[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/ Added a login_logout snippet that works with all varieties of principals. The old approach broke with principals coming from a principal folder.

Garrett Smith garrett at mojave-corp.com
Sat Feb 5 18:35:40 EST 2005


Log message for revision 29058:
  Added a login_logout snippet that works with all varieties of principals. The old approach broke with principals coming from a principal folder.

Changed:
  U   Zope3/trunk/src/zope/app/rotterdam/template.pt
  U   Zope3/trunk/src/zope/app/security/browser/auth.py
  U   Zope3/trunk/src/zope/app/security/browser/configure.zcml
  A   Zope3/trunk/src/zope/app/security/browser/loginlogout.txt
  U   Zope3/trunk/src/zope/app/security/browser/tests.py

-=-
Modified: Zope3/trunk/src/zope/app/rotterdam/template.pt
===================================================================
--- Zope3/trunk/src/zope/app/rotterdam/template.pt	2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/rotterdam/template.pt	2005-02-05 23:35:39 UTC (rev 29058)
@@ -56,14 +56,7 @@
         </metal:block>
         <metal:block define-slot="login_logout">
           <metal:macro define-macro="login_logout">
-          <a href=""
-            tal:attributes="href string:@@logout.html?nextURL=${request/URL/url:quote}"
-            tal:condition="python: hasattr(request.principal, 'getLogin')"
-            i18n:translate="">[Logout]</a>
-          <a href=""
-            tal:attributes="href string:@@login.html?nextURL=${request/URL/url:quote}"
-            tal:condition="python: not hasattr(request.principal, 'getLogin')"
-            i18n:translate="">[Login]</a>
+          <tal:block content="structure context/@@login_logout" />
           </metal:macro>
         </metal:block>
       </div>

Modified: Zope3/trunk/src/zope/app/security/browser/auth.py
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/auth.py	2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/auth.py	2005-02-05 23:35:39 UTC (rev 29058)
@@ -15,12 +15,13 @@
 
 $Id$
 """
+import urllib
 from zope.interface import implements
 from zope.i18n import translate
 from zope.app.zapi import getName, getPath
 from zope.app.publisher.interfaces.http import ILogin, ILogout
 from zope.app.security.interfaces import IAuthentication
-from zope.app.security.principalregistry import UnauthenticatedPrincipal
+from zope.app.security.interfaces import IUnauthenticatedPrincipal
 from zope.app.pagetemplate import ViewPageTemplateFile
 from zope.proxy import removeAllProxies
 from zope.app.i18n import ZopeMessageIDFactory as _
@@ -38,7 +39,7 @@
     def render(self, name):
         sourcename = 'principals.zcml'
         html = []
-        
+
         # add sub title for source search field
         html.append('<h4 i18n:translate="">%s</h4>' % sourcename)
         # start row for search fields
@@ -77,8 +78,7 @@
 
     def login(self, nextURL=None):
         """See zope.app.security.interfaces.ILogin"""
-        if isinstance(removeAllProxies(self.request.principal), \
-                      UnauthenticatedPrincipal):
+        if IUnauthenticatedPrincipal.providedBy(self.request.principal):
             self.request.unauthorized("basic realm='Zope'")
             return self.failed()
         else:
@@ -104,7 +104,7 @@
 
     def logout(self, nextURL=None):
         """See zope.app.security.interfaces.ILogout"""
-        if not isinstance(self.request.principal, UnauthenticatedPrincipal):
+        if not IUnauthenticatedPrincipal.providedBy(self.request.principal):
             self.request.unauthorized("basic realm='Zope'")
             if nextURL:
                 return self.redirect()
@@ -119,3 +119,18 @@
     redirect = ViewPageTemplateFile('redirect.pt')
 
 
+class LoginLogout:
+
+    def __init__(self, context, request):
+        self.context = context
+        self.request = request
+
+    def __call__(self):
+        if IUnauthenticatedPrincipal.providedBy(self.request.principal):
+            page = 'login.html'
+            label = _('[Login]')
+        else:
+            page = 'logout.html'
+            label = _('[Logout]')
+        return '<a href="%s?nextURL=%s">%s</a>' % (
+            page, urllib.quote(self.request.getURL()), label)

Modified: Zope3/trunk/src/zope/app/security/browser/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/configure.zcml	2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/configure.zcml	2005-02-05 23:35:39 UTC (rev 29058)
@@ -6,14 +6,14 @@
       for="zope.app.security.interfaces.IAuthentication
            zope.publisher.interfaces.browser.IBrowserRequest"
       provides="zope.app.form.browser.interfaces.ISourceQueryView"
-      factory="zope.app.security.browser.auth.AuthUtilitySearchView" 
+      factory="zope.app.security.browser.auth.AuthUtilitySearchView"
       />
 
   <adapter
       for="zope.app.security.interfaces.IPrincipalSource
            zope.publisher.interfaces.browser.IBrowserRequest"
       provides="zope.app.form.browser.interfaces.ITerms"
-      factory="zope.app.security.browser.principalterms.PrincipalTerms" 
+      factory="zope.app.security.browser.principalterms.PrincipalTerms"
       />
 
   <browser:page
@@ -34,6 +34,13 @@
       allowed_interface="zope.app.publisher.interfaces.http.ILogout"
       />
 
+  <browser:page
+      name="login_logout"
+      for="*"
+      class=".auth.LoginLogout"
+      permission="zope.Public"
+      />
+
   <browser:tool
       interface="..interfaces.IPermission"
       title="Permission"

Added: Zope3/trunk/src/zope/app/security/browser/loginlogout.txt
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/loginlogout.txt	2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/loginlogout.txt	2005-02-05 23:35:39 UTC (rev 29058)
@@ -0,0 +1,46 @@
+====================
+Login/Logout Snippet
+====================
+
+The class LoginLogout:
+
+  >>> from zope.app.security.browser.auth import LoginLogout
+
+is used as a view to generate an HTML snippet suitable for logging in or
+logging out based on whether or not the current principal is authenticated.
+
+When the current principal is unauthenticated, it provides
+IUnauthenticatedPrincipal:
+
+  >>> from zope.app.security.interfaces import IUnauthenticatedPrincipal
+  >>> from zope.app.security.principalregistry import UnauthenticatedPrincipal
+  >>> anonymous = UnauthenticatedPrincipal('anon', '', '')
+  >>> IUnauthenticatedPrincipal.providedBy(anonymous)
+  True
+
+When LoginLogout is used for a request that has an unauthenticated principal,
+it provides the user with a link to 'Login':
+
+  >>> from zope.publisher.browser import TestRequest
+  >>> request = TestRequest()
+  >>> request.setPrincipal(anonymous)
+  >>> LoginLogout(None, request)()
+  u'<a href="login.html?nextURL=http%3A//127.0.0.1">[Login]</a>'
+
+When LoginLogout is used for a request that has an authenticated principal:
+
+  >>> from zope.security.interfaces import IPrincipal
+  >>> from zope.interface import implements
+  >>> class Bob:
+  ...     implements(IPrincipal)
+  ...     id = 'bob'
+  ...     title = description = ''
+  >>> bob = Bob()
+  >>> IUnauthenticatedPrincipal.providedBy(bob)
+  False
+  >>> request.setPrincipal(bob)
+
+it provides the user with a link to 'Logout':
+
+  >>> LoginLogout(None, request)()
+  u'<a href="logout.html?nextURL=http%3A//127.0.0.1">[Logout]</a>'

Modified: Zope3/trunk/src/zope/app/security/browser/tests.py
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/tests.py	2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/tests.py	2005-02-05 23:35:39 UTC (rev 29058)
@@ -28,6 +28,9 @@
         doctest.DocFileSuite('principalterms.txt',
                              setUp=placelesssetup.setUp,
                              tearDown=placelesssetup.tearDown),
+        doctest.DocFileSuite('loginlogout.txt',
+                             setUp=placelesssetup.setUp,
+                             tearDown=placelesssetup.tearDown),
         ))
 
 if __name__ == '__main__':



More information about the Zope3-Checkins mailing list