Logo Search packages:      
Sourcecode: zope-ldapuserfolder version File versions

def LDAPUserFolder::LDAPUserSatellite::LDAPUserSatellite::getAdditionalRoles (   self,
  user,
  already_added = () 
)

extend the user roles 

Definition at line 181 of file LDAPUserSatellite.py.

00181                                                         :
        """ extend the user roles """
        my_path = self.absolute_url(1)
        add_role_dict = {}
        if user is None:
            return []

        if self.recurse == 1:
            self_path = self.getPhysicalPath()
            other_satellites = self.superValues('LDAPUserSatellite')
            other_satellites.reverse()

            for sat in other_satellites:
                if sat.getPhysicalPath() != self_path:
                    add_role_list = sat.getAdditionalRoles(user, already_added)
                    newly_added = {}

                    for add_role in add_role_list:
                        newly_added[add_role] = 1

                    for add_role in already_added:
                        newly_added[add_role] = 1

                    already_added = tuple(newly_added.keys())

        luf = self.getLUF()
        user_id = user.getId()
        user_expiration = user._created + luf.getCacheTimeout('authenticated')

        if ( self._v_cache.has_key(user_id) and
             self._v_expiration.get(user_id, 0) >= user_expiration ):
            self.verbose > 6 and self._log.log(7, 'Used cached "%s"' % user_id)
            return self._v_cache.get(user_id)

        if self.groups_base:   # We were given a search base, so search there
            user_dn = user.getUserDN()
            group_filter = '(|(uniquemember=%s)(member=%s))' % (user_dn, user_dn)

            res = luf._delegate.search( self.groups_base
                                      , self.groups_scope
                                      , group_filter
                                      , attrs = ['dn', 'cn']
                                      )

            if res['size'] > 0:
                resultset = res['results']
                for i in range(res['size']):
                    dn = resultset[i].get('dn')
                    try:
                        cn = resultset[i].get('cn')[0]
                    except KeyError:    # NDS oddity
                        cn = explode_dn(dn, 1)[0]

                    add_role_dict[cn] = 1

        for add_role in already_added:
            add_role_dict[add_role] = 1
        already_added = ()

        if self.groups_map:     # We have a group mapping, so map away
            roles = list(user.getRoles())
            roles.extend(add_role_dict.keys())

            for role in roles:
                mapped_roles = self.groups_map.get(role, [])
                for mapped_role in mapped_roles:
                    if mapped_role:
                        add_role_dict[mapped_role] = 1

        added_roles = add_role_dict.keys()

        if added_roles and self.verbose > 4:
            add_roles = ', '.join(added_roles)
            msg = 'Added roles %s to user %s' % (add_roles, user_id)
            self._log.log(5, msg)

        self._cacheRoles(user_id, added_roles, user_expiration)

        return added_roles


    security.declareProtected(manage_users, 'getLUF')
    def getLUF(self):


Generated by  Doxygen 1.6.0   Back to index