Commit 7b625d75 authored by matt@zope.com's avatar matt@zope.com

Change for 2.5 for user local role lists. acl_user folders now support a

maxlistusers property (managed from user folder properties tab) which
limits the number of roles that rolemanager's get_valid_users will return
before raising an OverflowError.  The DTML for listLocalRoles will insert a
text box for user id entry if OverflowError is raised.
parent 9e98c1f2
......@@ -84,7 +84,7 @@
##############################################################################
"""Access control support"""
__version__='$Revision: 1.50 $'[11:-2]
__version__='$Revision: 1.51 $'[11:-2]
from Globals import DTMLFile, MessageDialog, Dictionary
......@@ -96,6 +96,8 @@ from App.Common import aq_base
ListType=type([])
DEFAULTMAXLISTUSERS=250
def _isBeingUsedAsAMethod(self):
return aq_get(self, '_isBeingUsedAsAMethod_', 0)
......@@ -374,14 +376,24 @@ class RoleManager(ExtensionClass.Base, PermissionMapping.RoleManager):
def get_valid_userids(self):
item=self
dict={}
_notfound = []
while 1:
if hasattr(aq_base(item), 'acl_users') and \
hasattr(item.acl_users, 'user_names'):
for name in item.acl_users.user_names():
dict[name]=1
if not hasattr(item, 'aq_parent'):
aclu = getattr(aq_base(item), 'acl_users', _notfound)
if aclu is not _notfound:
mlu = getattr(aclu, 'maxlistusers', _notfound)
if type(mlu) != type(1): mlu = DEFAULTMAXLISTUSERS
if mlu < 0: raise OverflowError
un = getattr(aclu, 'user_names', _notfound)
if un is not _notfound:
unl = un()
# maxlistusers of 0 is list all
if len(unl) > mlu and mlu != 0:
raise OverflowError
for name in un():
dict[name]=1
item = getattr(item, 'aq_parent', _notfound)
if item is _notfound:
break
item=item.aq_parent
keys=dict.keys()
keys.sort()
return tuple(keys)
......
......@@ -84,7 +84,7 @@
##############################################################################
"""Access control package"""
__version__='$Revision: 1.157 $'[11:-2]
__version__='$Revision: 1.158 $'[11:-2]
import Globals, socket, SpecialUsers,re
import os
......@@ -95,7 +95,7 @@ from Acquisition import Implicit
from OFS.SimpleItem import Item
from base64 import decodestring
from App.ImageFile import ImageFile
from Role import RoleManager
from Role import RoleManager, DEFAULTMAXLISTUSERS
from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn
import AuthEncoding
from AccessControl import getSecurityManager, Unauthorized
......@@ -479,6 +479,7 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
isPrincipiaFolderish=1
isAUserFolder=1
maxlistusers = DEFAULTMAXLISTUSERS
encrypt_passwords = 0
......@@ -795,11 +796,17 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
management_view='Properties')
def manage_setUserFolderProperties(self, encrypt_passwords=0,
update_passwords=0, REQUEST=None):
update_passwords=0,
maxlistusers=DEFAULTMAXLISTUSERS,
REQUEST=None):
"""
Sets the properties of the user folder.
"""
self.encrypt_passwords = not not encrypt_passwords
try:
self.maxlistusers = int(maxlistusers)
except ValueError:
self.maxlistusers = DEFAULTMAXLISTUSERS
if encrypt_passwords and update_passwords:
changed = 0
for u in self.getUsers():
......
......@@ -74,12 +74,18 @@ roles that should be given to that user from the <em>Roles</em> list.
<tr>
<td align="left" valign="top">
<div class="form-element">
<dtml-try>
<select name="userid" size="5">
<dtml-in get_valid_userids>
<option value="<dtml-var sequence-item html_quote>"><dtml-var
sequence-item></option>
</dtml-in>
</select>
<dtml-except OverflowError>
<input name="userid" size=10>
</dtml-try>
</div>
</td>
<td align="left" valign="top">
......
......@@ -17,6 +17,14 @@
</dtml-let>
</td>
</tr>
<tr>
<td align="left" valign="center" class="form-label">
Role assignment presents search dialog when more users than N (-1 is always, 0 is never).
</td>
<td align="left" valign="center" class="form-element">
<input type=text name="maxlistusers" value="&dtml.missing-maxlistusers;" size=3>
</td>
</tr>
</table>
......
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
"""User folder tests
"""
__rcs_id__='$Id: testUserFolder.py,v 1.2 2001/10/02 16:16:25 matt Exp $'
__version__='$Revision: 1.2 $'[11:-2]
import os, sys
execfile(os.path.join(sys.path[0], 'framework.py'))
import ZODB
from DocumentTemplate import HTML
from DocumentTemplate.tests.testDTML import DTMLTests
from Products.PythonScripts.standard import DTML
from AccessControl import User, Unauthorized
from AccessControl.User import BasicUserFolder
from ExtensionClass import Base
class SecurityTests (DTMLTests):
def testMaxListUsers(self):
# create a folder-ish thing which contains a roleManager,
# then put an acl_users object into the folde-ish thing
class Folderish(BasicUserFolder):
def __init__(self, size, count):
self.maxlistusers = size
self.users = []
self.acl_users = self
for i in xrange(count):
self.users.append("Nobody")
def getUsers(self):
return self.users
def user_names(self):
return self.getUsers()
tinyFolderOver = Folderish(15, 20)
tinyFolderUnder = Folderish(15, 10)
assert tinyFolderOver.maxlistusers == 15
assert tinyFolderUnder.maxlistusers == 15
assert len(tinyFolderOver.user_names()) == 20
assert len(tinyFolderUnder.user_names()) == 10
try:
list = tinyFolderOver.get_valid_userids()
assert 0, "Did not raise overflow error"
except OverflowError:
pass
try:
list = tinyFolderUnder.get_valid_userids()
pass
except OverflowError:
assert 0, "Raised overflow error erroneously"
framework()
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment