Back to index

plone3  3.1.7
Classes | Functions | Variables
GroupUserFolder.GroupUserFolder Namespace Reference

Classes

class  GroupUserFolder
class  treeWrapper

Functions

def unique
def manage_addGroupUserFolder
def hasUsers
def user_names
def getUserNames
def getUserIds
def getUsers
def getUser
def getUserById
def getUserByName
def getPureUserNames
def getPureUserIds
def getPureUsers
def getPureUser
def getGroupNames
def getGroupIds
def getGroups
def getGroup
def getGroupById
def getGroupByName
def userFolderAddUser
def userFolderEditUser
def userFolderUpdateUser
def userFolderDelUsers
def userFolderAddGroup
def userFolderEditGroup
def userFolderUpdateGroup
def userFolderDelGroups
def searchUsersByAttribute
def searchUsersByName
def searchUsersById
def searchGroupsByAttribute
def searchGroupsByName
def searchGroupsById
def setRolesOnUsers
def getUsersOfRole
 def setUsersOfRole(self, usernames, role): """Sets the users of a role.
def getRolesOfUser
def userFolderAddRole
def userFolderDelRoles
def userFolderGetRoles
def setMembers
def addMember
def removeMember
def getMemberIds
def getUserMemberIds
def getGroupMemberIds
def hasMember
def userSetRoles
 def setUserId(id, newId): """Change id of a user atom.
def userAddRole
def userRemoveRole
def userSetPassword
def userGetDomains
def userSetDomains
def userAddDomain
def userRemoveDomain
def userSetGroups
def userAddGroup
def userRemoveGroup
def __init__
def _post_init
def manage_beforeDelete
def manage_afterAdd
def getGroupPrefix
def getGRUFPhysicalRoot
def getGRUFId
def getUnwrappedUser
def getUnwrappedGroup
def authenticate
def _doAddUser
def _doChangeUser
def _updateUser
def _doDelUsers
def _doAddGroup
def _doChangeGroup
def _updateGroup
def _doDelGroup
def _doDelGroups
def getGRUFVersion
def changeUser
def deleteUser
def changeOrCreateUsers
def deleteUsers
def changeOrCreateGroups
def deleteGroups
def acquireLocalRoles
def _acquireLocalRoles
def isLocalRoleAcquired
def getLocalRolesForDisplay
def _getLocalRolesForDisplay
def getAllLocalRoles
def _getAllLocalRoles
def getPloneSecurityMatrix
def computeSecuritySettings
def computeSetting
def _getNextHandle
def listUsersAndRoles
def getSiteTree
def listAuditPermissions
def getDefaultPermissions
def getTreeInfo
def tpValues
def tpId
def manage_workspace
def __bobo_traverse__
def listUsersBatches
def listUsersBatchTable
def getUsersBatch
def toggleSource
def listUserSources
def listUserSourceFolders
def getUserSource
def getUserSourceFolder
def addUserSource
def deleteUserSource
def getDefaultUserSource
def listAvailableUserSources
def moveUserSourceUp
def moveUserSourceDown
def _renameUserSource
def replaceUserSource
def hasLDAPUserFolderSource
def updateLDAPUserFolderMapping
def listLDAPUserFolderMapping
def getInvalidMappings
def getLUFSource
def areLUFGroupsLocal
def haveLDAPGroupFolder

Variables

string __version__ = "$Revision: $"
 GroupUserFolder Copyright (C)2006 Ingeniweb.
string __docformat__ = 'restructuredtext'
list _marker = []
 Developers notes.
tuple security = ClassSecurityInfo()
 _haveLDAPUF = 0
tuple manage_options
 manage_main = OFS.ObjectManager.ObjectManager.manage_main
tuple manage_overview = PageTemplateFile.PageTemplateFile('dtml/GRUF_overview', globals())
 manage_overview = DTMLFile('dtml/GRUF_overview', globals())
tuple manage_audit = PageTemplateFile.PageTemplateFile('dtml/GRUF_audit', globals())
tuple manage_wizard = PageTemplateFile.PageTemplateFile('dtml/GRUF_wizard', globals())
tuple manage_groups = PageTemplateFile.PageTemplateFile('dtml/GRUF_groups', globals())
tuple manage_users = PageTemplateFile.PageTemplateFile('dtml/GRUF_users', globals())
tuple manage_newusers = PageTemplateFile.PageTemplateFile('dtml/GRUF_newusers', globals())
tuple manage_GRUFSources = PageTemplateFile.PageTemplateFile('dtml/GRUF_contents', globals())
tuple manage_user = PageTemplateFile.PageTemplateFile('dtml/GRUF_user', globals())
tuple __ac_permissions__
string user_color = "#006600"
string group_color = "#000099"
string role_color = "#660000"
tuple img_user = ImageFile.ImageFile('www/GRUFUsers.gif', globals())
tuple img_group = ImageFile.ImageFile('www/GRUFGroups.gif', globals())
tuple userFolderAddUser = postonly(userFolderAddUser)
tuple userFolderEditUser = postonly(userFolderEditUser)
tuple userFolderUpdateUser = postonly(userFolderUpdateUser)
tuple userFolderDelUsers = postonly(userFolderDelUsers)
tuple userFolderAddGroup = postonly(userFolderAddGroup)
tuple userFolderEditGroup = postonly(userFolderEditGroup)
tuple userFolderUpdateGroup = postonly(userFolderUpdateGroup)
tuple setRolesOnUsers = postonly(setRolesOnUsers)
tuple userFolderAddRole = postonly(userFolderAddRole)
tuple userFolderDelRoles = postonly(userFolderDelRoles)
tuple setMembers = postonly(setMembers)
tuple addMember = postonly(addMember)
tuple removeMember = postonly(removeMember)
tuple userSetRoles = postonly(userSetRoles)
tuple userAddRole = postonly(userAddRole)
tuple userRemoveRole = postonly(userRemoveRole)
tuple userSetPassword = postonly(userSetPassword)
tuple userSetDomains = postonly(userSetDomains)
tuple userAddDomain = postonly(userAddDomain)
tuple userRemoveDomain = postonly(userRemoveDomain)
tuple userSetGroups = postonly(userSetGroups)
tuple userAddGroup = postonly(userAddGroup)
tuple userRemoveGroup = postonly(userRemoveGroup)
string reset_entry = "__None__"
tuple changeUser = postonly(changeUser)
tuple deleteUser = postonly(deleteUser)
tuple changeOrCreateUsers = postonly(changeOrCreateUsers)
tuple deleteUsers = postonly(deleteUsers)
tuple changeOrCreateGroups = postonly(changeOrCreateGroups)
tuple deleteGroups = postonly(deleteGroups)
tuple acquireLocalRoles = postonly(acquireLocalRoles)
string icon = ' img_user'
 icon = self.absolute_url() + '/img_group'
list belongs_to = []
 icon = self.absolute_url() + '/img_user'
int _v_no_tree = 0
int _v_cache_no_tree = 0
tuple _v_cache_tree = (0, [])
list _v_batch_users = []
tuple img_up_arrow = ImageFile.ImageFile('www/up_arrow.gif', globals())
tuple img_down_arrow = ImageFile.ImageFile('www/down_arrow.gif', globals())
tuple img_up_arrow_grey = ImageFile.ImageFile('www/up_arrow_grey.gif', globals())
tuple img_down_arrow_grey = ImageFile.ImageFile('www/down_arrow_grey.gif', globals())
tuple addUserSource = postonly(addUserSource)
 

If we use ldap, tag it

if string.find(factory_uri.lower(), "ldap") > -1: self._haveLDAPUF += 1
tuple deleteUserSource = postonly(deleteUserSource)
tuple moveUserSourceUp = postonly(moveUserSourceUp)
tuple moveUserSourceDown = postonly(moveUserSourceDown)
string title = 'Rename Error'
 if not ob.cb_isMoveable(): raise "Copy Error", eNotSupported % id self._verifyObjectPaste(ob) # This is what we disable
tuple message = sys.exc_info()
string action = 'manage_main'
tuple ob = aq_base(ob)
tuple replaceUserSource = postonly(replaceUserSource)
 __allow_groups__
 id

Function Documentation

def GroupUserFolder.GroupUserFolder.__bobo_traverse__ (   self,
  request,
  name 
)
Looks for the name of a user or a group.
This applies only if users list is not huge.

Definition at line 2135 of file GroupUserFolder.py.

02135 
02136     def __bobo_traverse__(self, request, name):
02137         """
02138         Looks for the name of a user or a group.
02139         This applies only if users list is not huge.
02140         """
02141         # Check if it's an attribute
02142         if hasattr(self.aq_base, name, ):
02143             return getattr(self, name)
02144 
02145         # It's not an attribute, maybe it's a user/group
02146         # (this feature is used for the tree)
02147         if name.startswith('_'):
02148             pass        # Do not fetch users
02149         elif name.startswith('manage_'):
02150             pass        # Do not fetch users
02151         elif name in INVALID_USER_NAMES:
02152             pass        # Do not fetch users
02153         else:
02154             # Only try to get users is fetch_user is true.
02155             # This is only for performance reasons.
02156             # The following code block represent what we want to minimize
02157             if self._v_cache_tree[0] < time.time():
02158                 un = map(lambda x: x.getId(), self.getUsers())            # This is the cost we want to avoid
02159                 self._v_cache_tree = (time.time() + TREE_CACHE_TIME, un, )
02160             else:
02161                 un = self._v_cache_tree[1]
02162 
02163             # Get the user if we can
02164             if name in un:
02165                 self._v_no_tree = 0
02166                 return self
02167 
02168             # Force getting the user if we must
02169             if request.get("FORCE_USER"):
02170                 self._v_no_tree = 0
02171                 return self
02172 
02173         # This will raise if it's not possible to acquire 'name'
02174         return getattr(self, name, )
02175 
02176 

__init__(self) -> initialization method
We define it to prevend calling ancestor's __init__ methods.

Definition at line 944 of file GroupUserFolder.py.

00944 
00945     def __init__(self):
00946         """
00947         __init__(self) -> initialization method
00948         We define it to prevend calling ancestor's __init__ methods.
00949         """
00950         pass
00951 

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder._acquireLocalRoles (   self,
  folder,
  status 
) [private]
Same as _acquireLocalRoles() but won't perform security check on the folder.

Definition at line 1577 of file GroupUserFolder.py.

01577 
01578     def _acquireLocalRoles(self, folder, status):
01579         """Same as _acquireLocalRoles() but won't perform security check on the folder.
01580         """
01581         # Set the variable (or unset it if it's defined)
01582         if not status:
01583             folder.__ac_local_roles_block__ = 1
01584         else:
01585             if getattr(folder, '__ac_local_roles_block__', None):
01586                 folder.__ac_local_roles_block__ = None
01587 

def GroupUserFolder.GroupUserFolder._doAddGroup (   self,
  name,
  roles,
  groups = (),
  kw 
) [private]
Create a new group. Password will be randomly created, and domain will be None.
Supports nested groups.

Definition at line 1226 of file GroupUserFolder.py.

01226 
01227     def _doAddGroup(self, name, roles, groups = (), **kw):
01228         """
01229         Create a new group. Password will be randomly created, and domain will be None.
01230         Supports nested groups.
01231         """
01232         # Prepare initial data
01233         domains = ()
01234         password = ""
01235         if roles is None:
01236             roles = []
01237         if groups is None:
01238             groups = []
01239 
01240         for x in range(0, 10):  # Password will be 10 chars long
01241             password = "%s%s" % (password, random.choice(string.lowercase), )
01242 
01243         # Compute roles
01244         roles = list(roles)
01245         prefix = GROUP_PREFIX
01246         gruf_groups = self.getGroupIds()
01247         for group in groups:
01248             if not group.startswith(prefix):
01249                 group = "%s%s" % (prefix, group, )
01250             if group == "%s%s" % (prefix, name, ):
01251                 raise ValueError, "Infinite recursion for group '%s'." % (group, )
01252             if not group in gruf_groups:
01253                 raise ValueError, "Invalid group: '%s' (defined groups are %s)" % (group, gruf_groups)
01254             roles.append(group)
01255 
01256         # Reset the users overview batch
01257         self._v_batch_users = []
01258 
01259         # Actual creation
01260         return self.Groups.acl_users._doAddUser(
01261             name, password, roles, domains, **kw
01262             )

def GroupUserFolder.GroupUserFolder._doAddUser (   self,
  name,
  password,
  roles,
  domains,
  groups = (),
  kw 
) [private]
Create a new user. This should be implemented by subclasses to
do the actual adding of a user. The 'password' will be the
original input password, unencrypted. The implementation of this
method is responsible for performing any needed encryption.

Definition at line 1074 of file GroupUserFolder.py.

01074 
01075     def _doAddUser(self, name, password, roles, domains, groups = (), **kw):
01076         """
01077         Create a new user. This should be implemented by subclasses to
01078         do the actual adding of a user. The 'password' will be the
01079         original input password, unencrypted. The implementation of this
01080         method is responsible for performing any needed encryption.
01081         """
01082         prefix = GROUP_PREFIX
01083 
01084         # Prepare groups
01085         roles = list(roles)
01086         gruf_groups = self.getGroupIds()
01087         for group in groups:
01088             if not group.startswith(prefix):
01089                 group = "%s%s" % (prefix, group, )
01090             if not group in gruf_groups:
01091                 raise ValueError, "Invalid group: '%s'" % (group, )
01092             roles.append(group)
01093 
01094         # Reset the users overview batch
01095         self._v_batch_users = []
01096 
01097         # Really add users
01098         return self.getDefaultUserSource()._doAddUser(
01099             name,
01100             password,
01101             roles,
01102             domains,
01103             **kw)

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder._doChangeGroup (   self,
  name,
  roles,
  groups = None,
  kw 
) [private]
Modify an existing group.

Definition at line 1264 of file GroupUserFolder.py.

01264 
01265     def _doChangeGroup(self, name, roles, groups = None, **kw):
01266         """Modify an existing group."""
01267         # Remove prefix if given
01268         if name.startswith(self.getGroupPrefix()):
01269             name = name[GROUP_PREFIX_LEN:]
01270 
01271         # Check if group exists
01272         grp = self.getGroup(name, prefixed = 0)
01273         if grp is None:
01274             raise ValueError, "Invalid group: '%s'" % (name,)
01275 
01276         # Don't lose existing groups
01277         if not groups:
01278             groups = grp.getGroups()
01279 
01280         roles = list(roles or [])
01281         groups = list(groups or [])
01282 
01283         # Change groups affectation
01284         cur_groups = self.getGroups()
01285         given_roles = tuple(grp.getRoles()) + tuple(roles)
01286         for group in groups:
01287             if not group.startswith(GROUP_PREFIX, ):
01288                 group = "%s%s" % (GROUP_PREFIX, group, )
01289             if group == "%s%s" % (GROUP_PREFIX, grp.id):
01290                 raise ValueError, "Cannot affect group '%s' to itself!" % (name, )        # Prevent direct inclusion of self
01291             new_grp = self.getGroup(group)
01292             if not new_grp:
01293                 raise ValueError, "Invalid or inexistant group: '%s'" % (group, )
01294             if "%s%s" % (GROUP_PREFIX, grp.id) in new_grp.getGroups():
01295                 raise ValueError, "Cannot affect %s to group '%s' as it would lead to circular references." % (group, name, )        # Prevent indirect inclusion of self
01296             if not group in cur_groups and not group in given_roles:
01297                 roles.append(group)
01298 
01299         # Reset the users overview batch
01300         self._v_batch_users = []
01301 
01302         # Perform the change
01303         domains = ""
01304         password = ""
01305         for x in range(0, 10):  # Password will be 10 chars long
01306             password = "%s%s" % (password, random.choice(string.lowercase), )
01307         return self.Groups.acl_users._doChangeUser(name, password,
01308                                                   roles, domains, **kw)

def GroupUserFolder.GroupUserFolder._doChangeUser (   self,
  name,
  password,
  roles,
  domains,
  groups = None,
  kw 
) [private]
Modify an existing user. This should be implemented by subclasses
to make the actual changes to a user. The 'password' will be the
original input password, unencrypted. The implementation of this
method is responsible for performing any needed encryption.

A None password should not change it (well, we hope so)

Definition at line 1105 of file GroupUserFolder.py.

01105 
01106     def _doChangeUser(self, name, password, roles, domains, groups = None, **kw):
01107         """
01108         Modify an existing user. This should be implemented by subclasses
01109         to make the actual changes to a user. The 'password' will be the
01110         original input password, unencrypted. The implementation of this
01111         method is responsible for performing any needed encryption.
01112 
01113         A None password should not change it (well, we hope so)
01114         """
01115         # Get actual user name and id
01116         usr = self.getUser(name)
01117         if usr is None:
01118             raise ValueError, "Invalid user: '%s'" % (name,)
01119         id = usr.getRealId()
01120 
01121         # Don't lose existing groups
01122         if groups is None:
01123             groups = usr.getGroups()
01124 
01125         roles = list(roles)
01126         groups = list(groups)
01127 
01128         # Change groups affectation
01129         cur_groups = self.getGroups()
01130         given_roles = tuple(usr.getRoles()) + tuple(roles)
01131         for group in groups:
01132             if not group.startswith(GROUP_PREFIX, ):
01133                 group = "%s%s" % (GROUP_PREFIX, group, )
01134             if not group in cur_groups and not group in given_roles:
01135                 roles.append(group)
01136 
01137         # Reset the users overview batch
01138         self._v_batch_users = []
01139 
01140         # Change the user itself
01141         src = usr.getUserSourceId()
01142         Log(LOG_NOTICE, name, "Source:", src)
01143         ret = self.getUserSource(src)._doChangeUser(
01144             id, password, roles, domains, **kw)
01145 
01146         # Invalidate user cache if necessary
01147         usr.clearCachedGroupsAndRoles()
01148         authenticated = getSecurityManager().getUser()
01149         if id == authenticated.getId() and hasattr(authenticated, 'clearCachedGroupsAndRoles'):
01150             authenticated.clearCachedGroupsAndRoles(self.getUserSource(src).getUser(id))
01151 
01152         return ret

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder._doDelGroup (   self,
  name 
) [private]
Delete one user.

Definition at line 1343 of file GroupUserFolder.py.

01343 
01344     def _doDelGroup(self, name):
01345         """Delete one user."""
01346         # Remove prefix if given
01347         if name.startswith(self.getGroupPrefix()):
01348             name = name[GROUP_PREFIX_LEN:]
01349 
01350         # Reset the users overview batch
01351         self._v_batch_users = []
01352 
01353         # Delete it
01354         return self.Groups.acl_users._doDelUsers([name])

def GroupUserFolder.GroupUserFolder._doDelGroups (   self,
  names 
) [private]
Delete one or more users.

Definition at line 1356 of file GroupUserFolder.py.

01356 
01357     def _doDelGroups(self, names):
01358         """Delete one or more users."""
01359         for group in names:
01360             if not self.getGroupByName(group, None):
01361                 continue        # Ignore invalid groups
01362             self._doDelGroup(group)
01363 
01364 
01365 

def GroupUserFolder.GroupUserFolder._doDelUsers (   self,
  names 
) [private]
Delete one or more users. This should be implemented by subclasses
to do the actual deleting of users.
This won't delete groups !

Definition at line 1198 of file GroupUserFolder.py.

01198 
01199     def _doDelUsers(self, names):
01200         """
01201         Delete one or more users. This should be implemented by subclasses
01202         to do the actual deleting of users.
01203         This won't delete groups !
01204         """
01205         # Collect information about user sources
01206         sources = {}
01207         for name in names:
01208             usr = self.getUser(name, __include_groups__ = 0)
01209             if not usr:
01210                 continue        # Ignore invalid user names
01211             src = usr.getUserSourceId()
01212             if not sources.has_key(src):
01213                 sources[src] = []
01214             sources[src].append(name)
01215         for src, names in sources.items():
01216             self.getUserSource(src)._doDelUsers(names)
01217 
01218         # Reset the users overview batch
01219         self._v_batch_users = []
01220 

def GroupUserFolder.GroupUserFolder._getAllLocalRoles (   self,
  object 
) [private]
getAllLocalRoles(self, object): return a dictionnary {useratom_id: roles} of local
roles defined AND herited at a certain point. This will handle lr-blocking
as well.

Definition at line 1655 of file GroupUserFolder.py.

01655 
01656     def _getAllLocalRoles(self, object):
01657         """getAllLocalRoles(self, object): return a dictionnary {useratom_id: roles} of local
01658         roles defined AND herited at a certain point. This will handle lr-blocking
01659         as well.
01660         """
01661         # Modified from AccessControl.User.getRolesInContext().
01662         merged = {}
01663         object = getattr(object, 'aq_inner', object)
01664         while 1:
01665             if hasattr(object, '__ac_local_roles__'):
01666                 dict = object.__ac_local_roles__ or {}
01667                 if callable(dict): dict = dict()
01668                 for k, v in dict.items():
01669                     if not merged.has_key(k):
01670                         merged[k] = {}
01671                     for role in v:
01672                         merged[k][role] = 1
01673             if not self.isLocalRoleAcquired(object):
01674                 break
01675             if hasattr(object, 'aq_parent'):
01676                 object=object.aq_parent
01677                 object=getattr(object, 'aq_inner', object)
01678                 continue
01679             if hasattr(object, 'im_self'):
01680                 object=object.im_self
01681                 object=getattr(object, 'aq_inner', object)
01682                 continue
01683             break
01684         for key, value in merged.items():
01685             merged[key] = value.keys()
01686         return merged
01687 
01688 

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder._getLocalRolesForDisplay (   self,
  object 
) [private]
This is used for plone's local roles display
This method returns a tuple (massagedUsername, roles, userType, actualUserName)

Definition at line 1622 of file GroupUserFolder.py.

01622 
01623     def _getLocalRolesForDisplay(self, object):
01624         """This is used for plone's local roles display
01625         This method returns a tuple (massagedUsername, roles, userType, actualUserName)"""
01626         result = []
01627         local_roles = object.get_local_roles()
01628         prefix = self.getGroupPrefix()
01629         for one_user in local_roles:
01630             massagedUsername = username = one_user[0]
01631             roles = one_user[1]
01632             userType = 'user'
01633             if prefix:
01634                 if self.getGroupById(username) is not None:
01635                     massagedUsername = username[len(prefix):]
01636                     userType = 'group'
01637             else:
01638                 userType = 'unknown'
01639             result.append((massagedUsername, roles, userType, username))
01640         return tuple(result)
01641 

def GroupUserFolder.GroupUserFolder._getNextHandle (   self,
  index 
) [private]
_getNextHandle(self, index) => utility function to
get an unique handle for each legend item.

Definition at line 1900 of file GroupUserFolder.py.

01900 
01901     def _getNextHandle(self, index):
01902         """
01903         _getNextHandle(self, index) => utility function to
01904         get an unique handle for each legend item.
01905         """
01906         return "%02d" % index
01907 

_post_init(self) => meant to be called when the
                    object is in the Zope tree

Definition at line 953 of file GroupUserFolder.py.

00953 
00954     def _post_init(self):
00955         """
00956         _post_init(self) => meant to be called when the
00957                             object is in the Zope tree
00958         """
00959         uf = GRUFFolder.GRUFUsers()
00960         gf = GRUFFolder.GRUFGroups()
00961         self._setObject('Users', uf)
00962         self._setObject('Groups', gf)
00963         self.id = "acl_users"

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder._renameUserSource (   self,
  id,
  new_id 
) [private]
Rename a particular sub-object.
Taken fro CopySupport.manage_renameObject() code, modified to disable verifications.

Definition at line 2538 of file GroupUserFolder.py.

02538 
02539     def _renameUserSource(self, id, new_id, ):
02540         """
02541         Rename a particular sub-object.
02542         Taken fro CopySupport.manage_renameObject() code, modified to disable verifications.
02543         """
02544         try: self._checkId(new_id)
02545         except: raise CopyError, MessageDialog(
02546                       title='Invalid Id',
02547                       message=sys.exc_info()[1],
02548                       action ='manage_main')
        ob=self._getOb(id)
def GroupUserFolder.GroupUserFolder._updateGroup (   self,
  name,
  roles = None,
  groups = None 
) [private]
_updateGroup(self, name, roles = None, groups = None)

Front-end to _doChangeUser, but with a better default value support.
We guarantee that None values will let the underlying UF keep the original ones.
This is not true for the password: some buggy UF implementation may not
handle None password correctly but we do not care for Groups.

group name can be prefixed or not

Definition at line 1310 of file GroupUserFolder.py.

01310 
01311     def _updateGroup(self, name, roles = None, groups = None):
01312         """
01313         _updateGroup(self, name, roles = None, groups = None)
01314 
01315         Front-end to _doChangeUser, but with a better default value support.
01316         We guarantee that None values will let the underlying UF keep the original ones.
01317         This is not true for the password: some buggy UF implementation may not
01318         handle None password correctly but we do not care for Groups.
01319 
01320         group name can be prefixed or not
01321         """
01322         # Remove prefix if given
01323         if name.startswith(self.getGroupPrefix()):
01324             name = name[GROUP_PREFIX_LEN:]
01325 
01326         # Get the former values if necessary. Username must be valid !
01327         usr = self.getGroup(name, prefixed = 0)
01328         if roles is None:
01329             # Remove invalid roles and group names
01330             roles = usr._original_roles
01331             roles = filter(lambda x: not x.startswith(GROUP_PREFIX), roles)
01332             roles = filter(lambda x: x not in ('Anonymous', 'Authenticated', 'Shared'), roles)
01333         if groups is None:
01334             groups = usr.getGroups(no_recurse = 1)
01335 
01336         # Reset the users overview batch
01337         self._v_batch_users = []
01338 
01339         # Change the user
01340         return self._doChangeGroup(name, roles, groups)
01341 

def GroupUserFolder.GroupUserFolder._updateUser (   self,
  id,
  password = None,
  roles = None,
  domains = None,
  groups = None 
) [private]
_updateUser(self, id, password = None, roles = None, domains = None, groups = None)

This one should work for users AND groups.

Front-end to _doChangeUser, but with a better default value support.
We guarantee that None values will let the underlying UF keep the original ones.
This is not true for the password: some buggy UF implementation may not
handle None password correctly :-(

Definition at line 1154 of file GroupUserFolder.py.

01154 
01155     def _updateUser(self, id, password = None, roles = None, domains = None, groups = None):
01156         """
01157         _updateUser(self, id, password = None, roles = None, domains = None, groups = None)
01158 
01159         This one should work for users AND groups.
01160 
01161         Front-end to _doChangeUser, but with a better default value support.
01162         We guarantee that None values will let the underlying UF keep the original ones.
01163         This is not true for the password: some buggy UF implementation may not
01164         handle None password correctly :-(
01165         """
01166         # Get the former values if necessary. Username must be valid !
01167         usr = self.getUser(id)
01168         if roles is None:
01169             # Remove invalid roles and group names
01170             roles = usr._original_roles
01171             roles = filter(lambda x: not x.startswith(GROUP_PREFIX), roles)
01172             roles = filter(lambda x: x not in ('Anonymous', 'Authenticated', 'Shared', ''), roles)
01173         else:
01174             # Check if roles are valid
01175             roles = filter(lambda x: x not in ('Anonymous', 'Authenticated', 'Shared', ''), roles)
01176             vr = self.userFolderGetRoles()
01177             for r in roles:
01178                 if not r in vr:
01179                     raise ValueError, "Invalid or inexistant role: '%s'." % (r, )
01180         if domains is None:
01181             domains = usr._original_domains
01182         if groups is None:
01183             groups = usr.getGroups(no_recurse = 1)
01184         else:
01185             # Check if given groups are valid
01186             glist = self.getGroupNames()
01187             glist.extend(map(lambda x: "%s%s" % (GROUP_PREFIX, x), glist))
01188             for g in groups:
01189                 if not g in glist:
01190                     raise ValueError, "Invalid group: '%s'" % (g, )
01191 
01192         # Reset the users overview batch
01193         self._v_batch_users = []
01194 
01195         # Change the user
01196         return self._doChangeUser(id, password, roles, domains, groups)

def GroupUserFolder.GroupUserFolder.acquireLocalRoles (   self,
  folder,
  status,
  REQUEST = None 
)
Enable or disable local role acquisition on the specified folder.
If status is true, it will enable, else it will disable.
Note that the user _must_ have the change_permissions permission on the
folder to allow changes on it.
If you want to use this code from a product, please use _acquireLocalRoles()
instead: this private method won't check security on the destination folder.
It's usually a bad idea to use _acquireLocalRoles() directly in your product,
but, well, after all, you do what you want ! :^)

Definition at line 1559 of file GroupUserFolder.py.

01559 
01560     def acquireLocalRoles(self, folder, status, REQUEST=None):
01561         """
01562         Enable or disable local role acquisition on the specified folder.
01563         If status is true, it will enable, else it will disable.
01564         Note that the user _must_ have the change_permissions permission on the
01565         folder to allow changes on it.
01566         If you want to use this code from a product, please use _acquireLocalRoles()
01567         instead: this private method won't check security on the destination folder.
01568         It's usually a bad idea to use _acquireLocalRoles() directly in your product,
01569         but, well, after all, you do what you want ! :^)
01570         """
01571         # Perform security check on destination folder
01572         if not getSecurityManager().checkPermission(Permissions.change_permissions, folder):
01573             raise Unauthorized(name = "acquireLocalRoles")
01574 
        return self._acquireLocalRoles(folder, status)
def GroupUserFolder.GroupUserFolder.addMember (   self,
  groupid,
  userid,
  REQUEST = None 
)
Add a member to a group

Definition at line 779 of file GroupUserFolder.py.

00779 
00780     def addMember(self, groupid, userid, REQUEST=None):
00781         """Add a member to a group
00782         """
        return self.getGroup(groupid).addMember(userid)
def GroupUserFolder.GroupUserFolder.addUserSource (   self,
  factory_uri,
  REQUEST = {},
  args,
  kw 
)
addUserSource(self, factory_uri, REQUEST = {}, *args, **kw) => redirect
Adds the specified user folder

Definition at line 2345 of file GroupUserFolder.py.

02345 
02346     def addUserSource(self, factory_uri, REQUEST = {}, *args, **kw):
02347         """
02348         addUserSource(self, factory_uri, REQUEST = {}, *args, **kw) => redirect
02349         Adds the specified user folder
02350         """
02351         # Get the initial Users id
02352         ids = self.objectIds('GRUFUsers')
02353         if ids:
02354             ids.sort()
02355             if ids == ['Users',]:
02356                 last = 0
02357             else:
02358                 last = int(ids[-1][-2:])
02359             next_id = "Users%02d" % (last + 1, )
02360         else:
02361             next_id = "Users"
02362 
02363         # Add the GRUFFolder object
02364         uf = GRUFFolder.GRUFUsers(id = next_id)
02365         self._setObject(next_id, uf)

return true if luf groups are stored locally

Definition at line 2743 of file GroupUserFolder.py.

02743 
02744     def areLUFGroupsLocal(self,):
02745         """return true if luf groups are stored locally"""
02746         return hasattr(self.getLUFSource(), '_local_groups')
02747 

def GroupUserFolder.GroupUserFolder.authenticate (   self,
  name,
  password,
  request 
)
Pass the request along to the underlying user-related UserFolder
object
THIS METHOD RETURNS A USER OBJECT OR NONE, as specified in the code
in AccessControl/User.py.
We also check for inituser in there.

Definition at line 1038 of file GroupUserFolder.py.

01038 
01039     def authenticate(self, name, password, request):
01040         """
01041         Pass the request along to the underlying user-related UserFolder
01042         object
01043         THIS METHOD RETURNS A USER OBJECT OR NONE, as specified in the code
01044         in AccessControl/User.py.
01045         We also check for inituser in there.
01046         """
01047         # Emergency user checking stuff
01048         emergency = self._emergency_user
01049         if emergency and name == emergency.getUserName():
01050             if emergency.authenticate(password, request):
01051                 return emergency
01052             else:
01053                 return None
01054 
01055         # Usual GRUF authentication
01056         for src in self.listUserSources():
01057             # XXX We can imagine putting a try/except here to "ignore"
01058             # UF errors such as SQL or LDAP shutdown
01059             u = src.authenticate(name, password, request)
01060             if u:
01061                 return GRUFUser.GRUFUser(u, self, isGroup = 0, source_id = src.getUserSourceId()).__of__(self)
01062 
01063         # No acl_users in the Users folder or no user authenticated
01064         # => we refuse authentication
01065         return None
01066 
01067 
01068 

def GroupUserFolder.GroupUserFolder.changeOrCreateGroups (   self,
  groups = [],
  roles = [],
  nested_groups = [],
  new_groups = [],
  REQUEST = {} 
)
changeOrCreateGroups => affect roles to groups and/or create new groups

All parameters are strings. NO CHECKING IS DONE. This is an utility method !

Definition at line 1495 of file GroupUserFolder.py.

01495 
01496     def changeOrCreateGroups(self, groups = [], roles = [], nested_groups = [], new_groups = [], REQUEST = {}, ):
01497         """
01498         changeOrCreateGroups => affect roles to groups and/or create new groups
01499 
01500         All parameters are strings. NO CHECKING IS DONE. This is an utility method !
01501         """
01502         # Manage roles / groups deletion
01503         del_roles = 0
01504         del_groups = 0
01505         if self.reset_entry in roles:
01506             roles.remove(self.reset_entry)
01507             del_roles = 1
01508         if self.reset_entry in nested_groups:
01509             nested_groups.remove(self.reset_entry)
01510             del_groups = 1
01511         if not roles and not del_roles:
01512             roles = None                # None instead of [] to avoid deletion
01513             add_roles = []
01514         else:
01515             add_roles = roles
01516         if not nested_groups and not del_groups:
01517             nested_groups = None
01518             add_groups = []
01519         else:
01520             add_groups = nested_groups
01521 
01522         # Create brand new groups
01523         for new in new_groups:
01524             name = string.strip(new)
01525             if not name:
01526                 continue
01527             self._doAddGroup(name, roles, groups = add_groups)
01528 
01529         # Update existing groups
01530         for group in groups:
01531             self._updateGroup(group, roles = roles, groups = nested_groups)
01532 
01533         # Redirect
01534         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + "/manage_groups")
def GroupUserFolder.GroupUserFolder.changeOrCreateUsers (   self,
  users = [],
  groups = [],
  roles = [],
  new_users = [],
  default_password = '',
  REQUEST = {} 
)
changeOrCreateUsers => affect roles & groups to users and/or create new users

All parameters are strings or lists (NOT tuples !).
NO CHECKING IS DONE. This is an utility method, it's not part of the official API.

Definition at line 1407 of file GroupUserFolder.py.

01407 
01408     def changeOrCreateUsers(self, users = [], groups = [], roles = [], new_users = [], default_password = '', REQUEST = {}, ):
01409         """
01410         changeOrCreateUsers => affect roles & groups to users and/or create new users
01411 
01412         All parameters are strings or lists (NOT tuples !).
01413         NO CHECKING IS DONE. This is an utility method, it's not part of the official API.
01414         """
01415         # Manage roles / groups deletion
01416         del_roles = 0
01417         del_groups = 0
01418         if self.reset_entry in roles:
01419             roles.remove(self.reset_entry)
01420             del_roles = 1
01421         if self.reset_entry in groups:
01422             groups.remove(self.reset_entry)
01423             del_groups = 1
01424         if not roles and not del_roles:
01425             roles = None                # None instead of [] to avoid deletion
01426             add_roles = []
01427         else:
01428             add_roles = roles
01429         if not groups and not del_groups:
01430             groups = None
01431             add_groups = []
01432         else:
01433             add_groups = groups
01434 
01435         # Passwords management
01436         passwords_list = []
01437 
01438         # Create brand new users
01439         for new in new_users:
01440             # Strip name
01441             name = string.strip(new)
01442             if not name:
01443                 continue
01444 
01445             # Avoid erasing former users
01446             if name in map(lambda x: x.getId(), self.getUsers()):
01447                 continue
01448 
01449             # Use default password or generate a random one
01450             if default_password:
01451                 password = default_password
01452             else:
01453                 password = ""
01454                 for x in range(0, 8):  # Password will be 8 chars long
01455                     password = "%s%s" % (password, random.choice("ABCDEFGHJKMNPQRSTUVWXYZabcdefghijkmnpqrstuvwxyz23456789"), )
01456             self._doAddUser(name, password, add_roles, (), add_groups, )
01457 
01458             # Store the newly created password
01459             passwords_list.append({'name':name, 'password':password})
01460 
01461         # Update existing users
01462         for user in users:
01463             self._updateUser(id = user, groups = groups, roles = roles, )
01464 
01465         # Web request
01466         if REQUEST.has_key('RESPONSE'):
01467             # Redirect if no users have been created
01468             if not passwords_list:
01469                 return REQUEST.RESPONSE.redirect(self.absolute_url() + "/manage_users")
01470 
01471             # Show passwords form
01472             else:
01473                 REQUEST.set('USER_PASSWORDS', passwords_list)
01474                 return self.manage_newusers(None, self)
01475 
01476         # Simply return the list of created passwords
        return passwords_list
def GroupUserFolder.GroupUserFolder.changeUser (   self,
  user,
  groups = [],
  roles = [],
  REQUEST = {} 
)
changeUser(self, user, groups = [], roles = [], REQUEST = {}, ) => used in ZMI

Definition at line 1383 of file GroupUserFolder.py.

01383 
01384     def changeUser(self, user, groups = [], roles = [], REQUEST = {}, ):
01385         """
01386         changeUser(self, user, groups = [], roles = [], REQUEST = {}, ) => used in ZMI
01387         """
01388         obj = self.getUser(user)
01389         if obj.isGroup():
01390             self._updateGroup(name = user, groups = groups, roles = roles, )
01391         else:
01392             self._updateUser(id = user, groups = groups, roles = roles, )
01393 
01394 
01395         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + "/" + obj.getId() + "/manage_workspace?FORCE_USER=1")
def GroupUserFolder.GroupUserFolder.computeSecuritySettings (   self,
  folders,
  actors,
  permissions,
  cache = {} 
)
computeSecuritySettings(self, folders, actors, permissions, cache = {}) => return a structure that is suitable for security audit Page Template.

- folders is the structure returned by getSiteTree()
- actors is the structure returned by listUsersAndRoles()
- permissions is ((id: permission), (id: permission), ...)
- cache is passed along requests to make computing faster

Definition at line 1805 of file GroupUserFolder.py.

01805 
01806     def computeSecuritySettings(self, folders, actors, permissions, cache = {}):
01807         """
01808         computeSecuritySettings(self, folders, actors, permissions, cache = {}) => return a structure that is suitable for security audit Page Template.
01809 
01810         - folders is the structure returned by getSiteTree()
01811         - actors is the structure returned by listUsersAndRoles()
01812         - permissions is ((id: permission), (id: permission), ...)
01813         - cache is passed along requests to make computing faster
01814         """
01815         # Scan folders and actors to get the relevant information
01816         usr_cache = {}
01817         for id, depth, path in folders:
01818             folder = self.unrestrictedTraverse(path)
01819             for kind, actor, display, handle, html in actors:
01820                 if kind in ("user", "group"):
01821                     # Init structure
01822                     if not cache.has_key(path):
01823                         cache[path] = {(kind, actor): {}}
01824                     elif not cache[path].has_key((kind, actor)):
01825                         cache[path][(kind, actor)] = {}
01826                     else:
01827                         cache[path][(kind, actor)] = {}
01828 
01829                     # Split kind into groups and get individual role information
01830                     perm_keys = []
01831                     usr = usr_cache.get(actor)
01832                     if not usr:
01833                         usr = self.getUser(actor)
01834                         usr_cache[actor] = usr
01835                     roles = usr.getRolesInContext(folder,)
01836                     for role in roles:
01837                         for perm_key in self.computeSetting(path, folder, role, permissions, cache).keys():
01838                             cache[path][(kind, actor)][perm_key] = 1
01839 
01840                 else:
01841                     # Get role information
01842                     self.computeSetting(path, folder, actor, permissions, cache)
01843 
01844         # Return the computed cache
01845         return cache
01846 

def GroupUserFolder.GroupUserFolder.computeSetting (   self,
  path,
  folder,
  actor,
  permissions,
  cache 
)
computeSetting(......) => used by computeSecuritySettings to populate the cache for ROLES

Definition at line 1848 of file GroupUserFolder.py.

01848 
01849     def computeSetting(self, path, folder, actor, permissions, cache):
01850         """
01851         computeSetting(......) => used by computeSecuritySettings to populate the cache for ROLES
01852         """
01853         # Avoid doing things twice
01854         kind = "role"
01855         if cache.get(path, {}).get((kind, actor), None) is not None:
01856             return cache[path][(kind, actor)]
01857 
01858         # Initilize cache structure
01859         if not cache.has_key(path):
01860             cache[path] = {(kind, actor): {}}
01861         elif not cache[path].has_key((kind, actor)):
01862             cache[path][(kind, actor)] = {}
01863 
01864         # Analyze permission settings
01865         ps = folder.permission_settings()
01866         for perm_key, permission in permissions:
01867             # Check acquisition of permission setting.
01868             can = 0
01869             acquired = 0
01870             for p in ps:
01871                 if p['name'] == permission:
01872                     acquired = not not p['acquire']
01873 
01874             # If acquired, call the parent recursively
01875             if acquired:
01876                 parent = folder.aq_parent.getPhysicalPath()
01877                 perms = self.computeSetting(parent, self.unrestrictedTraverse(parent), actor, permissions, cache)
01878                 can = perms.get(perm_key, None)
01879 
01880             # Else, check permission here
01881             else:
01882                 for p in folder.rolesOfPermission(permission):
01883                     if p['name'] == "Anonymous":
01884                         # If anonymous is allowed, then everyone is allowed
01885                         if p['selected']:
01886                             can = 1
01887                             break
01888                     if p['name'] == actor:
01889                         if p['selected']:
01890                             can = 1
01891                             break
01892 
01893             # Extend the data structure according to 'can' setting
01894             if can:
01895                 cache[path][(kind, actor)][perm_key] = 1
01896 
01897         return cache[path][(kind, actor)]
01898 

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder.deleteGroups (   self,
  groups = [],
  REQUEST = {} 
)
deleteGroups => explicit

All parameters are strings. NO CHECKING IS DONE. This is an utility method !

Definition at line 1538 of file GroupUserFolder.py.

01538 
01539     def deleteGroups(self, groups = [], REQUEST = {}):
01540         """
01541         deleteGroups => explicit
01542 
01543         All parameters are strings. NO CHECKING IS DONE. This is an utility method !
01544         """
01545         # Delete groups
01546         for group in groups:
01547             self._doDelGroup(group, )
01548 
01549         # Redirect
01550         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + "/manage_groups")
def GroupUserFolder.GroupUserFolder.deleteUser (   self,
  user,
  REQUEST = {} 
)
deleteUser(self, user, REQUEST = {}, ) => used in ZMI

Definition at line 1399 of file GroupUserFolder.py.

01399 
01400     def deleteUser(self, user, REQUEST = {}, ):
01401         """
01402         deleteUser(self, user, REQUEST = {}, ) => used in ZMI
01403         """
        pass
def GroupUserFolder.GroupUserFolder.deleteUsers (   self,
  users = [],
  REQUEST = {} 
)
deleteUsers => explicit

All parameters are strings. NO CHECKING IS DONE. This is an utility method !

Definition at line 1480 of file GroupUserFolder.py.

01480 
01481     def deleteUsers(self, users = [], REQUEST = {}):
01482         """
01483         deleteUsers => explicit
01484 
01485         All parameters are strings. NO CHECKING IS DONE. This is an utility method !
01486         """
01487         # Delete them
01488         self._doDelUsers(users, )
01489 
01490         # Redirect
01491         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + "/manage_users")
def GroupUserFolder.GroupUserFolder.deleteUserSource (   self,
  id = None,
  REQUEST = {} 
)
deleteUserSource(self, id = None, REQUEST = {}) => Delete the specified user source

Definition at line 2378 of file GroupUserFolder.py.

02378 
02379     def deleteUserSource(self, id = None, REQUEST = {}):
02380         """
02381         deleteUserSource(self, id = None, REQUEST = {}) => Delete the specified user source
02382         """
02383         # Check the source id
02384         if type(id) != type('s'):
02385             raise ValueError, "You must choose a valid source to delete and confirm it."
02386 
02387         # Delete it
02388         self.manage_delObjects([id,])
02389         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + '/manage_GRUFSources')
getAllLocalRoles(self, object): return a dictionnary {useratom_id: roles} of local
roles defined AND herited at a certain point. This will handle lr-blocking
as well.

Definition at line 1643 of file GroupUserFolder.py.

01643 
01644     def getAllLocalRoles(self, object):
01645         """getAllLocalRoles(self, object): return a dictionnary {useratom_id: roles} of local
01646         roles defined AND herited at a certain point. This will handle lr-blocking
01647         as well.
01648         """
01649         # Perform security check on destination object
01650         if not getSecurityManager().checkPermission(Permissions.change_permissions, object):
01651             raise Unauthorized(name = "getAllLocalRoles")
01652 
01653         return self._getAllLocalRoles(object)
01654 

getDefaultPermissions(self,) => return default R & W permissions for security audit.

Definition at line 1996 of file GroupUserFolder.py.

01996 
01997     def getDefaultPermissions(self,):
01998         """
01999         getDefaultPermissions(self,) => return default R & W permissions for security audit.
02000         """
02001         # If there's a Plone site in the above folder, use plonish permissions
02002         hasPlone = 0
02003         p = self.aq_parent
02004         if p.meta_type == "CMF Site":
02005             hasPlone = 1
02006         else:
02007             for obj in p.objectValues():
02008                 if obj.meta_type == "CMF Site":
02009                     hasPlone = 1
02010                     break
02011 
02012         if hasPlone:
02013             return {'R': 'View',
02014                     'W': 'Modify portal content',
02015                     }
02016         else:
02017             return {'R': 'View',
02018                     'W': 'Change Images and Files',
02019                     }
02020 

getDefaultUserSource(self,) => acl_users object
Return default user source for user writing.
XXX By now, the FIRST source is the default one. This may change in the future.

Definition at line 2393 of file GroupUserFolder.py.

02393 
02394     def getDefaultUserSource(self,):
02395         """
02396         getDefaultUserSource(self,) => acl_users object
02397         Return default user source for user writing.
02398         XXX By now, the FIRST source is the default one. This may change in the future.
02399         """
02400         lst = self.listUserSources()
02401         if not lst:
02402             raise RuntimeError, "No valid User Source to add users in."
02403         return lst[0]
02404 

def GroupUserFolder.GroupUserFolder.getGroup (   self,
  name,
  prefixed = 1 
)
Return the named user object or None

Definition at line 425 of file GroupUserFolder.py.

00425 
00426     def getGroup(self, name, prefixed = 1):
00427         """Return the named user object or None"""
00428         # Performance tricks
00429         if not name:
00430             return None
00431 
00432         # Unprefix group name
00433         if not name.startswith(GROUP_PREFIX):
00434             name = "%s%s" % (GROUP_PREFIX, name, )
00435 
00436         # Fetch it
00437         return self.getUser(name, __include_users__ = 0)

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.getGroupById (   self,
  id,
  default = _marker 
)
Same as getUserById(id) but forces returning a group.

Definition at line 439 of file GroupUserFolder.py.

00439 
00440     def getGroupById(self, id, default = _marker):
00441         """Same as getUserById(id) but forces returning a group.
00442         """
00443         ret = self.getUser(id, __include_users__ = 0, __force_group_id__ = 1)
00444         if not ret:
00445             if default is _marker:
00446                 return None
00447             ret = default
00448         return ret

def GroupUserFolder.GroupUserFolder.getGroupByName (   self,
  name,
  default = _marker 
)
Same as getUserByName(name) but forces returning a group.

Definition at line 450 of file GroupUserFolder.py.

00450 
00451     def getGroupByName(self, name, default = _marker):
00452         """Same as getUserByName(name) but forces returning a group.
00453         """
00454         ret = self.getUser(name, __include_users__ = 0, __force_group_id__ = 0)
00455         if not ret:
00456             if default is _marker:
00457                 return None
00458             ret = default
00459         return ret
00460 
00461 

Here is the caller graph for this function:

Same as getUserNames() but without pure users.

Definition at line 413 of file GroupUserFolder.py.

00413 
00414     def getGroupIds(self, ):
00415         """Same as getUserNames() but without pure users.
00416         """
00417         return self.getUserNames(__include_users__ = 0, __groups_prefixed__ = 1)

Return the list of member ids (groups and users) in this group
XXX THIS MAY BE VERY EXPENSIVE !

Definition at line 808 of file GroupUserFolder.py.

00808 
00809     def getGroupMemberIds(self, groupid):
00810         """Return the list of member ids (groups and users) in this group
00811         XXX THIS MAY BE VERY EXPENSIVE !
00812         """
00813         return self.getGroup(groupid).getGroupMemberIds()

Same as getUserNames() but without pure users.

Definition at line 407 of file GroupUserFolder.py.

00407 
00408     def getGroupNames(self, ):
00409         """Same as getUserNames() but without pure users.
00410         """
00411         return self.getUserNames(__include_users__ = 0, __groups_prefixed__ = 0)

Here is the caller graph for this function:

group prefix 

Definition at line 988 of file GroupUserFolder.py.

00988 
00989     def getGroupPrefix(self):
00990         """ group prefix """
00991         return GROUP_PREFIX

Same as getUsers() but without pure users.

Definition at line 419 of file GroupUserFolder.py.

00419 
00420     def getGroups(self):
00421         """Same as getUsers() but without pure users.
00422         """
00423         return self.getUsers(__include_users__ = 0)

Here is the caller graph for this function:

Alias to self.getId()

Definition at line 999 of file GroupUserFolder.py.

00999 
01000     def getGRUFId(self,):
01001         """
01002         Alias to self.getId()
01003         """
01004         return self.getId()

Definition at line 993 of file GroupUserFolder.py.

00993 
00994     def getGRUFPhysicalRoot(self,):
00995         # $$$ trick meant to be used within
00996         # fake_getPhysicalRoot (see __init__)
00997         return self.getPhysicalRoot()

getGRUFVersion(self,) => Return human-readable GRUF version as a string.

Definition at line 1372 of file GroupUserFolder.py.

01372 
01373     def getGRUFVersion(self,):
01374         """
01375         getGRUFVersion(self,) => Return human-readable GRUF version as a string.
01376         """
01377         rev_date = "$Date: 2007-04-01 17:13:44 +0200 (dim, 01 avr 2007) $"[7:-2]
01378         return "%s / Revised %s" % (version__, rev_date)
01379 

return true if LUF mapping looks good

Definition at line 2706 of file GroupUserFolder.py.

02706 
02707     def getInvalidMappings(self,):
02708         """
02709         return true if LUF mapping looks good
02710         """
02711         wrong = []
02712         grufs = []
02713         for gruf, ldap in self.listLDAPUserFolderMapping():
02714             if gruf and ldap:
02715                 continue
02716             if not gruf:
02717                 continue
02718             if gruf.startswith('group_'):
02719                 gruf = gruf[len('group_'):]
02720             grufs.append(gruf)
02721         for gruf, ldap in self.listLDAPUserFolderMapping():
02722             if gruf and ldap:
02723                 continue
02724             if not ldap:
02725                 continue
02726             if ldap.startswith('group_'):
02727                 ldap = ldap[len('group_'):]
02728             if ldap in grufs:
02729                 wrong.append(ldap)
02730 
02731         return wrong

This is used for plone's local roles display
This method returns a tuple (massagedUsername, roles, userType, actualUserName).
This method is protected by the 'Manage properties' permission. We may
change that if it's too permissive...

Definition at line 1611 of file GroupUserFolder.py.

01611 
01612     def getLocalRolesForDisplay(self, object):
01613         """This is used for plone's local roles display
01614         This method returns a tuple (massagedUsername, roles, userType, actualUserName).
01615         This method is protected by the 'Manage properties' permission. We may
01616         change that if it's too permissive..."""
01617         # Perform security check on destination object
01618         if not getSecurityManager().checkPermission(Permissions.manage_properties, object):
01619             raise Unauthorized(name = "getLocalRolesForDisplay")
01620 
01621         return self._getLocalRolesForDisplay(object)

getLUFSource(self,) => Helper to get a pointer to the LUF src.
Return None if not available

Definition at line 2733 of file GroupUserFolder.py.

02733 
02734     def getLUFSource(self,):
02735         """
02736         getLUFSource(self,) => Helper to get a pointer to the LUF src.
02737         Return None if not available
02738         """
02739         for src in self.listUserSources():
02740             if src.meta_type == "LDAPUserFolder":
02741                 return src

def GroupUserFolder.GroupUserFolder.getMemberIds (   self,
  groupid 
)
Return the list of member ids (groups and users) in this group

Definition at line 793 of file GroupUserFolder.py.

00793 
00794     def getMemberIds(self, groupid):
00795         """Return the list of member ids (groups and users) in this group
00796         """
00797         m = self.getGroup(groupid)
00798         if not m:
00799             raise ValueError, "Invalid group: '%s'" % groupid
00800         return self.getGroup(groupid).getMemberIds()

Here is the caller graph for this function:

getPloneSecurityMatrix(self, object): return a list of dicts of the current object
and all its parents. The list is sorted with portal object first.
Each dict has the following structure:
{
  depth: (0 for portal root, 1 for 1st-level folders and so on),
  id:
  title:
  icon:
  absolute_url:
  security_permission: true if current user can change security on this object
  state: (workflow state)
  acquired_local_roles: 0 if local role blocking is enabled for this folder
  roles: {
    'role1': {
      'all_local_roles': [r1, r2, r3, ] (all defined local roles, including parent ones)
      'defined_local_roles': [r3, ] (local-defined only local roles)
      'permissions': ['Access contents information', 'Modify portal content', ] (only a subset)
      'same_permissions': true if same permissions as the parent
      'same_all_local_roles': true if all_local_roles is the same as the parent
      'same_defined_local_roles': true if defined_local_roles is the same as the parent
      },
    'role2': {...},
    },
}

Definition at line 1691 of file GroupUserFolder.py.

01691 
01692     def getPloneSecurityMatrix(self, object):
01693         """getPloneSecurityMatrix(self, object): return a list of dicts of the current object
01694         and all its parents. The list is sorted with portal object first.
01695         Each dict has the following structure:
01696         {
01697           depth: (0 for portal root, 1 for 1st-level folders and so on),
01698           id:
01699           title:
01700           icon:
01701           absolute_url:
01702           security_permission: true if current user can change security on this object
01703           state: (workflow state)
01704           acquired_local_roles: 0 if local role blocking is enabled for this folder
01705           roles: {
01706             'role1': {
01707               'all_local_roles': [r1, r2, r3, ] (all defined local roles, including parent ones)
01708               'defined_local_roles': [r3, ] (local-defined only local roles)
01709               'permissions': ['Access contents information', 'Modify portal content', ] (only a subset)
01710               'same_permissions': true if same permissions as the parent
01711               'same_all_local_roles': true if all_local_roles is the same as the parent
01712               'same_defined_local_roles': true if defined_local_roles is the same as the parent
01713               },
01714             'role2': {...},
01715             },
01716         }
01717         """
01718         # Perform security check on destination object
01719         if not getSecurityManager().checkPermission(Permissions.access_contents_information, object):
01720             raise Unauthorized(name = "getPloneSecurityMatrix")
01721 
01722         # Basic inits
01723         mt = self.portal_membership
01724 
01725         # Fetch all possible roles in the portal
01726         all_roles = ['Anonymous'] + mt.getPortalRoles()
01727 
01728         # Fetch parent folders list until the portal
01729         all_objects = []
01730         cur_object = object
01731         while 1:
01732             if not getSecurityManager().checkPermission(Permissions.access_contents_information, cur_object):
01733                 raise Unauthorized(name = "getPloneSecurityMatrix")
01734             all_objects.append(cur_object)
01735             if cur_object.meta_type == "Plone Site":
01736                 break
01737             cur_object = object.aq_parent
01738         all_objects.reverse()
01739 
01740         # Scan those folders to get all the required information about them
01741         ret = []
01742         previous = None
01743         count = 0
01744         for obj in all_objects:
01745             # Basic information
01746             current = {
01747                 "depth": count,
01748                 "id": obj.getId(),
01749                 "title": obj.Title(),
01750                 "icon": obj.getIcon(),
01751                 "absolute_url": obj.absolute_url(),
01752                 "security_permission": getSecurityManager().checkPermission(Permissions.change_permissions, obj),
01753                 "acquired_local_roles": self.isLocalRoleAcquired(obj),
01754                 "roles": {},
01755                 "state": "XXX TODO XXX",         # XXX TODO
01756                 }
01757             count += 1
01758 
01759             # Workflow state
01760             # XXX TODO
01761 
01762             # Roles
01763             all_local_roles = {}
01764             local_roles = self._getAllLocalRoles(obj)
01765             for user, roles in self._getAllLocalRoles(obj).items():
01766                 for role in roles:
01767                     if not all_local_roles.has_key(role):
01768                         all_local_roles[role] = {}
01769                     all_local_roles[role][user] = 1
01770             defined_local_roles = {}
01771             if hasattr(obj.aq_base, 'get_local_roles'):
01772                 for user, roles in obj.get_local_roles():
01773                     for role in roles:
01774                         if not defined_local_roles.has_key(role):
01775                             defined_local_roles[role] = {}
01776                         defined_local_roles[role][user] = 1
01777 
01778             for role in all_roles:
01779                 all = all_local_roles.get(role, {}).keys()
01780                 defined = defined_local_roles.get(role, {}).keys()
01781                 all.sort()
01782                 defined.sort()
01783                 same_all_local_roles = 0
01784                 same_defined_local_roles = 0
01785                 if previous:
01786                     if previous['roles'][role]['all_local_roles'] == all:
01787                         same_all_local_roles = 1
01788                     if previous['roles'][role]['defined_local_roles'] == defined:
01789                         same_defined_local_roles = 1
01790 
01791                 current['roles'][role] = {
01792                     "all_local_roles": all,
01793                     "defined_local_roles": defined,
01794                     "same_all_local_roles": same_all_local_roles,
01795                     "same_defined_local_roles": same_defined_local_roles,
01796                     "permissions": [],  # XXX TODO
01797                     }
01798 
01799             ret.append(current)
01800             previous = current
01801 
01802         return ret
01803 

Return the named user object or None

Definition at line 396 of file GroupUserFolder.py.

00396 
00397     def getPureUser(self, id, ):
00398         """Return the named user object or None"""
00399         # Performance tricks
00400         if not id:
00401             return None
00402 
00403         # Fetch it
00404         return self.getUser(id, __include_groups__ = 0)
00405 

Same as getUserIds() but without groups

Definition at line 384 of file GroupUserFolder.py.

00384 
00385     def getPureUserIds(self,):
00386         """Same as getUserIds() but without groups
00387         """
00388         return self.getUserNames(__include_groups__ = 0)

Fetch the list of actual users from GRUFUsers.

Definition at line 377 of file GroupUserFolder.py.

00377 
00378     def getPureUserNames(self, ):
00379         """Fetch the list of actual users from GRUFUsers.
00380         """
00381         return self.getUserNames(__include_groups__ = 0)
00382 

Return a list of pure user objects.

Definition at line 390 of file GroupUserFolder.py.

00390 
00391     def getPureUsers(self):
00392         """Return a list of pure user objects.
00393         """
00394         return self.getUsers(__include_groups__ = 0)

def GroupUserFolder.GroupUserFolder.getRolesOfUser (   self,
  userid 
)
Alias for user.getRoles()

Definition at line 723 of file GroupUserFolder.py.

00723 
00724     def getRolesOfUser(self, userid):
00725         """Alias for user.getRoles()
00726         """
00727         return self.getUserById(userid).getRoles()

def GroupUserFolder.GroupUserFolder.getSiteTree (   self,
  obj = None,
  depth = 0 
)
getSiteTree(self, obj=None, depth=0) => special structure

This is used by the security audit page

Definition at line 1954 of file GroupUserFolder.py.

01954 
01955     def getSiteTree(self, obj=None, depth=0):
01956         """
01957         getSiteTree(self, obj=None, depth=0) => special structure
01958 
01959         This is used by the security audit page
01960         """
01961         ret = []
01962         if not obj:
01963             if depth==0:
01964                 obj = self.aq_parent
01965             else:
01966                 return ret
01967 
01968         ret.append([obj.getId(), depth, string.join(obj.getPhysicalPath(), '/')])
01969         for sub in obj.objectValues():
01970             try:
01971                 # Ignore user folders
01972                 if sub.getId() in ('acl_users', ):
01973                     continue
01974 
01975                 # Ignore portal_* stuff
01976                 if sub.getId()[:len('portal_')] == 'portal_':
01977                     continue
01978 
01979                 if sub.isPrincipiaFolderish:
01980                     ret.extend(self.getSiteTree(sub, depth + 1))
01981 
01982             except:
01983                 # We ignore exceptions
01984                 pass
01985 
01986         return ret

def GroupUserFolder.GroupUserFolder.getTreeInfo (   self,
  usr,
  dict = {} 
)

Definition at line 2028 of file GroupUserFolder.py.

02028 
02029     def getTreeInfo(self, usr, dict = {}):
02030         "utility method"
02031         # Prevend infinite recursions
02032         name = usr.getUserName()
02033         if dict.has_key(name):
02034             return
02035         dict[name] = {}
02036 
02037         # Properties
02038         noprefix = usr.getUserNameWithoutGroupPrefix()
02039         is_group = usr.isGroup()
02040         if usr.isGroup():
            icon = string.join(self.getPhysicalPath(), '/') + '/img_group'
getUnwrappedGroup(self, name) => user object or None

Same as getUnwrappedUser but for groups.

Definition at line 1025 of file GroupUserFolder.py.

01025 
01026     def getUnwrappedGroup(self, name):
01027         """
01028         getUnwrappedGroup(self, name) => user object or None
01029 
01030         Same as getUnwrappedUser but for groups.
01031         """
01032         return self.Groups.acl_users.getUser(name)

getUnwrappedUser(self, name) => user object or None

This method is used to get a User object directly from the User's
folder acl_users, without wrapping it with group information.

This is useful for UserFolders that define additional User classes,
when you want to call specific methods on these user objects.

For example, LDAPUserFolder defines a 'getProperty' method that's
not inherited from the standard User object. You can, then, use
the getUnwrappedUser() to get the matching user and call this
method.

Definition at line 1006 of file GroupUserFolder.py.

01006 
01007     def getUnwrappedUser(self, name):
01008         """
01009         getUnwrappedUser(self, name) => user object or None
01010 
01011         This method is used to get a User object directly from the User's
01012         folder acl_users, without wrapping it with group information.
01013 
01014         This is useful for UserFolders that define additional User classes,
01015         when you want to call specific methods on these user objects.
01016 
01017         For example, LDAPUserFolder defines a 'getProperty' method that's
01018         not inherited from the standard User object. You can, then, use
01019         the getUnwrappedUser() to get the matching user and call this
01020         method.
01021         """
01022         src_id = self.getUser(name).getUserSourceId()
01023         return self.getUserSource(src_id).getUser(name)

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder.getUser (   self,
  name,
  __include_users__ = 1,
  __include_groups__ = 1,
  __force_group_id__ = 0 
)
Return the named user object or None.
User have precedence over group.
If name is None, getUser() will return None.

Definition at line 302 of file GroupUserFolder.py.

00302 
00303     def getUser(self, name, __include_users__ = 1, __include_groups__ = 1, __force_group_id__ = 0):
00304         """
00305         Return the named user object or None.
00306         User have precedence over group.
00307         If name is None, getUser() will return None.
00308         """
00309         # Basic check
00310         if name is None:
00311             return None
00312 
00313         # Prevent infinite recursion when instanciating a GRUF
00314         # without having sub-acl_users set
00315         if not "acl_users" in self._getOb('Groups').objectIds():
00316             return None
00317 
00318         # Fetch groups first (then the user must be prefixed by 'group_' prefix)
00319         if __include_groups__ and name.startswith(GROUP_PREFIX):
00320             id = name[GROUP_PREFIX_LEN:]
00321 
00322             # Fetch regular groups
00323             u = self._getOb('Groups')._getGroup(id)
00324             if u:
00325                 ret = GRUFUser.GRUFGroup(
00326                     u, self, isGroup = 1, source_id = "Groups"
00327                     ).__of__(self)
00328                 return ret              # XXX This violates precedence
00329 
00330         # Fetch users then
00331         if __include_users__:
00332             for src in self.listUserSources():
00333                 u = src.getUser(name)
00334                 if u:
00335                     ret = GRUFUser.GRUFUser(u, self, source_id = src.getUserSourceId(), isGroup = 0).__of__(self)
00336                     return ret
00337 
00338         # Then desperatly try to fetch groups (without beeing prefixed by 'group_' prefix)
00339         if __include_groups__ and (not __force_group_id__):
00340             u = self._getOb('Groups')._getGroup(name)
00341             if u:
00342                 ret = GRUFUser.GRUFGroup(u, self, isGroup = 1, source_id = "Groups").__of__(self)
00343                 return ret
00344 
00345         return None
00346 

Here is the call graph for this function:

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.getUserById (   self,
  id,
  default = _marker 
)
Return the user atom corresponding to the given id. Can return groups.

Definition at line 348 of file GroupUserFolder.py.

00348 
00349     def getUserById(self, id, default=_marker):
00350         """Return the user atom corresponding to the given id. Can return groups.
00351         """
00352         ret = self.getUser(id, __force_group_id__ = 1)
00353         if not ret:
00354             if default is _marker:
00355                 return None
00356             ret = default
00357         return ret
00358 

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.getUserByName (   self,
  name,
  default = _marker 
)
Same as getUser() but works with a name instead of an id.
[NOTA: Theorically, the id is a handle, while the name is the actual login name.
But difference between a user id and a user name is unsignificant in
all current User Folder implementations... except for GROUPS.]

Definition at line 360 of file GroupUserFolder.py.

00360 
00361     def getUserByName(self, name, default=_marker):
00362         """Same as getUser() but works with a name instead of an id.
00363         [NOTA: Theorically, the id is a handle, while the name is the actual login name.
00364         But difference between a user id and a user name is unsignificant in
00365         all current User Folder implementations... except for GROUPS.]
00366         """
00367         # Try to fetch a user first
00368         usr = self.getUser(name)
00369 
00370         # If not found, try to fetch a group by appending the prefix
00371         if not usr:
00372             name = "%s%s" % (GROUP_PREFIX, name)
00373             usr = self.getUserById(name, default)
00374 
00375         return usr

Return a list of all possible user atom ids in the system.
WARNING: Please see the id Vs. name consideration at the
top of this document. So, groups will be returned
WITH their prefix by this method
[NOTA: This method is time-expensive !]

Definition at line 238 of file GroupUserFolder.py.

00238 
00239     def getUserIds(self,):
00240         """
00241         Return a list of all possible user atom ids in the system.
00242         WARNING: Please see the id Vs. name consideration at the
00243         top of this document. So, groups will be returned
00244         WITH their prefix by this method
00245         [NOTA: This method is time-expensive !]
00246         """
00247         return self.getUserNames(__groups_prefixed__ = 1)

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.getUserMemberIds (   self,
  groupid 
)
Return the list of member ids (groups and users) in this group

Definition at line 802 of file GroupUserFolder.py.

00802 
00803     def getUserMemberIds(self, groupid):
00804         """Return the list of member ids (groups and users) in this group
00805         """
00806         return self.getGroup(groupid).getUserMemberIds()

def GroupUserFolder.GroupUserFolder.getUserNames (   self,
  __include_groups__ = 1,
  __include_users__ = 1,
  __groups_prefixed__ = 0 
)
Return a list of all possible user atom names in the system.
Groups will be returned WITHOUT their prefix by this method.
So, there might be a collision between a user name and a group name.
[NOTA: This method is time-expensive !]

Definition at line 202 of file GroupUserFolder.py.

00202 
00203     def getUserNames(self, __include_groups__ = 1, __include_users__ = 1, __groups_prefixed__ = 0):
00204         """
00205         Return a list of all possible user atom names in the system.
00206         Groups will be returned WITHOUT their prefix by this method.
00207         So, there might be a collision between a user name and a group name.
00208         [NOTA: This method is time-expensive !]
00209         """
00210         if __include_users__:
00211             LogCallStack(LOG_DEBUG, "This call can be VERY expensive!")
00212         names = []
00213         ldap_sources = []
00214 
00215         # Fetch users in user sources
00216         if __include_users__:
00217             for src in self.listUserSources():
00218                 names.extend(src.getUserNames())
00219 
00220         # Append groups if possible
00221         if __include_groups__:
00222             # Regular groups
00223             if "acl_users" in self._getOb('Groups').objectIds():
00224                 names.extend(self.Groups.listGroups(prefixed = __groups_prefixed__))
00225 
00226             # LDAP groups
00227             for ldapuf in ldap_sources:
00228                 if ldapuf._local_groups:
00229                     continue
00230                 for g in ldapuf.getGroups(attr = LDAP_GROUP_RDN):
00231                     if __groups_prefixed__:
00232                         names.append("%s%s" % (GROUP_PREFIX, g))
00233                     else:
00234                         names.append(g)
00235         # Return a list of unique names
00236         return unique(names, _list = 1)

Here is the call graph for this function:

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.getUsers (   self,
  __include_groups__ = 1,
  __include_users__ = 1 
)
Return a list of user and group objects.
In case of some UF implementations, the returned object may only be a subset
of all possible users.
In other words, you CANNOT assert that len(getUsers()) equals len(getUserNames()).
With cache-support UserFolders, such as LDAPUserFolder, the getUser() method will
return only cached user objects instead of fetching all possible users.

Definition at line 249 of file GroupUserFolder.py.

00249 
00250     def getUsers(self, __include_groups__ = 1, __include_users__ = 1):
00251         """Return a list of user and group objects.
00252         In case of some UF implementations, the returned object may only be a subset
00253         of all possible users.
00254         In other words, you CANNOT assert that len(getUsers()) equals len(getUserNames()).
00255         With cache-support UserFolders, such as LDAPUserFolder, the getUser() method will
00256         return only cached user objects instead of fetching all possible users.
00257         """
00258         Log(LOG_DEBUG, "getUsers")
00259         ret = []
00260         names_set = {}
00261 
00262         # avoid too many lookups for 'has_key' in loops
00263         isUserProcessed = names_set.has_key
00264 
00265         # Fetch groups first (then the user must be
00266         # prefixed by 'group_' prefix)
00267         if __include_groups__:
00268             # Fetch regular groups
00269             for u in self._getOb('Groups').acl_users.getUsers():
00270                 if not u:
00271                     continue        # Ignore empty users
00272 
00273                 name = u.getId()
00274                 if isUserProcessed(name):
00275                     continue        # Prevent double users inclusion
00276 
00277                 # Append group
00278                 names_set[name] = True
00279                 ret.append(
00280                     GRUFUser.GRUFGroup(u, self, isGroup = 1, source_id = "Groups").__of__(self)
00281                     )
00282 
00283         # Fetch users then
00284         if __include_users__:
00285             for src in self.listUserSources():
00286                 for u in src.getUsers():
00287                     if not u:
00288                         continue        # Ignore empty users
00289 
00290                     name = u.getId()
00291                     if isUserProcessed(name):
00292                         continue        # Prevent double users inclusion
00293 
00294                     # Append user
00295                     names_set[name] = True
00296                     ret.append(
00297                         GRUFUser.GRUFUser(u, self, source_id = src.getUserSourceId(), isGroup = 0).__of__(self)
00298                         )
00299 
00300         return tuple(ret)

Here is the call graph for this function:

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.getUsersBatch (   self,
  start 
)
getUsersBatch(self, start) => user list

Definition at line 2237 of file GroupUserFolder.py.

02237 
02238     def getUsersBatch(self, start):
02239         """
02240         getUsersBatch(self, start) => user list
02241         """
02242         # Rebuild the list if necessary
02243         if not self._v_batch_users:
02244             un = map(lambda x: x.getId(), self.getPureUsers())
02245             self._v_batch_users = un
02246 
02247         # Return the batch
02248         end = start + MAX_USERS_PER_PAGE
02249         ids = self._v_batch_users[start:end]
02250         ret = []
02251         for id in ids:
02252             usr = self.getUser(id)
02253             if usr:                     # Prevent adding invalid users
02254                 ret.append(usr)
02255         return ret
02256 

def GroupUserFolder.GroupUserFolder.getUsersOfRole (   self,
  role,
  object = None 
)

def setUsersOfRole(self, usernames, role): """Sets the users of a role.

    XXX THIS METHOD SEEMS TO BE SEAMLESS.
    """
    raise NotImplementedError, "Not implemented."  @verbatim Gets the user (and group) ids having the specified role...

...on the specified Zope object if it's not None ...on their own information if the object is None. NOTA: THIS METHOD IS VERY EXPENSIVE. XXX PERFORMANCES HAVE TO BE IMPROVED

Definition at line 709 of file GroupUserFolder.py.

00709 
00710     def getUsersOfRole(self, role, object = None):
00711         """Gets the user (and group) ids having the specified role...
00712         ...on the specified Zope object if it's not None
00713         ...on their own information if the object is None.
00714         NOTA: THIS METHOD IS VERY EXPENSIVE.
00715         XXX PERFORMANCES HAVE TO BE IMPROVED
00716         """
00717         ret = []
00718         for id in self.getUserIds():
00719             if role in self.getRolesOfUser(id):
00720                 ret.append(id)
00721         return tuple(ret)

getUserSource(self, id) => GRUFUsers.acl_users object.
Raises if no acl_users available

Definition at line 2330 of file GroupUserFolder.py.

02330 
02331     def getUserSource(self, id):
02332         """
02333         getUserSource(self, id) => GRUFUsers.acl_users object.
02334         Raises if no acl_users available
02335         """
02336         return getattr(self, id).acl_users

Here is the caller graph for this function:

getUserSourceFolder(self, id) => GRUFUsers object

Definition at line 2338 of file GroupUserFolder.py.

02338 
02339     def getUserSourceFolder(self, id):
02340         """
02341         getUserSourceFolder(self, id) => GRUFUsers object
02342         """
02343         return getattr(self, id)

hasLDAPUserFolderSource(self,) => boolean
Return true if a LUF source is instanciated.

Definition at line 2604 of file GroupUserFolder.py.

02604 
02605     def hasLDAPUserFolderSource(self, ):
02606         """
02607         hasLDAPUserFolderSource(self,) => boolean
02608         Return true if a LUF source is instanciated.
02609         """
02610         for src in self.listUserSources():
02611             if src.meta_type == "LDAPUserFolder":
02612                 return 1
02613         return None
02614 

def GroupUserFolder.GroupUserFolder.hasMember (   self,
  groupid,
  id 
)
Return true if the specified atom id is in the group.
This is the contrary of IUserAtom.isInGroup(groupid).
THIS CAN BE VERY EXPENSIVE

Definition at line 815 of file GroupUserFolder.py.

00815 
00816     def hasMember(self, groupid, id):
00817         """Return true if the specified atom id is in the group.
00818         This is the contrary of IUserAtom.isInGroup(groupid).
00819         THIS CAN BE VERY EXPENSIVE
00820         """
00821         return self.getGroup(groupid).hasMember(id)
00822 

Here is the caller graph for this function:

From Zope 2.7's User.py:
This is not a formal API method: it is used only to provide
a way for the quickstart page to determine if the default user
folder contains any users to provide instructions on how to
add a user for newbies.  Using getUserNames or getUsers would have
posed a denial of service risk.
In GRUF, this method always return 1.

Definition at line 178 of file GroupUserFolder.py.

00178 
00179     def hasUsers(self, ):
00180         """
00181         From Zope 2.7's User.py:
00182         This is not a formal API method: it is used only to provide
00183         a way for the quickstart page to determine if the default user
00184         folder contains any users to provide instructions on how to
00185         add a user for newbies.  Using getUserNames or getUsers would have
00186         posed a denial of service risk.
00187         In GRUF, this method always return 1."""
00188         return 1

return true if LDAPGroupFolder is the groups source

Definition at line 2749 of file GroupUserFolder.py.

02749 
02750     def haveLDAPGroupFolder(self,):
02751         """return true if LDAPGroupFolder is the groups source
02752         """
02753         return not not self.Groups.acl_users.meta_type == 'LDAPGroupFolder'
02754 

Return true if the specified folder allows local role acquisition.

Definition at line 1589 of file GroupUserFolder.py.

01589 
01590     def isLocalRoleAcquired(self, folder):
01591         """Return true if the specified folder allows local role acquisition.
01592         """
01593         if getattr(folder, '__ac_local_roles_block__', None):
01594             return 0
01595         return 1
01596 

listAuditPermissions(self,) => return a list of eligible permissions

Definition at line 1988 of file GroupUserFolder.py.

01988 
01989     def listAuditPermissions(self,):
01990         """
01991         listAuditPermissions(self,) => return a list of eligible permissions
01992         """
01993         ps = self.permission_settings()
01994         return map(lambda p: p['name'], ps)

def GroupUserFolder.GroupUserFolder.listAvailableUserSources (   self,
  filter_permissions = 1,
  filter_classes = 1 
)
listAvailableUserSources(self, filter_permissions = 1, filter_classes = 1) => tuples (name, factory_uri)
List UserFolder replacement candidates.

- if filter_classes is true, return only ones which have a base UserFolder class
- if filter_permissions, return only types the user has rights to add

Definition at line 2406 of file GroupUserFolder.py.

02406 
02407     def listAvailableUserSources(self, filter_permissions = 1, filter_classes = 1):
02408         """
02409         listAvailableUserSources(self, filter_permissions = 1, filter_classes = 1) => tuples (name, factory_uri)
02410         List UserFolder replacement candidates.
02411 
02412         - if filter_classes is true, return only ones which have a base UserFolder class
02413         - if filter_permissions, return only types the user has rights to add
02414         """
02415         ret = []
02416 
02417         # Fetch candidate types
02418         user = getSecurityManager().getUser()
02419         meta_types = []
02420         if callable(self.all_meta_types):
02421             all=self.all_meta_types()
02422         else:
02423             all=self.all_meta_types
02424         for meta_type in all:
02425             if filter_permissions and meta_type.has_key('permission'):
02426                 if user.has_permission(meta_type['permission'],self):
02427                     meta_types.append(meta_type)
02428             else:
02429                 meta_types.append(meta_type)
02430 
02431         # Keep only, if needed, BasicUserFolder-derived classes
02432         for t in meta_types:
02433             if t['name'] == self.meta_type:
02434                 continue        # Do not keep GRUF ! ;-)
02435 
02436             if filter_classes:
02437                 try:
02438                     if t.get('instance', None) and t['instance'].isAUserFolder:
02439                         ret.append((t['name'], t['action']))
02440                         continue
02441                     if t.get('instance', None) and class_utility.isBaseClass(AccessControl.User.BasicUserFolder, t['instance']):
02442                         ret.append((t['name'], t['action']))
02443                         continue
02444                 except AttributeError:
02445                     pass        # We ignore 'invalid' instances (ie. that wouldn't define a __base__ attribute)
02446             else:
02447                 ret.append((t['name'], t['action']))
02448 
02449         return tuple(ret)

Here is the call graph for this function:

listLDAPUserFolderMapping(self,) => utility method

Definition at line 2668 of file GroupUserFolder.py.

02668 
02669     def listLDAPUserFolderMapping(self,):
02670         """
02671         listLDAPUserFolderMapping(self,) => utility method
02672         """
02673         ret = []
02674         gruf_done = []
02675         ldap_done = []
02676 
02677         # Scan sources
02678         for src in self.listUserSources():
02679             if not src.meta_type == "LDAPUserFolder":
02680                 continue
02681 
02682             # Get all GRUF & LDAP groups
02683             if src._local_groups:
02684                 gruf_ids = self.getGroupIds()
02685             else:
02686                 gruf_ids = self.getGroupIds()
02687             ldap_mapping = src.getGroupMappings()
02688             ldap_groups = src.getGroups(attr = "cn")
02689             for grp,role in ldap_mapping:
02690                 if role in gruf_ids:
02691                     ret.append((role, grp))
02692                     gruf_done.append(role)
02693                     ldap_done.append(grp)
02694                     if not src._local_groups:
02695                         ldap_done.append(role)
02696             for grp in ldap_groups:
02697                 if not grp in ldap_done:
02698                     ret.append((None, grp))
02699             for grp in gruf_ids:
02700                 if not grp in gruf_done:
02701                     ret.append((grp, None))
02702             Log(LOG_DEBUG, "return", ret)
02703             return ret
02704 

Here is the call graph for this function:

listUsersAndRoles(self,) => list of tuples

This method is used by the Security Audit page.
XXX HAS TO BE OPTIMIZED

Definition at line 1909 of file GroupUserFolder.py.

01909 
01910     def listUsersAndRoles(self,):
01911         """
01912         listUsersAndRoles(self,) => list of tuples
01913 
01914         This method is used by the Security Audit page.
01915         XXX HAS TO BE OPTIMIZED
01916         """
01917         request = self.REQUEST
01918         display_roles = request.get('display_roles', 0)
01919         display_groups = request.get('display_groups', 0)
01920         display_users = request.get('display_users', 0)
01921 
01922         role_index = 0
01923         user_index = 0
01924         group_index = 0
01925         ret = []
01926 
01927         # Collect roles
01928         if display_roles:
01929             for r in self.aq_parent.valid_roles():
01930                 handle = "R%02d" % role_index
01931                 role_index += 1
01932                 ret.append(('role', r, r, handle, r))
01933 
01934         # Collect users
01935         if display_users:
01936             for u in map(lambda x: x.getId(), self.getPureUsers()):
01937                 obj = self.getUser(u)
01938                 html = obj.asHTML()
01939                 handle = "U%02d" % user_index
01940                 user_index += 1
01941                 ret.append(('user', u, u, handle, html))
01942 
01943         if display_groups:
01944             for u in self.getGroupNames():
01945                 obj = self.getUser(u)
01946                 handle = "G%02d" % group_index
01947                 html = obj.asHTML()
01948                 group_index += 1
01949                 ret.append(('group', u, obj.getUserNameWithoutGroupPrefix(), handle, html))
01950 
01951         # Return list
01952         return ret

listUsersBatches(self,) => return a list of (start, end) tuples.
Return None if batching is not necessary

Definition at line 2184 of file GroupUserFolder.py.

02184 
02185     def listUsersBatches(self,):
02186         """
02187         listUsersBatches(self,) => return a list of (start, end) tuples.
02188         Return None if batching is not necessary
02189         """
02190         # Time-consuming stuff !
02191         un = map(lambda x: x.getId(), self.getPureUsers())
02192         if len(un) <= MAX_USERS_PER_PAGE:
02193             return None
02194         un.sort()
02195 
02196         # Split this list into small groups if necessary
02197         ret = []
02198         idx = 0
02199         l_un = len(un)
02200         nbatches = int(math.ceil(l_un / float(MAX_USERS_PER_PAGE)))
02201         for idx in range(0, nbatches):
02202             first = idx * MAX_USERS_PER_PAGE
02203             last = first + MAX_USERS_PER_PAGE - 1
02204             if last >= l_un:
02205                 last = l_un - 1
02206             # Append a tuple (not dict) to avoid too much memory consumption
02207             ret.append((first, last, un[first], un[last]))
02208 
02209         # Cache & return it
02210         self._v_batch_users = un
02211         return ret

listUsersBatchTable(self,) => Same a mgt screens but divided into sublists to
present them into 5 columns.
XXX have to merge this w/getUsersBatch to make it in one single pass

Definition at line 2213 of file GroupUserFolder.py.

02213 
02214     def listUsersBatchTable(self,):
02215         """
02216         listUsersBatchTable(self,) => Same a mgt screens but divided into sublists to
02217         present them into 5 columns.
02218         XXX have to merge this w/getUsersBatch to make it in one single pass
02219         """
02220         # Iterate
02221         ret = []
02222         idx = 0
02223         current = []
02224         for rec in (self.listUsersBatches() or []):
02225             if not idx % 5:
02226                 if current:
02227                     ret.append(current)
02228                 current = []
02229             current.append(rec)
02230             idx += 1
02231 
02232         if current:
02233             ret.append(current)
02234 
02235         return ret

listUserSources(self, ) => Return a list of GRUFUsers objects

Definition at line 2319 of file GroupUserFolder.py.

02319 
02320     def listUserSourceFolders(self, ):
02321         """
02322         listUserSources(self, ) => Return a list of GRUFUsers objects
02323         """
02324         ret = []
02325         for src in self.objectValues(['GRUFUsers']):
02326             ret.append(src)
02327         ret.sort(lambda x,y: cmp(x.id, y.id))
02328         return ret

listUserSources(self, ) => Return a list of userfolder objects
Only return VALID (ie containing an acl_users) user sources if all is None
XXX HAS TO BE OPTIMIZED VERY MUCH!
We add a check in debug mode to ensure that invalid sources won't be added
to the list.
This method return only _enabled_ user sources.

Definition at line 2288 of file GroupUserFolder.py.

02288 
02289     def listUserSources(self, ):
02290         """
02291         listUserSources(self, ) => Return a list of userfolder objects
02292         Only return VALID (ie containing an acl_users) user sources if all is None
02293         XXX HAS TO BE OPTIMIZED VERY MUCH!
02294         We add a check in debug mode to ensure that invalid sources won't be added
02295         to the list.
02296         This method return only _enabled_ user sources.
02297         """
02298         ret = []
02299         dret = {}
02300         if DEBUG_MODE:
02301             for src in self.objectValues(['GRUFUsers']):
02302                 if not src.enabled:
02303                     continue
02304                 if 'acl_users' in src.objectIds():
02305                     if getattr(aq_base(src.acl_users), 'authenticate', None):   # Additional check in debug mode
02306                         dret[src.id] = src.acl_users                            # we cannot use restrictedTraverse here because
02307                                                                                 # of infinite recursion issues.
02308         else:
02309             for src in self.objectValues(['GRUFUsers']):
02310                 if not src.enabled:
02311                     continue
02312                 if not 'acl_users' in src.objectIds():
02313                     continue
02314                 dret[src.id] = src.acl_users
02315         ret = dret.items()
02316         ret.sort()
02317         return [ src[1] for src in ret ]

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.manage_addGroupUserFolder (   self,
  dtself = None,
  REQUEST = None,
  ignored 
)
Factory method that creates a UserFolder

Definition at line 82 of file GroupUserFolder.py.

00082 
00083 def manage_addGroupUserFolder(self, dtself=None, REQUEST=None, **ignored):
00084     """ Factory method that creates a UserFolder"""
00085     f=GroupUserFolder()
00086     self=self.this()
00087     try:    self._setObject('acl_users', f)
00088     except: return MessageDialog(
00089                    title  ='Item Exists',
00090                    message='This object already contains a User Folder',
00091                    action ='%s/manage_main' % REQUEST['URL1'])
00092     self.__allow_groups__=f
00093     self.acl_users._post_init()
00094 
00095     self.acl_users.Users.manage_addUserFolder()
00096     self.acl_users.Groups.manage_addUserFolder()
00097 
00098     if REQUEST is not None:
00099         REQUEST['RESPONSE'].redirect(self.absolute_url()+'/manage_main')
00100 
00101 
00102 

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.manage_afterAdd (   self,
  item,
  container 
)
Same

Definition at line 974 of file GroupUserFolder.py.

00974 
00975     def manage_afterAdd(self, item, container):
00976         """Same
00977         """
00978         if item is self:
00979             container.__allow_groups__ = aq_base(self)

def GroupUserFolder.GroupUserFolder.manage_beforeDelete (   self,
  item,
  container 
)
Special overloading for __allow_groups__ attribute

Definition at line 964 of file GroupUserFolder.py.

00964 
00965     def manage_beforeDelete(self, item, container):
00966         """
00967         Special overloading for __allow_groups__ attribute
00968         """
00969         if item is self:
00970             try:
00971                 del container.__allow_groups__
00972             except:
00973                 pass

def GroupUserFolder.GroupUserFolder.manage_workspace (   self,
  REQUEST 
)
manage_workspace(self, REQUEST) => Overrided to allow direct user or group traversal
via the left tree view.

Definition at line 2109 of file GroupUserFolder.py.

02109 
02110     def manage_workspace(self, REQUEST):
02111         """
02112         manage_workspace(self, REQUEST) => Overrided to allow direct user or group traversal
02113         via the left tree view.
02114         """
02115         path = string.split(REQUEST.PATH_INFO, '/')[:-1]
02116         userid = path[-1]
02117 
02118         # Use individual usr/grp management screen (only if name is passed along the mgt URL)
02119         if userid != "acl_users":
02120             usr = self.getUserById(userid)
02121             if usr:
02122                 REQUEST.set('username', userid)
02123                 REQUEST.set('MANAGE_TABS_NO_BANNER', '1')   # Prevent use of the manage banner
02124                 return self.restrictedTraverse('manage_user')()
02125 
02126         # Default management screen
02127         return self.restrictedTraverse('manage_overview')()
02128 

def GroupUserFolder.GroupUserFolder.moveUserSourceDown (   self,
  id,
  REQUEST = {} 
)
moveUserSourceDown(self, id, REQUEST = {}) => used in management screens
try to get ids as consistant as possible

Definition at line 2494 of file GroupUserFolder.py.

02494 
02495     def moveUserSourceDown(self, id, REQUEST = {}):
02496         """
02497         moveUserSourceDown(self, id, REQUEST = {}) => used in management screens
02498         try to get ids as consistant as possible
02499         """
02500         # List and sort sources and preliminary checks
02501         ids = self.objectIds('GRUFUsers')
02502         ids.sort()
02503         if not ids or not id in ids:
02504             raise ValueError, "Invalid User Source: '%s'" % (id,)
02505 
02506         # Find indexes to swap
02507         src_index = ids.index(id)
02508         if src_index == len(ids) - 1:
02509             raise ValueError, "Cannot move '%s'  User Source up." % (id, )
02510         dest_index = src_index + 1
02511 
02512         # Find numbers to swap, fix them if they have more than 1 as offset
02513         if id == 'Users':
02514             dest_num = 1
02515         else:
02516             dest_num = int(ids[dest_index][-2:])
02517         src_num = dest_num - 1
02518 
02519         # Get ids
02520         src_id = id
02521         if dest_num == 0:
02522             dest_id = "Users"
02523         else:
02524             dest_id = "Users%02d" % (dest_num,)
02525         tmp_id = "%s_" % (dest_id, )
02526 
02527         # Perform the swap
02528         self._renameUserSource(src_id, tmp_id)
02529         self._renameUserSource(dest_id, src_id)
02530         self._renameUserSource(tmp_id, dest_id)
02531 
02532         # Return back to the forms
02533         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + '/manage_GRUFSources')
def GroupUserFolder.GroupUserFolder.moveUserSourceUp (   self,
  id,
  REQUEST = {} 
)
moveUserSourceUp(self, id, REQUEST = {}) => used in management screens
try to get ids as consistant as possible

Definition at line 2451 of file GroupUserFolder.py.

02451 
02452     def moveUserSourceUp(self, id, REQUEST = {}):
02453         """
02454         moveUserSourceUp(self, id, REQUEST = {}) => used in management screens
02455         try to get ids as consistant as possible
02456         """
02457         # List and sort sources and preliminary checks
02458         ids = self.objectIds('GRUFUsers')
02459         ids.sort()
02460         if not ids or not id in ids:
02461             raise ValueError, "Invalid User Source: '%s'" % (id,)
02462 
02463         # Find indexes to swap
02464         src_index = ids.index(id)
02465         if src_index == 0:
02466             raise ValueError, "Cannot move '%s'  User Source up." % (id, )
02467         dest_index = src_index - 1
02468 
02469         # Find numbers to swap, fix them if they have more than 1 as offset
02470         if ids[dest_index] == 'Users':
02471             dest_num = 0
02472         else:
02473             dest_num = int(ids[dest_index][-2:])
02474         src_num = dest_num + 1
02475 
02476         # Get ids
02477         src_id = id
02478         if dest_num == 0:
02479             dest_id = "Users"
02480         else:
02481             dest_id = "Users%02d" % (dest_num,)
02482         tmp_id = "%s_" % (dest_id, )
02483 
02484         # Perform the swap
02485         self._renameUserSource(src_id, tmp_id)
02486         self._renameUserSource(dest_id, src_id)
02487         self._renameUserSource(tmp_id, dest_id)
02488 
02489         # Return back to the forms
02490         if REQUEST.has_key('RESPONSE'):
            return REQUEST.RESPONSE.redirect(self.absolute_url() + '/manage_GRUFSources')
def GroupUserFolder.GroupUserFolder.removeMember (   self,
  groupid,
  userid,
  REQUEST = None 
)
Remove a member from a group.

Definition at line 786 of file GroupUserFolder.py.

00786 
00787     def removeMember(self, groupid, userid, REQUEST=None):
00788         """Remove a member from a group.
00789         """
        return self.getGroup(groupid).removeMember(userid)
def GroupUserFolder.GroupUserFolder.replaceUserSource (   self,
  id = None,
  new_factory = None,
  REQUEST = {},
  args,
  kw 
)
replaceUserSource(self, id = None, new_factory = None, REQUEST = {}, *args, **kw) => perform user source replacement

If new_factory is None, find it inside REQUEST (useful for ZMI screens)

Definition at line 2567 of file GroupUserFolder.py.

02567 
02568     def replaceUserSource(self, id = None, new_factory = None, REQUEST = {}, *args, **kw):
02569         """
02570         replaceUserSource(self, id = None, new_factory = None, REQUEST = {}, *args, **kw) => perform user source replacement
02571 
02572         If new_factory is None, find it inside REQUEST (useful for ZMI screens)
02573         """
02574         # Check the source id
02575         if type(id) != type('s'):
02576             raise ValueError, "You must choose a valid source to replace and confirm it."
02577 
02578         # Retreive factory if not explicitly passed
02579         if not new_factory:
02580             for record in REQUEST.get("source_rec", []):
02581                 if record['id'] == id:
02582                     new_factory = record['new_factory']
02583                     break
02584             if not new_factory:
02585                 raise ValueError, "You must select a new User Folder type."
02586 
02587         # Delete the former one
02588         us = getattr(self, id)
02589         if "acl_users" in us.objectIds():
02590             us.manage_delObjects(['acl_users'])
02591 
02592         ## If we use ldap, tag it
02593         #if string.find(new_factory.lower(), "ldap") > -1:
02594         #    self._haveLDAPUF += 1
02595 
02596         # Re-create the underlying UserFolder
02597         # If we're called TTW, uses a redirect else tries to call the UF factory directly
02598         if REQUEST.has_key('RESPONSE'):
02599             return REQUEST.RESPONSE.redirect("%s/%s/%s" % (self.absolute_url(), id, new_factory))
        return us.unrestrictedTraverse(new_factory)(*args, **kw) # XXX minor security pb ?
def GroupUserFolder.GroupUserFolder.searchGroupsByAttribute (   self,
  attribute,
  search_term 
)
Return group ids whose 'attribute' match the specified search_term.
If search_term is an empty string, behaviour depends on the underlying group folder:
it may return all groups, return only cached groups (for LDAPUF) or return no groups.
This will return all groups whose name contains search_term (whaterver its case).
THIS METHOD MAY BE VERY EXPENSIVE ON GROUP FOLDER KINDS WHICH DO NOT PROVIDE A
SEARCHING METHOD (ie. every UF kind except LDAPUF).
'attribute' can be 'id' or 'name' for all UF kinds, or anything else for LDAPUF.

Definition at line 623 of file GroupUserFolder.py.

00623 
00624     def searchGroupsByAttribute(self, attribute, search_term):
00625         """Return group ids whose 'attribute' match the specified search_term.
00626         If search_term is an empty string, behaviour depends on the underlying group folder:
00627         it may return all groups, return only cached groups (for LDAPUF) or return no groups.
00628         This will return all groups whose name contains search_term (whaterver its case).
00629         THIS METHOD MAY BE VERY EXPENSIVE ON GROUP FOLDER KINDS WHICH DO NOT PROVIDE A
00630         SEARCHING METHOD (ie. every UF kind except LDAPUF).
00631         'attribute' can be 'id' or 'name' for all UF kinds, or anything else for LDAPUF.
00632         """
00633         ret = []
00634         src = self.Groups
00635 
00636         # Use source-specific search methods if available
00637         if hasattr(src.aq_base, "findGroup"):
00638             # LDAPUF
00639             id_attr = src._uid_attr
00640             if attribute == 'name':
00641                 attr = src._login_attr
00642             elif attribute == 'id':
00643                 attr = src._uid_attr
00644             else:
00645                 attr = attribute
00646             groups = src.findGroup(attr, search_term)
00647             ret.extend(
00648                 [ u[id_attr] for u in groups ],
00649                 )
00650         else:
00651             # Other types of group folder
00652             search_term = search_term.lower()
00653 
00654             # Find the proper method according to the attribute type
00655             if attribute == "name":
00656                 method = "getName"
00657             elif attribute == "id":
00658                 method = "getId"
00659             else:
00660                 raise NotImplementedError, "Attribute searching is only supported for LDAPGroupFolder by now."
00661 
00662             # Actually search
00663             for u in self.getGroups():
00664                 s = getattr(u, method)().lower()
00665                 if string.find(s, search_term) != -1:
00666                     ret.append(u.getId())
00667         return ret

def GroupUserFolder.GroupUserFolder.searchGroupsById (   self,
  search_term 
)
Return group ids whose id match the specified search_term.
If search_term is an empty string, behaviour depends on the underlying group folder:
it may return all groups, return only cached groups (for LDAPUF) or return no groups.
This will return all groups whose name contains search_term (whaterver its case).
THIS METHOD MAY BE VERY EXPENSIVE ON GROUP FOLDER KINDS WHICH DO NOT PROVIDE A
SEARCHING METHOD (ie. every UF kind except LDAPUF)

Definition at line 680 of file GroupUserFolder.py.

00680 
00681     def searchGroupsById(self, search_term):
00682         """Return group ids whose id match the specified search_term.
00683         If search_term is an empty string, behaviour depends on the underlying group folder:
00684         it may return all groups, return only cached groups (for LDAPUF) or return no groups.
00685         This will return all groups whose name contains search_term (whaterver its case).
00686         THIS METHOD MAY BE VERY EXPENSIVE ON GROUP FOLDER KINDS WHICH DO NOT PROVIDE A
00687         SEARCHING METHOD (ie. every UF kind except LDAPUF)
00688         """
00689         return self.searchGroupsByAttribute("id", search_term)

def GroupUserFolder.GroupUserFolder.searchGroupsByName (   self,
  search_term 
)
Return group ids whose name match the specified search_term.
If search_term is an empty string, behaviour depends on the underlying group folder:
it may return all groups, return only cached groups (for LDAPUF) or return no groups.
This will return all groups whose name contains search_term (whaterver its case).
THIS METHOD MAY BE VERY EXPENSIVE ON GROUP FOLDER KINDS WHICH DO NOT PROVIDE A
SEARCHING METHOD (ie. every UF kind except LDAPUF)

Definition at line 669 of file GroupUserFolder.py.

00669 
00670     def searchGroupsByName(self, search_term):
00671         """Return group ids whose name match the specified search_term.
00672         If search_term is an empty string, behaviour depends on the underlying group folder:
00673         it may return all groups, return only cached groups (for LDAPUF) or return no groups.
00674         This will return all groups whose name contains search_term (whaterver its case).
00675         THIS METHOD MAY BE VERY EXPENSIVE ON GROUP FOLDER KINDS WHICH DO NOT PROVIDE A
00676         SEARCHING METHOD (ie. every UF kind except LDAPUF)
00677         """
00678         return self.searchGroupsByAttribute("name", search_term)

def GroupUserFolder.GroupUserFolder.searchUsersByAttribute (   self,
  attribute,
  search_term 
)
Return user ids whose 'attribute' match the specified search_term.
If search_term is an empty string, behaviour depends on the underlying user folder:
it may return all users, return only cached users (for LDAPUF) or return no users.
This will return all users whose name contains search_term (whaterver its case).
THIS METHOD MAY BE VERY EXPENSIVE ON USER FOLDER KINDS WHICH DO NOT PROVIDE A
SEARCHING METHOD (ie. every UF kind except LDAPUF).
'attribute' can be 'id' or 'name' for all UF kinds, or anything else for LDAPUF.

Definition at line 547 of file GroupUserFolder.py.

00547 
00548     def searchUsersByAttribute(self, attribute, search_term):
00549         """Return user ids whose 'attribute' match the specified search_term.
00550         If search_term is an empty string, behaviour depends on the underlying user folder:
00551         it may return all users, return only cached users (for LDAPUF) or return no users.
00552         This will return all users whose name contains search_term (whaterver its case).
00553         THIS METHOD MAY BE VERY EXPENSIVE ON USER FOLDER KINDS WHICH DO NOT PROVIDE A
00554         SEARCHING METHOD (ie. every UF kind except LDAPUF).
00555         'attribute' can be 'id' or 'name' for all UF kinds, or anything else for LDAPUF.
00556         """
00557         ret = []
00558         for src in self.listUserSources():
00559             # Use source-specific search methods if available
00560             if hasattr(src.aq_base, "findUser"):
00561                 # LDAPUF
00562                 Log(LOG_DEBUG, "We use LDAPUF to find users")
00563                 id_attr = src._uid_attr
00564                 if attribute == 'name':
00565                     attr = src._login_attr
00566                 elif attribute == 'id':
00567                     attr = src._uid_attr
00568                 else:
00569                     attr = attribute
00570                 Log(LOG_DEBUG, "we use findUser", attr, search_term, )
00571                 users = src.findUser(attr, search_term, exact_match = True)
00572                 ret.extend(
00573                     [ u[id_attr] for u in users ],
00574                     )
00575             else:
00576                 # Other types of user folder
00577                 search_term = search_term.lower()
00578 
00579                 # Find the proper method according to the attribute type
00580                 if attribute == "name":
00581                     method = "getName"
00582                 elif attribute == "id":
00583                     method = "getId"
00584                 else:
00585                     raise NotImplementedError, "Attribute searching is only supported for LDAPUserFolder by now."
00586 
00587                 # Actually search
00588                 src_id = src.getUserSourceId()
00589                 for u in src.getUsers():
00590                     if not u:
00591                         continue
00592                     u = GRUFUser.GRUFUser(u, self, source_id=src_id,
00593                                           isGroup=0).__of__(self)
00594                     s = getattr(u, method)().lower()
00595                     if string.find(s, search_term) != -1:
00596                         ret.append(u.getId())
00597         Log(LOG_DEBUG, "We've found them:", ret)
00598         return ret

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder.searchUsersById (   self,
  search_term 
)
Return user ids whose id match the specified search_term.
If search_term is an empty string, behaviour depends on the underlying user folder:
it may return all users, return only cached users (for LDAPUF) or return no users.
This will return all users whose name contains search_term (whaterver its case).
THIS METHOD MAY BE VERY EXPENSIVE ON USER FOLDER KINDS WHICH DO NOT PROVIDE A
SEARCHING METHOD (ie. every UF kind except LDAPUF)

Definition at line 611 of file GroupUserFolder.py.

00611 
00612     def searchUsersById(self, search_term):
00613         """Return user ids whose id match the specified search_term.
00614         If search_term is an empty string, behaviour depends on the underlying user folder:
00615         it may return all users, return only cached users (for LDAPUF) or return no users.
00616         This will return all users whose name contains search_term (whaterver its case).
00617         THIS METHOD MAY BE VERY EXPENSIVE ON USER FOLDER KINDS WHICH DO NOT PROVIDE A
00618         SEARCHING METHOD (ie. every UF kind except LDAPUF)
00619         """
00620         return self.searchUsersByAttribute("id", search_term)
00621 

def GroupUserFolder.GroupUserFolder.searchUsersByName (   self,
  search_term 
)
Return user ids whose name match the specified search_term.
If search_term is an empty string, behaviour depends on the underlying user folder:
it may return all users, return only cached users (for LDAPUF) or return no users.
This will return all users whose name contains search_term (whaterver its case).
THIS METHOD MAY BE VERY EXPENSIVE ON USER FOLDER KINDS WHICH DO NOT PROVIDE A
SEARCHING METHOD (ie. every UF kind except LDAPUF)

Definition at line 600 of file GroupUserFolder.py.

00600 
00601     def searchUsersByName(self, search_term):
00602         """Return user ids whose name match the specified search_term.
00603         If search_term is an empty string, behaviour depends on the underlying user folder:
00604         it may return all users, return only cached users (for LDAPUF) or return no users.
00605         This will return all users whose name contains search_term (whaterver its case).
00606         THIS METHOD MAY BE VERY EXPENSIVE ON USER FOLDER KINDS WHICH DO NOT PROVIDE A
00607         SEARCHING METHOD (ie. every UF kind except LDAPUF)
00608         """
00609         return self.searchUsersByAttribute("name", search_term)

def GroupUserFolder.GroupUserFolder.setMembers (   self,
  groupid,
  userids,
  REQUEST = None 
)
Set the members of the group

Definition at line 772 of file GroupUserFolder.py.

00772 
00773     def setMembers(self, groupid, userids, REQUEST=None):
00774         """Set the members of the group
00775         """
        self.getGroup(groupid).setMembers(userids)
def GroupUserFolder.GroupUserFolder.setRolesOnUsers (   self,
  roles,
  userids,
  REQUEST = None 
)
Set a common set of roles for a bunch of user atoms.

Definition at line 695 of file GroupUserFolder.py.

00695 
00696     def setRolesOnUsers(self, roles, userids, REQUEST = None):
00697         """Set a common set of roles for a bunch of user atoms.
00698         """
00699         for usr in userids:
            self.userSetRoles(usr, roles)
def GroupUserFolder.GroupUserFolder.toggleSource (   self,
  src_id,
  REQUEST = {} 
)
toggleSource(self, src_id, REQUEST = {}) => toggle enabled/disabled source

Definition at line 2268 of file GroupUserFolder.py.

02268 
02269     def toggleSource(self, src_id, REQUEST = {}):
02270         """
02271         toggleSource(self, src_id, REQUEST = {}) => toggle enabled/disabled source
02272         """
02273         # Find the source
02274         ids = self.objectIds('GRUFUsers')
02275         if not src_id in ids:
02276             raise ValueError, "Invalid source: '%s' (%s)" % (src_id, ids)
02277         src = getattr(self, src_id)
02278         if src.enabled:
02279             src.disableSource()
02280         else:
02281             src.enableSource()
02282 
02283         # Redirect where we want to
02284         if REQUEST.has_key('RESPONSE'):
02285             return REQUEST.RESPONSE.redirect(self.absolute_url() + '/manage_GRUFSources')
02286 

Definition at line 2101 of file GroupUserFolder.py.

02101 
02102     def tpId(self,):
02103         return self.getId()
02104 

Definition at line 2063 of file GroupUserFolder.py.

02063 
02064     def tpValues(self):
02065         # Avoid returning HUUUUUUGE lists
02066         # Use the cache at first
02067         if self._v_no_tree and self._v_cache_no_tree > time.time():
02068             return []        # Do not use the tree
02069 
02070         # XXX - I DISABLE THE TREE BY NOW (Pb. with icon URL)
02071         return []
02072 
02073         # Then, use a simple computation to determine opportunity to use the tree or not
02074         ngroups = len(self.getGroupNames())
02075         if ngroups > MAX_TREE_USERS_AND_GROUPS:
02076             self._v_no_tree = 1
02077             self._v_cache_no_tree = time.time() + TREE_CACHE_TIME
02078             return []
02079         nusers = len(self.getUsers())
02080         if ngroups + nusers > MAX_TREE_USERS_AND_GROUPS:
02081             meth_list = self.getGroups
02082         else:
02083             meth_list = self.getUsers
02084         self._v_no_tree = 0
02085 
02086         # Get top-level user and groups list
02087         tree_dict = {}
02088         top_level_names = []
02089         top_level = []
02090         for usr in meth_list():
02091             self.getTreeInfo(usr, tree_dict)
02092             if not usr.getGroups(no_recurse = 1):
02093                 top_level_names.append(usr.getUserName())
02094         for id in top_level_names:
02095             top_level.append(treeWrapper(id, tree_dict))
02096 
02097         # Return this top-level list
02098         top_level.sort(lambda x, y: cmp(x.sortId(), y.sortId()))
02099         return top_level
02100 

def GroupUserFolder.GroupUserFolder.unique (   sequence,
  _list = 0 
)
Make a sequence a list of unique items

Definition at line 72 of file GroupUserFolder.py.

00072 
00073 def unique(sequence, _list = 0):
00074     """Make a sequence a list of unique items"""
00075     uniquedict = {}
00076     for v in sequence:
00077         uniquedict[v] = 1
00078     if _list:
00079         return list(uniquedict.keys())
00080     return tuple(uniquedict.keys())
00081 

updateLDAPUserFolderMapping(self, REQUEST = None) => None

Update the first LUF source in the process so that LDAP-group-to-Zope-role mapping
is done.
This is done by calling the appropriate method in LUF and affecting all 'group_' roles
to the matching LDAP groups.

Definition at line 2616 of file GroupUserFolder.py.

02616 
02617     def updateLDAPUserFolderMapping(self, REQUEST = None):
02618         """
02619         updateLDAPUserFolderMapping(self, REQUEST = None) => None
02620 
02621         Update the first LUF source in the process so that LDAP-group-to-Zope-role mapping
02622         is done.
02623         This is done by calling the appropriate method in LUF and affecting all 'group_' roles
02624         to the matching LDAP groups.
02625         """
02626         # Fetch all groups
02627         groups = self.getGroupIds()
02628 
02629         # Scan sources
02630         for src in self.listUserSources():
02631             if not src.meta_type == "LDAPUserFolder":
02632                 continue
02633 
02634             # Delete all former group mappings
02635             deletes = []
02636             for (grp, role) in src.getGroupMappings():
02637                 if role.startswith('group_'):
02638                     deletes.append(grp)
02639             src.manage_deleteGroupMappings(deletes)
02640 
02641             # Append all group mappings if it can be done
02642             ldap_groups = src.getGroups(attr = "cn")
02643             for grp in groups:
02644                 if src._local_groups:
02645                     grp_name = grp
02646                 else:
02647                     grp_name = grp[len('group_'):]
02648                 Log(LOG_DEBUG, "cheching", grp_name, "in", ldap_groups, )
02649                 if not grp_name in ldap_groups:
02650                     continue
02651                 Log(LOG_DEBUG, "Map", grp, "to", grp_name)
02652                 src.manage_addGroupMapping(
02653                     grp_name,
02654                     grp,
02655                     )
02656 
02657         # Return
02658         if REQUEST:
02659             return REQUEST.RESPONSE.redirect(
02660                 self.absolute_url() + "/manage_wizard",
02661                 )
02662         updateLDAPUserFolderMapping = postonly(updateLDAPUserFolderMapping)
02663 

Here is the call graph for this function:

user_names() => return user IDS and not user NAMES !!!
Due to a Zope inconsistency, the Role.get_valid_userids return user names
and not user ids - which is bad. As GRUF distinguishes names and ids, this
will cause it to break, especially in the listLocalRoles form. So we change
user_names() behaviour so that it will return ids and not names.

Definition at line 190 of file GroupUserFolder.py.

00190 
00191     def user_names(self,):
00192         """
00193         user_names() => return user IDS and not user NAMES !!!
00194         Due to a Zope inconsistency, the Role.get_valid_userids return user names
00195         and not user ids - which is bad. As GRUF distinguishes names and ids, this
00196         will cause it to break, especially in the listLocalRoles form. So we change
00197         user_names() behaviour so that it will return ids and not names.
00198         """
00199         return self.getUserIds()
00200 

def GroupUserFolder.GroupUserFolder.userAddDomain (   self,
  id,
  domain,
  REQUEST = None 
)
Append a domain to a user

Definition at line 886 of file GroupUserFolder.py.

00886 
00887     def userAddDomain(self, id, domain, REQUEST=None):
00888         """Append a domain to a user
00889         """
00890         usr = self.getPureUser(id)
00891         domains = list(usr.getDomains())
00892         if not domain in domains:
00893             roles.append(domain)
            self._updateUser(usr.getId(), domains = domains, )
def GroupUserFolder.GroupUserFolder.userAddGroup (   self,
  id,
  groupname,
  REQUEST = None 
)
add a group to a user atom

Definition at line 917 of file GroupUserFolder.py.

00917 
00918     def userAddGroup(self, id, groupname, REQUEST=None):
00919         """add a group to a user atom
00920         """
00921         groups = list(self.getUserById(id).getGroups())
00922         if not groupname in groups:
00923             groups.append(groupname)
            self._updateUser(id, groups = groups)

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder.userAddRole (   self,
  id,
  role,
  REQUEST = None 
)
Append a role for a user atom

Definition at line 841 of file GroupUserFolder.py.

00841 
00842     def userAddRole(self, id, role, REQUEST=None):
00843         """Append a role for a user atom
00844         """
00845         roles = list(self.getUser(id).getRoles())
00846         if not role in roles:
00847             roles.append(role)
            self._updateUser(id, roles = roles)
def GroupUserFolder.GroupUserFolder.userFolderAddGroup (   self,
  name,
  roles,
  groups = (),
  REQUEST = None,
  kw 
)
API method for creating a new group.

Definition at line 505 of file GroupUserFolder.py.

00505 
00506     def userFolderAddGroup(self, name, roles, groups = (), REQUEST=None, **kw):
00507         """API method for creating a new group.
00508         """
00509         while name.startswith(GROUP_PREFIX):
00510             name = name[GROUP_PREFIX_LEN:]
        return self._doAddGroup(name, roles, groups, **kw)
def GroupUserFolder.GroupUserFolder.userFolderAddRole (   self,
  role,
  REQUEST = None 
)
Add a new role. The role will be appended, in fact, in GRUF's surrounding folder.

Definition at line 729 of file GroupUserFolder.py.

00729 
00730     def userFolderAddRole(self, role, REQUEST=None):
00731         """Add a new role. The role will be appended, in fact, in GRUF's surrounding folder.
00732         """
00733         if role in self.aq_parent.valid_roles():
00734             raise ValueError, "Role '%s' already exist" % (role, )
00735 
        return self.aq_parent._addRole(role)
def GroupUserFolder.GroupUserFolder.userFolderAddUser (   self,
  name,
  password,
  roles,
  domains,
  groups = (),
  REQUEST = None,
  kw 
)
API method for creating a new user object. Note that not all
user folder implementations support dynamic creation of user
objects.

Definition at line 468 of file GroupUserFolder.py.

00468 
00469                           REQUEST=None, **kw):
00470         """API method for creating a new user object. Note that not all
00471         user folder implementations support dynamic creation of user
00472         objects.
00473         """
        return self._doAddUser(name, password, roles, domains, groups, **kw)
def GroupUserFolder.GroupUserFolder.userFolderDelGroups (   self,
  names,
  REQUEST = None 
)
API method for deleting one or more group objects.
Implem. note : All ids must be prefixed with 'group_',
so this method ends up beeing only a filter of non-prefixed ids
before calling userFolderDelUsers().

Definition at line 530 of file GroupUserFolder.py.

00530 
00531     def userFolderDelGroups(self, names, REQUEST=None):
00532         """API method for deleting one or more group objects.
00533         Implem. note : All ids must be prefixed with 'group_',
00534         so this method ends up beeing only a filter of non-prefixed ids
00535         before calling userFolderDelUsers().
00536         """
        return self._doDelGroups(names)

Here is the call graph for this function:

Here is the caller graph for this function:

def GroupUserFolder.GroupUserFolder.userFolderDelRoles (   self,
  roles,
  REQUEST = None 
)
Delete roles.
The removed roles will be removed from the UserFolder's users and groups as well,
so this method can be very time consuming with a large number of users.

Definition at line 739 of file GroupUserFolder.py.

00739 
00740     def userFolderDelRoles(self, roles, REQUEST=None):
00741         """Delete roles.
00742         The removed roles will be removed from the UserFolder's users and groups as well,
00743         so this method can be very time consuming with a large number of users.
00744         """
00745         # Check that roles exist
00746         ud_roles = self.aq_parent.userdefined_roles()
00747         for r in roles:
00748             if not r in ud_roles:
00749                 raise ValueError, "Role '%s' is not defined on acl_users' parent folder" % (r, )
00750 
00751         # Remove role on all users
00752         for r in roles:
00753             for u in self.getUsersOfRole(r, ):
00754                 self.userRemoveRole(u, r, )
00755 
00756         # Actually remove role
        return self.aq_parent._delRoles(roles, None)
def GroupUserFolder.GroupUserFolder.userFolderDelUsers (   self,
  names,
  REQUEST = None 
)
API method for deleting one or more user atom objects. Note that not
all user folder implementations support deletion of user objects.

Definition at line 498 of file GroupUserFolder.py.

00498 
00499     def userFolderDelUsers(self, names, REQUEST=None):
00500         """API method for deleting one or more user atom objects. Note that not
00501         all user folder implementations support deletion of user objects."""
        return self._doDelUsers(names)
def GroupUserFolder.GroupUserFolder.userFolderEditGroup (   self,
  name,
  roles,
  groups = None,
  REQUEST = None,
  kw 
)
API method for changing group object attributes.

Definition at line 515 of file GroupUserFolder.py.

00515 
00516                             **kw):
00517         """API method for changing group object attributes.
00518         """
        return self._doChangeGroup(name, roles = roles, groups = groups, **kw)
def GroupUserFolder.GroupUserFolder.userFolderEditUser (   self,
  name,
  password,
  roles,
  domains,
  groups = None,
  REQUEST = None,
  kw 
)
API method for changing user object attributes. Note that not
all user folder implementations support changing of user object
attributes.
Arguments ARE required.

Definition at line 478 of file GroupUserFolder.py.

00478 
00479                            REQUEST=None, **kw):
00480         """API method for changing user object attributes. Note that not
00481         all user folder implementations support changing of user object
00482         attributes.
00483         Arguments ARE required.
00484         """
        return self._doChangeUser(name, password, roles, domains, groups, **kw)
userFolderGetRoles(self,) => tuple of strings
List the roles defined at the top of GRUF's folder.
This includes both user-defined roles and default roles.

Definition at line 760 of file GroupUserFolder.py.

00760 
00761     def userFolderGetRoles(self, ):
00762         """
00763         userFolderGetRoles(self,) => tuple of strings
00764         List the roles defined at the top of GRUF's folder.
00765         This includes both user-defined roles and default roles.
00766         """
00767         return tuple(self.aq_parent.valid_roles())
00768 

def GroupUserFolder.GroupUserFolder.userFolderUpdateGroup (   self,
  name,
  roles = None,
  groups = None,
  REQUEST = None,
  kw 
)
API method for changing group object attributes.

Definition at line 523 of file GroupUserFolder.py.

00523 
00524                               REQUEST=None, **kw):
00525         """API method for changing group object attributes.
00526         """
        return self._updateGroup(name, roles = roles, groups = groups, **kw)
def GroupUserFolder.GroupUserFolder.userFolderUpdateUser (   self,
  name,
  password = None,
  roles = None,
  domains = None,
  groups = None,
  REQUEST = None,
  kw 
)
API method for changing user object attributes. Note that not
all user folder implementations support changing of user object
attributes.
Arguments are optional

Definition at line 489 of file GroupUserFolder.py.

00489 
00490                              domains = None, groups = None, REQUEST=None, **kw):
00491         """API method for changing user object attributes. Note that not
00492         all user folder implementations support changing of user object
00493         attributes.
00494         Arguments are optional"""
        return self._updateUser(name, password, roles, domains, groups, **kw)
get domains for a user

Definition at line 871 of file GroupUserFolder.py.

00871 
00872     def userGetDomains(self, id):
00873         """get domains for a user
00874         """
00875         usr = self.getPureUser(id)
00876         return tuple(usr.getDomains())

def GroupUserFolder.GroupUserFolder.userRemoveDomain (   self,
  id,
  domain,
  REQUEST = None 
)
Remove a domain from a user

Definition at line 897 of file GroupUserFolder.py.

00897 
00898     def userRemoveDomain(self, id, domain, REQUEST=None):
00899         """Remove a domain from a user
00900         """
00901         usr = self.getPureUser(id)
00902         domains = list(usr.getDomains())
00903         if not domain in domains:
00904             raise ValueError, "User '%s' doesn't have domain '%s'" % (id, domain, )
00905         while domain in domains:
00906             roles.remove(domain)
        self._updateUser(usr.getId(), domains = domains)
def GroupUserFolder.GroupUserFolder.userRemoveGroup (   self,
  id,
  groupname,
  REQUEST = None 
)
remove a group from a user atom.

Definition at line 928 of file GroupUserFolder.py.

00928 
00929     def userRemoveGroup(self, id, groupname, REQUEST=None):
00930         """remove a group from a user atom.
00931         """
00932         groups = list(self.getUserById(id).getGroupNames())
00933         if groupname.startswith(GROUP_PREFIX):
00934             groupname = groupname[GROUP_PREFIX_LEN:]
00935         if groupname in groups:
00936             groups.remove(groupname)
            self._updateUser(id, groups = groups)

Here is the call graph for this function:

def GroupUserFolder.GroupUserFolder.userRemoveRole (   self,
  id,
  role,
  REQUEST = None 
)
Remove the role of a user atom. Will NOT complain if role doesn't exist

Definition at line 851 of file GroupUserFolder.py.

00851 
00852     def userRemoveRole(self, id, role, REQUEST=None):
00853         """Remove the role of a user atom. Will NOT complain if role doesn't exist
00854         """
00855         roles = list(self.getRolesOfUser(id))
00856         if role in roles:
00857             roles.remove(role)
            self._updateUser(id, roles = roles)
def GroupUserFolder.GroupUserFolder.userSetDomains (   self,
  id,
  domains,
  REQUEST = None 
)
Set domains for a user

Definition at line 878 of file GroupUserFolder.py.

00878 
00879     def userSetDomains(self, id, domains, REQUEST=None):
00880         """Set domains for a user
00881         """
00882         usr = self.getPureUser(id)
        self._updateUser(usr.getId(), domains = domains, )
def GroupUserFolder.GroupUserFolder.userSetGroups (   self,
  id,
  groupnames,
  REQUEST = None 
)
Set the groups of a user

Definition at line 910 of file GroupUserFolder.py.

00910 
00911     def userSetGroups(self, id, groupnames, REQUEST=None):
00912         """Set the groups of a user
00913         """
        self._updateUser(id, groups = groupnames)
def GroupUserFolder.GroupUserFolder.userSetPassword (   self,
  id,
  newPassword,
  REQUEST = None 
)
Set the password of a user

Definition at line 861 of file GroupUserFolder.py.

00861 
00862     def userSetPassword(self, id, newPassword, REQUEST=None):
00863         """Set the password of a user
00864         """
00865         u = self.getPureUser(id)
00866         if not u:
00867             raise ValueError, "Invalid pure user id: '%s'" % (id,)
        self._updateUser(u.getId(), password = newPassword, )
def GroupUserFolder.GroupUserFolder.userSetRoles (   self,
  id,
  roles,
  REQUEST = None 
)

def setUserId(id, newId): """Change id of a user atom.

    """     def setUserName(id, newName):
    """Change the name of a user atom.
    """  @verbatim Change the roles of a user atom.

Definition at line 834 of file GroupUserFolder.py.

00834 
00835     def userSetRoles(self, id, roles, REQUEST=None):
00836         """Change the roles of a user atom.
00837         """
        self._updateUser(id, roles = roles)

Variable Documentation

Initial value:
00001 (
00002         ('Manage users',
00003          ('manage_users',
00004           'user_names', 'setDomainAuthenticationMode',
00005           )
00006          ),
00007         )

Definition at line 153 of file GroupUserFolder.py.

Definition at line 91 of file GroupUserFolder.py.

string GroupUserFolder.GroupUserFolder.__docformat__ = 'restructuredtext'

Definition at line 24 of file GroupUserFolder.py.

GroupUserFolder Copyright (C)2006 Ingeniweb.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; see the file COPYING. If not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

Definition at line 21 of file GroupUserFolder.py.

Developers notes.

The REQUEST.GRUF_PROBLEM variable is defined whenever GRUF encounters a problem than can be showed in the management screens. It's always logged as LOG_WARNING level anyway.

Definition at line 70 of file GroupUserFolder.py.

Definition at line 2181 of file GroupUserFolder.py.

Definition at line 2131 of file GroupUserFolder.py.

Definition at line 2132 of file GroupUserFolder.py.

Definition at line 2130 of file GroupUserFolder.py.

Definition at line 1575 of file GroupUserFolder.py.

Definition at line 2556 of file GroupUserFolder.py.

Definition at line 783 of file GroupUserFolder.py.

If we use ldap, tag it

if string.find(factory_uri.lower(), "ldap") > -1: self._haveLDAPUF += 1

Definition at line 2375 of file GroupUserFolder.py.

icon = self.absolute_url() + '/img_user'

Definition at line 2047 of file GroupUserFolder.py.

Definition at line 1535 of file GroupUserFolder.py.

Definition at line 1477 of file GroupUserFolder.py.

Definition at line 1396 of file GroupUserFolder.py.

Definition at line 1551 of file GroupUserFolder.py.

Definition at line 1404 of file GroupUserFolder.py.

Definition at line 1492 of file GroupUserFolder.py.

Definition at line 2390 of file GroupUserFolder.py.

Definition at line 164 of file GroupUserFolder.py.

icon = self.absolute_url() + '/img_group'

Definition at line 2043 of file GroupUserFolder.py.

Definition at line 962 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.img_down_arrow = ImageFile.ImageFile('www/down_arrow.gif', globals())

Definition at line 2263 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.img_down_arrow_grey = ImageFile.ImageFile('www/down_arrow_grey.gif', globals())

Definition at line 2265 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.img_group = ImageFile.ImageFile('www/GRUFGroups.gif', globals())

Definition at line 169 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.img_up_arrow = ImageFile.ImageFile('www/up_arrow.gif', globals())

Definition at line 2262 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.img_up_arrow_grey = ImageFile.ImageFile('www/up_arrow_grey.gif', globals())

Definition at line 2264 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.img_user = ImageFile.ImageFile('www/GRUFUsers.gif', globals())

Definition at line 168 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_audit = PageTemplateFile.PageTemplateFile('dtml/GRUF_audit', globals())

Definition at line 145 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_groups = PageTemplateFile.PageTemplateFile('dtml/GRUF_groups', globals())

Definition at line 147 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_GRUFSources = PageTemplateFile.PageTemplateFile('dtml/GRUF_contents', globals())

Definition at line 150 of file GroupUserFolder.py.

GroupUserFolder.GroupUserFolder.manage_main = OFS.ObjectManager.ObjectManager.manage_main

Definition at line 142 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_newusers = PageTemplateFile.PageTemplateFile('dtml/GRUF_newusers', globals())

Definition at line 149 of file GroupUserFolder.py.

Initial value:
00001 (
00002         (
00003         {'label':'Overview', 'action':'manage_overview'},
00004         {'label':'Sources', 'action':'manage_GRUFSources'},
00005         {'label':'LDAP Wizard', 'action':'manage_wizard'},
00006         {'label':'Groups', 'action':'manage_groups'},
00007         {'label':'Users', 'action':'manage_users'},
00008         {'label':'Audit', 'action':'manage_audit'},
00009         ) + \
00010         OFS.ObjectManager.ObjectManager.manage_options + \
00011         RoleManager.manage_options + \
00012         Item.manage_options )

Definition at line 129 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_overview = PageTemplateFile.PageTemplateFile('dtml/GRUF_overview', globals())

manage_overview = DTMLFile('dtml/GRUF_overview', globals())

Definition at line 144 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_user = PageTemplateFile.PageTemplateFile('dtml/GRUF_user', globals())

Definition at line 151 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_users = PageTemplateFile.PageTemplateFile('dtml/GRUF_users', globals())

Definition at line 148 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.manage_wizard = PageTemplateFile.PageTemplateFile('dtml/GRUF_wizard', globals())

Definition at line 146 of file GroupUserFolder.py.

Definition at line 2555 of file GroupUserFolder.py.

Definition at line 2534 of file GroupUserFolder.py.

Definition at line 2491 of file GroupUserFolder.py.

Definition at line 2558 of file GroupUserFolder.py.

Definition at line 790 of file GroupUserFolder.py.

Definition at line 2600 of file GroupUserFolder.py.

Definition at line 1380 of file GroupUserFolder.py.

Definition at line 165 of file GroupUserFolder.py.

tuple GroupUserFolder.GroupUserFolder.security = ClassSecurityInfo()

_haveLDAPUF = 0

Definition at line 127 of file GroupUserFolder.py.

Definition at line 776 of file GroupUserFolder.py.

Definition at line 700 of file GroupUserFolder.py.

string GroupUserFolder.GroupUserFolder.title = 'Rename Error'

if not ob.cb_isMoveable(): raise "Copy Error", eNotSupported % id self._verifyObjectPaste(ob) # This is what we disable

Definition at line 2554 of file GroupUserFolder.py.

Definition at line 163 of file GroupUserFolder.py.

Definition at line 894 of file GroupUserFolder.py.

Definition at line 924 of file GroupUserFolder.py.

Definition at line 848 of file GroupUserFolder.py.

Definition at line 511 of file GroupUserFolder.py.

Definition at line 736 of file GroupUserFolder.py.

Definition at line 474 of file GroupUserFolder.py.

Definition at line 757 of file GroupUserFolder.py.

Definition at line 502 of file GroupUserFolder.py.

Definition at line 519 of file GroupUserFolder.py.

Definition at line 485 of file GroupUserFolder.py.

Definition at line 527 of file GroupUserFolder.py.

Definition at line 495 of file GroupUserFolder.py.

Definition at line 907 of file GroupUserFolder.py.

Definition at line 937 of file GroupUserFolder.py.

Definition at line 858 of file GroupUserFolder.py.

Definition at line 883 of file GroupUserFolder.py.

Definition at line 914 of file GroupUserFolder.py.

Definition at line 868 of file GroupUserFolder.py.

Definition at line 838 of file GroupUserFolder.py.