[Checkins]
SVN: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/
Added 'add principal' functionality.
Uli Fouquet
uli at gnufix.de
Sun Aug 19 11:20:03 EDT 2007
Log message for revision 78997:
Added 'add principal' functionality.
Changed:
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/README.txt
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/server.pt
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/users.pt
-=-
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/README.txt
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/README.txt 2007-08-19 15:12:48 UTC (rev 78996)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/README.txt 2007-08-19 15:20:02 UTC (rev 78997)
@@ -68,7 +68,15 @@
a message here for your co-admins. To delete the message, just enter
the empty string in the appropriate input box.
+* Launch the principal and permissions management screens:
+ Edit Principals:
+ ++++++++++++++++
+
+ This is the user management screen of the admin-UI. Here you can
+ modify credentials of principals (users) in the top-level PAU.
+
+
Documentation
-------------
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py 2007-08-19 15:12:48 UTC (rev 78996)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py 2007-08-19 15:20:02 UTC (rev 78997)
@@ -40,9 +40,15 @@
from zope.app.apidoc.codemodule.function import Function
from zope.app.apidoc.codemodule.text import TextFile
from zope.app.apidoc.codemodule.zcml import ZCMLFile
+from zope.app.authentication.interfaces import IPluggableAuthentication
+from zope.app.authentication.interfaces import IAuthenticatorPlugin
+from zope.app.authentication.principalfolder import InternalPrincipal
from zope.app.folder.interfaces import IRootFolder
from zope.app.security.interfaces import ILogout, IAuthentication
from zope.app.security.interfaces import IUnauthenticatedPrincipal
+from zope.security.proxy import removeSecurityProxy
+from zope.app.securitypolicy.interfaces import IPrincipalRoleManager, IRole
+from zope.app.securitypolicy.interfaces import IPrincipalRoleMap
from zope.proxy import removeAllProxies
from zope.tal.taldefs import attrEscape
@@ -414,26 +420,90 @@
grok.name('users')
grok.require('grok.ManageApplications')
+ msg = None
+
+ def getUserFolder(self):
+ pau = zope.component.getUtility(IAuthentication)
+ if not IPluggableAuthentication.providedBy(pau):
+ return
+ for name, plugin in pau.getAuthenticatorPlugins():
+ if IAuthenticatorPlugin.providedBy(plugin):
+ return plugin
+
+
def getPrincipals(self):
+ """Get a list of ``InternalPrincipal`` objects from the PAU.
+
+ The PAU asked is the one setup with the admin-UI.
+ """
from grok.admin import AUTH_FOLDERNAME, USERFOLDER_NAME
- sm = self.context.getSiteManager()
- if AUTH_FOLDERNAME not in list(sm.keys()):
- return []
- pau = sm[AUTH_FOLDERNAME]
- if USERFOLDER_NAME not in list(pau.keys()):
- return []
- userfolder = pau[USERFOLDER_NAME]
- users = list(userfolder.search({'search':''}))
- return [userfolder.principalInfo(x) for x in users]
+ self.userfolder = self.getUserFolder()
+ users = list(self.userfolder.search({'search':''}))
+ user_infos = [self.userfolder.principalInfo(x) for x in users]
+ # Add a dict of roles for each user...
+ role_map = IPrincipalRoleMap(self.context)
+ for info in user_infos:
+ roles_assigned = [x[0] for x in role_map.getRolesForPrincipal(
+ info.id)]
+ info.roles = [{'name' : role,
+ 'assigned' : role in roles_assigned}
+ for role in self.roles]
+ return user_infos
- def update(self):
- self.principals = self.getPrincipals()
+ def getRoles(self):
+ return zope.component.getUtilitiesFor(IRole, self.context)
+
+ def addPrincipal(self, id, login, title, description, password, roles):
+ """Add a principal to the PAU.
+ """
+ principals = self.getPrincipals()
+ if login in [x.login for x in principals]:
+ self.msg = (u'Login `%s` already exists.' % (login,))
+ return
+ for key in [id, login, title]:
+ if key is None or key == '':
+ self.msg= (u'To add a principal you must give valid id, '
+ u'login and title.')
+ return
+ principal = InternalPrincipal(login, password, title, description)
+ self.userfolder[id] = principal
+ role_manager = IPrincipalRoleManager(self.context)
+ role_manager = removeSecurityProxy(role_manager)
+ for role in roles:
+ role_manager.assignRoleToPrincipal(role, id)
+ self.msg=u'Successfully added new principal `%s`.' % (title,)
+
+ def setPassword(self, id, password):
pass
+ def updatePrincipal(self, id, login, title, description):
+ pass
+ def update(self, id=None, login=None, title=None, description=None,
+ passwd=None, roles=[], addprincipal=None, setpassword=None,
+ update=None):
+ self.userfolder = self.getUserFolder()
+ if self.userfolder is None:
+ self.msg = ("This usermanagement screen is disabled because no "
+ "working pluggable authentication utility (PAU) with "
+ "a pluggable authenticator could be found. "
+ "Please register one in the site manager of your "
+ "Zope root to enable this screen again.")
+ # We need a PAU to work.
+ return
+ self.roles = [name for name, util in self.getRoles()]
+ if addprincipal is not None:
+ self.addPrincipal(id, login, title, description, passwd, roles)
+ elif setpassword is not None:
+ self.setPassword(id, passwd)
+ elif update is not None:
+ self.updatePrincipal(id, login, title, description, roles)
+ # Determine the list of principals _after_ changing the PAU
+ self.principals = self.getPrincipals()
+
def getDottedPathDict(dotted_path):
"""Get a dict containing parts of a dotted path as links.
"""
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/server.pt
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/server.pt 2007-08-19 15:12:48 UTC (rev 78996)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/server.pt 2007-08-19 15:20:02 UTC (rev 78997)
@@ -29,7 +29,7 @@
</p>
</fieldset>
-<!--
+
<fieldset>
<legend>Users, Roles and Permissions</legend>
@@ -45,7 +45,7 @@
</p>
</fieldset>
--->
+
<span class="header">Server process info</span>
<div id="server-processes">
<dl tal:define="ri view/runtime_info">
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/users.pt
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/users.pt 2007-08-19 15:12:48 UTC (rev 78996)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view_templates/users.pt 2007-08-19 15:20:02 UTC (rev 78997)
@@ -3,62 +3,145 @@
<h1>Edit Principals</h1>
- <div>
+ <div tal:condition="view/msg">
+ <span class="emph" tal:content="view/msg">Message</span>
+ </div>
+
+ <div tal:condition="view/userfolder">
<fieldset>
<legend>
- Edit the principals and their credentials:
+ Existing Principals:
</legend>
<fieldset
class="menu-box2"
tal:repeat="principal view/principals">
<legend tal:content="principal/title">principal title</legend>
- <input type="hidden" name="id"
- tal:attributes="value principal/id"/>
- <table>
- <tr>
- <td><label for="login">Login:</label></td>
- <td><input type="text" name="login"
- tal:attributes="value principal/login" />
- </td>
- </tr>
-
- <tr>
- <td><label for="title">Title:</label></td>
- <td><input type="text" name="title"
- tal:attributes="value principal/title" />
- </td>
- </tr>
- <tr>
- <td><label for="descrption">Description:</label></td>
- <td><input type="text" name="description"
- tal:attributes="value principal/description" />
- </td>
- </tr>
- <tr>
- <td/>
- <td align="right">
- <input type="submit" name="update"
- value="update">
- </td>
- </tr>
- <tr>
- <td><label for="password"
- class="menu-label1">Password:</label></td>
- <td><input type="password" name="password" /></td>
- </tr>
- <tr>
- <td/>
- <td align="right">
- <input type="submit" name="setpassword"
- value="set password">
- </td>
- </tr>
+ <form method="post">
+ <input type="hidden" name="id"
+ tal:attributes="value principal/id"/>
+ <table>
+ <tr tal:condition="python: principal.title != 'Manager'">
+ <td colspan="2">
+ <input type="submit" name="deleteuser"
+ value="Delete this user" />
+ </td>
+ </tr>
+ <tr>
+ <td><label for="login">Login:</label></td>
+ <td><input type="text" name="login"
+ tal:attributes="value principal/login" />
+ </td>
+ <td><label for="roles">Roles:</label></td>
+ </tr>
+
+ <tr>
+ <td><label for="title">Title:</label></td>
+ <td><input type="text" name="title"
+ tal:attributes="value principal/title" />
+ </td>
- </table>
- </fieldset>
+ <td rowspan="3" valign="top">
+ <select name="roles" size="3" multiple="multiple">
+ <option tal:repeat="role principal/roles"
+ tal:content="role/name"
+ tal:attributes="selected python:role['assigned']">
+ role
+ </option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td><label for="descrption">Description:</label></td>
+ <td><input type="text" name="description"
+ tal:attributes="value principal/description" />
+ </td>
+ </tr>
+ <tr>
+ <td/>
+ <td align="right">
+ <input type="submit" name="update"
+ value="update">
+ </td>
+ </tr>
+ <tr>
+ <td><label for="password"
+ class="menu-label1">Password:</label></td>
+ <td><input type="password" name="password" /></td>
+ </tr>
+ <tr>
+ <td/>
+ <td align="right">
+ <input type="submit" name="setpassword"
+ value="set password" />
+ </td>
+ </tr>
+
+ </table>
+ </form>
+ </fieldset>
+
</fieldset>
+
+ <fieldset>
+ <legend>Add new principal:</legend>
+
+ <form method="post">
+ <fieldset class="menu-box2">
+ <table>
+ <tr>
+ <td><label for="login">Id:</label></td>
+ <td><input type="text" name="id" />
+ </td>
+ </tr>
+
+ <tr>
+ <td><label for="login">Login:</label></td>
+ <td><input type="text" name="login" />
+ </td>
+ </tr>
+
+ <tr>
+ <td><label for="title">Title:</label></td>
+ <td><input type="text" name="title" />
+ </td>
+ </tr>
+ <tr>
+ <td><label for="descrption">Description:</label></td>
+ <td><input type="text" name="description" />
+ </td>
+ </tr>
+ <tr>
+ <td><label for="passwd"
+ class="menu-label1">Password:</label></td>
+ <td><input type="password" name="passwd" /></td>
+ </tr>
+ <tr>
+ <td><label for="roles"
+ class="menu-label1">Roles:</label></td>
+ <td>
+ <select name="roles" multiple="multiple" size="2">
+ <option
+ tal:repeat="role view/roles"
+ tal:content="role">role</option>
+ </select>
+ </td>
+
+ </tr>
+ <tr>
+ <td/>
+ <td align="right">
+ <input type="submit" name="addprincipal"
+ value="add principal" />
+ </td>
+ </tr>
+
+ </table>
+ </fieldset>
+ </form>
+
+ </fieldset>
</div>
</div>
More information about the Checkins
mailing list