provide login.html as concept view (for use with a query), + a similar unauthorized view

2015-10-19 16:26:41 +02:00 · 2015-10-19 16:26:41 +02:00 · c029cb2356
commit c029cb2356
parent e929a3154e
2 changed files with 43 additions and 3 deletions
--- a/browser/auth.py
+++ b/browser/auth.py
@ -1,5 +1,5 @@
 #
-#  Copyright (c) 2011 Helmut Merz helmutm@cy55.de
+#  Copyright (c) 2015 Helmut Merz helmutm@cy55.de
 #
 #  This program is free software; you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
 #

 """
-$Id$
+Login, logout, unauthorized stuff.
 """

 from zope.app.security.interfaces import IAuthentication
@ -25,14 +25,27 @@ from zope.app.security.interfaces import ILogout, IUnauthenticatedPrincipal
 from zope import component
 from zope.interface import implements

+from loops.browser.concept import ConceptView
 from loops.browser.node import NodeView
 from zope.app.pagetemplate import ViewPageTemplateFile
 from zope.cachedescriptors.property import Lazy


+template = ViewPageTemplateFile('auth.pt')
+
+
+class LoginConcept(ConceptView):
+
+    template = template
+
+    @Lazy
+    def macro(self):
+        return self.template.macros['login_form']
+
+
 class LoginForm(NodeView):

-    template = ViewPageTemplateFile('auth.pt')
+    template = template

    @Lazy
    def macro(self):
@ -59,3 +72,20 @@ class Logout(object):
        return self.request.response.redirect(nextUrl)


+class Unauthorized(ConceptView):
+
+    isTopLevel = True
+
+    def __init__(self, context, request):
+        self.context = context
+        self.request = request
+
+    def __call__(self):
+        response = self.request.response
+        response.setStatus(403)
+        # make sure that squid does not keep the response in the cache
+        response.setHeader('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT')
+        response.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate')
+        response.setHeader('Pragma', 'no-cache')
+        url = self.nodeView.topMenu.url
+        response.redirect(url + '/unauthorized')
--- a/browser/configure.zcml
+++ b/browser/configure.zcml
@ -44,6 +44,8 @@
        class="loops.browser.auth.Logout"
        permission="zope.View" />

+  <!-- see also view/adapter "login.html" in section "query views" -->
+
  <!-- macros -->

  <page
@ -537,6 +539,14 @@

  <!-- query views -->

+  <zope:adapter
+      name="login.html"
+      for="loops.interfaces.IConcept
+           zope.publisher.interfaces.browser.IBrowserRequest"
+      provides="zope.interface.Interface"
+      factory="loops.browser.auth.LoginConcept"
+      permission="zope.View" />
+
  <zope:adapter
      name="list_children.html"
      for="loops.interfaces.IConcept