Commit f6342cb7 authored by Alexandre Boeglin's avatar Alexandre Boeglin

Fixed indentation.

Now uses Person reference instead of id as login.
Can be extended through a Python Script.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4468 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 008877c7
......@@ -24,6 +24,8 @@ from Products.PluggableAuthService.utils import classImplements
from Products.PluggableAuthService.interfaces.plugins import IGroupsPlugin
from Products.ERP5Type.Cache import CachingMethod
from pickle import dumps, loads
from zLOG import LOG
manage_addERP5GroupManagerForm = PageTemplateFile(
......@@ -63,34 +65,68 @@ class ERP5GroupManager(BasePlugin):
""" See IGroupsPlugin.
"""
def _getGroupsForPrincipal(user_name, path):
security_category_dict = {} # key is the base_category_list,
# value is the list of fetched categories
security_group_list = []
security_definition_dict = {}
# because we aren't logged in, we have to create our own
# SecurityManager to be able to access the Catalog
#FIXME here we assume that the portal owner will always have
# enough rights, which might as well be wrong
newSecurityManager(self, self.getPortalObject().getOwner())
base_category_list = self.getPortalObject().getPortalAssignmentBaseCategoryList()
user_name = principal.getId()
person_module = self.getPortalObject().getDefaultModule('Person')
person_object = getattr(person_module, user_name, None)
# return no groups if the username is not registered in person module
if not person_object:
return ()
# Fetch category values from assignment
category_list = self.ERP5Type_getSecurityCategoryFromAssignment(base_category_list, user_name, self, '')
# return no groups if we there are no Security Categories
if not category_list:
# To get the complete list of groups, we try to call the
# ERP5Type_getSecurityCategoryMapping which should return a dict
# like : {
# 'script_1':['base_category_1', 'base_category_2', ...],
# 'script_2':['base_category_1', 'base_category_3', ...]}
#
# else, if the script does not exist, falls back to :
# { 'ERP5Type_getSecurityCategoryFromAssignment':
# self.getPortalAssignmentBaseCategoryList()}
mapping_method = getattr(self,
'ERP5Type_getSecurityCategoryMapping', None)
if mapping_method is None:
security_definition_dict = {
'ERP5Type_getSecurityCategoryFromAssignment':
self.getPortalAssignmentBaseCategoryList()
}
else:
security_definition_dict = mapping_method()
# get the person from its reference
catalog_result = self.portal_catalog(
portal_type="Person", reference=user_name)
if len(catalog_result) != 1: # we won't proceed with groups
if len(catalog_result) > 1: # configuration is screwed
raise 'ConsistencyError', 'There is more than one Person whose \
login is %s : %s' % (user_name,
repr([r.getObject() for r in catalog_result]))
else: # no person is linked to this user login
return ()
person_object = catalog_result[0].getObject()
person_id = person_object.getId()
# Fetch category values from defined scripts
for method_name, base_category_list in \
security_definition_dict.items():
pickled_category_list = dumps(base_category_list)
method = getattr(self, method_name)
if not security_category_dict.has_key(pickled_category_list):
security_category_dict[pickled_category_list] = []
security_category_dict[pickled_category_list].extend(
method(base_category_list, person_id, person_object, ''))
# Get group names from category values
for c_dict in category_list:
security_group_list.append(self.ERP5Type_asSecurityGroupId(category_order=base_category_list, **c_dict))
LOG('erp5_groups', 0, 'user %s is member of %s' %(user_name, str(security_group_list)))
group_id_generator = getattr(self, 'ERP5Type_asSecurityGroupId')
for pickled_category_list, category_value_list in \
security_category_dict.items():
base_category_list = loads(pickled_category_list)
for category_dict in category_value_list:
security_group_list.append(group_id_generator(
category_order=base_category_list, **category_dict))
return tuple(security_group_list)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment