[Checkins] SVN: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/PluggableAuthService.py Let PAS._updateLoginName do most of the work.
Maurits van Rees
cvs-admin at zope.org
Mon Jan 21 13:57:50 UTC 2013
Log message for revision 129070:
Let PAS._updateLoginName do most of the work.
updateLoginName and updateOwnLoginName were almost the same.
Also, do not cut these calls short by comparing the current login name with the new login name,
as this can lead to wrong results, previously masked by a missing return statement
after the logger.debug line in updateLoginName in that case.
Changed:
U Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/PluggableAuthService.py
-=-
Modified: Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/PluggableAuthService.py
===================================================================
--- Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/PluggableAuthService.py 2013-01-21 13:14:10 UTC (rev 129069)
+++ Products.PluggableAuthService/branches/maurits-login-transform/Products/PluggableAuthService/PluggableAuthService.py 2013-01-21 13:57:50 UTC (rev 129070)
@@ -1266,39 +1266,15 @@
logger.debug("Called updateLoginName, user_id=%r, login_name=%r",
user_id, login_name)
login_name = self.applyTransform(login_name)
- user = self.getUserById(user_id)
- if user is None:
- return
- if user.getUserName() == login_name:
- logger.debug("login name is the same: %r", login_name)
- plugins = self._getOb('plugins')
- updaters = plugins.listPlugins(IUserEnumerationPlugin)
+ # Note: we do not call self.getUserById(user_id) here to see
+ # if this user exists, or call getUserName() on the answer to
+ # compare it with the transformed login name, because the user
+ # may be reported with a login name that is transformed on the
+ # fly, for example in the _verifyUser call, even though the
+ # plugin has not actually transformed the login name yet in
+ # the backend.
+ self._updateLoginName(user_id, login_name)
- # Call the updaters. One of them *must* succeed without an
- # exception, even if it does not change anything. When a
- # login name is already taken, we do not want to fail
- # silently.
- success = False
- for updater_id, updater in updaters:
- if not hasattr(updater, 'updateUser'):
- # This was a later addition to the interface, so we
- # are forgiving.
- logger.warn("%s plugin lacks updateUser method of "
- "IUserEnumerationPlugin.", updater_id)
- continue
- try:
- updater.updateUser(user_id, login_name)
- except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
- reraise(updater)
- logger.debug('UpdateLoginNamePlugin %s error' % updater_id,
- exc_info=True)
- else:
- success = True
-
- if not success:
- raise ValueError("Cannot update login name of user %r to %r. "
- "Possibly duplicate." % (user_id, login_name))
-
security.declarePublic('updateOwnLoginName')
def updateOwnLoginName(self, login_name):
"""Update own login name of authenticated user.
@@ -1308,10 +1284,14 @@
user = getSecurityManager().getUser()
if aq_base(user) is nobody:
return
- if user.getUserName() == login_name:
- logger.debug("login name is the same: %r", login_name)
- return
user_id = user.getId()
+ # Note: we do not compare the login name here. See the
+ # comment in updateLoginName above.
+ self._updateLoginName(user_id, login_name)
+
+ def _updateLoginName(self, user_id, login_name):
+ # Note: we do not compare the login name here. See the
+ # comment in updateLoginName above.
plugins = self._getOb('plugins')
updaters = plugins.listPlugins(IUserEnumerationPlugin)
@@ -1338,7 +1318,7 @@
logger.debug("login name changed to: %r", login_name)
if not success:
- raise ValueError("Cannot update own login name of user %r to %r. "
+ raise ValueError("Cannot update login name of user %r to %r. "
"Possibly duplicate." % (user_id, login_name))
security.declareProtected( ManageUsers, 'updateLoginName')
More information about the checkins
mailing list