Back to index

plone3  3.1.7
Public Member Functions | Static Public Attributes | Private Member Functions | Private Attributes
GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder Class Reference
Inheritance diagram for GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder:
Inheritance graph
[legend]
Collaboration diagram for GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder:
Collaboration graph
[legend]

List of all members.

Public Member Functions

def __setstate__
def __init__
def getGRUF
def getLUF
def getGroups
def getGroupType
def getGroupMappings
def manage_addGroupMapping
def manage_deleteGroupMappings
def manage_addGroup
def manage_deleteGroups
def getUser
def getUserNames
def getUsers

Static Public Attributes

tuple security = ClassSecurityInfo()
string meta_type = 'LDAPGroupFolder'
string id = 'acl_users'
int isPrincipiaFolderish = 1
int isAUserFolder = 1
tuple manage_options
tuple manage_main = DTMLFile('dtml/groups', globals())
tuple manage_addGroupMapping = postonly(manage_addGroupMapping)
tuple manage_deleteGroupMappings = postonly(manage_deleteGroupMappings)
tuple manage_addGroup = postonly(manage_addGroup)
tuple manage_deleteGroups = postonly(manage_deleteGroups)

Private Member Functions

def _doAddUser
def _doDelUsers
def _doChangeUser

Private Attributes

 _cache
 _luf

Detailed Description

Definition at line 48 of file LDAPGroupFolder.py.


Constructor & Destructor Documentation

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.__init__ (   self,
  title,
  luf = '' 
)

Definition at line 74 of file LDAPGroupFolder.py.

00074 
00075     def __init__( self, title, luf=''):
00076         """ """
00077         self._luf = luf
00078         self._cache = SimpleCache()
00079         self._cache.setTimeout(600)
00080         self._cache.clear()


Member Function Documentation

Definition at line 67 of file LDAPGroupFolder.py.

00067 
00068     def __setstate__(self, v):
00069         """ """
00070         LDAPGroupFolder.inheritedAttribute('__setstate__')(self, v)
00071         self._cache = SimpleCache()
00072         self._cache.setTimeout(600)
00073         self._cache.clear()

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder._doAddUser (   self,
  name,
  password,
  roles,
  domains,
  kw 
) [private]
WARNING: If a role with exists with the same name as the group, we do not add
the group mapping for it, but we create it as if it were a Zope ROLE.
Ie. it's not possible to have a GRUF Group name = a Zope role name, BUT,
with this system, it's possible to differenciate between LDAP groups and LDAP roles.

Definition at line 258 of file LDAPGroupFolder.py.

00258 
00259     def _doAddUser(self, name, password, roles, domains, **kw):
00260         """WARNING: If a role with exists with the same name as the group, we do not add
00261         the group mapping for it, but we create it as if it were a Zope ROLE.
00262         Ie. it's not possible to have a GRUF Group name = a Zope role name, BUT,
00263         with this system, it's possible to differenciate between LDAP groups and LDAP roles.
00264         """
00265         self.getLUF().manage_addGroup(name)
00266         self.manage_addGroupMapping(name, "group_" + name, None, )
00267         self._doChangeUser(name, password, roles, domains, **kw)

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder._doChangeUser (   self,
  name,
  password,
  roles,
  domains,
  kw 
) [private]
This is used to change the groups (especially their roles).

[ THIS TEXT IS OUTDATED :
  WARNING: If a ZOPE role with the same name as the GRUF group exists,
  we do not add the group mapping for it, but we create it as if it were a Zope ROLE.
  Ie. it's not possible to have a GRUF Group name = a Zope role name, BUT,
  with this system, it's possible to differenciate between LDAP groups and LDAP roles.
]

Definition at line 279 of file LDAPGroupFolder.py.

00279 
00280     def _doChangeUser(self, name, password, roles, domains, **kw):
00281         """
00282         This is used to change the groups (especially their roles).
00283 
00284         [ THIS TEXT IS OUTDATED :
00285           WARNING: If a ZOPE role with the same name as the GRUF group exists,
00286           we do not add the group mapping for it, but we create it as if it were a Zope ROLE.
00287           Ie. it's not possible to have a GRUF Group name = a Zope role name, BUT,
00288           with this system, it's possible to differenciate between LDAP groups and LDAP roles.
00289         ]
00290         """
00291         luf = self.getLUF()
00292         self._cache.remove(name)
00293 
00294         # Get group DN
00295         dn = None
00296         for g_name, g_dn in luf.getGroups():
00297             if g_name == name:
00298                 dn = g_dn
00299                 break
00300         if not dn:
00301             raise ValueError, "Invalid LDAP group: '%s'" % (name, )
00302                 
        # Edit group mappings

Here is the call graph for this function:

Here is the caller graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder._doDelUsers (   self,
  names 
) [private]

Definition at line 269 of file LDAPGroupFolder.py.

00269 
00270     def _doDelUsers(self, names):
00271         dns = []
00272         luf = self.getLUF()
00273         for g_name, dn in luf.getGroups():
00274             if g_name in names:
00275                 dns.append(dn)
00276         self._cache.clear()
00277         return luf.manage_deleteGroups(dns)

Here is the call graph for this function:

Definition at line 117 of file LDAPGroupFolder.py.

00117 
00118     def getGroupMappings(self):
00119         """ """
00120         return self.getLUF().getGroupMappings()

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.getGroups (   self,
  dn = '*',
  attr = None,
  pwd = '' 
)

Definition at line 106 of file LDAPGroupFolder.py.

00106 
00107     def getGroups(self, dn='*', attr=None, pwd=''):
00108         """ """
00109         return self.getLUF().getGroups(dn, attr, pwd)
00110 

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 112 of file LDAPGroupFolder.py.

00112 
00113     def getGroupType(self, group_dn):
00114         """ """
00115         return self.getLUF().getGroupType(group_dn)

Here is the call graph for this function:

Definition at line 82 of file LDAPGroupFolder.py.

00082 
00083     def getGRUF(self):
00084         """ """
00085         return self.aq_parent.aq_parent
00086 

Here is the caller graph for this function:

Definition at line 88 of file LDAPGroupFolder.py.

00088 
00089     def getLUF(self):
00090         """ """
00091         s = self.getGRUF().getUserSource(self._luf)
00092         if getattr(s, 'meta_type', None) != "LDAPUserFolder":
00093             # whoops, we moved LDAPUF... let's try to find it back
00094             Log(LOG_WARNING, "LDAPUserFolder moved. Trying to find it back.")
00095             s = None
00096             for src in self.getGRUF().listUserSources():
00097                 if src.meta_type == "LDAPUserFolder":
00098                     self._luf = src.getPhysicalPath()[-2]
00099                     s = src
00100                     break
00101             if not s:
00102                 raise RuntimeError, "You must change your groups source in GRUF if you do not have a LDAPUserFolder as a users source."
00103         return s
00104 

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 171 of file LDAPGroupFolder.py.

00171 
00172     def getUser(self, name):
00173         """ """
00174         # Prevent locally stored groups
00175         luf = self.getLUF()
00176         if luf._local_groups:
00177             return []
00178 
00179         # Get the group from the cache
00180         user = self._cache.get(name, '')
00181         if user:
00182             return user
00183 
00184         # Scan groups to find the proper user.
00185         # THIS MAY BE EXPENSIVE AND HAS TO BE OPTIMIZED...
00186         grps = self.getLUF().getGroups()
00187         valid_roles = self.userFolderGetRoles()
00188         dn = None
00189         for n, g_dn in grps:
00190             if n == name:
00191                 dn = g_dn
00192                 break
00193         if not dn:
00194             return None
00195 
00196         # Current mapping
00197         roles = self.getLUF()._mapRoles([name])
00198 
00199         # Nested groups
00200         groups = list(self.getLUF().getGroups(dn=dn, attr='cn', ))
00201         roles.extend(self.getLUF()._mapRoles(groups))
00202 
00203         # !!! start test
00204         Log(LOG_DEBUG, name, "roles", groups, roles)
00205         Log(LOG_DEBUG, name, "mapping", getattr(self.getLUF(), '_groups_mappings', {}))
00206         # !!! end test
00207 
00208         actual_roles = []
00209         for r in roles:
00210             if r in valid_roles:
00211                 actual_roles.append(r)
00212             elif "%s%s" % (GROUP_PREFIX, r) in valid_roles:
00213                 actual_roles.append("%s%s" % (GROUP_PREFIX, r))
00214         Log(LOG_DEBUG, name, "actual roles", actual_roles)
00215         user = GroupUser(n, '', actual_roles, [])
00216         self._cache.set(name, user)
00217         return user
        

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 219 of file LDAPGroupFolder.py.

00219 
00220     def getUserNames(self):
00221         """ """
00222         Log(LOG_DEBUG, "getUserNames", )
00223         LogCallStack(LOG_DEBUG)
00224         # Prevent locally stored groups
00225         luf = self.getLUF()
00226         if luf._local_groups:
00227             return []
00228         return [g[0] for g in luf.getGroups()]

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.getUsers (   self,
  authenticated = 1 
)

Definition at line 230 of file LDAPGroupFolder.py.

00230 
00231     def getUsers(self, authenticated=1):
00232         """ """
00233         # Prevent locally stored groups
00234         luf = self.getLUF()
00235         if luf._local_groups:
00236             return []
00237 
00238         data = []
00239         
00240         grps = self.getLUF().getGroups()
00241         valid_roles = self.userFolderGetRoles()
00242         for n, dn in grps:
00243             # Group mapping
00244             roles = self.getLUF()._mapRoles([n])
00245             
00246             # computation
00247             actual_roles = []
00248             for r in roles:
00249                 if r in valid_roles:
00250                     actual_roles.append(r)
00251                 elif "%s%s" % (GROUP_PREFIX, r) in valid_roles:
00252                     actual_roles.append("%s%s" % (GROUP_PREFIX, r))
00253             user = GroupUser(n, '', actual_roles, [])
00254             data.append(user)
00255 
00256         return data

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.manage_addGroup (   self,
  newgroup_name,
  newgroup_type = 'groupOfUniqueNames',
  REQUEST = None 
)
Add a new group in groups_base.

Definition at line 149 of file LDAPGroupFolder.py.

00149 
00150                        ):
00151         """Add a new group in groups_base.
00152         """
00153         self.getLUF().manage_addGroup(newgroup_name, newgroup_type, None)
00154         
00155         if REQUEST:
00156             msg = 'Added new group %s' % (newgroup_name)
            return self.manage_main(manage_tabs_message=msg)

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.manage_addGroupMapping (   self,
  group_name,
  role_name,
  REQUEST = None 
)

Definition at line 122 of file LDAPGroupFolder.py.

00122 
00123     def manage_addGroupMapping(self, group_name, role_name, REQUEST=None):
00124         """ """
00125         self._cache.remove(group_name)
00126         self.getLUF().manage_addGroupMapping(group_name, role_name, None)
00127 
00128         if REQUEST:
00129             msg = 'Added LDAP group to Zope role mapping: %s -> %s' % (
00130                 group_name, role_name)
            return self.manage_main(manage_tabs_message=msg)

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.manage_deleteGroupMappings (   self,
  group_names,
  REQUEST = None 
)
Delete mappings from LDAP group to Zope role 

Definition at line 134 of file LDAPGroupFolder.py.

00134 
00135     def manage_deleteGroupMappings(self, group_names, REQUEST=None):
00136         """ Delete mappings from LDAP group to Zope role """
00137         self._cache.clear()
00138         self.getLUF().manage_deleteGroupMappings(group_names, None)
00139         if REQUEST:
00140             msg = 'Deleted LDAP group to Zope role mapping for: %s' % (
00141                 ', '.join(group_names))
            return self.manage_main(manage_tabs_message=msg)

Here is the call graph for this function:

def GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.manage_deleteGroups (   self,
  dns = [],
  REQUEST = None 
)
Delete groups from groups_base 

Definition at line 160 of file LDAPGroupFolder.py.

00160 
00161     def manage_deleteGroups(self, dns=[], REQUEST=None):
00162         """ Delete groups from groups_base """
00163         self.getLUF().manage_deleteGroups(dns, None)
00164         self._cache.clear()
00165  
00166         if REQUEST:
00167             msg = 'Deleted group(s):<br> %s' % '<br>'.join(dns)
            return self.manage_main(manage_tabs_message=msg)

Here is the call graph for this function:


Member Data Documentation

Definition at line 70 of file LDAPGroupFolder.py.

Definition at line 76 of file LDAPGroupFolder.py.

Definition at line 53 of file LDAPGroupFolder.py.

Definition at line 56 of file LDAPGroupFolder.py.

Definition at line 55 of file LDAPGroupFolder.py.

Definition at line 157 of file LDAPGroupFolder.py.

Definition at line 131 of file LDAPGroupFolder.py.

Definition at line 142 of file LDAPGroupFolder.py.

Definition at line 168 of file LDAPGroupFolder.py.

tuple GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.manage_main = DTMLFile('dtml/groups', globals()) [static]

Definition at line 64 of file LDAPGroupFolder.py.

Initial value:
(
        ({'label' : 'Groups', 'action' : 'manage_main',},)
        + SimpleItem.manage_options
        )

Definition at line 58 of file LDAPGroupFolder.py.

Definition at line 52 of file LDAPGroupFolder.py.

tuple GroupUserFolder.LDAPGroupFolder.LDAPGroupFolder.security = ClassSecurityInfo() [static]

Definition at line 50 of file LDAPGroupFolder.py.


The documentation for this class was generated from the following file: