Ignore:
Timestamp:
12 May 2015, 15:19:10 (10 years ago)
Author:
Henrik Bettermann
Message:

Enable temporary suspension of officer accounts. Plugins must be updated after restart.

Location:
main/waeup.kofa/trunk/src/waeup/kofa
Files:
8 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/trunk/src/waeup/kofa/app.py

    r12476 r12926  
    8181        """Lookup all plugins and call their `update()` method.
    8282        """
    83         # XXX: TBD: Remove update() in all plugins but documents
     83        # XXX: TBD: Remove update() in all plugins but documents and users
    8484        getUtility(IKofaPluggable, name='documents').update(
     85            self, 'documents', self.logger)
     86        getUtility(IKofaPluggable, name='users').update(
    8587            self, 'documents', self.logger)
    8688        return

  • main/waeup.kofa/trunk/src/waeup/kofa/authentication.py

    r12869 r12926  
    210210        self.phone = phone
    211211        self.public_name = public_name
     212        self.suspended = False
    212213        self.setPassword(password)
    213214        self.setSiteRolesForPrincipal(roles)
     
    226227        if not self.password:
    227228            # unset/empty passwords do never match
     229            return False
     230        if self.suspended == True:
    228231            return False
    229232        passwordmanager = getUtility(IPasswordManager, 'SSHA')

  • main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py

    r12919 r12926  
    333333                                   type='warning')
    334334                    return
     335            # Display appropriate flash message if credentials are correct
     336            # but officer has been deactivated.
     337            login = self.request.form['form.login']
     338            if login in grok.getSite()['users']:
     339                user = grok.getSite()['users'][login]
     340                password = self.request.form['form.password']
     341                passwordmanager = getUtility(IPasswordManager, 'SSHA')
     342                if user.password is not None and \
     343                    passwordmanager.checkPassword(user.password, password):
     344                    self.flash(_('Your user name and password are correct '
     345                                 'but yor account has been temporarily '
     346                                 'deactivated.'),
     347                               type='warning')
     348                    return
    335349            self.flash(_('You entered invalid credentials.'), type='danger')
    336350            return
     
    578592    grok.name('add')
    579593    grok.template('usereditformpage')
    580     form_fields = grok.AutoFields(IUserAccount)
     594    form_fields = grok.AutoFields(IUserAccount).omit('suspended')
    581595    label = _('Add officer')
    582596
     
    624638
    625639    def label(self):
    626         return _("Edit user ${a}", mapping = {'a':self.context.__name__})
     640        return _("Edit officer ${a}", mapping = {'a':self.context.__name__})
    627641
    628642    def setUpWidgets(self, ignore_request=False):
     
    703717    grok.require('waeup.editUser')
    704718    form_fields = grok.AutoFields(IUserAccount).omit(
    705         'name', 'description', 'roles')
     719        'name', 'description', 'roles', 'suspended')
    706720    label = _(u"My Preferences")
    707721

  • main/waeup.kofa/trunk/src/waeup/kofa/browser/templates/usereditformpage.pt

    r11254 r12926  
     1<p class="alert alert-danger"  i18n:domain="waeup.kofa"
     2   i18n:translate="officer_suspended_warning"
     3   tal:condition="python: getattr(context, 'suspended', False)">
     4  <strong>ATTENTION:</strong>
     5  This account has been suspended. The officer can't login.
     6</p>
     7
    18<form action="." tal:attributes="action request/URL" method="post"
    29      i18n:domain="waeup.kofa" enctype="multipart/form-data"

  • main/waeup.kofa/trunk/src/waeup/kofa/browser/templates/userscontainerpage.pt

    r11254 r12926  
    1212    <tr tal:repeat="account context/values">
    1313      <td tal:content="account/name">USERNAME</td>
    14       <td tal:content="account/title">TITLE</td>
     14      <td>
     15        <span tal:content="account/title">TITLE</span>
     16        <span style="color:red" tal:condition="account/suspended">(suspended)</span>
     17      </td>
    1518      <td nowrap tal:content="structure python:view.getSiteRoles(account)">SITE ROLES</td>
    1619      <td tal:content="structure python:view.getLocalRoles(account)">LOCAL ROLES</td>

  • main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_browser.py

    r12841 r12926  
    3030from waeup.kofa.testing import FunctionalLayer, FunctionalTestCase
    3131from waeup.kofa.app import University
    32 from waeup.kofa.interfaces import IJobManager
     32from waeup.kofa.interfaces import IJobManager, IUserAccount
    3333from waeup.kofa.tests.test_async import FunctionalAsyncTestCase
    3434from waeup.kofa.university.faculty import Faculty
     
    445445            'faculties']['fac1']['dep1'].certificates['CERT1'])
    446446        return
     447
     448    def test_suspended_officer(self):
     449        self.app['users'].addUser(
     450            'officer', 'secret', title='Bob Officer', email='aa@aa.ng')
     451        # Officer can't login if their password is not set
     452        self.app['users']['officer'].password = None
     453        self.browser.open('http://localhost/app/login')
     454        self.browser.getControl(name="form.login").value = 'officer'
     455        self.browser.getControl(name="form.password").value = 'secret'
     456        self.browser.getControl("Login").click()
     457        self.assertTrue(
     458            'You entered invalid credentials.' in self.browser.contents)
     459        # We set the password again
     460        IUserAccount(
     461            self.app['users']['officer']).setPassword('secret')
     462        # Officers can't login if their account is suspended/deactivated
     463        self.app['users']['officer'].suspended = True
     464        self.browser.open('http://localhost/app/login')
     465        self.browser.getControl(name="form.login").value = 'officer'
     466        self.browser.getControl(name="form.password").value = 'secret'
     467        self.browser.getControl("Login").click()
     468        self.assertMatches(
     469            '...but yor account has been temporarily deactivated...',
     470            self.browser.contents)
     471        self.assertFalse("Bob Officer" in self.browser.contents)
     472        self.app['users']['officer'].suspended = False
     473        self.browser.open('http://localhost/app/login')
     474        self.browser.getControl(name="form.login").value = 'officer'
     475        self.browser.getControl(name="form.password").value = 'secret'
     476        self.browser.getControl("Login").click()
     477        self.assertMatches(
     478            '...You logged in...', self.browser.contents)
     479        self.assertTrue("Bob Officer" in self.browser.contents)
     480        self.browser.getLink("Logout").click()
     481        # Suspended accounts are marked
     482        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
     483        self.browser.open('http://localhost/app/users')
     484        self.assertFalse('(suspended)' in self.browser.contents)
     485        self.app['users']['officer'].suspended = True
     486        self.browser.open('http://localhost/app/users')
     487        self.assertTrue(
     488            '<span style="color:red">(suspended)</span>'
     489            in self.browser.contents)
     490        self.browser.open('http://localhost/app/users/officer')
     491        self.assertTrue(
     492            'This account has been suspended.' in self.browser.contents)
     493        self.app['users']['officer'].suspended = False
     494        self.browser.open('http://localhost/app/users/officer')
     495        self.assertFalse(
     496            'This account has been suspended.' in self.browser.contents)
     497        return

  • main/waeup.kofa/trunk/src/waeup/kofa/interfaces.py

    r12915 r12926  
    549549    """
    550550
    551     failed_logins = Attribute("""FailedLoginInfo for this account""")
     551    failed_logins = Attribute('FailedLoginInfo for this account')
    552552
    553553    name = schema.TextLine(
    554554        title = _(u'User Id'),
    555         description = u'Login name of user',
     555        description = _(u'Login name of user'),
    556556        required = True,)
    557557
     
    562562    public_name = schema.TextLine(
    563563        title = _(u'Public Name'),
    564         description = u"Substitute for officer's real name "
    565                        "in student object histories.",
     564        description = _(u"Substitute for officer's real name "
     565                       "in student object histories."),
    566566        required = False,)
    567567
     
    589589        )
    590590
     591    suspended = schema.Bool(
     592        title = _(u'Account suspended'),
     593        description = _(u'If set, the account is immediately blocked.'),
     594        default = False,
     595        required = False,
     596        )
    591597
    592598

  • main/waeup.kofa/trunk/src/waeup/kofa/students/authentication.py

    r10055 r12926  
    7171        return self.title
    7272
     73    def suspended(self):
     74        return self.context.suspended
     75
    7376    @property
    7477    def failed_logins(self):
Note: See TracChangeset for help on using the changeset viewer.