Back to index

plone3  3.1.7
Functions | Variables
PluggableAuthService.Extensions.upgrade Namespace Reference

Functions

def _write
def _replaceUserFolder
def _migrate_user
def _upgradeLocalRoleAssignments
def replace_acl_users

Variables

 _upgraded_acl_users

Function Documentation

def PluggableAuthService.Extensions.upgrade._migrate_user (   pas,
  login,
  password,
  roles 
) [private]

Definition at line 114 of file upgrade.py.

00114 
00115 def _migrate_user( pas, login, password, roles ):
00116 
00117     from AccessControl import AuthEncoding
00118 
00119     if AuthEncoding.is_encrypted( password ):
00120         pas.users._user_passwords[ login ] = password
00121         pas.users._login_to_userid[ login ] = login
00122         pas.users._userid_to_login[ login ] = login
00123     else:
00124         pas.users.addUser( login, login, password )
00125 
00126     new_user = pas.getUser( login )
00127     for role_id in roles:
00128         if role_id not in ['Authenticated', 'Anonymous']:
00129             pas.roles.assignRoleToPrincipal( role_id,
00130                                              new_user.getId() )

Here is the caller graph for this function:

def PluggableAuthService.Extensions.upgrade._replaceUserFolder (   self,
  RESPONSE = None 
) [private]
replaces the old acl_users folder with a PluggableAuthService,
preserving users and passwords, if possible

Definition at line 42 of file upgrade.py.

00042 
00043 def _replaceUserFolder(self, RESPONSE=None):
00044     """replaces the old acl_users folder with a PluggableAuthService,
00045     preserving users and passwords, if possible
00046     """
00047     from Acquisition import aq_base
00048     from Products.PluggableAuthService.PluggableAuthService \
00049         import PluggableAuthService, _PLUGIN_TYPE_INFO
00050     from Products.PluginRegistry.PluginRegistry import PluginRegistry
00051     from Products.PluggableAuthService.plugins.ZODBUserManager \
00052         import ZODBUserManager
00053     from Products.PluggableAuthService.plugins.ZODBRoleManager \
00054         import ZODBRoleManager
00055     from Products.PluggableAuthService.interfaces.plugins \
00056          import IAuthenticationPlugin, IUserEnumerationPlugin
00057     from Products.PluggableAuthService.interfaces.plugins \
00058         import IRolesPlugin, IRoleEnumerationPlugin, IRoleAssignerPlugin
00059 
00060     if getattr( aq_base(self), '__allow_groups__', None ):
00061         if self.__allow_groups__.__class__ is PluggableAuthService:
00062             _write( RESPONSE
00063                   , 'replaceUserFolder'
00064                   , 'Already replaced this user folder\n' )
00065             return
00066 
00067         # Capture all the user info from the previous user folder,
00068         # then delete it.
00069         old_acl = self.__allow_groups__
00070         user_map = []
00071         for user_name in old_acl.getUserNames():
00072             old_user = old_acl.getUser( user_name )
00073             _write( RESPONSE
00074                   , 'replaceRootUserFolder'
00075                   , 'Capturing user info for %s\n' % user_name )
00076             user_map.append(
00077                 { 'login' : user_name,
00078                   'password' : old_user._getPassword(),
00079                   'roles' : old_user.getRoles() }
00080                 )
00081         self._delObject( 'acl_users' )
00082 
00083         # Create the new PluggableAuthService, and re-populate from
00084         # the captured data
00085         _pas = self.manage_addProduct['PluggableAuthService']
00086         new_pas = _pas.addPluggableAuthService()
00087         new_acl = self.acl_users
00088 
00089         user_folder = ZODBUserManager( 'users' )
00090         new_acl._setObject( 'users', user_folder )
00091         role_manager = ZODBRoleManager( 'roles' )
00092         new_acl._setObject( 'roles', role_manager )
00093 
00094         plugins = getattr( new_acl, 'plugins' )
00095         plugins.activatePlugin( IAuthenticationPlugin, 'users' )
00096         plugins.activatePlugin( IUserEnumerationPlugin, 'users' )
00097         plugins.activatePlugin( IRolesPlugin, 'roles' )
00098         plugins.activatePlugin( IRoleEnumerationPlugin, 'roles' )
00099         plugins.activatePlugin( IRoleAssignerPlugin, 'roles' )
00100         for user_dict in user_map:
00101             _write( RESPONSE
00102                   , 'replaceRootUserFolder'
00103                   , 'Translating user %s\n' % user_name )
00104             login = user_dict['login']
00105             password = user_dict['password']
00106             roles = user_dict['roles']
00107 
00108             _migrate_user( new_acl, login, password, roles )
00109         _write( RESPONSE
00110               , 'replaceRootUserFolder'
00111               , 'Replaced root acl_users with PluggableAuthService\n' )
00112 
00113     transaction.savepoint(True)

Here is the call graph for this function:

Here is the caller graph for this function:

def PluggableAuthService.Extensions.upgrade._upgradeLocalRoleAssignments (   self,
  RESPONSE = None 
) [private]
upgrades the __ac_local_roles__ attributes on objects to account
    for a move to using the PluggableAuthService.

Definition at line 131 of file upgrade.py.

00131 
00132 def _upgradeLocalRoleAssignments(self, RESPONSE=None):
00133     """ upgrades the __ac_local_roles__ attributes on objects to account
00134         for a move to using the PluggableAuthService.
00135     """
00136     from Acquisition import aq_base
00137 
00138     seen = {}
00139 
00140     def descend(user_folder, obj):
00141         path = obj.getPhysicalPath()
00142         if path not in seen:
00143             # get __ac_local_roles__, break it apart and refashion it
00144             # with new spellings.
00145             seen[path] = 1
00146             if getattr( aq_base( obj ), '__ac_local_roles__', None ):
00147                 if not callable(obj.__ac_local_roles__):
00148                     new_map = {}
00149                     map = obj.__ac_local_roles__
00150                     for key in map.keys():
00151                         new_principals = user_folder.searchPrincipals(id=key)
00152                         if not new_principals:
00153                             _write(
00154                                 RESPONSE
00155                               , 'upgradeLocalRoleAssignmentsFromRoot'
00156                               , '  Ignoring map for unknown principal %s\n'
00157                                 % key )
00158                             new_map[key] = map[key]
00159                             continue
00160                         npid = new_principals[0]['id']
00161                         new_map[npid] = map[key]
00162                         _write( RESPONSE
00163                               , 'upgradeLocalRoleAssignmentsFromRoot'
00164                               , '  Translated %s to %s\n' % ( key, npid ) )
00165                         _write( RESPONSE
00166                               , 'upgradeLocalRoleAssignmentsFromRoot'
00167                               , '  Assigned roles %s to %s\n' % ( map[key]
00168                                                                 , npid ) )
00169                     obj.__ac_local_roles__ = new_map
00170                     _write( RESPONSE
00171                           , 'upgradeLocalRoleAssignmentsFromRoot'
00172                           , ( 'Local Roles map changed for (%s)\n'
00173                               % '/'.join(path) ) )
00174             if (len(seen) % 100 ) == 0:
00175                 transaction.savepoint(True)
00176                 _write( RESPONSE
00177                       , 'upgradeLocalRoleAssignmentsFromRoot'
00178                       , "  -- Set savepoint at object # %d\n" % len( seen ) )
00179             if getattr(aq_base(obj), 'isPrincipiaFolderish', 0):
00180                 for o in obj.objectValues():
00181                     descend(user_folder, o)
00182 
00183     if getattr( self, '_upgraded_acl_users', None ):
00184         _write( RESPONSE
00185               , '_upgradeLocalRoleAssignments'
00186               , 'Local role assignments have already been updated.\n' )
00187         return
00188 
00189     descend(self.acl_users, self)
00190 
00191     transaction.savepoint(True)
00192 
00193 # External Method to use

Here is the call graph for this function:

Here is the caller graph for this function:

def PluggableAuthService.Extensions.upgrade._write (   response,
  tool,
  message 
) [private]

Definition at line 36 of file upgrade.py.

00036 
00037 def _write(response, tool, message):
00038     logger = logging.getLogger('PluggableAuthService.upgrade.%s' % tool)
00039     logger.info(message)
00040     if response is not None:
00041         response.write(message)

Here is the caller graph for this function:

def PluggableAuthService.Extensions.upgrade.replace_acl_users (   self,
  RESPONSE = None 
)

Definition at line 194 of file upgrade.py.

00194 
00195 def replace_acl_users(self, RESPONSE=None):
00196     _replaceUserFolder(self, RESPONSE)
00197     _upgradeLocalRoleAssignments(self, RESPONSE)
00198     self._upgraded_acl_users = 1
00199     _write( RESPONSE
00200           , 'replace_acl_users'
00201           , 'Root acl_users has been replaced,'
00202             ' and local role assignments updated.\n' )

Here is the call graph for this function:

Here is the caller graph for this function:


Variable Documentation

Definition at line 197 of file upgrade.py.