[Testbot] Plone 5.0 - Python 2.7 - Build # 3133 - Fixed! - 0 failure(s)
jenkins at plone.org
jenkins at plone.org
Sat Aug 30 06:55:26 UTC 2014
-------------------------------------------------------------------------------
Plone 5.0 - Python 2.7 - Build # 3133 - Fixed!
-------------------------------------------------------------------------------
http://jenkins.plone.org/job/plone-5.0-python-2.7/3133/
-------------------------------------------------------------------------------
CHANGES
-------------------------------------------------------------------------------
Repository: Products.CMFPlone
Branch: refs/heads/master
Date: 2014-08-30T07:24:18+02:00
Author: Timo Stollenwerk (tisto) <tisto at plone.org>
Commit: https://github.com/plone/Products.CMFPlone/commit/f6f4456542ea91f97ad053270fb1b37fbb20583f
Revert "Plip10359 - move security controlpanel from plone.app.controlpanel"
Files changed:
M Products/CMFPlone/controlpanel/bbb/configure.zcml
M Products/CMFPlone/controlpanel/browser/configure.zcml
M Products/CMFPlone/controlpanel/configure.zcml
M Products/CMFPlone/controlpanel/events.py
M Products/CMFPlone/interfaces/__init__.py
M Products/CMFPlone/interfaces/controlpanel.py
M Products/CMFPlone/profiles/dependencies/registry.xml
M Products/CMFPlone/testing.py
D Products/CMFPlone/controlpanel/bbb/security.py
D Products/CMFPlone/controlpanel/browser/emaillogin.pt
D Products/CMFPlone/controlpanel/browser/security.py
D Products/CMFPlone/controlpanel/events.zcml
D Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
D Products/CMFPlone/controlpanel/utils.py
D Products/CMFPlone/tests/robot/test_controlpanel_security.robot
diff --git a/Products/CMFPlone/controlpanel/bbb/configure.zcml b/Products/CMFPlone/controlpanel/bbb/configure.zcml
index 4713645..c647f0b 100644
--- a/Products/CMFPlone/controlpanel/bbb/configure.zcml
+++ b/Products/CMFPlone/controlpanel/bbb/configure.zcml
@@ -7,7 +7,6 @@
<adapter factory=".maintenance.MaintenanceControlPanelAdapter" />
<adapter factory=".navigation.NavigationControlPanelAdapter" />
<adapter factory=".search.SearchControlPanelAdapter" />
- <adapter factory=".security.SecurityControlPanelAdapter" />
<adapter factory=".site.SiteControlPanelAdapter" />
</configure>
diff --git a/Products/CMFPlone/controlpanel/bbb/security.py b/Products/CMFPlone/controlpanel/bbb/security.py
deleted file mode 100644
index 2d05160..0000000
--- a/Products/CMFPlone/controlpanel/bbb/security.py
+++ /dev/null
@@ -1,78 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces.siteroot import IPloneSiteRoot
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.registry.interfaces import IRegistry
-from zope.component import adapts
-from zope.component import getUtility
-from zope.interface import implements
-from zope.site.hooks import getSite
-
-
-class SecurityControlPanelAdapter(object):
-
- adapts(IPloneSiteRoot)
- implements(ISecuritySchema)
-
- def __init__(self, context):
- self.portal = getSite()
- self.pmembership = getToolByName(context, 'portal_membership')
- registry = getUtility(IRegistry)
- self.settings = registry.forInterface(
- ISecuritySchema, prefix="plone")
-
- def get_enable_self_reg(self):
- return self.settings.enable_self_reg
-
- def set_enable_self_reg(self, value):
- # additional processing in the event handler
- self.settings.enable_self_reg = value
-
- enable_self_reg = property(get_enable_self_reg, set_enable_self_reg)
-
- def get_enable_user_pwd_choice(self):
- return self.settings.enable_user_pwd_choice
-
- def set_enable_user_pwd_choice(self, value):
- self.settings.enable_user_pwd_choice = value
-
- enable_user_pwd_choice = property(get_enable_user_pwd_choice,
- set_enable_user_pwd_choice)
-
- def get_enable_user_folders(self):
- return self.settings.enable_user_folders
-
- def set_enable_user_folders(self, value):
- # additional processing in the event handler
- self.settings.enable_user_folders = value
-
- enable_user_folders = property(get_enable_user_folders,
- set_enable_user_folders)
-
- def get_allow_anon_views_about(self):
- return self.settings.allow_anon_views_about
-
- def set_allow_anon_views_about(self, value):
- self.settings.allow_anon_views_about = value
-
- allow_anon_views_about = property(get_allow_anon_views_about,
- set_allow_anon_views_about)
-
- def get_use_email_as_login(self):
- return self.settings.use_email_as_login
-
- def set_use_email_as_login(self, value):
- # additional processing in the event handler
- self.settings.use_email_as_login = value
-
- use_email_as_login = property(get_use_email_as_login,
- set_use_email_as_login)
-
- def get_use_uuid_as_userid(self):
- return self.settings.use_uuid_as_userid
-
- def set_use_uuid_as_userid(self, value):
- self.settings.use_uuid_as_userid = value
-
- use_uuid_as_userid = property(get_use_uuid_as_userid,
- set_use_uuid_as_userid)
diff --git a/Products/CMFPlone/controlpanel/browser/configure.zcml b/Products/CMFPlone/controlpanel/browser/configure.zcml
index 551d824..bf55faf 100644
--- a/Products/CMFPlone/controlpanel/browser/configure.zcml
+++ b/Products/CMFPlone/controlpanel/browser/configure.zcml
@@ -35,23 +35,6 @@
permission="plone.app.controlpanel.Search"
/>
- <!-- Security Control Panel -->
- <browser:page
- name="security-controlpanel"
- for="Products.CMFPlone.interfaces.IPloneSiteRoot"
- class=".security.SecurityControlPanel"
- permission="plone.app.controlpanel.Security"
- />
-
- <!-- Security Control Panel - EMail Login -->
- <browser:page
- for="Products.CMFPlone.interfaces.IPloneSiteRoot"
- name="migrate-to-emaillogin"
- class=".security.EmailLogin"
- template="emaillogin.pt"
- permission="cmf.ManagePortal"
- />
-
<!-- Site Control Panel -->
<browser:page
name="site-controlpanel"
diff --git a/Products/CMFPlone/controlpanel/browser/emaillogin.pt b/Products/CMFPlone/controlpanel/browser/emaillogin.pt
deleted file mode 100644
index 16c3949..0000000
--- a/Products/CMFPlone/controlpanel/browser/emaillogin.pt
+++ /dev/null
@@ -1,67 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
- xmlns:tal="http://xml.zope.org/namespaces/tal"
- xmlns:metal="http://xml.zope.org/namespaces/metal"
- xmlns:i18n="http://xml.zope.org/namespaces/i18n"
- metal:use-macro="context/prefs_main_template/macros/master"
- i18n:domain="plone">
-
-<body>
-
- <metal:main metal:fill-slot="prefs_configlet_content">
- <h1 class="documentFirstHeading"
- i18n:translate="heading_find_duplicate_login_names">
- Find duplicate login names
- </h1>
-
- <p i18n:translate="help_duplicate_login_names">
- Switching the email login setting in the
- <a i18n:name="link"
- tal:attributes="href string:${context/portal_url}/@@security-controlpanel"
- i18n:translate="">Security settings</a>
- on or off automatically changes the login name for existing users.
- This may fail when there are duplicates.
- On this page you can search for duplicates.
- </p>
-
- <div tal:condition="request/form/submitted|nothing">
- <div tal:condition="view/duplicates">
- <p i18n:translate="msg_login_duplicates_found">
- The following login names would be used by more than one account:
- </p>
- <ul>
- <ol tal:repeat="dup view/duplicates">
- <span tal:content="python:dup[0]" />:
- <span tal:repeat="account python:dup[1]" tal:content="account" />
- </ol>
- </ul>
- </div>
- <div tal:condition="not:view/duplicates">
- <p i18n:translate="msg_no_login_duplicates_found">
- No login names found that are used by more than one account.
- </p>
- </div>
- </div>
-
- <form action=""
- name="emaillogin-migrate"
- method="post"
- class="enableUnloadProtection enableAutoFocus">
- <div class="formControls">
- <input type="hidden" name="submitted" value="submitted" id="submitted" />
- <input class="context"
- type="submit"
- name="check_email"
- value="Check for duplicate emails"
- i18n:attributes="value label_check_duplicate_emails" />
- <br />
- <input class="context"
- type="submit"
- name="check_userid"
- value="Check for duplicate lower case user ids"
- i18n:attributes="value label_check_duplicate_user_ids" />
- </div>
- </form>
-
- </metal:main>
-</body>
-</html>
diff --git a/Products/CMFPlone/controlpanel/browser/security.py b/Products/CMFPlone/controlpanel/browser/security.py
deleted file mode 100644
index 1026f27..0000000
--- a/Products/CMFPlone/controlpanel/browser/security.py
+++ /dev/null
@@ -1,127 +0,0 @@
-from Acquisition import aq_inner
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.Five.browser import BrowserView
-from collections import defaultdict
-from plone.app.registry.browser import controlpanel
-
-import logging
-
-logger = logging.getLogger('Products.CMFPlone')
-
-
-class SecurityControlPanelForm(controlpanel.RegistryEditForm):
-
- id = "SecurityControlPanel"
- label = _(u"Security settings")
- schema = ISecuritySchema
- schema_prefix = "plone"
-
-
-class SecurityControlPanel(controlpanel.ControlPanelFormWrapper):
- form = SecurityControlPanelForm
-
-
-class EmailLogin(BrowserView):
- """View to help in migrating to or from using email as login.
-
- We used to change the login name of existing users here, but that
- is now done by checking or unchecking the option in the security
- control panel. Here you can only search for duplicates.
- """
-
- duplicates = []
-
- def __call__(self):
- if self.request.form.get('check_email'):
- self.duplicates = self.check_email()
- elif self.request.form.get('check_userid'):
- self.duplicates = self.check_userid()
- return self.index()
-
- @property
- def _email_list(self):
- context = aq_inner(self.context)
- pas = getToolByName(context, 'acl_users')
- emails = defaultdict(list)
- orig_transform = pas.login_transform
- try:
- if not orig_transform:
- # Temporarily set this to lower, as that will happen
- # when turning emaillogin on.
- pas.login_transform = 'lower'
- for user in pas.getUsers():
- if user is None:
- # Created in the ZMI?
- continue
- email = user.getProperty('email', '')
- if email:
- email = pas.applyTransform(email)
- else:
- logger.warn("User %s has no email address.",
- user.getUserId())
- # Add the normal login name anyway.
- email = pas.applyTransform(user.getUserName())
- emails[email].append(user.getUserId())
- finally:
- pas.login_transform = orig_transform
- return emails
-
- def check_email(self):
- duplicates = []
- for email, userids in self._email_list.items():
- if len(userids) > 1:
- logger.warn("Duplicate accounts for email address %s: %r",
- email, userids)
- duplicates.append((email, userids))
-
- return duplicates
-
- @property
- def _userid_list(self):
- # user ids are unique, but their lowercase version might not
- # be unique.
- context = aq_inner(self.context)
- pas = getToolByName(context, 'acl_users')
- userids = defaultdict(list)
- orig_transform = pas.login_transform
- try:
- if not orig_transform:
- # Temporarily set this to lower, as that will happen
- # when turning emaillogin on.
- pas.login_transform = 'lower'
- for user in pas.getUsers():
- if user is None:
- continue
- login_name = pas.applyTransform(user.getUserName())
- userids[login_name].append(user.getUserId())
- finally:
- pas.login_transform = orig_transform
- return userids
-
- def check_userid(self):
- duplicates = []
- for login_name, userids in self._userid_list.items():
- if len(userids) > 1:
- logger.warn("Duplicate accounts for lower case user id "
- "%s: %r", login_name, userids)
- duplicates.append((login_name, userids))
-
- return duplicates
-
- def switch_to_email(self):
- # This is not used and is only here for backwards
- # compatibility. It avoids a test failure in
- # Products.CMFPlone.
- # XXX: check if this can be removed
- migrate_to_email_login(self.context)
-
- def switch_to_userid(self):
- # This is not used and is only here for backwards
- # compatibility. It avoids a test failure in
- # Products.CMFPlone.
- # XXX: check if this can be removed
- migrate_from_email_login(self.context)
diff --git a/Products/CMFPlone/controlpanel/configure.zcml b/Products/CMFPlone/controlpanel/configure.zcml
index 93d5b49..1b49eda 100644
--- a/Products/CMFPlone/controlpanel/configure.zcml
+++ b/Products/CMFPlone/controlpanel/configure.zcml
@@ -7,6 +7,4 @@
<include package=".bbb" />
<include package=".browser" />
- <include file="events.zcml" />
-
</configure>
diff --git a/Products/CMFPlone/controlpanel/events.py b/Products/CMFPlone/controlpanel/events.py
index 4e5a96e..206ba47 100644
--- a/Products/CMFPlone/controlpanel/events.py
+++ b/Products/CMFPlone/controlpanel/events.py
@@ -1,18 +1,9 @@
-from Products.CMFCore.ActionInformation import Action
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import IConfigurationChangedEvent
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.utils import safe_hasattr
-from plone.registry.interfaces import IRecordModifiedEvent
from zope.component import adapter
from zope.component import queryUtility
from zope.interface import implements
from zope.ramcache.interfaces.ram import IRAMCache
-from zope.site.hooks import getSite
+from Products.CMFPlone.interfaces import IConfigurationChangedEvent
class ConfigurationChangedEvent(object):
implements(IConfigurationChangedEvent)
@@ -27,102 +18,3 @@ def handleConfigurationChangedEvent(event):
util = queryUtility(IRAMCache)
if util is not None:
util.invalidateAll()
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_self_reg(obj, event):
- """Additional configuration when the ``enable_self_reg``
- setting is updated in the ``Security```control panel.
-
- If the setting is enabled, the ``Add portal member`` permission is
- added to ``Anonymous`` role to allow self registration for anonymous
- users. If the setting is disabled, this permission is removed.
- """
- if event.record.fieldName != 'enable_self_reg':
- return
-
- portal = getSite()
- value = event.newValue
- app_perms = portal.rolesOfPermission(
- permission='Add portal member')
- reg_roles = []
-
- for app_perm in app_perms:
- if app_perm['selected'] == 'SELECTED':
- reg_roles.append(app_perm['name'])
- if value is True and 'Anonymous' not in reg_roles:
- reg_roles.append('Anonymous')
- if value is False and 'Anonymous' in reg_roles:
- reg_roles.remove('Anonymous')
-
- portal.manage_permission('Add portal member', roles=reg_roles,
- acquire=0)
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_user_folders(obj, event):
- """Additional configuration when the ``enable_user_folders``
- setting is updated in the ``Security```control panel.
-
- If the setting is enabled, a new user action is added with a link to
- the personal folder. If the setting is disabled, the action is hidden.
- """
- if event.record.fieldName != 'enable_user_folders':
- return
-
- portal = getSite()
- value = event.newValue
-
- membership = getToolByName(portal, 'portal_membership')
- membership.memberareaCreationFlag = value
-
- # support the 'my folder' user action #8417
- portal_actions = getToolByName(portal, 'portal_actions', None)
- if portal_actions is not None:
- object_category = getattr(portal_actions, 'user', None)
- if value and not safe_hasattr(object_category, 'mystuff'):
- # add action
- _add_mystuff_action(object_category)
- elif safe_hasattr(object_category, 'mystuff'):
- a = getattr(object_category, 'mystuff')
- a.visible = bool(value) # show/hide action
-
-
-def _add_mystuff_action(object_category):
- new_action = Action(
- 'mystuff',
- title=_(u'My Folder'),
- description='',
- url_expr='string:${portal/portal_membership/getHomeUrl}',
- available_expr='python:(member is not None) and \
- (portal.portal_membership.getHomeFolder() is not None) ',
- permissions=('View',),
- visible=True,
- i18n_domain='plone'
- )
- object_category._setObject('mystuff', new_action)
- # move action to top, at least before the logout action
- object_category.moveObjectsToTop(('mystuff'))
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_use_email_as_login(obj, event):
- """Additional configuration when the ``use_email_as_login``
- setting is updated in the ``Security```control panel.
-
- If the setting is enabled, existing users' login names are migrated
- to email. If the setting is disabled, then the login names are migrated
- back to user ids.
- """
- if event.record.fieldName != 'use_email_as_login':
- return
-
- value = event.newValue
- if value == event.oldValue:
- # no change
- return
- context = getSite()
- if value:
- migrate_to_email_login(context)
- else:
- migrate_from_email_login(context)
diff --git a/Products/CMFPlone/controlpanel/events.zcml b/Products/CMFPlone/controlpanel/events.zcml
deleted file mode 100644
index 665959b..0000000
--- a/Products/CMFPlone/controlpanel/events.zcml
+++ /dev/null
@@ -1,5 +0,0 @@
-<configure xmlns="http://namespaces.zope.org/zope">
- <subscriber handler=".events.handle_enable_self_reg" />
- <subscriber handler=".events.handle_enable_user_folders" />
- <subscriber handler=".events.handle_use_email_as_login" />
-</configure>
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
deleted file mode 100644
index c2cb8e9..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
+++ /dev/null
@@ -1,130 +0,0 @@
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelAdapterTest(unittest.TestCase):
-
- layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
- def setUp(self):
- self.portal = self.layer['portal']
- self.request = self.layer['request']
- setRoles(self.portal, TEST_USER_ID, ['Manager'])
- self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
- def test_adapter_lookup(self):
- self.assertTrue(getAdapter(self.portal, ISecuritySchema))
-
- def test_get_enable_self_reg_setting(self):
- self.assertEquals(
- self.security_settings.enable_self_reg,
- False
- )
-
- def test_set_enable_self_reg_setting(self):
- self.security_settings.enable_self_reg = False
- self.assertEquals(
- self.security_settings.enable_self_reg,
- False
- )
- self.security_settings.enable_self_reg = True
- self.assertEquals(
- self.security_settings.enable_self_reg,
- True
- )
-
- def test_get_enable_user_pwd_choice_setting(self):
- self.assertEquals(
- self.security_settings.enable_user_pwd_choice,
- False
- )
-
- def test_set_enable_user_pwd_choice_setting(self):
- self.security_settings.enable_user_pwd_choice = False
- self.assertEquals(
- self.security_settings.enable_user_pwd_choice,
- False
- )
- self.security_settings.enable_user_pwd_choice = True
- self.assertEquals(
- self.security_settings.enable_user_pwd_choice,
- True
- )
-
- def test_get_enable_user_folders_setting(self):
- self.assertEquals(
- self.security_settings.enable_user_folders,
- False
- )
-
- def test_set_enable_user_folders_setting(self):
- self.security_settings.enable_user_folders = False
- self.assertEquals(
- self.security_settings.enable_user_folders,
- False
- )
- self.security_settings.enable_user_folders = True
- self.assertEquals(
- self.security_settings.enable_user_folders,
- True
- )
-
- def test_get_allow_anon_views_about_setting(self):
- self.assertEquals(
- self.security_settings.allow_anon_views_about,
- False
- )
-
- def test_set_allow_anon_views_about_setting(self):
- self.security_settings.allow_anon_views_about = False
- self.assertEquals(
- self.security_settings.allow_anon_views_about,
- False
- )
- self.security_settings.allow_anon_views_about = True
- self.assertEquals(
- self.security_settings.allow_anon_views_about,
- True
- )
-
- def test_get_use_email_as_login_setting(self):
- self.assertEquals(
- self.security_settings.use_email_as_login,
- False
- )
-
- def test_set_use_email_as_login_setting(self):
- self.security_settings.use_email_as_login = False
- self.assertEquals(
- self.security_settings.use_email_as_login,
- False
- )
- self.security_settings.use_email_as_login = True
- self.assertEquals(
- self.security_settings.use_email_as_login,
- True
- )
-
- def test_get_use_uuid_as_userid_setting(self):
- self.assertEquals(
- self.security_settings.use_uuid_as_userid,
- False
- )
-
- def test_set_use_uuid_as_userid_setting(self):
- self.security_settings.use_uuid_as_userid = False
- self.assertEquals(
- self.security_settings.use_uuid_as_userid,
- False
- )
- self.security_settings.use_uuid_as_userid = True
- self.assertEquals(
- self.security_settings.use_uuid_as_userid,
- True
- )
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
deleted file mode 100644
index 098cd47..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
+++ /dev/null
@@ -1,103 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-from plone.app.testing import SITE_OWNER_NAME, SITE_OWNER_PASSWORD
-from plone.registry.interfaces import IRegistry
-from plone.testing.z2 import Browser
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityControlPanelFunctionalTest(unittest.TestCase):
- """Test that changes in the security control panel are actually
- stored in the registry.
- """
-
- layer = PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-
- def setUp(self):
- self.app = self.layer['app']
- self.portal = self.layer['portal']
- self.portal_url = self.portal.absolute_url()
- registry = getUtility(IRegistry)
- self.settings = registry.forInterface(
- ISecuritySchema, prefix="plone")
- self.browser = Browser(self.app)
- self.browser.handleErrors = False
- self.browser.addHeader(
- 'Authorization',
- 'Basic %s:%s' % (SITE_OWNER_NAME, SITE_OWNER_PASSWORD,)
- )
-
- def test_security_control_panel_link(self):
- self.browser.open(
- "%s/plone_control_panel" % self.portal_url)
- self.browser.getLink('Security').click()
-
- def test_security_control_panel_backlink(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.assertTrue("Plone Configuration" in self.browser.contents)
-
- def test_security_control_panel_sidebar(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getLink('Site Setup').click()
- self.assertEqual(
- self.browser.url,
- 'http://nohost/plone/@@overview-controlpanel')
-
- def test_enable_self_reg(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl('Enable self-registration').selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.enable_self_reg, True)
-
- def test_enable_user_pwd_choice(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- 'Let users select their own passwords').selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.enable_user_pwd_choice, True)
-
- def test_enable_user_folders(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- 'Enable User Folders').selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.enable_user_folders, True)
-
- def test_allow_anon_views_about(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- "Allow anyone to view 'about' information").selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.allow_anon_views_about, True)
-
- def test_use_email_as_login(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- "Use email address as login name").selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.use_email_as_login, True)
-
- def test_use_uuid_as_userid(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- "Use UUID user ids").selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.use_uuid_as_userid, True)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
deleted file mode 100644
index b5ff729..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
+++ /dev/null
@@ -1,141 +0,0 @@
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelEventsTest(unittest.TestCase):
-
- layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
- def setUp(self):
- self.portal = self.layer['portal']
- self.request = self.layer['request']
- setRoles(self.portal, TEST_USER_ID, ['Manager'])
- self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
- def _create_user(self, user_id=None, email=None):
- """Helper function for creating a test user."""
- registration = getToolByName(self.portal, 'portal_registration', None)
- registration.addMember(
- user_id,
- 'password',
- ['Member'],
- properties={'email': email, 'username': user_id}
- )
- membership = getToolByName(self.portal, 'portal_membership', None)
- return membership.getMemberById(user_id)
-
- def _is_self_reg_enabled(self):
- """Helper function to determine if self registration was properly
- enabled.
- """
- app_perms = self.portal.rolesOfPermission(
- permission='Add portal member')
- for app_perm in app_perms:
- if app_perm['name'] == 'Anonymous' \
- and app_perm['selected'] == 'SELECTED':
- return True
- return False
-
- def test_handle_enable_self_reg_condition_check(self):
- """Check that this event handler is not run for other ISecuritySchema
- records.
- """
- self.assertFalse(self._is_self_reg_enabled())
- self.security_settings.use_uuid_as_userid = True
- self.assertFalse(self._is_self_reg_enabled())
-
- def test_handle_enable_self_reg_disabled(self):
- self.security_settings.enable_self_reg = False
- self.assertFalse(self._is_self_reg_enabled())
-
- def test_handle_enable_self_reg_enabled(self):
- self.security_settings.enable_self_reg = True
- self.assertTrue(self._is_self_reg_enabled())
-
- def test_handle_enable_user_folders_condition_check(self):
- """Check that this event handler is not run for other ISecuritySchema
- records.
- """
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
- self.assertFalse('mystuff' in portal_actions['user'].keys())
- self.security_settings.use_uuid_as_userid = True
- self.assertFalse('mystuff' in portal_actions['user'].keys())
-
- def test_handle_enable_user_folders_enabled_no_mystuff_yet(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if we enable the setting, mystuff action should be added
- self.assertFalse('mystuff' in portal_actions['user'].keys())
- self.security_settings.enable_user_folders = True
- self.assertTrue('mystuff' in portal_actions['user'].keys())
- self.assertTrue(portal_actions['user']['mystuff'].visible)
-
- def test_handle_enable_user_folders_enabled_has_mystuff(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if we enable the setting, disable it, then enable it again,
- # the mystuff action should still be there and visible
- self.security_settings.enable_user_folders = True
- self.security_settings.enable_user_folders = False
- self.security_settings.enable_user_folders = True
-
- self.assertTrue('mystuff' in portal_actions['user'].keys())
- self.assertTrue(portal_actions['user']['mystuff'].visible)
-
- def test_handle_enable_user_folders_disabled_no_mystuff_yet(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if the mystuff action is not there yet, this should have no effect
- self.security_settings.enable_user_folders = False
- self.assertFalse('mystuff' in portal_actions['user'].keys())
-
- def test_handle_enable_user_folders_disabled_has_mystuff(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if the setting was enabled and then disabled, the mystuff action
- # should be hidden
- self.security_settings.enable_user_folders = True
- self.security_settings.enable_user_folders = False
- self.assertTrue('mystuff' in portal_actions['user'].keys())
- self.assertFalse(portal_actions['user']['mystuff'].visible)
-
- def test_handle_use_email_as_login_condition_check(self):
- """Check that this event handler is not run for other ISecuritySchema
- records.
- """
- self._create_user(user_id='joe', email='joe at test.com')
- pas = getToolByName(self.portal, 'acl_users')
-
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
- self.security_settings.use_uuid_as_userid = True
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-
- def test_handle_use_email_as_login_enabled(self):
- self._create_user(user_id='joe', email='joe at test.com')
- pas = getToolByName(self.portal, 'acl_users')
-
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
- self.assertEquals(len(pas.searchUsers(name='joe')), 1)
-
- # if we enable use_email_as_login, login name should be migrated
- # to email
- self.security_settings.use_email_as_login = True
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 1)
-
- def test_handle_use_email_as_login_disabled(self):
- self._create_user(user_id='joe', email='joe at test.com')
- pas = getToolByName(self.portal, 'acl_users')
-
- # if we enable use_email_as_login, then disabled it, the login name
- # should be migrated back to user id
- self.security_settings.use_email_as_login = True
- self.security_settings.use_email_as_login = False
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
- self.assertEquals(len(pas.searchUsers(name='joe')), 1)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
deleted file mode 100644
index 3b29843..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
+++ /dev/null
@@ -1,56 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from plone.app.testing import TEST_USER_ID, setRoles
-from plone.registry.interfaces import IRegistry
-from zope.component import getMultiAdapter
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityRegistryIntegrationTest(unittest.TestCase):
- """Test that the security settings are stored as plone.app.registry
- settings.
- """
-
- layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
- def setUp(self):
- self.portal = self.layer['portal']
- self.request = self.layer['request']
- setRoles(self.portal, TEST_USER_ID, ['Manager'])
- registry = getUtility(IRegistry)
- self.settings = registry.forInterface(
- ISecuritySchema, prefix="plone")
-
- def test_security_controlpanel_view(self):
- view = getMultiAdapter((self.portal, self.portal.REQUEST),
- name="security-controlpanel")
- view = view.__of__(self.portal)
- self.assertTrue(view())
-
- def test_plone_app_registry_in_controlpanel(self):
- self.controlpanel = getToolByName(self.portal, "portal_controlpanel")
- self.assertTrue('plone.app.registry' in [a.getAction(self)['id']
- for a in self.controlpanel.listActions()])
-
- def test_enable_self_reg_setting(self):
- self.assertTrue(hasattr(self.settings, 'enable_self_reg'))
-
- def test_enable_user_pwd_choice_setting(self):
- self.assertTrue(hasattr(self.settings, 'enable_user_pwd_choice'))
-
- def test_enable_user_folders_setting(self):
- self.assertTrue(hasattr(self.settings, 'enable_user_folders'))
-
- def test_allow_anon_views_about_setting(self):
- self.assertTrue(hasattr(self.settings, 'allow_anon_views_about'))
-
- def test_use_email_as_login_setting(self):
- self.assertTrue(hasattr(self.settings, 'use_email_as_login'))
-
- def test_use_uuid_as_userid_setting(self):
- self.assertTrue(hasattr(self.settings, 'use_uuid_as_userid'))
diff --git a/Products/CMFPlone/controlpanel/utils.py b/Products/CMFPlone/controlpanel/utils.py
deleted file mode 100644
index 851ca34..0000000
--- a/Products/CMFPlone/controlpanel/utils.py
+++ /dev/null
@@ -1,52 +0,0 @@
-from Products.CMFCore.utils import getToolByName
-
-import logging
-
-
-logger = logging.getLogger('Products.CMFPlone.controlpanel')
-
-
-def migrate_to_email_login(context):
- pas = getToolByName(context, 'acl_users')
-
- # We want the login name to be lowercase here. This is new in
- # PAS. Using 'manage_changeProperties' would change the login
- # names immediately, but we want to do that explicitly ourselves
- # and set the lowercase email address as login name, instead of
- # the lower case user id.
- #pas.manage_changeProperties(login_transform='lower')
- pas.login_transform = 'lower'
-
- # Update the users.
- for user in pas.getUsers():
- if user is None:
- continue
- user_id = user.getUserId()
- email = user.getProperty('email', '')
- if email:
- login_name = pas.applyTransform(email)
- pas.updateLoginName(user_id, login_name)
- else:
- logger.warn("User %s has no email address.", user_id)
-
-
-def migrate_from_email_login(context):
- pas = getToolByName(context, 'acl_users')
-
- # Whether the login name is lowercase or not does not really
- # matter for this use case, but it may be better not to change
- # it at this point.
-
- # XXX
- pas.login_transform = ''
-
- # We do want to update the users.
- for user in pas.getUsers():
- if user is None:
- continue
- user_id = user.getUserId()
- # If we keep the transform to lowercase, then we must apply it
- # here as well, otherwise some users will not be able to
- # login, as their user id may be mixed or upper case.
- login_name = pas.applyTransform(user_id)
- pas.updateLoginName(user_id, login_name)
diff --git a/Products/CMFPlone/interfaces/__init__.py b/Products/CMFPlone/interfaces/__init__.py
index 2002944..20862b4 100644
--- a/Products/CMFPlone/interfaces/__init__.py
+++ b/Products/CMFPlone/interfaces/__init__.py
@@ -9,7 +9,6 @@
from controlpanel import IMaintenanceSchema
from controlpanel import INavigationSchema
from controlpanel import ISearchSchema
-from controlpanel import ISecuritySchema
from controlpanel import ISiteSchema
from controlpanel import ITypesSchema
from events import IConfigurationChangedEvent
diff --git a/Products/CMFPlone/interfaces/controlpanel.py b/Products/CMFPlone/interfaces/controlpanel.py
index c2f7172..c0f8656 100644
--- a/Products/CMFPlone/interfaces/controlpanel.py
+++ b/Products/CMFPlone/interfaces/controlpanel.py
@@ -207,70 +207,6 @@ class ISearchSchema(Interface):
)
-class ISecuritySchema(Interface):
-
- enable_self_reg = schema.Bool(
- title=_(u'Enable self-registration'),
- description=_(
- u"Allows users to register themselves on the site. If "
- u"not selected, only site managers can add new users."),
- default=False,
- required=False)
-
- enable_user_pwd_choice = schema.Bool(
- title=_(u'Let users select their own passwords'),
- description=_(
- u"If not selected, a URL will be generated and "
- u"e-mailed. Users are instructed to follow the link to "
- u"reach a page where they can change their password and "
- u"complete the registration process; this also verifies "
- u"that they have entered a valid email address."),
- default=False,
- required=False)
-
- enable_user_folders = schema.Bool(
- title=_(u'Enable User Folders'),
- description=_(
- u"If selected, home folders where users can create "
- u"content will be created when they log in."),
- default=False,
- required=False)
-
- allow_anon_views_about = schema.Bool(
- title=_(u"Allow anyone to view 'about' information"),
- description=_(
- u"If not selected only logged-in users will be able to "
- u"view information about who created an item and when it "
- u"was modified."),
- default=False,
- required=False)
-
- use_email_as_login = schema.Bool(
- title=_(u'Use email address as login name'),
- description=_(
- u"Allows users to login with their email address instead "
- u"of specifying a separate login name. This also updates "
- u"the login name of existing users, which may take a "
- u"while on large sites. The login name is saved as "
- u"lower case, but to be userfriendly it does not matter "
- u"which case you use to login. When duplicates are found, "
- u"saving this form will fail. You can use the "
- u"@@migrate-to-emaillogin page to show the duplicates."),
- default=False,
- required=False)
-
- use_uuid_as_userid = schema.Bool(
- title=_(u'Use UUID user ids'),
- description=_(
- u"Use automatically generated UUIDs as user id for new users. "
- u"When not turned on, the default is to use the same as the "
- u"login name, or when using the email address as login name we "
- u"generate a user id based on the fullname."),
- default=False,
- required=False)
-
-
-# XXX: Why does ISiteSchema inherit from ILockSettings here ???
class ISiteSchema(ILockSettings):
site_title = schema.TextLine(
diff --git a/Products/CMFPlone/profiles/dependencies/registry.xml b/Products/CMFPlone/profiles/dependencies/registry.xml
index 2a5c8f4..09916f8 100644
--- a/Products/CMFPlone/profiles/dependencies/registry.xml
+++ b/Products/CMFPlone/profiles/dependencies/registry.xml
@@ -8,8 +8,6 @@
prefix="plone" />
<records interface="Products.CMFPlone.interfaces.ISearchSchema"
prefix="plone" />
- <records interface="Products.CMFPlone.interfaces.ISecuritySchema"
- prefix="plone" />
<records interface="Products.CMFPlone.interfaces.ISiteSchema"
prefix="plone" />
<records interface="Products.CMFPlone.interfaces.IDateAndTimeSchema"
diff --git a/Products/CMFPlone/testing.py b/Products/CMFPlone/testing.py
index d33a8c0..ac5895a 100644
--- a/Products/CMFPlone/testing.py
+++ b/Products/CMFPlone/testing.py
@@ -43,15 +43,6 @@ def setUpPloneSite(self, portal):
id="test-folder",
title=u"Test Folder"
)
- # XXX: this is needed for tests that rely on the Members folder to be
- # present. This folder is otherwise created by a setup handler in
- # ATContentTypes, but that package is optional now.
- if 'Members' not in portal.keys():
- portal.invokeFactory(
- "Folder",
- id="Members",
- title=u"Members"
- )
def tearDownPloneSite(self, portal):
login(portal, 'admin')
diff --git a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot b/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
deleted file mode 100644
index 18e030d..0000000
--- a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
+++ /dev/null
@@ -1,152 +0,0 @@
-*** Settings ***
-
-Resource plone/app/robotframework/keywords.robot
-Resource plone/app/robotframework/saucelabs.robot
-
-Library Remote ${PLONE_URL}/RobotRemote
-
-Resource common.robot
-
-Test Setup Open SauceLabs test browser
-Test Teardown Run keywords Report test status Close all browsers
-
-
-*** Test Cases ***************************************************************
-
-Scenario: Enable self registration in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I save the settings
- Given an anonymous user
- and the front page
- Then the registration link is shown in the page
-
-Scenario: Enable users to select their own passwords in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I save the settings
- Given an anonymous user
- and the registration form
- Then the password field is shown in the page
-
-Scenario: Enable user folders in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I enable user folders
- and I save the settings
- Given an anonymous user
- When I register to the site
- and I login to the site
- Then the user folder should be created
-
-Scenario: Enable use email as login in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I enable use email as login
- and I save the settings
- Given an anonymous user
- and the registration form
- Then the email field is shown in the page
- and the username field is not shown in the page
-
-Scenario: Enable use uuid as uid in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I enable uuid as user id
- and I save the settings
- Given an anonymous user
- When I register to the site
- and I login to the site
- Then uuid should be used for user id
-
-
-*** Keywords *****************************************************************
-
-# --- GIVEN ------------------------------------------------------------------
-
-a logged-in site administrator
- Enable autologin as Site Administrator
-
-an anonymous user
- Disable autologin
-
-the security control panel
- Go to ${PLONE_URL}/@@security-controlpanel
-
-the registration form
- Go to ${PLONE_URL}/@@register
-
-the front page
- Go to ${PLONE_URL}
-
-# --- WHEN -------------------------------------------------------------------
-
-I enable self registration
- Select Checkbox form.widgets.enable_self_reg:list
-
-I enable users to select their own passwords
- Select Checkbox form.widgets.enable_user_pwd_choice:list
-
-I enable use email as login
- Select Checkbox form.widgets.use_email_as_login:list
-
-I enable user folders
- Select Checkbox form.widgets.enable_user_folders:list
-
-I enable uuid as user id
- Select Checkbox form.widgets.use_uuid_as_userid:list
-
-I save the settings
- Click Button Save
- Wait until page contains Changes saved
-
-I register to the site
- Go to ${PLONE_URL}/@@register
- Input Text form.widgets.username joe
- Input Text form.widgets.email joe at test.com
- Input Text form.widgets.password supersecret
- Input Text form.widgets.password_ctl supersecret
- Click Button Register
-
-I login to the site
- Go to ${PLONE_URL}/login
- Input Text __ac_name joe
- Input Text __ac_password supersecret
- Click Button Log in
- Wait until page contains You are now logged in
-
-
-# --- THEN -------------------------------------------------------------------
-
-The registration link is shown in the page
- Element Should Be Visible xpath=//a[@id='personaltools-join']
-
-The password field is shown in the page
- Element Should Be Visible xpath=//input[@id='form-widgets-password']
-
-The email field is shown in the page
- Element Should Be Visible xpath=//input[@id='form-widgets-email']
-
-The username field is not shown in the page
- Element Should Not Be Visible xpath=//input[@id='form-widgets-username']
-
-The user folder should be created
- Go to ${PLONE_URL}/Members/joe
- Element Should Contain css=h1.documentFirstHeading joe
- Page should Not contain This page does not seem to exist
-
-# XXX: Here we can't really test that this is a uuid, since it's random, so
-# we just check that user id is not equal to username or email
-uuid should be used for user id
- ${userid}= Get Text user-name
- Should Not Be Equal As Strings ${userid} joe
- Should Not Be Equal As Strings ${userid} joe at test.com
Repository: Products.CMFPlone
Branch: refs/heads/master
Date: 2014-08-30T07:24:40+02:00
Author: Timo Stollenwerk (tisto) <tisto at plone.org>
Commit: https://github.com/plone/Products.CMFPlone/commit/927c47f370b224fe6bdfc0af889b9f1371ce857a
Merge pull request #269 from plone/revert-264-plip10359-security-controlpanel
Revert "Plip10359 - move security controlpanel from plone.app.controlpan...
Files changed:
M Products/CMFPlone/controlpanel/bbb/configure.zcml
M Products/CMFPlone/controlpanel/browser/configure.zcml
M Products/CMFPlone/controlpanel/configure.zcml
M Products/CMFPlone/controlpanel/events.py
M Products/CMFPlone/interfaces/__init__.py
M Products/CMFPlone/interfaces/controlpanel.py
M Products/CMFPlone/profiles/dependencies/registry.xml
M Products/CMFPlone/testing.py
D Products/CMFPlone/controlpanel/bbb/security.py
D Products/CMFPlone/controlpanel/browser/emaillogin.pt
D Products/CMFPlone/controlpanel/browser/security.py
D Products/CMFPlone/controlpanel/events.zcml
D Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
D Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
D Products/CMFPlone/controlpanel/utils.py
D Products/CMFPlone/tests/robot/test_controlpanel_security.robot
diff --git a/Products/CMFPlone/controlpanel/bbb/configure.zcml b/Products/CMFPlone/controlpanel/bbb/configure.zcml
index 4713645..c647f0b 100644
--- a/Products/CMFPlone/controlpanel/bbb/configure.zcml
+++ b/Products/CMFPlone/controlpanel/bbb/configure.zcml
@@ -7,7 +7,6 @@
<adapter factory=".maintenance.MaintenanceControlPanelAdapter" />
<adapter factory=".navigation.NavigationControlPanelAdapter" />
<adapter factory=".search.SearchControlPanelAdapter" />
- <adapter factory=".security.SecurityControlPanelAdapter" />
<adapter factory=".site.SiteControlPanelAdapter" />
</configure>
diff --git a/Products/CMFPlone/controlpanel/bbb/security.py b/Products/CMFPlone/controlpanel/bbb/security.py
deleted file mode 100644
index 2d05160..0000000
--- a/Products/CMFPlone/controlpanel/bbb/security.py
+++ /dev/null
@@ -1,78 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces.siteroot import IPloneSiteRoot
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.registry.interfaces import IRegistry
-from zope.component import adapts
-from zope.component import getUtility
-from zope.interface import implements
-from zope.site.hooks import getSite
-
-
-class SecurityControlPanelAdapter(object):
-
- adapts(IPloneSiteRoot)
- implements(ISecuritySchema)
-
- def __init__(self, context):
- self.portal = getSite()
- self.pmembership = getToolByName(context, 'portal_membership')
- registry = getUtility(IRegistry)
- self.settings = registry.forInterface(
- ISecuritySchema, prefix="plone")
-
- def get_enable_self_reg(self):
- return self.settings.enable_self_reg
-
- def set_enable_self_reg(self, value):
- # additional processing in the event handler
- self.settings.enable_self_reg = value
-
- enable_self_reg = property(get_enable_self_reg, set_enable_self_reg)
-
- def get_enable_user_pwd_choice(self):
- return self.settings.enable_user_pwd_choice
-
- def set_enable_user_pwd_choice(self, value):
- self.settings.enable_user_pwd_choice = value
-
- enable_user_pwd_choice = property(get_enable_user_pwd_choice,
- set_enable_user_pwd_choice)
-
- def get_enable_user_folders(self):
- return self.settings.enable_user_folders
-
- def set_enable_user_folders(self, value):
- # additional processing in the event handler
- self.settings.enable_user_folders = value
-
- enable_user_folders = property(get_enable_user_folders,
- set_enable_user_folders)
-
- def get_allow_anon_views_about(self):
- return self.settings.allow_anon_views_about
-
- def set_allow_anon_views_about(self, value):
- self.settings.allow_anon_views_about = value
-
- allow_anon_views_about = property(get_allow_anon_views_about,
- set_allow_anon_views_about)
-
- def get_use_email_as_login(self):
- return self.settings.use_email_as_login
-
- def set_use_email_as_login(self, value):
- # additional processing in the event handler
- self.settings.use_email_as_login = value
-
- use_email_as_login = property(get_use_email_as_login,
- set_use_email_as_login)
-
- def get_use_uuid_as_userid(self):
- return self.settings.use_uuid_as_userid
-
- def set_use_uuid_as_userid(self, value):
- self.settings.use_uuid_as_userid = value
-
- use_uuid_as_userid = property(get_use_uuid_as_userid,
- set_use_uuid_as_userid)
diff --git a/Products/CMFPlone/controlpanel/browser/configure.zcml b/Products/CMFPlone/controlpanel/browser/configure.zcml
index 551d824..bf55faf 100644
--- a/Products/CMFPlone/controlpanel/browser/configure.zcml
+++ b/Products/CMFPlone/controlpanel/browser/configure.zcml
@@ -35,23 +35,6 @@
permission="plone.app.controlpanel.Search"
/>
- <!-- Security Control Panel -->
- <browser:page
- name="security-controlpanel"
- for="Products.CMFPlone.interfaces.IPloneSiteRoot"
- class=".security.SecurityControlPanel"
- permission="plone.app.controlpanel.Security"
- />
-
- <!-- Security Control Panel - EMail Login -->
- <browser:page
- for="Products.CMFPlone.interfaces.IPloneSiteRoot"
- name="migrate-to-emaillogin"
- class=".security.EmailLogin"
- template="emaillogin.pt"
- permission="cmf.ManagePortal"
- />
-
<!-- Site Control Panel -->
<browser:page
name="site-controlpanel"
diff --git a/Products/CMFPlone/controlpanel/browser/emaillogin.pt b/Products/CMFPlone/controlpanel/browser/emaillogin.pt
deleted file mode 100644
index 16c3949..0000000
--- a/Products/CMFPlone/controlpanel/browser/emaillogin.pt
+++ /dev/null
@@ -1,67 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
- xmlns:tal="http://xml.zope.org/namespaces/tal"
- xmlns:metal="http://xml.zope.org/namespaces/metal"
- xmlns:i18n="http://xml.zope.org/namespaces/i18n"
- metal:use-macro="context/prefs_main_template/macros/master"
- i18n:domain="plone">
-
-<body>
-
- <metal:main metal:fill-slot="prefs_configlet_content">
- <h1 class="documentFirstHeading"
- i18n:translate="heading_find_duplicate_login_names">
- Find duplicate login names
- </h1>
-
- <p i18n:translate="help_duplicate_login_names">
- Switching the email login setting in the
- <a i18n:name="link"
- tal:attributes="href string:${context/portal_url}/@@security-controlpanel"
- i18n:translate="">Security settings</a>
- on or off automatically changes the login name for existing users.
- This may fail when there are duplicates.
- On this page you can search for duplicates.
- </p>
-
- <div tal:condition="request/form/submitted|nothing">
- <div tal:condition="view/duplicates">
- <p i18n:translate="msg_login_duplicates_found">
- The following login names would be used by more than one account:
- </p>
- <ul>
- <ol tal:repeat="dup view/duplicates">
- <span tal:content="python:dup[0]" />:
- <span tal:repeat="account python:dup[1]" tal:content="account" />
- </ol>
- </ul>
- </div>
- <div tal:condition="not:view/duplicates">
- <p i18n:translate="msg_no_login_duplicates_found">
- No login names found that are used by more than one account.
- </p>
- </div>
- </div>
-
- <form action=""
- name="emaillogin-migrate"
- method="post"
- class="enableUnloadProtection enableAutoFocus">
- <div class="formControls">
- <input type="hidden" name="submitted" value="submitted" id="submitted" />
- <input class="context"
- type="submit"
- name="check_email"
- value="Check for duplicate emails"
- i18n:attributes="value label_check_duplicate_emails" />
- <br />
- <input class="context"
- type="submit"
- name="check_userid"
- value="Check for duplicate lower case user ids"
- i18n:attributes="value label_check_duplicate_user_ids" />
- </div>
- </form>
-
- </metal:main>
-</body>
-</html>
diff --git a/Products/CMFPlone/controlpanel/browser/security.py b/Products/CMFPlone/controlpanel/browser/security.py
deleted file mode 100644
index 1026f27..0000000
--- a/Products/CMFPlone/controlpanel/browser/security.py
+++ /dev/null
@@ -1,127 +0,0 @@
-from Acquisition import aq_inner
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.Five.browser import BrowserView
-from collections import defaultdict
-from plone.app.registry.browser import controlpanel
-
-import logging
-
-logger = logging.getLogger('Products.CMFPlone')
-
-
-class SecurityControlPanelForm(controlpanel.RegistryEditForm):
-
- id = "SecurityControlPanel"
- label = _(u"Security settings")
- schema = ISecuritySchema
- schema_prefix = "plone"
-
-
-class SecurityControlPanel(controlpanel.ControlPanelFormWrapper):
- form = SecurityControlPanelForm
-
-
-class EmailLogin(BrowserView):
- """View to help in migrating to or from using email as login.
-
- We used to change the login name of existing users here, but that
- is now done by checking or unchecking the option in the security
- control panel. Here you can only search for duplicates.
- """
-
- duplicates = []
-
- def __call__(self):
- if self.request.form.get('check_email'):
- self.duplicates = self.check_email()
- elif self.request.form.get('check_userid'):
- self.duplicates = self.check_userid()
- return self.index()
-
- @property
- def _email_list(self):
- context = aq_inner(self.context)
- pas = getToolByName(context, 'acl_users')
- emails = defaultdict(list)
- orig_transform = pas.login_transform
- try:
- if not orig_transform:
- # Temporarily set this to lower, as that will happen
- # when turning emaillogin on.
- pas.login_transform = 'lower'
- for user in pas.getUsers():
- if user is None:
- # Created in the ZMI?
- continue
- email = user.getProperty('email', '')
- if email:
- email = pas.applyTransform(email)
- else:
- logger.warn("User %s has no email address.",
- user.getUserId())
- # Add the normal login name anyway.
- email = pas.applyTransform(user.getUserName())
- emails[email].append(user.getUserId())
- finally:
- pas.login_transform = orig_transform
- return emails
-
- def check_email(self):
- duplicates = []
- for email, userids in self._email_list.items():
- if len(userids) > 1:
- logger.warn("Duplicate accounts for email address %s: %r",
- email, userids)
- duplicates.append((email, userids))
-
- return duplicates
-
- @property
- def _userid_list(self):
- # user ids are unique, but their lowercase version might not
- # be unique.
- context = aq_inner(self.context)
- pas = getToolByName(context, 'acl_users')
- userids = defaultdict(list)
- orig_transform = pas.login_transform
- try:
- if not orig_transform:
- # Temporarily set this to lower, as that will happen
- # when turning emaillogin on.
- pas.login_transform = 'lower'
- for user in pas.getUsers():
- if user is None:
- continue
- login_name = pas.applyTransform(user.getUserName())
- userids[login_name].append(user.getUserId())
- finally:
- pas.login_transform = orig_transform
- return userids
-
- def check_userid(self):
- duplicates = []
- for login_name, userids in self._userid_list.items():
- if len(userids) > 1:
- logger.warn("Duplicate accounts for lower case user id "
- "%s: %r", login_name, userids)
- duplicates.append((login_name, userids))
-
- return duplicates
-
- def switch_to_email(self):
- # This is not used and is only here for backwards
- # compatibility. It avoids a test failure in
- # Products.CMFPlone.
- # XXX: check if this can be removed
- migrate_to_email_login(self.context)
-
- def switch_to_userid(self):
- # This is not used and is only here for backwards
- # compatibility. It avoids a test failure in
- # Products.CMFPlone.
- # XXX: check if this can be removed
- migrate_from_email_login(self.context)
diff --git a/Products/CMFPlone/controlpanel/configure.zcml b/Products/CMFPlone/controlpanel/configure.zcml
index 93d5b49..1b49eda 100644
--- a/Products/CMFPlone/controlpanel/configure.zcml
+++ b/Products/CMFPlone/controlpanel/configure.zcml
@@ -7,6 +7,4 @@
<include package=".bbb" />
<include package=".browser" />
- <include file="events.zcml" />
-
</configure>
diff --git a/Products/CMFPlone/controlpanel/events.py b/Products/CMFPlone/controlpanel/events.py
index 4e5a96e..206ba47 100644
--- a/Products/CMFPlone/controlpanel/events.py
+++ b/Products/CMFPlone/controlpanel/events.py
@@ -1,18 +1,9 @@
-from Products.CMFCore.ActionInformation import Action
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.controlpanel.utils import migrate_to_email_login
-from Products.CMFPlone.controlpanel.utils import migrate_from_email_login
-from Products.CMFPlone.interfaces import IConfigurationChangedEvent
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.utils import safe_hasattr
-from plone.registry.interfaces import IRecordModifiedEvent
from zope.component import adapter
from zope.component import queryUtility
from zope.interface import implements
from zope.ramcache.interfaces.ram import IRAMCache
-from zope.site.hooks import getSite
+from Products.CMFPlone.interfaces import IConfigurationChangedEvent
class ConfigurationChangedEvent(object):
implements(IConfigurationChangedEvent)
@@ -27,102 +18,3 @@ def handleConfigurationChangedEvent(event):
util = queryUtility(IRAMCache)
if util is not None:
util.invalidateAll()
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_self_reg(obj, event):
- """Additional configuration when the ``enable_self_reg``
- setting is updated in the ``Security```control panel.
-
- If the setting is enabled, the ``Add portal member`` permission is
- added to ``Anonymous`` role to allow self registration for anonymous
- users. If the setting is disabled, this permission is removed.
- """
- if event.record.fieldName != 'enable_self_reg':
- return
-
- portal = getSite()
- value = event.newValue
- app_perms = portal.rolesOfPermission(
- permission='Add portal member')
- reg_roles = []
-
- for app_perm in app_perms:
- if app_perm['selected'] == 'SELECTED':
- reg_roles.append(app_perm['name'])
- if value is True and 'Anonymous' not in reg_roles:
- reg_roles.append('Anonymous')
- if value is False and 'Anonymous' in reg_roles:
- reg_roles.remove('Anonymous')
-
- portal.manage_permission('Add portal member', roles=reg_roles,
- acquire=0)
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_enable_user_folders(obj, event):
- """Additional configuration when the ``enable_user_folders``
- setting is updated in the ``Security```control panel.
-
- If the setting is enabled, a new user action is added with a link to
- the personal folder. If the setting is disabled, the action is hidden.
- """
- if event.record.fieldName != 'enable_user_folders':
- return
-
- portal = getSite()
- value = event.newValue
-
- membership = getToolByName(portal, 'portal_membership')
- membership.memberareaCreationFlag = value
-
- # support the 'my folder' user action #8417
- portal_actions = getToolByName(portal, 'portal_actions', None)
- if portal_actions is not None:
- object_category = getattr(portal_actions, 'user', None)
- if value and not safe_hasattr(object_category, 'mystuff'):
- # add action
- _add_mystuff_action(object_category)
- elif safe_hasattr(object_category, 'mystuff'):
- a = getattr(object_category, 'mystuff')
- a.visible = bool(value) # show/hide action
-
-
-def _add_mystuff_action(object_category):
- new_action = Action(
- 'mystuff',
- title=_(u'My Folder'),
- description='',
- url_expr='string:${portal/portal_membership/getHomeUrl}',
- available_expr='python:(member is not None) and \
- (portal.portal_membership.getHomeFolder() is not None) ',
- permissions=('View',),
- visible=True,
- i18n_domain='plone'
- )
- object_category._setObject('mystuff', new_action)
- # move action to top, at least before the logout action
- object_category.moveObjectsToTop(('mystuff'))
-
-
- at adapter(ISecuritySchema, IRecordModifiedEvent)
-def handle_use_email_as_login(obj, event):
- """Additional configuration when the ``use_email_as_login``
- setting is updated in the ``Security```control panel.
-
- If the setting is enabled, existing users' login names are migrated
- to email. If the setting is disabled, then the login names are migrated
- back to user ids.
- """
- if event.record.fieldName != 'use_email_as_login':
- return
-
- value = event.newValue
- if value == event.oldValue:
- # no change
- return
- context = getSite()
- if value:
- migrate_to_email_login(context)
- else:
- migrate_from_email_login(context)
diff --git a/Products/CMFPlone/controlpanel/events.zcml b/Products/CMFPlone/controlpanel/events.zcml
deleted file mode 100644
index 665959b..0000000
--- a/Products/CMFPlone/controlpanel/events.zcml
+++ /dev/null
@@ -1,5 +0,0 @@
-<configure xmlns="http://namespaces.zope.org/zope">
- <subscriber handler=".events.handle_enable_self_reg" />
- <subscriber handler=".events.handle_enable_user_folders" />
- <subscriber handler=".events.handle_use_email_as_login" />
-</configure>
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
deleted file mode 100644
index c2cb8e9..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_bbb_security_adapter.py
+++ /dev/null
@@ -1,130 +0,0 @@
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelAdapterTest(unittest.TestCase):
-
- layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
- def setUp(self):
- self.portal = self.layer['portal']
- self.request = self.layer['request']
- setRoles(self.portal, TEST_USER_ID, ['Manager'])
- self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
- def test_adapter_lookup(self):
- self.assertTrue(getAdapter(self.portal, ISecuritySchema))
-
- def test_get_enable_self_reg_setting(self):
- self.assertEquals(
- self.security_settings.enable_self_reg,
- False
- )
-
- def test_set_enable_self_reg_setting(self):
- self.security_settings.enable_self_reg = False
- self.assertEquals(
- self.security_settings.enable_self_reg,
- False
- )
- self.security_settings.enable_self_reg = True
- self.assertEquals(
- self.security_settings.enable_self_reg,
- True
- )
-
- def test_get_enable_user_pwd_choice_setting(self):
- self.assertEquals(
- self.security_settings.enable_user_pwd_choice,
- False
- )
-
- def test_set_enable_user_pwd_choice_setting(self):
- self.security_settings.enable_user_pwd_choice = False
- self.assertEquals(
- self.security_settings.enable_user_pwd_choice,
- False
- )
- self.security_settings.enable_user_pwd_choice = True
- self.assertEquals(
- self.security_settings.enable_user_pwd_choice,
- True
- )
-
- def test_get_enable_user_folders_setting(self):
- self.assertEquals(
- self.security_settings.enable_user_folders,
- False
- )
-
- def test_set_enable_user_folders_setting(self):
- self.security_settings.enable_user_folders = False
- self.assertEquals(
- self.security_settings.enable_user_folders,
- False
- )
- self.security_settings.enable_user_folders = True
- self.assertEquals(
- self.security_settings.enable_user_folders,
- True
- )
-
- def test_get_allow_anon_views_about_setting(self):
- self.assertEquals(
- self.security_settings.allow_anon_views_about,
- False
- )
-
- def test_set_allow_anon_views_about_setting(self):
- self.security_settings.allow_anon_views_about = False
- self.assertEquals(
- self.security_settings.allow_anon_views_about,
- False
- )
- self.security_settings.allow_anon_views_about = True
- self.assertEquals(
- self.security_settings.allow_anon_views_about,
- True
- )
-
- def test_get_use_email_as_login_setting(self):
- self.assertEquals(
- self.security_settings.use_email_as_login,
- False
- )
-
- def test_set_use_email_as_login_setting(self):
- self.security_settings.use_email_as_login = False
- self.assertEquals(
- self.security_settings.use_email_as_login,
- False
- )
- self.security_settings.use_email_as_login = True
- self.assertEquals(
- self.security_settings.use_email_as_login,
- True
- )
-
- def test_get_use_uuid_as_userid_setting(self):
- self.assertEquals(
- self.security_settings.use_uuid_as_userid,
- False
- )
-
- def test_set_use_uuid_as_userid_setting(self):
- self.security_settings.use_uuid_as_userid = False
- self.assertEquals(
- self.security_settings.use_uuid_as_userid,
- False
- )
- self.security_settings.use_uuid_as_userid = True
- self.assertEquals(
- self.security_settings.use_uuid_as_userid,
- True
- )
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
deleted file mode 100644
index 098cd47..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_security.py
+++ /dev/null
@@ -1,103 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-from plone.app.testing import SITE_OWNER_NAME, SITE_OWNER_PASSWORD
-from plone.registry.interfaces import IRegistry
-from plone.testing.z2 import Browser
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityControlPanelFunctionalTest(unittest.TestCase):
- """Test that changes in the security control panel are actually
- stored in the registry.
- """
-
- layer = PRODUCTS_CMFPLONE_FUNCTIONAL_TESTING
-
- def setUp(self):
- self.app = self.layer['app']
- self.portal = self.layer['portal']
- self.portal_url = self.portal.absolute_url()
- registry = getUtility(IRegistry)
- self.settings = registry.forInterface(
- ISecuritySchema, prefix="plone")
- self.browser = Browser(self.app)
- self.browser.handleErrors = False
- self.browser.addHeader(
- 'Authorization',
- 'Basic %s:%s' % (SITE_OWNER_NAME, SITE_OWNER_PASSWORD,)
- )
-
- def test_security_control_panel_link(self):
- self.browser.open(
- "%s/plone_control_panel" % self.portal_url)
- self.browser.getLink('Security').click()
-
- def test_security_control_panel_backlink(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.assertTrue("Plone Configuration" in self.browser.contents)
-
- def test_security_control_panel_sidebar(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getLink('Site Setup').click()
- self.assertEqual(
- self.browser.url,
- 'http://nohost/plone/@@overview-controlpanel')
-
- def test_enable_self_reg(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl('Enable self-registration').selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.enable_self_reg, True)
-
- def test_enable_user_pwd_choice(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- 'Let users select their own passwords').selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.enable_user_pwd_choice, True)
-
- def test_enable_user_folders(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- 'Enable User Folders').selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.enable_user_folders, True)
-
- def test_allow_anon_views_about(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- "Allow anyone to view 'about' information").selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.allow_anon_views_about, True)
-
- def test_use_email_as_login(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- "Use email address as login name").selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.use_email_as_login, True)
-
- def test_use_uuid_as_userid(self):
- self.browser.open(
- "%s/@@security-controlpanel" % self.portal_url)
- self.browser.getControl(
- "Use UUID user ids").selected = True
- self.browser.getControl('Save').click()
-
- self.assertEqual(self.settings.use_uuid_as_userid, True)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
deleted file mode 100644
index b5ff729..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_events.py
+++ /dev/null
@@ -1,141 +0,0 @@
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from plone.app.testing import TEST_USER_ID
-from plone.app.testing import setRoles
-from zope.component import getAdapter
-
-import unittest
-
-
-class SecurityControlPanelEventsTest(unittest.TestCase):
-
- layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
- def setUp(self):
- self.portal = self.layer['portal']
- self.request = self.layer['request']
- setRoles(self.portal, TEST_USER_ID, ['Manager'])
- self.security_settings = getAdapter(self.portal, ISecuritySchema)
-
- def _create_user(self, user_id=None, email=None):
- """Helper function for creating a test user."""
- registration = getToolByName(self.portal, 'portal_registration', None)
- registration.addMember(
- user_id,
- 'password',
- ['Member'],
- properties={'email': email, 'username': user_id}
- )
- membership = getToolByName(self.portal, 'portal_membership', None)
- return membership.getMemberById(user_id)
-
- def _is_self_reg_enabled(self):
- """Helper function to determine if self registration was properly
- enabled.
- """
- app_perms = self.portal.rolesOfPermission(
- permission='Add portal member')
- for app_perm in app_perms:
- if app_perm['name'] == 'Anonymous' \
- and app_perm['selected'] == 'SELECTED':
- return True
- return False
-
- def test_handle_enable_self_reg_condition_check(self):
- """Check that this event handler is not run for other ISecuritySchema
- records.
- """
- self.assertFalse(self._is_self_reg_enabled())
- self.security_settings.use_uuid_as_userid = True
- self.assertFalse(self._is_self_reg_enabled())
-
- def test_handle_enable_self_reg_disabled(self):
- self.security_settings.enable_self_reg = False
- self.assertFalse(self._is_self_reg_enabled())
-
- def test_handle_enable_self_reg_enabled(self):
- self.security_settings.enable_self_reg = True
- self.assertTrue(self._is_self_reg_enabled())
-
- def test_handle_enable_user_folders_condition_check(self):
- """Check that this event handler is not run for other ISecuritySchema
- records.
- """
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
- self.assertFalse('mystuff' in portal_actions['user'].keys())
- self.security_settings.use_uuid_as_userid = True
- self.assertFalse('mystuff' in portal_actions['user'].keys())
-
- def test_handle_enable_user_folders_enabled_no_mystuff_yet(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if we enable the setting, mystuff action should be added
- self.assertFalse('mystuff' in portal_actions['user'].keys())
- self.security_settings.enable_user_folders = True
- self.assertTrue('mystuff' in portal_actions['user'].keys())
- self.assertTrue(portal_actions['user']['mystuff'].visible)
-
- def test_handle_enable_user_folders_enabled_has_mystuff(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if we enable the setting, disable it, then enable it again,
- # the mystuff action should still be there and visible
- self.security_settings.enable_user_folders = True
- self.security_settings.enable_user_folders = False
- self.security_settings.enable_user_folders = True
-
- self.assertTrue('mystuff' in portal_actions['user'].keys())
- self.assertTrue(portal_actions['user']['mystuff'].visible)
-
- def test_handle_enable_user_folders_disabled_no_mystuff_yet(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if the mystuff action is not there yet, this should have no effect
- self.security_settings.enable_user_folders = False
- self.assertFalse('mystuff' in portal_actions['user'].keys())
-
- def test_handle_enable_user_folders_disabled_has_mystuff(self):
- portal_actions = getToolByName(self.portal, 'portal_actions', None)
-
- # if the setting was enabled and then disabled, the mystuff action
- # should be hidden
- self.security_settings.enable_user_folders = True
- self.security_settings.enable_user_folders = False
- self.assertTrue('mystuff' in portal_actions['user'].keys())
- self.assertFalse(portal_actions['user']['mystuff'].visible)
-
- def test_handle_use_email_as_login_condition_check(self):
- """Check that this event handler is not run for other ISecuritySchema
- records.
- """
- self._create_user(user_id='joe', email='joe at test.com')
- pas = getToolByName(self.portal, 'acl_users')
-
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
- self.security_settings.use_uuid_as_userid = True
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
-
- def test_handle_use_email_as_login_enabled(self):
- self._create_user(user_id='joe', email='joe at test.com')
- pas = getToolByName(self.portal, 'acl_users')
-
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
- self.assertEquals(len(pas.searchUsers(name='joe')), 1)
-
- # if we enable use_email_as_login, login name should be migrated
- # to email
- self.security_settings.use_email_as_login = True
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 1)
-
- def test_handle_use_email_as_login_disabled(self):
- self._create_user(user_id='joe', email='joe at test.com')
- pas = getToolByName(self.portal, 'acl_users')
-
- # if we enable use_email_as_login, then disabled it, the login name
- # should be migrated back to user id
- self.security_settings.use_email_as_login = True
- self.security_settings.use_email_as_login = False
- self.assertEquals(len(pas.searchUsers(name='joe at test.com')), 0)
- self.assertEquals(len(pas.searchUsers(name='joe')), 1)
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
deleted file mode 100644
index 3b29843..0000000
--- a/Products/CMFPlone/controlpanel/tests/test_controlpanel_security.py
+++ /dev/null
@@ -1,56 +0,0 @@
-# -*- coding: utf-8 -*-
-from Products.CMFCore.utils import getToolByName
-from Products.CMFPlone.interfaces import ISecuritySchema
-from Products.CMFPlone.testing import \
- PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-from plone.app.testing import TEST_USER_ID, setRoles
-from plone.registry.interfaces import IRegistry
-from zope.component import getMultiAdapter
-from zope.component import getUtility
-
-import unittest2 as unittest
-
-
-class SecurityRegistryIntegrationTest(unittest.TestCase):
- """Test that the security settings are stored as plone.app.registry
- settings.
- """
-
- layer = PRODUCTS_CMFPLONE_INTEGRATION_TESTING
-
- def setUp(self):
- self.portal = self.layer['portal']
- self.request = self.layer['request']
- setRoles(self.portal, TEST_USER_ID, ['Manager'])
- registry = getUtility(IRegistry)
- self.settings = registry.forInterface(
- ISecuritySchema, prefix="plone")
-
- def test_security_controlpanel_view(self):
- view = getMultiAdapter((self.portal, self.portal.REQUEST),
- name="security-controlpanel")
- view = view.__of__(self.portal)
- self.assertTrue(view())
-
- def test_plone_app_registry_in_controlpanel(self):
- self.controlpanel = getToolByName(self.portal, "portal_controlpanel")
- self.assertTrue('plone.app.registry' in [a.getAction(self)['id']
- for a in self.controlpanel.listActions()])
-
- def test_enable_self_reg_setting(self):
- self.assertTrue(hasattr(self.settings, 'enable_self_reg'))
-
- def test_enable_user_pwd_choice_setting(self):
- self.assertTrue(hasattr(self.settings, 'enable_user_pwd_choice'))
-
- def test_enable_user_folders_setting(self):
- self.assertTrue(hasattr(self.settings, 'enable_user_folders'))
-
- def test_allow_anon_views_about_setting(self):
- self.assertTrue(hasattr(self.settings, 'allow_anon_views_about'))
-
- def test_use_email_as_login_setting(self):
- self.assertTrue(hasattr(self.settings, 'use_email_as_login'))
-
- def test_use_uuid_as_userid_setting(self):
- self.assertTrue(hasattr(self.settings, 'use_uuid_as_userid'))
diff --git a/Products/CMFPlone/controlpanel/utils.py b/Products/CMFPlone/controlpanel/utils.py
deleted file mode 100644
index 851ca34..0000000
--- a/Products/CMFPlone/controlpanel/utils.py
+++ /dev/null
@@ -1,52 +0,0 @@
-from Products.CMFCore.utils import getToolByName
-
-import logging
-
-
-logger = logging.getLogger('Products.CMFPlone.controlpanel')
-
-
-def migrate_to_email_login(context):
- pas = getToolByName(context, 'acl_users')
-
- # We want the login name to be lowercase here. This is new in
- # PAS. Using 'manage_changeProperties' would change the login
- # names immediately, but we want to do that explicitly ourselves
- # and set the lowercase email address as login name, instead of
- # the lower case user id.
- #pas.manage_changeProperties(login_transform='lower')
- pas.login_transform = 'lower'
-
- # Update the users.
- for user in pas.getUsers():
- if user is None:
- continue
- user_id = user.getUserId()
- email = user.getProperty('email', '')
- if email:
- login_name = pas.applyTransform(email)
- pas.updateLoginName(user_id, login_name)
- else:
- logger.warn("User %s has no email address.", user_id)
-
-
-def migrate_from_email_login(context):
- pas = getToolByName(context, 'acl_users')
-
- # Whether the login name is lowercase or not does not really
- # matter for this use case, but it may be better not to change
- # it at this point.
-
- # XXX
- pas.login_transform = ''
-
- # We do want to update the users.
- for user in pas.getUsers():
- if user is None:
- continue
- user_id = user.getUserId()
- # If we keep the transform to lowercase, then we must apply it
- # here as well, otherwise some users will not be able to
- # login, as their user id may be mixed or upper case.
- login_name = pas.applyTransform(user_id)
- pas.updateLoginName(user_id, login_name)
diff --git a/Products/CMFPlone/interfaces/__init__.py b/Products/CMFPlone/interfaces/__init__.py
index 2002944..20862b4 100644
--- a/Products/CMFPlone/interfaces/__init__.py
+++ b/Products/CMFPlone/interfaces/__init__.py
@@ -9,7 +9,6 @@
from controlpanel import IMaintenanceSchema
from controlpanel import INavigationSchema
from controlpanel import ISearchSchema
-from controlpanel import ISecuritySchema
from controlpanel import ISiteSchema
from controlpanel import ITypesSchema
from events import IConfigurationChangedEvent
diff --git a/Products/CMFPlone/interfaces/controlpanel.py b/Products/CMFPlone/interfaces/controlpanel.py
index c2f7172..c0f8656 100644
--- a/Products/CMFPlone/interfaces/controlpanel.py
+++ b/Products/CMFPlone/interfaces/controlpanel.py
@@ -207,70 +207,6 @@ class ISearchSchema(Interface):
)
-class ISecuritySchema(Interface):
-
- enable_self_reg = schema.Bool(
- title=_(u'Enable self-registration'),
- description=_(
- u"Allows users to register themselves on the site. If "
- u"not selected, only site managers can add new users."),
- default=False,
- required=False)
-
- enable_user_pwd_choice = schema.Bool(
- title=_(u'Let users select their own passwords'),
- description=_(
- u"If not selected, a URL will be generated and "
- u"e-mailed. Users are instructed to follow the link to "
- u"reach a page where they can change their password and "
- u"complete the registration process; this also verifies "
- u"that they have entered a valid email address."),
- default=False,
- required=False)
-
- enable_user_folders = schema.Bool(
- title=_(u'Enable User Folders'),
- description=_(
- u"If selected, home folders where users can create "
- u"content will be created when they log in."),
- default=False,
- required=False)
-
- allow_anon_views_about = schema.Bool(
- title=_(u"Allow anyone to view 'about' information"),
- description=_(
- u"If not selected only logged-in users will be able to "
- u"view information about who created an item and when it "
- u"was modified."),
- default=False,
- required=False)
-
- use_email_as_login = schema.Bool(
- title=_(u'Use email address as login name'),
- description=_(
- u"Allows users to login with their email address instead "
- u"of specifying a separate login name. This also updates "
- u"the login name of existing users, which may take a "
- u"while on large sites. The login name is saved as "
- u"lower case, but to be userfriendly it does not matter "
- u"which case you use to login. When duplicates are found, "
- u"saving this form will fail. You can use the "
- u"@@migrate-to-emaillogin page to show the duplicates."),
- default=False,
- required=False)
-
- use_uuid_as_userid = schema.Bool(
- title=_(u'Use UUID user ids'),
- description=_(
- u"Use automatically generated UUIDs as user id for new users. "
- u"When not turned on, the default is to use the same as the "
- u"login name, or when using the email address as login name we "
- u"generate a user id based on the fullname."),
- default=False,
- required=False)
-
-
-# XXX: Why does ISiteSchema inherit from ILockSettings here ???
class ISiteSchema(ILockSettings):
site_title = schema.TextLine(
diff --git a/Products/CMFPlone/profiles/dependencies/registry.xml b/Products/CMFPlone/profiles/dependencies/registry.xml
index 2a5c8f4..09916f8 100644
--- a/Products/CMFPlone/profiles/dependencies/registry.xml
+++ b/Products/CMFPlone/profiles/dependencies/registry.xml
@@ -8,8 +8,6 @@
prefix="plone" />
<records interface="Products.CMFPlone.interfaces.ISearchSchema"
prefix="plone" />
- <records interface="Products.CMFPlone.interfaces.ISecuritySchema"
- prefix="plone" />
<records interface="Products.CMFPlone.interfaces.ISiteSchema"
prefix="plone" />
<records interface="Products.CMFPlone.interfaces.IDateAndTimeSchema"
diff --git a/Products/CMFPlone/testing.py b/Products/CMFPlone/testing.py
index d33a8c0..ac5895a 100644
--- a/Products/CMFPlone/testing.py
+++ b/Products/CMFPlone/testing.py
@@ -43,15 +43,6 @@ def setUpPloneSite(self, portal):
id="test-folder",
title=u"Test Folder"
)
- # XXX: this is needed for tests that rely on the Members folder to be
- # present. This folder is otherwise created by a setup handler in
- # ATContentTypes, but that package is optional now.
- if 'Members' not in portal.keys():
- portal.invokeFactory(
- "Folder",
- id="Members",
- title=u"Members"
- )
def tearDownPloneSite(self, portal):
login(portal, 'admin')
diff --git a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot b/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
deleted file mode 100644
index 18e030d..0000000
--- a/Products/CMFPlone/tests/robot/test_controlpanel_security.robot
+++ /dev/null
@@ -1,152 +0,0 @@
-*** Settings ***
-
-Resource plone/app/robotframework/keywords.robot
-Resource plone/app/robotframework/saucelabs.robot
-
-Library Remote ${PLONE_URL}/RobotRemote
-
-Resource common.robot
-
-Test Setup Open SauceLabs test browser
-Test Teardown Run keywords Report test status Close all browsers
-
-
-*** Test Cases ***************************************************************
-
-Scenario: Enable self registration in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I save the settings
- Given an anonymous user
- and the front page
- Then the registration link is shown in the page
-
-Scenario: Enable users to select their own passwords in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I save the settings
- Given an anonymous user
- and the registration form
- Then the password field is shown in the page
-
-Scenario: Enable user folders in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I enable user folders
- and I save the settings
- Given an anonymous user
- When I register to the site
- and I login to the site
- Then the user folder should be created
-
-Scenario: Enable use email as login in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I enable use email as login
- and I save the settings
- Given an anonymous user
- and the registration form
- Then the email field is shown in the page
- and the username field is not shown in the page
-
-Scenario: Enable use uuid as uid in the Security Control Panel
- Given a logged-in site administrator
- and the security control panel
- When I enable self registration
- and I enable users to select their own passwords
- and I enable uuid as user id
- and I save the settings
- Given an anonymous user
- When I register to the site
- and I login to the site
- Then uuid should be used for user id
-
-
-*** Keywords *****************************************************************
-
-# --- GIVEN ------------------------------------------------------------------
-
-a logged-in site administrator
- Enable autologin as Site Administrator
-
-an anonymous user
- Disable autologin
-
-the security control panel
- Go to ${PLONE_URL}/@@security-controlpanel
-
-the registration form
- Go to ${PLONE_URL}/@@register
-
-the front page
- Go to ${PLONE_URL}
-
-# --- WHEN -------------------------------------------------------------------
-
-I enable self registration
- Select Checkbox form.widgets.enable_self_reg:list
-
-I enable users to select their own passwords
- Select Checkbox form.widgets.enable_user_pwd_choice:list
-
-I enable use email as login
- Select Checkbox form.widgets.use_email_as_login:list
-
-I enable user folders
- Select Checkbox form.widgets.enable_user_folders:list
-
-I enable uuid as user id
- Select Checkbox form.widgets.use_uuid_as_userid:list
-
-I save the settings
- Click Button Save
- Wait until page contains Changes saved
-
-I register to the site
- Go to ${PLONE_URL}/@@register
- Input Text form.widgets.username joe
- Input Text form.widgets.email joe at test.com
- Input Text form.widgets.password supersecret
- Input Text form.widgets.password_ctl supersecret
- Click Button Register
-
-I login to the site
- Go to ${PLONE_URL}/login
- Input Text __ac_name joe
- Input Text __ac_password supersecret
- Click Button Log in
- Wait until page contains You are now logged in
-
-
-# --- THEN -------------------------------------------------------------------
-
-The registration link is shown in the page
- Element Should Be Visible xpath=//a[@id='personaltools-join']
-
-The password field is shown in the page
- Element Should Be Visible xpath=//input[@id='form-widgets-password']
-
-The email field is shown in the page
- Element Should Be Visible xpath=//input[@id='form-widgets-email']
-
-The username field is not shown in the page
- Element Should Not Be Visible xpath=//input[@id='form-widgets-username']
-
-The user folder should be created
- Go to ${PLONE_URL}/Members/joe
- Element Should Contain css=h1.documentFirstHeading joe
- Page should Not contain This page does not seem to exist
-
-# XXX: Here we can't really test that this is a uuid, since it's random, so
-# we just check that user id is not equal to username or email
-uuid should be used for user id
- ${userid}= Get Text user-name
- Should Not Be Equal As Strings ${userid} joe
- Should Not Be Equal As Strings ${userid} joe at test.com
-------------------------------------------------------------------------------
More information about the Testbot
mailing list