From mboxrd@z Thu Jan 1 00:00:00 1970 From: rmccabe@sourceware.org Date: 19 Sep 2006 15:01:21 -0000 Subject: [Cluster-devel] conga/luci load_site.py plone-custom/join_form ... Message-ID: <20060919150121.15569.qmail@sourceware.org> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit CVSROOT: /cvs/cluster Module name: conga Changes by: rmccabe at sourceware.org 2006-09-19 15:01:21 Modified files: luci : load_site.py Added files: luci/plone-custom: join_form_validate.vpy logged_in.vpy login_form_validate.vpy login_next.vpy Log message: add python form validator controls for login Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/load_site.py.diff?cvsroot=cluster&r1=1.13&r2=1.14 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/join_form_validate.vpy.diff?cvsroot=cluster&r1=NONE&r2=1.1 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/logged_in.vpy.diff?cvsroot=cluster&r1=NONE&r2=1.1 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/login_form_validate.vpy.diff?cvsroot=cluster&r1=NONE&r2=1.1 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/login_next.vpy.diff?cvsroot=cluster&r1=NONE&r2=1.1 --- conga/luci/load_site.py 2006/09/18 21:23:45 1.13 +++ conga/luci/load_site.py 2006/09/19 15:01:20 1.14 @@ -1,5 +1,5 @@ #!/usr/bin/python -# $Id: load_site.py,v 1.13 2006/09/18 21:23:45 rmccabe Exp $ +# $Id: load_site.py,v 1.14 2006/09/19 15:01:20 rmccabe Exp $ ############################################################################## # @@ -163,6 +163,29 @@ def upload_js(object, f): upload_txt(object, f, t='text/javascript') +def upload_vpy(object, f): + dir, name = os.path.split(f) + + nobject = object.__class__(object.url+'/manage_addProduct/CMFFormController', + username=object.username, + password=object.password) + + dbid = name.split('.')[0] + + try: + call(nobject.manage_addControllerPythonScript, id=dbid, file=open(f,'rb')) + if verbose: print 'Uploaded', dbid + except: + if verbose: print name, 'exists trying to delete then upload again' + try: + call(object.manage_delObjects, ids=[dbid]) + if verbose: print 'Deleted', dbid + try: + call(nobject.manage_addControllerPythonScript, id=dbid, file=open(f,'rb')) + if verbose: print 'Uploaded', dbid + except: print 'Unable to upload', dbid + except: print 'Unable to delete', dbid + def upload_cpt(object, f): dir, name = os.path.split(f) /cvs/cluster/conga/luci/plone-custom/join_form_validate.vpy,v --> standard output revision 1.1 --- conga/luci/plone-custom/join_form_validate.vpy +++ - 2006-09-19 15:01:21.437044000 +0000 @@ -0,0 +1,13 @@ +## Controller Validator "join_form_validate" +##bind container=container +##bind context=context +##bind namespace= +##bind script=script +##bind state=state +##bind subpath=traverse_subpath +##parameters=username='',email='',password='',password_confirm='' +##title=validates the Registration of a User +## +from Products.CMFPlone import PloneMessageFactory as _ + +return state.set(status='failure_page') /cvs/cluster/conga/luci/plone-custom/logged_in.vpy,v --> standard output revision 1.1 --- conga/luci/plone-custom/logged_in.vpy +++ - 2006-09-19 15:01:21.522299000 +0000 @@ -0,0 +1,39 @@ +## Controller Python Script "logged_in" +##bind container=container +##bind context=context +##bind namespace= +##bind script=script +##bind state=state +##bind subpath=traverse_subpath +##parameters= +##title=Initial post-login actions +## +from Products.CMFPlone import PloneMessageFactory as _ +REQUEST=context.REQUEST + +# If someone has something on their clipboard, expire it. +if REQUEST.get('__cp', None) is not None: + REQUEST.RESPONSE.expireCookie('__cp', path='/') + +membership_tool=context.portal_membership +if membership_tool.isAnonymousUser(): + REQUEST.RESPONSE.expireCookie('__ac', path='/') + return state.set(status='failure') + +member = membership_tool.getAuthenticatedMember() +login_time = member.getProperty('login_time', '2000/01/01') +initial_login = int(str(login_time) == '2000/01/01') +state.set(initial_login=initial_login) + +must_change_password = member.getProperty('must_change_password', 0) +state.set(must_change_password=must_change_password) + +if initial_login: + state.set(status='initial_login') +elif must_change_password: + state.set(status='change_password') + +membership_tool.setLoginTimes() +membership_tool.createMemberArea() + +return state /cvs/cluster/conga/luci/plone-custom/login_form_validate.vpy,v --> standard output revision 1.1 --- conga/luci/plone-custom/login_form_validate.vpy +++ - 2006-09-19 15:01:21.605913000 +0000 @@ -0,0 +1,52 @@ +## Controller Validator "login_form_validate" +##bind container=container +##bind context=context +##bind namespace= +##bind script=script +##bind state=state +##bind subpath=traverse_subpath +##parameters= +##title=Validate login +## +from Products.CMFPlone import PloneMessageFactory as _ + +LOGIN_FAILED_MESSAGE = _(u'Login failed') + +request = context.REQUEST +js_enabled = request.get('js_enabled',0) # is javascript enabled? +js_enabled = js_enabled=='1' or js_enabled==1 +cookies_enabled = request.get('cookies_enabled',0) # are cookies enabled? +cookies_enabled = cookies_enabled=='1' or cookies_enabled==1 + +if not context.siteIsSetup(): + state.set(status='failure_page') + return state + +if js_enabled and not cookies_enabled: + state.set(status='enable_cookies') + return state + +mt=context.portal_membership +if mt.isAnonymousUser(): + if js_enabled: # javascript is enabled - we can diagnose the failure + auth = getattr(context, 'cookie_authentication', None) # using cookie authentication? + if auth: + user_name = request.get('login_name', None) + password_empty = request.get('pwd_empty', None)=='1' + ac_name = auth.name_cookie + ac_password = auth.pw_cookie + + if not user_name: + # no user name + state.setError(ac_name, _(u'Please enter your login name.'), 'login_name_required') + if password_empty: + state.setError(ac_password, _(u'Please enter your password.'), 'password_required') + verify_login_name = context.portal_properties.site_properties.getProperty('verify_login_name', 0) + if user_name and verify_login_name: + if mt.getMemberById(user_name) is None or password_empty: + state.setError(ac_password, _(u'Password incorrect.'), 'password_incorrect') + state.set(status='failure_page') + else: # no javascript - do low tech login failure + state.set(status='failure_page') + +return state /cvs/cluster/conga/luci/plone-custom/login_next.vpy,v --> standard output revision 1.1 --- conga/luci/plone-custom/login_next.vpy +++ - 2006-09-19 15:01:21.684150000 +0000 @@ -0,0 +1,59 @@ +## Controller Python Script "login_next" +##bind container=container +##bind context=context +##bind namespace= +##bind script=script +##bind state=state +##bind subpath=traverse_subpath +##parameters= +##title=Login next actions +## +from Products.CMFPlone import PloneMessageFactory as _ +from DateTime import DateTime +import ZTUtils + +REQUEST = context.REQUEST + +context.acl_users.credentials_cookie_auth.login() + +util = context.plone_utils +membership_tool=context.portal_membership +if membership_tool.isAnonymousUser(): + REQUEST.RESPONSE.expireCookie('__ac', path='/') + return state.set(status='failure_page') + +came_from = REQUEST.get('came_from', None) + +# if we weren't called from something that set 'came_from' or if HTTP_REFERER +# is the 'logged_out' page, return the default 'login_success' form +if came_from is not None: + scheme, location, path, parameters, query, fragment = util.urlparse(came_from) + template_id = path.split('/')[-1] + if template_id in ['login', 'login_success', 'login_password', 'login_failed', + 'login_form', 'logged_in', 'logged_out', 'registered', + 'mail_password', 'mail_password_form', 'join_form', + 'require_login', 'member_search_results']: + came_from = '' + # It is probably a good idea in general to filter out urls outside the portal. + # An added bonus: this fixes some problems with a Zope bug that doesn't + # properly unmangle the VirtualHostMonster stuff when setting ACTUAL_URL + if not context.portal_url.isURLInPortal(came_from): + came_from = '' +else: + came_from = '' + +if not came_from: + came_from = '/' + +js_enabled = REQUEST.get('js_enabled','1') != '0' +if came_from and js_enabled: + # If javascript is not enabled, it is possible that cookies are not enabled. + # If cookies aren't enabled, the redirect will log the user out, and confusion + # may arise. Redirect only if we know for sure that cookies are enabled. + + came_from = util.urlunparse((scheme, location, path, parameters, query, fragment)) + REQUEST.RESPONSE.redirect(came_from) + +state.set(came_from=came_from) + +return state