Son of ACL

a2fbee09 · 73c0fe4e · a2fbee09 · a2fbee09 · a2fbee09 · a2fbee09
Commit a2fbee09 authored Aug 26, 1997 by
6 changed files
--- a/lib/python/AccessControl/ACL.py
+++ b/lib/python/AccessControl/ACL.py
 """Access control objects"""

-__version__='$Revision: 1.1 $'[11:-2]
+__version__='$Revision: 1.2 $'[11:-2]


 from Persistence import Persistent
@@ -250,9 +250,10 @@ class RoleManager:
    def parse_roles_string(self, roles):
 	"""Utility routine for parsing roles given as a string
 	"""
-	roles=map(strip,split(strip(roles)))
 	try: del self.__roles__
 	except: pass
+	if not roles: return
+	roles=map(strip,split(strip(roles)))
 	if roles=='public':
 	    self.__roles__=None
 	elif roles: self.__roles__=roles
--- a/lib/python/AccessControl/User.py
+++ b/lib/python/AccessControl/User.py
+"""Access control objects"""
+
+__version__='$Revision: 1.1 $'[11:-2]
+
+
+from Persistence import Persistent,PersistentMapping
+from Acquisition import Implicit
+from DocumentTemplate import HTML
+from Globals import MessageDialog
+from Globals import Bobobase
+from base64 import decodestring
+from string import join,strip,split,lower
+
+
+
+class SafeDtml(HTML):
+    """Lobotomized document template w/no editing"""
+    def __init__(self,name='',*args,**kw):
+        f=open('%s/lib/python/AccessControl/%s.dtml' % (SOFTWARE_HOME, name))
+        s=f.read()
+        f.close()
+        args=(self,s,)+args
+	kw['SOFTWARE_URL']=SOFTWARE_URL
+	apply(HTML.__init__,args,kw)
+    manage             =None
+    manage_editDocument=None
+    manage_editForm    =None
+    manage_edit        =None
+
+
+
+
+class User(Implicit, Persistent):
+    """ """
+    def __init__(self,name=None,password=None,roles=[]):
+	if name is not None:
+	    self._name    =name
+	    self._password=password
+	    self._roles   =roles
+
+    def __str__(self):
+	return self._name
+
+    def __repr__(self):
+        return self._name
+
+
+
+class UserFolder(Implicit, Persistent):
+    """ """
+    meta_type='User Folder'
+    id       ='UserFolder'
+    title    ='User Folder'
+    icon     ='AccessControl/UserFolder_icon.gif'
+
+    isAUserFolder=1
+
+    manage     =SafeDtml('Generic_manage')
+    manage_menu=SafeDtml('Generic_manage_menu')
+    manage_main=SafeDtml('UserFolder_manage_main')
+    _editForm  =SafeDtml('UserFolder_manage_editForm')
+    index_html =manage_main
+
+    manage_options=(
+    {'icon':'AccessControl/UserFolder_icon.gif', 'label':'Contents',
+     'action':'manage_main',   'target':'manage_main'},
+    {'icon':'OFS/Help_icon.gif', 'label':'Help',
+     'action':'manage_help',   'target':'_new'},
+    )
+
+    def _init(self):
+	self._data=PersistentMapping({'Brian': User('Brian','123',['manage',]),
+		    'Jim Fulton' : User('Jim Fulton', '123', ['manage',]),
+		    'Paul Everitt': User('Paul Everitt','123',['manage',])
+		    })
+
+    def __len__(self):
+	return len(self.userNames())
+
+    def parentObject(self):
+	try:    return (self.aq_parent,)
+	except: return ()
+
+    def userNames(self):
+	return self._data.keys()
+
+    def roleNames(self):
+	return Bobobase['roles']
+#	return ['manage','foo','bar','spam']
+
+    def validate(self,request,auth,roles=None):
+	if lower(auth[:6])!='basic ':
+	    return None
+	[name,password]=split(decodestring(split(auth)[-1]), ':')
+	try:    user=self._data[name]
+	except: return None
+	if password!=user._password:
+	    return None
+	if roles is None:
+	    return user
+	for role in roles:
+	    if role in user._roles:
+		return user
+	return None
+
+    def manage_addUser(self,REQUEST,name,password,confirm,roles=[]):
+        """ """
+	if self._data.has_key(name):
+            return MessageDialog(title='Illegal value', 
+                   message='An item with the specified name already exists',
+                   action='%s/manage' % REQUEST['PARENT_URL'])
+
+	if password!=confirm:
+            return MessageDialog(title='Illegal value', 
+                   message='Password and confirmation do not match',
+                   action='%s/manage' % REQUEST['PARENT_URL'])
+        self._data[name]=User(name,password,roles)
+        return self.manage_main(self, REQUEST)
+
+    def manage_editForm(self,REQUEST,name):
+        """ """
+	try:    user=self._data[name]
+	except: return MessageDialog(title='Illegal value',
+                message='The specified item does not exist',
+                action='%s/manage_main' % REQUEST['PARENT_URL'])
+	name    =user._name
+	pw      =user._password
+	rolelist=map(lambda k, s=user._roles:
+		     k in s and ('<OPTION VALUE="%s" SELECTED>%s' % (k,k)) \
+		     or  ('<OPTION VALUE="%s">%s' % (k,k)), self.roleNames())
+	return self._editForm(self,REQUEST,name=name,pw=pw,rolelist=rolelist)
+
+    def manage_editUser(self,REQUEST,name,password,confirm,roles=[]):
+        """ """
+	try:    user=self._data[name]
+	except: return MessageDialog(title='Illegal value',
+                message='The specified item does not exist',
+                action='%s/manage_main' % REQUEST['PARENT_URL'])
+	if password!=confirm:
+            return MessageDialog(title='Illegal value', 
+                   message='Password and confirmation do not match',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+	user._password=password
+	user._roles   =roles
+        return self.manage_main(self, REQUEST)
+
+    def manage_deleteUser(self,REQUEST,names=[]):
+        """ """
+	if 0 in map(self._data.has_key, names):
+            return MessageDialog(title='Illegal value',
+                   message='One or more items specified do not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+	for n in names:
+            del self._data[n]
+        return self.manage_main(self, REQUEST)
+
+
+
+
+
+
+
+def manage_addUserFolder(self,self2,REQUEST):
+    """ """
+#    if self.__dict__.has_key('__allow_groups__'):
+#        return MessageDialog(title='Object exists',
+#                              message='This object already has a User Folder',
+#                              action='%s/manage' % REQUEST['PARENT_URL'])
+    i=UserFolder()
+    i._init()
+    self._setObject('UserFolder', i)
+    self.__allow_groups__=self.UserFolder
+    return self.manage_main(self,REQUEST)
--- a/lib/python/AccessControl/UserFolder_manage_editForm.dtml
+++ b/lib/python/AccessControl/UserFolder_manage_editForm.dtml
+<HTML>
+<HEAD>
+<TITLE>Edit User</TITLE>
+</HEAD>
+<BODY BGCOLOR="#FFFFFF" LINK="#000099" VLINK="#555555" ALINK="#77003B">
+<FONT SIZE="+2">Edit User</FONT>
+<P>
+<FORM ACTION="<!--#var PARENT_URL-->/manage_editUser" METHOD="POST">
+<TABLE>
+<TR>
+<TD VALIGN="TOP">Name</TD>
+<TD VALIGN="TOP"><!--#var name--></TD>
+</TR>
+<TR>
+<TD VALIGN="TOP">Password</TD>
+<TD VALIGN="TOP">
+<INPUT TYPE="PASSWORD" NAME="password" VALUE="<!--#var pw-->" SIZE="20"></TD>
+</TR>
+<TR>
+<TD VALIGN="TOP">(Confirm)</TD>
+<TD VALIGN="TOP">
+<INPUT TYPE="PASSWORD" NAME="confirm" VALUE="<!--#var pw-->" SIZE="20"></TD>
+</TR>
+<TR>
+<TD VALIGN="TOP">Roles</TD>
+<TD VALIGN="TOP">
+<SELECT NAME="roles:list" SIZE="5" MULTIPLE>
+<!--#if rolelist-->
+<!--#in rolelist-->
+<!--#var sequence-item-->
+<!--#/in rolelist-->
+<!--#/if rolelist-->
+</SELECT>
+<INPUT TYPE="HIDDEN" NAME="name" VALUE="<!--#var name-->">
+<BR>
+<INPUT TYPE="SUBMIT" VALUE="Save Changes">
+</TD>
+</TR>
+</TABLE>
+</FORM>
+</BODY>
+</HTML>
--- a/lib/python/AccessControl/UserFolder_manage_main.dtml
+++ b/lib/python/AccessControl/UserFolder_manage_main.dtml
+<HTML>
+<HEAD>
+<TITLE><!--#var title--></TITLE>
+</HEAD>
+<BODY BGCOLOR="#FFFFFF" LINK="#000099" VLINK="#555555" ALINK="#77003B">
+<FONT SIZE="+2"><!--#var title--></FONT>
+<P>
+
+<!--#if parentObject-->
+  <!--#in parentObject-->
+  <A HREF="<!--#var URL2-->/manage" target="_top">
+  <IMG SRC="<!--#var SOFTWARE_URL-->/OFS/UpFolder_icon.gif" BORDER=0>
+  </A>
+  Return to <!--#if title-->
+            <!--#var title-->
+            <!--#else title-->
+            <!--#var id-->
+            <!--#/if title-->
+  <BR>
+  <!--#/in parentObject-->
+<!--#/if parentObject-->
+<P>
+<TABLE>
+<!--#if userNames-->
+<TR>
+  <TD VALIGN="TOP">
+  The following users have been defined. To edit a user, select a user
+  from the list and click the <I>Edit User</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_editForm" METHOD="POST">
+  <SELECT NAME="name">
+  <!--#in userNames-->
+  <OPTION VALUE="<!--#var sequence-item-->"> <!--#var sequence-item-->
+  <!--#/in userNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Edit User">
+  </FORM>
+  </TD>
+</TR>
+<!--#else userNames-->
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  There are no users defined.
+  </TD>
+</TR>
+<!--#/if userNames-->
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  <BR>
+  To add a new user, enter the name, password, confirmation and 
+  roles for the new user and click the <I>Add User</I> button.
+  </TD>
+</TR>
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_addUser" METHOD="POST">
+  <TABLE>
+  <TR>
+  <TD VALIGN="TOP">Name</TD>
+  <TD VALIGN="TOP"><INPUT TYPE="TEXT" NAME="name" SIZE="20"></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">Password</TD>
+  <TD VALIGN="TOP"><INPUT TYPE="PASSWORD" NAME="password" SIZE="20"></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">(Confirm)</TD>
+  <TD VALIGN="TOP"><INPUT TYPE="PASSWORD" NAME="confirm" SIZE="20"></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">Roles</TD>
+  <TD VALIGN="TOP">
+  <SELECT NAME="roles:list" SIZE="5" MULTIPLE>
+  <!--#if roleNames-->
+  <!--#in roleNames-->
+  <OPTION><!--#var sequence-item-->
+  <!--#/in roleNames-->
+  <!--#/if roleNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Add User">
+  </TD>
+  </TR>
+  </TABLE>
+  </FORM>
+  </TD>
+</TR>
+<!--#if userNames-->
+<TR>
+  <TD VALIGN="TOP">
+  <BR>
+  To delete one or more users, select the users
+  you wish to delete and click the <I>Delete Users</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <BR>
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_deleteUser" METHOD="POST">
+  <SELECT NAME="names:list" MULTIPLE SIZE="5" >
+  <!--#in userNames-->
+  <OPTION><!--#var sequence-item-->
+  <!--#/in userNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Delete Users">
+  </FORM>
+  </TD>
+</TR>
+<!--#/if userNames-->
+</TABLE>
+</BODY>
+</HTML>
--- a/lib/python/AccessControl/__init__.py
+++ b/lib/python/AccessControl/__init__.py
+__doc__="""$Id: __init__.py,v 1.1 1997/08/26 18:54:42 brian Exp $"""
+__version__='$Revision: 1.1 $'[11:-2]
+
+import User
+
+__.meta_types=({'name':'User Folder',
+                'action':'manage_addUserFolder'
+	       },
+	       )
+
+__.methods={'manage_addUserFolder':
+             User.manage_addUserFolder,
+	    }
--- a/lib/python/AccessControl/www/UserFolder_icon.gif
+++ b/lib/python/AccessControl/www/UserFolder_icon.gif