[gen] Bugfix: one could authentify with a ldap user even if ldap.enabled was False.

This commit is contained in:
Gaetan Delannay 2015-01-21 14:30:42 +01:00
parent 30dbcb7dc7
commit 307f4e152e
5 changed files with 17 additions and 15 deletions

View file

@ -283,7 +283,7 @@ class ZopeInstaller:
# "select" field, because it will be necessary for displaying the
# translated state name.
state = gen.String(validator=gen.Selection('listStates'),
show='result', persist=False, indexed=True)
show='result', persist=False, indexed=True, height=5)
state.init('state', None, 'workflow')
setattr(wrapperClass, 'state', state)
# Special field "SearchableText" must be added fot every class and

View file

@ -21,6 +21,8 @@ except ImportError:
# Global JS internationalized messages that will be computed in every page -----
jsMessages = ('no_elem_selected', 'action_confirm', 'save_confirm',
'warn_leave_form')
# Error messages ---------------------------------------------------------------
USER_NOT_FOUND = 'User %s not found. Probably a problem implying several ' \
'Appy apps put behind the same domain name or dev machine.'
@ -917,16 +919,16 @@ class ToolMixin(BaseMixin):
if authentify and not login: return
# Now, get the User instance
if source == 'zodb':
# Get the User object, but only if it is a true local user.
# Get the User object, but only if it is a true local user
user = tool.search1('User', noSecurity=True, login=login)
if user and (user.source != 'zodb'): user = None # Not a local one.
if user and (user.source != 'zodb'): user = None # Not a local one
elif source == 'ldap':
user = None
cfg = self.getProductConfig(True).ldap
if cfg: user = cfg.getUser(self.appy(), login, password)
elif source == 'any':
# Get the user object, be it really local or a copy of a LDAP user
user = tool.search1('User', noSecurity=True, login=login)
user = self.getUser(source='zodb') or self.getUser(source='ldap')
if not user: return
# Authentify the user if required
if authentify:
@ -937,9 +939,9 @@ class ToolMixin(BaseMixin):
k = 'HTTP_AUTHORIZATION'
req._auth = req[k] = req._orig_env[k] = None
return
# Create an authentication cookie for this user.
# Create an authentication cookie for this user
gutils.writeCookie(login, password, req)
# Cache the user and some precomputed values, for performance.
# Cache the user and some precomputed values, for performance
req.user = user
req.userRoles = user.getRoles()
req.userLogins = user.getLogins()
@ -956,8 +958,7 @@ class ToolMixin(BaseMixin):
msg = self.translate('enable_cookies')
return self.goto(urlBack, msg)
# Authenticate the user
if self.getUser(authentify=True) or \
self.getUser(authentify=True, source='ldap'):
if self.getUser(authentify=True, source='any'):
msg = self.translate('login_ok')
logMsg = 'logged in.'
else:

View file

@ -97,6 +97,7 @@ input.buttonFixed { width:110px; padding: 0 0 0 10px }
.portletCurrent { font-weight: bold }
.inputSearch { height: 15px; width: 132px; margin: 3px 3px 2px 3px !important }
td.search { padding-top: 8px }
.searchFields { width: 100%; margin-bottom: 8px }
.content { padding: 9px; background-color: #fbfbfb }
.popup { display: none; position: absolute; top: 30%; left: 35%;
width: 350px; z-index : 100; background: white; padding: 8px;

View file

@ -603,7 +603,7 @@ class ToolWrapper(AbstractWrapper):
<input type="hidden" name="className" value=":className"/>
<input if="refInfo" type="hidden" name="ref" value=":refInfo"/>
<table width="100%">
<table class="searchFields">
<tr for="searchRow in ztool.getGroupedSearchFields(searchInfo)"
valign="top">
<td for="field in searchRow" class="search"
@ -617,11 +617,9 @@ class ToolWrapper(AbstractWrapper):
</table>
<!-- Submit button -->
<p align=":dright"><br/>
<input var="label=_('search_button');
css=ztool.getButtonCss(label, small=False)" type="submit"
class=":css" value=":label" style=":url('search', bg=True)"/>
</p>
</form>
</x>''', template=AbstractWrapper.pxTemplate, hook='content')

View file

@ -1244,7 +1244,9 @@ class AbstractWrapper(object):
o = self.o
workflow = o.getWorkflow()
for name in dir(workflow):
if getattr(workflow, name).__class__.__name__ != 'State': continue
state = getattr(workflow, name)
if state.__class__.__name__ != 'State': continue
if state.isIsolated(workflow) : continue
res.append((name, o.translate(o.getWorkflowLabel(name))))
return res