| [4111] | 1 | """Users (principals) for the WAeUP portal. |
|---|
| [4089] | 2 | """ |
|---|
| 3 | import grok |
|---|
| [6180] | 4 | from zope.event import notify |
|---|
| 5 | from zope.interface import Interface |
|---|
| 6 | from zope.securitypolicy.interfaces import IPrincipalRoleMap |
|---|
| [4920] | 7 | from waeup.sirp.authentication import Account |
|---|
| [6180] | 8 | from waeup.sirp.interfaces import IUserContainer, ILocalRoleSetEvent |
|---|
| [4089] | 9 | |
|---|
| 10 | class UserContainer(grok.Container): |
|---|
| 11 | """A container for principals. |
|---|
| 12 | |
|---|
| 13 | See interfaces.py and users.txt for extensive description. |
|---|
| 14 | """ |
|---|
| 15 | grok.implements(IUserContainer) |
|---|
| 16 | grok.require('waeup.manageUsers') |
|---|
| 17 | |
|---|
| [4634] | 18 | def addUser(self, name, password, title=None, description=None, roles=[]): |
|---|
| [4638] | 19 | """Add a new Account instance, created from parameters. |
|---|
| 20 | """ |
|---|
| [4089] | 21 | if title is None: |
|---|
| 22 | title = name |
|---|
| 23 | if description is None: |
|---|
| 24 | description = title |
|---|
| [4634] | 25 | self[name] = Account(name, password, title, description, roles) |
|---|
| [4089] | 26 | |
|---|
| 27 | def addAccount(self, account): |
|---|
| [4638] | 28 | """Add the account passed. |
|---|
| 29 | """ |
|---|
| [4089] | 30 | self[account.name] = account |
|---|
| [6180] | 31 | |
|---|
| [4089] | 32 | def delUser(self, name): |
|---|
| [4638] | 33 | """Delete user, if an account with the given name exists. |
|---|
| 34 | |
|---|
| 35 | Do not complain, if the name does not exist. |
|---|
| 36 | """ |
|---|
| [4089] | 37 | if name in self.keys(): |
|---|
| 38 | del self[name] |
|---|
| [6180] | 39 | |
|---|
| 40 | class LocalRoleSetEvent(object): |
|---|
| 41 | |
|---|
| 42 | grok.implements(ILocalRoleSetEvent) |
|---|
| 43 | |
|---|
| 44 | def __init__(self, object, role_id, principal_id, granted=True): |
|---|
| 45 | self.object = object |
|---|
| 46 | self.role_id = role_id |
|---|
| 47 | self.principal_id = principal_id |
|---|
| 48 | self.granted = granted |
|---|
| 49 | |
|---|
| 50 | @grok.subscribe(Interface, ILocalRoleSetEvent) |
|---|
| 51 | def handle_local_role_changed(obj, event): |
|---|
| 52 | site = grok.getSite() |
|---|
| 53 | if site is None: |
|---|
| 54 | return |
|---|
| [6527] | 55 | users = site.get('users', None) |
|---|
| 56 | if users is None: |
|---|
| 57 | return |
|---|
| [6180] | 58 | role_id = event.role_id |
|---|
| 59 | if event.principal_id not in users.keys(): |
|---|
| 60 | return |
|---|
| 61 | user = users[event.principal_id] |
|---|
| 62 | user.notifyLocalRoleChanged(event.object, event.role_id, event.granted) |
|---|
| 63 | return |
|---|
| 64 | |
|---|
| 65 | @grok.subscribe(Interface, grok.IObjectRemovedEvent) |
|---|
| 66 | def handle_local_roles_on_obj_removal(obj, event): |
|---|
| [6202] | 67 | try: |
|---|
| 68 | role_map = IPrincipalRoleMap(obj) |
|---|
| 69 | except TypeError: |
|---|
| 70 | # no map, no roles to remove |
|---|
| 71 | return |
|---|
| [6180] | 72 | for local_role, user_name, setting in role_map.getPrincipalsAndRoles(): |
|---|
| 73 | notify(LocalRoleSetEvent( |
|---|
| 74 | obj, local_role, user_name, granted=False)) |
|---|
| 75 | return |
|---|
