141 lines
4.0 KiB
Python
141 lines
4.0 KiB
Python
|
# (C) Copyright 2000,2001 The Internet (Aust) Pty Ltd
|
||
|
# ACN: 082 081 472 ABN: 83 082 081 472
|
||
|
# All Rights Reserved
|
||
|
#
|
||
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||
|
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||
|
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||
|
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||
|
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||
|
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||
|
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||
|
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||
|
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||
|
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||
|
# SUCH DAMAGE.
|
||
|
#
|
||
|
# Author: Andrew Milton <akm@theinternet.com.au>
|
||
|
# $Id: usAuthSourceMethods.py,v 1.3 2001/12/01 08:40:04 akm Exp $
|
||
|
#
|
||
|
########################################################################
|
||
|
#
|
||
|
# This is an example of an Extension Module to provide User Supplied
|
||
|
# Authentication Methods.
|
||
|
#
|
||
|
# It mimics the behaviour of the pgAuthSource Module, and the sql queries
|
||
|
# Used here would be added as ZSQLMethods in the usAuthSource Folder.
|
||
|
# (you can basically cut and paste them from the bottom of this .py file
|
||
|
# into the ZSQL Method Template Area
|
||
|
#
|
||
|
# It's not complete, but, you do get the idea...
|
||
|
#
|
||
|
# Each function becomes usFunctionName
|
||
|
#
|
||
|
# e.g. listOneUser -> usListOneUser
|
||
|
#
|
||
|
import string
|
||
|
from crypt import crypt
|
||
|
|
||
|
def listOneUser(self,username):
|
||
|
users = []
|
||
|
result=self.sqlListOneUser(username=username)
|
||
|
for n in result:
|
||
|
username=sqlattr(n,'username')
|
||
|
password=sqlattr(n,'password')
|
||
|
roles=string.split(sqlattr(n,'roles'))
|
||
|
N={'username':username, 'password':password, 'roles':roles}
|
||
|
users.append(N)
|
||
|
return users
|
||
|
|
||
|
def listUsers(self):
|
||
|
"""Returns a list of user names or [] if no users exist"""
|
||
|
users = []
|
||
|
result=self.sqlListUsers()
|
||
|
for n in result:
|
||
|
username=sqlattr(n,'username')
|
||
|
N={'username':username}
|
||
|
users.append(N)
|
||
|
return users
|
||
|
|
||
|
def getUsers(self):
|
||
|
"""Return a list of user objects or [] if no users exist"""
|
||
|
data=[]
|
||
|
try: items=self.listusers()
|
||
|
except: return data
|
||
|
for people in items:
|
||
|
roles=string.split(people['roles'],',')
|
||
|
user=User(people['username'], roles, '')
|
||
|
data.append(user)
|
||
|
return data
|
||
|
|
||
|
def cryptPassword(self, username, password):
|
||
|
salt =username[:2]
|
||
|
secret = crypt(password, salt)
|
||
|
return secret
|
||
|
|
||
|
def deleteUsers(self, userids):
|
||
|
for uid in userids:
|
||
|
self.sqlDeleteOneUser(userid=uid)
|
||
|
|
||
|
|
||
|
# Helper Functions...
|
||
|
from string import upper, lower
|
||
|
import Missing
|
||
|
mt=type(Missing.Value)
|
||
|
|
||
|
def typeconv(val):
|
||
|
if type(val)==mt:
|
||
|
return ''
|
||
|
return val
|
||
|
|
||
|
def sqlattr(ob, attr):
|
||
|
name=attr
|
||
|
if hasattr(ob, attr):
|
||
|
return typeconv(getattr(ob, attr))
|
||
|
attr=upper(attr)
|
||
|
if hasattr(ob, attr):
|
||
|
return typeconv(getattr(ob, attr))
|
||
|
attr=lower(attr)
|
||
|
if hasattr(ob, attr):
|
||
|
return typeconv(getattr(ob, attr))
|
||
|
raise NameError, name
|
||
|
|
||
|
|
||
|
########################################################################
|
||
|
# SQL METHODS USED ABOVE
|
||
|
# PASTE INTO ZSQL METHODS
|
||
|
# take note of what parameters are used in each query
|
||
|
########################################################################
|
||
|
|
||
|
_sqlListUsers="""
|
||
|
SELECT * FROM passwd
|
||
|
"""
|
||
|
|
||
|
_sqlListOneUser="""
|
||
|
SELECT * FROM passwd
|
||
|
where username=<dtml-sqlvar username type=string>
|
||
|
"""
|
||
|
|
||
|
_sqlDeleteOneUser="""
|
||
|
DELETE FROM passwd
|
||
|
where uid=<dtml-sqlvar userid type=int>
|
||
|
"""
|
||
|
|
||
|
_sqlInsertUser="""
|
||
|
INSERT INTO passwd (username, password, roles)
|
||
|
VALUES (<dtml-sqlvar username type=string>,
|
||
|
<dtml-sqlvar password type=string>,
|
||
|
<dtml-sqlvar roles type=string>)
|
||
|
"""
|
||
|
|
||
|
_sqlUpdateUserPassword="""
|
||
|
UPDATE passwd set password=<dtml-sqlvar password type=string>
|
||
|
WHERE username=<dtml-sqlvar username type=string>
|
||
|
"""
|
||
|
|
||
|
_sqlUpdateUser="""
|
||
|
UPDATE passwd set roles=<dtml-sqlvar roles type=string>
|
||
|
WHERE username=<dtml-sqlvar username type=string>
|
||
|
"""
|
||
|
|