[Checkins]
SVN: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/
Check better for PAUS and their possibilities in
usermanagement screen.
Uli Fouquet
uli at gnufix.de
Tue Aug 21 21:26:40 EDT 2007
Log message for revision 79109:
Check better for PAUS and their possibilities in usermanagement screen.
Changed:
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py
U Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py
-=-
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py 2007-08-21 23:06:51 UTC (rev 79108)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/__init__.py 2007-08-22 01:26:38 UTC (rev 79109)
@@ -45,23 +45,28 @@
and gets name ``userfolder_name``.
"""
sm = root_folder.getSiteManager()
- if auth_foldername in sm.keys():
- userfolder = sm[auth_foldername]
- if isinstance(userfolder[userfolder_name], PrincipalFolder):
- # Correct PAU already installed.
- return
- # Remove old PAU
- site_manager.unregisterUtility(name=u'', provided=IAuthentication)
- site_manager.unregisterUtility(name=USERFOLDER_NAME,
+ if (auth_foldername in sm.keys()
+ and userfolder_name in sm[auth_foldername].keys()
+ and isinstance(sm[auth_foldername][userfolder_name],
+ PrincipalFolder)):
+ # Correct PAU already installed.
+ return
+
+ # Remove old PAU
+ sm.unregisterUtility(name=u'', provided=IAuthentication)
+ sm.unregisterUtility(name=USERFOLDER_NAME,
provided=IAuthenticatorPlugin)
- try:
- del site_manager[auth_foldername]
- except:
- pass
+ sm.unregisterUtility(name='registry_principals',
+ provided=IAuthenticatorPlugin)
+ try:
+ del sm[auth_foldername]
+ except:
+ pass
pau = PluggableAuthentication()
users = PrincipalFolder(userfolder_prefix)
registry_users = PrincipalRegistryAuthenticator()
+ registry_users.__name__ = u'registry_principals'
# Configure the PAU...
pau.authenticatorPlugins = (userfolder_name,)
@@ -71,8 +76,7 @@
# Add the pau and its plugin to the root_folder...
sm[auth_foldername] = pau
sm[auth_foldername][userfolder_name] = users
- pau.authenticatorPlugins = (users.__name__,
- 'registry_principals')
+ pau.authenticatorPlugins = (users.__name__, 'registry_principals')
# Register the PAU with the site...
sm.registerUtility(pau, IAuthentication)
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py 2007-08-21 23:06:51 UTC (rev 79108)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/auth.py 2007-08-22 01:26:38 UTC (rev 79109)
@@ -13,7 +13,9 @@
##############################################################################
from zope.app.authentication.interfaces import IAuthenticatorPlugin
+from zope.app.authentication.interfaces import IQuerySchemaSearch
from zope.app.authentication.principalfolder import PrincipalInfo
+from zope.app.authentication.principalfolder import ISearchSchema
from zope.app.security.principalregistry import principalRegistry
from zope.interface import implements
@@ -23,8 +25,10 @@
"""
- implements(IAuthenticatorPlugin)
+ implements(IAuthenticatorPlugin, IQuerySchemaSearch)
+ schema = ISearchSchema
+
def authenticateCredentials(self, credentials):
"""Return principal info if credentials can be authenticated
"""
@@ -47,10 +51,27 @@
def principalInfo(self, id):
principal = principalRegistry.getPrincipal(id)
- if principal is None:
- return
return PrincipalInfo(principal.id,
principal.getLogin(),
principal.title,
principal.description)
+
+ def search(self, query, start=None, batch_size=None):
+ """Search through this principal provider.
+ """
+ search = query.get('search')
+ if search is None:
+ return
+ search = search.lower()
+ n = 1
+ values = [x for x in principalRegistry.getPrincipals('')
+ if x is not None]
+ for i, value in enumerate(values):
+ if (search in value.title.lower() or
+ search in value.description.lower() or
+ search in value.getLogin().lower()):
+ if not ((start is not None and i < start)
+ or (batch_size is not None and n > batch_size)):
+ n += 1
+ yield value.__name__
Modified: Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py
===================================================================
--- Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py 2007-08-21 23:06:51 UTC (rev 79108)
+++ Sandbox/ulif/grok-adminui-with-principals/src/grok/admin/view.py 2007-08-22 01:26:38 UTC (rev 79109)
@@ -42,7 +42,9 @@
from zope.app.apidoc.codemodule.zcml import ZCMLFile
from zope.app.authentication.interfaces import IPluggableAuthentication
from zope.app.authentication.interfaces import IAuthenticatorPlugin
+from zope.app.authentication.interfaces import IQuerySchemaSearch
from zope.app.authentication.principalfolder import InternalPrincipal
+from zope.app.authentication.principalfolder import IInternalPrincipalContainer
from zope.app.folder.interfaces import IRootFolder
from zope.app.security.interfaces import ILogout, IAuthentication
from zope.app.security.interfaces import IUnauthenticatedPrincipal
@@ -525,20 +527,28 @@
def getUserFolder(self):
pau = zope.component.getUtility(IAuthentication)
if not IPluggableAuthentication.providedBy(pau):
- return
+ return (None, False, False)
for name, plugin in pau.getAuthenticatorPlugins():
- if IAuthenticatorPlugin.providedBy(plugin):
- return plugin
+ if not IAuthenticatorPlugin.providedBy(plugin):
+ continue
+ # This is a lie, but how should we know?
+ writeable = IInternalPrincipalContainer.providedBy(plugin)
+ searchable = IQuerySchemaSearch.providedBy(plugin)
+ return (plugin, writeable, searchable)
+ return (None, False, False)
-
def getPrincipals(self):
"""Get a list of ``InternalPrincipal`` objects from the PAU.
- The PAU asked is the one setup with the admin-UI.
+ The PAU asked is most probably the one setup with the
+ admin-UI. We use the search method, which should be available,
+ if the authenticator provides ``IQuerySchemaSearch``.
"""
- self.userfolder = self.getUserFolder()
+ if not self.searchable:
+ return []
users = list(self.userfolder.search({'search':''}))
- user_infos = [self.userfolder.principalInfo(x) for x in users]
+ user_infos = [self.userfolder.principalInfo(x) for x in users
+ if x is not None]
# Add a dict of roles for each user...
role_map = IPrincipalRoleMap(self.context)
@@ -562,6 +572,11 @@
def addPrincipal(self, id, login, title, description, password, roles):
"""Add a principal to the PAU.
"""
+ if not self.writeable:
+ self.msg = (u'Could not add principal: '
+ u'the authenticator holding the principals '
+ u'seems not to be writeable.')
+ return
if id is None:
id = login
principals = self.getPrincipals()
@@ -586,6 +601,11 @@
def deletePrincipal(self, id, title):
"""Delete a principal.
"""
+ if not self.writeable:
+ self.msg = (u'Principal could not be deleted: '
+ u'the authenticator holding the principals '
+ u'seems not to be writeable.')
+ return
if id not in [x.id for x in self.getPrincipals()]:
self.msg = (u'Principal `%s` does not exist in this context.' %
(title,))
@@ -595,6 +615,11 @@
def updatePrincipal(self, id, login, title, description, passwd, roles):
+ if not self.writeable:
+ self.msg = (u'Principal could not be updated: '
+ u'the authenticator holding the principals '
+ u'seems not to be writeable.')
+ return
if id is None:
id = login
principals = self.getPrincipals()
@@ -625,10 +650,11 @@
def update(self, id=None, login=None, title=None, description=None,
passwd=None, roles=[], addprincipal=None, delprincipal=None,
setpassword=None, update=None):
+ self.userfolder, self.writeable, self.searchable = self.getUserFolder()
self.roles = []
self.principals = []
self.msg = ""
- self.userfolder = self.getUserFolder()
+
if self.userfolder is None:
self.msg = ("This usermanagement screen is disabled, because no "
"working pluggable authentication utility (PAU) could "
More information about the Checkins
mailing list