Person.py 11 KB
Newer Older
Jean-Paul Smets's avatar
Jean-Paul Smets committed
1 2
##############################################################################
#
3 4 5
# Copyright (c) 2002-2005 Nexedi SARL and Contributors. All Rights Reserved.
#                         Jean-Paul Smets-Solanes <jp@nexedi.com>
#                         Kevin Deldycke <kevin_AT_nexedi_DOT_com>
Jean-Paul Smets's avatar
Jean-Paul Smets committed
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsability of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# garantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
##############################################################################

from AccessControl import ClassSecurityInfo
31
from Products.CMFCore.utils import getToolByName
32 33
from Products.CMFCore.utils import _checkPermission
from Products.CMFCore.exceptions import AccessControl_Unauthorized
34 35
from Globals import PersistentMapping
from Acquisition import aq_base
Jean-Paul Smets's avatar
Jean-Paul Smets committed
36

37
#from Products.ERP5.Core.Node import Node
38

Jean-Paul Smets's avatar
Jean-Paul Smets committed
39
from Products.ERP5Type import Permissions, PropertySheet, Constraint, Interface
40
from Products.ERP5Type.Utils import assertAttributePortalType
Jean-Paul Smets's avatar
Jean-Paul Smets committed
41 42
from Products.ERP5Type.XMLObject import XMLObject

43 44
try:
  from Products import PluggableAuthService
45
  from Products.ERP5Security.ERP5UserManager import ERP5UserManager
46 47 48
except ImportError:
  PluggableAuthService = None

Aurel's avatar
Aurel committed
49
try:
Jérome Perrin's avatar
Jérome Perrin committed
50 51 52
  from AccessControl.AuthEncoding import pw_encrypt
except ImportError:
  pw_encrypt = lambda pw:pw
53

Aurel's avatar
Aurel committed
54 55 56 57 58 59
try:
  from AccessControl.AuthEncoding import pw_validate
except ImportError:
  pw_validate = lambda reference, attempt: reference == attempt
      

60 61
#class Person(Node, XMLObject):
class Person(XMLObject):
Kevin Deldycke's avatar
Kevin Deldycke committed
62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85
    """
      An Person object holds the information about
      an person (ex. you, me, someone in the company,
      someone outside of the company, a member of the portal,
      etc.).

      Person objects can contain Coordinate objects
      (ex. Telephone, Url) as well a documents of various types.

      Person objects can be synchronized accross multiple
      sites.

      Person objects inherit from the Node base class
      (one of the 5 base classes in the ERP5 universal business model)
    """

    meta_type = 'ERP5 Person'
    portal_type = 'Person'
    add_permission = Permissions.AddPortalContent
    isPortalContent = 1
    isRADContent = 1

    # Declarative security
    security = ClassSecurityInfo()
86
    security.declareObjectProtected(Permissions.AccessContentsInformation)
Kevin Deldycke's avatar
Kevin Deldycke committed
87 88 89 90 91 92

    # Declarative properties
    property_sheets = ( PropertySheet.Base
                      , PropertySheet.XMLObject
                      , PropertySheet.CategoryCore
                      , PropertySheet.DublinCore
93
                      , PropertySheet.Reference
94
                      , PropertySheet.Person
Jean-Paul Smets's avatar
Jean-Paul Smets committed
95
                      , PropertySheet.Login
96
                      , PropertySheet.Mapping
97
                      , PropertySheet.Task
98
                      )
Kevin Deldycke's avatar
Kevin Deldycke committed
99 100 101

    def _setTitle(self, value):
      """
102
        Here we see that we must define a notion
Kevin Deldycke's avatar
Kevin Deldycke committed
103 104 105 106 107
        of priority in the way fields are updated
      """
      if value != self.getTitle():
        self.title = value

108 109
    security.declareProtected(Permissions.AccessContentsInformation,
                              'getTitle')
Kevin Deldycke's avatar
Kevin Deldycke committed
110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125
    def getTitle(self, **kw):
      """
        Returns the title if it exists or a combination of
        first name and last name
      """
      if self.title == '':
        name_list = []
        if self.getFirstName() not in (None, ''):
          name_list.append(self.getFirstName())
        if self.getMiddleName() not in (None, ''):
          name_list.append(self.getMiddleName())
        if self.getLastName() not in (None, ''):
          name_list.append(self.getLastName())
        return ' '.join(name_list)
      else:
        return self.title
126

127 128 129 130
    security.declareProtected(Permissions.AccessContentsInformation,
                              'title_or_id')
    def title_or_id(self):
      return self.getTitleOrId()
Kevin Deldycke's avatar
Kevin Deldycke committed
131 132 133 134 135

    def _setFirstName(self, value):
      """
        Update Title if first_name is modified
      """
136 137 138 139 140
      self._baseSetFirstName(value)
      name_list = []
      if self.getFirstName(): name_list.append(self.getFirstName())
      if self.getLastName(): name_list.append(self.getLastName())
      if name_list: self._setTitle(' '.join(name_list))
Kevin Deldycke's avatar
Kevin Deldycke committed
141 142 143 144 145

    def _setLastName(self, value):
      """
        Update Title if last_name is modified
      """
146 147 148 149 150
      self._baseSetLastName(value)
      name_list = []
      if self.getFirstName(): name_list.append(self.getFirstName())
      if self.getLastName(): name_list.append(self.getLastName())
      if name_list: self._setTitle(' '.join(name_list))
151 152 153 154 155 156 157 158

    security.declareProtected('Manage users', 'setReference')
    def setReference(self, value):
      """
        Set the user id. This method is defined explicitly, because:

        - we want to apply a different permission

159 160
        - we want to prevent duplicated user ids, but only when
          PAS _AND_ ERP5UserManager are used
161 162
      """
      if value:
163 164 165 166
        acl_users = getToolByName(self, 'acl_users')
        if PluggableAuthService is not None and isinstance(acl_users,
              PluggableAuthService.PluggableAuthService.PluggableAuthService):
          plugin_list = acl_users.plugins.listPlugins(
167 168 169
              PluggableAuthService.interfaces.plugins.IUserEnumerationPlugin)
          for plugin_name, plugin_value in plugin_list:
            if isinstance(plugin_value, ERP5UserManager):
170 171
              user_list = acl_users.searchUsers(id=value,
                                                exact_match=True)
172 173 174
              if len(user_list) > 0:
                raise RuntimeError, 'user id %s already exist' % (value,)
              break
175 176
      self._setReference(value)
      self.reindexObject()
177
      # invalid the cache for ERP5Security
178 179
      portal_caches = getToolByName(self.getPortalObject(), 'portal_caches')
      portal_caches.clearCache(cache_factory_list=('erp5_content_short', ))
180

Aurel's avatar
Aurel committed
181 182 183 184 185 186 187 188
    security.declareProtected(Permissions.SetOwnPassword, 'checkPassword')
    def checkPassword(self, value) :
      """
        Check the password, usefull when changing password
      """      
      if value is not None :
        return pw_validate(self.getPassword(), value)
      return False
189

190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209
    def _setEncodedPassword(self, value, format='default'):
      password = getattr(aq_base(self), 'password', None)
      if password is None:
        password = self.password = PersistentMapping()
      self.password[format] = value

    security.declarePublic('setPassword')
    def setEncodedPassword(self, value, format='default'):
      """
        Set an already encoded password.
      """
      if not _checkPermission(Permissions.SetOwnPassword, self):
        raise AccessControl_Unauthorized('setEncodedPassword')
      self._setEncodedPassword(value, format=format)
      self.reindexObject()

    def _setPassword(self, value):
      self.password = PersistentMapping()
      self._setEncodedPassword(pw_encrypt(value))

210
    security.declarePublic('setPassword')
211 212 213 214
    def setPassword(self, value) :
      """
        Set the password, only if the password is not empty.
      """
215 216 217
      if value is not None:
        if not _checkPermission(Permissions.SetOwnPassword, self):
          raise AccessControl_Unauthorized('setPassword')
218
        self._setPassword(value)
219
        self.reindexObject()
220

221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251
    security.declareProtected(Permissions.AccessContentsInformation, 'getPassword')
    def getPassword(self, *args, **kw):
      """
        Retrieve password in desired format.

        getPassword([default], [format='default'])

        default (anything)
          Value to return if no passord is set on context.
          Default: no default, raises AttributeError if property is not set.
        format (string)
          String defining the format in which the password is expected.
          If passowrd is not available in that format, KeyError will be
          raised.
          Default: 'default'
      """
      password = getattr(aq_base(self), 'password', *args)
      format = kw.get('format', 'default')
      try:
        # Backward compatibility: if it's not a PersistentMapping instance,
        # assume it's a monovalued string, which corresponds to default
        # password encoding.
        if isinstance(password, PersistentMapping):
          password = password[format]
        else:
          if format != 'default':
            raise KeyError
      except KeyError:
        raise KeyError, 'Password is not available in %r format.' % (format, )
      return password

252 253 254 255 256 257
    # Time management
    security.declareProtected(Permissions.AccessContentsInformation, 
                              'getAvailableTime')
    def getAvailableTime(self, *args, **kw):
      """
      Calculate available time for a person
258

259
      See SimulationTool.getAvailableTime
260 261 262 263 264 265 266 267 268 269 270 271 272 273 274
      """
      assignment_list = self.contentValues(portal_type='Assignment')
      calendar_uid_list = []
      for assignment in assignment_list:
        calendar_uid_list.extend(assignment.getCalendarUidList())
      kw['node'] = [self.getUid()] + calendar_uid_list

      portal_simulation = getToolByName(self, 'portal_simulation')
      return portal_simulation.getAvailableTime(*args, **kw)

    security.declareProtected(Permissions.AccessContentsInformation, 
                              'getAvailableTimeSequence')
    def getAvailableTimeSequence(self, *args, **kw):
      """
      Calculate available time for a person in a sequence
275 276
      
      See SimulationTool.getAvailableTimeSequence
277 278 279 280 281 282 283 284 285
      """
      assignment_list = self.contentValues(portal_type='Assignment')
      calendar_uid_list = []
      for assignment in assignment_list:
        calendar_uid_list.extend(assignment.getCalendarUidList())
      kw['node'] = [self.getUid()] + calendar_uid_list

      portal_simulation = getToolByName(self, 'portal_simulation')
      return portal_simulation.getAvailableTimeSequence(*args, **kw)
286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302

    # Notifiation API
    security.declareProtected(Permissions.AccessContentsInformation, 
                              'notifyMessage')
    def notifyMessage(self, message):
      """
      This method can only be called with proxy roles.

      A per user preference allows for deciding how to be notified.
      - by email
      - by SMS (if meaningful)
      - daily
      - weekly
      - instantly

      notification is handled as an activity
      """