[Checkins] SVN: grok/trunk/src/grok/ Removed PAU related stuff from
grok.admin.
Uli Fouquet
uli at gnufix.de
Mon Aug 20 12:25:49 EDT 2007
Log message for revision 79036:
Removed PAU related stuff from grok.admin.
Changed:
U grok/trunk/src/grok/admin/README.txt
U grok/trunk/src/grok/admin/__init__.py
U grok/trunk/src/grok/admin/view.py
D grok/trunk/src/grok/admin/view_templates/loginform.pt
D grok/trunk/src/grok/admin/view_templates/logout.pt
U grok/trunk/src/grok/admin/view_templates/macros.pt
U grok/trunk/src/grok/admin/view_templates/server.pt
D grok/trunk/src/grok/ftests/admin/loginlogout.py
-=-
Modified: grok/trunk/src/grok/admin/README.txt
===================================================================
--- grok/trunk/src/grok/admin/README.txt 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/README.txt 2007-08-20 16:25:49 UTC (rev 79036)
@@ -29,8 +29,8 @@
Using the admin-UI
------------------
-After login you can log out or, before doing that, visit some of the
-main management topics, as described below:
+After login you can visit some of the main management topics, as
+described below:
On top of the admin-UI you can always find three links to the main
management activities currently possible with GAIA:
Modified: grok/trunk/src/grok/admin/__init__.py
===================================================================
--- grok/trunk/src/grok/admin/__init__.py 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/__init__.py 2007-08-20 16:25:49 UTC (rev 79036)
@@ -11,137 +11,4 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-"""Initialize grok admin application.
-
-The grok admin application provides a session based login, which
-eventually must be enabled using Pluggable Authentication
-Utilities. This is done here.
-"""
-
-from zope.component import adapter, provideHandler
-from zope.app.appsetup.interfaces import IDatabaseOpenedWithRootEvent
-
-AUTH_FOLDERNAME=u'authentication'
-USERFOLDER_NAME=u'Users'
-USERFOLDER_PREFIX=u'grokadmin'
-
-def getPrincipalCredentialsFromZCML():
- """Read all principals' attributes from site.zcml.
- """
- import xml.sax
- from zope.app.appsetup.appsetup import getConfigSource
-
- class SAXPrincipalFinder(xml.sax.ContentHandler):
- """Parse an XML file and get attributes of ``principal`` tags.
-
- The principal tags of site.xml contain the credentials of
- principals as attributes. The attributes usually are 'id',
- 'login', 'password', 'title' and other more. And usually only
- one pricipal is defined: the manager.
- """
- result = []
-
- def startElement(self, name, attrs):
- if name != 'principal':
- return
- self.result.append(dict(attrs.copy()))
-
- site_zcml_file = getConfigSource()
- principal_finder = SAXPrincipalFinder()
- xml.sax.parse(site_zcml_file, principal_finder)
- return principal_finder.result
-
-
-def setupSessionAuthentication(root_folder=None,
- principal_credentials=[{u'id': u'zope.manager',
- u'login': u'grok',
- u'password': u'grok',
- u'title': u'Manager'
- }],
- auth_foldername=AUTH_FOLDERNAME,
- userfolder_name=USERFOLDER_NAME,
- userfolder_prefix=USERFOLDER_PREFIX
- ):
- """Add session authentication PAU to root_folder.
-
- Add a PluggableAuthentication in site manager of
- root_folder. ``auth_foldername`` gives the name of the PAU to
- install, userfolder_prefix the prefix of the authenticator plugin
- (a simple ``PrincipalFolder``), which will be created in the PAU
- and gets name ``userfolder_name``. ``principal_credentials`` is a
- list of dicts with, well, principal_credentials. The keys ``id``,
- ``login``, ``password`` and ``title`` are required for each
- element of this list.
- """
- from zope.component import getUtilitiesFor
- from zope.security.proxy import removeSecurityProxy
- from zope.app.security.interfaces import IAuthentication
- from zope.app.securitypolicy.interfaces import IPrincipalRoleManager
- from zope.app.securitypolicy.interfaces import IRole
- from zope.app.authentication import PluggableAuthentication
- from zope.app.authentication.interfaces import IAuthenticatorPlugin
- from zope.app.authentication.principalfolder import PrincipalFolder
- from zope.app.authentication.principalfolder import InternalPrincipal
-
- sm = root_folder.getSiteManager()
- if auth_foldername in sm.keys():
- # There is already a folder of this name.
- return
-
- pau = PluggableAuthentication()
- users = PrincipalFolder(userfolder_prefix)
-
- # Add users into principals folder to enable login...
- for user in principal_credentials:
- # XXX make sure, the keys exist...
- user['id'] = user['id'].rsplit('.',1)[-1]
- user_title = user['title']
- principal = InternalPrincipal(user['login'],
- user['password'],
- user['title'])
- users[user['id']] = principal
-
- # Configure the PAU...
- pau.authenticatorPlugins = (userfolder_name,)
- pau.credentialsPlugins = ("No Challenge if Authenticated",
- "Session Credentials")
-
- # Add the pau and its plugin to the root_folder...
- sm[auth_foldername] = pau
- sm[auth_foldername][userfolder_name] = users
- pau.authenticatorPlugins = (users.__name__,)
-
- # Register the PAU with the site...
- sm.registerUtility(pau, IAuthentication)
- sm.registerUtility(users, IAuthenticatorPlugin, name=userfolder_name)
-
- # Add manager roles to new users...
- # XXX the real roles could be obtained from site.zcml.
- role_ids = [name for name, util in getUtilitiesFor(IRole, root_folder)]
- user_ids = [users.prefix + p['id'] for p in principal_credentials]
- role_manager = IPrincipalRoleManager(root_folder)
- role_manager = removeSecurityProxy(role_manager)
- for role in role_ids:
- for user_id in user_ids:
- role_manager.assignRoleToPrincipal(role,user_id)
-
-
-
-# If a new database is created, initialize a session based
-# authentication.
-#
-# First create an eventhandler `adminSetup`, that is
-# called, whenever a database is opened...
- at adapter(IDatabaseOpenedWithRootEvent)
-def adminSetup(event):
- from zope.app.appsetup.bootstrap import getInformationFromEvent
-
- db, connection, root, root_folder = getInformationFromEvent(event)
- principal_credentials = getPrincipalCredentialsFromZCML()
- setupSessionAuthentication(root_folder = root_folder,
- principal_credentials = principal_credentials)
-
-
-# ...then install the event handler:
-provideHandler(adminSetup)
-
+# a package
Modified: grok/trunk/src/grok/admin/view.py
===================================================================
--- grok/trunk/src/grok/admin/view.py 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/view.py 2007-08-20 16:25:49 UTC (rev 79036)
@@ -273,40 +273,6 @@
self.redirect(self.url('applications'))
-class LoginForm(GAIAView):
- """A login screen for session based authentication.
-
- To activate loginForm, i.e. session based authentication, an
- appropriate PluggableAuthenticationUtility (PAU) must be set up in
- the applications root folder (which happens here to be the global
- root folder). The setup is done for the admin app in __init__.py.
- """
- # 'loginForm.html' is the page template name, that standard
- # session based authentication looks for. The form must provide an
- # input field 'login' for the username and another input field
- # 'password'.
- grok.name('loginForm.html')
-
- def update(self, login=None, password=None, camefrom=None):
- request = self.request
- if (not IUnauthenticatedPrincipal.providedBy(request.principal)):
- camefrom = request.get('camefrom', '.')
- self.redirect(camefrom)
- return
-
-class Logout(GAIAView):
- """Log out screen."""
-
- grok.name('logout')
-
- def update(self):
- auth = zope.component.getUtility(IAuthentication)
- logout = ILogout(auth)
- logout.logout(self.request)
- pass
-
-
-
class Applications(GAIAView):
"""View for application management."""
Deleted: grok/trunk/src/grok/admin/view_templates/loginform.pt
===================================================================
--- grok/trunk/src/grok/admin/view_templates/loginform.pt 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/view_templates/loginform.pt 2007-08-20 16:25:49 UTC (rev 79036)
@@ -1,35 +0,0 @@
-<html metal:use-macro="context/@@macros/gaia-page">
- <head>
- <title metal:fill-slot="title">Grok Login</title>
- </head>
- <body>
- <div metal:fill-slot="menu-links" />
- <div metal:fill-slot="content">
- <h1>Welcome to Grok</h1>
- <form method="post">
- <fieldset>
- <legend>Login</legend>
-
- <table>
- <tr>
- <td><label for="login">Username:</label></td>
- <td><input id="login" type="text" name="login" /></td>
- </tr>
- <tr>
- <td><label for="password">Password:</label></td>
- <td><input id="password" type="password" name="password" /></td>
- </tr>
- <tr>
- <td></td>
- <td><input type="submit" value="Login"/></td>
- </tr>
- </table>
- <p>
- Note: To proceed you must have cookies enabled in your browser
- </p>
-
- </fieldset>
- </form>
- </div>
- </body>
-</html>
\ No newline at end of file
Deleted: grok/trunk/src/grok/admin/view_templates/logout.pt
===================================================================
--- grok/trunk/src/grok/admin/view_templates/logout.pt 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/view_templates/logout.pt 2007-08-20 16:25:49 UTC (rev 79036)
@@ -1,8 +0,0 @@
-<html>
-<head>
- <title>Logged out</title>
-</head>
-<body>
- You have been logged out.
-</body>
-</html>
\ No newline at end of file
Modified: grok/trunk/src/grok/admin/view_templates/macros.pt
===================================================================
--- grok/trunk/src/grok/admin/view_templates/macros.pt 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/view_templates/macros.pt 2007-08-20 16:25:49 UTC (rev 79036)
@@ -26,9 +26,7 @@
<span i18n:translate="">User:
<span tal:replace="request/principal/title"
i18n:name="user_title">User</span>
- </span>
- [<a href=""
- tal:attributes="href string:${view/root_url}/logout">log out</a>]
+ </span>
</span>
</div>
Modified: grok/trunk/src/grok/admin/view_templates/server.pt
===================================================================
--- grok/trunk/src/grok/admin/view_templates/server.pt 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/admin/view_templates/server.pt 2007-08-20 16:25:49 UTC (rev 79036)
@@ -29,23 +29,6 @@
</p>
</fieldset>
-<!--
- <fieldset>
- <legend>Users, Roles and Permissions</legend>
-
- <p>Edit users and roles.<br />
-
- <span class="docgrok-annotation1">
- <a href="users">Edit Users</a>
- </span><br />
-
- <span class="docgrok-annotation1">
- <a href="permissions">Edit Permissions</a>
- </span><br />
-
- </p>
- </fieldset>
--->
<span class="header">Server process info</span>
<div id="server-processes">
<dl tal:define="ri view/runtime_info">
Deleted: grok/trunk/src/grok/ftests/admin/loginlogout.py
===================================================================
--- grok/trunk/src/grok/ftests/admin/loginlogout.py 2007-08-20 14:53:48 UTC (rev 79035)
+++ grok/trunk/src/grok/ftests/admin/loginlogout.py 2007-08-20 16:25:49 UTC (rev 79036)
@@ -1,105 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2007 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""
-
- >>> import grok
- >>> grok.grok('grok.ftests.admin.loginlogout')
-
-First setup the pluggable authentication system for session based
-authentication. This is normaly invoked by an event
-handler. Unfortunately the event handler seems not to be called, if
-the ftesting setup is set up. We therefore set up the PAU manually.
-
- >>> root = getRootFolder()
- >>> root is not None
- True
-
- >>> import grok.admin
- >>> principal_credentials = grok.admin.getPrincipalCredentialsFromZCML()
- >>> principal_credentials
- [{u'login': u'mgr', u'password': u'mgrpw', u'id': u'zope.mgr', u'title': u'Manager'}]
-
- >>> grok.admin.setupSessionAuthentication(root_folder = root, principal_credentials = principal_credentials)
-
-We should get a login page if trying to get something unauthenticated.
-
- >>> from zope.testbrowser.testing import Browser
- >>> browser = Browser()
- >>> browser.handleErrors = True
- >>> browser.open("http://localhost/")
-
- >>> print browser.contents
- <html xmlns="http://www.w3.org/1999/xhtml">
- ... <title>Grok Login</title>
- ...
-
-Now try to log in using *wrong* credentials
-
- >>> browser.getControl(name='login').value = 'dumbtry'
- >>> browser.getControl('Login').click()
- >>> print browser.contents
- <html xmlns="http://www.w3.org/1999/xhtml">
- ... <title>Grok Login</title>
- ...
-
-Okay, we got the login screen again. What about the correct credentials?
-
- >>> browser.getControl(name='login').value = 'mgr'
- >>> browser.getControl(name='password').value = 'mgrpw'
- >>> browser.getControl('Login').click()
- >>> print browser.contents
- <html xmlns="http://www.w3.org/1999/xhtml">
- ... <title>grok administration interface</title>
- ...
-
-The new screen should contain a link for logging out:
-
- >>> print browser.contents
- <html xmlns="http://www.w3.org/1999/xhtml">
- ... <span>User:
- ...Manager
- ...[<a href="http://localhost/logout">log out</a>]
- ...
-
-Fine. Now we are authorized and can do, whatever we want. Let's log out:
-
- >>> outlink = browser.getLink('log out')
- >>> outlink
- <Link text='log out' url='http://localhost/logout'>
-
- >>> outlink.click()
- >>> print browser.contents
- <html>
- ... You have been logged out.
- ...
-
-Looks okay. But are we really logged out? Let's try to fetch a page:
-
- >>> browser.open("http://localhost/")
- >>> print browser.contents
- <html xmlns="http://www.w3.org/1999/xhtml">
- ... <title>Grok Login</title>
- ...
- ... <td><input id="login" type="text" name="login" /></td>
- ...
-
-Yes, we are.
-
- ...
- ... <legend>Add application</legend>
- ...
-
-
-"""
-
More information about the Checkins
mailing list