+++ /dev/null
-# -*- coding: utf-8 -*-
-## GroupUserFolder
-## Copyright (C)2006 Ingeniweb
-
-## This program is free software; you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation; either version 2 of the License, or
-## (at your option) any later version.
-
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-## GNU General Public License for more details.
-
-## You should have received a copy of the GNU General Public License
-## along with this program; see the file COPYING. If not, write to the
-## Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-"""
-
- GRUF3 Feature-preview stuff.
-
- This code shouldn't be here but allow people to preview advanced GRUF3
- features (eg. flexible LDAP searching in 'sharing' tab, ...) in Plone 2,
- without having to upgrade to Plone 2.1.
-
- Methods here are monkey-patched by now but will be provided directly by
- Plone 2.1.
- Please forgive this 'uglyness' but some users really want to have full
- LDAP support without switching to the latest Plone version ! ;)
-
-
- BY DEFAULT, this thing IS enabled with Plone 2.0.x
-"""
-__version__ = "$Revision: $"
-# $Source: $
-# $Id: PloneFeaturePreview.py 587 2008-07-31 09:20:06Z pin $
-__docformat__ = 'restructuredtext'
-
-from Products.CMFCore.utils import UniqueObject
-from Products.CMFCore.utils import getToolByName
-from OFS.SimpleItem import SimpleItem
-from OFS.Image import Image
-from Globals import InitializeClass, DTMLFile, MessageDialog
-from Acquisition import aq_base
-from AccessControl.User import nobody
-from AccessControl import ClassSecurityInfo
-from Products.CMFCore.ActionProviderBase import ActionProviderBase
-from interfaces.portal_groups import portal_groups as IGroupsTool
-from global_symbols import *
-
-
-# This is "stollen" from MembershipTool.py
-# this should probably be in MemberDataTool.py
-def searchForMembers( self, REQUEST=None, **kw ):
- """
- searchForMembers(self, REQUEST=None, **kw) => normal or fast search method.
-
- The following properties can be provided:
- - name
- - email
- - last_login_time
- - roles
-
- This is an 'AND' request.
-
- If name is provided, then a _fast_ search is performed with GRUF's
- searchUsersByName() method. This will improve performance.
-
- In any other case, a regular (possibly _slow_) search is performed.
- As it uses the listMembers() method, which is itself based on gruf.getUsers(),
- this can return partial results. This may change in the future.
- """
- md = self.portal_memberdata
- mt = self.portal_membership
- if REQUEST:
- dict = REQUEST
- else:
- dict = kw
-
- # Attributes retreiving & mangling
- name = dict.get('name', None)
- email = dict.get('email', None)
- roles = dict.get('roles', None)
- last_login_time = dict.get('last_login_time', None)
- is_manager = mt.checkPermission('Manage portal', self)
- if name:
- name = name.strip().lower()
- if email:
- email = email.strip().lower()
-
-
- # We want 'name' request to be handled properly with large user folders.
- # So we have to check both the fullname and loginname, without scanning all
- # possible users.
- md_users = None
- uf_users = None
- if name:
- # We first find in MemberDataTool users whose _full_ name match what we want.
- lst = md.searchMemberDataContents('fullname', name)
- md_users = [ x['username'] for x in lst ]
-
- # Fast search management if the underlying acl_users support it.
- # This will allow us to retreive users by their _id_ (not name).
- acl_users = self.acl_users
- meth = getattr(acl_users, "searchUsersByName", None)
- if meth:
- uf_users = meth(name) # gruf search
-
- # Now we have to merge both lists to get a nice users set.
- # This is possible only if both lists are filled (or we may miss users else).
- Log(LOG_DEBUG, md_users, uf_users, )
- members = []
- if md_users is not None and uf_users is not None:
- names_checked = 1
- wrap = mt.wrapUser
- getUser = acl_users.getUser
- for userid in md_users:
- members.append(wrap(getUser(userid)))
- for userid in uf_users:
- if userid in md_users:
- continue # Kill dupes
- usr = getUser(userid)
- if usr is not None:
- members.append(wrap(usr))
-
- # Optimization trick
- if not email and \
- not roles and \
- not last_login_time:
- return members
- else:
- # If the lists are not available, we just stupidly get the members list
- members = self.listMembers()
- names_checked = 0
-
- # Now perform individual checks on each user
- res = []
- portal = self.portal_url.getPortalObject()
-
- for member in members:
- #user = md.wrapUser(u)
- u = member.getUser()
- if not (member.listed or is_manager):
- continue
- if name and not names_checked:
- if (u.getUserName().lower().find(name) == -1 and
- member.getProperty('fullname').lower().find(name) == -1):
- continue
- if email:
- if member.getProperty('email').lower().find(email) == -1:
- continue
- if roles:
- user_roles = member.getRoles()
- found = 0
- for r in roles:
- if r in user_roles:
- found = 1
- break
- if not found:
- continue
- if last_login_time:
- if member.last_login_time < last_login_time:
- continue
- res.append(member)
- Log(LOG_DEBUG, res)
- return res
-
-
-def listAllowedMembers(self,):
- """listAllowedMembers => list only members which belong
- to the same groups/roles as the calling user.
- """
- user = self.REQUEST['AUTHENTICATED_USER']
- caller_roles = user.getRoles() # Have to provide a hook for admins
- current_members = self.listMembers()
- allowed_members =[]
- for member in current_members:
- for role in caller_roles:
- if role in member.getRoles():
- allowed_members.append(member)
- break
- return allowed_members
-
-
-def _getPortrait(self, member_id):
- """
- return member_id's portrait if you can.
- If it's not possible, just try to fetch a 'portait' property from the underlying user source,
- then create a portrait from it.
- """
- # fetch the 'portrait' property
- Log(LOG_DEBUG, "trying to fetch the portrait for the given member id")
- portrait = self._former_getPortrait(member_id)
- if portrait:
- Log(LOG_DEBUG, "Returning the old-style portrait:", portrait, "for", member_id)
- return portrait
-
- # Try to find a portrait in the user source
- member = self.portal_membership.getMemberById(member_id)
- portrait = member.getUser().getProperty('portrait', None)
- if not portrait:
- Log(LOG_DEBUG, "No portrait available in the user source for", member_id)
- return None
-
- # Convert the user-source portrait into a plone-complyant one
- Log(LOG_DEBUG, "Converting the portrait", type(portrait))
- portrait = Image(id=member_id, file=portrait, title='')
- membertool = self.portal_memberdata
- membertool._setPortrait(portrait, member_id)
-
- # Re-call ourself to retreive the real portrait
- Log(LOG_DEBUG, "Returning the real portrait")
- return self._former_getPortrait(member_id)
-
-
-def setLocalRoles( self, obj, member_ids, member_role, reindex=1 ):
- """ Set local roles on an item """
- member = self.getAuthenticatedMember()
- gruf = self.acl_users
- my_roles = member.getRolesInContext( obj )
-
- if 'Manager' in my_roles or member_role in my_roles:
- for member_id in member_ids:
- u = gruf.getUserById(member_id) or gruf.getGroupByName(member_id)
- if not u:
- continue
- member_id = u.getUserId()
- roles = list(obj.get_local_roles_for_userid( userid=member_id ))
-
- if member_role not in roles:
- roles.append( member_role )
- obj.manage_setLocalRoles( member_id, roles )
-
- if reindex:
- # It is assumed that all objects have the method
- # reindexObjectSecurity, which is in CMFCatalogAware and
- # thus PortalContent and PortalFolder.
- obj.reindexObjectSecurity()
-
-def deleteLocalRoles( self, obj, member_ids, reindex=1 ):
- """ Delete local roles for members member_ids """
- member = self.getAuthenticatedMember()
- my_roles = member.getRolesInContext( obj )
- gruf = self.acl_users
- member_ids = [
- u.getUserId() for u in [
- gruf.getUserById(u) or gruf.getGroupByName(u) for u in member_ids
- ] if u
- ]
-
- if 'Manager' in my_roles or 'Owner' in my_roles:
- obj.manage_delLocalRoles( userids=member_ids )
-
- if reindex:
- obj.reindexObjectSecurity()
-
-# Monkeypatch it !
-if PREVIEW_PLONE21_IN_PLONE20_:
- from Products.CMFCore import MembershipTool as CMFCoreMembershipTool
- CMFCoreMembershipTool.MembershipTool.setLocalRoles = setLocalRoles
- CMFCoreMembershipTool.MembershipTool.deleteLocalRoles = deleteLocalRoles
- from Products.CMFPlone import MemberDataTool
- from Products.CMFPlone import MembershipTool
- MembershipTool.MembershipTool.searchForMembers = searchForMembers
- MembershipTool.MembershipTool.listAllowedMembers = listAllowedMembers
- MemberDataTool.MemberDataTool._former_getPortrait = MemberDataTool.MemberDataTool._getPortrait
- MemberDataTool.MemberDataTool._getPortrait = _getPortrait
- Log(LOG_NOTICE, "Applied GRUF's monkeypatch over Plone 2.0.x. Enjoy!")
-
-
-
projects / GroupUserFolder.git / blobdiff
