glasnost/shared/web/PasswordAccountsWeb.py

# -*- coding: iso-8859-15 -*-


# Glasnost
# By: Odile Bénassy <obenassy@entrouvert.com>
#     Romain Chantereau <rchantereau@entrouvert.com>
#     Nicolas Clapiès <nclapies@easter-eggs.org>
#     Pierre-Antoine Dejace <padejace@entrouvert.be>
#     Thierry Dulieu <tdulieu@easter-eggs.com>
#     Florent Monnier <monnier@codelutin.com>
#     Cédric Musso <cmusso@easter-eggs.org>
#     Frédéric Péters <fpeters@entrouvert.be>
#     Benjamin Poussin <poussin@codelutin.com>
#     Emmanuel Raviart <eraviart@entrouvert.com>
#     Sébastien Régnier <regnier@codelutin.com>
#     Emmanuel Saracco <esaracco@easter-eggs.com>
#
# Copyright (C) 2000, 2001 Easter-eggs & Emmanuel Raviart
# Copyright (C) 2002 Odile Bénassy, Code Lutin, Thierry Dulieu, Easter-eggs,
#     Entr'ouvert, Frédéric Péters, Benjamin Poussin, Emmanuel Raviart,
#     Emmanuel Saracco & Théridion
# Copyright (C) 2003 Odile Bénassy, Romain Chantereau, Nicolas Clapiès,
#     Code Lutin, Pierre-Antoine Dejace, Thierry Dulieu, Easter-eggs,
#     Entr'ouvert, Florent Monnier, Cédric Musso, Ouvaton, Frédéric Péters,
#     Benjamin Poussin, Rodolphe Quiédeville, Emmanuel Raviart, Sébastien
#     Régnier, Emmanuel Saracco, Théridion & Vecam
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.


__doc__ = """Glasnost Password Accounts Web"""

__version__ = '$Revision$'[11:-2]


import glasnost.common.context as context
import glasnost.common.faults as faults
import glasnost.common.ObjectsCommon as commonObjects
import glasnost.common.tools_new as commonTools
import glasnost.common.xhtmlgenerator as X

import glasnost.proxy.PasswordAccountsProxy as proxyPasswordAccounts

import ObjectsWeb as objects
from tools import accessForbidden, getWebForServerRole, writePageLayout


class AdminPasswordAccounts(objects.AdminMixin,
                            proxyPasswordAccounts.AdminPasswordAccounts):
    pass
objects.register(AdminPasswordAccounts)


class Login(objects.ObjectWebMixin, commonObjects.ObjectCommon):
    id_kindName = None

    language_kindName = None

    login = None
    class login_kindClass:
        _kindName = 'String'
        balloonHelp = N_('Enter the username you use on this site.')
        isRequired = 1
        isTranslatable = 0
        label = N_('Username')
        textMaxLength = 40
        widget_size = 15

    password = None
    class password_kindClass:
        _kindName = 'Password'
        balloonHelp = N_('Enter your secret password.')
        isRequired = 1
        label = N_('Password')
        textMaxLength = 15
        widget_size = 15


class PasswordAccount(objects.ObjectWebMixin,
                      proxyPasswordAccounts.PasswordAccount):
##     skipPassword = 1

##     def getEditLayoutSlotNames(self, fields, parentSlot = None):
##         slotNames = objects.ObjectWebMixin.getEditLayoutSlotNames(self,
##                 fields, parentSlot = parentSlot)
##         if self.skipPassword:
##             slotNames.remove('password')
##         return slotNames
    pass
objects.register(PasswordAccount)


class PasswordAccountsWeb(objects.ObjectsWebMixin,
                          proxyPasswordAccounts.PasswordAccountsProxy):
    def login(self):
        object = Login()
        return self.loginObject(object)
    login.isPublicForWeb = 1

    def loginObject(self, object):
        req = context.getVar('req')
        req.headers_out['Cache-Control'] = 'no-cache, must-revalidate'

##         object.skipPassword = 0
        context.push(_level = 'loginObject', layoutMode = 'edit')
        try:
            layout = X.array()

            if context.getVar('error'):
                layout += object.getErrorLayout()

            # The instruction submitUrl = X.actionUrl('loginSubmit')
            # doesn't work because the login method can be called from
            # IdentitiesWeb.
            submitUrl = X.roleUrl(self.serverRole, action = 'loginSubmit')
            if context.getVar('virtualHost').useHTTPS:
                hostNameAndPort = commonTools.makeHttpHostNameAndPort(
                        context.getVar('httpHostName'),
                        context.getVar('httpPort'))
                submitUrl = 'https://%s%s' % (hostNameAndPort, submitUrl)

            form = X.form(action = submitUrl, enctype = 'multipart/form-data',
                          method = 'post')
            layout += form

            if context.getVar('nextUri'):
                form += X.div(X.input(name = 'nextUri', type = 'hidden',
                                      value = context.getVar('nextUri')))

            form += object.getEditLayout(fields = None)

            buttonsBar = X.div(_class = 'buttons-bar')
            form += buttonsBar
            buttonsBar += X.buttonInForm('login', 'loginButton')
##             if 1: # TODO: check if emailPassword is available
##                 buttonsBar += X.buttonInForm(
##                         'send-password-by-email', 'sendButton')
            return writePageLayout(layout, _('Login'))
        finally:
            context.pull(_level = 'loginObject')

    def loginSubmit(self, **keywords):
        if keywords is None:
            keywords = {}
##         sendPasswordByEmail = isButtonSelected('sendButton', keywords)

        object = Login()
        object.submitFields(keywords)

        if context.getVar('again'):
            return self.loginObject(object)

##         if sendPasswordByEmail:
##             try:
##                 self.emailPassword(object)
##             except:
##                 return failure(_('An error occured while sending the password.'),
##                         X.rootUrl())
##             return success(_('The password has been sent successfully.'), X.rootUrl())

        try:
            userToken = self.checkObjectAuthentication(
                    object.login, object.password)
        except faults.WrongLogin, fault:
            context.getVar('error', 1)
            object.setError('self.login', fault)
            return self.loginObject(object)
        except faults.WrongPassword, fault:
            context.getVar('error', 1)
            object.setError('self.password', fault)
            return self.loginObject(object)
        except:
            if context.getVar('debug'):
                raise
            return accessForbidden()
        identitiesWeb = getWebForServerRole('identities')
        return identitiesWeb.loginSucceeded(userToken, 'password')
    loginSubmit.isPublicForWeb = 1