def initialize(context):
"""Initializer called when used as a Zope 2 product."""
logger.info("*** Initializing SENAITE QUEUE Customization package ***")
types = listTypes(PRODUCT_NAME)
content_types, constructors, ftis = process_types(types, PRODUCT_NAME)
# Register each type with it's own Add permission
# use ADD_CONTENT_PERMISSION as default
all_types = zip(content_types, constructors)
for a_type, constructor in all_types:
kind = "%s: Add %s" % (PRODUCT_NAME, a_type.portal_type)
ContentInit(
kind,
content_types=(a_type, ),
permission=AddPortalContent,
extra_constructors=(constructor, ),
fti=ftis,
).initialize(context)
# Register Queue's PAS plugin
from pasplugin import QueueAuthPlugin
PluggableAuthService.registerMultiPlugin(QueueAuthPlugin.meta_type)
context.registerClass(
QueueAuthPlugin,
permission=manage_users,
constructors=(add_queue_auth_plugin, ),
)
def createPASFolder(context):
# check to see if we need to monkey patch PAS to accomodate inituser files
pas = PluggableAuthService.PluggableAuthService
if not hasattr(pas, '_createInitialUser'):
pas._createInitialUser = _createInitialUser
# create new PAS
PluggableAuthService.addPluggableAuthService(context)
context.acl_users.title = 'PAS'
def createPASFolder(context):
# check to see if we need to monkey patch PAS to accomodate inituser files
pas = PluggableAuthService.PluggableAuthService
if not hasattr(pas, '_createInitialUser'):
pas._createInitialUser = _createInitialUser
# create new PAS
PluggableAuthService.addPluggableAuthService(context)
context.acl_users.title = 'PAS'
# -*- coding: utf-8 -*-
from Acquisition import aq_base
from zope.component import getUtility
from Products.CMFCore.interfaces import ISiteRoot
from Products.CMFCore.utils import getToolByName
from Products.PluggableAuthService.interfaces.plugins import (
IExtractionPlugin, IAuthenticationPlugin)
from Products.PlonePAS.setuphandlers import activatePluginInterfaces
from AccessControl.Permissions import add_user_folders
from Products.PluggableAuthService import PluggableAuthService
from collective.taskqueue.pasplugin import taskauthplugin
PluggableAuthService.registerMultiPlugin(
taskauthplugin.TaskQueueAuthPlugin.meta_type)
def initialize(context):
context.registerClass(
taskauthplugin.TaskQueueAuthPlugin,
permission=add_user_folders,
constructors=(taskauthplugin.manage_addTaskQueueAuthPluginForm,
taskauthplugin.manage_addTaskQueueAuthPlugin),
visibility=None)
def configureTaskQueueAuthPlugin(context):
if context.readDataFile("collective.taskqueue.taskauth.txt") is None:
return # not our profile
site = getUtility(ISiteRoot)
from Acquisition import aq_base
from zope.component import getUtility
from Products.CMFCore.interfaces import ISiteRoot
from Products.CMFCore.utils import getToolByName
from Products.PluggableAuthService.interfaces.plugins import (
IExtractionPlugin,
IAuthenticationPlugin
)
from Products.PlonePAS.Extensions.Install import activatePluginInterfaces
from AccessControl.Permissions import add_user_folders
from Products.PluggableAuthService import PluggableAuthService
from collective.taskqueue.pasplugin import taskauthplugin
PluggableAuthService.registerMultiPlugin(
taskauthplugin.TaskQueueAuthPlugin.meta_type
)
def initialize(context):
context.registerClass(
taskauthplugin.TaskQueueAuthPlugin,
permission=add_user_folders,
constructors=(
taskauthplugin.manage_addTaskQueueAuthPluginForm,
taskauthplugin.manage_addTaskQueueAuthPlugin
),
visibility=None
)
# -*- coding: utf-8 -*-
from AccessControl.Permissions import add_user_folders
from Products.PluggableAuthService import PluggableAuthService
from collective.impersonator.plugins import impersonator
PluggableAuthService.registerMultiPlugin(
impersonator.ImpersonatorPlugin.meta_type
)
def initialize(context):
context.registerClass(
impersonator.ImpersonatorPlugin,
permission=add_user_folders,
constructors=(
impersonator.manage_addImpersonatorPluginForm,
impersonator.manage_addImpersonatorPlugin
),
visibility=None
)
def _extractUserIds( self, request, plugins ):
""" request -> [ validated_user_id ]
o For each set of extracted credentials, try to authenticate
a user; accumulate a list of the IDs of such users over all
our authentication and extraction plugins.
"""
try:
extractors = plugins.listPlugins( IExtractionPlugin )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.debug('Extractor plugin listing error', exc_info=True)
extractors = ()
if not extractors:
extractors = ( ( 'default', DumbHTTPExtractor() ), )
try:
authenticators = plugins.listPlugins( IAuthenticationPlugin )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.debug('Authenticator plugin listing error', exc_info=True)
authenticators = ()
result = []
for extractor_id, extractor in extractors:
try:
credentials = extractor.extractCredentials( request )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
PluggableAuthService.reraise(extractor)
logger.debug( 'ExtractionPlugin %s error' % extractor_id
, exc_info=True
)
continue
if credentials:
try:
credentials[ 'extractor' ] = extractor_id # XXX: in key?
# Test if ObjectCacheEntries.aggregateIndex would work
items = credentials.items()
items.sort()
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
# XXX: would reraise be good here, and which plugin to ask
# whether not to swallow the exception - the extractor?
logger.debug( 'Credentials error: %s' % credentials
, exc_info=True
)
continue
# First try to authenticate against the emergency
# user and return immediately if authenticated
user_id, name = self._tryEmergencyUserAuthentication(
credentials )
if user_id is not None:
return [ ( user_id, name ) ]
# Now see if the user ids can be retrieved from the cache
credentials['login'] = self.applyTransform( credentials.get('login') )
view_name = createViewName('_extractUserIds',
credentials.get('login'))
keywords = createKeywords(**credentials)
user_ids = self.ZCacheable_get( view_name=view_name
, keywords=keywords
, default=None
)
if user_ids is None:
user_ids = []
for authenticator_id, auth in authenticators:
try:
uid_and_info = auth.authenticateCredentials(
credentials )
# logger.info('plugin: %s' % str(auth.id))
# logger.info('uid_and_info: %s' % str(uid_and_info))
# Modificamos este codigo para que si la respuesta del oauthTokenRetriever mrs5.max.auth.py es BadUsernameOrPasswordError
# no continue mirando los siguientes plugins de Authentication Plugins
if auth.id == 'paspreauth' and uid_and_info == 'BadUsernameOrPasswordError' :
break
if uid_and_info is None:
continue
user_id, info = uid_and_info
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
PluggableAuthService.reraise(auth)
msg = 'AuthenticationPlugin %s error' % (
authenticator_id, )
logger.debug(msg, exc_info=True)
continue
if user_id is not None:
user_ids.append( (user_id, info) )
if user_ids:
self.ZCacheable_set( user_ids
, view_name=view_name
, keywords=keywords
)
result.extend( user_ids )
# Emergency user via HTTP basic auth always wins
user_id, name = self._tryEmergencyUserAuthentication(
DumbHTTPExtractor().extractCredentials( request ) )
if user_id is not None:
return [ ( user_id, name ) ]
return result
