comparison src/stdui/ui_profile_manager.py @ 1032:b262ae6d53af

stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
author souliane <souliane@mailoo.org>
date Wed, 07 May 2014 16:03:38 +0200
parents
children 066308706dc6
comparison
equal deleted inserted replaced
1031:e90125d07072 1032:b262ae6d53af
1 #!/usr/bin/python
2 # -*- coding: utf-8 -*-
3
4 # SAT standard user interface for managing contacts
5 # Copyright (C) 2009, 2010, 2011, 2012, 2013, 2014 Jérôme Poisson (goffi@goffi.org)
6 # Copyright (C) 2013, 2014 Adrien Cossa (souliane@mailoo.org)
7
8 # This program is free software: you can redistribute it and/or modify
9 # it under the terms of the GNU Affero General Public License as published by
10 # the Free Software Foundation, either version 3 of the License, or
11 # (at your option) any later version.
12
13 # This program is distributed in the hope that it will be useful,
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 # GNU Affero General Public License for more details.
17
18 # You should have received a copy of the GNU Affero General Public License
19 # along with this program. If not, see <http://www.gnu.org/licenses/>.
20
21 from sat.core.i18n import _, D_
22 from sat.core.constants import Const as C
23 from sat.tools import xml_tools
24 from sat.memory.crypto import PasswordHasher
25 from twisted.internet import defer
26
27
28 class ProfileManager(object):
29 """Manage profiles."""
30
31 def __init__(self, host):
32 self.host = host
33 self.profile_ciphers = {}
34 host.registerCallback(self._authenticateProfile, force_id=C.AUTHENTICATE_PROFILE_ID, with_data=True)
35
36 def _authenticateProfile(self, data, profile):
37 """Get the data/dialog for connecting a profile
38
39 @param data (dict)
40 @param profile: %(doc_profile)s
41 @return: deferred dict
42 """
43 def gotProfileCipher(profile_cipher):
44 if self.host.memory.auth_sessions.profileGetUnique(profile):
45 # case 1: profile already authenticated
46 return {'authenticated_profile': profile, 'caller': data['caller']}
47 self.profile_ciphers[profile] = profile_cipher
48 if 'profile_password' in data:
49 # case 2: password is provided by the caller
50 return self._verifyPassword(data, profile)
51
52 def check_empty_password(empty_password_result):
53 if 'authenticated_profile' in empty_password_result:
54 # case 3: there's no password for this profile
55 return empty_password_result
56
57 # case 4: prompt the user for a password
58 def xmlui_cb(data_, profile):
59 data_['caller'] = data['caller']
60 return self._verifyPassword(data_, profile)
61
62 callback_id = self.host.registerCallback(xmlui_cb, with_data=True, one_shot=True)
63 form_ui = xml_tools.XMLUI("form", title=D_('Profile password for %s') % profile, submit_id=callback_id)
64 form_ui.addPassword('profile_password', value='')
65 return {'xmlui': form_ui.toXml()}
66
67 check_empty_data = {'profile_password': '', 'caller': data['caller']}
68 d = self._verifyPassword(check_empty_data, profile)
69 return d.addCallback(check_empty_password)
70
71 assert(data['caller'])
72 d = self.host.memory.asyncGetStringParamA(C.PROFILE_PASS_PATH[1], C.PROFILE_PASS_PATH[0], profile_key=profile)
73 d.addCallback(gotProfileCipher)
74 d.addErrback(self.getParamError)
75 return d
76
77 def getParamError(self):
78 _dialog = xml_tools.XMLUI('popup', title=D_('Error'))
79 _dialog.addText(_("Can't get profile parameter."))
80 return {'xmlui': _dialog.toXml()}
81
82 @defer.inlineCallbacks
83 def _verifyPassword(self, data, profile):
84 """Verify the given password
85
86 @param data (dict)
87 @param profile: %(doc_profile)s
88 @return: deferred dict
89 """
90 assert(profile in self.profile_ciphers)
91 assert(data['caller'])
92
93 try:
94 profile_password = data[xml_tools.formEscape('profile_password')]
95 except KeyError:
96 profile_password = data['profile_password'] # not received from a user input
97 verified = yield PasswordHasher.verify(profile_password, self.profile_ciphers[profile])
98 if not verified:
99 _dialog = xml_tools.XMLUI('popup', title=D_('Error'))
100 _dialog.addText(_("The provided profile password doesn't match."))
101 defer.returnValue({'xmlui': _dialog.toXml()})
102
103 yield self.host.memory.newAuthSession(profile_password, profile)
104 defer.returnValue({'authenticated_profile': profile, 'caller': data['caller']})