Commit a9ed235d authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_*: Drop Facebook/Google support

  Currently, it is not used on general code. Since it is not used
  we are dropping from our codebase. Nothing prevents other projects
  include it in future.
parent a1e6815c
...@@ -61,8 +61,7 @@ class TestSlapOSSecurityMixin(SlapOSTestCaseMixin): ...@@ -61,8 +61,7 @@ class TestSlapOSSecurityMixin(SlapOSTestCaseMixin):
for _, plugin in uf._getOb('plugins').listPlugins( for _, plugin in uf._getOb('plugins').listPlugins(
IAuthenticationPlugin ): IAuthenticationPlugin ):
if plugin.authenticateCredentials( if plugin.authenticateCredentials(
{'login_portal_type': ('ERP5 Login', 'Certificate Login', {'login_portal_type': ('ERP5 Login', 'Certificate Login'),
'Facebook Login', 'Google Login'),
'external_login': login}) is not None: 'external_login': login}) is not None:
break break
else: else:
...@@ -316,19 +315,6 @@ class TestSlapOSPersonSecurity(TestSlapOSSecurityMixin): ...@@ -316,19 +315,6 @@ class TestSlapOSPersonSecurity(TestSlapOSSecurityMixin):
def test_inactive_erp5_login(self): def test_inactive_erp5_login(self):
self.test_inactive(login_portal_type="ERP5 Login") self.test_inactive(login_portal_type="ERP5 Login")
def test_active_facebook_login(self):
self.test_active(login_portal_type="Facebook Login")
def test_inactive_facebook_login(self):
self.test_inactive(login_portal_type="Facebook Login")
def test_active_google_login(self):
self.test_active(login_portal_type="Google Login")
def test_inactive_google_login(self):
self.test_inactive(login_portal_type="Google Login")
def test_suite(): def test_suite():
suite = unittest.TestSuite() suite = unittest.TestSuite()
suite.addTest(unittest.makeSuite(TestSlapOSComputeNodeSecurity)) suite.addTest(unittest.makeSuite(TestSlapOSComputeNodeSecurity))
......
<type_roles>
<role id='Assignee'>
<property id='title'>The User Himself</property>
<property id='condition'>python: here.getParentValue().getPortalType() == "Person"</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromParent</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles>
<role id='Assignee'>
<property id='title'>The User Himself</property>
<property id='condition'>python: here.getParentValue().getPortalType() == "Person"</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromParent</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
...@@ -26,7 +26,7 @@ ...@@ -26,7 +26,7 @@
<role id='Auditor'> <role id='Auditor'>
<property id='title'>The Shadow User Himself</property> <property id='title'>The Shadow User Himself</property>
<property id='description'>Monovalued role</property> <property id='description'>Monovalued role</property>
<property id='condition'>python: here.objectValues(portal_type=["ERP5 Login", "Google Login", "Facebook Login", "Certificate Login"])</property> <property id='condition'>python: here.objectValues(portal_type=here.getPortalLoginTypeList())</property>
<property id='base_category_script'>Person_getSecurityCategoryFromSelfShadow</property> <property id='base_category_script'>Person_getSecurityCategoryFromSelfShadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property> <multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
...@@ -34,7 +34,7 @@ ...@@ -34,7 +34,7 @@
<role id='Assignee'> <role id='Assignee'>
<property id='title'>The User Himself</property> <property id='title'>The User Himself</property>
<property id='description'>Monovalued role</property> <property id='description'>Monovalued role</property>
<property id='condition'>python: here.objectValues(portal_type=["ERP5 Login", "Google Login", "Facebook Login", "Certificate Login"])</property> <property id='condition'>python: here.objectValues(portal_type=here.getPortalLoginTypeList())</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
......
oauth_login_list = []
portal_skin = context.getPortalObject().portal_skins
if getattr(portal_skin, "erp5_oauth_google_login", None) is not None:
connector = context.ERP5Site_getGoogleConnector()
if connector and connector[0].getClientId() is not None:
oauth_login_list.append("google")
if getattr(portal_skin, "erp5_oauth_facebook_login", None) is not None:
connector = context.ERP5Site_getFacebookConnector()
if connector and connector[0].getClientId() is not None:
oauth_login_list.append("facebook")
if getattr(portal_skin, "erp5_openid_connect_client", None) is not None:
oauth_login_list.append("openidconnect")
return oauth_login_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Site_getAvailableOAuthLoginList</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -2,11 +2,8 @@ portal = context.getPortalObject() ...@@ -2,11 +2,8 @@ portal = context.getPortalObject()
slapos_plugin_dict = { slapos_plugin_dict = {
'IExtractionPlugin': [ 'IExtractionPlugin': [
'ERP5 Dumb HTTP Extraction Plugin', 'ERP5 Dumb HTTP Extraction Plugin',
'ERP5 Facebook Extraction Plugin',
'ERP5 External Authentication Plugin', 'ERP5 External Authentication Plugin',
'ERP5 Access Token Extraction Plugin', 'ERP5 Access Token Extraction Plugin',
'ERP5 Google Extraction Plugin',
'ERP5 Facebook Extraction Plugin'
], ],
'IGroupsPlugin': [ 'IGroupsPlugin': [
'ZODB Group Manager', 'ZODB Group Manager',
......
...@@ -115,28 +115,6 @@ class TestSlapOSAuthenticationPolicyL(SlapOSTestCaseMixin): ...@@ -115,28 +115,6 @@ class TestSlapOSAuthenticationPolicyL(SlapOSTestCaseMixin):
document=self._makeDummySoftwareInstance(), document=self._makeDummySoftwareInstance(),
login_portal_type="Certificate Login") login_portal_type="Certificate Login")
def test_block_GoogleLogin_on_person(self):
person = self.makePerson(self.addProject(), user=0)
person.edit(
first_name="SOMENAME",
last_name="LASTNAME"
)
self._test_login_donot_block(
document=person,
login_portal_type="Google Login"
)
def test_block_FacebookLogin_on_person(self):
person = self.makePerson(self.addProject(), user=0)
person.edit(
first_name="SOMENAME",
last_name="LASTNAME"
)
self._test_login_donot_block(
document=person,
login_portal_type="Facebook Login"
)
def _test_expire(self, document, login_portal_type): def _test_expire(self, document, login_portal_type):
request = self.app.REQUEST request = self.app.REQUEST
login = self._makeLogin( login = self._makeLogin(
...@@ -209,24 +187,3 @@ class TestSlapOSAuthenticationPolicyL(SlapOSTestCaseMixin): ...@@ -209,24 +187,3 @@ class TestSlapOSAuthenticationPolicyL(SlapOSTestCaseMixin):
document=self._makeDummySoftwareInstance(), document=self._makeDummySoftwareInstance(),
login_portal_type="Certificate Login") login_portal_type="Certificate Login")
def test_expire_GoogleLogin_on_person(self):
person = self.makePerson(self.addProject(), user=0)
person.edit(
first_name="SOMENAME",
last_name="LASTNAME"
)
self._test_dont_expire_when_password_isnt_set(
document=person,
login_portal_type="Google Login"
)
def test_expire_FacebookLogin_on_person(self):
person = self.makePerson(self.addProject(), user=0)
person.edit(
first_name="SOMENAME",
last_name="LASTNAME"
)
self._test_dont_expire_when_password_isnt_set(
document=person,
login_portal_type="Facebook Login"
)
...@@ -217,7 +217,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template): ...@@ -217,7 +217,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
'slapos_base/Login_isPasswordExpired', 'slapos_base/Login_isPasswordExpired',
'slapos_base/Login_notifyPasswordExpire', 'slapos_base/Login_notifyPasswordExpire',
'slapos_base/Person_applyContractInvitation', 'slapos_base/Person_applyContractInvitation',
'slapos_base/ERP5Site_getAvailableOAuthLoginList',
'slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency', 'slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency',
'slapos_erp5/CatalogTool_checkNoneCreationDateConsistency', 'slapos_erp5/CatalogTool_checkNoneCreationDateConsistency',
'slapos_panel_compatibility/Base_getComputerToken', 'slapos_panel_compatibility/Base_getComputerToken',
...@@ -292,7 +291,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template): ...@@ -292,7 +291,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
'slapos_parameter_editor/SoftwareProductModule_updateParameterEditorTestDialog', 'slapos_parameter_editor/SoftwareProductModule_updateParameterEditorTestDialog',
'slapos_parameter_editor/SoftwareProductModule_validateParameterEditorTestDialog', 'slapos_parameter_editor/SoftwareProductModule_validateParameterEditorTestDialog',
'slapos_parameter_editor/SoftwareProductModule_validateSoftwareReleaseForParameterEditorTestDialog', 'slapos_parameter_editor/SoftwareProductModule_validateSoftwareReleaseForParameterEditorTestDialog',
'slapos_web_renderjs_ui/ERP5Site_callbackFacebookLogin',
'slapos_web_renderjs_ui/PasswordTool_changeUserPassword', 'slapos_web_renderjs_ui/PasswordTool_changeUserPassword',
'slapos_web_renderjs_ui/WebSection_getDocumentValue', 'slapos_web_renderjs_ui/WebSection_getDocumentValue',
'slapos_web_renderjs_ui/WebSection_getLoginWarningMessage', 'slapos_web_renderjs_ui/WebSection_getLoginWarningMessage',
......
...@@ -1825,27 +1825,6 @@ class TestERP5Login(TestSlapOSGroupRoleSecurityMixin): ...@@ -1825,27 +1825,6 @@ class TestERP5Login(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(delivery, self.user_id, ['Owner']) self.assertRoles(delivery, self.user_id, ['Owner'])
self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee']) self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
class TestFacebookLogin(TestSlapOSGroupRoleSecurityMixin):
def test_FacebookLogin_selfUser(self):
delivery = self.portal.person_module.newContent(
portal_type='Person').newContent(portal_type='Facebook Login')
self.assertSecurityGroup(delivery,
[delivery.getParentValue().getUserId(), self.user_id], False)
self.assertRoles(delivery, self.user_id, ['Owner'])
self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
class TestGoogleLogin(TestSlapOSGroupRoleSecurityMixin):
def test_GoogleLogin_selfUser(self):
delivery = self.portal.person_module.newContent(
portal_type='Person').newContent(portal_type='Google Login')
self.assertSecurityGroup(delivery,
[delivery.getParentValue().getUserId(), self.user_id], False)
self.assertRoles(delivery, self.user_id, ['Owner'])
self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
class TestCertificateLogin(TestSlapOSGroupRoleSecurityMixin): class TestCertificateLogin(TestSlapOSGroupRoleSecurityMixin):
def test_CertificateLogin_person(self): def test_CertificateLogin_person(self):
delivery = self.portal.person_module.newContent( delivery = self.portal.person_module.newContent(
......
...@@ -60,7 +60,6 @@ erp5_administration ...@@ -60,7 +60,6 @@ erp5_administration
erp5_authentication_policy erp5_authentication_policy
erp5_auto_logout erp5_auto_logout
erp5_base erp5_base
erp5_bearer_token
erp5_big_file erp5_big_file
erp5_ckeditor erp5_ckeditor
erp5_code_mirror erp5_code_mirror
...@@ -92,9 +91,6 @@ erp5_json_editor ...@@ -92,9 +91,6 @@ erp5_json_editor
erp5_json_type erp5_json_type
erp5_monaco_editor erp5_monaco_editor
erp5_notebook erp5_notebook
erp5_oauth
erp5_oauth_facebook_login
erp5_oauth_google_login
erp5_ods_core erp5_ods_core
erp5_odt_core erp5_odt_core
erp5_ooo_import erp5_ooo_import
......
...@@ -33,9 +33,7 @@ Document Ingestion Module ...@@ -33,9 +33,7 @@ Document Ingestion Module
Document Module Document Module
ERP5 Login ERP5 Login
Event Module Event Module
Facebook Login
Fax Message Fax Message
Google Login
Hosting Subscription Hosting Subscription
Hosting Subscription Module Hosting Subscription Module
Incident Response Incident Response
......
...@@ -3,8 +3,6 @@ erp5_access_token ...@@ -3,8 +3,6 @@ erp5_access_token
erp5_commerce erp5_commerce
erp5_credential_oauth2 erp5_credential_oauth2
erp5_access_token erp5_access_token
erp5_oauth_google_login
erp5_oauth_facebook_login
slapos_payzen slapos_payzen
slapos_wechat slapos_wechat
slapos_crm slapos_crm
......
import time
def handleError(error):
context.REQUEST.RESPONSE.setStatus(401)
if error is not None:
return handleError(error)
elif code is not None:
portal = context.getPortalObject()
response_dict = context.ERP5Site_getFacebookAccessTokenFromCode(
code,
"{0}/ERP5Site_callbackFacebookLogin".format(context.absolute_url()))
if response_dict is not None:
access_token = response_dict['access_token'].encode('utf-8')
hash_str = context.Base_getHMAC(access_token, access_token)
response = context.REQUEST.RESPONSE
context.setAuthCookie(response, '__ac_facebook_hash', hash_str)
# store timestamp in second since the epoch in UTC is enough
response_dict["response_timestamp"] = time.time()
context.Base_setBearerToken(hash_str,
response_dict,
"facebook_server_auth_token_cache_factory")
user_dict = context.ERP5Site_getFacebookUserEntry(access_token)
user_reference = user_dict["reference"]
context.Base_setBearerToken(access_token,
{"reference": user_reference},
"facebook_server_auth_token_cache_factory")
method = getattr(context, "ERP5Site_createFacebookUserToOAuth", None)
if method is not None:
method(user_reference, user_dict)
person_relative_url = context.ERP5Site_getPersonFromFacebookLogin(user_reference)
came_from = portal.absolute_url() + "/#!login?n.me=%s" % (person_relative_url)
response.setHeader('Location', came_from)
response.setStatus(303)
else:
return handleError('')
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>code=None, error=None</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Auditor</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Site_callbackFacebookLogin</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -4,8 +4,6 @@ erp5_access_token ...@@ -4,8 +4,6 @@ erp5_access_token
erp5_commerce erp5_commerce
erp5_credential_oauth2 erp5_credential_oauth2
erp5_access_token erp5_access_token
erp5_oauth_google_login
erp5_oauth_facebook_login
slapos_payzen slapos_payzen
slapos_wechat slapos_wechat
slapos_crm slapos_crm
......
...@@ -274,13 +274,9 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -274,13 +274,9 @@ class testSlapOSMixin(ERP5TypeTestCase):
'erp5_web_service', 'erp5_web_service',
'erp5_graph_editor', 'erp5_graph_editor',
'slapos_l10n_zh', 'slapos_l10n_zh',
'erp5_bearer_token',
'erp5_certificate_authority', 'erp5_certificate_authority',
'erp5_access_token', 'erp5_access_token',
'erp5_project', 'erp5_project',
'erp5_oauth',
'erp5_oauth_facebook_login',
'erp5_oauth_google_login',
'erp5_run_my_doc', 'erp5_run_my_doc',
'erp5_slapos_tutorial', 'erp5_slapos_tutorial',
'erp5_slapos_tutorial_data', 'erp5_slapos_tutorial_data',
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment