##############################################################################
#
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights
# Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this
# distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" ERP5Security product initialization.
"""

from copy import deepcopy

from AccessControl.Permissions import manage_users as ManageUsers
from Products.PluggableAuthService.PluggableAuthService import registerMultiPlugin
from Products.PluggableAuthService.permissions import ManageGroups

import ERP5UserManager
import ERP5GroupManager
import ERP5RoleManager
import ERP5UserFactory
import ERP5KeyAuthPlugin
import ERP5ExternalAuthenticationPlugin
import ERP5BearerExtractionPlugin
import ERP5ExternalOauth2ExtractionPlugin
import ERP5AccessTokenExtractionPlugin

def mergedLocalRoles(object):
  """Returns a merging of object and its ancestors'
  __ac_local_roles__."""
  # Modified to take into account _getAcquireLocalRoles
  merged = {}
  object = getattr(object, 'aq_inner', object)
  while 1:
    if getattr(object, '__ac_local_roles__', None) is not None:
      roles = object.__ac_local_roles__ or {}
      if callable(roles): roles = roles()
      for k, v in roles.iteritems():
        merged.setdefault(k, []).extend(v)
    # block acquisition
    if getattr(object, '_getAcquireLocalRoles', None) is not None:
      if not object._getAcquireLocalRoles():
        break
    if getattr(object, 'aq_parent', None) is not None:
      object = object.aq_parent
      object = getattr(object, 'aq_inner', object)
      continue
    if getattr(object, 'im_self', None) is not None:
      object = object.im_self
      object = getattr(object, 'aq_inner', object)
      continue
    break

  return deepcopy(merged)

registerMultiPlugin(ERP5UserManager.ERP5UserManager.meta_type)
registerMultiPlugin(ERP5GroupManager.ERP5GroupManager.meta_type)
registerMultiPlugin(ERP5RoleManager.ERP5RoleManager.meta_type)
registerMultiPlugin(ERP5UserFactory.ERP5UserFactory.meta_type)
registerMultiPlugin(ERP5KeyAuthPlugin.ERP5KeyAuthPlugin.meta_type)
registerMultiPlugin(ERP5ExternalAuthenticationPlugin.ERP5ExternalAuthenticationPlugin.meta_type)
registerMultiPlugin(ERP5BearerExtractionPlugin.ERP5BearerExtractionPlugin.meta_type)
registerMultiPlugin(ERP5ExternalOauth2ExtractionPlugin.ERP5FacebookExtractionPlugin.meta_type)
registerMultiPlugin(ERP5ExternalOauth2ExtractionPlugin.ERP5GoogleExtractionPlugin.meta_type)
registerMultiPlugin(ERP5AccessTokenExtractionPlugin.ERP5AccessTokenExtractionPlugin.meta_type)

def initialize(context):

    context.registerClass( ERP5UserManager.ERP5UserManager
                         , permission=ManageUsers
                         , constructors=(
                            ERP5UserManager.manage_addERP5UserManagerForm,
                            ERP5UserManager.addERP5UserManager, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5GroupManager.ERP5GroupManager
                         , permission=ManageGroups
                         , constructors=(
                            ERP5GroupManager.manage_addERP5GroupManagerForm,
                            ERP5GroupManager.addERP5GroupManager, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5RoleManager.ERP5RoleManager
                         , permission=ManageUsers
                         , constructors=(
                            ERP5RoleManager.manage_addERP5RoleManagerForm,
                            ERP5RoleManager.addERP5RoleManager, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5UserFactory.ERP5UserFactory
                         , permission=ManageUsers
                         , constructors=(
                            ERP5UserFactory.manage_addERP5UserFactoryForm,
                            ERP5UserFactory.addERP5UserFactory, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5KeyAuthPlugin.ERP5KeyAuthPlugin
                         , permission=ManageUsers
                         , constructors=(
                            ERP5KeyAuthPlugin.manage_addERP5KeyAuthPluginForm,
                            ERP5KeyAuthPlugin.addERP5KeyAuthPlugin, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5ExternalAuthenticationPlugin.ERP5ExternalAuthenticationPlugin
                         , permission=ManageUsers
                         , constructors=(
                            ERP5ExternalAuthenticationPlugin.manage_addERP5ExternalAuthenticationPluginForm,
                            ERP5ExternalAuthenticationPlugin.addERP5ExternalAuthenticationPlugin, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5BearerExtractionPlugin.ERP5BearerExtractionPlugin
                         , permission=ManageUsers
                         , constructors=(
                            ERP5BearerExtractionPlugin.manage_addERP5BearerExtractionPluginForm,
                            ERP5BearerExtractionPlugin.addERP5BearerExtractionPlugin, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5ExternalOauth2ExtractionPlugin.ERP5FacebookExtractionPlugin
                         , permission=ManageUsers
                         , constructors=(
                            ERP5ExternalOauth2ExtractionPlugin.manage_addERP5FacebookExtractionPluginForm,
                            ERP5ExternalOauth2ExtractionPlugin.addERP5FacebookExtractionPlugin, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5ExternalOauth2ExtractionPlugin.ERP5GoogleExtractionPlugin
                         , permission=ManageUsers
                         , constructors=(
                            ERP5ExternalOauth2ExtractionPlugin.manage_addERP5GoogleExtractionPluginForm,
                            ERP5ExternalOauth2ExtractionPlugin.addERP5GoogleExtractionPlugin, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

    context.registerClass( ERP5AccessTokenExtractionPlugin.ERP5AccessTokenExtractionPlugin
                         , permission=ManageUsers
                         , constructors=(
                            ERP5AccessTokenExtractionPlugin.manage_addERP5AccessTokenExtractionPluginForm,
                            ERP5AccessTokenExtractionPlugin.addERP5AccessTokenExtractionPlugin, )
                         , visibility=None
                         , icon='www/portal.gif'
                         )

from AccessControl.SecurityInfo import ModuleSecurityInfo
ModuleSecurityInfo('Products.ERP5Security.ERP5UserManager').declarePublic(
  'getUserByLogin')