Add 'Authenticated' role as a standard Zope role. The Authenticated role is...

Add 'Authenticated' role as a standard Zope role. The Authenticated role is provided to those users who have succesfully authenticated to Zope in any manner (basically, all users who are not the Anonymous User) by default.

Add 'Authenticated' role as a standard Zope role. The Authenticated role is...
Add 'Authenticated' role as a standard Zope role. The Authenticated role is provided to those users who have succesfully authenticated to Zope in any manner (basically, all users who are not the Anonymous User) by default.
58b1fefa · Chris McDonough · 330af062 · 58b1fefa · 58b1fefa · 58b1fefa
Commit 58b1fefa authored May 21, 2001 by Chris McDonough
6 changed files
--- a/lib/python/AccessControl/Role.py
+++ b/lib/python/AccessControl/Role.py
@@ -84,7 +84,7 @@
 ##############################################################################
 """Access control support"""

-__version__='$Revision: 1.47 $'[11:-2]
+__version__='$Revision: 1.48 $'[11:-2]


 from Globals import DTMLFile, MessageDialog, Dictionary
@@ -117,7 +117,7 @@ class RoleManager(ExtensionClass.Base, PermissionMapping.RoleManager):
          'manage_defined_roles', 'userdefined_roles',
          'manage_listLocalRoles', 'manage_editLocalRoles',
          'manage_setLocalRoles', 'manage_addLocalRoles',
-          'manage_delLocalRoles',
+          'manage_delLocalRoles'
          )),
        )

@@ -132,7 +132,7 @@ class RoleManager(ExtensionClass.Base, PermissionMapping.RoleManager):
         },
        )
   
-    __ac_roles__=('Manager', 'Owner', 'Anonymous')
+    __ac_roles__=('Manager', 'Owner', 'Anonymous', 'Authenticated')

    permissionMappingPossibleValues=Acquired


--- a/lib/python/AccessControl/User.py
+++ b/lib/python/AccessControl/User.py
@@ -84,7 +84,7 @@
 ##############################################################################
 """Access control package"""

-__version__='$Revision: 1.149 $'[11:-2]
+__version__='$Revision: 1.150 $'[11:-2]

 import Globals, socket, SpecialUsers,re
 import os
@@ -249,6 +249,12 @@ class BasicUser(Implicit):
        if object_roles is None or 'Anonymous' in object_roles:
            return 1

+        # Provide short-cut access if object is protected by 'Authenticated'
+        # role and user is not nobody
+        if 'Authenticated' in object_roles and (
+            self.getUserName() != 'Anonymous User'):
+            return 1
+
        # Check for ancient role data up front, convert if found.
        # This should almost never happen, and should probably be
        # deprecated at some point.
@@ -343,7 +349,8 @@ class SimpleUser(BasicUser):

    def getRoles(self):
        """Return the list of roles assigned to a user."""
-        return tuple(self.roles)
+        if self.name == 'Anonymous User': return tuple(self.roles)
+        else: return tuple(self.roles) + ('Authenticated',)

    def getDomains(self):
        """Return the list of domain restrictions for a user"""

--- a/lib/python/AccessControl/dtml/addUser.dtml
+++ b/lib/python/AccessControl/dtml/addUser.dtml
@@ -73,12 +73,14 @@ Domains
  <div class="form-element">
  <select name="roles:list" size="5" multiple>
  <dtml-in valid_roles>
+  <dtml-if expr="_vars['sequence-item'] != 'Authenticated'">
  <dtml-if expr="_vars['sequence-item'] != 'Anonymous'">
  <dtml-if expr="_vars['sequence-item'] != 'Shared'">
  <option value="<dtml-var sequence-item html_quote>"><dtml-var 
   sequence-item>
  </dtml-if>
  </dtml-if>
+  </dtml-if>
  </dtml-in valid_roles>
  </select>
  <br />

--- a/lib/python/AccessControl/dtml/editUser.dtml
+++ b/lib/python/AccessControl/dtml/editUser.dtml
@@ -70,6 +70,7 @@ Roles
 <div class="form-element">
 <SELECT NAME="roles:list" SIZE="5" MULTIPLE>
 <dtml-in valid_roles>
+<dtml-if expr="_vars['sequence-item'] != 'Authenticated'">
 <dtml-if expr="_vars['sequence-item'] != 'Anonymous'">
 <dtml-if expr="_vars['sequence-item'] != 'Shared'">
 <dtml-if expr="_vars['sequence-item'] in user.roles">
@@ -80,6 +81,7 @@ Roles
 </dtml-if>
 </dtml-if>
 </dtml-if>
+</dtml-if>
 </dtml-in valid_roles>
 </SELECT>


--- a/lib/python/AccessControl/dtml/listLocalRoles.dtml
+++ b/lib/python/AccessControl/dtml/listLocalRoles.dtml
@@ -86,7 +86,7 @@ roles that should be given to that user from the <em>Roles</em> list.
  <div class="form-element">
  <select name="roles:list" size="5" multiple>
 <dtml-in valid_roles><dtml-if 
-"_vars['sequence-item'] not in ('Anonymous', 'Shared')">
+"_vars['sequence-item'] not in ('Anonymous', 'Shared', 'Authenticated')">
 <option value="<dtml-var sequence-item html_quote>"><dtml-var 
 sequence-item></option>
 </dtml-if>

--- a/lib/python/OFS/Application.py
+++ b/lib/python/OFS/Application.py
@@ -85,8 +85,8 @@
 __doc__='''Application support


-$Id: Application.py,v 1.145 2001/05/17 18:37:40 shane Exp $'''
-__version__='$Revision: 1.145 $'[11:-2]
+$Id: Application.py,v 1.146 2001/05/21 17:57:57 chrism Exp $'''
+__version__='$Revision: 1.146 $'[11:-2]

 import Globals,Folder,os,sys,App.Product, App.ProductRegistry, misc_
 import time, traceback, os, string, Products
@@ -420,6 +420,13 @@ def initialize(app):
        get_transaction().note('Added Owner role')
        get_transaction().commit()

+    # ensure the Authenticated role exists.
+    if hasattr(app, '__ac_roles__'):
+        if not 'Authenticated' in app.__ac_roles__:
+            app.__ac_roles__=app.__ac_roles__ + ('Authenticated',)
+            get_transaction().note('Added Authenticated role')
+            get_transaction().commit()
+
    # Make sure we have Globals
    root=app._p_jar.root()
    if not root.has_key('ZGlobals'):