ERP5Security: External Auhentication Plugin accepts Login portal type list

This allow the administrator define which Login portal types are searched.

ERP5Security: External Auhentication Plugin accepts Login portal type list
This allow the administrator define which Login portal types are searched.
2db65b1a · Rafael Monnerat · b5841129 · 2db65b1a · 2db65b1a · 2db65b1a
Commit 2db65b1a authored Aug 26, 2019 by Rafael Monnerat
3 changed files
--- a/product/ERP5Security/ERP5ExternalAuthenticationPlugin.py
+++ b/product/ERP5Security/ERP5ExternalAuthenticationPlugin.py
@@ -41,11 +41,11 @@ manage_addERP5ExternalAuthenticationPluginForm = PageTemplateFile(
  'www/ERP5Security_addERP5ExternalAuthenticationPlugin', globals(),
  __name__='manage_addERP5ExternalAuthenticationPluginForm')

-def addERP5ExternalAuthenticationPlugin(dispatcher, id, title=None, user_id_key='',
-                              REQUEST=None):
+def addERP5ExternalAuthenticationPlugin(dispatcher, id, title=None, user_id_key='', 
+                 login_portal_type_list='ERP5 Login', REQUEST=None):
  """ Add a ERP5ExternalAuthenticationPlugin to a Pluggable Auth Service. """

-  plugin = ERP5ExternalAuthenticationPlugin(id, title, user_id_key)
+  plugin = ERP5ExternalAuthenticationPlugin(id, title, user_id_key, login_portal_type_list)
  dispatcher._setObject(plugin.getId(), plugin)

  if REQUEST is not None:
@@ -76,15 +76,22 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
                   'mode':'w',
                   'label':'HTTP request header key where the user_id is stored'
                   },
+                  {'id': 'login_portal_type_list',
+                   'type':'string',
+                   'mode':'w',
+                   'label': 'List of Login Portal Types to search'
+                   },
+                  
                  )
                 + BasePlugin._properties[:]
                 )

-  def __init__(self, id, title=None, user_id_key=''):
+  def __init__(self, id, title=None, user_id_key='', login_portal_type_list="ERP5 Login"):
    #Register value
    self._setId(id)
    self.title = title
    self.user_id_key = user_id_key
+    self.login_portal_type_list = login_portal_type_list

  ####################################
  #ILoginPasswordHostExtractionPlugin#
@@ -97,9 +104,10 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
    if getHeader is None:
      # use get_header instead for Zope-2.8
      getHeader = request.get_header
-    user_id = getHeader(self.user_id_key)
-    if user_id is not None:
-      creds['external_login'] = user_id
+    external_login = getHeader(self.user_id_key)
+    if external_login is not None:
+      creds['external_login'] = external_login
+      creds['login_portal_type'] = self.login_portal_type_list.split(",")
    else:
      # fallback to default way
      return DumbHTTPExtractor().extractCredentials(request)
@@ -125,7 +133,7 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
      __name__='manage_editERP5ExternalAuthenticationPluginForm')

  security.declareProtected(ManageUsers, 'manage_editERP5ExternalAuthenticationPlugin')
-  def manage_editERP5ExternalAuthenticationPlugin(self, user_id_key, RESPONSE=None):
+  def manage_editERP5ExternalAuthenticationPlugin(self, user_id_key, login_portal_type_list, RESPONSE=None):
    """Edit the object"""
    error_message = ''

@@ -135,6 +143,12 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
    else:
      self.user_id_key = user_id_key

+    #Save user_id_key
+    if login_portal_type_list == '' or login_portal_type_list is None:
+      error_message += 'Invalid key value '
+    else:
+      self.login_portal_type_list = login_portal_type_list
+
    #Redirect
    if RESPONSE is not None:
      if error_message != '':

--- a/product/ERP5Security/www/ERP5Security_addERP5ExternalAuthenticationPlugin.zpt
+++ b/product/ERP5Security/www/ERP5Security_addERP5ExternalAuthenticationPlugin.zpt
@@ -36,6 +36,16 @@
    <input type="text" name="user_id_key" size="40" />
    </td>
  </tr>
+  <tr>
+    <td align="left" valign="top">
+    <div class="form-label">
+    List of Login Portal Types (separated by commas)
+    </div>
+    </td>
+    <td align="left" valign="top">
+    <input type="text" name="login_portal_type_list" size="40" />
+    </td>
+  </tr>
  <tr>
    <td colspan="2"> <input type="submit" value="add plugin"/>
    </td>

--- a/product/ERP5Security/www/ERP5Security_editERP5ExternalAuthenticationPlugin.zpt
+++ b/product/ERP5Security/www/ERP5Security_editERP5ExternalAuthenticationPlugin.zpt
@@ -7,7 +7,8 @@

 <form action="manage_editERP5ExternalAuthenticationPlugin" method="POST">

-<table tal:define="user_id_key request/user_id_key|context/user_id_key|string:;">
+<table tal:define="user_id_key request/user_id_key|context/user_id_key|string:;
+                   login_portal_type_list request/login_portal_type_list|context/login_portal_type_list|string:">

 <tr>
   <td>HTTP request header key where the user_id is stored</td>
@@ -16,6 +17,13 @@
            tal:attributes="value user_id_key;" />
   </td>
 </tr>
+  <tr>
+    <td>List of Login Portal Types (separated by commas)</td>
+    <td>
+    <input type="text" name="login_portal_type_list" value=""
+           tal:attributes="value login_portal_type_list" size="40" />
+    </td>
+  </tr>
 <tr>
   <td colspan="2"> 
    <input type="submit" value="save"/>