Commit 3fcf0879 authored by Vincent Pelletier's avatar Vincent Pelletier

fixup! [by Vincent] Get rid of all module-global callables. Use PAS API...

fixup! [by Vincent] Get rid of all module-global callables. Use PAS API instead. Use all non-PAS API public methods. Use PAS API instead. Implement IAuthenticationPlugin API better, so PAS API becomes usable for ERP5-based authentication.
parent cb2474a5
......@@ -49,6 +49,8 @@ class ERP5User(PropertiedUser):
""" User class that checks the object allows acquisition of local roles the
ERP5Type way.
"""
_user_value = None
_login_value = None
def getRolesInContext( self, object ):
""" Return the list of roles assigned to the user.
......@@ -204,6 +206,55 @@ class ERP5User(PropertiedUser):
"""
return self._id
def getUserValue(self):
""" -> user document
Return the document (ex: Person) corresponding to current user.
"""
result = self._user_value
if result is not None:
return result
user, = [x for x in self.aq_parent.searchUsers(
exact_match=True,
id=self.getId(),
) if 'path' in x]
result = self._user_value = self.getPortalObject().restrictedTraverse(
user['path'],
)
return result
def getLoginValue(self):
""" -> login document
Return the document (ex: ERP5 Login) corresponding to current user's login.
"""
result = self._login_value
if result is not None:
return result
user, = [x for x in self.aq_parent.searchUsers(
exact_match=True,
login=self.getUserName(),
) if 'login_list' in x]
login, = user['login_list']
result = self._login_value = self.getPortalObject().restrictedTraverse(
login['path'],
)
return result
def getLoginValueList(self, portal_type=None, limit=None):
""" -> list of login documents
Return the list of login documents belonging to current user.
"""
user, = [x for x in self.aq_parent.searchUsers(
exact_match=True,
id=self.getId(),
login_portal_type=portal_type,
max_results=limit,
) if 'login_list' in x]
restrictedTraverse = self.getPortalObject().restrictedTraverse
return [restrictedTraverse(x['path']) for x in user['login_list']]
InitializeClass(ERP5User)
......
......@@ -15,6 +15,7 @@
""" Classes: ERP5UserManager
"""
from funtools import partial
from Products.ERP5Type.Globals import InitializeClass
from AccessControl import ClassSecurityInfo
from AccessControl.AuthEncoding import pw_validate
......@@ -142,10 +143,11 @@ class ERP5UserManager(BasePlugin):
).dictionaries()
searchLogin = lambda **kw: unrestrictedSearchResults(
select_list=('parent_uid', 'reference'),
portal_type=login_portal_type or [],
validation_state='validated',
**kw
).dictionaries()
if login_portal_type is not None:
searchLogin = partial(searchLogin, portal_type=login_portal_type)
if login is None:
# Only search by id if login is not given. Same logic as in
# PluggableAuthService.searchUsers.
......@@ -209,7 +211,7 @@ class ERP5UserManager(BasePlugin):
'id': user['reference'],
# Note: PAS forbids us from returning more than one entry per given id,
# so take any available login.
'login': login_dict.get(user['uid'], [None])[0],
'login': login_dict.get(user['uid'], [None])[0]['reference'],
'pluginid': plugin_id,
# Extra properties, specific to ERP5
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment