Annotation of basket/groups.py, revision 1.4
1.1 dwinter 1: """gruppenverwaltung fuer baskets, benutzer koennen verschiedenen gruppen zugeordnet werden"""
2:
3: from OFS.Folder import Folder
4: from OFS.SimpleItem import SimpleItem
5: from Products.PageTemplates.PageTemplateFile import PageTemplateFile
6: from Globals import package_home
7: import os.path
8: from types import *
9:
10: from AccessControl import SecurityManagement
11:
12: class GroupFolder(Folder):
13: """Folder which contains groups"""
14:
15: meta_type="GroupFolder"
16:
1.2 dwinter 17: def registerNewUser(self,user,password,email='',forward_to=None,RESPONSE=None):
1.1 dwinter 18: """register a new user to the system, username and password, will be stored in the acl_users folder,
19: additional information are added here."""
20:
21: #TODO: check if user already exists in LDAP
1.2 dwinter 22: #TODO: email is not registered yet, because MPIWGUserfolder is not working with CookieCrumbler
1.1 dwinter 23: #print [x for x in repr(self.acl_users.getUserNames())]
24: if user in repr(self.acl_users.getUserNames()):
25: return "ERROR: username already exists"
1.2 dwinter 26:
27: if user and password:
28: #self.acl_users.addUser(user,password,email)
29: self.aq_parent.acl_users._doAddUser(user, password, '', '')
30:
1.1 dwinter 31: add="user=%s"%user
32: if forward_to.find("?")>-1:
33: #already parameters
34: add="&"+add
35: else:
36: add="?"+add
37:
38: if RESPONSE and forward_to:
39: RESPONSE.redirect(forward_to+add)
40:
41: def isMemberOf(self,group):
42: user=SecurityManagement.getSecurityManager().getUser()
43:
44: if user and not (str(user)=='Anonymous User'):
45: return self.checkMembership(str(user), group)
46: return False
47:
1.4 ! dwinter 48: def addKommaListOfUsersToGroup(self,users,group,remove=None,REQUEST=None,RESPONSE=None):
1.2 dwinter 49: """add users to a group, users in komma separeted list"""
1.4 ! dwinter 50: usersList=[x.lstrip().rstrip() for x in users.split(",")]
! 51:
! 52: self.addUsersToGroups(usersList,group,remove)
1.2 dwinter 53:
54: if RESPONSE:
55: RESPONSE.redirect(REQUEST['HTTP_REFERER'])
56:
1.4 ! dwinter 57: def addUsersToGroups(self,users,groups,remove=None):
1.1 dwinter 58: """add users to groups
59: @param users: list of usernames
60: @param groups: list of groupnames
1.4 ! dwinter 61: @param remove: default None, if remove is set the actual
! 62: user list of the groups will be replaced by users otherwise users will be added.
! 63: if remove= protected then the actualuser can not be deleted.
1.1 dwinter 64: """
1.4 ! dwinter 65:
! 66: if type(groups) is not ListType:
! 67: groups=[groups]
! 68:
1.1 dwinter 69: for user in users:
70: self.addUserToGroups(user,groups)
71:
1.4 ! dwinter 72: if remove:
! 73: for group in groups:
! 74: for user in self.getGroupsAndUsers().get(group,None):
! 75: if (user not in users):
! 76: if not ((remove=="protected") and (user==self.getActualUserName())):
! 77: self.removeUserFromGroups(user,group)
1.1 dwinter 78:
1.4 ! dwinter 79: def removeUserFromGroups(self,user,groups):
! 80: '''
! 81: remove a user from a group
! 82: @param user: username
! 83: @param groups: list of groupnames
! 84: '''
! 85:
! 86: #make sure that list of groups
! 87: print "remove",user,repr(groups)
! 88:
! 89: if type(groups) is not ListType:
! 90: groups=[groups]
! 91:
! 92: groupObjects=self.ZopeFind(self,obj_ids=groups)
! 93: #group doesn't exist, return with false
! 94: if len(groupObjects)<1:
! 95: return False
! 96:
! 97: #otherwise add user to group
! 98: for groupObject in groupObjects:
! 99: groupObject[1].removeUser(user)
! 100:
1.1 dwinter 101: def addUserToGroups(self,user,groups):
102: '''
103: Add a user to a group
104: @param user: username
105: @param groups: list of groupnames
106: '''
107:
108: #make sure that list of groups
109:
110: if type(groups) is not ListType:
111: groups=[groups]
112:
113: groupObjects=self.ZopeFind(self,obj_ids=groups)
114: #group doesn't exist, return with false
115: if len(groupObjects)<1:
116: return False
117:
118: #otherwise add user to group
119: for groupObject in groupObjects:
120: groupObject[1].addUser(user)
121:
122: return True
123:
124: def addGroupsToGroups(self,newGroups,groups):
125: """
126: add Groups to groups
127: @param unewGroups: list of groups to be added
128: @param groups: list of groupnames
129: """
130:
131: for group in newGroups:
132: self.addGroupToGroups(group,groups)
133:
134:
135: def addGroupToGroups(self,group,groups):
136: '''
137: Add a user to a group
138: @param user: username
139: @param groups: list of groupnames
140: '''
141:
142: #make sure that list of groups
143:
144: if type(groups) is not ListType:
145: groups=[groups]
146:
147: groupObjects=self.ZopeFind(self,obj_ids=groups)
148: #group doesn't exist, return with false
149: if len(groupObjects)<1:
150: return False
151:
152: #otherwise add user to group
153: for groupObject in groupObjects:
154: groupObject[1].addGroup(group)
155:
156: return True
157:
158: def checkMembership(self,user,group):
159: '''Check if user is member of group
160:
161: @param user:
162: @param group:
163: '''
1.2 dwinter 164: print "checking publish for user:",user,group,self.aq_parent.getId()
165: ret=False
1.1 dwinter 166:
167: groups=self.ZopeFind(self,obj_metatypes=['Group'],obj_ids=[group])
168: #group doesn't exist
169:
1.2 dwinter 170: if group=="publish":
171: #special group, member is allowed to publish basket, at the moment all members of the admin group at root level
172: #member of publish
173:
174: return self.users.groupFolder.checkMembership(user,'admin')
175:
1.1 dwinter 176: if len(groups)<1:
1.2 dwinter 177: ret=False
1.1 dwinter 178: else:
1.2 dwinter 179: ret=groups[0][1].isInGroup(user)
1.1 dwinter 180:
1.2 dwinter 181: if (not ret) and (self.aq_parent.getId()!='users'):
182: #teste ob mitglied in super group
183: return self.users.groupFolder.checkMembership(user,'admin')
184: else:
185: return ret
186:
1.1 dwinter 187: def returnUsers(self):
188: """return all users of groups"""
189:
190: users={}
191: for group in self.ZopeFind(self,obj_metatypes=['Group']):
192: for user in group[1].getUsers():
193: if users.has_key(user):
194: users[user].append(group[0])
195: else:
196: users[user]=[group[0]]
197:
198: return users
199:
1.2 dwinter 200: def getGroupsAndUsers(self):
201: """return all groups and their users as dict"""
202:
203: users={}
204: for group in self.ZopeFind(self,obj_metatypes=['Group']):
205: for user in group[1].getUsers():
206: if users.has_key(group[0]):
207: if not (user in users[group[0]]):
208: users[group[0]].append(user)
209: else:
210: users[group[0]]=[user]
211: return users
212:
1.1 dwinter 213: def manage_addGroupFolderForm(self):
214: """form for adding a groupFolder"""
215: pt=PageTemplateFile(os.path.join(package_home(globals()),'zpt','addGroupFolder.zpt')).__of__(self)
216: return pt()
217:
218: def manage_addGroupFolder(self,id,RESPONSE=None):
219: """add a group folder object"""
220:
221:
222: newObj=GroupFolder(id)
223:
224: self._setObject(id,newObj)
225: ob=self._getOb(id)
226:
227:
228: #group folder always contains admin,editor,user
229:
230: manage_addGroup(ob,'admin')
231: manage_addGroup(ob,'editor')
232: manage_addGroup(ob,'user')
233:
234: #actual user is always editor and admin
235: user=str(self.REQUEST['AUTHENTICATED_USER'])
236:
237: ob.addUsersToGroups([user],['admin','editor'])
238:
239: #admin of supergrous are always admins of subgroups
240:
241: ob.addGroupsToGroups(['admin'],['admin'])
242:
243: if RESPONSE is not None:
244: RESPONSE.redirect('manage_main')
245:
246:
247: class Group(SimpleItem):
248: """Group"""
249:
250: meta_type="Group"
251:
1.3 dwinter 252:
253: manage_options=SimpleItem.manage_options+(
254: {'label':'change group members','action':'changeUsersInGroupForm'},
255: )
256:
1.1 dwinter 257: def __init__(self,id,description):
258: """init group"""
259: self.id=id
260: self.description=description
261: self.userList=[]
262: self.groupList=[]
263:
264: def addUser(self,username):
265: '''
266: add an username to the group
267: @param username:username
268: '''
269: #make sure that entry is persistent
270: list=self.userList
271: list.append(username)
272: self.userList=list[0:]
273:
1.2 dwinter 274: def removeUser(self,username):
275: """
276: remove an user from group
277: """
278: list=self.userList
279: list.remove(username)
280: self.userList=list[0:]
281:
282:
1.1 dwinter 283: def addGroup(self,group):
284: '''
285: add a group to the group
286: @param group: group to be added
287: '''
288: #make sure that entry is persistent
289: list=self.groupList
290: list.append(group)
291: self.groupList=list[0:]
292:
293:
294: def getGroups(self):
295: """get groups, whose members are automatically members of this group"""
296: return self.groupList
297:
298: def getUsers(self):
299: """ get Userlist """
300: return self.userList
301:
1.3 dwinter 302: def changeUsersInGroupForm(self):
303: """html form for changing the users"""
304: pt=PageTemplateFile(os.path.join(package_home(globals()),'zpt','changeUsersInGroup.zpt')).__of__(self)
305: return pt()
306:
307: def changeUsersInGroup(self,userList,RESPONSE=None):
308: """change group"""
309: self.userList=userList.split(",")[0:]
310:
311: if RESPONSE is not None:
312: RESPONSE.redirect('manage_main')
313:
1.1 dwinter 314: def isInGroup(self,username):
315: '''
316: check if username is in group
317: @param username: username
318: '''
319:
320: #special handling of group 'user' all users are in user
321:
322: #TODO: only user which can log in are in 'user'
323: if self.id=="user":
324: return True
325:
326: #check first if user is in userList of this group
1.2 dwinter 327:
1.1 dwinter 328: if username in self.userList:
329: return True
330:
331: #check now if user is member of one of the groups in grouplist
332:
333: groupFolders=self.ZopeFind(self.aq_parent,obj_metatypes=['GroupFolder'])
334: #no groupFolder im parent
335:
336: if len(groupFolders)<1:
337: return False
338:
339: #checke all groups in grouplist
340: for group in self.ZopeFind(groupFolders[0][1],obj_metatype=['Group'],obj_ids=[self.groupList]):
341: if group[1].isInGroup(username):
342: return True
343:
344: return False
345:
346:
347:
348: def manage_addGroupForm(self):
349: """form for adding a groupFolder"""
350: pt=PageTemplateFile(os.path.join(package_home(globals()),'zpt','addGroup.zpt')).__of__(self)
351: return pt()
352:
353: def manage_addGroup(self,id,description='',RESPONSE=None):
354: """add a group folder object"""
355:
356:
357: newObj=Group(id,description)
358:
359: self._setObject(id,newObj)
360: ob=self._getOb(id)
361:
362: if RESPONSE is not None:
363: RESPONSE.redirect('manage_main')
364:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>