""" User and session classes """ __version__ = "$Rev: 73 $" # $URL: svn://localhost/mysqlUserFolder/trunk/c_classes.py $ # # $LastChangedBy: vladap $ # $LastChangedDate: 2005-09-26 00:29:12 +0300 (Mon, 26 Sep 2005) $ import Globals, AccessControl import time, string import cfg, util, db, passwords # --------------------------------------------------------------------- */ # MiscData base class # # This class is not used only for MiscData (as name implies), but for # anything that needs methods from parent user folder. class MiscData (AccessControl.Role.RoleManager): def _set_user_folder (Self, folder): Self.__UserFolder = folder setMiscData__roles__ = None def setMiscData (Self, misc_id, misc_tuple): Self.__UserFolder.miscdata_set (Self.MClass, Self.getDBId (), misc_id, misc_tuple) getMiscData__roles__ = None def getMiscData (Self, misc_id): return Self.__UserFolder.miscdata_get (Self.MClass, Self.getDBId (), misc_id) delMiscData__roles__ = None def delMiscData (Self, misc_id): Self.__UserFolder.miscdata_del (Self.MClass, Self.getDBId (), misc_id) def refresh_user (Self): return Self.__UserFolder.refresh_user (Self) def logout_user (Self, REQUEST, RESPONSE, path): return Self.__UserFolder.user_logout (REQUEST, RESPONSE, path) # --------------------------------------------------------------------- */ # mysqlUser class mysqlUser (AccessControl.User.BasicUser, MiscData): """ This class does not know anything about database. It's instances are created by dbConnection object which reads informations from the database. dbConnection object writes user data in the mysqlUser object using __setXXX () methods. Setting Cookis is not a problem because only UserFolder object sets cookies. mysqlUser object keeps dictionary of Cookies objects (keys are strings) and UserFolder uses only 'Session' and 'Global' strings. """ MClass = 'user' isAmysqlUserObject = 1 icon = 'misc_/mysqlUserFolder/user_icon' def __init__ (Self, username, realm): Self.refreshed = 0 Self.username = username Self.realm = realm def __refresh (Self): if (Self.refresh_user ()): Self.refreshed = 1 def _copy (Self): ret = mysqlUser (Self.username, Self.realm) ret._setDBId (Self.DBId) ret._setUserName (Self.username) ret._setPassword (Self.__auth_password, Self.__auth_password_type) ret._setAuthData (Self.roles, Self.domains) ret._setOtherData (Self.realname, Self.email) return ret def _setOtherData (Self, realname, email): Self.realname = realname Self.email = email def _setAuthData (Self, roles, domains): if type (roles) != type ([]): raise '_setAuthData (): roles is not a list.' if (type (domains) != type ([])) and (type (domains) != type (())): raise '_setAuthData (): domains is not a list.' Self.roles = roles Self.domains = domains def _setDBId (Self, Id): Self.DBId = Id def _setPassword (Self, password, password_type): Self.__auth_password = password Self.__auth_password_type = password_type def _setUserName (Self, username): Self.username = username getUserName__roles__ = None def getUserName (Self): return Self.username getId__roles__ = None def getId (Self): """ For the timebeing, just return username. """ return Self.username getRealm__roles__ = None def getRealm (Self): return Self.realm getRealName__roles__ = None def getRealName (Self): if not Self.refreshed: Self.__refresh () return Self.realname getRoles__roles__ = None def getRoles (Self): return tuple (Self.roles) getDomains__roles__ = None def getDomains (Self): return tuple (Self.domains) getDomainsStr__roles__ = None def getDomainsStr (Self): return string.join (Self.domains) getEMail__roles__ = None def getEMail (Self): if not Self.refreshed: Self.__refresh () return Self.email getDBId__roles__ = None def getDBId (Self): return Self.DBId authenticate_password__roles__ = None def authenticate_password (Self, password, REQUEST): if Self.DBId == cfg.VDB_INVALID_ID: util.log_debug ("mysqlUser.authenticate_password (): " "VDB_INVALID_ID. ") return 0 ptype = Self.__auth_password_type if ptype == cfg.VDB_INVALID_PASSWORD_TYPE: util.log_debug ("mysqlUser.authenticate_password (): " "VDB_INVALID_PASSWORD_TYPE. ") return 0 if ptype == 0: ret = (Self.__auth_password == password) else: ret = passwords.check (password, Self.__auth_password, ptype) return ret def check_domain_spec (Self, REQUEST): if Self.domains == []: return 1 if Self.domains == ['*']: return 1 return util.validate_domain_spec (Self.domains, REQUEST) getPasswordType__roles__ = None def getPasswordType (Self): return Self.__auth_password_type # ----- Disable inherited authenticate (). authenticate__roles__ = () def authenticate (Self): raise AccessControl.User.NotImplemented # ----- GRUF compatibility def _getPassword (Self): return Self.__auth_password # --------------------------------------------------------------------- */ # mysqlSession class mysqlSession (MiscData): """ Session class. """ MClass = 'session' def __init__ (Self): Self.user_id = cfg.VDB_INVALID_ID Self.id = cfg.VDB_INVALID_ID def _setUserId (Self, user_id): Self.user_id = user_id def _setId (Self, id): Self.id = id def _copy (Self): s = mysqlSession () s.user_id = Self.user_id s.id = Self.id return s getId__roles__ = None def getId (Self): return Self.id getDBId__roles__ = None def getDBId (Self): return Self.id getUserId__roles__ = None def getUserId (Self): return Self.user_id isAnonymousUser__roles__ = None def isAnonymousUser (Self): return (Self.user_id == cfg.VDB_INVALID_ID) # --------------------------------------------------------------------- */ # Permission initialization Globals.default__class_init__ (MiscData) Globals.default__class_init__ (mysqlSession) Globals.default__class_init__ (mysqlUser)