1: """gruppenverwaltung fuer baskets, benutzer koennen verschiedenen gruppen zugeordnet werden"""
2:
3: from OFS.Folder import Folder
4: from OFS.SimpleItem import SimpleItem
5: from Products.PageTemplates.PageTemplateFile import PageTemplateFile
6: from Globals import package_home
7: import os.path
8: from types import *
9:
10: from AccessControl import SecurityManagement
11:
12: class GroupFolder(Folder):
13: """Folder which contains groups"""
14:
15: meta_type="GroupFolder"
16:
17: def registerNewUser(self,user,password,email='',forward_to=None,RESPONSE=None):
18: """register a new user to the system, username and password, will be stored in the acl_users folder,
19: additional information are added here."""
20:
21: #TODO: check if user already exists in LDAP
22: #TODO: email is not registered yet, because MPIWGUserfolder is not working with CookieCrumbler
23: #print [x for x in repr(self.acl_users.getUserNames())]
24: if user in repr(self.acl_users.getUserNames()):
25: return "ERROR: username already exists"
26:
27: if user and password:
28: #self.acl_users.addUser(user,password,email)
29: self.aq_parent.acl_users._doAddUser(user, password, '', '')
30:
31: add="user=%s"%user
32: if forward_to.find("?")>-1:
33: #already parameters
34: add="&"+add
35: else:
36: add="?"+add
37:
38: if RESPONSE and forward_to:
39: RESPONSE.redirect(forward_to+add)
40:
41: def isMemberOf(self,group):
42: user=SecurityManagement.getSecurityManager().getUser()
43:
44: if user and not (str(user)=='Anonymous User'):
45: return self.checkMembership(str(user), group)
46: return False
47:
48: def addKommaListOfUsersToGroup(self,users,group,REQUEST=None,RESPONSE=None):
49: """add users to a group, users in komma separeted list"""
50: usersList=users.split(",")
51: self.addUsersToGroups(usersList,group)
52:
53: if RESPONSE:
54: RESPONSE.redirect(REQUEST['HTTP_REFERER'])
55:
56: def addUsersToGroups(self,users,groups):
57: """add users to groups
58: @param users: list of usernames
59: @param groups: list of groupnames
60: """
61: for user in users:
62: self.addUserToGroups(user,groups)
63:
64:
65: def addUserToGroups(self,user,groups):
66: '''
67: Add a user to a group
68: @param user: username
69: @param groups: list of groupnames
70: '''
71:
72: #make sure that list of groups
73:
74: if type(groups) is not ListType:
75: groups=[groups]
76:
77: groupObjects=self.ZopeFind(self,obj_ids=groups)
78: #group doesn't exist, return with false
79: if len(groupObjects)<1:
80: return False
81:
82: #otherwise add user to group
83: for groupObject in groupObjects:
84: groupObject[1].addUser(user)
85:
86: return True
87:
88: def addGroupsToGroups(self,newGroups,groups):
89: """
90: add Groups to groups
91: @param unewGroups: list of groups to be added
92: @param groups: list of groupnames
93: """
94:
95: for group in newGroups:
96: self.addGroupToGroups(group,groups)
97:
98:
99: def addGroupToGroups(self,group,groups):
100: '''
101: Add a user to a group
102: @param user: username
103: @param groups: list of groupnames
104: '''
105:
106: #make sure that list of groups
107:
108: if type(groups) is not ListType:
109: groups=[groups]
110:
111: groupObjects=self.ZopeFind(self,obj_ids=groups)
112: #group doesn't exist, return with false
113: if len(groupObjects)<1:
114: return False
115:
116: #otherwise add user to group
117: for groupObject in groupObjects:
118: groupObject[1].addGroup(group)
119:
120: return True
121:
122: def checkMembership(self,user,group):
123: '''Check if user is member of group
124:
125: @param user:
126: @param group:
127: '''
128: print "checking publish for user:",user,group,self.aq_parent.getId()
129: ret=False
130:
131: groups=self.ZopeFind(self,obj_metatypes=['Group'],obj_ids=[group])
132: #group doesn't exist
133:
134: if group=="publish":
135: #special group, member is allowed to publish basket, at the moment all members of the admin group at root level
136: #member of publish
137:
138: return self.users.groupFolder.checkMembership(user,'admin')
139:
140: if len(groups)<1:
141: ret=False
142: else:
143: ret=groups[0][1].isInGroup(user)
144:
145: if (not ret) and (self.aq_parent.getId()!='users'):
146: #teste ob mitglied in super group
147: return self.users.groupFolder.checkMembership(user,'admin')
148: else:
149: return ret
150:
151: def returnUsers(self):
152: """return all users of groups"""
153:
154: users={}
155: for group in self.ZopeFind(self,obj_metatypes=['Group']):
156: for user in group[1].getUsers():
157: if users.has_key(user):
158: users[user].append(group[0])
159: else:
160: users[user]=[group[0]]
161:
162: return users
163:
164: def getGroupsAndUsers(self):
165: """return all groups and their users as dict"""
166:
167: users={}
168: for group in self.ZopeFind(self,obj_metatypes=['Group']):
169: for user in group[1].getUsers():
170: if users.has_key(group[0]):
171: if not (user in users[group[0]]):
172: users[group[0]].append(user)
173: else:
174: users[group[0]]=[user]
175: return users
176:
177: def manage_addGroupFolderForm(self):
178: """form for adding a groupFolder"""
179: pt=PageTemplateFile(os.path.join(package_home(globals()),'zpt','addGroupFolder.zpt')).__of__(self)
180: return pt()
181:
182: def manage_addGroupFolder(self,id,RESPONSE=None):
183: """add a group folder object"""
184:
185:
186: newObj=GroupFolder(id)
187:
188: self._setObject(id,newObj)
189: ob=self._getOb(id)
190:
191:
192: #group folder always contains admin,editor,user
193:
194: manage_addGroup(ob,'admin')
195: manage_addGroup(ob,'editor')
196: manage_addGroup(ob,'user')
197:
198: #actual user is always editor and admin
199: user=str(self.REQUEST['AUTHENTICATED_USER'])
200:
201: ob.addUsersToGroups([user],['admin','editor'])
202:
203: #admin of supergrous are always admins of subgroups
204:
205: ob.addGroupsToGroups(['admin'],['admin'])
206:
207: if RESPONSE is not None:
208: RESPONSE.redirect('manage_main')
209:
210:
211: class Group(SimpleItem):
212: """Group"""
213:
214: meta_type="Group"
215:
216:
217: manage_options=SimpleItem.manage_options+(
218: {'label':'change group members','action':'changeUsersInGroupForm'},
219: )
220:
221: def __init__(self,id,description):
222: """init group"""
223: self.id=id
224: self.description=description
225: self.userList=[]
226: self.groupList=[]
227:
228: def addUser(self,username):
229: '''
230: add an username to the group
231: @param username:username
232: '''
233: #make sure that entry is persistent
234: list=self.userList
235: list.append(username)
236: self.userList=list[0:]
237:
238: def removeUser(self,username):
239: """
240: remove an user from group
241: """
242: list=self.userList
243: list.remove(username)
244: self.userList=list[0:]
245:
246:
247: def addGroup(self,group):
248: '''
249: add a group to the group
250: @param group: group to be added
251: '''
252: #make sure that entry is persistent
253: list=self.groupList
254: list.append(group)
255: self.groupList=list[0:]
256:
257:
258: def getGroups(self):
259: """get groups, whose members are automatically members of this group"""
260: return self.groupList
261:
262: def getUsers(self):
263: """ get Userlist """
264: return self.userList
265:
266: def changeUsersInGroupForm(self):
267: """html form for changing the users"""
268: pt=PageTemplateFile(os.path.join(package_home(globals()),'zpt','changeUsersInGroup.zpt')).__of__(self)
269: return pt()
270:
271: def changeUsersInGroup(self,userList,RESPONSE=None):
272: """change group"""
273: self.userList=userList.split(",")[0:]
274:
275: if RESPONSE is not None:
276: RESPONSE.redirect('manage_main')
277:
278: def isInGroup(self,username):
279: '''
280: check if username is in group
281: @param username: username
282: '''
283:
284: #special handling of group 'user' all users are in user
285:
286: #TODO: only user which can log in are in 'user'
287: if self.id=="user":
288: return True
289:
290: #check first if user is in userList of this group
291:
292: if username in self.userList:
293: return True
294:
295: #check now if user is member of one of the groups in grouplist
296:
297: groupFolders=self.ZopeFind(self.aq_parent,obj_metatypes=['GroupFolder'])
298: #no groupFolder im parent
299:
300: if len(groupFolders)<1:
301: return False
302:
303: #checke all groups in grouplist
304: for group in self.ZopeFind(groupFolders[0][1],obj_metatype=['Group'],obj_ids=[self.groupList]):
305: if group[1].isInGroup(username):
306: return True
307:
308: return False
309:
310:
311:
312: def manage_addGroupForm(self):
313: """form for adding a groupFolder"""
314: pt=PageTemplateFile(os.path.join(package_home(globals()),'zpt','addGroup.zpt')).__of__(self)
315: return pt()
316:
317: def manage_addGroup(self,id,description='',RESPONSE=None):
318: """add a group folder object"""
319:
320:
321: newObj=Group(id,description)
322:
323: self._setObject(id,newObj)
324: ob=self._getOb(id)
325:
326: if RESPONSE is not None:
327: RESPONSE.redirect('manage_main')
328:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>