auth/authform.py: improving disassocitate
This commit is contained in:
Jérôme Schneider
parent
3487119773
commit
b60530da58
|
|
@ -298,6 +298,28 @@ a password_field key if you want to encode a password.")
|
|||
env['beaker.session'].delete()
|
||||
return response
|
||||
|
||||
def local_logout(self, env, values, request, response):
|
||||
logger.info('SP logout initiated by Mandaye')
|
||||
self.logout(env, values, request, response)
|
||||
|
||||
next_url = None
|
||||
qs = parse_qs(env['QUERY_STRING'])
|
||||
if qs.has_key('RelayState'):
|
||||
next_url = qs['RelayState'][0]
|
||||
elif qs.has_key('next_url'):
|
||||
next_url = qs['next_url'][0]
|
||||
elif values.has_key('next_url'):
|
||||
next_url = values['next_url']
|
||||
|
||||
req_cookies = request.cookies
|
||||
for cookie in req_cookies.values():
|
||||
cookie['expires'] = 'Thu, 01 Jan 1970 00:00:01 GMT'
|
||||
cookie['path'] = '/'
|
||||
if next_url:
|
||||
return _302(next_url, req_cookies)
|
||||
else:
|
||||
return _302('/', req_cookies)
|
||||
|
||||
def change_user(self, env, values, request, response):
|
||||
""" Multi accounts feature
|
||||
Change the current login user
|
||||
|
|
@ -307,7 +329,7 @@ a password_field key if you want to encode a password.")
|
|||
# TODO: need to logout the first
|
||||
unique_id = env['beaker.session']['unique_id']
|
||||
qs = parse_qs(env['QUERY_STRING'])
|
||||
if not login or not qs.has_key('id'):
|
||||
if not unique_id or not qs.has_key('id'):
|
||||
return _401('Access denied: beaker session invalid or not qs id')
|
||||
id = qs['id'][0]
|
||||
service_provider = backend.ManagerServiceProvider.get(self.site_name)
|
||||
|
|
@ -320,24 +342,37 @@ a password_field key if you want to encode a password.")
|
|||
def disassociate(self, env, values, request, response):
|
||||
""" Disassociate an account with the Mandaye account
|
||||
You need to put the id of the sp user you want to disassociate
|
||||
in the query string (..?id=42)
|
||||
in the query string (..?id=42) or use by service provider name
|
||||
(..?sp_name=)
|
||||
"""
|
||||
if env['beaker.session'].has_key('login'):
|
||||
login = env['beaker.session']['login']
|
||||
if env['beaker.session'].has_key('unique_id'):
|
||||
unique_id = env['beaker.session']['unique_id']
|
||||
else:
|
||||
return _401('Access denied: no session')
|
||||
qs = parse_qs(env['QUERY_STRING'])
|
||||
if not login or not qs.has_key('id'):
|
||||
return _401('Access denied: beaker session invalid or not id')
|
||||
id = qs['id'][0]
|
||||
sp_user = backend.ManagerSPUser.get_by_id(id)
|
||||
if sp_user:
|
||||
backend.ManagerSPUser.delete(sp_user)
|
||||
if qs.has_key('logout'):
|
||||
self.logout(env, values, request, response)
|
||||
return _302(values.get('next_url'))
|
||||
if values.get('next_url'):
|
||||
next_url = values.get('next_url')
|
||||
else:
|
||||
return _401('Access denied: bad id')
|
||||
return _302(values.get('next_url'))
|
||||
next_url = '/'
|
||||
if qs.has_key('next_url'):
|
||||
next_url = qs['next_url'][0]
|
||||
if qs.has_key('id'):
|
||||
sp_id = qs['id'][0]
|
||||
sp_user = backend.ManagerSPUser.get_by_id(sp_id)
|
||||
if sp_user:
|
||||
backend.ManagerSPUser.delete(sp_user)
|
||||
else:
|
||||
return _401('Access denied: bad id')
|
||||
elif qs.has_key('sp_name'):
|
||||
sp_name = qs['sp_name'][0]
|
||||
for sp_user in \
|
||||
backend.ManagerSPUser.get_sp_users(unique_id, sp_name):
|
||||
backend.ManagerSPUser.delete(sp_user)
|
||||
else:
|
||||
return _401('Access denied: no id or sp name')
|
||||
values['next_url'] = next_url
|
||||
if qs.has_key('logout'):
|
||||
return self.local_logout(env, values, request, response)
|
||||
return _302(next_url)
|
||||
|
||||
|
||||
|
|
|
|||
Reference in New Issue