Package Products :: Package ZenUtils :: Package patches :: Module pasmonkey
[hide private]
[frames] | no frames]

Module pasmonkey

source code


This module contains monkey patches we needed to make to PAS when we switched
from native ZODB-managed authentication to pluggable authentication.

This module needs to be imported by ZenUtils/__init__.py.

Related tickets:
  http://dev.zenoss.org/trac/ticket/379
  http://dev.zenoss.org/trac/ticket/402
  http://dev.zenoss.org/trac/ticket/443
  http://dev.zenoss.org/trac/ticket/1042
  http://dev.zenoss.org/trac/ticket/4225
  http://jira.zenoss.com/jira/browse/ZEN-110

Functions [hide private]
 
_resetCredentials(self, request, response=None) source code
 
validate(self, request, auth='', roles=_noroles)
Here is a run down of how this method is called and where it ends up returning in various login situations.
source code
 
manage_afterAdd(self, item, container)
We don't want CookieAuthHelper setting the login attribute, we we'll override manage_afterAdd().
source code
 
login(self)
Set a cookie and redirect to the url that we tried to authenticate against originally.
source code
 
termsCheck(self)
Check to see if the user has accepted the Zenoss terms.
source code
Variables [hide private]
  pas = PluggableAuthService.PluggableAuthService
  _originalResetCredentials = pas.resetCredentials
Function Details [hide private]

validate(self, request, auth='', roles=_noroles)

source code 

 Here is a run down of how this method is called and where it ends up returning
 in various login situations.
 
 Failure (admin, local, LDAP, and Active Directory)
    is_top=0, user_ids=[], name=login, if not is_top: return None (outside loop)
    is_top=1, user_ids=[], name=login, return anonymous

Success (admin)
   is_top=0, user_ids=[], name=login, if not is_top: return (outside loop)
   is_top=1, user_ids=[('admin', 'admin')], name=login, if self._authorizeUser(...): return user

 Success (local, LDAP, and Active Directory)
    is_top=0, user_ids=[('username', 'username')], name=login, if self._authorizeUser(...): return user
 

manage_afterAdd(self, item, container)

source code 

We don't want CookieAuthHelper setting the login attribute, we we'll override manage_afterAdd().

For now, the only thing that manage_afterAdd does is set the login_form attribute, but we will need to check this after every upgrade of the PAS.

login(self)

source code 

Set a cookie and redirect to the url that we tried to authenticate against originally.

FIXME - I don't think we need this any more now that the EULA is gone -EAD