[Checkins] SVN: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ Apply the login_transform explicitly in updateUser.
Maurits van Rees
cvs-admin at zope.org
Thu Jan 3 15:10:28 UTC 2013
Log message for revision 128995:
Apply the login_transform explicitly in updateUser.
This plugin method is never called from PAS, only directly by third party code.
Changed:
U Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py
U Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py
U Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py
-=-
Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py 2013-01-03 14:11:16 UTC (rev 128994)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py 2013-01-03 15:10:27 UTC (rev 128995)
@@ -117,6 +117,23 @@
view_name = createViewName('_findUser', id)
pas.ZCacheable_invalidate(view_name)
+ security.declarePublic( 'applyTransform' )
+ def applyTransform( self, value ):
+ """ Transform for login name.
+
+ Possibly transform the login, for example by making it lower
+ case.
+
+ Normally this is done in PAS itself, but in some cases a
+ method in a plugin may need to do it itself, when there is no
+ method in PAS that calls that method.
+ """
+ pas = self._getPAS()
+ if pas is not None:
+ return pas.applyTransform(value)
+ return value
+
+
classImplements(BasePlugin, *implementedBy(SimpleItem))
InitializeClass(BasePlugin)
Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py 2013-01-03 14:11:16 UTC (rev 128994)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py 2013-01-03 15:10:27 UTC (rev 128995)
@@ -314,6 +314,10 @@
# The following raises a KeyError if the user_id is invalid
old_login = self.getLoginForUserId(user_id)
+ # updateUser is not called from PAS, so we need to apply the
+ # login_transform (if set) ourselves.
+ login_name = self.applyTransform(login_name)
+
if old_login != login_name:
if self._login_to_userid.get(login_name) is not None:
Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py 2013-01-03 14:11:16 UTC (rev 128994)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py 2013-01-03 15:10:27 UTC (rev 128995)
@@ -26,6 +26,7 @@
from Products.PluggableAuthService.plugins.tests.helpers \
import makeRequestAndResponse
+
class DummyUser:
def __init__( self, id ):
@@ -34,6 +35,13 @@
def getId( self ):
return self._id
+
+class FakeLowerCasePAS(object):
+
+ def applyTransform(self, value):
+ return value.lower()
+
+
class ZODBUserManagerTests( unittest.TestCase
, IAuthenticationPlugin_conformance
, IUserEnumerationPlugin_conformance
@@ -470,6 +478,30 @@
self.assertRaises(ValueError,
zum.updateUser, 'user1', 'user2 at example.com')
+ def test_updateUser_transform(self):
+
+ zum = self._makeOne()
+ zum._getPAS = lambda: FakeLowerCasePAS()
+
+ # Create a user and make sure we can authenticate with it
+ zum.addUser( 'user1', 'user1 at example.com', 'password' )
+ info1 = { 'login' : 'user1 at example.com', 'password' : 'password' }
+ user_id, login = zum.authenticateCredentials(info1)
+ self.assertEqual(user_id, 'user1')
+ self.assertEqual(login, 'user1 at example.com')
+
+ # Give the user a new login; attempts to authenticate with the
+ # old login must fail. This is currently the only spot where
+ # the plugin itself needs to apply the login name transform
+ zum.updateUser('user1', 'USER1 at Foobar.Com')
+ self.failIf(zum.authenticateCredentials(info1))
+
+ # Try to authenticate with the new login, this must succeed.
+ info2 = { 'login' : 'user1 at foobar.com', 'password' : 'password' }
+ user_id, login = zum.authenticateCredentials(info2)
+ self.assertEqual(user_id, 'user1')
+ self.assertEqual(login, 'user1 at foobar.com')
+
def test_enumerateUsersWithOptionalMangling(self):
zum = self._makeOne()
More information about the checkins
mailing list