Changeset 5453


Ignore:
Timestamp:
18 Aug 2010, 14:53:38 (14 years ago)
Author:
uli
Message:

Update login page to play well with the new authentication.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.sirp/trunk/src/waeup/sirp/jambtables/browser.py

    r5442 r5453  
    3131from waeup.sirp.jambtables import JAMBDataTable
    3232from waeup.sirp.jambtables.util import get_applicant_data
    33 from waeup.sirp.jambtables.interfaces import IApplicant, IApplicantContainer
     33from waeup.sirp.jambtables.interfaces import (
     34    IApplicant, IApplicantContainer, IApplicantPrincipal)
     35                                             
    3436
    3537#from zope.formlib.objectwidget import ObjectWidget
     
    8486        applicant = Applicant()
    8587        self.applyData(applicant, **data)
    86         self.context[applicant.reg_no] = applicant
     88        # XXX: temporarily disabled.
     89        #self.context[applicant.reg_no] = applicant
     90        try:
     91            self.context[applicant.access_code] = applicant
     92        except KeyError:
     93            self.flash('The given access code is already in use!')
     94            return
    8795        self.redirect(self.url(self.context))
    8896
     
    107115    @grok.action('Save')
    108116    def save(self, **data):
    109         print "DATA: ", data
    110117        self.applyData(self.context, **data)
    111         print "ENTRY: ", self.context.fst_sit_results
    112118        self.context._p_changed = True
    113119        return
     
    131137    pnav = 1
    132138
    133     def update(self, reg_no=None, ac_series=None, ac_number=None):
     139    def update(self):
    134140        """Validate credentials and redirect or show error.
    135141
    136         XXX: log things happening here
    137         XXX: consider real login procedure with single applicant user.
    138         """
    139         self.reg_no = reg_no
    140         self.ac_series = ac_series
    141         self.ac_number = ac_number
    142         for param in [reg_no, ac_series, ac_number]:
    143             if param is None:
     142        The real validation is done by an pluggable authentication
     143        utility (PAU). Here we only check, whether correct credentials
     144        were entered by looking up the principal status of the
     145        request: If the user authenticated successfully, we get an
     146        applicant principal. Otherwise we get the unauthenticated
     147        principal.
     148        """
     149        formfields = ['form.ac_number', 'form.jamb_reg_no',
     150                      'form.ac_series', 'form.prefix',]
     151
     152        self.reg_no = self.request.form.get('form.jamb_reg_no', '')
     153        self.ac_series = self.request.form.get('form.ac_series', '')
     154        self.ac_number = self.request.form.get('form.ac_number', '')
     155
     156        for required_field in formfields:
     157            if required_field not in self.request.form.keys():
    144158                return
    145         ac = "PUDE-%s-%s" % (ac_series, ac_number)
    146         data = self.getApplicantData(reg_no, ac)
    147         if data is None:
    148             self.flash('Invalid data entered')
     159        self.reg_no = self.request.form['form.jamb_reg_no']
     160        self.ac_series = self.request.form['form.ac_series']
     161        self.ac_number = self.request.form['form.ac_number']
     162        principal = self.request.principal
     163        if not IApplicantPrincipal.providedBy(principal):
     164            self.flash('You entered invalid credentials')
    149165            return
    150         applicant_data, access_code = data
    151         app_page = self.url(applicant_data, '@@edit')
    152         # XXX: Invalidate ACCESS_CODE
    153         self.redirect(app_page)
     166        if hasattr(principal, 'reg_no'):
     167            if not principal.reg_no is None:
     168               
     169                site = grok.getSite()
     170                applications = site['applications']
     171                application = applications[principal.reg_no]
     172                self.redirect(self.url(application, '@@edit'))
    154173        return
    155174
     
    158177
    159178        XXX: This should be computed or retrieved from elsewhere.
     179
     180        `session` here means an academic session, not a browser
     181        session.
    160182        """
    161183        return u'2010/2011'
Note: See TracChangeset for help on using the changeset viewer.