users: use declarative criterias when looking up users

2014-12-05 15:55:59 +01:00 · 2014-12-05 15:55:59 +01:00 · 7161e2cf06
parent 851c06d074
commit 7161e2cf06
6 changed files with 15 additions and 10 deletions
--- a/wcs/liberty.py
+++ b/wcs/liberty.py
@ -26,7 +26,7 @@ class LibertyDirectory(qommon.liberty.LibertyDirectory):
        import libxml2, lasso
        ni = login.nameIdentifier.content
        session.name_identifier = ni
-        nis = list(get_publisher().user_class.select(lambda x: ni in x.name_identifiers))
+        nis = list(get_publisher().user_class.get_users_with_name_identifier(ni))
        if nis:
            user = nis[0]
        else:
--- a/wcs/qommon/ident/password.py
+++ b/wcs/qommon/ident/password.py
@ -43,13 +43,14 @@ from qommon.admin.texts import TextsDirectory

 from qommon.cron import CronJob
 from qommon.afterjobs import AfterJob
+import qommon.storage as st

 from password_accounts import PasswordAccount, HASHING_ALGOS


 def notify_admins_user_registered(account):
    identities_cfg = get_cfg('identities', {})
-    admins = [x for x in get_publisher().user_class.select() if x.is_admin]
+    admins = [x for x in get_publisher().user_class.select([st.Equals('is_admin', True)])]
    if not admins:
        return
    admin_emails = [x.email for x in admins if x.email]
--- a/wcs/qommon/liberty.py
+++ b/wcs/qommon/liberty.py
@ -132,7 +132,7 @@ class LibertyDirectory(Directory):
    def lookup_user(self, session, login):
        ni = login.nameIdentifier.content
        session.name_identifier = ni
-        nis = list(get_publisher().user_class.select(lambda x: ni in x.name_identifiers))
+        nis = list(get_publisher().user_class.get_users_with_name_identifier(ni))
        if nis:
            user = nis[0]
        else:
@ -292,8 +292,8 @@ class LibertyDirectory(Directory):
                if name_identifier == session.name_identifier:
                    break
            else:
-                nis = list(get_publisher().user_class.select(
-                            lambda x: name_identifier in x.name_identifiers))
+                nis = list(get_publisher().user_class.get_users_with_name_identifier(
+                    name_identifier))
                if not nis:
                    raise Exception('federation not found')
                user = nis[0]
--- a/wcs/qommon/saml2.py
+++ b/wcs/qommon/saml2.py
@ -440,7 +440,7 @@ class Saml2Directory(Directory):
            token = session.ident_idp_token

            UserClass = get_publisher().user_class
-            users_with_token = list(UserClass.select(lambda x: x.identification_token == token))
+            users_with_token = list(UserClass.get_users_with_identification_token(token))
            if not users_with_token:
                return None
            user = users_with_token[0]
@ -725,7 +725,7 @@ class Saml2Directory(Directory):
        manage.processRequestMsg(soap_message)

        ni = manage.nameIdentifier.content
-        nis = list(get_publisher().user_class.select(lambda x: ni in x.name_identifiers))
+        nis = list(get_publisher().user_class.get_users_with_name_identifier(ni))
        session = None
        if nis:
            user = nis[0]
--- a/wcs/root.py
+++ b/wcs/root.py
@ -251,7 +251,7 @@ class RootDirectory(Directory):
            else:
                return template.error_page('No Lasso Identity Dump (???)')
            token = form.get_widget('token').parse()
-            users_with_token = list(get_publisher().user_class.select(lambda x: x.identification_token == token))
+            users_with_token = list(get_publisher().user_class.get_users_with_identification_token(token))
            if len(users_with_token) == 0:
                return template.error_page(_('Unknown Token'))

--- a/wcs/users.py
+++ b/wcs/users.py
@ -133,13 +133,17 @@ class User(StorableObject):
    get_users_with_role = classmethod(get_users_with_role)

    def get_users_with_name_identifier(cls, name_identifier):
-        return cls.select(lambda x: name_identifier in x.name_identifiers)
+        return cls.select([st.Intersects('name_identifiers', [name_identifier])])
    get_users_with_name_identifier = classmethod(get_users_with_name_identifier)

    def get_users_with_email(cls, email):
-        return cls.select(lambda x: x.email == email)
+        return cls.select([st.Equal('email', email)])
    get_users_with_email = classmethod(get_users_with_email)

+    def get_users_with_identification_token(cls, token):
+        return cls.select([st.Equal('identification_token', token)])
+    get_users_with_identification_token = classmethod(get_users_with_identification_token)
+
    def get_substitution_variables(self, prefix='session_'):
        d = {
            prefix+'user': self,