Mercurial > hg > OKFNAnnotator

changeset 7:279473355e9b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
authentication works with hierarchy of acl_users now.
author root@tuxserve03.mpiwg-berlin.mpg.de
date Fri, 09 Nov 2012 18:05:11 +0100
parents 17bbd5e80d15
children 93c835b645af
files AuthTokenGenerator.py version.txt
diffstat 2 files changed, 12 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/AuthTokenGenerator.py	Tue Oct 30 20:20:31 2012 +0100
+++ b/AuthTokenGenerator.py	Fri Nov 09 18:05:11 2012 +0100
@@ -3,6 +3,7 @@
 from OFS.PropertyManager import PropertyManager
 from AccessControl import getSecurityManager
 from zExceptions import Unauthorized
+from Acquisition import aq_chain
 
 import logging
 import datetime
@@ -77,7 +78,6 @@
         else:
             self.REQUEST.RESPONSE.setStatus('Unauthorized')
             return "Please Authenticate!"
-        
 
     def _user_allowed(self, user=None, password=None):
         # check the login
@@ -95,9 +95,16 @@
         
         if password:
             logging.debug("trying password")
-            # TODO: should we care about aquisition?
-            authuser = self.acl_users.authenticate(user, password, None)
-            return authuser
+            # try all user folders in aq_chain
+            authuser = None
+            userfolder = None
+            for ctx in aq_chain(self):
+                new_uf = getattr(ctx, 'acl_users', None)
+                if new_uf != userfolder:
+                    userfolder = new_uf
+                    authuser = userfolder.authenticate(user, password, None)
+                    if authuser is not None:
+                        return authuser
             
         return None
 
--- a/version.txt	Tue Oct 30 20:20:31 2012 +0100
+++ b/version.txt	Fri Nov 09 18:05:11 2012 +0100
@@ -1,1 +1,1 @@
-0.5
\ No newline at end of file
+0.6