Hi all! I've developed a site that if you are not logged in renders in a way but if you are logged in renders in another way (with more functionality) I would like to create a logon form and the validate the user in an AJAX way Where can I read about it? Or where the acl_users code is located? I would like to avoid the use of alternatives acl_users products if possible because I would like to store users on the ZODB normaly as original acl_users object do (I don't need ExUserFolder or similar if possible) Thanks! -- Mis Cosas http://blogs.sistes.net/Garito
Not sure if it's exactly what you're looking for but you may want to check out the Cookie Crumbler product. http://packages.debian.org/stable/source/zope-cookiecrumbler On Jul 5, 2007, at 2:41 AM, Garito wrote:
Hi all! I've developed a site that if you are not logged in renders in a way but if you are logged in renders in another way (with more functionality)
I would like to create a logon form and the validate the user in an AJAX way
Where can I read about it? Or where the acl_users code is located?
I would like to avoid the use of alternatives acl_users products if possible because I would like to store users on the ZODB normaly as original acl_users object do (I don't need ExUserFolder or similar if possible)
Thanks!
-- Mis Cosas http://blogs.sistes.net/Garito _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Thanks, I try to use a more easy solution but it's ok I check this and ExUserFolder but in both cases I don't understand the product's setup process Do you know where I can found a tutorial about how to setup and use Cookie Crumbler product? Thanks again! 2007/7/5, Tom Von Lahndorff <tom@modscape.com>:
Not sure if it's exactly what you're looking for but you may want to check out the Cookie Crumbler product. http://packages.debian.org/stable/source/zope-cookiecrumbler
On Jul 5, 2007, at 2:41 AM, Garito wrote:
Hi all! I've developed a site that if you are not logged in renders in a way but if you are logged in renders in another way (with more functionality)
I would like to create a logon form and the validate the user in an AJAX way
Where can I read about it? Or where the acl_users code is located?
I would like to avoid the use of alternatives acl_users products if possible because I would like to store users on the ZODB normaly as original acl_users object do (I don't need ExUserFolder or similar if possible)
Thanks!
-- Mis Cosas http://blogs.sistes.net/Garito _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
-- Mis Cosas http://blogs.sistes.net/Garito
Thanks, I try to use a more easy solution but it's ok
I check this and ExUserFolder but in both cases I don't understand the product's setup process
Do you know where I can found a tutorial about how to setup and use Cookie Crumbler product? I think you should rather take a look at PAS - PluggableAuthService and possibly just write your own plugin. There is Zope-PAS mailing list too. You may take a look at docs/ and interfaces in this package. Default PAS plugins include ZODB users storage and cookie authentication.
-- Maciej Wisniowski
Hi, Maciej! The same problem as with CookieCrumbler or ExUserFolder: I don't understand the process to setup the product in order to use it Do you know any url o similar about how to setup and use PAS? Thanks! 2007/7/5, Maciej Wisniowski <maciej.wisniowski@coig.katowice.pl>:
Thanks, I try to use a more easy solution but it's ok
I check this and ExUserFolder but in both cases I don't understand the product's setup process
Do you know where I can found a tutorial about how to setup and use Cookie Crumbler product? I think you should rather take a look at PAS - PluggableAuthService and possibly just write your own plugin. There is Zope-PAS mailing list too. You may take a look at docs/ and interfaces in this package. Default PAS plugins include ZODB users storage and cookie authentication.
-- Maciej Wisniowski
-- Mis Cosas http://blogs.sistes.net/Garito
Hi, Maciej! The same problem as with CookieCrumbler or ExUserFolder: I don't understand the process to setup the product in order to use it
Do you know any url o similar about how to setup and use PAS? docs/ folder in PAS product :)
I don't remember exaclty how PAS looks so following description is from memory and for older PAS version that I've used some time ago but should be suitable in general: You have to crate a folder you want to be secured. Then you should set View permission for authenticated users only (or something like that). This is typical Zope security machinery. Then you add PAS object into secured folder - this will create new 'acl_users' object. In 'acl_users' you need to add two plugins from the list: 1. Cookie.... (don't remember the name) 2. ZODB UserFolder Then you have to Activate added plugins (you'll find activation at properties or at 'plugins' object). Thats all. Now, at ZODB UserFolder object you may add users just like with default acl_users. If you take a look at interfaces.py or docs/ you'll find that there are few kinds of plugins for extraction, authentication etc. You may exchange some of them to suit your needs and write your own ones. -- Maciej Wisniowski
How can I change the user programatically? Can I? The process will be the same in acl_users, cookieCrumbler, ExUserFolder, isn't it? for example: acl_users.authenticate(user_name, password) Is this possible? That's my original need, but I'm not so sure if I ask properly, sorry Thanks so much! 2007/7/6, Maciej Wisniowski <maciej.wisniowski@coig.katowice.pl>:
Hi, Maciej! The same problem as with CookieCrumbler or ExUserFolder: I don't understand the process to setup the product in order to use it
Do you know any url o similar about how to setup and use PAS? docs/ folder in PAS product :)
I don't remember exaclty how PAS looks so following description is from memory and for older PAS version that I've used some time ago but should be suitable in general:
You have to crate a folder you want to be secured. Then you should set View permission for authenticated users only (or something like that). This is typical Zope security machinery.
Then you add PAS object into secured folder - this will create new 'acl_users' object.
In 'acl_users' you need to add two plugins from the list: 1. Cookie.... (don't remember the name) 2. ZODB UserFolder
Then you have to Activate added plugins (you'll find activation at properties or at 'plugins' object).
Thats all. Now, at ZODB UserFolder object you may add users just like with default acl_users.
If you take a look at interfaces.py or docs/ you'll find that there are few kinds of plugins for extraction, authentication etc. You may exchange some of them to suit your needs and write your own ones.
-- Maciej Wisniowski
-- Mis Cosas http://blogs.sistes.net/Garito
+-------[ Garito ]---------------------- | How can I change the user programatically? | Can I? | | The process will be the same in acl_users, cookieCrumbler, ExUserFolder, isn't | it? | | for example: acl_users.authenticate(user_name, password) | | Is this possible? | | That's my original need, but I'm not so sure if I ask properly, sorry That is exactly how to do it with exUserFolder. It will return a new user object, or None if the authentication failed. -- Andrew Milton akm@theinternet.com.au
Sure? I'll try then Thank you so much!!! 2007/7/7, Andrew Milton <akm@theinternet.com.au>:
+-------[ Garito ]---------------------- | How can I change the user programatically? | Can I? | | The process will be the same in acl_users, cookieCrumbler, ExUserFolder, isn't | it? | | for example: acl_users.authenticate(user_name, password) | | Is this possible? | | That's my original need, but I'm not so sure if I ask properly, sorry
That is exactly how to do it with exUserFolder. It will return a new user object, or None if the authentication failed.
-- Andrew Milton akm@theinternet.com.au
-- Mis Cosas http://blogs.sistes.net/Garito
I try context.acl_users.authenticate(user, pass, request) but this doesn't change the session user, isn't it? Can I change the logged user in the session in any way? Thanks! 2007/7/7, Garito <garito@sistes.net>:
Sure? I'll try then
Thank you so much!!!
2007/7/7, Andrew Milton <akm@theinternet.com.au>:
+-------[ Garito ]---------------------- | How can I change the user programatically? | Can I? | | The process will be the same in acl_users, cookieCrumbler, ExUserFolder, isn't | it? | | for example: acl_users.authenticate(user_name, password) | | Is this possible? | | That's my original need, but I'm not so sure if I ask properly, sorry
That is exactly how to do it with exUserFolder. It will return a new user object, or None if the authentication failed.
-- Andrew Milton akm@theinternet.com.au
-- Mis Cosas http://blogs.sistes.net/Garito
-- Mis Cosas http://blogs.sistes.net/Garito
+-------[ Garito ]---------------------- | I try context.acl_users.authenticate(user, pass, request) but this doesn't | change the session user, isn't it? | | Can I change the logged user in the session in any way? I'm not sure what you mean by "in the session". If you want to change the cookies et.al as you go, you call acl_users.remember(username, password, request) after the call to authenticate IF you get a user object back (i.e. authenticate was successful) Either that or you can stuff the request with __ac_name and __ac_password and call acl_users.validate(request), however this is not the preferred method to use for changing the logged in user on the fly. -- Andrew Milton akm@theinternet.com.au
Hi Andrew! This is my form code: <html> <head> <title tal:content="template/title">The title</title> </head> <body> <form method="post" tal:attributes="action here/Logon/absolute_url"> Usuario: <input type="text" name="__ac_name" /> Contraseña: <input type="password" name="__ac_password" /> <button type="submit">Logar</button> </form> </body> </html> And this is the Logon code: from AccessControl import getSecurityManager usuario = context.acl_users.validate(context.REQUEST) print str(usuario) print getSecurityManager().getUser().getUserName() return printed Did I understand you? (this code doesn't work ok) Where is the mistake? Thank you so much!!!! 2007/7/7, Andrew Milton <akm@theinternet.com.au>:
+-------[ Garito ]---------------------- | I try context.acl_users.authenticate(user, pass, request) but this doesn't | change the session user, isn't it? | | Can I change the logged user in the session in any way?
I'm not sure what you mean by "in the session".
If you want to change the cookies et.al as you go, you call acl_users.remember(username, password, request) after the call to authenticate IF you get a user object back (i.e. authenticate was successful)
Either that or you can stuff the request with __ac_name and __ac_password and call acl_users.validate(request), however this is not the preferred method to use for changing the logged in user on the fly.
-- Andrew Milton akm@theinternet.com.au
-- Mis Cosas http://blogs.sistes.net/Garito
+-------[ Garito ]---------------------- | Hi Andrew! | | This is my form code: | | <html> | <head> | <title tal:content="template/title">The title</title> | </head> | <body> | <form method="post" tal:attributes="action here/Logon/absolute_url"> | Usuario: <input type="text" name="__ac_name" /> | Contrase�a: <input type="password" name="__ac_password" /> | <button type="submit">Logar</button> | </form> | </body> | </html> | | And this is the Logon code: | | from AccessControl import getSecurityManager | | usuario = context.acl_users.validate(context.REQUEST) | | print str(usuario) | print getSecurityManager().getUser().getUserName() | | return printed | | Did I understand you? (this code doesn't work ok) | | Where is the mistake? First, check your Zope log.. there is quite a bit of debugging that XUF pumps out, in case something went astray. It's at the DEBUG level, so you may have to tweak your zope.conf settings to see it. You should get something like; exUserFolder identify returned <someuser>, <somepassword> Secondly, I wouldn't call validate... I would call .authenticate followed by .remember if you wish to change the user. -- Andrew Milton akm@theinternet.com.au
Garito wrote at 2007-7-7 14:17 +0200:
... And this is the Logon code:
from AccessControl import getSecurityManager
usuario = context.acl_users.validate(context.REQUEST)
Usually, the login in performed by the user folder automatically (provided, you use the correct form variables (what you apparently do). Why do you want to do it programmatically (rather than use the automatims)? -- Dieter
To Andrew: I'll try! If doesn't work I'll reask, thanks! To Dieter: I have a folder with some objects. This objects has 2 subgroups: availables for everyone and availables only for a role I would like to do folder.objectValues() and get a list of objects filtereds but I don't have any idea if I could do that What I can do (now if I solve the logon process will be finished) is have the whole list and filter in the read process: if user has access keep in the list, if not delete from it I try to do that with normal zope security machinery but with no success and I would like to finish as soon as possible Any idea? Thanks! 2007/7/8, Dieter Maurer <dieter@handshake.de>:
Garito wrote at 2007-7-7 14:17 +0200:
... And this is the Logon code:
from AccessControl import getSecurityManager
usuario = context.acl_users.validate(context.REQUEST)
Usually, the login in performed by the user folder automatically (provided, you use the correct form variables (what you apparently do). Why do you want to do it programmatically (rather than use the automatims)?
-- Dieter
-- Mis Cosas http://blogs.sistes.net/Garito
Garito wrote at 2007-7-9 02:24 +0200:
... To Dieter: I have a folder with some objects. This objects has 2 subgroups: availables for everyone and availables only for a role
I would like to do folder.objectValues() and get a list of objects filtereds but I don't have any idea if I could do that
If "objectValues" means the standard Zope "ObjectManager" method, then it does not do filtering based on permissions.
What I can do (now if I solve the logon process will be finished) is have the whole list and filter in the read process: if user has access keep in the list, if not delete from it
I try to do that with normal zope security machinery but with no success and I would like to finish as soon as possible
Even accessing an object for which the current user lacks the so called "object permission" will result in an "Unauthorized" exception. You may be able to allow import of "Unauthorized" and then use "try: ... except Unauthorized: ...". -- Dieter
Garito wrote at 2007-7-5 18:10 +0200:
... I check this and ExUserFolder but in both cases I don't understand the product's setup process
As for most products: You ensure that the "ExUserFolder" product is placed in the "Products" folder of your "INSTANCE_HOME". Then, you restart Zope and create an "ExUserFolder" object via the ZMI.
Do you know where I can found a tutorial about how to setup and use Cookie Crumbler product?
You install CMFCore (by placing the product "CMFCore" into the "Products" folder -- see above), restart and create a CookieCrumber instance via the ZMI. -- Dieter
participants (5)
-
Andrew Milton -
Dieter Maurer -
Garito -
Maciej Wisniowski -
Tom Von Lahndorff