[Erp5-report] r43790 kazuhiko - in /erp5/trunk/products: ERP5/mixin/ ERP5Security/tests/
nobody at svn.erp5.org
nobody at svn.erp5.org
Sun Feb 27 22:48:15 CET 2011
Author: kazuhiko
Date: Sun Feb 27 22:48:15 2011
New Revision: 43790
URL: http://svn.erp5.org?rev=43790&view=rev
Log:
try erp5/acl_users authentication first in BaseExtensibleTraversableMixin._forceIdentification so that any Pluggable Auth Service authentication works.
Modified:
erp5/trunk/products/ERP5/mixin/extensible_traversable.py
erp5/trunk/products/ERP5Security/tests/testERP5Security.py
Modified: erp5/trunk/products/ERP5/mixin/extensible_traversable.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/mixin/extensible_traversable.py?rev=43790&r1=43789&r2=43790&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/mixin/extensible_traversable.py [utf8] (original)
+++ erp5/trunk/products/ERP5/mixin/extensible_traversable.py [utf8] Sun Feb 27 22:48:15 2011
@@ -96,11 +96,18 @@ class BaseExtensibleTraversableMixin(Ext
else:
has_published = True
try:
- auth = request._auth
- # this logic is copied from identify() in
- # AccessControl.User.BasicUserFolder.
- if auth and auth.lower().startswith('basic '):
- name = decodestring(auth.split(' ')[-1]).split(':', 1)[0]
+ name = None
+ acl_users = self.getPortalObject().acl_users
+ user_list = acl_users._extractUserIds(request, acl_users.plugins)
+ if len(user_list) > 0:
+ name = user_list[0][0]
+ else:
+ auth = request._auth
+ # this logic is copied from identify() in
+ # AccessControl.User.BasicUserFolder.
+ if auth and auth.lower().startswith('basic '):
+ name = decodestring(auth.split(' ')[-1]).split(':', 1)[0]
+ if name is not None:
user = portal_membership._huntUser(name, self)
else:
user = None
Modified: erp5/trunk/products/ERP5Security/tests/testERP5Security.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/tests/testERP5Security.py?rev=43790&r1=43789&r2=43790&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/tests/testERP5Security.py [utf8] (original)
+++ erp5/trunk/products/ERP5Security/tests/testERP5Security.py [utf8] Sun Feb 27 22:48:15 2011
@@ -762,6 +762,12 @@ class TestLocalRoleManagement(ERP5TypeTe
response = self.publish('%s/%s?__ac_key=%s' %(base_url, web_page.getReference(),
key))
self.assertEqual(response.getStatus(), 200)
+ response = self.publish('%s/%s?__ac_name=%s&__ac_password=%s' % (
+ base_url, web_page.getReference(), reference, 'guest'))
+ self.assertEqual(response.getStatus(), 200)
+ response = self.publish('%s/%s?__ac_name=%s&__ac_password=%s' % (
+ base_url, web_page.getReference(), 'ERP5TypeTestCase', ''))
+ self.assertEqual(response.getStatus(), 200)
def testERP5ExternalAuthenticationPlugin(self):
"""
More information about the Erp5-report
mailing list