ScoDoc/ZopeProducts/exUserFolder/Extensions/usAuthSourceMethods.py

# (C) Copyright 2000,2001 The Internet (Aust) Pty Ltd
# ACN: 082 081 472  ABN: 83 082 081 472
# All Rights Reserved
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# Author: Andrew Milton <akm@theinternet.com.au>
# $Id: usAuthSourceMethods.py,v 1.3 2001/12/01 08:40:04 akm Exp $
#
########################################################################
#
# This is an example of an Extension Module to provide User Supplied 
# Authentication Methods.
# 
# It mimics the behaviour of the pgAuthSource Module, and the sql queries
# Used here would be added as ZSQLMethods in the usAuthSource Folder.
# (you can basically cut and paste them from the bottom of this .py file
# into the ZSQL Method Template Area
#
# It's not complete, but, you do get the idea...
#
# Each function becomes usFunctionName
#
# e.g. listOneUser -> usListOneUser
#
import string
from crypt import crypt

def listOneUser(self,username):
	users = []
	result=self.sqlListOneUser(username=username)
	for n in result:
		username=sqlattr(n,'username')
		password=sqlattr(n,'password')
		roles=string.split(sqlattr(n,'roles'))
		N={'username':username, 'password':password, 'roles':roles}
		users.append(N)
	return users

def listUsers(self):
	"""Returns a list of user names or [] if no users exist"""		
	users = []
	result=self.sqlListUsers()
	for n in result:
		username=sqlattr(n,'username')
		N={'username':username}
		users.append(N)
	return users	

def getUsers(self):
	"""Return a list of user objects or [] if no users exist"""
	data=[]
	try:    items=self.listusers()
	except: return data
	for people in items:
		roles=string.split(people['roles'],',')
		user=User(people['username'], roles, '')
		data.append(user)
	return data

def cryptPassword(self, username, password):
		salt =username[:2]
		secret = crypt(password, salt)
		return secret

def deleteUsers(self, userids):
	for uid in userids:
		self.sqlDeleteOneUser(userid=uid)


# Helper Functions...
from string import upper, lower
import Missing
mt=type(Missing.Value)

def typeconv(val):
    if type(val)==mt:
        return ''
    return val

def sqlattr(ob, attr):
    name=attr
    if hasattr(ob, attr):
        return typeconv(getattr(ob, attr))
    attr=upper(attr)
    if hasattr(ob, attr):
        return typeconv(getattr(ob, attr))
    attr=lower(attr)
    if hasattr(ob, attr):
        return typeconv(getattr(ob, attr))
    raise NameError, name


########################################################################
# SQL METHODS USED ABOVE
# PASTE INTO ZSQL METHODS
# take note of what parameters are used in each query
########################################################################

_sqlListUsers="""
SELECT * FROM passwd
"""

_sqlListOneUser="""
SELECT * FROM passwd
where username=<dtml-sqlvar username type=string>
"""

_sqlDeleteOneUser="""
DELETE FROM passwd
where uid=<dtml-sqlvar userid type=int>
"""

_sqlInsertUser="""
INSERT INTO passwd (username, password, roles)
VALUES (<dtml-sqlvar username type=string>,
        <dtml-sqlvar password type=string>,
		<dtml-sqlvar roles type=string>)
"""

_sqlUpdateUserPassword="""
UPDATE passwd set password=<dtml-sqlvar password type=string>
WHERE username=<dtml-sqlvar username type=string>
"""

_sqlUpdateUser="""
UPDATE passwd set roles=<dtml-sqlvar roles type=string>
WHERE username=<dtml-sqlvar username type=string>
"""
Upload from subversion 1932 2020-09-26 16:19:37 +02:00			`# (C) Copyright 2000,2001 The Internet (Aust) Pty Ltd`
			`# ACN: 082 081 472 ABN: 83 082 081 472`
			`# All Rights Reserved`
			`#`
			# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
			`# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
			`# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
			`# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE`
			`# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
			`# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS`
			`# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)`
			`# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT`
			`# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY`
			`# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
			`# SUCH DAMAGE.`
			`#`
			`# Author: Andrew Milton <akm@theinternet.com.au>`
			`# $Id: usAuthSourceMethods.py,v 1.3 2001/12/01 08:40:04 akm Exp $`
			`#`
			`########################################################################`
			`#`
			`# This is an example of an Extension Module to provide User Supplied`
			`# Authentication Methods.`
			`#`
			`# It mimics the behaviour of the pgAuthSource Module, and the sql queries`
			`# Used here would be added as ZSQLMethods in the usAuthSource Folder.`
			`# (you can basically cut and paste them from the bottom of this .py file`
			`# into the ZSQL Method Template Area`
			`#`
			`# It's not complete, but, you do get the idea...`
			`#`
			`# Each function becomes usFunctionName`
			`#`
			`# e.g. listOneUser -> usListOneUser`
			`#`
			`import string`
			`from crypt import crypt`

			`def listOneUser(self,username):`
			`users = []`
			`result=self.sqlListOneUser(username=username)`
			`for n in result:`
			`username=sqlattr(n,'username')`
			`password=sqlattr(n,'password')`
			`roles=string.split(sqlattr(n,'roles'))`
			`N={'username':username, 'password':password, 'roles':roles}`
			`users.append(N)`
			`return users`

			`def listUsers(self):`
			`"""Returns a list of user names or [] if no users exist"""`
			`users = []`
			`result=self.sqlListUsers()`
			`for n in result:`
			`username=sqlattr(n,'username')`
			`N={'username':username}`
			`users.append(N)`
			`return users`

			`def getUsers(self):`
			`"""Return a list of user objects or [] if no users exist"""`
			`data=[]`
			`try: items=self.listusers()`
			`except: return data`
			`for people in items:`
			`roles=string.split(people['roles'],',')`
			`user=User(people['username'], roles, '')`
			`data.append(user)`
			`return data`

			`def cryptPassword(self, username, password):`
			`salt =username[:2]`
			`secret = crypt(password, salt)`
			`return secret`

			`def deleteUsers(self, userids):`
			`for uid in userids:`
			`self.sqlDeleteOneUser(userid=uid)`


			`# Helper Functions...`
			`from string import upper, lower`
			`import Missing`
			`mt=type(Missing.Value)`

			`def typeconv(val):`
			`if type(val)==mt:`
			`return ''`
			`return val`

			`def sqlattr(ob, attr):`
			`name=attr`
			`if hasattr(ob, attr):`
			`return typeconv(getattr(ob, attr))`
			`attr=upper(attr)`
			`if hasattr(ob, attr):`
			`return typeconv(getattr(ob, attr))`
			`attr=lower(attr)`
			`if hasattr(ob, attr):`
			`return typeconv(getattr(ob, attr))`
			`raise NameError, name`


			`########################################################################`
			`# SQL METHODS USED ABOVE`
			`# PASTE INTO ZSQL METHODS`
			`# take note of what parameters are used in each query`
			`########################################################################`

			`_sqlListUsers="""`
			`SELECT * FROM passwd`
			`"""`

			`_sqlListOneUser="""`
			`SELECT * FROM passwd`
			`where username=<dtml-sqlvar username type=string>`
			`"""`

			`_sqlDeleteOneUser="""`
			`DELETE FROM passwd`
			`where uid=<dtml-sqlvar userid type=int>`
			`"""`

			`_sqlInsertUser="""`
			`INSERT INTO passwd (username, password, roles)`
			`VALUES (<dtml-sqlvar username type=string>,`
			`<dtml-sqlvar password type=string>,`
			`<dtml-sqlvar roles type=string>)`
			`"""`

			`_sqlUpdateUserPassword="""`
			`UPDATE passwd set password=<dtml-sqlvar password type=string>`
			`WHERE username=<dtml-sqlvar username type=string>`
			`"""`

			`_sqlUpdateUser="""`
			`UPDATE passwd set roles=<dtml-sqlvar roles type=string>`
			`WHERE username=<dtml-sqlvar username type=string>`
			`"""`