[Zope3-checkins] SVN: Zope3/branches/hdima-password-managers/src/
Added password manager's support for global principals
Dmitry Vasiliev
dima at hlabs.spb.ru
Mon Oct 24 09:19:17 EDT 2005
Log message for revision 39573:
Added password manager's support for global principals
Changed:
U Zope3/branches/hdima-password-managers/src/bugtracker/tests/test_vocabularies.py
U Zope3/branches/hdima-password-managers/src/zope/app/security/globalprincipals.txt
U Zope3/branches/hdima-password-managers/src/zope/app/security/metaconfigure.py
U Zope3/branches/hdima-password-managers/src/zope/app/security/metadirectives.py
U Zope3/branches/hdima-password-managers/src/zope/app/security/principalregistry.py
U Zope3/branches/hdima-password-managers/src/zope/app/security/tests/principal.zcml
-=-
Modified: Zope3/branches/hdima-password-managers/src/bugtracker/tests/test_vocabularies.py
===================================================================
--- Zope3/branches/hdima-password-managers/src/bugtracker/tests/test_vocabularies.py 2005-10-24 13:09:08 UTC (rev 39572)
+++ Zope3/branches/hdima-password-managers/src/bugtracker/tests/test_vocabularies.py 2005-10-24 13:19:16 UTC (rev 39573)
@@ -169,9 +169,10 @@
self.assertEqual(self.term.title, 'bar')
-class UserTermTest(unittest.TestCase):
+class UserTermTest(PlacelessSetup, unittest.TestCase):
def setUp(self):
+ PlacelessSetup.setUp(self)
principal = Principal('0', 'Stephan', 'blah', 'srichter', 'Nothing')
self.term = UserTerm(principal)
Modified: Zope3/branches/hdima-password-managers/src/zope/app/security/globalprincipals.txt
===================================================================
--- Zope3/branches/hdima-password-managers/src/zope/app/security/globalprincipals.txt 2005-10-24 13:09:08 UTC (rev 39572)
+++ Zope3/branches/hdima-password-managers/src/zope/app/security/globalprincipals.txt 2005-10-24 13:19:16 UTC (rev 39573)
@@ -20,6 +20,7 @@
... description="System Manager"
... login="admin"
... password="123"
+ ... password_manager="SHA1"
... />
...
... </configure>
Modified: Zope3/branches/hdima-password-managers/src/zope/app/security/metaconfigure.py
===================================================================
--- Zope3/branches/hdima-password-managers/src/zope/app/security/metaconfigure.py 2005-10-24 13:09:08 UTC (rev 39572)
+++ Zope3/branches/hdima-password-managers/src/zope/app/security/metaconfigure.py 2005-10-24 13:19:16 UTC (rev 39573)
@@ -28,6 +28,7 @@
from zope.app.security import principalregistry
from zope.app.security import interfaces
+
def securityPolicy(_context, component):
_context.action(
@@ -104,11 +105,12 @@
if group is not None:
_everybodyGroup(group.id)
-def principal(_context, id, title, login, password, description=''):
+def principal(_context, id, title, login,
+ password, description='', password_manager="Plain Text"):
_context.action(
discriminator = ('principal', id),
callable = principalregistry.principalRegistry.definePrincipal,
- args = (id, title, description, login, password) )
+ args = (id, title, description, login, password, password_manager) )
_context.action(discriminator = None, callable = _principal, args = ())
Modified: Zope3/branches/hdima-password-managers/src/zope/app/security/metadirectives.py
===================================================================
--- Zope3/branches/hdima-password-managers/src/zope/app/security/metadirectives.py 2005-10-24 13:09:08 UTC (rev 39572)
+++ Zope3/branches/hdima-password-managers/src/zope/app/security/metadirectives.py 2005-10-24 13:19:16 UTC (rev 39573)
@@ -21,6 +21,7 @@
from zope.schema import InterfaceField, Id, TextLine
from fields import Permission
+
class ISecurityPolicyDirective(Interface):
"""Defines the security policy that will be used for Zope."""
@@ -69,7 +70,7 @@
directly in the attributes attribute or any names defined by
interfaces listed in the interface attribute.
"""
-
+
permission = Permission(
title=u"Permission ID",
description=u"The id of the permission to require.")
@@ -77,7 +78,7 @@
class IBaseDefineDirective(Interface):
"""Define a new security object."""
-
+
id = Id(
title=u"Id",
description=u"Id as which this object will be known and used.",
@@ -99,7 +100,7 @@
class IBasePrincipalDirective(Interface):
"""Base interface for principal definition directives."""
-
+
id = Id(
title=u"Id",
description=u"Id as which this object will be known and used.",
@@ -128,6 +129,13 @@
description=u"Specifies the Principal's Password.",
required=True)
+ password_manager = TextLine(
+ title=u"Password Manager Name",
+ description=(u"Name of the password manager will be used"
+ " for encode/check the password"),
+ default=u"Plain Text"
+ )
+
class IDefineUnauthenticatedPrincipalDirective(IBasePrincipalDirective):
"""Define a new unauthenticated principal."""
@@ -147,7 +155,7 @@
title=u"Original permission",
description=u"Original permission id to redefine.",
required=True)
-
+
to = Permission(
title=u"Substituted permission",
description=u"Substituted permission id.",
Modified: Zope3/branches/hdima-password-managers/src/zope/app/security/principalregistry.py
===================================================================
--- Zope3/branches/hdima-password-managers/src/zope/app/security/principalregistry.py 2005-10-24 13:09:08 UTC (rev 39572)
+++ Zope3/branches/hdima-password-managers/src/zope/app/security/principalregistry.py 2005-10-24 13:19:16 UTC (rev 39573)
@@ -16,12 +16,15 @@
$Id$
"""
from zope.interface import implements
+
+from zope.app.authentication.interfaces import IPasswordManager
from zope.app.security.interfaces import PrincipalLookupError
from zope.app import zapi
from zope.security.interfaces import IPrincipal, IGroupAwarePrincipal
from zope.app.security import interfaces
from zope.app.container.contained import Contained, contained
+
class DuplicateLogin(Exception): pass
class DuplicateId(Exception): pass
@@ -92,7 +95,7 @@
self.__principalsByLogin = {}
def definePrincipal(self, principal, title, description='',
- login='', password=''):
+ login='', password='', passwordManagerName='Plain Text'):
id=principal
if login in self.__principalsByLogin:
raise DuplicateLogin(login)
@@ -100,7 +103,8 @@
if id in self.__principalsById or id == self.__defaultid:
raise DuplicateId(id)
- p = Principal(id, title, description, login, password)
+ p = Principal(id, title, description,
+ login, password, passwordManagerName)
p = contained(p, self, id)
self.__principalsByLogin[login] = p
@@ -144,16 +148,23 @@
implements(IGroupAwarePrincipal)
- def __init__(self, id, title, description, login, pw):
+ def __init__(self, id, title, description, login,
+ pw, pwManagerName="Plain Text"):
super(Principal, self).__init__(id, title, description)
self.__login = login
- self.__pw = pw
+ self.__pwManagerName = pwManagerName
+ pwManager = self.__getPasswordManager()
+ self.__pw = pwManager.encodePassword(pw)
+ def __getPasswordManager(self):
+ return zapi.getUtility(IPasswordManager, self.__pwManagerName)
+
def getLogin(self):
return self.__login
def validate(self, pw):
- return pw == self.__pw
+ pwManager = self.__getPasswordManager()
+ return pwManager.checkPassword(self.__pw, pw)
class UnauthenticatedPrincipal(PrincipalBase):
Modified: Zope3/branches/hdima-password-managers/src/zope/app/security/tests/principal.zcml
===================================================================
--- Zope3/branches/hdima-password-managers/src/zope/app/security/tests/principal.zcml 2005-10-24 13:09:08 UTC (rev 39572)
+++ Zope3/branches/hdima-password-managers/src/zope/app/security/tests/principal.zcml 2005-10-24 13:19:16 UTC (rev 39573)
@@ -9,7 +9,7 @@
id="zope.p1"
title="Sir Tim Peters"
description="Tim Peters"
- login="tim" password="123" />
+ login="tim" password="123" password_manager="SHA1" />
<principal
id="zope.p2"
More information about the Zope3-Checkins
mailing list