Commit 2f1121f7 authored by Rafael Monnerat's avatar Rafael Monnerat

ERP5Security: External Auhentication Plugin accepts Login portal type list

   This allow the administrator define which Login portal types are searched.
parent bd48ab43
......@@ -42,10 +42,10 @@ manage_addERP5ExternalAuthenticationPluginForm = PageTemplateFile(
__name__='manage_addERP5ExternalAuthenticationPluginForm')
def addERP5ExternalAuthenticationPlugin(dispatcher, id, title=None, user_id_key='',
REQUEST=None):
login_portal_type_list='ERP5 Login', REQUEST=None):
""" Add a ERP5ExternalAuthenticationPlugin to a Pluggable Auth Service. """
plugin = ERP5ExternalAuthenticationPlugin(id, title, user_id_key)
plugin = ERP5ExternalAuthenticationPlugin(id, title, user_id_key, login_portal_type_list)
dispatcher._setObject(plugin.getId(), plugin)
if REQUEST is not None:
......@@ -76,15 +76,22 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
'mode':'w',
'label':'HTTP request header key where the user_id is stored'
},
{'id': 'login_portal_type_list',
'type':'string',
'mode':'w',
'label': 'List of Login Portal Types to search'
},
)
+ BasePlugin._properties[:]
)
def __init__(self, id, title=None, user_id_key=''):
def __init__(self, id, title=None, user_id_key='', login_portal_type_list="ERP5 Login"):
#Register value
self._setId(id)
self.title = title
self.user_id_key = user_id_key
self.login_portal_type_list = login_portal_type_list
####################################
#ILoginPasswordHostExtractionPlugin#
......@@ -97,9 +104,10 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
if getHeader is None:
# use get_header instead for Zope-2.8
getHeader = request.get_header
user_id = getHeader(self.user_id_key)
if user_id is not None:
creds['external_login'] = user_id
external_login = getHeader(self.user_id_key)
if external_login is not None:
creds['external_login'] = external_login
creds['login_portal_type'] = self.login_portal_type_list.split(",")
else:
# fallback to default way
return DumbHTTPExtractor().extractCredentials(request)
......@@ -125,7 +133,7 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
__name__='manage_editERP5ExternalAuthenticationPluginForm')
security.declareProtected(ManageUsers, 'manage_editERP5ExternalAuthenticationPlugin')
def manage_editERP5ExternalAuthenticationPlugin(self, user_id_key, RESPONSE=None):
def manage_editERP5ExternalAuthenticationPlugin(self, user_id_key, login_portal_type_list, RESPONSE=None):
"""Edit the object"""
error_message = ''
......@@ -135,6 +143,12 @@ class ERP5ExternalAuthenticationPlugin(BasePlugin):
else:
self.user_id_key = user_id_key
#Save user_id_key
if login_portal_type_list == '' or login_portal_type_list is None:
error_message += 'Invalid key value '
else:
self.login_portal_type_list = login_portal_type_list
#Redirect
if RESPONSE is not None:
if error_message != '':
......
......@@ -36,6 +36,16 @@
<input type="text" name="user_id_key" size="40" />
</td>
</tr>
<tr>
<td align="left" valign="top">
<div class="form-label">
List of Login Portal Types (separated by commas)
</div>
</td>
<td align="left" valign="top">
<input type="text" name="login_portal_type_list" size="40" />
</td>
</tr>
<tr>
<td colspan="2"> <input type="submit" value="add plugin"/>
</td>
......
......@@ -7,7 +7,8 @@
<form action="manage_editERP5ExternalAuthenticationPlugin" method="POST">
<table tal:define="user_id_key request/user_id_key|context/user_id_key|string:;">
<table tal:define="user_id_key request/user_id_key|context/user_id_key|string:;
login_portal_type_list request/login_portal_type_list|context/login_portal_type_list|string:">
<tr>
<td>HTTP request header key where the user_id is stored</td>
......@@ -16,6 +17,13 @@
tal:attributes="value user_id_key;" />
</td>
</tr>
<tr>
<td>List of Login Portal Types (separated by commas)</td>
<td>
<input type="text" name="login_portal_type_list" value=""
tal:attributes="value login_portal_type_list" size="40" />
</td>
</tr>
<tr>
<td colspan="2">
<input type="submit" value="save"/>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment