Mercurial Mercurial > pyams > pyams_security / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/pyams_security/site.py
changeset 94 01d611aa7891
parent 42 07229ac2497b
child 108 c90fcf4fb977
equal deleted inserted replaced
93:be0b2504aaf3 94:01d611aa7891 
    14 
    14 
    15 
    15 
    16 # import standard library
 
    16 # import standard library
 
    17 
    17 
    18 # import interfaces
 
    18 # import interfaces
 
    19 from pyams_security.interfaces import ISecurityManager
 
    19 from pyams_security.interfaces import ISecurityManager, SYSTEM_PREFIX, ADMIN_USER_LOGIN, INTERNAL_USER_LOGIN
 
    20 from pyams_utils.interfaces.site import ISiteGenerations
 
    20 from pyams_utils.interfaces.site import ISiteGenerations
 
    21 from zope.lifecycleevent.interfaces import IObjectCreatedEvent
 
    21 from zope.lifecycleevent.interfaces import IObjectCreatedEvent
 
    22 from zope.principalannotation.interfaces import IPrincipalAnnotationUtility
 
    22 from zope.principalannotation.interfaces import IPrincipalAnnotationUtility
 
    23 from zope.site.interfaces import INewLocalSite
 
    23 from zope.site.interfaces import INewLocalSite
 
    24 
    24 
    35 
    35 
    36 REQUIRED_UTILITIES = ((ISecurityManager, '', SecurityManager, 'Security manager'),
 
    36 REQUIRED_UTILITIES = ((ISecurityManager, '', SecurityManager, 'Security manager'),
 
    37                       (IPrincipalAnnotationUtility, '', PrincipalAnnotationUtility, 'User profiles'))
 
    37                       (IPrincipalAnnotationUtility, '', PrincipalAnnotationUtility, 'User profiles'))
 
    38 
    38 
    39 
    39 
       
    40 def get_admin_user():
 
       
    41     """Get system manager profile"""
 
       
    42     admin_auth = AdminAuthenticationPlugin()
 
       
    43     admin_auth.prefix = SYSTEM_PREFIX
 
       
    44     admin_auth.title = 'System manager authentication'
 
       
    45     admin_auth.login = ADMIN_USER_LOGIN
 
       
    46     admin_auth.password = 'admin'
 
       
    47     return admin_auth
 
       
    48 
       
    49 
       
    50 def get_service_user():
 
       
    51     """Get internal services profile"""
 
       
    52     service_auth = AdminAuthenticationPlugin()
 
       
    53     service_auth.prefix = SYSTEM_PREFIX
 
       
    54     service_auth.title = 'internal service'
 
       
    55     service_auth.login = INTERNAL_USER_LOGIN
 
       
    56     service_auth.password = None
 
       
    57     return service_auth
 
       
    58 
       
    59 
    40 @subscriber(INewLocalSite)
 
    60 @subscriber(INewLocalSite)
 
    41 def handle_new_local_site(event):
 
    61 def handle_new_local_site(event):
 
    42     """Create a new security manager when a site is created"""
 
    62     """Create a new security manager when a site is created"""
 
    43     site = event.manager.__parent__
 
    63     site = event.manager.__parent__
 
    44     check_required_utilities(site, REQUIRED_UTILITIES)
 
    64     check_required_utilities(site, REQUIRED_UTILITIES)
 
    51     generation = 1
 
    71     generation = 1
 
    52 
    72 
    53     def evolve(self, site, current=None):
 
    73     def evolve(self, site, current=None):
 
    54         """Check for required utilities"""
 
    74         """Check for required utilities"""
 
    55         check_required_utilities(site, REQUIRED_UTILITIES)
 
    75         check_required_utilities(site, REQUIRED_UTILITIES)
 
       
    76         manager = site.getSiteManager().queryUtility(ISecurityManager)
 
       
    77         if manager is not None:
 
       
    78             if '__system__' not in manager:
 
       
    79                 admin_auth = get_admin_user()
 
       
    80                 get_current_registry().notify(ObjectCreatedEvent(admin_auth))
 
       
    81                 manager['__internal__'] = admin_auth
 
       
    82             if '__internal__' not in manager:
 
       
    83                 service_auth = get_service_user()
 
       
    84                 get_current_registry().notify(ObjectCreatedEvent(service_auth))
 
       
    85                 manager['__internal__'] = service_auth
 
    56 
    86 
    57 
    87 
    58 @subscriber(IObjectCreatedEvent, context_selector=ISecurityManager)
 
    88 @subscriber(IObjectCreatedEvent, context_selector=ISecurityManager)
 
    59 def handle_new_security_manager(event):
 
    89 def handle_new_security_manager(event):
 
    60     """Automatically create a new administration login"""
 
    90     """Automatically create a new administration login"""
 
    61     admin_auth = AdminAuthenticationPlugin()
 
    91     utility = event.object
 
    62     admin_auth.prefix = 'system'
 
    92     admin_auth = get_admin_user()
 
    63     admin_auth.title = 'System manager authentication'
 
       
    64     admin_auth.login = 'admin'
 
       
    65     admin_auth.password = 'admin'
 
       
    66     get_current_registry().notify(ObjectCreatedEvent(admin_auth))
 
    93     get_current_registry().notify(ObjectCreatedEvent(admin_auth))
 
    67     utility = event.object
 
       
    68     utility['__system__'] = admin_auth
 
    94     utility['__system__'] = admin_auth
 
       
    95     service_auth = get_service_user()
 
       
    96     get_current_registry().notify(ObjectCreatedEvent(service_auth))
 
       
    97     utility['__internal__'] = service_auth
pyams/pyams_security