IntranetUserFolder/IntranetUserFolder.py - annotate

Return to IntranetUserFolder.py CVS log
Up to [Repository] / IntranetUserFolder
Annotation of IntranetUserFolder/IntranetUserFolder.py, revision 1.4

1.3       casties     1: """User Folder Extension, tests now also ip number of the host where the original connection
                      2:  comes from in case of proxies/rewrites"""
1.1       dwinter     3: 
                      4: import Globals
                      5: from AccessControl.User import UserFolder
1.3       casties     6: from AccessControl import AuthEncoding
1.1       dwinter     7: from Globals import MessageDialog
1.3       casties     8: import logging
1.2       casties     9: import re
1.3       casties    10: import socket
1.1       dwinter    11: 
                     12: class IntranetUserFolder(UserFolder):
1.3       casties    13:     """User folder for Intranet"""
                     14:     _domain_auth_mode=1 # Identification via domain
                     15:     meta_type="IntranetUserFolder"
                     16:     
                     17:     def authenticate(self, name, password, request):
                     18:         """modified authenticate to use domainspecmatch below"""
                     19:         #logging.debug("IntranetUserFolder: authenticate %s from %s"%(name,request['REMOTE_ADDR']))
                     20: 
                     21:         emergency = self._emergency_user
                     22:         if name is None:
                     23:             return None
                     24:         if emergency and name==emergency.getUserName():
                     25:             user = emergency
                     26:         else:
                     27:             user = self.getUser(name)
                     28:             
                     29:         #logging.debug("IntranetUserFolder: user: %s"%repr(user))
                     30:         
                     31:         if user is not None:
                     32:             pwd=user._getPassword()
                     33:             # check PW first (which may be empty)
                     34:             if AuthEncoding.pw_validate(pwd, password):
                     35:                 domains = user.getDomains()
                     36:                 #logging.debug("IntranetUserFolder: pw OK, domains: %s"%(repr(domains)))
                     37:                 if self.domainSpecMatch(domains, request):
                     38:                     logging.debug("IntranetUserFolder: domain user %s"%user)
                     39:                     return user
                     40:                 #else:
                     41:                 #logging.debug("IntranetUserFolder: pw not ok: '%s'"%password)
                     42:                 #logging.debug("IntranetUserFolder: user has password: '%s'"%user._getPassword())
                     43: 
                     44:         logging.debug("IntranetUserFolder: authenticate failed here!")
                     45:         return None
                     46: 
                     47:     def domainSpecMatch(self, spec, request):
                     48:         """modified domainspecmatch to look at FORWARDED_FOR"""
                     49:         #logging.debug("IntranetUserFolder: domainspecmatch %s, %s"%(self,spec))
                     50:         addr=''
                     51: 
                     52:         # Fast exit for the match-all case
                     53:         if len(spec) == 0 or (len(spec) == 1 and spec[0] == '*'):
                     54:             return 1
                     55: 
                     56:         # start with getClientAddr
                     57:         addr=request.getClientAddr()
                     58:         #logging.debug("IntranetUserFolder: getclientaddr: %s"%(addr))
                     59:         #if request.has_key('REMOTE_ADDR'):
                     60:         #    addr=request['REMOTE_ADDR']
                     61: 
                     62:         # override with forwarded address if present
                     63:         if request.get('HTTP_X_FORWARDED_FOR', None):
                     64:             addr=request['HTTP_X_FORWARDED_FOR']
                     65:             #logging.debug("IntranetUserFolder: forwarded addr: %s"%(addr))
                     66:             
                     67:             # check for strange headers (may be fake)
                     68:             if len(addr.split('.')) != 4:
                     69:                 logging.warning("IntranetUserFolder: invalid forward addr: %s"%(addr))
                     70:                 return 0
                     71:             
                     72:         if not addr:
                     73:             return 0
                     74: 
                     75:         _addr=addr.split('.')
                     76:         #logging.debug("IntranetUserFolder: addr: %s , %s"%(repr(_addr), repr(_m), repr(_addr & _m)))
                     77: 
                     78:         for ob in spec:
                     79:             sz=len(ob)
                     80:             _ob=ob.split('.')
                     81:             _sz=len(_ob)
                     82: 
                     83:             mo = addr_match(ob)
                     84:             if mo is not None:
                     85:                 if mo.end(0)==sz:
                     86:                     fail=0
                     87:                     for i in range(_sz):
                     88:                         a=_addr[i]
                     89:                         o=_ob[i]
                     90:                         if (o != a) and (o != '*'):
                     91:                             fail=1
                     92:                             break
                     93:                     if fail:
                     94:                         continue
                     95:                     return 1
                     96:     
                     97:         return 0
1.1       dwinter    98: 
1.4     ! casties    99: #FIXME: problem with 2.12
        !           100: #Globals.default__class_init__(IntranetUserFolder)
1.1       dwinter   101: 
                    102: 
                    103: def manage_addIntranetUserFolder(self,dtself=None,REQUEST=None,**ignored):
                    104:     """add a user folder """
                    105:     f=IntranetUserFolder()
                    106:     self=self.this()
                    107:     try:    self._setObject('acl_users', f)
                    108:     except: return MessageDialog(
                    109:                    title  ='Item Exists',
                    110:                    message='This object already contains a User Folder',
                    111:                    action ='%s/manage_main' % REQUEST['URL1'])
                    112:     self.__allow_groups__=f
                    113:     if REQUEST is not None:
                    114:         REQUEST['RESPONSE'].redirect(self.absolute_url()+'/manage_main')
                    115: 
                    116: def manage_addIntranetUserFolderForm(self):
1.3       casties   117:     """add a user folder form"""
                    118:     return manage_addIntranetUserFolder(self,REQUEST=self.REQUEST)
1.2       casties   119: 
                    120: addr_match=re.compile(r'((\d{1,3}\.){1,3}\*)|((\d{1,3}\.){3}\d{1,3})').match
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>