annotate MoinMoin/userprefs/suid.py @ 5478:b29b47f681dd

make userprefs suid code more similar to other userprefs code
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Tue, 02 Feb 2010 14:01:55 +0100
parents 7bfd4232cfb7
children f9a7aa1a4a4a
rev   line source
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
1 # -*- coding: iso-8859-1 -*-
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
2 """
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
3 MoinMoin - switch user form
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
4
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
5 @copyright: 2001-2004 Juergen Hermann <jh@web.de>,
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
6 2003-2007 MoinMoin:ThomasWaldmann
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
7 2007 MoinMoin:JohannesBerg
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
8 @license: GNU GPL, see COPYING for details.
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
9 """
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
10
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
11 from MoinMoin import user, util, wikiutil
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
12 from MoinMoin.widget import html
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
13 from MoinMoin.userprefs import UserPrefBase
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
14
2449
fa3aca6aacd4 make pep8 checker happy
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2444
diff changeset
15
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
16 class Settings(UserPrefBase):
2449
fa3aca6aacd4 make pep8 checker happy
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2444
diff changeset
17
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
18 def __init__(self, request):
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
19 """ Initialize setuid settings form. """
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
20 UserPrefBase.__init__(self, request)
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
21 self.request = request
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
22 self._ = request.getText
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
23 self.cfg = request.cfg
2423
76bf8b6b3061 use formatted=False for userprefs titles
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2369
diff changeset
24 _ = self._
3122
a1322262398a refactored _() getText calls to match new api
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 2449
diff changeset
25 self.title = _("Switch user")
2368
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
26 self.name = 'suid'
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
27
2368
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
28 def allowed(self):
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
29 return (UserPrefBase.allowed(self) and
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
30 self.request.user.isSuperUser() or
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
31 (not self.request._setuid_real_user is None and
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
32 (self.request._setuid_real_user.isSuperUser())))
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
33
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
34 def handle_form(self):
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
35 _ = self._
5478
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
36 request = self.request
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
37 form = request.form
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
38
5478
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
39 if form.has_key('cancel'):
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
40 return
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
41
5478
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
42 if request.request_method != 'POST':
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
43 return
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
44
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
45 if not wikiutil.checkTicket(request, form.get('ticket', [''])[0]):
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
46 return
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
47
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
48 uid = form.get('selected_user', [''])[0]
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
49 if not uid:
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
50 return 'error', _("No user selected")
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
51 theuser = user.User(request, uid, auth_method='setuid')
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
52 if not theuser or not theuser.exists():
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
53 return 'error', _("No user selected")
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
54 # set valid to True so superusers can even switch
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
55 # to disable accounts
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
56 theuser.valid = True
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
57 request.session['setuid'] = uid
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
58 request._setuid_real_user = request.user
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
59 # now continue as the other user
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
60 request.user = theuser
b29b47f681dd make userprefs suid code more similar to other userprefs code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3513
diff changeset
61 return _("You can now change the settings of the selected user account; log out to get back to your account.")
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
62
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
63 def _user_select(self):
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
64 options = []
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
65 users = user.getUserList(self.request)
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
66 realuid = None
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
67 if hasattr(self.request, '_setuid_real_user') and self.request._setuid_real_user:
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
68 realuid = self.request._setuid_real_user.id
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
69 else:
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
70 realuid = self.request.user.id
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
71 for uid in users:
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
72 if uid != realuid:
2434
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
73 name = user.User(self.request, id=uid).name
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
74 options.append((uid, name))
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
75 options.sort(lambda x, y: cmp(x[1].lower(), y[1].lower()))
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
76
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
77 size = min(5, len(options))
2434
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
78 current_user = self.request.user.id
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
79
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
80 if not options:
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
81 _ = self._
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
82 self._only = True
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
83 return _("You are the only user.")
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
84
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
85 self._only = False
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
86 return util.web.makeSelection('selected_user', options, current_user, size=size)
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
87
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
88 def create_form(self):
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
89 """ Create the complete HTML form code. """
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
90 _ = self._
2368
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
91 form = self.make_form(html.Text(_('As a superuser, you can temporarily '
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
92 'assume the identity of another user.')))
2294
22749e92a461 new userprefs handling including plugins; todo: refactor prefs.py
Johannes Berg <johannes AT sipsolutions DOT net>
parents:
diff changeset
93
2368
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
94 ticket = wikiutil.createTicket(self.request)
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
95 self.make_row('Select User', [self._user_select()], valign="top")
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
96 form.append(html.INPUT(type="hidden", name="ticket", value="%s" % ticket))
2434
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
97 if not self._only:
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
98 buttons = [html.INPUT(type="submit", name="select_user",
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
99 value=_('Select User')),
2444
12854ba50c0d password_checker test: add the usual set import magic for py 2.3, small whitespace fix
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 2434
diff changeset
100 ' ', ]
2434
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
101 else:
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
102 buttons = []
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
103 buttons.append(html.INPUT(type="submit", name="cancel",
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
104 value=_('Cancel')))
b4aa8a40f754 clean up suid a bit
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2423
diff changeset
105 self.make_row('', buttons)
2368
5fc0717a060f refactor userprefs for more consistent UI
Johannes Berg <johannes AT sipsolutions DOT net>
parents: 2363
diff changeset
106 return unicode(form)