[7192] | 1 | ## $Id: authentication.py 9335 2012-10-15 05:08:01Z henrik $ |
---|
[7240] | 2 | ## |
---|
[7192] | 3 | ## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann |
---|
[5431] | 4 | ## This program is free software; you can redistribute it and/or modify |
---|
| 5 | ## it under the terms of the GNU General Public License as published by |
---|
| 6 | ## the Free Software Foundation; either version 2 of the License, or |
---|
| 7 | ## (at your option) any later version. |
---|
[7240] | 8 | ## |
---|
[5431] | 9 | ## This program is distributed in the hope that it will be useful, |
---|
| 10 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 11 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 12 | ## GNU General Public License for more details. |
---|
[7240] | 13 | ## |
---|
[5431] | 14 | ## You should have received a copy of the GNU General Public License |
---|
| 15 | ## along with this program; if not, write to the Free Software |
---|
| 16 | ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
---|
| 17 | ## |
---|
| 18 | """ |
---|
[7240] | 19 | Authenticate applicants. |
---|
| 20 | """ |
---|
[5431] | 21 | import grok |
---|
[9335] | 22 | from zope.component import getUtility |
---|
| 23 | from zope.password.interfaces import IPasswordManager |
---|
[7255] | 24 | from zope.pluggableauth.interfaces import IAuthenticatorPlugin |
---|
[7811] | 25 | from waeup.kofa.interfaces import IAuthPluginUtility, IUserAccount |
---|
| 26 | from waeup.kofa.applicants.interfaces import IApplicant |
---|
| 27 | from waeup.kofa.students.authentication import ( |
---|
[7240] | 28 | StudentAccount, StudentsAuthenticatorPlugin) |
---|
[5431] | 29 | |
---|
[7240] | 30 | class ApplicantAccount(StudentAccount): |
---|
| 31 | """An adapter to turn applicant objects into accounts on-the-fly. |
---|
[5441] | 32 | """ |
---|
[7240] | 33 | grok.context(IApplicant) |
---|
| 34 | grok.implements(IUserAccount) |
---|
[5431] | 35 | |
---|
[7240] | 36 | @property |
---|
| 37 | def name(self): |
---|
| 38 | return self.context.applicant_id |
---|
[5431] | 39 | |
---|
[7240] | 40 | @property |
---|
| 41 | def title(self): |
---|
[7364] | 42 | return self.context.display_fullname |
---|
[5431] | 43 | |
---|
[7240] | 44 | @property |
---|
| 45 | def user_type(self): |
---|
| 46 | return u'applicant' |
---|
[5441] | 47 | |
---|
[9335] | 48 | def checkPassword(self, password): |
---|
| 49 | """Check whether the given `password` matches the one stored by |
---|
| 50 | students. |
---|
| 51 | |
---|
| 52 | We additionally check if student account has been suspended. |
---|
| 53 | """ |
---|
| 54 | if not isinstance(password, basestring): |
---|
| 55 | return False |
---|
| 56 | passwordmanager = getUtility(IPasswordManager, 'SSHA') |
---|
| 57 | if not getattr(self.context, 'password', None): |
---|
| 58 | # unset/empty passwords do never match |
---|
| 59 | return False |
---|
| 60 | if self.context.suspended == True: |
---|
| 61 | return False |
---|
| 62 | return passwordmanager.checkPassword(self.context.password, password) |
---|
| 63 | |
---|
[7240] | 64 | class ApplicantsAuthenticatorPlugin(StudentsAuthenticatorPlugin): |
---|
| 65 | grok.implements(IAuthenticatorPlugin) |
---|
[5431] | 66 | grok.provides(IAuthenticatorPlugin) |
---|
| 67 | grok.name('applicants') |
---|
| 68 | |
---|
[7240] | 69 | def getAccount(self, login): |
---|
| 70 | """Look up a applicant identified by `login`. Returns an account. |
---|
[5909] | 71 | |
---|
[7240] | 72 | First we split the login name into the container part and |
---|
| 73 | the application number part. Then we simply look up the key under which |
---|
| 74 | the applicant is stored in the respective applicants cointainer of |
---|
| 75 | the portal. |
---|
[5909] | 76 | |
---|
[7240] | 77 | Returns not an applicant but an account object adapted from any |
---|
| 78 | applicant found. |
---|
[5909] | 79 | |
---|
[7240] | 80 | If no such applicant exists, ``None`` is returned. |
---|
[5909] | 81 | """ |
---|
[7240] | 82 | site = grok.getSite() |
---|
| 83 | if site is None: |
---|
[5431] | 84 | return None |
---|
[7240] | 85 | applicantsroot = site.get('applicants', None) |
---|
| 86 | if applicantsroot is None: |
---|
[5431] | 87 | return None |
---|
[7240] | 88 | try: |
---|
| 89 | container, application_number = login.split('_') |
---|
| 90 | except ValueError: |
---|
[5446] | 91 | return None |
---|
[7240] | 92 | applicantscontainer = applicantsroot.get(container,None) |
---|
| 93 | if applicantscontainer is None: |
---|
[6409] | 94 | return None |
---|
[7240] | 95 | applicant = applicantscontainer.get(application_number, None) |
---|
| 96 | if applicant is None: |
---|
[6409] | 97 | return None |
---|
[7240] | 98 | return IUserAccount(applicant) |
---|
[5431] | 99 | |
---|
[7235] | 100 | class ApplicantsAuthenticatorSetup(grok.GlobalUtility): |
---|
[7240] | 101 | """Register or unregister applicant authentication for a PAU. |
---|
[5904] | 102 | |
---|
[7240] | 103 | This piece is called when a new site is created. |
---|
[5902] | 104 | """ |
---|
[7063] | 105 | grok.implements(IAuthPluginUtility) |
---|
[5902] | 106 | grok.name('applicants_auth_setup') |
---|
| 107 | |
---|
| 108 | def register(self, pau): |
---|
[7240] | 109 | plugins = list(pau.authenticatorPlugins) |
---|
| 110 | plugins.append('applicants') |
---|
[6661] | 111 | pau.authenticatorPlugins = tuple(plugins) |
---|
[5903] | 112 | return pau |
---|
| 113 | |
---|
[5902] | 114 | def unregister(self, pau): |
---|
[7240] | 115 | plugins = [x for x in pau.authenticatorPlugins |
---|
| 116 | if x != 'applicants'] |
---|
| 117 | pau.authenticatorPlugins = tuple(plugins) |
---|
[5903] | 118 | return pau |
---|