOUNUMBER') if units: groups = units.split(';') groups.extend(self.getAffiliations(request, groups)) else: return () groups = tuple(groups) self.ZCacheable_set(groups, view_name) return groups
def removeUser(self, user_id): if self._user_passwords.get(user_id) is None: raise KeyError, 'Invalid user ID: %s' % user_id login_name = self._userid_to_login[user_id] del self._user_passwords[user_id] del self._login_to_userid[login_name] del self._userid_to_login[user_id] # Also, remove from the cache view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateUsers', user_id) self.ZCacheable_invalidate(view_name=view_name)
def getPropertiesForUser(self, user, request=None): """Get property values for a user or group. Returns a dictionary of values or a PropertySheet. """ view_name = createViewName('getPropertiesForUser', user) cached_info = self.ZCacheable_get(view_name=view_name) if cached_info is not None: return MutablePropertySheet(self.id, **cached_info) data = None session = Session() if user.isGroup(): groups = session.query(domain.Group).filter( domain.Group.group_principal_id == user.getUserName()).all() if len(groups) == 1: group = groups[0] data = { 'title' : group.short_name or u"", 'description' : group.description or u"", } else: users = session.query(domain.User).filter( domain.User.login == user.getUserName()).all() if len(users) == 1: b_user = users[0] data = { 'fullname' : u"%s %s" %(b_user.first_name, b_user.last_name), 'email' : b_user.email or u"", 'description' : b_user.description or u"", 'notification': b_user.recieve_notification or False, } if data: self.ZCacheable_set(data, view_name=view_name) sheet = MutablePropertySheet(self.id, **data) return sheet
def addGroup( self , group_id , predicate , title='' , description='' , active=True ): """ Add a group definition. o Raise KeyError if we have an existing group definition for 'group_id'. """ if group_id in self.listGroupIds(): raise KeyError('Duplicate group ID: %s' % group_id) info = DynamicGroupDefinition( group_id , predicate , title , description , active ) self._setObject( group_id, info ) # This method changes the enumerateGroups return value view_name = createViewName('enumerateGroups') self.ZCacheable_invalidate(view_name=view_name)
def getPropertiesForUser(self, user, request=None): """Get property values for a user or group. Returns a dictionary of values or a PropertySheet. """ view_name = createViewName('getPropertiesForUser', user) cached_info = self.ZCacheable_get(view_name=view_name) if cached_info is not None: return MutablePropertySheet(self.id, **cached_info) data = None session = Session() if user.isGroup(): groups = session.query(domain.Group).filter( domain.Group.group_principal_id == user.getUserName()).all() if len(groups) == 1: group = groups[0] data = { 'title': group.short_name or u"", 'description': group.description or u"", } else: users = session.query(domain.User).filter( domain.User.login == user.getUserName()).all() if len(users) == 1: b_user = users[0] data = { 'fullname': u"%s %s" % (b_user.first_name, b_user.last_name), 'email': b_user.email or u"", 'description': b_user.description or u"", 'notification': b_user.recieve_notification or False, } if data: self.ZCacheable_set(data, view_name=view_name) sheet = MutablePropertySheet(self.id, **data) return sheet
def enumerateGroups(self, id=None, exact_match=False, sort_by=None, max_results=None, **kw): """ See IGroupEnumerationPlugin. """ group_info = [] group_ids = [] plugin_id = self.getId() view_name = createViewName('enumerateGroups', id) # Look in the cache first... keywords = copy.deepcopy(kw) keywords.update({ 'id': id, 'exact_match': exact_match, 'sort_by': sort_by, 'max_results': max_results }) cached_info = self.ZCacheable_get(view_name=view_name, keywords=keywords, default=None) if cached_info is not None: return tuple(cached_info) if isinstance(id, str): id = [id] if exact_match and id: group_ids.extend(id) if group_ids: group_filter = None else: # Searching group_ids = self.listGroupIds() group_filter = _DynamicGroupFilter(id, **kw) for group_id in group_ids: url = '/%s/%s/manage_propertiesForm' % (self.absolute_url(1), group_id) info = {} info.update(self.getGroupInfo(group_id)) info['pluginid'] = plugin_id info['properties_url'] = url info['members_url'] = url if not group_filter or group_filter(info): if info['active']: group_info.append(info) # Put the computed value into the cache self.ZCacheable_set(group_info, view_name=view_name, keywords=keywords) return tuple(group_info)
def createUser(self, user_id, name): keywords = {'user_id':user_id, 'name':name} view_name = createViewName('enumerateUsers', user_id or name) cached_info = self.ZCacheable_get( view_name=view_name , keywords=keywords , default=None ) if cached_info is not None: data = cached_info partner = OdooPartner(user_id, name) self.ZCacheable_set(data, view_name=view_name, keywords=keywords) partner.addPropertysheet( 'odoo', data ) return partner users = [] conn = getUtility(interfaces.IOdooPasUtility) main_user = conn.login() args = [('login', '=', user_id)] uids = conn.search('res.users', args=args) if not uids: return None datas = conn.read('res.users', uids, fields=['login', 'name', 'email', 'partner_id']) data = datas[0] if data.get('id'): del data['id'] if data.get('partner_id'): data['partner_id'] = data['partner_id'][0] data['fullname'] = data['name'] partner = OdooPartner(user_id, name) self.ZCacheable_set(data, view_name=view_name, keywords=keywords) partner.addPropertysheet( 'odoo', data ) return partner
def removeUser(self, user_id): if self._user_passwords.get(user_id) is None: raise KeyError('Invalid user ID: %s' % user_id) login_name = self._userid_to_login[user_id] del self._user_passwords[user_id] del self._login_to_userid[login_name] del self._userid_to_login[user_id] # Also, remove from the cache view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateUsers', user_id) self.ZCacheable_invalidate(view_name=view_name)
def testCacheStartsEmpty(self): view_name = createViewName('getPropertiesForUser', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, keywords=dict(auth=False), default=_marker) self.failUnless(user is _marker)
def removeGroup(self, group_id): """ Remove a group definition. o Raise KeyError if we don't have an existing group definition for 'group_id'. """ if group_id not in self.listGroupIds(): raise KeyError('Invalid group ID: %s' % group_id) self._delObject(group_id) # This method changes the enumerateGroups return value view_name = createViewName('enumerateGroups') self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName('enumerateGroups', group_id) self.ZCacheable_invalidate(view_name=view_name)
def removeUser(self, user_id): """ """ # Remove the user from all persistent dicts if user_id not in self._useridentities_by_userid: # invalid userid return del self._useridentities_by_userid[user_id] plugin_id = self.getPluginIdByUserId(user_id) if plugin_id: del self._userid_by_identityinfo[plugin_id] # Also, remove from the cache view_name = createViewName("enumerateUsers") self.ZCacheable_invalidate(view_name=view_name) view_name = createViewName("enumerateUsers", user_id) self.ZCacheable_invalidate(view_name=view_name)
def assignRolesToPrincipal(self, roles, principal_id): """Assign a specific set of roles, and only those roles, to a principal. o no return value o insert and delete roles on the SQL Backend based on the roles parameter """ ignored_roles = ('Authenticated', 'Anonymous', 'Owner') roles = [role_id for role_id in roles if role_id not in ignored_roles] # remove actual roles that are not in the roles parameter actual_roles = self.getRolesForPrincipal( principal_id, ignore_groups=True ) self.doRemoveRolesFromPrincipal( [role for role in actual_roles if role not in roles], principal_id) # insert new roles for role in roles: if role not in ignored_roles: self.doAssignRoleToPrincipal( principal_id, role, invalidate_cache=False ) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id ) self.ZCacheable_invalidate(view_name)
def assignRolesToPrincipal(self, roles, principal_id): """Assign a specific set of roles, and only those roles, to a principal. o no return value o insert and delete roles on the SQL Backend based on the roles parameter """ ignored_roles = ('Authenticated', 'Anonymous', 'Owner') roles = [role_id for role_id in roles if role_id not in ignored_roles] # remove actual roles that are not in the roles parameter actual_roles = self.getRolesForPrincipal(principal_id, ignore_groups=True) self.doRemoveRolesFromPrincipal( [role for role in actual_roles if role not in roles], principal_id) # insert new roles for role in roles: if role not in ignored_roles: self.doAssignRoleToPrincipal(principal_id, role, invalidate_cache=False) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id) self.ZCacheable_invalidate(view_name)
def getPropertiesForUser(self, user, request=None): """Get property values for a user or group. Returns a dictionary of values or a PropertySheet. """ view_name = createViewName('getPropertiesForUser', user) cached_info = self.ZCacheable_get(view_name=view_name) if cached_info is not None: return MutablePropertySheet(self.id, **cached_info) data = None if user.isGroup(): http_obj = httplib2.Http() query = '/++rest++brs/groups?' params = urllib.urlencode({'user_name': user.getUserName()}) resp, content = http_obj.request(connection_url() + query + params, "GET") data = simplejson.loads(content) else: http_obj = httplib2.Http() query = '/++rest++brs/users?' params = urllib.urlencode({'user_name': user.getUserName()}) resp, content = http_obj.request(connection_url() + query + params, "GET") data = simplejson.loads(content) if data: self.ZCacheable_set(data, view_name=view_name) sheet = MutablePropertySheet(self.id, **data) return sheet
def createUser(self, user_id, name): keywords = {'user_id': user_id, 'name': name} view_name = createViewName('enumerateUsers', user_id or name) cached_info = self.ZCacheable_get(view_name=view_name, keywords=keywords, default=None) if cached_info is not None: data = cached_info partner = OdooPartner(user_id, name) self.ZCacheable_set(data, view_name=view_name, keywords=keywords) partner.addPropertysheet('odoo', data) return partner users = [] conn = getUtility(interfaces.IOdooPasUtility) main_user = conn.login() args = [('login', '=', user_id)] uids = conn.search('res.users', args=args) if not uids: return None datas = conn.read('res.users', uids, fields=['login', 'name', 'email', 'partner_id']) data = datas[0] if data.get('id'): del data['id'] if data.get('partner_id'): data['partner_id'] = data['partner_id'][0] data['fullname'] = data['name'] partner = OdooPartner(user_id, name) self.ZCacheable_set(data, view_name=view_name, keywords=keywords) partner.addPropertysheet('odoo', data) return partner
def addUser(self, user_id, login_name, password): users = [] conn = getUtility(interfaces.IOdooPasUtility) user = conn.login() conn.create('res.users', {'login': user_id, 'new_password': password}) # enumerateUsers return value has changed view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name)
def testAssignRolesZapsCache(self): self.plugin.getRolesForPrincipal(self.username) self.plugin.assignRolesToPrincipal(('henchman',), self.username) view_name = createViewName('getRolesForPrincipal', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is _marker)
def setPropertiesForUser(self, user, propertysheet): session = Session() _user = session.query(model.User).filter_by( name=user.getUserName()).first() for name, value in propertysheet.propertyItems(): self.doSetProperty(_user, name, value) view_name = createViewName('getPropertiesForUser', user) cached_info = self.ZCacheable_invalidate(view_name=view_name)
def testSingleQuery(self): user=TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testNoAuthGetUserIsCached(self): self.plugin.getUserInfo(self.username, auth=False) view_name = createViewName('getUserInfo', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, keywords=dict(auth=False), default=_marker) self.failUnless(user is not _marker)
def testAssignRoleKeepsCacheIfToldSo(self): user = TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', False) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testAssignRoleKeepsCacheIfToldSo(self): self.plugin.getRolesForPrincipal(self.username) self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', True) view_name = createViewName('getRolesForPrincipal', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def addUser( self, user_id, login_name, password ): users = [] conn = getUtility(interfaces.IOdooPasUtility) user = conn.login() conn.create('res.users', {'login':user_id, 'new_password':password}) # enumerateUsers return value has changed view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name)
def setPropertiesForUser(self, user, propertysheet): session = Session() _user = session.query( model.User).filter_by(name=user.getUserName()).first() for name, value in propertysheet.propertyItems(): self.doSetProperty(_user, name, value) view_name = createViewName('getPropertiesForUser', user) cached_info = self.ZCacheable_invalidate(view_name=view_name)
def testAssignRolesZapsCache(self): user = TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) self.plugin.assignRolesToPrincipal(('henchman', ), self.username) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is _marker)
def testTwoQueres(self): user=TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) self.plugin.doAddUser("User1", self.password) user1=TrivialUser("User1") self.plugin.getRolesForPrincipal(user1) view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker) view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1') user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def testAuthGetUserIsNotCached(self): config.CACHE_PASSWORDS=False self.plugin.getUserInfo(self.username, auth=True) view_name = createViewName('getUserInfo', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, keywords=dict(auth=True), default=_marker) self.failUnless(user is _marker)
def testAssignRoleKeepsCacheIfToldSo(self): user=TrivialUser(self.username) self.plugin.getRolesForPrincipal(user) self.plugin.doAssignRoleToPrincipal(self.username, 'henchman', False) view_name = createViewName('getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, default=_marker) self.failUnless(user is not _marker)
def updateGroup(self, group_id, title=None, description=None): session = Session() principal = session.query(self.principal_class).\ filter_by(zope_id=group_id).first() if title: self.doSetProperty(principal, 'title', title) if description: self.doSetProperty(principal, 'description', description) view_name = createViewName('getPropertiesForUser', group_id) self.ZCacheable_invalidate(view_name=view_name)
def testUpdateZapsCache(self): props = self.plugin.getPropertiesForUser(self.user) self.plugin.updateUserInfo(self.user, set_id=None, set_info=dict(firstname='Jane')) view_name = createViewName('getPropertiesForUser', self.username) user = self.plugin.ZCacheable_get( view_name=view_name, keywords=dict(auth=False), default=_marker) self.failUnless(user is _marker)
def testUpdateZapsCache(self): self.plugin.getPropertiesForUser(self.user) info = { 'fullname': u'Jane Doe', } sheet = MutablePropertySheet("memberdata", **info) self.plugin.setPropertiesForUser(self.user, sheet) view_name = createViewName('getPropertiesForUser', self.username) user = self.plugin.ZCacheable_get(view_name=view_name, keywords=dict(auth=False), default=_marker) self.failUnless(user is _marker)
def updateUserInfo(self, user, set_id, set_info): if set_id is not None: raise NotImplementedError, \ "Cannot currently rename the user id of a user" session = Session() _user = session.query( model.User).filter_by(name=user.getUserName()).first() for name, value in set_info.items(): self.doSetProperty(_user, name, value) view_name = createViewName('getPropertiesForUser', user.getUserName()) cached_info = self.ZCacheable_invalidate(view_name=view_name)
def addUser(self, user_id, login_name, password): if self._user_passwords.get(user_id) is not None: raise KeyError, 'Duplicate user ID: %s' % user_id if self._login_to_userid.get(login_name) is not None: raise KeyError, 'Duplicate login name: %s' % login_name self._user_passwords[user_id] = self._pw_encrypt(password) self._login_to_userid[login_name] = user_id self._userid_to_login[user_id] = login_name # enumerateUsers return value has changed view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name)
def setPropertiesForUser(self, user, propertysheet): if user.isGroup(): pass #we do not set any attributes from plone here else: h = httplib2.Http() query = '/++rest++brs/users' data = {'login': user.getUserName()} params = urllib.urlencode(data) resp, content = h.request(connection_url() + query + params, "GET") if propertysheet.getProperty('email'): data['email'] = propertysheet.getProperty('email') if propertysheet.getProperty('notification') != None: data['receive_notification'] = propertysheet.getProperty( 'notification') view_name = createViewName('getPropertiesForUser', user) cached_info = self.ZCacheable_invalidate(view_name=view_name)
def doAssignRoleToPrincipal(self, principal_id, role, _no_cache=False): """ Create a principal/role association in a Role Manager o Return a Boolean indicating whether the role was assigned or not """ principal = self.getPrincipal(principal_id) if principal is None or role in principal.roles: return False principal.roles.add(role) if not _no_cache: view_name = createViewName('getRolesForPrincipal', principal_id) self.ZCacheable_invalidate(view_name) return True
def _verifyGroup(self, plugins, group_id=None, title=None): """ group_id -> boolean This method based on PluggableAuthService._verifyUser """ criteria = {} if group_id is not None: criteria['id'] = group_id criteria['exact_match'] = True if title is not None: criteria['title'] = title if criteria: view_name = createViewName('_verifyGroup', group_id or title) cached_info = self.ZCacheable_get(view_name=view_name, keywords=criteria, default=None) if cached_info is not None: return cached_info enumerators = plugins.listPlugins(IGroupEnumerationPlugin) for enumerator_id, enumerator in enumerators: try: info = enumerator.enumerateGroups(**criteria) if info: id = info[0]['id'] # Put the computed value into the cache self.ZCacheable_set(id, view_name=view_name, keywords=criteria) return id except _SWALLOWABLE_PLUGIN_EXCEPTIONS: logger = logging.getLogger('membrane') logger.debug('GroupEnumerationPlugin %s error' % enumerator_id, exc_info=True) return 0
def removeRoleFromPrincipal(self, role_id, principal_id): """ Remove a role from a principal (user or group). o Return a boolean indicating whether the role was already present. o Raise KeyError if 'role_id' is unknown. o Ignore requests to remove a role not already assigned to the principal. """ roles = self.getRolesForPrincipal(principal_id, ignore_groups=True) if role_id in roles: self.doRemoveRolesFromPrincipal([role_id], principal_id) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', principal_id) self.ZCacheable_invalidate(view_name) return True return False
def testDoRemoveRoleFromPrincipalZapsCache(self): self.plugin.doAddUser("User1", self.password) self.plugin.assignRolesToPrincipal(( 'First', 'Second', ), 'User1') roles = self.plugin.getRolesForPrincipal('User1') self.assertTrue('First' in roles) self.assertTrue('Second' in roles) view_name = createViewName( 'getRolesForPrincipal-IgnDirFalse-IgnGrpFalse', 'User1') user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is not _marker) self.plugin.doRemoveRoleFromPrincipal('User1', 'First') user = self.plugin.ZCacheable_get(view_name=view_name, default=_marker) self.failUnless(user is _marker)
def addUser(self, user_id, login_name, password): """Original ZODBUserManager.addUser, modified to check if incoming password is already encypted. This support clean migration from default user source. Should go into PAS. """ if self._user_passwords.get(user_id) is not None: raise KeyError('Duplicate user ID: %s' % user_id) if self._login_to_userid.get(login_name) is not None: raise KeyError('Duplicate login name: %s' % login_name) if not AuthEncoding.is_encrypted(password): password = AuthEncoding.pw_encrypt(password) self._user_passwords[user_id] = password self._login_to_userid[login_name] = user_id self._userid_to_login[user_id] = login_name # enumerateUsers return value has changed view_name = createViewName('enumerateUsers') self.ZCacheable_invalidate(view_name=view_name)
def setPropertiesForUser(self, user, propertysheet): username = user.getId() principal = self._get_principal_by_id(username) properties = propertysheet.propertyItems() for name, value in properties: self.doSetProperty(principal, name, value) try: event = PropertiesUpdated(user, properties) except TypeError: # BBB: See Launchpad #795086 event = object.__new__(PropertiesUpdated) event.object = user event.principal = user event.properties = properties # XXX: This event is not fired by PAS! notify(event) view_name = createViewName('getPropertiesForUser', user) self.ZCacheable_invalidate(view_name=view_name)