[Erp5-report] r25619 - in /erp5/trunk/products/ERP5Wizard: ./ PAS/ dtml/
nobody at svn.erp5.org
nobody at svn.erp5.org
Thu Feb 19 12:12:36 CET 2009
Author: ivan
Date: Thu Feb 19 12:12:33 2009
New Revision: 25619
URL: http://svn.erp5.org?rev=25619&view=rev
Log:
Add remote authentication PAS plugin.
Added:
erp5/trunk/products/ERP5Wizard/PAS/
erp5/trunk/products/ERP5Wizard/PAS/ERP5RemoteUserManager.py (with props)
erp5/trunk/products/ERP5Wizard/PAS/__init__.py
erp5/trunk/products/ERP5Wizard/dtml/ERP5Security_addERP5RemoteUserManager.zpt (with props)
erp5/trunk/products/ERP5Wizard/dtml/remote_user_manager_plugin.gif (with props)
Modified:
erp5/trunk/products/ERP5Wizard/__init__.py
Added: erp5/trunk/products/ERP5Wizard/PAS/ERP5RemoteUserManager.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Wizard/PAS/ERP5RemoteUserManager.py?rev=25619&view=auto
==============================================================================
--- erp5/trunk/products/ERP5Wizard/PAS/ERP5RemoteUserManager.py (added)
+++ erp5/trunk/products/ERP5Wizard/PAS/ERP5RemoteUserManager.py [utf8] Thu Feb 19 12:12:33 2009
@@ -1,0 +1,126 @@
+##############################################################################
+#
+# Copyright (c) 2001 Zope Corporation and Contributors. All Rights
+# Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this
+# distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" Classes: ERP5RemoteUserManager
+"""
+
+from Globals import InitializeClass
+from AccessControl import ClassSecurityInfo
+from AccessControl.SecurityManagement import getSecurityManager,\
+ setSecurityManager, newSecurityManager
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
+from Products.PluggableAuthService.utils import classImplements
+from Products.PluggableAuthService.interfaces.plugins import IAuthenticationPlugin, \
+ IUserEnumerationPlugin
+from Products.ERP5Type.Cache import CachingMethod
+from DateTime import DateTime
+from Products.ERP5Security.ERP5UserManager import ERP5UserManager, SUPER_USER
+
+
+manage_addERP5RemoteUserManagerForm = PageTemplateFile(
+ '../dtml/ERP5Security_addERP5RemoteUserManager', globals(),
+ __name__='manage_addERP5RemoteUserManagerForm' )
+
+def addERP5RemoteUserManager(dispatcher, id, title=None, REQUEST=None):
+ """ Add a ERP5UserManager to a Pluggable Auth Service. """
+
+ eum = ERP5RemoteUserManager(id, title)
+ print eum
+ dispatcher._setObject(eum.getId(), eum)
+
+ if REQUEST is not None:
+ REQUEST['RESPONSE'].redirect(
+ '%s/manage_workspace'
+ '?manage_tabs_message='
+ 'ERP5RemoteUserManager+added.'
+ % dispatcher.absolute_url())
+
+
+class ERP5RemoteUserManager(ERP5UserManager):
+ """ PAS plugin for managing users in remote ERP5 instance
+ """
+
+ meta_type = 'ERP5 Remote User Manager'
+ security = ClassSecurityInfo()
+
+
+ #
+ # IAuthenticationPlugin implementation
+ #
+ security.declarePrivate( 'authenticateCredentials' )
+ def authenticateCredentials(self, credentials):
+ """ See IAuthenticationPlugin.
+
+ o We expect the credentials to be those returned by
+ ILoginPasswordExtractionPlugin.
+ """
+ # Forbidden the usage of the super user.
+ if credentials.get('login') == SUPER_USER:
+ return None
+
+ def _authenticateCredentials(login, password, path):
+ if not login or not password:
+ return None
+
+ user_list = self.getUserByLogin(login)
+
+ if not user_list:
+ return None
+
+ user = user_list[0]
+
+ sm = getSecurityManager()
+ if sm.getUser().getId() != SUPER_USER:
+ newSecurityManager(self, self.getUser(SUPER_USER))
+ try:
+ # get assignment
+ assignment_list = [x for x in user.contentValues(portal_type="Assignment") \
+ if x.getValidationState() == "open"]
+ valid_assignment_list = []
+ # check dates if exist
+ login_date = DateTime()
+ for assignment in assignment_list:
+ if assignment.getStartDate() is not None and \
+ assignment.getStartDate() > login_date:
+ continue
+ if assignment.getStopDate() is not None and \
+ assignment.getStopDate() < login_date:
+ continue
+ valid_assignment_list.append(assignment)
+
+ # validate to remote ERP5 instance
+ portal = self.getPortalObject()
+ is_authenticated = int(portal.WizardTool_authenticateCredentials(login , password))
+ if is_authenticated:
+ print is_authenticated
+ return login, login
+ finally:
+ setSecurityManager(sm)
+
+ return None
+
+ _authenticateCredentials = CachingMethod(_authenticateCredentials,
+ id='ERP5RemoteUserManager_authenticateCredentials',
+ cache_factory='erp5_content_short')
+ return _authenticateCredentials(
+ login=credentials.get('login'),
+ password=credentials.get('password'),
+ path=self.getPhysicalPath())
+
+classImplements( ERP5RemoteUserManager
+ , IAuthenticationPlugin
+ , IUserEnumerationPlugin
+ )
+
+InitializeClass(ERP5RemoteUserManager)
Propchange: erp5/trunk/products/ERP5Wizard/PAS/ERP5RemoteUserManager.py
------------------------------------------------------------------------------
svn:executable = *
Added: erp5/trunk/products/ERP5Wizard/PAS/__init__.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Wizard/PAS/__init__.py?rev=25619&view=auto
==============================================================================
(empty)
Modified: erp5/trunk/products/ERP5Wizard/__init__.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Wizard/__init__.py?rev=25619&r1=25618&r2=25619&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Wizard/__init__.py [utf8] (original)
+++ erp5/trunk/products/ERP5Wizard/__init__.py [utf8] Thu Feb 19 12:12:33 2009
@@ -31,8 +31,18 @@
from Products.ERP5Type.Utils import initializeProduct, updateGlobals
import sys, Permissions
+
+from AccessControl.Permissions import manage_users as ManageUsers
+from Products.PluggableAuthService.PluggableAuthService import registerMultiPlugin
+from Products.PluggableAuthService.permissions import ManageGroups
+from Products.ERP5Wizard.PAS.ERP5RemoteUserManager import \
+ ERP5RemoteUserManager, manage_addERP5RemoteUserManagerForm, addERP5RemoteUserManager
+
this_module = sys.modules[ __name__ ]
document_classes = updateGlobals(this_module, globals(), permissions_module=Permissions)
+
+
+registerMultiPlugin(ERP5RemoteUserManager.meta_type)
# Finish installation
def initialize(context):
@@ -51,3 +61,13 @@
portal_tools=portal_tools,
content_constructors=content_constructors,
content_classes=content_classes)
+
+ # register ERP5Security plugin for Wizard
+ context.registerClass( ERP5RemoteUserManager
+ , permission=ManageUsers
+ , constructors=(
+ manage_addERP5RemoteUserManagerForm,
+ addERP5RemoteUserManager, )
+ , visibility=None
+ , icon='dtml/remote_user_manager_plugin.gif'
+ )
Added: erp5/trunk/products/ERP5Wizard/dtml/ERP5Security_addERP5RemoteUserManager.zpt
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Wizard/dtml/ERP5Security_addERP5RemoteUserManager.zpt?rev=25619&view=auto
==============================================================================
--- erp5/trunk/products/ERP5Wizard/dtml/ERP5Security_addERP5RemoteUserManager.zpt (added)
+++ erp5/trunk/products/ERP5Wizard/dtml/ERP5Security_addERP5RemoteUserManager.zpt [utf8] Thu Feb 19 12:12:33 2009
@@ -1,0 +1,46 @@
+<h1 tal:replace="structure here/manage_page_header">Header</h1>
+
+<h2 tal:define="form_title string:Add ERP5 Remote User Manager"
+ tal:replace="structure here/manage_form_title">Form Title</h2>
+
+<p class="form-help">
+ERP5 Remote User Manager applys the users managed in remote ERP5 instance's person module
+to the Pluggable Authentication Service
+</p>
+
+<form action="addERP5RemoteUserManager" method="post">
+<table cellspacing="0" cellpadding="2" border="0">
+ <tr>
+ <td align="left" valign="top">
+ <div class="form-label">
+ Id
+ </div>
+ </td>
+ <td align="left" valign="top">
+ <input type="text" name="id" size="40" />
+ </td>
+ </tr>
+ <tr>
+ <td align="left" valign="top">
+ <div class="form-optional">
+ Title
+ </div>
+ </td>
+ <td align="left" valign="top">
+ <input type="text" name="title" size="40" />
+ </td>
+ </tr>
+ <tr>
+ <td align="left" valign="top">
+ </td>
+ <td align="left" valign="top">
+ <div class="form-element">
+ <input class="form-element" type="submit" name="submit"
+ value=" Add " />
+ </div>
+ </td>
+ </tr>
+</table>
+</form>
+
+<h1 tal:replace="structure here/manage_page_footer">Footer</h1>
Propchange: erp5/trunk/products/ERP5Wizard/dtml/ERP5Security_addERP5RemoteUserManager.zpt
------------------------------------------------------------------------------
svn:executable = *
Added: erp5/trunk/products/ERP5Wizard/dtml/remote_user_manager_plugin.gif
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Wizard/dtml/remote_user_manager_plugin.gif?rev=25619&view=auto
==============================================================================
Binary file - no diff available.
Propchange: erp5/trunk/products/ERP5Wizard/dtml/remote_user_manager_plugin.gif
------------------------------------------------------------------------------
svn:executable = *
Propchange: erp5/trunk/products/ERP5Wizard/dtml/remote_user_manager_plugin.gif
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
More information about the Erp5-report
mailing list