source: main/waeup.sirp/trunk/src/waeup/sirp/users.py @ 7167

Last change on this file since 7167 was 7163, checked in by Henrik Bettermann, 13 years ago

Users must own their own account object in order to edit edit. Therefore we need a local owner role and an event handler which assigns the local role after user creation.
  • Property svn:keywords set to Id
File size: 2.9 KB
RevLine 
[4111]1"""Users (principals) for the WAeUP portal.
[4089]2"""
3import grok
[6180]4from zope.event import notify
5from zope.interface import Interface
[7163]6from zope.securitypolicy.interfaces import (
7    IPrincipalRoleMap, IPrincipalRoleManager)
[4920]8from waeup.sirp.authentication import Account
[7163]9from waeup.sirp.interfaces import (
10    IUserContainer, ILocalRoleSetEvent, IUserAccount)
[4089]11
12class UserContainer(grok.Container):
13    """A container for principals.
14
15    See interfaces.py and users.txt for extensive description.
16    """
17    grok.implements(IUserContainer)
18    grok.require('waeup.manageUsers')
19
[4634]20    def addUser(self, name, password, title=None, description=None, roles=[]):
[4638]21        """Add a new Account instance, created from parameters.
22        """
[4089]23        if title is None:
24            title = name
25        if description is None:
26            description = title
[4634]27        self[name] = Account(name, password, title, description, roles)
[4089]28
29    def addAccount(self, account):
[4638]30        """Add the account passed.
31        """
[4089]32        self[account.name] = account
[6180]33
[4089]34    def delUser(self, name):
[4638]35        """Delete user, if an account with the given name exists.
36
37        Do not complain, if the name does not exist.
38        """
[4089]39        if name in self.keys():
40            del self[name]
[6180]41
42class LocalRoleSetEvent(object):
43
44    grok.implements(ILocalRoleSetEvent)
45
46    def __init__(self, object, role_id, principal_id, granted=True):
47        self.object = object
48        self.role_id = role_id
49        self.principal_id = principal_id
50        self.granted = granted
51
52@grok.subscribe(Interface, ILocalRoleSetEvent)
53def handle_local_role_changed(obj, event):
54    site = grok.getSite()
55    if site is None:
56        return
[6527]57    users = site.get('users', None)
58    if users is None:
59        return
[6180]60    role_id = event.role_id
61    if event.principal_id not in users.keys():
62        return
63    user = users[event.principal_id]
64    user.notifyLocalRoleChanged(event.object, event.role_id, event.granted)
65    return
66
67@grok.subscribe(Interface, grok.IObjectRemovedEvent)
[6839]68def handle_local_roles_on_obj_removed(obj, event):
[6202]69    try:
70        role_map = IPrincipalRoleMap(obj)
71    except TypeError:
72        # no map, no roles to remove
73        return
[6180]74    for local_role, user_name, setting in role_map.getPrincipalsAndRoles():
75        notify(LocalRoleSetEvent(
76                obj, local_role, user_name, granted=False))
77    return
[7163]78
79@grok.subscribe(IUserAccount, grok.IObjectAddedEvent)
80def handle_user_added(account, event):
81    """If an account is added the local owner role must be set.
82    """
83    # First we have to set the local owner role of the account object
84    role_manager = IPrincipalRoleManager(account)
85    role_manager.assignRoleToPrincipal(
86        'waeup.local.Owner', account.name)
87    # Then we have to notify the user account that the local role
88    # of the same object has changed
89    notify(LocalRoleSetEvent(
90        account, 'waeup.local.Owner', account.name, granted=True))
91    return
Note: See TracBrowser for help on using the repository browser.