Changeset 4129

Timestamp:

15 May 2009, 11:17:34 (16 years ago)

Author:

uli

Message:

Handle roles more robust.

File:

• waeup/branches/ulif-rewrite/src/waeup/authentication.py (modified) (4 diffs)

waeup/branches/ulif-rewrite/src/waeup/authentication.py

@@ -13 +13 @@
 from zope.component import getUtility
 from zope.interface import Interface
+from zope.securitypolicy.interfaces import IPrincipalRoleManager
+from zope.securitypolicy.principalrole import principalRoleManager
 from waeup.interfaces import IWAeUPObject, IUserAccount
 from waeup.viewlets import Index, MainArea, LeftSidebar
@@ -78 +80 @@
 class Account(grok.Model):
     grok.implements(IUserAccount)
-    
+
+
     def __init__(self, name, password, title=None, description=None,
                  roles = []):
@@ -89 +92 @@
         self.description = description
         self.setPassword(password)
-        self.roles = roles
+        self.setRoles(roles)
 
     def setPassword(self, password):
@@ -99 +102 @@
         return passwordmanager.checkPassword(self.password, password)
 
-  
+    def getRoles(self):
+        prm = self._getPrincipalRoleManager()
+        roles = [x[0] for x in prm.getRolesForPrincipal(self.name)
+                 if x[0].startswith('waeup.')]
+        return roles
+    
+    def setRoles(self, roles):
+        prm = self._getPrincipalRoleManager()
+        
+        old_roles = self.getRoles()
+        for role in old_roles:
+            # Remove old roles, not to be set now...
+            if role.startswith('waeup.') and role not in roles:
+                prm.unsetRoleForPrincipal(role, self.name)
+
+        for role in roles:
+            prm.assignRoleToPrincipal(role, self.name)
+
+    roles = property(getRoles, setRoles)
+
+    def _getPrincipalRoleManager(self):
+        portal = grok.getSite()
+        if portal is not None:
+            return IPrincipalRoleManager(portal)
+        return principalRoleManager
+        
+    
 class UserAuthenticatorPlugin(grok.GlobalUtility):
     grok.provides(IAuthenticatorPlugin)