[Checkins] SVN: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ Apply the login_transform explicitly in updateUser.

Maurits van Rees cvs-admin at zope.org
Thu Jan 3 15:10:28 UTC 2013 

Log message for revision 128995:
  Apply the login_transform explicitly in updateUser.
  
  This plugin method is never called from PAS, only directly by third party code.

Changed:
  U   Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py
  U   Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py
  U   Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py

-=-
Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py	2013-01-03 14:11:16 UTC (rev 128994)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/BasePlugin.py	2013-01-03 15:10:27 UTC (rev 128995)
@@ -117,6 +117,23 @@
             view_name = createViewName('_findUser', id)
             pas.ZCacheable_invalidate(view_name)
 
+    security.declarePublic( 'applyTransform' )
+    def applyTransform( self, value ):
+        """ Transform for login name.
+
+        Possibly transform the login, for example by making it lower
+        case.
+
+        Normally this is done in PAS itself, but in some cases a
+        method in a plugin may need to do it itself, when there is no
+        method in PAS that calls that method.
+        """
+        pas = self._getPAS()
+        if pas is not None:
+            return pas.applyTransform(value)
+        return value
+
+
 classImplements(BasePlugin, *implementedBy(SimpleItem))
 
 InitializeClass(BasePlugin)

Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py	2013-01-03 14:11:16 UTC (rev 128994)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/ZODBUserManager.py	2013-01-03 15:10:27 UTC (rev 128995)
@@ -314,6 +314,10 @@
         # The following raises a KeyError if the user_id is invalid
         old_login = self.getLoginForUserId(user_id)
 
+        # updateUser is not called from PAS, so we need to apply the
+        # login_transform (if set) ourselves.
+        login_name = self.applyTransform(login_name)
+
         if old_login != login_name:
 
             if self._login_to_userid.get(login_name) is not None:

Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py	2013-01-03 14:11:16 UTC (rev 128994)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/plugins/tests/test_ZODBUserManager.py	2013-01-03 15:10:27 UTC (rev 128995)
@@ -26,6 +26,7 @@
 from Products.PluggableAuthService.plugins.tests.helpers \
      import makeRequestAndResponse
 
+
 class DummyUser:
 
     def __init__( self, id ):
@@ -34,6 +35,13 @@
     def getId( self ):
         return self._id
 
+
+class FakeLowerCasePAS(object):
+
+    def applyTransform(self, value):
+        return value.lower()
+
+
 class ZODBUserManagerTests( unittest.TestCase
                           , IAuthenticationPlugin_conformance
                           , IUserEnumerationPlugin_conformance
@@ -470,6 +478,30 @@
         self.assertRaises(ValueError,
                           zum.updateUser, 'user1', 'user2 at example.com')
 
+    def test_updateUser_transform(self):
+
+        zum = self._makeOne()
+        zum._getPAS = lambda: FakeLowerCasePAS()
+
+        # Create a user and make sure we can authenticate with it
+        zum.addUser( 'user1', 'user1 at example.com', 'password' )
+        info1 = { 'login' : 'user1 at example.com', 'password' : 'password' }
+        user_id, login = zum.authenticateCredentials(info1)
+        self.assertEqual(user_id, 'user1')
+        self.assertEqual(login, 'user1 at example.com')
+
+        # Give the user a new login; attempts to authenticate with the
+        # old login must fail.  This is currently the only spot where
+        # the plugin itself needs to apply the login name transform
+        zum.updateUser('user1', 'USER1 at Foobar.Com')
+        self.failIf(zum.authenticateCredentials(info1))
+
+        # Try to authenticate with the new login, this must succeed.
+        info2 = { 'login' : 'user1 at foobar.com', 'password' : 'password' }
+        user_id, login = zum.authenticateCredentials(info2)
+        self.assertEqual(user_id, 'user1')
+        self.assertEqual(login, 'user1 at foobar.com')
+
     def test_enumerateUsersWithOptionalMangling(self):
 
         zum = self._makeOne()

More information about the checkins mailing list