Back to index

plone3  3.1.7
Public Member Functions | Public Attributes | Static Public Attributes | Private Member Functions | Private Attributes
PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper Class Reference
Inheritance diagram for PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper:
Inheritance graph
[legend]
Collaboration diagram for PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper:
Collaboration graph
[legend]

List of all members.

Public Member Functions

def __init__
def extractCredentials
def authenticateCredentials
def getRolesForPrincipal
def listMatchTypes
def listMappingsForUser
def manage_addMapping
def manage_removeMappings

Public Attributes

 id
 title

Static Public Attributes

tuple security = ClassSecurityInfo()
string meta_type = 'Domain Authentication Plugin'
tuple manage_map = PageTemplateFile('www/daMatches', globals())
tuple manage_genericmap = PageTemplateFile('www/daGeneric', globals())
tuple manage_options

Private Member Functions

def _findMatches

Private Attributes

 _domain_map

Detailed Description

Domain Authentication plugin for the PluggableAuthService 

Definition at line 66 of file DomainAuthHelper.py.


Constructor & Destructor Documentation

Initialize a new instance 

Definition at line 91 of file DomainAuthHelper.py.

00091 
00092     def __init__(self, id, title=''):
00093         """ Initialize a new instance """
00094         self.id = id
00095         self.title = title
00096         self._domain_map = OOBTree()
00097 


Member Function Documentation

def PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper._findMatches (   self,
  login,
  r_host = '',
  r_address = '' 
) [private]
Find the match 

Definition at line 167 of file DomainAuthHelper.py.

00167 
00168     def _findMatches(self, login, r_host='', r_address=''):
00169         """ Find the match """
00170         matches = []
00171 
00172         if not r_host and not r_address:
00173             return tuple(matches)
00174         
00175         all_info = list(self._domain_map.get(login, []))
00176         all_info.extend(self._domain_map.get('', []))
00177         
00178         if not r_host:
00179             try:
00180                 r_host = socket.gethostbyaddr(r_address)[0]
00181             except socket.error: 
00182                 pass
00183 
00184         if not r_address:
00185             try:
00186                 r_address = socket.gethostbyname(r_host)
00187             except socket.error :
00188                 pass
00189 
00190         if not r_host and not r_address:
00191             return tuple(matches)
00192 
00193         candidates = [r_host, r_address]
00194 
00195         for match_info in all_info:
00196             m = []
00197             m_type = match_info['match_type']
00198             m_real = match_info['match_real']
00199 
00200             if m_type == _MATCH_EQUALS:
00201                 m = [match_info for x in candidates if x == m_real]
00202             elif m_type == _MATCH_ENDSWITH:
00203                 m = [match_info for x in candidates if x.endswith(m_real)]
00204             elif m_type == _MATCH_REGEX:
00205                 m = [match_info for x in candidates if m_real.search(x)]
00206 
00207             matches.extend(m)
00208 
00209         return tuple(matches)
00210 

Here is the caller graph for this function:

Fulfill AuthenticationPlugin requirements 

Definition at line 120 of file DomainAuthHelper.py.

00120 
00121     def authenticateCredentials(self, credentials):
00122         """ Fulfill AuthenticationPlugin requirements """
00123         login = credentials.get('login', '')
00124         r_host = credentials.get('remote_host', '')
00125         r_address = credentials.get('remote_address', '')
00126         matches = self._findMatches(login, r_host, r_address)
00127 
00128         if len(matches) > 0:
00129             if login:
00130                 return (login, login)
00131             else:
00132                 best_match = matches[0]
00133                 u_name = best_match.get('username', 'remote')
00134                 return ( best_match.get('user_id', u_name)
00135                        , u_name
00136                        )
00137 
00138         return (None, None)
00139 

Here is the call graph for this function:

Extract credentials from 'request'.

Definition at line 99 of file DomainAuthHelper.py.

00099 
00100     def extractCredentials(self, request):
00101         """ Extract credentials from 'request'.
00102         """
00103         creds = {}
00104 
00105         remote_host = request.get('REMOTE_HOST', '')
00106         if remote_host:
00107             creds['remote_host'] = request.get('REMOTE_HOST', '')
00108 
00109         try:
00110             remote_address = request.getClientAddr()
00111         except AttributeError:
00112             remote_address = request.get('REMOTE_ADDR', '')
00113 
00114         if remote_host or remote_address:
00115             creds['remote_host'] = remote_host
00116             creds['remote_address'] = remote_address
00117 
00118         return creds

Fulfill RolesPlugin requirements 

Definition at line 141 of file DomainAuthHelper.py.

00141 
00142     def getRolesForPrincipal(self, user, request=None):
00143         """ Fulfill RolesPlugin requirements """
00144         roles = []
00145 
00146         if request is None:
00147             # Without request there is no way I can do anything...
00148             return tuple(roles)
00149 
00150         uname = user.getUserName()
00151 
00152         if uname.find('Remote User') != -1:
00153             uname = ''
00154 
00155         matches = self._findMatches( uname
00156                                    , request.get('REMOTE_HOST', '')
00157                                    , request.getClientAddr()
00158                                    )
00159 
00160         # We want to grab the first match because it is the most specific
00161         if len(matches) > 0:
00162             roles = matches[0].get('roles', [])
00163 
00164         return tuple(roles)
00165 

Here is the call graph for this function:

List the mappings for a specific user 

Definition at line 218 of file DomainAuthHelper.py.

00218 
00219     def listMappingsForUser(self, user_id=''):
00220         """ List the mappings for a specific user """
00221         result = []
00222         record = self._domain_map.get(user_id, [])
00223 
00224         for match_info in record:
00225             result.append( { 'match_type' : match_info['match_type']
00226                            , 'match_string' : match_info['match_string']
00227                            , 'match_id' : match_info['match_id']
00228                            , 'roles' : match_info['roles']
00229                            , 'username' : match_info['username']
00230                            } )
00231         
00232         return result
00233 

Here is the call graph for this function:

Return a sequence of possible match types 

Definition at line 212 of file DomainAuthHelper.py.

00212 
00213     def listMatchTypes(self):
00214         """ Return a sequence of possible match types """
00215         return (_MATCH_EQUALS, _MATCH_ENDSWITH, _MATCH_REGEX)
00216 

def PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper.manage_addMapping (   self,
  user_id = '',
  match_type = '',
  match_string = '',
  username = '',
  roles = [],
  REQUEST = None 
)
Add a mapping for a user 

Definition at line 242 of file DomainAuthHelper.py.

00242 
00243                          ):
00244         """ Add a mapping for a user """
00245         msg = ''
00246 
00247         if match_type not in (_MATCH_EQUALS, _MATCH_ENDSWITH, _MATCH_REGEX):
00248             msg = 'Unknown match type %s' % match_type
00249 
00250         if not match_string:
00251             msg = 'No match string specified'
00252 
00253         if match_type == _MATCH_REGEX:
00254             try:
00255                 re.compile(match_string, re.IGNORECASE)
00256             except re.error:
00257                 msg = 'Invalid regular expression %s' % match_string
00258 
00259         if msg:
00260             if REQUEST is not None:
00261                 return self.manage_map(manage_tabs_message=msg)
00262 
00263             raise ValueError, msg
00264 
00265         record = self._domain_map.get(user_id, [])
00266         if match_type == _MATCH_REGEX:
00267             real_match = re.compile(match_string, re.IGNORECASE)
00268         else:
00269             real_match = match_string
00270 
00271         match = { 'match_type' : match_type
00272                 , 'match_string' : match_string
00273                 , 'match_real' : real_match
00274                 , 'match_id' : '%s_%s' % (user_id, str(time.time()))
00275                 , 'username' : user_id or username or 'Remote User'
00276                 , 'roles' : roles
00277                 }
00278 
00279         if match not in record:
00280             record.append(match)
00281         else:
00282             msg = 'Match already exists'
00283 
00284         self._domain_map[user_id] = record
00285 
00286         if REQUEST is not None:
00287             msg = msg or 'Match added.'
00288             if user_id:
00289                 return self.manage_map(manage_tabs_message=msg)
00290             else:
00291                 return self.manage_genericmap(manage_tabs_message=msg)
00292 

Here is the caller graph for this function:

def PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper.manage_removeMappings (   self,
  user_id = '',
  match_ids = [],
  REQUEST = None 
)
Remove mappings 

Definition at line 294 of file DomainAuthHelper.py.

00294 
00295     def manage_removeMappings(self, user_id='', match_ids=[], REQUEST=None):
00296         """ Remove mappings """
00297         msg = ''
00298 
00299         if len(match_ids) < 1:
00300             msg = 'No matches specified'
00301 
00302         record = self._domain_map.get(user_id, [])
00303 
00304         if len(record) < 1:
00305             msg = 'No mappings for user %s' % user_id
00306 
00307         if msg:
00308             if REQUEST is not None:
00309                 return self.manage_map(manage_tabs_message=msg)
00310             else:
00311                 return
00312 
00313         to_delete = [x for x in record if x['match_id'] in match_ids]
00314 
00315         for match in to_delete:
00316             record.remove(match)
00317 
00318         self._domain_map[user_id] = record
00319 
00320         if REQUEST is not None:
00321             msg = 'Matches deleted'
00322             if user_id:
00323                 return self.manage_map(manage_tabs_message=msg)
00324             else:
00325                 return self.manage_genericmap(manage_tabs_message=msg)
00326 
00327 classImplements( DomainAuthHelper
00328                , IDomainAuthHelper
00329                , IExtractionPlugin
00330                , IAuthenticationPlugin
00331                , IRolesPlugin
00332                )
00333 
00334 InitializeClass(DomainAuthHelper)
00335 

Here is the call graph for this function:


Member Data Documentation

Definition at line 95 of file DomainAuthHelper.py.

Definition at line 93 of file DomainAuthHelper.py.

tuple PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper.manage_genericmap = PageTemplateFile('www/daGeneric', globals()) [static]

Definition at line 75 of file DomainAuthHelper.py.

tuple PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper.manage_map = PageTemplateFile('www/daMatches', globals()) [static]

Definition at line 72 of file DomainAuthHelper.py.

Initial value:
( BasePlugin.manage_options[:1]
                     + ( { 'label'  : 'User Map'
                         , 'action' : 'manage_map'
                       # , 'help'   : ( 'PluggableAuthService'
                       #              ,'matches.stx')
                         }
                       , { 'label'  : 'Generic Map'
                         , 'action' : 'manage_genericmap'
                         }
                       )
                     + BasePlugin.manage_options[1:]
                     )

Definition at line 77 of file DomainAuthHelper.py.

string PluggableAuthService.plugins.DomainAuthHelper.DomainAuthHelper.meta_type = 'Domain Authentication Plugin' [static]

Definition at line 69 of file DomainAuthHelper.py.

Definition at line 68 of file DomainAuthHelper.py.

Definition at line 94 of file DomainAuthHelper.py.


The documentation for this class was generated from the following file: