Return to IntranetUserFolder.py CVS log

Up to [Repository] / IntranetUserFolder

Annotation of IntranetUserFolder/IntranetUserFolder.py, revision 1.2

1.1       dwinter     1: """User Folder Extension, tests now also ip number of the host where the original call comes from in case of redirects"""
                      2: 
                      3: import Globals
                      4: from AccessControl.User import UserFolder
                      5: from Globals import MessageDialog
1.2     ! casties     6: import zLOG
        !             7: import re
1.1       dwinter     8: 
                      9: class IntranetUserFolder(UserFolder):
                     10:    """User folder for Intranet"""
                     11:    _domain_auth_mode=1 # Identification via domain
                     12:    meta_type="IntranetUserFolder"
                     13:    
                     14:    def authenticate(self, name, password, request):
1.2     ! casties    15:        """modified authenticate to use domainspecmath below"""
        !            16:        #zLOG.LOG('IntranetUserFolder',zLOG.INFO,"authenticate %s, %s from %s"%(name,password,request['REMOTE_ADDR']))
        !            17: 
1.1       dwinter    18:        emergency = self._emergency_user
                     19:        if name is None:
                     20:            return None
                     21:        if emergency and name==emergency.getUserName():
                     22:            user = emergency
                     23:        else:
                     24:            user = self.getUser(name)
                     25:        if user is not None and user.authenticate(password, request):
1.2     ! casties    26:            domains = user.getDomains()
        !            27:            if self.domainSpecMatch(domains, request):
        !            28:                #zLOG.LOG('IntranetUserFolder',zLOG.INFO,"  as %s"%user)
        !            29:            return user
        !            30: 
        !            31:        #zLOG.LOG('IntranetUserFolder',zLOG.INFO,"  failed!")
        !            32:        return None
        !            33: 
        !            34:    def domainSpecMatch(self, spec, request):
        !            35:        """modified domainspecmatch to look at FORWARDED_FOR"""
        !            36:        #zLOG.LOG('IntranetUserFolder',zLOG.INFO,"domainspecmatch %s, %s"%(self,spec))
1.1       dwinter    37:        host=''
                     38:        addr=''
                     39: 
1.2     ! casties    40: 
1.1       dwinter    41:        # Fast exit for the match-all case
                     42:        if len(spec) == 1 and spec[0] == '*':
                     43:        return 1
                     44: 
                     45:        if request.has_key('REMOTE_HOST'):
                     46:        host=request['REMOTE_HOST']
                     47: 
1.2     ! casties    48:        addr=request.getClientAddr()
        !            49:        #if request.has_key('REMOTE_ADDR'):
        !            50:        #    addr=request['REMOTE_ADDR']
1.1       dwinter    51: 
                     52:        if request.has_key('HTTP_X_FORWARDED_FOR'):
                     53:        addr=request['HTTP_X_FORWARDED_FOR']
1.2     ! casties    54:            #zLOG.LOG('IntranetUserFolder',zLOG.INFO,"forwarded addr: %s"%(addr))
        !            55:        # check for strange headers (may be fake)
        !            56:        if len(addr.split('.')) != 4:
        !            57:            zLOG.LOG('IntranetUserFolder',zLOG.WARNING,"invalid forward addr: %s"%(addr))
        !            58:            return 0
1.1       dwinter    59:        
                     60:        if not host and not addr:
                     61:        return 0
                     62: 
                     63:        if not host:
                     64:        try:    host=socket.gethostbyaddr(addr)[0]
                     65:        except: pass
                     66:        if not addr:
                     67:        try:    addr=socket.gethostbyname(host)
                     68:        except: pass
                     69: 
                     70:        _host=host.split('.')
                     71:        _addr=addr.split('.')
                     72:        _hlen=len(_host)
                     73:        _alen=len(_addr)
                     74: 
1.2     ! casties    75:        #zLOG.LOG('IntranetUserFolder',zLOG.INFO,"host: %s, addr: %s"%(_host,_addr))
        !            76: 
1.1       dwinter    77:        for ob in spec:
                     78:        sz=len(ob)
                     79:        _ob=ob.split('.')
                     80:        _sz=len(_ob)
                     81: 
                     82:        mo = addr_match(ob)
                     83:        if mo is not None:
                     84:            if mo.end(0)==sz:
                     85:            fail=0
                     86:            for i in range(_sz):
                     87:                a=_addr[i]
                     88:                o=_ob[i]
                     89:                if (o != a) and (o != '*'):
                     90:                fail=1
                     91:                break
                     92:            if fail:
                     93:                continue
                     94:            return 1
                     95: 
                     96:        mo = host_match(ob)
                     97:        if mo is not None:
                     98:            if mo.end(0)==sz:
                     99:            if _hlen < _sz:
                    100:                continue
                    101:            elif _hlen > _sz:
                    102:                _item=_host[-_sz:]
                    103:            else:
                    104:                _item=_host
                    105:            fail=0
                    106:            for i in range(_sz):
                    107:                h=_item[i]
                    108:                o=_ob[i]
                    109:                if (o != h) and (o != '*'):
                    110:                fail=1
                    111:                break
                    112:            if fail:
                    113:                continue
                    114:            return 1
                    115:        return 0
                    116: 
                    117: Globals.default__class_init__(IntranetUserFolder)
                    118: 
                    119: 
                    120: def manage_addIntranetUserFolder(self,dtself=None,REQUEST=None,**ignored):
                    121:     """add a user folder """
                    122:     f=IntranetUserFolder()
                    123:     self=self.this()
                    124:     try:    self._setObject('acl_users', f)
                    125:     except: return MessageDialog(
                    126:                    title  ='Item Exists',
                    127:                    message='This object already contains a User Folder',
                    128:                    action ='%s/manage_main' % REQUEST['URL1'])
                    129:     self.__allow_groups__=f
                    130:     if REQUEST is not None:
                    131:         REQUEST['RESPONSE'].redirect(self.absolute_url()+'/manage_main')
                    132: 
                    133: def manage_addIntranetUserFolderForm(self):
                    134:    """add a user folder form"""
                    135:    return manage_addIntranetUserFolder(self,REQUEST=self.REQUEST)
1.2     ! casties   136: 
        !           137: addr_match=re.compile(r'((\d{1,3}\.){1,3}\*)|((\d{1,3}\.){3}\d{1,3})').match
        !           138: host_match=re.compile(r'(([\_0-9a-zA-Z\-]*\.)*[0-9a-zA-Z\-]*)').match