[gen] Bugfix: one could authentify with a ldap user even if ldap.enabled was False.

2015-01-21 14:30:42 +01:00 · 2015-01-21 14:30:42 +01:00 · 307f4e152e
parent 30dbcb7dc7
commit 307f4e152e
5 changed files with 17 additions and 15 deletions
--- a/gen/installer.py
+++ b/gen/installer.py
@ -283,7 +283,7 @@ class ZopeInstaller:
            # "select" field, because it will be necessary for displaying the
            # translated state name.
            state = gen.String(validator=gen.Selection('listStates'),
-                               show='result', persist=False, indexed=True)
+                           show='result', persist=False, indexed=True, height=5)
            state.init('state', None, 'workflow')
            setattr(wrapperClass, 'state', state)
            # Special field "SearchableText" must be added fot every class and
--- a/gen/mixins/ToolMixin.py
+++ b/gen/mixins/ToolMixin.py
@ -21,6 +21,8 @@ except ImportError:
 # Global JS internationalized messages that will be computed in every page -----
 jsMessages = ('no_elem_selected', 'action_confirm', 'save_confirm',
              'warn_leave_form')
+
+# Error messages ---------------------------------------------------------------
 USER_NOT_FOUND = 'User %s not found. Probably a problem implying several ' \
                 'Appy apps put behind the same domain name or dev machine.'

@ -917,16 +919,16 @@ class ToolMixin(BaseMixin):
        if authentify and not login: return
        # Now, get the User instance
        if source == 'zodb':
-            # Get the User object, but only if it is a true local user.
+            # Get the User object, but only if it is a true local user
            user = tool.search1('User', noSecurity=True, login=login)
-            if user and (user.source != 'zodb'): user = None # Not a local one.
+            if user and (user.source != 'zodb'): user = None # Not a local one
        elif source == 'ldap':
            user = None
            cfg = self.getProductConfig(True).ldap
            if cfg: user = cfg.getUser(self.appy(), login, password)
        elif source == 'any':
            # Get the user object, be it really local or a copy of a LDAP user
-            user = tool.search1('User', noSecurity=True, login=login)
+            user = self.getUser(source='zodb') or self.getUser(source='ldap')
        if not user: return
        # Authentify the user if required
        if authentify:
@ -937,9 +939,9 @@ class ToolMixin(BaseMixin):
                k = 'HTTP_AUTHORIZATION'
                req._auth = req[k] = req._orig_env[k] = None
                return
-            # Create an authentication cookie for this user.
+            # Create an authentication cookie for this user
            gutils.writeCookie(login, password, req)
-        # Cache the user and some precomputed values, for performance.
+        # Cache the user and some precomputed values, for performance
        req.user = user
        req.userRoles = user.getRoles()
        req.userLogins = user.getLogins()
@ -956,8 +958,7 @@ class ToolMixin(BaseMixin):
            msg = self.translate('enable_cookies')
            return self.goto(urlBack, msg)
        # Authenticate the user
-        if self.getUser(authentify=True) or \
-           self.getUser(authentify=True, source='ldap'):
+        if self.getUser(authentify=True, source='any'):
            msg = self.translate('login_ok')
            logMsg = 'logged in.'
        else:
--- a/gen/ui/appy.css
+++ b/gen/ui/appy.css
@ -97,6 +97,7 @@ input.buttonFixed { width:110px; padding: 0 0 0 10px }
 .portletCurrent { font-weight: bold }
 .inputSearch { height: 15px; width: 132px; margin: 3px 3px 2px 3px !important }
 td.search { padding-top: 8px }
+.searchFields { width: 100%; margin-bottom: 8px }
 .content { padding: 9px; background-color: #fbfbfb }
 .popup { display: none; position: absolute; top: 30%; left: 35%;
         width: 350px; z-index : 100; background: white; padding: 8px;
--- a/gen/wrappers/ToolWrapper.py
+++ b/gen/wrappers/ToolWrapper.py
@ -603,7 +603,7 @@ class ToolWrapper(AbstractWrapper):
       <input type="hidden" name="className" value=":className"/>
       <input if="refInfo" type="hidden" name="ref" value=":refInfo"/>

-       <table width="100%">
+       <table class="searchFields">
        <tr for="searchRow in ztool.getGroupedSearchFields(searchInfo)"
            valign="top">
         <td for="field in searchRow" class="search"
@ -617,11 +617,9 @@ class ToolWrapper(AbstractWrapper):
       </table>

       <!-- Submit button -->
-       <p align=":dright"><br/>
-        <input var="label=_('search_button');
-                    css=ztool.getButtonCss(label, small=False)" type="submit"
-               class=":css" value=":label" style=":url('search', bg=True)"/>
-       </p>
+       <input var="label=_('search_button');
+                   css=ztool.getButtonCss(label, small=False)" type="submit"
+              class=":css" value=":label" style=":url('search', bg=True)"/>
      </form>
     </x>''', template=AbstractWrapper.pxTemplate, hook='content')

--- a/gen/wrappers/init.py
+++ b/gen/wrappers/init.py
@ -1244,7 +1244,9 @@ class AbstractWrapper(object):
        o = self.o
        workflow = o.getWorkflow()
        for name in dir(workflow):
-            if getattr(workflow, name).__class__.__name__ != 'State': continue
+            state = getattr(workflow, name)
+            if state.__class__.__name__ != 'State': continue
+            if state.isIsolated(workflow) : continue
            res.append((name, o.translate(o.getWorkflowLabel(name))))
        return res