def check_maxtoken_for_user_by_type(user, type_of_token): ''' This internal function checks the number of assigned tokens to a user restricted by the policies: "scope = enrollment", action = "maxtokenTOKENTYPE = <number>" :param user: to whom the token should belong :param type_of_token: which type of token should be enrolled or assigned :raises PolicyException: if maxtoken policy would be violated ''' _ = context['translate'] if not user or not user.login: return client = _get_client() user_realms = _getUserRealms(user) log.debug("checking the already assigned tokens for user %r, realms %s" % (user, user_realms)) # ------------------------------------------------------------------ -- # check the maxtokenTOKENTYPE policy typed_tokens = linotp.lib.token.getTokens4UserOrSerial( user, token_type=type_of_token) for user_realm in user_realms: policies = get_client_policy(client, action="maxtoken%s" % type_of_token.upper(), scope='enrollment', realm=user_realm, user=user.login, userObj=user) if not policies: continue # compare the tokens of the user with the max numbers of the policy total_maxtoken = get_action_value( policies, scope='enrollment', action="maxtoken%s" % type_of_token.upper(), default=-1) if total_maxtoken == -1 or isinstance(total_maxtoken, bool): continue if len(typed_tokens) + 1 > total_maxtoken: error_msg = _("The maximum number of allowed tokens of type %s " "per user is exceeded. Check the policies " "scope=enrollment, action=maxtoken%s" % (type_of_token, type_of_token.upper())) raise linotp.lib.policy.MaxTokenTypeUserPolicyException(error_msg)
def check_maxtoken_for_user(user): ''' This internal function checks the number of assigned tokens to a user restricted by the policies: "scope = enrollment", action = "maxtoken = <number>" :param user: to whom the token should belong :raises PolicyException: if maxtoken policy would be violated ''' _ = context['translate'] if not user or not user.login: return client = _get_client() user_realms = _getUserRealms(user) log.debug("checking the already assigned tokens for user %r, realms %s" % (user, user_realms)) # ----------------------------------------------------------------------- -- # check the maxtoken policy action = "maxtoken" tokens = linotp.lib.token.getTokens4UserOrSerial(user, "") for user_realm in user_realms: policies = get_client_policy(client, scope='enrollment', action=action, realm=user_realm, user=user.login, userObj=user) if not policies: continue total_maxtoken = get_action_value(policies, scope='enrollment', action=action, default=-1) if total_maxtoken == -1 or isinstance(total_maxtoken, bool): continue if len(tokens) + 1 > total_maxtoken: error_msg = _("The maximum number of allowed tokens " "per user is exceeded. Check the " "policies scope=enrollment, " "action=maxtoken") raise linotp.lib.policy.MaxTokenUserPolicyException(error_msg)