source: main/waeup.kofa/trunk/src/waeup/kofa/applicants/authentication.py @ 16176

Last change on this file since 16176 was 13394, checked in by Henrik Bettermann, 9 years ago

Implement portal maintenance mode.

  • Property svn:keywords set to Id
File size: 4.3 KB
RevLine 
[7192]1## $Id: authentication.py 13394 2015-11-06 05:43:37Z henrik $
[7240]2##
[7192]3## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
[5431]4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
[7240]8##
[5431]9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
[7240]13##
[5431]14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
[7240]19Authenticate applicants.
20"""
[5431]21import grok
[9335]22from zope.component import getUtility
23from zope.password.interfaces import IPasswordManager
[7255]24from zope.pluggableauth.interfaces import IAuthenticatorPlugin
[7811]25from waeup.kofa.interfaces import IAuthPluginUtility, IUserAccount
26from waeup.kofa.applicants.interfaces import IApplicant
27from waeup.kofa.students.authentication import (
[7240]28    StudentAccount, StudentsAuthenticatorPlugin)
[5431]29
[7240]30class ApplicantAccount(StudentAccount):
31    """An adapter to turn applicant objects into accounts on-the-fly.
[5441]32    """
[7240]33    grok.context(IApplicant)
34    grok.implements(IUserAccount)
[5431]35
[7240]36    @property
37    def name(self):
38        return self.context.applicant_id
[5431]39
[7240]40    @property
41    def title(self):
[7364]42        return self.context.display_fullname
[5431]43
[7240]44    @property
45    def user_type(self):
46        return u'applicant'
[5441]47
[9335]48    def checkPassword(self, password):
49        """Check whether the given `password` matches the one stored by
[13394]50        students. We additionally check if applicant account has been suspended
51        or if the portal is blocked.
[9335]52        """
[13394]53        try:
54            blocker = grok.getSite()['configuration'].maintmode_enabled_by
55            if blocker:
56                return False
57        except TypeError:  # in unit tests
58            pass
[9335]59        if not isinstance(password, basestring):
60            return False
61        passwordmanager = getUtility(IPasswordManager, 'SSHA')
62        if not getattr(self.context, 'password', None):
63            # unset/empty passwords do never match
64            return False
65        if self.context.suspended == True:
66            return False
67        return passwordmanager.checkPassword(self.context.password, password)
68
[7240]69class ApplicantsAuthenticatorPlugin(StudentsAuthenticatorPlugin):
70    grok.implements(IAuthenticatorPlugin)
[5431]71    grok.provides(IAuthenticatorPlugin)
72    grok.name('applicants')
73
[7240]74    def getAccount(self, login):
75        """Look up a applicant identified by `login`. Returns an account.
[5909]76
[7240]77        First we split the login name into the container part and
78        the application number part. Then we simply look up the key under which
79        the applicant is stored in the respective applicants cointainer of
80        the portal.
[5909]81
[7240]82        Returns not an applicant but an account object adapted from any
83        applicant found.
[5909]84
[7240]85        If no such applicant exists, ``None`` is returned.
[5909]86        """
[7240]87        site = grok.getSite()
88        if site is None:
[5431]89            return None
[7240]90        applicantsroot = site.get('applicants', None)
91        if applicantsroot is None:
[5431]92            return None
[7240]93        try:
94            container, application_number = login.split('_')
95        except ValueError:
[5446]96            return None
[7240]97        applicantscontainer = applicantsroot.get(container,None)
98        if applicantscontainer is None:
[6409]99            return None
[7240]100        applicant = applicantscontainer.get(application_number, None)
101        if applicant is None:
[6409]102            return None
[7240]103        return IUserAccount(applicant)
[5431]104
[7235]105class ApplicantsAuthenticatorSetup(grok.GlobalUtility):
[7240]106    """Register or unregister applicant authentication for a PAU.
[5904]107
[7240]108    This piece is called when a new site is created.
[5902]109    """
[7063]110    grok.implements(IAuthPluginUtility)
[5902]111    grok.name('applicants_auth_setup')
112
113    def register(self, pau):
[7240]114        plugins = list(pau.authenticatorPlugins)
115        plugins.append('applicants')
[6661]116        pau.authenticatorPlugins = tuple(plugins)
[5903]117        return pau
118
[5902]119    def unregister(self, pau):
[7240]120        plugins = [x for x in pau.authenticatorPlugins
121                   if x != 'applicants']
122        pau.authenticatorPlugins = tuple(plugins)
[5903]123        return pau
Note: See TracBrowser for help on using the repository browser.