[Zope-CVS] CVS: Products/PluggableAuthService/plugins -
ZODBGroupManager.py:1.3.4.1 ZODBRoleManager.py:1.3.4.2
ZODBUserManager.py:1.4.2.1
Lennart Regebro
regebro at nuxeo.com
Tue Aug 31 10:42:14 EDT 2004
Update of /cvs-repository/Products/PluggableAuthService/plugins
In directory cvs.zope.org:/tmp/cvs-serv26731/plugins
Modified Files:
Tag: regebro-implement_challenge-branch
ZODBGroupManager.py ZODBRoleManager.py ZODBUserManager.py
Log Message:
Merge from HEAD + new challenge implementation.
=== Products/PluggableAuthService/plugins/ZODBGroupManager.py 1.3 => 1.3.4.1 ===
--- Products/PluggableAuthService/plugins/ZODBGroupManager.py:1.3 Thu Aug 12 11:15:54 2004
+++ Products/PluggableAuthService/plugins/ZODBGroupManager.py Tue Aug 31 10:41:43 2004
@@ -113,11 +113,11 @@
info = {}
info.update( self._groups[ group_id ] )
-
+
info[ 'pluginid' ] = plugin_id
info[ 'properties_url' ] = '%s?%s' % ( e_url, p_qs )
info[ 'members_url' ] = '%s?%s' % ( e_url, m_qs )
-
+
if not group_filter or group_filter( info ):
group_info.append( info )
@@ -229,7 +229,7 @@
if ( group_id not in self._principal_groups.get( id, () )
and group_id != id ):
result.append( ( id, title ) )
-
+
return result
security.declareProtected( ManageGroups, 'listAssignedPrincipals' )
@@ -245,9 +245,13 @@
parent = aq_parent( self )
info = parent.searchPrincipals( id=k, exact_match=True )
- assert( len( info ) == 1 )
- result.append( ( k, info[0].get( 'title', k ) ) )
-
+ assert( len( info ) in ( 0, 1 ) )
+ if len( info ) == 0:
+ title = '<%s: not found>' % k
+ else:
+ title = info[0].get( 'title', k )
+ result.append( ( k, title ) )
+
return result
security.declareProtected( ManageGroups, 'addPrincipalToGroup' )
@@ -371,7 +375,7 @@
message = 'no+groups+selected'
else:
-
+
for group_id in group_ids:
self.removeGroup( group_id )
@@ -420,7 +424,7 @@
""" Remove one or more principals from a group via the ZMI.
"""
removed = []
-
+
for principal_id in principal_ids:
if self.removePrincipalFromGroup( principal_id, group_id ):
removed.append( principal_id )
=== Products/PluggableAuthService/plugins/ZODBRoleManager.py 1.3.4.1 => 1.3.4.2 ===
--- Products/PluggableAuthService/plugins/ZODBRoleManager.py:1.3.4.1 Mon Aug 30 13:11:35 2004
+++ Products/PluggableAuthService/plugins/ZODBRoleManager.py Tue Aug 31 10:41:43 2004
@@ -79,7 +79,8 @@
role_holder = aq_parent( aq_inner( container ) )
for role in getattr( role_holder, '__ac_roles__', () ):
try:
- self.addRole( role )
+ if role not in ('Anonymous', 'Authenticated'):
+ self.addRole( role )
except KeyError:
pass
@@ -129,14 +130,14 @@
e_url = '%s/manage_roles' % self.getId()
p_qs = 'role_id=%s' % role_id
m_qs = 'role_id=%s&assign=1' % role_id
-
+
info = {}
info.update( self._roles[ role_id ] )
-
+
info[ 'pluginid' ] = plugin_id
info[ 'properties_url' ] = '%s?%s' % (e_url, p_qs)
info[ 'members_url' ] = '%s?%s' % (e_url, m_qs)
-
+
if not role_filter or role_filter( info ):
role_info.append( info )
@@ -240,7 +241,7 @@
if ( role_id not in self._principal_roles.get( id, () )
and role_id != id ):
result.append( ( id, title ) )
-
+
return result
security.declareProtected( ManageUsers, 'listAssignedPrincipals' )
@@ -252,18 +253,17 @@
for k, v in self._principal_roles.items():
if role_id in v:
- # should be one and only one mapping to 'k'
+ # should be at most one and only one mapping to 'k'
parent = aq_parent( self )
info = parent.searchPrincipals( id=k, exact_match=True )
- # This assertion used to be == 1. However, if a user
- # is deleted, this would break the whole plugin.
- # So that can't be right. Now checking that is is
- # instead less than two.
- assert( len( info ) < 2 )
- if info:
- result.append( ( k, info[0].get( 'title', k ) ) )
-
+ assert( len( info ) in ( 0, 1 ) )
+ if len( info ) == 0:
+ title = '<%s: not found>' % k
+ else:
+ title = info[0].get( 'title', k )
+ result.append( ( k, title ) )
+
return result
security.declareProtected( ManageUsers, 'assignRoleToPrincipal' )
@@ -378,7 +378,7 @@
message = 'no+roles+selected'
else:
-
+
for role_id in role_ids:
self.removeRole( role_id )
@@ -423,7 +423,7 @@
""" Remove a role from one or more principals via the ZMI.
"""
removed = []
-
+
for principal_id in principal_ids:
if self.removeRoleFromPrincipal( role_id, principal_id ):
removed.append( principal_id )
=== Products/PluggableAuthService/plugins/ZODBUserManager.py 1.4 => 1.4.2.1 ===
--- Products/PluggableAuthService/plugins/ZODBUserManager.py:1.4 Mon Aug 30 09:22:41 2004
+++ Products/PluggableAuthService/plugins/ZODBUserManager.py Tue Aug 31 10:41:43 2004
@@ -18,7 +18,7 @@
"""
import sha
-from AccessControl import ClassSecurityInfo
+from AccessControl import ClassSecurityInfo, AuthEncoding
from AccessControl.SecurityManagement import getSecurityManager
from App.class_init import default__class_init__ as InitializeClass
from BTrees.OOBTree import OOBTree
@@ -91,9 +91,15 @@
return (None, None)
userid = self._login_to_userid.get( login, login )
+ reference = self._user_passwords[ userid ]
+ if AuthEncoding.is_encrypted( reference ):
+ if AuthEncoding.pw_validate( reference, password ):
+ return userid, login
+
+ # Support previous naive behavior
digested = sha.sha( password ).hexdigest()
-
- if self._user_passwords.get( userid ) == digested:
+
+ if reference == digested:
return userid, login
return (None, None)
@@ -225,7 +231,7 @@
if self._login_to_userid.get( login_name ) is not None:
raise KeyError, 'Duplicate login name: %s' % login_name
- self._user_passwords[ user_id ] = sha.sha( password ).hexdigest()
+ self._user_passwords[ user_id ] = AuthEncoding.pw_encrypt( password )
self._login_to_userid[ login_name ] = user_id
self._userid_to_login[ user_id ] = login_name
@@ -255,7 +261,7 @@
self._userid_to_login[ user_id ] = login_name
if password:
- digested = sha.sha( password ).hexdigest()
+ digested = AuthEncoding.pw_encrypt( password )
self._user_passwords[ user_id ] = digested
#
More information about the Zope-CVS
mailing list