ERP5Security: External Auhentication Plugin accepts Login portal type list

This allow the administrator define which Login portal types are searched.

ERP5Security: External Auhentication Plugin accepts Login portal type list
This allow the administrator define which Login portal types are searched.
55c89b74 · Rafael Monnerat · 7bec363d · 55c89b74 · 55c89b74 · 55c89b74
Commit 55c89b74 authored Aug 26, 2019 by Rafael Monnerat
3 changed files
--- a/product/ERP5Security/ERP5ExternalAuthenticationPlugin.py
+++ b/product/ERP5Security/ERP5ExternalAuthenticationPlugin.py
@@ -41,11 +41,11 @@ manage_addERP5ExternalAuthenticationPluginForm = PageTemplateFile(
  'www/ERP5Security_addERP5ExternalAuthenticationPlugin', globals(),
  __name__='manage_addERP5ExternalAuthenticationPluginForm')

-def addERP5ExternalAuthenticationPlugin(dispatcher, id, title=None, user_id_key='',
-                              REQUEST=None):
+def addERP5ExternalAuthenticationPlugin(dispatcher, id, title=None, user_id_key='', 
+                 login_portal_type_list=None, REQUEST=None):
  """ Add a ERP5ExternalAuthenticationPlugin to a Pluggable Auth Service. """

-  plugin = ERP5ExternalAuthenticationPlugin(id, title, user_id_key)
+  plugin = ERP5ExternalAuthenticationPlugin(id, title, user_id_key, login_portal_type_list)
  dispatcher._setObject(plugin.getId(), plugin)

  if REQUEST is not None:
@@ -76,16 +76,28 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
                   'mode':'w',
                   'label':'HTTP request header key where the user_id is stored'
                   },
+                  {'id': 'login_portal_type_list',
+                   'type':'lines',
+                   'mode':'w',
+                   'label': 'List of Login Portal Types to search'
+                   },
+                  
                  )
                 + BasePlugin._properties[:]
                 )

-  def __init__(self, id, title=None, user_id_key=''):
+  def __init__(self, id, title=None, user_id_key='', login_portal_type_list=None):
    #Register value
    self._setId(id)
    self.title = title
    self.user_id_key = user_id_key

+    if login_portal_type_list is None:
+      # Keep at least one portal type as Login
+      login_portal_type_list = ["ERP5 Login"]
+
+    self.login_portal_type_list = login_portal_type_list
+
  ####################################
  #ILoginPasswordHostExtractionPlugin#
  ####################################
@@ -97,9 +109,10 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
    if getHeader is None:
      # use get_header instead for Zope-2.8
      getHeader = request.get_header
-    user_id = getHeader(self.user_id_key)
-    if user_id is not None:
-      creds['external_login'] = user_id
+    external_login = getHeader(self.user_id_key)
+    if external_login is not None:
+      creds['external_login'] = external_login
+      creds['login_portal_type'] = self.login_portal_type_list
    else:
      # fallback to default way
      return DumbHTTPExtractor().extractCredentials(request)
@@ -125,7 +138,7 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
      __name__='manage_editERP5ExternalAuthenticationPluginForm')

  security.declareProtected(ManageUsers, 'manage_editERP5ExternalAuthenticationPlugin')
-  def manage_editERP5ExternalAuthenticationPlugin(self, user_id_key, RESPONSE=None):
+  def manage_editERP5ExternalAuthenticationPlugin(self, user_id_key, login_portal_type_list, RESPONSE=None):
    """Edit the object"""
    error_message = ''

@@ -135,6 +148,11 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
    else:
      self.user_id_key = user_id_key

+    if login_portal_type_list == '' or login_portal_type_list is None:
+      error_message += 'Invalid portal type value '
+    else:
+      self.login_portal_type_list = login_portal_type_list
+
    #Redirect
    if RESPONSE is not None:
      if error_message != '':

--- a/product/ERP5Security/www/ERP5Security_addERP5ExternalAuthenticationPlugin.zpt
+++ b/product/ERP5Security/www/ERP5Security_addERP5ExternalAuthenticationPlugin.zpt
@@ -36,6 +36,17 @@
    <input type="text" name="user_id_key" size="40" />
    </td>
  </tr>
+  <tr>
+    <td align="left" valign="top">
+    <div class="form-label">
+    List of Login Portal Types (One per line)
+    </div>
+    </td>
+    <td align="left" valign="top">
+    <textarea name="login_portal_type_list:lines" rows="6" cols="35">ERP5 Login
+    </textarea>
+    </td>
+  </tr>
  <tr>
    <td colspan="2"> <input type="submit" value="add plugin"/>
    </td>

--- a/product/ERP5Security/www/ERP5Security_editERP5ExternalAuthenticationPlugin.zpt
+++ b/product/ERP5Security/www/ERP5Security_editERP5ExternalAuthenticationPlugin.zpt
@@ -7,7 +7,9 @@

 <form action="manage_editERP5ExternalAuthenticationPlugin" method="POST">

-<table tal:define="user_id_key request/user_id_key|context/user_id_key|string:;">
+<table tal:define="user_id_key request/user_id_key|context/user_id_key|string:;
+                   login_portal_type_list_ request/login_portal_type_list|context/login_portal_type_list|string:;
+                   login_portal_type_list python: '\n'.join(login_portal_type_list_)">

 <tr>
   <td>HTTP request header key where the user_id is stored</td>
@@ -16,6 +18,14 @@
            tal:attributes="value user_id_key;" />
   </td>
 </tr>
+  <tr>
+    <td>List of Login Portal Types (One per Line)</td>
+    <td>
+    <textarea name="login_portal_type_list:lines" rows="6" cols="35"
+       tal:content="login_portal_type_list">
+    </textarea>
+    </td>
+  </tr>
 <tr>
   <td colspan="2"> 
    <input type="submit" value="save"/>