Back to index

plone3  3.1.7
gruf.py
Go to the documentation of this file.
00001 ##############################################################################
00002 #
00003 # PlonePAS - Adapt PluggableAuthService for use in Plone
00004 # Copyright (C) 2005 Enfold Systems, Kapil Thangavelu, et al
00005 #
00006 # This software is subject to the provisions of the Zope Public License,
00007 # Version 2.1 (ZPL).  A copy of the ZPL should accompany this
00008 # distribution.
00009 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
00010 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
00011 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
00012 # FOR A PARTICULAR PURPOSE.
00013 #
00014 ##############################################################################
00015 """
00016 
00017 acts as a bridge between gruf and pas. fufilling group, role, and principal
00018 management plugin functionalities within pas via delegation to a contained gruf
00019 instance.
00020 
00021 """
00022 
00023 from Globals import DTMLFile, InitializeClass
00024 
00025 from zope.interface import implementedBy
00026 
00027 from Products.PluggableAuthService.utils import classImplements
00028 from Products.PluggableAuthService.plugins.DelegatingMultiPlugin \
00029      import DelegatingMultiPlugin
00030 from Products.PluggableAuthService.interfaces import plugins
00031 from AccessControl.requestmethod import postonly
00032 
00033 
00034 def manage_addGRUFBridge(self, id, title='', RESPONSE=None ):
00035     """
00036     add gruf bridge
00037     """
00038 
00039     bridge = GRUFBridge( id, title='')
00040     self._setObject( id, bridge )
00041 
00042     if RESPONSE is not None:
00043         RESPONSE.redirect('manage_workspace')
00044 
00045 
00046 manage_addGRUFBridgeForm = DTMLFile('../zmi/GRUFBridgeForm', globals())
00047 
00048 class GroupFilter( object ):
00049 
00050     def __init__(self,  id, exact_match, **kw):
00051         if isinstance( id, str):
00052             id = [ id ]
00053         self.group_ids = id
00054         self.exact_match = not not exact_match
00055 
00056     def __call__(self, group):
00057         tid = group.getId()
00058         if self.exact_match:
00059             if tid in self.group_ids:
00060                 return True
00061             return False
00062         for value in self.group_ids:
00063             if value.find( tid ) >= 0:
00064                 return True
00065 
00066 
00067 class GRUFBridge( DelegatingMultiPlugin ):
00068 
00069     meta_type = "GRUF Bridge"
00070 
00071     def manage_afterAdd(self, item, container):
00072         self.manage_addProduct['GroupUserFolder'].manage_addGroupUserFolder()
00073 
00074     def _getUserFolder(self):
00075         return self.acl_users
00076 
00077     #################################
00078     # group interface implementation
00079 
00080     # plugins.IGroupsEnumerationPlugin
00081     def enumerateGroups( self,
00082                          id=None,
00083                          title=None,
00084                          exact_match=False,
00085                          sort_by=None,
00086                          max_results=None,
00087                          **kw
00088                          ):
00089 
00090         gruf = self._getUserFolder()
00091         groups = gruf.getGroups()
00092         filter = GroupFilter( id, exact_match, **kw )
00093         if max_results is None:
00094             max_results = -1
00095         return [self.getGroupInfo( group ) for group in groups if filter(group)][:max_results]
00096 
00097     # plugins.IGroupsPlugin
00098     def getGroupsForPrincipal( self, principal, request=None ):
00099         gruf = self._getUserFolder()
00100         pid = self._demangle( principal.getId() )
00101         gruf_principal = gruf.getUser( pid )
00102         return gruf_principal.getGroupsWithoutPrefix()
00103 
00104     #################################
00105     # group management
00106 
00107     # gruf assumes it is the canonical source for both users and groups
00108     def addGroup(self, group_id, REQUEST=None):
00109         self._getUserFolder().userFolderAddGroup( group_id, (), () )
00110         return True
00111     addGroup = postonly(addGroup)
00112 
00113     def addPrincipalToGroup(self, principal_id, group_id, REQUEST=None):
00114         group = self._getUserFolder().getGroupById( group_id )
00115         group.addMember( principal_id )
00116     addPrincipalToGroup = postonly(addPrincipalToGroup)
00117 
00118     # XXX need to fix this api, its too ambigious
00119     def updateGroup(self, group_id, REQUEST=None, **kw):
00120         pass
00121     updateGroup = postonly(updateGroup)
00122 
00123     def setRolesForGroup(self, group_id, roles=(), REQUEST=None):
00124         # doing it this way will lose subgroups..
00125         self._getUserFolder().userFolderEditGroup( group_id, roles )
00126     setRolesForGroup = postonly(setRolesForGroup)
00127 
00128     def removeGroup(self, group_id, REQUEST=None):
00129         return self._getUserFolder().userFolderDelGroups( (group_id, ) )
00130     removeGroup = postonly(removeGroup)
00131 
00132     def removePrincipalFromGroup(self, principal_id, group_id, REQUEST=None):
00133         group = self._getUserFolder().getGroupById( group_id )
00134         group.removeMember( principal_id )
00135         return True
00136     removePrincipalFromGroup = postonly(removePrincipalFromGroup)
00137 
00138     #################################
00139     # group introspection
00140 
00141     def getGroupById( self, group_id ):
00142         return self._getUserFolder().getGroupById( group_id )
00143 
00144     def getGroupIds(self):
00145         # gruf returns these prefixed
00146         return self._getUserFolder().getGroupIds()
00147 
00148     def getGroups(self):
00149         return self._getUserFolder().getGroups()
00150 
00151     def getGroupMembers(self, group_id):
00152         return self._getUserFolder().getMemberIds(group_id)
00153 
00154     #################################
00155     def getGroupInfo(self, group):
00156         url = group.absolute_url()
00157         return {
00158             'id' : group.getId(),
00159             'pluginid' : self.getId(),
00160             'members_url' : url,
00161             'properties_url' : url,
00162             }
00163 
00164     def _demangle(self, princid):
00165         unmangle_fn = self.aq_acquire('_unmangleId') # acquire from PAS
00166         unmangled_princid = unmangle_fn(princid)[-1]
00167         return unmangled_princid
00168 
00169 classImplements(GRUFBridge,
00170                 plugins.IGroupsPlugin, plugins.IGroupEnumerationPlugin,
00171                 *implementedBy(DelegatingMultiPlugin))
00172 
00173 InitializeClass(GRUFBridge)