Commit ecf4af3a authored by Vincent Pelletier's avatar Vincent Pelletier

Use PAS API.

Allows being compatible with future, improved PAS plugin features.
Also, drop a few useless imports.
parent 1f52711a
# get the current logged user site
if user_id is None:
login = context.portal_membership.getAuthenticatedMember().getUserName()
person = context.portal_membership.getAuthenticatedMember().getUserValue()
else:
login = user_id
person_list = [x for x in context.acl_users.searchUsers(login=user_id, exact_match=True) if 'path' in x]
if person_list:
person, = person_list
person = context.getPortalObject().restrictedTraverse(person['path'])
else:
person = None
persons = context.acl_users.erp5_users.getUserByLogin(login)
if len(persons) == 0:
if person is None:
#context.log('Baobab_getUserAssignementList', 'Person %s not found' %(login))
return ""
else:
person = persons[0]
return person.getTitle()
if user_id is None:
user_id = context.portal_membership.getAuthenticatedMember().getUserName()
person_list = context.acl_users.erp5_users.getUserByLogin(user_id)
if not person_list:
person = context.portal_membership.getAuthenticatedMember().getUserValue()
else:
person_list = [x for x in context.acl_users.searchUsers(login=user_id, exact_match=True) if 'path' in x]
if person_list:
person, = person_list
person = context.getPortalObject().restrictedTraverse(person['path'])
else:
person = None
if person is None:
return None
assignment_list = person_list[0].contentValues(filter={'portal_type': 'Assignment'})
assignment_list = person.contentValues(filter={'portal_type': 'Assignment'})
if not assignment_list:
return None
valid_assignment = None
......
......@@ -2,8 +2,8 @@
"""
owner_id_list = [i[0] for i in context.get_local_roles() if 'Owner' in i[1]]
if owner_id_list:
from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(context.getPortalObject(), tuple(owner_id_list))
found_user_list = [x for x in context.acl_users.searchUsers(id=tuple(owner_id_list), exact_match=True) if 'path' in x]
if found_user_list:
return found_user_list[0].getTitle()
found_user, = found_user_list
return context.getPortalObject().restrictedTraverse(found_user['path']).getTitle()
return owner_id_list[0]
......@@ -3,9 +3,10 @@ Returns None if no corresponding person, for example when not using ERP5Security
"""
portal = context.getPortalObject()
if user_name is None:
user_name = portal.portal_membership.getAuthenticatedMember()
from Products.ERP5Security.ERP5UserManager import getUserByLogin
found_user_list = getUserByLogin(portal, str(user_name))
if len(found_user_list) == 1:
return found_user_list[0]
return portal.portal_membership.getAuthenticatedMember().getUserValue()
user_list = [x for x in portal.acl_users.searchUsers(
exact_match=True,
id=user_name,
) if 'path' in x]
if len(user_list) == 1:
return portal.restrictedTraverse(user_list[0]['path'])
......@@ -76,7 +76,6 @@ for gadget in context.portal_gadgets.objectValues():
gadget.public()
# Add a tab and a gadget for everyone
from Products.ERP5Security.ERP5UserManager import getUserByLogin
portal = context.getPortalObject()
for person in context.person_module.objectValues():
user_name = person.getReference()
......
......@@ -7,8 +7,8 @@ former_password = request.get("current_password")
password_confirm = request.get("password_confirm")
user = getSecurityManager().getUser()
persons = context.acl_users.erp5_users.getUserByLogin(user)
person = persons[0]
person, = context.acl_users.searchUsers(id=user.getUserId(), exact_match=True)
person = context.getPortalObject().restrictedTraverse(person['path'])
if not person.checkPassword(former_password):
msg = translateString("Current password is wrong.")
......
from DateTime import DateTime
from Products.ERP5Security.ERP5UserManager import getUserByLogin
person_list = getUserByLogin(context, login)
person_list = [x for x in context.acl_users.searchUsers(login=login, exact_match=True) if 'path' in x]
if not person_list:
return False, []
person = person_list[0]
person, = person_list
person = context.getPortalObject().restrictedTraverse(person['path'])
if person.getPassword(format='palo_md5') != password:
return False, []
......
......@@ -42,7 +42,7 @@ if (
destination_decision_person.getDefaultEmailText() and
destination_decision_person.getReference()
):
if len(portal.acl_users.erp5_users.getUserByLogin(source_person.getReference())):
if portal.acl_users.searchUsers(id=source_person.getReference(), exact_match=True):
message = """A new task has been assigned to you by %(assignor)s.
This task is named: %(title)s
......
......@@ -13,7 +13,7 @@ if source_person is not None \
and destination_decision_person is not None \
and destination_decision_person.getDefaultEmailText() \
and destination_decision_person.getReference():
if len(portal.acl_users.erp5_users.getUserByLogin(source_person.getReference())):
if portal.acl_users.searchUsers(id=source_person.getReference(), exact_match=True):
message = """
%s has finished the task report titled with %s.
Please look at this URL:
......
......@@ -25,7 +25,7 @@ if source_person is not None \
and destination_decision_person is not None\
and source_person.getDefaultEmailText() \
and source_person.getReference():
if len(portal.acl_users.erp5_users.getUserByLogin(source_person.getReference())):
if portal.acl_users.searchUsers(id=source_person.getReference(), exact_match=True):
message = """
A question from task has been assigned to you by %(assignor)s.
......
......@@ -13,7 +13,7 @@ if source_person is not None \
and destination_decision_person is not None\
and source_person.getDefaultEmailText() \
and source_person.getReference():
if len(portal.acl_users.erp5_users.getUserByLogin(source_person.getReference())):
if portal.acl_users.searchUsers(id=source_person.getReference(), exact_match=True):
message = """
Restarted task has been assigned to you by %(assignor)s.
......
......@@ -37,7 +37,7 @@ if 'password_confirm' in kw:
del kw['password_confirm']
#Check that user doesn't already exists
person_list = portal.acl_users.erp5_users.getUserByLogin(kw['reference'])
person_list = [x for x in portal.acl_users.searchUsers(login=kw['reference'], exact_match=True) if 'path' in x]
if person_list:
msg = translateString("This account already exists. Please provide another email address.")
kw['portal_status_message'] = msg
......
......@@ -142,16 +142,20 @@ class PasswordTool(BaseTool):
msg = None
# check user exists, and have an email
user_list = self.getPortalObject().acl_users.\
erp5_users.getUserByLogin(user_login)
user_list = [x for x in self.getPortalObject().acl_users.searchUsers(
login=user_login,
exact_match=True,
) if 'path' in x]
if len(user_list) == 0:
msg = translateString("User ${user} does not exist.",
mapping={'user':user_login})
else:
# We use checked_permission to prevent errors when trying to acquire
# email from organisation
user = user_list[0]
email_value = user.getDefaultEmailValue(
user, = user_list
user_value = self.getPortalObject().unrestrictedTraverse(
user['path'])
email_value = user_value.getDefaultEmailValue(
checked_permission='Access content information')
if email_value is None or not email_value.asText():
msg = translateString(
......@@ -200,7 +204,7 @@ class PasswordTool(BaseTool):
'language':notification_message.getLanguage(),
}
self.getPortalObject().portal_notifications.sendMessage(sender=sender, recipient=[user,],
self.getPortalObject().portal_notifications.sendMessage(sender=sender, recipient=[user_value,],
subject=subject, message=message,
store_as_event=store_as_event,
message_text_format=message_text_format,
......@@ -272,11 +276,15 @@ class PasswordTool(BaseTool):
# XXX: incorrect grammar
return error("Date has expire.")
del self._password_request_dict[password_key]
persons = self.getPortalObject().acl_users.erp5_users.getUserByLogin(
register_user_login)
person = persons[0]
person._forceSetPassword(password)
person.reindexObject()
portal = self.getPortalObject()
user_dict, = portal.acl_users.searchUsers(
login=register_user_login,
exact_match=True,
)
login_dict, = user_dict['login_list']
login = portal.unrestrictedTraverse(login_dict['path'])
login._forceSetPassword(password)
login.reindexObject()
return redirect(REQUEST, site_url,
translateString("Password changed."))
......
......@@ -53,18 +53,19 @@ def getSecurityCategoryFromAssignment(self, base_category_list, user_name, objec
category_list = []
person_object_list = self.portal_catalog.unrestrictedSearchResults(
query=SimpleQuery(reference=user_name), portal_type='Person')
if len(person_object_list) != 1:
if len(person_object_list) > 1:
raise ConsistencyError, "Error: There is more than one Person with reference '%s'" % user_name
else:
user_list = [
x for x in self.acl_users.searchUsers(
id=user_name,
exact_match=True,
) if 'path' in x
]
if not user_list:
# if a person_object was not found in the module, we do nothing more
# this happens for example when a manager with no associated person object
# creates a person_object for a new user
return []
person_object = person_object_list[0].getObject()
user, = user_list
person_object = self.getPortalObject().unrestrictedTraverse(user['path'])
# We look for every valid assignments of this user
for assignment in person_object.contentValues(filter={'portal_type': 'Assignment'}):
......
......@@ -6,8 +6,8 @@ new_password = request.get("new_password")
former_password = request.get("current_password")
user = getSecurityManager().getUser()
persons = context.acl_users.erp5_users.getUserByLogin(user)
person = persons[0]
person, = context.acl_users.searchUsers(id=user.getId(), exact_match=True)
person = context.getPortalObject().restrictedTraverse(person['path'])
if not person.checkPassword(former_password):
msg = translateString("Current password is wrong.")
......
......@@ -39,7 +39,6 @@ from AccessControl.SecurityManagement import getSecurityManager, \
setSecurityManager, newSecurityManager
from Products.ERP5Type.Cache import DEFAULT_CACHE_SCOPE
import socket
from Products.ERP5Security.ERP5UserManager import getUserByLogin
from zLOG import LOG, ERROR, INFO
try:
......@@ -181,8 +180,7 @@ class ERP5ExternalOauth2ExtractionPlugin:
self.REQUEST['USER_CREATION_IN_PROGRESS'] = user
else:
# create the user if not found
person_list = getUserByLogin(self.getPortalObject(), user)
if len(person_list) == 0:
if not self.searchUsers(id=user, exact_match=True):
sm = getSecurityManager()
if sm.getUser().getId() != SUPER_USER:
newSecurityManager(self, self.getUser(SUPER_USER))
......
......@@ -87,7 +87,7 @@ class ERP5GroupManager(BasePlugin):
return ()
@UnrestrictedMethod
def _getGroupsForPrincipal(user_name, path):
def _getGroupsForPrincipal(user_id, path):
security_category_dict = {} # key is the base_category_list,
# value is the list of fetched categories
security_group_list = []
......@@ -117,17 +117,15 @@ class ERP5GroupManager(BasePlugin):
else:
security_definition_list = mapping_method()
# get the person from its reference - no security check needed
catalog_result = self.portal_catalog.unrestrictedSearchResults(
portal_type="Person", query=SimpleQuery(reference=user_name))
if len(catalog_result) != 1: # we won't proceed with groups
if len(catalog_result) > 1: # configuration is screwed
raise ConsistencyError, 'There is more than one Person whose \
login is %s : %s' % (user_name,
repr([r.getObject() for r in catalog_result]))
else: # no person is linked to this user login
# get the person from its login - no security check needed
user_list = [
x for x in self.searchUsers(id=user_id, exact_match=True)
if 'path' in x
]
if not user_list:
return ()
person_object = catalog_result[0].getObject()
user, = user_list
person_object = self.getPortalObject().unrestrictedTraverse(user['path'])
# Fetch category values from defined scripts
for (method_name, base_category_list) in security_definition_list:
......@@ -141,7 +139,7 @@ class ERP5GroupManager(BasePlugin):
# Currently, passing portal_type='' (instead of 'Person')
# is the only way to make the difference.
security_category_list.extend(
method(base_category_list, user_name, person_object, '')
method(base_category_list, user_id, person_object, '')
)
except ConflictError:
raise
......@@ -184,7 +182,7 @@ class ERP5GroupManager(BasePlugin):
cache_factory='erp5_content_short')
return _getGroupsForPrincipal(
user_name=principal.getId(),
user_id=principal.getId(),
path=self.getPhysicalPath())
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment