From c0d09e625589ebc0fba763962888076d53fc4d84 Mon Sep 17 00:00:00 2001
From: Rafael Monnerat <rafael@nexedi.com>
Date: Thu, 21 Apr 2022 00:17:59 +0000
Subject: [PATCH] erp5_oauth_*_login: Make [Google|Facebook|Certificate] Login
comply with authentication Policy
Since it isn't managed by ERP5 this login document should never be blocked or Expired from Authentication Policy perspective.
---
.../CertificateLogin_isLoginBlocked.py | 4 ++
.../CertificateLogin_isLoginBlocked.xml | 62 +++++++++++++++++++
.../CertificateLogin_isPasswordExpired.py | 4 ++
.../CertificateLogin_isPasswordExpired.xml | 62 +++++++++++++++++++
.../FacebookLogin_isLoginBlocked.py | 4 ++
.../FacebookLogin_isLoginBlocked.xml | 62 +++++++++++++++++++
.../FacebookLogin_isPasswordExpired.py | 4 ++
.../FacebookLogin_isPasswordExpired.xml | 62 +++++++++++++++++++
.../GoogleLogin_isLoginBlocked.py | 4 ++
.../GoogleLogin_isLoginBlocked.xml | 62 +++++++++++++++++++
.../GoogleLogin_isPasswordExpired.py | 4 ++
.../GoogleLogin_isPasswordExpired.xml | 62 +++++++++++++++++++
12 files changed, 396 insertions(+)
create mode 100644 bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.py
create mode 100644 bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.xml
create mode 100644 bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.py
create mode 100644 bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.xml
create mode 100644 bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.py
create mode 100644 bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.xml
create mode 100644 bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.py
create mode 100644 bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.xml
create mode 100644 bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.py
create mode 100644 bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.xml
create mode 100644 bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.py
create mode 100644 bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.xml
diff --git a/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.py b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.py
new file mode 100644
index 0000000000..3acb6ff8fa
--- /dev/null
+++ b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.py
@@ -0,0 +1,4 @@
+"""
+ Certificate Login isn't controlled by ERP5 itself
+"""
+return False
diff --git a/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.xml b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.xml
new file mode 100644
index 0000000000..250af9a851
--- /dev/null
+++ b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isLoginBlocked.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<ZopeData>
+ <record id="1" aka="AAAAAAAAAAE=">
+ <pickle>
+ <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+ </pickle>
+ <pickle>
+ <dictionary>
+ <item>
+ <key> <string>Script_magic</string> </key>
+ <value> <int>3</int> </value>
+ </item>
+ <item>
+ <key> <string>_bind_names</string> </key>
+ <value>
+ <object>
+ <klass>
+ <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+ </klass>
+ <tuple/>
+ <state>
+ <dictionary>
+ <item>
+ <key> <string>_asgns</string> </key>
+ <value>
+ <dictionary>
+ <item>
+ <key> <string>name_container</string> </key>
+ <value> <string>container</string> </value>
+ </item>
+ <item>
+ <key> <string>name_context</string> </key>
+ <value> <string>context</string> </value>
+ </item>
+ <item>
+ <key> <string>name_m_self</string> </key>
+ <value> <string>script</string> </value>
+ </item>
+ <item>
+ <key> <string>name_subpath</string> </key>
+ <value> <string>traverse_subpath</string> </value>
+ </item>
+ </dictionary>
+ </value>
+ </item>
+ </dictionary>
+ </state>
+ </object>
+ </value>
+ </item>
+ <item>
+ <key> <string>_params</string> </key>
+ <value> <string></string> </value>
+ </item>
+ <item>
+ <key> <string>id</string> </key>
+ <value> <string>CertificateLogin_isLoginBlocked</string> </value>
+ </item>
+ </dictionary>
+ </pickle>
+ </record>
+</ZopeData>
diff --git a/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.py b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.py
new file mode 100644
index 0000000000..3acb6ff8fa
--- /dev/null
+++ b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.py
@@ -0,0 +1,4 @@
+"""
+ Certificate Login isn't controlled by ERP5 itself
+"""
+return False
diff --git a/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.xml b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.xml
new file mode 100644
index 0000000000..852b3d0187
--- /dev/null
+++ b/bt5/erp5_certificate_authority/SkinTemplateItem/portal_skins/erp5_certificate_authority/CertificateLogin_isPasswordExpired.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<ZopeData>
+ <record id="1" aka="AAAAAAAAAAE=">
+ <pickle>
+ <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+ </pickle>
+ <pickle>
+ <dictionary>
+ <item>
+ <key> <string>Script_magic</string> </key>
+ <value> <int>3</int> </value>
+ </item>
+ <item>
+ <key> <string>_bind_names</string> </key>
+ <value>
+ <object>
+ <klass>
+ <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+ </klass>
+ <tuple/>
+ <state>
+ <dictionary>
+ <item>
+ <key> <string>_asgns</string> </key>
+ <value>
+ <dictionary>
+ <item>
+ <key> <string>name_container</string> </key>
+ <value> <string>container</string> </value>
+ </item>
+ <item>
+ <key> <string>name_context</string> </key>
+ <value> <string>context</string> </value>
+ </item>
+ <item>
+ <key> <string>name_m_self</string> </key>
+ <value> <string>script</string> </value>
+ </item>
+ <item>
+ <key> <string>name_subpath</string> </key>
+ <value> <string>traverse_subpath</string> </value>
+ </item>
+ </dictionary>
+ </value>
+ </item>
+ </dictionary>
+ </state>
+ </object>
+ </value>
+ </item>
+ <item>
+ <key> <string>_params</string> </key>
+ <value> <string></string> </value>
+ </item>
+ <item>
+ <key> <string>id</string> </key>
+ <value> <string>CertificateLogin_isPasswordExpired</string> </value>
+ </item>
+ </dictionary>
+ </pickle>
+ </record>
+</ZopeData>
diff --git a/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.py b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.py
new file mode 100644
index 0000000000..8564029a45
--- /dev/null
+++ b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.py
@@ -0,0 +1,4 @@
+"""
+ Facebook Login isn't controlled by ERP5 itself
+"""
+return False
diff --git a/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.xml b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.xml
new file mode 100644
index 0000000000..ede707c956
--- /dev/null
+++ b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isLoginBlocked.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<ZopeData>
+ <record id="1" aka="AAAAAAAAAAE=">
+ <pickle>
+ <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+ </pickle>
+ <pickle>
+ <dictionary>
+ <item>
+ <key> <string>Script_magic</string> </key>
+ <value> <int>3</int> </value>
+ </item>
+ <item>
+ <key> <string>_bind_names</string> </key>
+ <value>
+ <object>
+ <klass>
+ <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+ </klass>
+ <tuple/>
+ <state>
+ <dictionary>
+ <item>
+ <key> <string>_asgns</string> </key>
+ <value>
+ <dictionary>
+ <item>
+ <key> <string>name_container</string> </key>
+ <value> <string>container</string> </value>
+ </item>
+ <item>
+ <key> <string>name_context</string> </key>
+ <value> <string>context</string> </value>
+ </item>
+ <item>
+ <key> <string>name_m_self</string> </key>
+ <value> <string>script</string> </value>
+ </item>
+ <item>
+ <key> <string>name_subpath</string> </key>
+ <value> <string>traverse_subpath</string> </value>
+ </item>
+ </dictionary>
+ </value>
+ </item>
+ </dictionary>
+ </state>
+ </object>
+ </value>
+ </item>
+ <item>
+ <key> <string>_params</string> </key>
+ <value> <string></string> </value>
+ </item>
+ <item>
+ <key> <string>id</string> </key>
+ <value> <string>FacebookLogin_isLoginBlocked</string> </value>
+ </item>
+ </dictionary>
+ </pickle>
+ </record>
+</ZopeData>
diff --git a/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.py b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.py
new file mode 100644
index 0000000000..8564029a45
--- /dev/null
+++ b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.py
@@ -0,0 +1,4 @@
+"""
+ Facebook Login isn't controlled by ERP5 itself
+"""
+return False
diff --git a/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.xml b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.xml
new file mode 100644
index 0000000000..c18f5701c9
--- /dev/null
+++ b/bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookLogin_isPasswordExpired.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<ZopeData>
+ <record id="1" aka="AAAAAAAAAAE=">
+ <pickle>
+ <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+ </pickle>
+ <pickle>
+ <dictionary>
+ <item>
+ <key> <string>Script_magic</string> </key>
+ <value> <int>3</int> </value>
+ </item>
+ <item>
+ <key> <string>_bind_names</string> </key>
+ <value>
+ <object>
+ <klass>
+ <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+ </klass>
+ <tuple/>
+ <state>
+ <dictionary>
+ <item>
+ <key> <string>_asgns</string> </key>
+ <value>
+ <dictionary>
+ <item>
+ <key> <string>name_container</string> </key>
+ <value> <string>container</string> </value>
+ </item>
+ <item>
+ <key> <string>name_context</string> </key>
+ <value> <string>context</string> </value>
+ </item>
+ <item>
+ <key> <string>name_m_self</string> </key>
+ <value> <string>script</string> </value>
+ </item>
+ <item>
+ <key> <string>name_subpath</string> </key>
+ <value> <string>traverse_subpath</string> </value>
+ </item>
+ </dictionary>
+ </value>
+ </item>
+ </dictionary>
+ </state>
+ </object>
+ </value>
+ </item>
+ <item>
+ <key> <string>_params</string> </key>
+ <value> <string></string> </value>
+ </item>
+ <item>
+ <key> <string>id</string> </key>
+ <value> <string>FacebookLogin_isPasswordExpired</string> </value>
+ </item>
+ </dictionary>
+ </pickle>
+ </record>
+</ZopeData>
diff --git a/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.py b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.py
new file mode 100644
index 0000000000..9733e00ebb
--- /dev/null
+++ b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.py
@@ -0,0 +1,4 @@
+"""
+ Google Login isn't controlled by ERP5 itself
+"""
+return False
diff --git a/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.xml b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.xml
new file mode 100644
index 0000000000..61dcdbf9d0
--- /dev/null
+++ b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isLoginBlocked.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<ZopeData>
+ <record id="1" aka="AAAAAAAAAAE=">
+ <pickle>
+ <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+ </pickle>
+ <pickle>
+ <dictionary>
+ <item>
+ <key> <string>Script_magic</string> </key>
+ <value> <int>3</int> </value>
+ </item>
+ <item>
+ <key> <string>_bind_names</string> </key>
+ <value>
+ <object>
+ <klass>
+ <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+ </klass>
+ <tuple/>
+ <state>
+ <dictionary>
+ <item>
+ <key> <string>_asgns</string> </key>
+ <value>
+ <dictionary>
+ <item>
+ <key> <string>name_container</string> </key>
+ <value> <string>container</string> </value>
+ </item>
+ <item>
+ <key> <string>name_context</string> </key>
+ <value> <string>context</string> </value>
+ </item>
+ <item>
+ <key> <string>name_m_self</string> </key>
+ <value> <string>script</string> </value>
+ </item>
+ <item>
+ <key> <string>name_subpath</string> </key>
+ <value> <string>traverse_subpath</string> </value>
+ </item>
+ </dictionary>
+ </value>
+ </item>
+ </dictionary>
+ </state>
+ </object>
+ </value>
+ </item>
+ <item>
+ <key> <string>_params</string> </key>
+ <value> <string></string> </value>
+ </item>
+ <item>
+ <key> <string>id</string> </key>
+ <value> <string>GoogleLogin_isLoginBlocked</string> </value>
+ </item>
+ </dictionary>
+ </pickle>
+ </record>
+</ZopeData>
diff --git a/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.py b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.py
new file mode 100644
index 0000000000..9733e00ebb
--- /dev/null
+++ b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.py
@@ -0,0 +1,4 @@
+"""
+ Google Login isn't controlled by ERP5 itself
+"""
+return False
diff --git a/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.xml b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.xml
new file mode 100644
index 0000000000..f266188e2d
--- /dev/null
+++ b/bt5/erp5_oauth_google_login/SkinTemplateItem/portal_skins/erp5_oauth_google_login/GoogleLogin_isPasswordExpired.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<ZopeData>
+ <record id="1" aka="AAAAAAAAAAE=">
+ <pickle>
+ <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+ </pickle>
+ <pickle>
+ <dictionary>
+ <item>
+ <key> <string>Script_magic</string> </key>
+ <value> <int>3</int> </value>
+ </item>
+ <item>
+ <key> <string>_bind_names</string> </key>
+ <value>
+ <object>
+ <klass>
+ <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+ </klass>
+ <tuple/>
+ <state>
+ <dictionary>
+ <item>
+ <key> <string>_asgns</string> </key>
+ <value>
+ <dictionary>
+ <item>
+ <key> <string>name_container</string> </key>
+ <value> <string>container</string> </value>
+ </item>
+ <item>
+ <key> <string>name_context</string> </key>
+ <value> <string>context</string> </value>
+ </item>
+ <item>
+ <key> <string>name_m_self</string> </key>
+ <value> <string>script</string> </value>
+ </item>
+ <item>
+ <key> <string>name_subpath</string> </key>
+ <value> <string>traverse_subpath</string> </value>
+ </item>
+ </dictionary>
+ </value>
+ </item>
+ </dictionary>
+ </state>
+ </object>
+ </value>
+ </item>
+ <item>
+ <key> <string>_params</string> </key>
+ <value> <string></string> </value>
+ </item>
+ <item>
+ <key> <string>id</string> </key>
+ <value> <string>GoogleLogin_isPasswordExpired</string> </value>
+ </item>
+ </dictionary>
+ </pickle>
+ </record>
+</ZopeData>
--
2.30.9