Source Code for Module bodhi.identity.sobzprovider

 1  # $Id: sobzprovider.py,v 1.2 2007/01/03 21:21:18 lmacken Exp $ 
 2  # This program is free software; you can redistribute it and/or modify 
 3  # it under the terms of the GNU General Public License as published by 
 4  # the Free Software Foundation; version 2 of the License. 
 5  # 
 6  # This program is distributed in the hope that it will be useful, 
 7  # but WITHOUT ANY WARRANTY; without even the implied warranty of 
 8  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the 
 9  # GNU Library General Public License for more details. 
10  # 
11  # You should have received a copy of the GNU General Public License 
12  # along with this program; if not, write to the Free Software 
13  # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 
14   
15  """ 
16  This plugin provides authentication of passwords against Bugzilla via XML-RPC 
17  """ 
18   
19  import logging 
20  import xmlrpclib 
21   
22  from turbogears.identity.soprovider import * 
23  from turbogears import config 
24  from bodhi.model import User, VisitIdentity 
25   
26  log = logging.getLogger(__name__) 
27   
28 -class SoBugzillaIdentityProvider(SqlObjectIdentityProvider): 
29      """ 
30      IdentityProvider that authenticates users against Bugzilla via XML-RPC 
31      """ 
32 -    def __init__(self): 
33          super(SoBugzillaIdentityProvider, self).__init__() 
34          self.bz_server = config.get('bz_server') 
35   
36 -    def validate_identity(self, user_name, password, visit_key): 
37          newuser = False 
38          user_name = to_db_encoding(user_name, self.user_class_db_encoding) 
39   
40          try: 
41              user = User.by_user_name(user_name) 
42          except SQLObjectNotFound: 
43              log.info("Creating new user %s" % user_name) 
44              user = User(user_name=user_name) 
45              newuser = True 
46   
47          if not self.validate_password(user, user_name, password): 
48              log.warning("Invalid password for %s" % user_name) 
49              if newuser: 
50                  user.destroySelf() 
51              return None 
52   
53          log.info("Login successful for %s" % user_name) 
54   
55          try: 
56              link = VisitIdentity.by_visit_key(visit_key) 
57              link.user_id = user.id 
58          except SQLObjectNotFound: 
59              link = VisitIdentity(visit_key=visit_key, user_id=user.id) 
60   
61          return SqlObjectIdentity(visit_key, user) 
62   
63 -    def validate_password(self, user, user_name, password): 
64          """ 
65          Complete hack, but it works. 
66          Request bug #1 with the given username and password.  If a Fault is 
67          thrown, the username/pass is invalid; else, we're good to go. 
68          """ 
69          # if there is a password in our local database, then authenticate 
70          # against it (ie, guest, admin, etc) 
71          if user.password: 
72              log.debug("Authenticating against local password for %s" %user_name) 
73              return user.password == self.encrypt_password(password) 
74   
75          # if there is no password stored, then try the supplied password against 
76          # bugzilla by attempting to fetch bug #1 
77          try: 
78              server = xmlrpclib.Server(self.bz_server) 
79              server.bugzilla.getBugSimple('1', user_name, password) 
80          except xmlrpclib.Fault: 
81              return False 
82          return True 
83