[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/ Added a
login_logout snippet that works with all varieties of
principals. The old approach broke with principals coming
from a principal folder.
Garrett Smith
garrett at mojave-corp.com
Sat Feb 5 18:35:40 EST 2005
Log message for revision 29058:
Added a login_logout snippet that works with all varieties of principals. The old approach broke with principals coming from a principal folder.
Changed:
U Zope3/trunk/src/zope/app/rotterdam/template.pt
U Zope3/trunk/src/zope/app/security/browser/auth.py
U Zope3/trunk/src/zope/app/security/browser/configure.zcml
A Zope3/trunk/src/zope/app/security/browser/loginlogout.txt
U Zope3/trunk/src/zope/app/security/browser/tests.py
-=-
Modified: Zope3/trunk/src/zope/app/rotterdam/template.pt
===================================================================
--- Zope3/trunk/src/zope/app/rotterdam/template.pt 2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/rotterdam/template.pt 2005-02-05 23:35:39 UTC (rev 29058)
@@ -56,14 +56,7 @@
</metal:block>
<metal:block define-slot="login_logout">
<metal:macro define-macro="login_logout">
- <a href=""
- tal:attributes="href string:@@logout.html?nextURL=${request/URL/url:quote}"
- tal:condition="python: hasattr(request.principal, 'getLogin')"
- i18n:translate="">[Logout]</a>
- <a href=""
- tal:attributes="href string:@@login.html?nextURL=${request/URL/url:quote}"
- tal:condition="python: not hasattr(request.principal, 'getLogin')"
- i18n:translate="">[Login]</a>
+ <tal:block content="structure context/@@login_logout" />
</metal:macro>
</metal:block>
</div>
Modified: Zope3/trunk/src/zope/app/security/browser/auth.py
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/auth.py 2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/auth.py 2005-02-05 23:35:39 UTC (rev 29058)
@@ -15,12 +15,13 @@
$Id$
"""
+import urllib
from zope.interface import implements
from zope.i18n import translate
from zope.app.zapi import getName, getPath
from zope.app.publisher.interfaces.http import ILogin, ILogout
from zope.app.security.interfaces import IAuthentication
-from zope.app.security.principalregistry import UnauthenticatedPrincipal
+from zope.app.security.interfaces import IUnauthenticatedPrincipal
from zope.app.pagetemplate import ViewPageTemplateFile
from zope.proxy import removeAllProxies
from zope.app.i18n import ZopeMessageIDFactory as _
@@ -38,7 +39,7 @@
def render(self, name):
sourcename = 'principals.zcml'
html = []
-
+
# add sub title for source search field
html.append('<h4 i18n:translate="">%s</h4>' % sourcename)
# start row for search fields
@@ -77,8 +78,7 @@
def login(self, nextURL=None):
"""See zope.app.security.interfaces.ILogin"""
- if isinstance(removeAllProxies(self.request.principal), \
- UnauthenticatedPrincipal):
+ if IUnauthenticatedPrincipal.providedBy(self.request.principal):
self.request.unauthorized("basic realm='Zope'")
return self.failed()
else:
@@ -104,7 +104,7 @@
def logout(self, nextURL=None):
"""See zope.app.security.interfaces.ILogout"""
- if not isinstance(self.request.principal, UnauthenticatedPrincipal):
+ if not IUnauthenticatedPrincipal.providedBy(self.request.principal):
self.request.unauthorized("basic realm='Zope'")
if nextURL:
return self.redirect()
@@ -119,3 +119,18 @@
redirect = ViewPageTemplateFile('redirect.pt')
+class LoginLogout:
+
+ def __init__(self, context, request):
+ self.context = context
+ self.request = request
+
+ def __call__(self):
+ if IUnauthenticatedPrincipal.providedBy(self.request.principal):
+ page = 'login.html'
+ label = _('[Login]')
+ else:
+ page = 'logout.html'
+ label = _('[Logout]')
+ return '<a href="%s?nextURL=%s">%s</a>' % (
+ page, urllib.quote(self.request.getURL()), label)
Modified: Zope3/trunk/src/zope/app/security/browser/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/configure.zcml 2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/configure.zcml 2005-02-05 23:35:39 UTC (rev 29058)
@@ -6,14 +6,14 @@
for="zope.app.security.interfaces.IAuthentication
zope.publisher.interfaces.browser.IBrowserRequest"
provides="zope.app.form.browser.interfaces.ISourceQueryView"
- factory="zope.app.security.browser.auth.AuthUtilitySearchView"
+ factory="zope.app.security.browser.auth.AuthUtilitySearchView"
/>
<adapter
for="zope.app.security.interfaces.IPrincipalSource
zope.publisher.interfaces.browser.IBrowserRequest"
provides="zope.app.form.browser.interfaces.ITerms"
- factory="zope.app.security.browser.principalterms.PrincipalTerms"
+ factory="zope.app.security.browser.principalterms.PrincipalTerms"
/>
<browser:page
@@ -34,6 +34,13 @@
allowed_interface="zope.app.publisher.interfaces.http.ILogout"
/>
+ <browser:page
+ name="login_logout"
+ for="*"
+ class=".auth.LoginLogout"
+ permission="zope.Public"
+ />
+
<browser:tool
interface="..interfaces.IPermission"
title="Permission"
Added: Zope3/trunk/src/zope/app/security/browser/loginlogout.txt
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/loginlogout.txt 2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/loginlogout.txt 2005-02-05 23:35:39 UTC (rev 29058)
@@ -0,0 +1,46 @@
+====================
+Login/Logout Snippet
+====================
+
+The class LoginLogout:
+
+ >>> from zope.app.security.browser.auth import LoginLogout
+
+is used as a view to generate an HTML snippet suitable for logging in or
+logging out based on whether or not the current principal is authenticated.
+
+When the current principal is unauthenticated, it provides
+IUnauthenticatedPrincipal:
+
+ >>> from zope.app.security.interfaces import IUnauthenticatedPrincipal
+ >>> from zope.app.security.principalregistry import UnauthenticatedPrincipal
+ >>> anonymous = UnauthenticatedPrincipal('anon', '', '')
+ >>> IUnauthenticatedPrincipal.providedBy(anonymous)
+ True
+
+When LoginLogout is used for a request that has an unauthenticated principal,
+it provides the user with a link to 'Login':
+
+ >>> from zope.publisher.browser import TestRequest
+ >>> request = TestRequest()
+ >>> request.setPrincipal(anonymous)
+ >>> LoginLogout(None, request)()
+ u'<a href="login.html?nextURL=http%3A//127.0.0.1">[Login]</a>'
+
+When LoginLogout is used for a request that has an authenticated principal:
+
+ >>> from zope.security.interfaces import IPrincipal
+ >>> from zope.interface import implements
+ >>> class Bob:
+ ... implements(IPrincipal)
+ ... id = 'bob'
+ ... title = description = ''
+ >>> bob = Bob()
+ >>> IUnauthenticatedPrincipal.providedBy(bob)
+ False
+ >>> request.setPrincipal(bob)
+
+it provides the user with a link to 'Logout':
+
+ >>> LoginLogout(None, request)()
+ u'<a href="logout.html?nextURL=http%3A//127.0.0.1">[Logout]</a>'
Modified: Zope3/trunk/src/zope/app/security/browser/tests.py
===================================================================
--- Zope3/trunk/src/zope/app/security/browser/tests.py 2005-02-05 19:19:17 UTC (rev 29057)
+++ Zope3/trunk/src/zope/app/security/browser/tests.py 2005-02-05 23:35:39 UTC (rev 29058)
@@ -28,6 +28,9 @@
doctest.DocFileSuite('principalterms.txt',
setUp=placelesssetup.setUp,
tearDown=placelesssetup.tearDown),
+ doctest.DocFileSuite('loginlogout.txt',
+ setUp=placelesssetup.setUp,
+ tearDown=placelesssetup.tearDown),
))
if __name__ == '__main__':
More information about the Zope3-Checkins
mailing list