[Zope-CVS] SVN: ldappas/trunk/ Added missing principalInfo() method to authenticator plugin.

Stephan Richter srichter at cosmos.phy.tufts.edu
Thu May 26 13:36:10 EDT 2005 

Log message for revision 30514:
  Added missing principalInfo() method to authenticator plugin.
  

Changed:
  U   ldappas/trunk/README.txt
  U   ldappas/trunk/authentication.py

-=-
Modified: ldappas/trunk/README.txt
===================================================================
--- ldappas/trunk/README.txt	2005-05-26 15:23:18 UTC (rev 30513)
+++ ldappas/trunk/README.txt	2005-05-26 17:35:39 UTC (rev 30514)
@@ -125,12 +125,29 @@
   >>> auth.authenticateCredentials({'login': 'ok', 'password': '42pw'}) is None
   True
 
+When dealing with security settings, only the prinipal id is stored. To
+retrieve the principal object, the pluggable autnetication utility uses the
+authenticator'a ``principalInfo(id)`` method to extract further details.
+
+If the id is not in this plugin, return nothing.   
+
+  >>> auth.idAttribute = 'uid'   
+  >>> auth.searchBase = 'dc=test'
+  >>> auth.principalInfo('42') is None   
+  True   
+
+Otherwise return the info if we have it.   
+
+  >>> auth.principalInfo('ldap.123') is None   
+  True   
+  >>> info = auth.principalInfo('ldap.42')   
+  >>> info, info.login, info.title, info.description
+  (PrincipalInfo('42'), u'ok', u'the question', u'the question')
+
 In user interfaces, you commonly want to search through the available
 principals for managment purposes. The authentication plugin provides an API
 for searching through the principals. An empty search returns everything.
 
-  >>> auth.idAttribute = 'uid'
-  >>> auth.searchBase = 'dc=test'
   >>> auth.search({})
   [u'ldap.1', u'ldap.2', u'ldap.42']
 

Modified: ldappas/trunk/authentication.py
===================================================================
--- ldappas/trunk/authentication.py	2005-05-26 15:23:18 UTC (rev 30513)
+++ ldappas/trunk/authentication.py	2005-05-26 17:35:39 UTC (rev 30514)
@@ -98,7 +98,7 @@
         return da
 
     def authenticateCredentials(self, credentials):
-        """See zope.app.authentication.interfaces.IAuthenticationPlugin."""
+        """See zope.app.authentication.interfaces.IAuthenticatorPlugin."""
 
         if not isinstance(credentials, dict):
             return None
@@ -145,6 +145,33 @@
 
         return PrincipalInfo(id, **self.getInfoFromEntry(dn, entry))
 
+    def principalInfo(self, id):
+        """See zope.app.authentication.interfaces.IAuthenticatorPlugin."""
+        if not id.startswith(self.principalIdPrefix):   
+            return None
+        id = id[len(self.principalIdPrefix):]
+           
+        da = self.getLDAPAdapter()
+        if da is None:
+            return None
+
+        # Search for a matching entry.
+        try:
+            conn = da.connect()
+        except ServerDown:
+            return None
+        filter = filter_format('(%s=%s)', (self.idAttribute, id))
+        try:
+            res = conn.search(self.searchBase, self.searchScope, filter=filter)
+        except NoSuchObject:
+            return None
+        if len(res) != 1:
+            # Search returned no result or too many.
+            return None
+        dn, entry = res[0]
+
+        return PrincipalInfo(id, **self.getInfoFromEntry(dn, entry))
+
     def getInfoFromEntry(self, dn, entry):
         try:
             title = entry[self.titleAttribute][0]

More information about the Zope-CVS mailing list