def revokeTokens(self):
"""
User revokes selected tokens.
"""
# manually do everything since we are not using the built-in
# widgets
# TODO use widgets?
current_user = self.getUser()
valid = self.getTokens()
removed = error = 0
keys = self.request.form.get('form.widgets.key', [])
if isinstance(keys, basestring):
# don't cast a string into a list as we are expecting one.
keys = [keys]
tm = zope.component.getMultiAdapter((self.context, self.request),
ITokenManager)
sm = zope.component.getMultiAdapter((self.context, self.request),
IScopeManager)
for k in keys:
token = tm.get(k)
if token is None or not token.user == current_user:
error = 1
continue
try:
tm.remove(k)
sm.delAccessScope(k, None)
removed += 1
except:
error = 1
status = IStatusMessage(self.request)
if error:
status.addStatusMessage(
_(u'Errors encountered during key removal'),
type="error")
if removed:
status.addStatusMessage(
_(u'Access successfully removed'),
type="info")
def update(self):
super(ContentTypeScopeProfileDisplayForm, self).update()
if self.isMappingModified():
status = IStatusMessage(self.request)
status.addStatusMessage(_(
u'This profile has been modified. Please commit the changes '
'when they are ready.'),
'info'
)
if self.next_target:
self.request.response.redirect(self.next_target)
def handleRemove(self, action):
"""\
User revokes selected consumers.
"""
# manually do everything since we are not using the built-in
# widgets
# TODO build/use widgets?
# removing consumers does not remove corresponding tokens that
# were issued previous to this, although the tokens will cease
# to work without the corresponding secret.
data, errors = self.extractData()
removed = error = 0
keys = self.request.form.get('form.widgets.key', [])
if isinstance(keys, basestring):
# don't cast a string into a list as we are expecting one.
keys = [keys]
cm = zope.component.getMultiAdapter((self.context, self.request),
IConsumerManager)
for k in keys:
try:
cm.remove(k)
removed += 1
except:
error = 1
status = IStatusMessage(self.request)
if error:
status.addStatusMessage(
_(u'Errors encountered during key removal'),
type="error")
if removed:
status.addStatusMessage(
_(u'Consumers successfully removed'),
type="info")
def handleSetDefault(self, action):
self.authenticate()
site = getSite()
sm = zope.component.getMultiAdapter(
(site, self.request), IContentTypeScopeManager)
try:
sm.default_mapping_id = sm.getMappingId(self.profile_name)
except KeyError:
status = IStatusMessage(self.request)
status.addStatusMessage(_(
u'This profile has not been committed yet.'),
'error'
)
self.next_target = '/'.join([self.context.absolute_url(),
self.context.__name__, 'view', self.profile_name,])
# XXX what to do with the trusted parameter introduced in
# between zope.publisher.http.HTTPRequest vs.
# ZPublisher.HTTPResponse.HTTPResponse, as the latter does
# not deal with that, and if this is in repoze, without
# that redirection will not work.
self.request.response.redirect(callback_url)
else:
# Abort; somehow the request token was approved prematurely
# despite callback mismatch; perhaps the conditions have
# changed?
self._errors = True
self.status = self.callbackInvalidMessage
return result
@button.buttonAndHandler(_('Grant access'), name='approve')
def handleApprove(self, action):
"""\
User approves this token.
Redirect user to the callback URL to give the provider the OAuth
Verifier key.
"""
if self._errors or not self.token:
return
data, errors = self.extractData()
mt = getToolByName(self.context, 'portal_membership')
user = mt.getAuthenticatedMember().id
def label(self):
return _(u'Content Type Scope Manager')
def label(self):
return _(u'Token Scope Information')
