1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
#!/usr/bin/env python
import shelve
from zope.interface import implements
# from repoze.who.interfaces import IChallenger, IIdentifier, IAuthenticator
from repoze.who.interfaces import IMetadataProvider
class EntitlementMetadataProvider(object):
implements(IMetadataProvider)
def __init__(self, filename, key_attribute):
# Means I have to do explicit syncs on writes, but also
# that it's faster on reads since it will cache data
self._store = shelve.open(filename, writeback=True)
self.key_attribute = key_attribute
def keys(self):
return self._store.keys()
def get(self, user, attribute):
return self._store[user][attribute]
def set(self, user, attribute, value):
if user not in self._store:
self._store[user] = {}
self._store[user][attribute] = value
self._store.sync()
def part_of(self, user, virtualorg):
if virtualorg in self._store[user]["entitlement"]:
return True
else:
return False
def get_entitlement(self, user, virtualorg):
try:
return self._store[user]["entitlement"][virtualorg]
except KeyError:
return []
def store_entitlement(self, user, virtualorg, entitlement=None):
if user not in self._store:
self._store[user] = {"entitlement": {}}
elif "entitlement" not in self._store[user]:
self._store[user]["entitlement"] = {}
if entitlement is None:
entitlement = []
self._store[user]["entitlement"][virtualorg] = entitlement
self._store.sync()
def add_metadata(self, environ, identity):
# logger = environ.get('repoze.who.logger','')
try:
user = self._store[identity.get("repoze.who.userid")]
except KeyError:
return
try:
vorg = environ["myapp.vo"]
try:
ents = user["entitlement"][vorg]
identity["user"] = {"entitlement": ["%s:%s" % (vorg, e) for e in ents]}
except KeyError:
pass
except KeyError:
res = []
for vorg, ents in user["entitlement"].items():
res.extend(["%s:%s" % (vorg, e) for e in ents])
identity["user"] = res
def make_plugin(filename, key_attribute=""):
return EntitlementMetadataProvider(filename, key_attribute)
|