def global_groupfinder(userid, request): """ Wraps ldap and local groupfinders so we can use one callback in the auth policy """ groups = None try: log.debug("Checking local groups for userid: %s" % (userid)) # FIXME: Getting called twice groups = local_groupfinder(userid, request) if groups: log.debug("Found local groups for userid: %s groups: %s" % (userid, groups)) except Exception as e: log.error("%s (%s)" % (Exception, e)) pass if request.registry.settings['arsenal.use_ldap'] and not groups: try: log.debug("Checking ldap groups for userid: %s" % (userid)) groups = ldap_groupfinder(userid, request) if groups: log.debug("Found ldap groups for userid: %s groups: %s" % (userid, groups)) except Exception as e: log.error("%s (%s)" % (Exception, e)) pass return groups
def get_authenticated_user(request): """ Gets all the user information for an authenticated user. Checks groups and permissions, and returns a dict of everything. """ (first_last, user_id, login, groups, first, last, auth, prd_auth, admin_auth, cp_auth) = ('', '', '', '', '', '', False, False, False, False) user_id = request.authenticated_userid try: user = DBSession.query(User).filter(User.user_name == user_id).one() first = user.first_name last = user.last_name # FIXME: Getting called twice groups = local_groupfinder(user_id, request) first_last = "%s %s" % (first, last) auth = True log.debug("first: {0} last: {1} first_last: {2} auth: {3} groups: {4}". format(first, last, first_last, auth, groups)) except NoResultFound: log.debug('No local user for: {0}'.format(user_id)) except Exception as e: log.error("%s (%s)" % (Exception, e)) if request.registry.settings['arsenal.use_ldap'] and not groups: try: (first, last) = format_user(user_id) groups = ldap_groupfinder(user_id, request) first_last = "%s %s" % (first, last) auth = True except Exception as e: log.error("%s (%s)" % (Exception, e)) try: login = validate_username_cookie( request.cookies['un'], request.registry.settings['arsenal.cookie_token']) except: return HTTPFound( '/logout?message=Your cookie has been tampered with. You have been logged out' ) # authenticated user au = {} au['user_id'] = user_id au['login'] = login au['groups'] = groups au['first'] = first au['last'] = last au['loggedin'] = auth au['first_last'] = first_last return (au)