dSecurityManager.py

Revision 3303, 4.8 kB (checked in by paul, 1 year ago)

Reverted the behavior of _ to how we had it originally: you must explicitly
issue 'from dabo.dLocalize import _' instead of having _ in builtins,
which caused several hard-to-fix problems, and potentially others we
hadn't found yet.

You'll get errors until you add back any of those lines to your own apps.

Property svn:eol-style set to native

Line
1	# -- coding: utf-8 --
2	import time
3	from dabo.dObject import dObject
4	from dLocalize import _
5
6
7	class dSecurityManager(dObject):
8	"""Class providing security services for Dabo applications, such as the
9	user logging in.
10	"""
11	def login(self):
12	"""Ask the ui to display the login form to the user.
13
14	Validate the results, and return True if validation succeeds.
15	"""
16
17	ret = False
18	message = self.LoginMessage
19	for attempt in range(self.LoginAttemptsAllowed):
20	if attempt > 0:
21	message = _("Login incorrect, please try again. (%s/%s)") % (
22	attempt+1, self.LoginAttemptsAllowed)
23	user, password = self.Application.getLoginInfo(message)
24
25	if user is None:
26	# login form canceled.
27	break
28
29	if self.validateLogin(user, password):
30	self.__userName = user
31	self.UserCaption = self.getUserCaptionFromUserName(user)
32	self.__userGroups = self.getUserGroupsFromUserName(user)
33	ret = True
34	break
35	else:
36	self.__userName = None
37	self.UserCaption = ''
38	self.__userGroups = ()
39	time.sleep(self.LoginPause)
40
41	if ret:
42	self.afterLoginSuccess()
43	else:
44	self.afterLoginFailure()
45	return ret
46
47
48	def afterLoginFailure(self):
49	""" Subclass hook called after an unsuccessful login attempt."""
50	pass
51
52
53	def afterLoginSuccess(self):
54	""" Subclass hook called after a successful login."""
55	pass
56
57
58	def getUserCaptionFromUserName(self, userName):
59	""" Return a descriptive name of the user from the short userName.
60
61	This is a subclass hook: you should override this method with your own
62	code that converts the short userName into something more descriptive,
63	such as 'pmcnett' -> 'Paul McNett'. The default behavior just echoes
64	back the userName.
65	"""
66	return userName
67
68
69	def getUserGroupsFromUserName(self, userName):
70	""" Return the tuple of groups that userName belongs to.
71
72	This is a subclass hook: you must override this method with your own
73	code that returns a tuple filled with the groups the user belongs to.
74	The identifiers used for the groups must match the group identifiers
75	as coded in your business objects.
76	"""
77	return ()
78
79
80	def validateLogin(self, user, password):
81	""" Return True if the passed user and password combination is valid.
82
83	This is a subclass hook: you must override this method with your own
84	code that does whatever is required to verify the login info. This would
85	probably include looking up the information in a database.
86	"""
87	return False
88
89
90	def _getLoginAttemptsAllowed(self):
91	try:
92	return self._loginAttemptsAllowed
93	except AttributeError:
94	return 3
95
96	def _setLoginAttemptsAllowed(self, value):
97	self._loginAttemptsAllowed = int(value)
98
99
100	def _getLoginMessage(self):
101	try:
102	m = self._loginMessage
103	except AttributeError:
104	m = self._loginMessage = _("Please enter your login information.")
105	return m
106
107	def _setLoginMessage(self, val):
108	self._loginMessage = val
109
110
111	def _getLoginPause(self):
112	try:
113	return self._loginPause
114	except AttributeError:
115	return 0.25
116
117	def _setLoginPause(self, value):
118	self._loginPause = float(value)
119
120
121	def _getRequireAppLogin(self):
122	try:
123	return self._requireAppLogin
124	except AttributeError:
125	return True
126
127	def _setRequireAppLogin(self, value):
128	self._requireAppLogin = bool(value)
129
130
131	def _getUserName(self):
132	try:
133	return self.__userName
134	except AttributeError:
135	return None
136
137
138	def _getUserCaption(self):
139	try:
140	return self._userCaption
141	except AttributeError:
142	return ''
143
144	def _setUserCaption(self, value):
145	if isinstance(value, basestring):
146	self._userCaption = value
147	else:
148	raise TypeError, 'User caption must be string or unicode.'
149
150
151	def _getUserGroups(self):
152	try:
153	return self.__userGroups
154	except AttributeError:
155	return ()
156
157	LoginAttemptsAllowed = property(_getLoginAttemptsAllowed, _setLoginAttemptsAllowed, None,
158	_("""Specifies the number of attempts the user has to login successfully."""))
159
160	LoginMessage = property(_getLoginMessage, _setLoginMessage, None,
161	_("""Specifies the message to initially display on the login form."""))
162
163	LoginPause = property(_getLoginPause, _setLoginPause, None,
164	_("""Number of seconds to wait between successive login attempts."""))
165
166	RequireAppLogin = property(_getRequireAppLogin, _setRequireAppLogin, None,
167	_("""Specifies whether the user is required to login at app startup."""))
168
169	UserCaption = property(_getUserCaption, _setUserCaption, None,
170	_("""The long descriptive name of the logged-on user."""))
171
172	UserGroups = property(_getUserGroups, None, None,
173	_("""The tuple of groups that the user belongs to.
174
175	Business objects can be configured to selectively allow/deny various types
176	of access based on the group(s) of the logged-in user."""))
177
178	UserName = property(_getUserName, None, None,
179	_("""The name of the logged-on user. Read-only."""))
180
181

Note: See TracBrowser for help on using the browser.

root/trunk/dabo/dSecurityManager.py

Download in other formats: