138 lines
4.4 KiB
Plaintext
138 lines
4.4 KiB
Plaintext
import os
|
|
|
|
from quixote import get_publisher, get_response, get_session, redirect, get_session_manager
|
|
from quixote.directory import Directory
|
|
from quixote.util import StaticDirectory
|
|
|
|
import admin
|
|
import backoffice
|
|
import liberty
|
|
from qommon import saml2
|
|
|
|
from qommon import errors
|
|
from qommon import logger
|
|
from qommon import get_cfg
|
|
from qommon import template
|
|
from qommon.form import *
|
|
import qommon.ident
|
|
|
|
from users import User
|
|
|
|
|
|
class IdentDirectory(Directory):
|
|
def _q_lookup(self, component):
|
|
get_response().breadcrumb.append(('ident/', None))
|
|
return qommon.ident.get_method_directory(component)
|
|
|
|
|
|
class LoginDirectory(Directory):
|
|
_q_exports = ['']
|
|
|
|
def _q_index [html] (self):
|
|
logger.info('login')
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
|
|
if len(ident_methods) == 0:
|
|
idps = get_cfg('idp', {})
|
|
if len(idps) == 0:
|
|
return template.error_page(_('Authentication subsystem is not yet configured.'))
|
|
ident_methods = ['idp'] # fallback to old behaviour; liberty.
|
|
|
|
if len(ident_methods) == 1:
|
|
method = ident_methods[0]
|
|
return qommon.ident.login(method)
|
|
else:
|
|
form = Form(enctype='multipart/form-data')
|
|
form.add(RadiobuttonsWidget, 'method',
|
|
options = [(x.key, _(x.description)) \
|
|
for x in qommon.ident.get_method_classes() if \
|
|
x.key in ident_methods],
|
|
delim = '<br/>')
|
|
form.add_submit('submit', _('Submit'))
|
|
|
|
if form.is_submitted() and not form.has_errors():
|
|
method = form.get_widget('method').parse()
|
|
if qommon.ident.base.ident_classes[method]().is_interactive():
|
|
return redirect('../ident/%s/login' % method)
|
|
else:
|
|
return qommon.ident.login(method)
|
|
else:
|
|
template.html_top(_('Login'))
|
|
'<p>%s</p>' % _('Select the identification method you want to use :')
|
|
form.render()
|
|
|
|
class RegisterDirectory(Directory):
|
|
_q_exports = ['']
|
|
|
|
def _q_index [html] (self):
|
|
logger.info('register')
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
|
|
if len(ident_methods) == 0:
|
|
idps = get_cfg('idp', {})
|
|
if len(idps) == 0:
|
|
return template.error_page(_('Authentication subsystem is not yet configured.'))
|
|
ident_methods = ['idp'] # fallback to old behaviour; liberty.
|
|
|
|
if len(ident_methods) == 1:
|
|
method = ident_methods[0]
|
|
return qommon.ident.register(method)
|
|
else:
|
|
pass # XXX: register page when there is more than one ident method
|
|
|
|
def _q_lookup(self, component):
|
|
return qommon.ident.get_method_directory(component)
|
|
|
|
|
|
class RootDirectory(Directory):
|
|
_q_exports = ['', 'admin', 'backoffice', 'login', 'logout', 'liberty', 'saml',
|
|
'ident', 'register']
|
|
|
|
def _q_index [html] (self):
|
|
template.html_top('Lasso Conformance SP')
|
|
|
|
|
|
def logout(self):
|
|
logger.info('logout')
|
|
session = get_session()
|
|
if not session:
|
|
return redirect('/')
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
if not 'idp' in ident_methods:
|
|
get_session_manager().expire_session()
|
|
return redirect('/')
|
|
|
|
# add settings to disable single logout?
|
|
# (and to set it as none/get/soap?)
|
|
return self.liberty.singleLogout()
|
|
|
|
def _q_traverse(self, path):
|
|
session = get_session()
|
|
if session:
|
|
get_request().user = session.get_user()
|
|
else:
|
|
get_request().user = None
|
|
|
|
response = get_response()
|
|
response.filter = {}
|
|
if not hasattr(response, 'breadcrumb'):
|
|
response.breadcrumb = [ ('', _('Home')) ]
|
|
|
|
return Directory._q_traverse(self, path)
|
|
|
|
def _q_lookup(self, component):
|
|
if component == 'themes':
|
|
dirname = os.path.join(get_publisher().data_dir, 'themes')
|
|
return StaticDirectory(dirname, follow_symlinks = True)
|
|
|
|
raise errors.TraversalError()
|
|
|
|
admin = admin.RootDirectory()
|
|
backoffice = backoffice.RootDirectory()
|
|
saml = saml2.Saml2Directory()
|
|
liberty = liberty.LibertyDirectory()
|
|
login = LoginDirectory()
|
|
register = RegisterDirectory()
|
|
ident = IdentDirectory()
|
|
|