Changeset 5453 for main/waeup.sirp/trunk/src/waeup

Timestamp:

18 Aug 2010, 14:53:38 (14 years ago)

Author:

uli

Message:

Update login page to play well with the new authentication.

File:

• main/waeup.sirp/trunk/src/waeup/sirp/jambtables/browser.py (modified) (5 diffs)

main/waeup.sirp/trunk/src/waeup/sirp/jambtables/browser.py

@@ -31 +31 @@
 from waeup.sirp.jambtables import JAMBDataTable
 from waeup.sirp.jambtables.util import get_applicant_data
-from waeup.sirp.jambtables.interfaces import IApplicant, IApplicantContainer
+from waeup.sirp.jambtables.interfaces import (
+    IApplicant, IApplicantContainer, IApplicantPrincipal)
+                                              
 
 #from zope.formlib.objectwidget import ObjectWidget
@@ -84 +86 @@
         applicant = Applicant()
         self.applyData(applicant, **data)
-        self.context[applicant.reg_no] = applicant
+        # XXX: temporarily disabled.
+        #self.context[applicant.reg_no] = applicant
+        try:
+            self.context[applicant.access_code] = applicant
+        except KeyError:
+            self.flash('The given access code is already in use!')
+            return
         self.redirect(self.url(self.context))
 
@@ -107 +115 @@
     @grok.action('Save')
     def save(self, **data):
-        print "DATA: ", data
         self.applyData(self.context, **data)
-        print "ENTRY: ", self.context.fst_sit_results
         self.context._p_changed = True
         return
@@ -131 +137 @@
     pnav = 1
 
-    def update(self, reg_no=None, ac_series=None, ac_number=None):
+    def update(self):
         """Validate credentials and redirect or show error.
 
-        XXX: log things happening here
-        XXX: consider real login procedure with single applicant user.
-        """
-        self.reg_no = reg_no
-        self.ac_series = ac_series
-        self.ac_number = ac_number
-        for param in [reg_no, ac_series, ac_number]:
-            if param is None:
+        The real validation is done by an pluggable authentication
+        utility (PAU). Here we only check, whether correct credentials
+        were entered by looking up the principal status of the
+        request: If the user authenticated successfully, we get an
+        applicant principal. Otherwise we get the unauthenticated
+        principal.
+        """
+        formfields = ['form.ac_number', 'form.jamb_reg_no',
+                      'form.ac_series', 'form.prefix',]
+
+        self.reg_no = self.request.form.get('form.jamb_reg_no', '')
+        self.ac_series = self.request.form.get('form.ac_series', '')
+        self.ac_number = self.request.form.get('form.ac_number', '')
+
+        for required_field in formfields:
+            if required_field not in self.request.form.keys():
                 return
-        ac = "PUDE-%s-%s" % (ac_series, ac_number)
-        data = self.getApplicantData(reg_no, ac)
-        if data is None:
-            self.flash('Invalid data entered')
+        self.reg_no = self.request.form['form.jamb_reg_no']
+        self.ac_series = self.request.form['form.ac_series']
+        self.ac_number = self.request.form['form.ac_number']
+        principal = self.request.principal
+        if not IApplicantPrincipal.providedBy(principal):
+            self.flash('You entered invalid credentials')
             return
-        applicant_data, access_code = data
-        app_page = self.url(applicant_data, '@@edit')
-        # XXX: Invalidate ACCESS_CODE
-        self.redirect(app_page)
+        if hasattr(principal, 'reg_no'):
+            if not principal.reg_no is None:
+                
+                site = grok.getSite()
+                applications = site['applications']
+                application = applications[principal.reg_no]
+                self.redirect(self.url(application, '@@edit'))
         return
 
@@ -158 +177 @@
 
         XXX: This should be computed or retrieved from elsewhere.
+
+        `session` here means an academic session, not a browser
+        session.
         """
         return u'2010/2011'