Commit 407ba1fa authored by Vincent Pelletier's avatar Vincent Pelletier

ERP5Security.ERP5UserManager: Extend enumerateUser.

For forward compatibility with multi-login, login-change,
login-is-not-id improvements.
parent c7b9f6dc
...@@ -215,37 +215,70 @@ class ERP5UserManager(BasePlugin): ...@@ -215,37 +215,70 @@ class ERP5UserManager(BasePlugin):
sort_by=None, max_results=None, **kw): sort_by=None, max_results=None, **kw):
""" See IUserEnumerationPlugin. """ See IUserEnumerationPlugin.
""" """
# Note: this plugin totally ignores the distinction between login and id.
if id is None: if id is None:
id = login id = login
if isinstance(id, str): if isinstance(id, str):
id = (id,) id = (id,)
if isinstance(id, list):
id = tuple(id)
user_info = []
plugin_id = self.getId()
unrestrictedSearchResults = self.getPortalObject(
).portal_catalog.unrestrictedSearchResults
searchUser = lambda **kw: unrestrictedSearchResults(
select_list=('reference', ),
portal_type='Person',
**kw
).dictionaries()
# Only search by id if login is not given. Same logic as in
# PluggableAuthService.searchUsers.
if isinstance(id, str):
id = (id, )
id_list = [] id_list = []
has_super_user = False
for user_id in id: for user_id in id:
if SUPER_USER == user_id: if user_id == SUPER_USER:
info = { 'id' : SUPER_USER has_super_user = True
, 'login' : SUPER_USER elif user_id:
, 'pluginid' : plugin_id
}
user_info.append(info)
else:
id_list.append(user_id) id_list.append(user_id)
if id_list: if id_list:
for user in self.getUserByLogin(tuple(id_list), exact_match=exact_match): if exact_match:
info = { 'id' : user.getReference() requested = set(id_list).__contains__
, 'login' : user.getReference() else:
, 'pluginid' : plugin_id requested = lambda x: True
} user_list = [
x for x in searchUser(
user_info.append(info) reference={
'query': id_list,
return tuple(user_info) 'key': 'ExactMatch' if exact_match else 'Keyword',
},
limit=max_results,
)
if requested(x['reference'])
]
else:
user_list = []
if has_super_user:
user_list.append({'uid': None, 'path': None, 'reference': SUPER_USER})
plugin_id = self.getId()
return tuple([
{
'id': user['reference'],
# Note: PAS forbids us from returning more than one entry per given id,
# so take any available login.
'login': user['reference'],
'pluginid': plugin_id,
# Extra properties, specific to ERP5
'path': user['path'],
'login_list': [
{
'reference': user['reference'],
'path': user['path'],
'uid': user['uid'],
}
],
}
for user in user_list
])
def getUserByLogin(self, login, exact_match=True): def getUserByLogin(self, login, exact_match=True):
# Search the Catalog for login and return a list of person objects # Search the Catalog for login and return a list of person objects
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment