Commit f6342cb7 authored by Alexandre Boeglin's avatar Alexandre Boeglin

Fixed indentation.

Now uses Person reference instead of id as login.
Can be extended through a Python Script.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4468 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 008877c7
...@@ -24,6 +24,8 @@ from Products.PluggableAuthService.utils import classImplements ...@@ -24,6 +24,8 @@ from Products.PluggableAuthService.utils import classImplements
from Products.PluggableAuthService.interfaces.plugins import IGroupsPlugin from Products.PluggableAuthService.interfaces.plugins import IGroupsPlugin
from Products.ERP5Type.Cache import CachingMethod from Products.ERP5Type.Cache import CachingMethod
from pickle import dumps, loads
from zLOG import LOG from zLOG import LOG
manage_addERP5GroupManagerForm = PageTemplateFile( manage_addERP5GroupManagerForm = PageTemplateFile(
...@@ -63,34 +65,68 @@ class ERP5GroupManager(BasePlugin): ...@@ -63,34 +65,68 @@ class ERP5GroupManager(BasePlugin):
""" See IGroupsPlugin. """ See IGroupsPlugin.
""" """
def _getGroupsForPrincipal(user_name, path): def _getGroupsForPrincipal(user_name, path):
security_category_dict = {} # key is the base_category_list,
# value is the list of fetched categories
security_group_list = [] security_group_list = []
security_definition_dict = {}
# because we aren't logged in, we have to create our own # because we aren't logged in, we have to create our own
# SecurityManager to be able to access the Catalog # SecurityManager to be able to access the Catalog
#FIXME here we assume that the portal owner will always have
# enough rights, which might as well be wrong
newSecurityManager(self, self.getPortalObject().getOwner()) newSecurityManager(self, self.getPortalObject().getOwner())
base_category_list = self.getPortalObject().getPortalAssignmentBaseCategoryList()
user_name = principal.getId()
person_module = self.getPortalObject().getDefaultModule('Person')
person_object = getattr(person_module, user_name, None)
# return no groups if the username is not registered in person module
if not person_object:
return ()
# Fetch category values from assignment
category_list = self.ERP5Type_getSecurityCategoryFromAssignment(base_category_list, user_name, self, '')
# return no groups if we there are no Security Categories # To get the complete list of groups, we try to call the
if not category_list: # ERP5Type_getSecurityCategoryMapping which should return a dict
# like : {
# 'script_1':['base_category_1', 'base_category_2', ...],
# 'script_2':['base_category_1', 'base_category_3', ...]}
#
# else, if the script does not exist, falls back to :
# { 'ERP5Type_getSecurityCategoryFromAssignment':
# self.getPortalAssignmentBaseCategoryList()}
mapping_method = getattr(self,
'ERP5Type_getSecurityCategoryMapping', None)
if mapping_method is None:
security_definition_dict = {
'ERP5Type_getSecurityCategoryFromAssignment':
self.getPortalAssignmentBaseCategoryList()
}
else:
security_definition_dict = mapping_method()
# get the person from its reference
catalog_result = self.portal_catalog(
portal_type="Person", reference=user_name)
if len(catalog_result) != 1: # we won't proceed with groups
if len(catalog_result) > 1: # configuration is screwed
raise 'ConsistencyError', 'There is more than one Person whose \
login is %s : %s' % (user_name,
repr([r.getObject() for r in catalog_result]))
else: # no person is linked to this user login
return () return ()
person_object = catalog_result[0].getObject()
person_id = person_object.getId()
# Fetch category values from defined scripts
for method_name, base_category_list in \
security_definition_dict.items():
pickled_category_list = dumps(base_category_list)
method = getattr(self, method_name)
if not security_category_dict.has_key(pickled_category_list):
security_category_dict[pickled_category_list] = []
security_category_dict[pickled_category_list].extend(
method(base_category_list, person_id, person_object, ''))
# Get group names from category values # Get group names from category values
for c_dict in category_list: group_id_generator = getattr(self, 'ERP5Type_asSecurityGroupId')
security_group_list.append(self.ERP5Type_asSecurityGroupId(category_order=base_category_list, **c_dict)) for pickled_category_list, category_value_list in \
security_category_dict.items():
LOG('erp5_groups', 0, 'user %s is member of %s' %(user_name, str(security_group_list))) base_category_list = loads(pickled_category_list)
for category_dict in category_value_list:
security_group_list.append(group_id_generator(
category_order=base_category_list, **category_dict))
return tuple(security_group_list) return tuple(security_group_list)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment