1 | """Users (principals) for the WAeUP portal. |
---|
2 | """ |
---|
3 | import grok |
---|
4 | from zope.event import notify |
---|
5 | from zope.interface import Interface |
---|
6 | from zope.securitypolicy.interfaces import IPrincipalRoleMap |
---|
7 | from waeup.sirp.authentication import Account |
---|
8 | from waeup.sirp.interfaces import IUserContainer, ILocalRoleSetEvent |
---|
9 | |
---|
10 | class UserContainer(grok.Container): |
---|
11 | """A container for principals. |
---|
12 | |
---|
13 | See interfaces.py and users.txt for extensive description. |
---|
14 | """ |
---|
15 | grok.implements(IUserContainer) |
---|
16 | grok.require('waeup.manageUsers') |
---|
17 | |
---|
18 | def addUser(self, name, password, title=None, description=None, roles=[]): |
---|
19 | """Add a new Account instance, created from parameters. |
---|
20 | """ |
---|
21 | if title is None: |
---|
22 | title = name |
---|
23 | if description is None: |
---|
24 | description = title |
---|
25 | self[name] = Account(name, password, title, description, roles) |
---|
26 | |
---|
27 | def addAccount(self, account): |
---|
28 | """Add the account passed. |
---|
29 | """ |
---|
30 | self[account.name] = account |
---|
31 | |
---|
32 | def delUser(self, name): |
---|
33 | """Delete user, if an account with the given name exists. |
---|
34 | |
---|
35 | Do not complain, if the name does not exist. |
---|
36 | """ |
---|
37 | if name in self.keys(): |
---|
38 | del self[name] |
---|
39 | |
---|
40 | class LocalRoleSetEvent(object): |
---|
41 | |
---|
42 | grok.implements(ILocalRoleSetEvent) |
---|
43 | |
---|
44 | def __init__(self, object, role_id, principal_id, granted=True): |
---|
45 | self.object = object |
---|
46 | self.role_id = role_id |
---|
47 | self.principal_id = principal_id |
---|
48 | self.granted = granted |
---|
49 | |
---|
50 | @grok.subscribe(Interface, ILocalRoleSetEvent) |
---|
51 | def handle_local_role_changed(obj, event): |
---|
52 | site = grok.getSite() |
---|
53 | if site is None: |
---|
54 | return |
---|
55 | users = site['users'] |
---|
56 | role_id = event.role_id |
---|
57 | if event.principal_id not in users.keys(): |
---|
58 | return |
---|
59 | user = users[event.principal_id] |
---|
60 | user.notifyLocalRoleChanged(event.object, event.role_id, event.granted) |
---|
61 | return |
---|
62 | |
---|
63 | @grok.subscribe(Interface, grok.IObjectRemovedEvent) |
---|
64 | def handle_local_roles_on_obj_removal(obj, event): |
---|
65 | role_map = IPrincipalRoleMap(obj) |
---|
66 | for local_role, user_name, setting in role_map.getPrincipalsAndRoles(): |
---|
67 | notify(LocalRoleSetEvent( |
---|
68 | obj, local_role, user_name, granted=False)) |
---|
69 | return |
---|