source: main/waeup.kofa/trunk/src/waeup/kofa/applicants/authentication.py @ 12067

Last change on this file since 12067 was 9335, checked in by Henrik Bettermann, 12 years ago

ApplicantAccount? can't reuse checkPassword.

Add new role and permission.

  • Property svn:keywords set to Id
File size: 4.1 KB
RevLine 
[7192]1## $Id: authentication.py 9335 2012-10-15 05:08:01Z henrik $
[7240]2##
[7192]3## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
[5431]4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
[7240]8##
[5431]9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
[7240]13##
[5431]14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
[7240]19Authenticate applicants.
20"""
[5431]21import grok
[9335]22from zope.component import getUtility
23from zope.password.interfaces import IPasswordManager
[7255]24from zope.pluggableauth.interfaces import IAuthenticatorPlugin
[7811]25from waeup.kofa.interfaces import IAuthPluginUtility, IUserAccount
26from waeup.kofa.applicants.interfaces import IApplicant
27from waeup.kofa.students.authentication import (
[7240]28    StudentAccount, StudentsAuthenticatorPlugin)
[5431]29
[7240]30class ApplicantAccount(StudentAccount):
31    """An adapter to turn applicant objects into accounts on-the-fly.
[5441]32    """
[7240]33    grok.context(IApplicant)
34    grok.implements(IUserAccount)
[5431]35
[7240]36    @property
37    def name(self):
38        return self.context.applicant_id
[5431]39
[7240]40    @property
41    def title(self):
[7364]42        return self.context.display_fullname
[5431]43
[7240]44    @property
45    def user_type(self):
46        return u'applicant'
[5441]47
[9335]48    def checkPassword(self, password):
49        """Check whether the given `password` matches the one stored by
50        students.
51
52        We additionally check if student account has been suspended.
53        """
54        if not isinstance(password, basestring):
55            return False
56        passwordmanager = getUtility(IPasswordManager, 'SSHA')
57        if not getattr(self.context, 'password', None):
58            # unset/empty passwords do never match
59            return False
60        if self.context.suspended == True:
61            return False
62        return passwordmanager.checkPassword(self.context.password, password)
63
[7240]64class ApplicantsAuthenticatorPlugin(StudentsAuthenticatorPlugin):
65    grok.implements(IAuthenticatorPlugin)
[5431]66    grok.provides(IAuthenticatorPlugin)
67    grok.name('applicants')
68
[7240]69    def getAccount(self, login):
70        """Look up a applicant identified by `login`. Returns an account.
[5909]71
[7240]72        First we split the login name into the container part and
73        the application number part. Then we simply look up the key under which
74        the applicant is stored in the respective applicants cointainer of
75        the portal.
[5909]76
[7240]77        Returns not an applicant but an account object adapted from any
78        applicant found.
[5909]79
[7240]80        If no such applicant exists, ``None`` is returned.
[5909]81        """
[7240]82        site = grok.getSite()
83        if site is None:
[5431]84            return None
[7240]85        applicantsroot = site.get('applicants', None)
86        if applicantsroot is None:
[5431]87            return None
[7240]88        try:
89            container, application_number = login.split('_')
90        except ValueError:
[5446]91            return None
[7240]92        applicantscontainer = applicantsroot.get(container,None)
93        if applicantscontainer is None:
[6409]94            return None
[7240]95        applicant = applicantscontainer.get(application_number, None)
96        if applicant is None:
[6409]97            return None
[7240]98        return IUserAccount(applicant)
[5431]99
[7235]100class ApplicantsAuthenticatorSetup(grok.GlobalUtility):
[7240]101    """Register or unregister applicant authentication for a PAU.
[5904]102
[7240]103    This piece is called when a new site is created.
[5902]104    """
[7063]105    grok.implements(IAuthPluginUtility)
[5902]106    grok.name('applicants_auth_setup')
107
108    def register(self, pau):
[7240]109        plugins = list(pau.authenticatorPlugins)
110        plugins.append('applicants')
[6661]111        pau.authenticatorPlugins = tuple(plugins)
[5903]112        return pau
113
[5902]114    def unregister(self, pau):
[7240]115        plugins = [x for x in pau.authenticatorPlugins
116                   if x != 'applicants']
117        pau.authenticatorPlugins = tuple(plugins)
[5903]118        return pau
Note: See TracBrowser for help on using the repository browser.