1
2
3
4
5
6
7
8
9
10
11
12
13
14 '''
15 This module contains monkey patches we needed to make to PAS when we switched
16 from native ZODB-managed authentication to pluggable authentication.
17
18 This module needs to be imported by ZenUtils/__init__.py.
19
20 Related tickets:
21 http://dev.zenoss.org/trac/ticket/379
22 http://dev.zenoss.org/trac/ticket/402
23 http://dev.zenoss.org/trac/ticket/443
24 http://dev.zenoss.org/trac/ticket/1042
25 '''
26
27
28
29 from Products.PluggableAuthService import PluggableAuthService
30 from Products.ZenUtils.Security import _createInitialUser
31 pas = PluggableAuthService.PluggableAuthService
32 if not hasattr(pas, '_createInitialUser'):
33 pas._createInitialUser = _createInitialUser
34
35
36 from Products.PluggableAuthService.plugins import CookieAuthHelper
37 import urlparse
38 import urllib
39
41 """We don't want CookieAuthHelper setting the login attribute, we we'll
42 override manage_afterAdd().
43
44 For now, the only thing that manage_afterAdd does is set the login_form
45 attribute, but we will need to check this after every upgrade of the PAS.
46 """
47 pass
48
49 CookieAuthHelper.CookieAuthHelper.manage_afterAdd = manage_afterAdd
50
52 """
53 Set a cookie and redirect to the url that we tried to
54 authenticate against originally.
55
56 FIXME - I don't think we need this any more now that the EULA is gone -EAD
57 """
58 request = self.REQUEST
59 response = request['RESPONSE']
60
61 login = request.get('__ac_name', '')
62 password = request.get('__ac_password', '')
63 submitted = request.get('submitted', '')
64
65 pas_instance = self._getPAS()
66
67 if pas_instance is not None:
68 pas_instance.updateCredentials(request, response, login, password)
69
70 came_from = request.form.get('came_from') or ''
71 submittedQs = 'submitted=%s' % submitted
72 if came_from:
73 parts = urlparse.urlsplit(came_from)
74 if 'submitted' not in [p.split('=')[0] for p in parts[3].split('&')]:
75 queryPart = '&'.join([parts[3], submittedQs])
76 parts = (parts[:3] + (queryPart,) + parts[4:])
77 came_from = urlparse.urlunsplit(parts)
78 else:
79 came_from = '/zport/dmd?%s' % submittedQs
80
81
82
83
84
85
86 return response.redirect(came_from)
87
88 CookieAuthHelper.CookieAuthHelper.login = login
89
90
92 """ Check to see if the user has accepted the Zenoss terms.
93 """
94 request = self.REQUEST
95 response = request['RESPONSE']
96
97 acceptStatus = request.form.get('terms') or ''
98 url = request.form.get('came_from') or self.absolute_url()
99
100 if acceptStatus != 'Accept':
101 self.resetCredentials(request, response)
102 if '?' in url:
103 url += '&'
104 else:
105 url += '?'
106 url += 'terms=Decline'
107 else:
108 self.dmd.acceptedTerms = True
109 return response.redirect(url)
110
111 CookieAuthHelper.CookieAuthHelper.termsCheck = termsCheck
112