[Checkins]
SVN: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/
A PAU with _separate_ fallback to global principal registry.
Uli Fouquet
uli at gnufix.de
Tue Aug 21 17:24:14 EDT 2007
Log message for revision 79099:
A PAU with _separate_ fallback to global principal registry.
Changed:
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py
-=-
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py 2007-08-21 20:08:32 UTC (rev 79098)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py 2007-08-21 21:24:14 UTC (rev 79099)
@@ -21,10 +21,11 @@
from zope.component import adapter, provideHandler
from zope.app.appsetup.interfaces import IDatabaseOpenedWithRootEvent
from zope.app.authentication import PluggableAuthentication
+from zope.app.authentication.principalfolder import PrincipalFolder
from zope.app.authentication.interfaces import IAuthenticatorPlugin
from zope.app.security.interfaces import IAuthentication
-from auth import GrokAuthenticator
+from auth import PrincipalRegistryAuthenticator
AUTH_FOLDERNAME=u'authentication'
USERFOLDER_NAME=u'Users'
@@ -46,7 +47,7 @@
sm = root_folder.getSiteManager()
if auth_foldername in sm.keys():
userfolder = sm[auth_foldername]
- if isinstance(userfolder[userfolder_name], GrokAuthenticator):
+ if isinstance(userfolder[userfolder_name], PrincipalFolder):
# Correct PAU already installed.
return
# Remove old PAU
@@ -59,7 +60,8 @@
pass
pau = PluggableAuthentication()
- users = GrokAuthenticator(userfolder_prefix)
+ users = PrincipalFolder(userfolder_prefix)
+ registry_users = PrincipalRegistryAuthenticator()
# Configure the PAU...
pau.authenticatorPlugins = (userfolder_name,)
@@ -69,11 +71,14 @@
# Add the pau and its plugin to the root_folder...
sm[auth_foldername] = pau
sm[auth_foldername][userfolder_name] = users
- pau.authenticatorPlugins = (users.__name__,)
+ pau.authenticatorPlugins = (users.__name__,
+ 'registry_principals')
# Register the PAU with the site...
sm.registerUtility(pau, IAuthentication)
sm.registerUtility(users, IAuthenticatorPlugin, name=userfolder_name)
+ sm.registerUtility(registry_users, IAuthenticatorPlugin,
+ name='registry_principals')
# If a new database is created, initialize a session based
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py 2007-08-21 20:08:32 UTC (rev 79098)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py 2007-08-21 21:24:14 UTC (rev 79099)
@@ -12,18 +12,19 @@
#
##############################################################################
-from zope.app.authentication.principalfolder import PrincipalFolder
+from zope.app.authentication.interfaces import IAuthenticatorPlugin
from zope.app.authentication.principalfolder import PrincipalInfo
from zope.app.security.principalregistry import principalRegistry
+from zope.interface import implements
-class GrokAuthenticator(PrincipalFolder):
- """A PrincipalFolder with fallback that asks also the root authentication.
+class PrincipalRegistryAuthenticator(object):
+ """An authenticator plugin, that authenticates principals against
+ the global principal registry.
- This special principal folder can be used as an authenticator,
- that is able to also authenticate against the principals defined
- in site.zcml.
"""
+ implements(IAuthenticatorPlugin)
+
def authenticateCredentials(self, credentials):
"""Return principal info if credentials can be authenticated
"""
@@ -31,11 +32,6 @@
return None
if not ('login' in credentials and 'password' in credentials):
return None
- # We shadow principals defined in site.zcml.
- result = PrincipalFolder.authenticateCredentials(self, credentials)
- if result is not None:
- return result
-
principal = None
login, password = credentials['login'], credentials['password']
try:
@@ -48,16 +44,13 @@
principal.title,
principal.description)
return
-
def principalInfo(self, id):
- result = PrincipalFolder.principalInfo(self, id)
- if result is not None:
- return result
principal = principalRegistry.getPrincipal(id)
+ if principal is None:
+ return
return PrincipalInfo(principal.id,
principal.getLogin(),
principal.title,
principal.description)
- return result
More information about the Checkins
mailing list