244 lines
7.7 KiB
Python
Raw Permalink Normal View History

2020-09-26 16:19:37 +02:00
#
# Extensible User Folder
#
# (C) Copyright 2000,2001 The Internet (Aust) Pty Ltd
# ACN: 082 081 472 ABN: 83 082 081 472
# All Rights Reserved
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# Author: Andrew Milton <akm@theinternet.com.au>
# $Id: User.py,v 1.10 2004/12/14 05:30:29 akm Exp $
##############################################################################
#
# Zope Public License (ZPL) Version 0.9.4
# ---------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# Redistribution and use in source and binary forms, with or
# without modification, are permitted provided that the following
# conditions are met:
#
# 1. Redistributions in source code must retain the above
# copyright notice, this list of conditions, and the following
# disclaimer.
#
# 6. Redistributions of any form whatsoever must retain the
# following acknowledgment:
#
# "This product includes software developed by Digital
# Creations for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND
# ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
# FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
# SHALL DIGITAL CREATIONS OR ITS CONTRIBUTORS BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
# THE POSSIBILITY OF SUCH DAMAGE.
#
##############################################################################
from AccessControl.User import BasicUser
from string import join,strip,split,lower,upper,find
class XUFUser(BasicUser):
icon='misc_/exUserFolder/exUser.gif'
# cacheable is a dict that must contain at least name, password,
# roles, and domains -- unless you're working with your own User class,
# in which case you need to override __init__ and define it yourself.
def __init__(self, cacheable, propSource, cryptPassword, authSource,
groupSource=None):
self.name =cacheable['name']
self.__ =cacheable['password']
if cacheable['roles']:
self.roles = filter(None, cacheable['roles'])
else:
self.roles = []
# domains may be passed as a string or a list
if type(cacheable['domains']) == type(''):
self.domains=filter(None, map(strip,
split(cacheable['domains'], ',')))
else:
self.domains=cacheable['domains']
self._authSource=authSource
self._propSource=propSource
self._groupSource=groupSource
self.cryptPassword=cryptPassword
def getUserName(self):
return self.name
def _getPassword(self):
return self.__
def getRoles(self):
return tuple(self.roles) + ('Authenticated',)
def getDomains(self):
return self.domains
# Ultra generic way of getting, checking and setting properties
def getProperty(self, property, default=None):
if self._propSource:
return self._propSource.getUserProperty(property, self.name, default)
def hasProperty(self, property):
if self._propSource:
return self._propSource.hasProperty(property)
def setProperty(self, property, value):
if property[0]=='_':
return
if self._propSource:
return self._propSource.setUserProperty(property, self.name, value)
def setTempProperty(self, property, value):
if property[0]=='_':
return
if self._propSource:
return self._propSource.setTempProperty(property, value)
def flushTempProperties(self):
if self._propSource:
return self._propSource.flushTempProperties()
def delProperty(self, property):
if property[0]=='_':
return
if self._propSource:
return self._propSource.delUserProperty(property, self.name)
def listProperties(self):
if self._propSource:
return self._propSource.listUserProperties(self.name)
# Try to allow User['property'] -- won't work for password d;)
def __getitem__(self, key):
# Don't return 'private' keys
if key[0] != '_':
if hasattr(self, key):
return getattr(self, key)
if self._propSource and self._propSource.hasProperty(key):
return self._propSource.getUserProperty(key, self.name)
raise KeyError, key
def __setitem__(self, key, value):
if key[0]=='_':
return
if self._propSource:
self._propSource.setUserProperty(key, self.name, value)
# List one user is supplied by the Auth Source...
def authenticate(self, listOneUser, password, request, remoteAuth=None):
result=listOneUser(username=self.name)
for people in result:
if remoteAuth:
return remoteAuth(self.name, password)
else:
secret=self.cryptPassword(self.name, password)
return secret==people['password']
return None
# You can set logout times or whatever here if you want to, the
# property source is still active.
def notifyCacheRemoval(self):
if self._propSource:
self._propSource.flushTempProperties()
# You must override this and __init__ if you are subclassing
# the user object, or your user object may not be reconstructed
# properly! All values in this dict must be non-Persistent objects
# or types, and may not hold any references to Persistent objects,
# or the cache will break.
def _getCacheableDict(self):
return {'name': self.name,
'password': self.__,
'roles': self.roles,
'domains': self.domains}
def getGroups(self):
if self._groupSource:
return self._groupSource.getGroupsOfUser(self.name)
else:
return ()
def _setGroups(self, groupnames):
if self._groupSource:
return self._groupSource.setGroupsOfUser(groupnames, self.name)
def _addGroups(self, groupnames):
if self._groupSource:
return self._groupSource.addGroupsToUser(groupnames, self.name)
def _delGroups(self, groupnames):
if self._groupSource:
return self._groupSource.delGroupsFromUser(groupnames, self.name)
def getId(self):
if self._propSource and self._propSource.getUserProperty('userid', self.name):
return self._propSource.getUserProperty('userid', self.name)
return self.name
#
# An Anonymous User for session tracking...
# Can set and get properties just like a normal user.
#
# These objects live in the cache, so, we have a __del__ method to
# clean ourselves up.
#
class XUFAnonUser(XUFUser):
def __init__(self, name, roles, propSource):
self.name =name
self.__ =''
self.roles =filter(None, roles)
self._propSource=propSource
def getRoles(self):
return tuple(self.roles) + ('Anonymous',)
def authenticate(self, listOneUser, password, request, remoteAuth=None):
return 1
def notifyCacheRemoval(self):
if self._propSource:
self._propSource.deleteUsers([self.name,])
# We now set up a dummy classes so that people can extend the User objects
# or override stuff with much less pain --akm
class User(XUFUser):
pass
class AnonUser(XUFAnonUser):
pass