univention.portal.extensions package

This directory is for any extension the portal may need (e.g. cache classes that are then referenced in the portals.json). Just put your files into this directory and they will be imported. But in order to make the portal aware of it, you need to use the metaclass univention.portal.Plugin As we use this directory, too, you may want to prefix your filename with your project name. Class names should be globally unique. Otherwise it is undefined which one the portal will pick.

Submodules

univention.portal.extensions.authenticator module

class univention.portal.extensions.authenticator.Session(nonce)[source]

Bases: object

is_valid()[source]
class univention.portal.extensions.authenticator.Authenticator[source]

Bases: object

Our base class for authentication May hold all the sessions, set cookies, etc.

The idea is that this class handles the following methods from the Portal: login_request: A user GETs to the login action login_user: Credentials are POSTed to this action get_user: While gathering the portal data, the caller wants

This base class does nothing…

get_auth_mode(request)[source]
async login_request(request)[source]
async login_user(request)[source]
async logout_user(request)[source]
async get_user(request)[source]
refresh(reason=None)[source]
class univention.portal.extensions.authenticator.UMCAuthenticator(auth_mode, umc_session_url, group_cache)[source]

Bases: univention.portal.extensions.authenticator.Authenticator

Specialized Authenticator that relies on a UMC that actually holds any session. Asks UMC for every request if this session is known.

auth_mode:

The preferred mode for auth. The portal hands it over to the frontend.

umc_session_url:

The URL where to go to with the cookie. Expects a json answer with the username.

group_cache:

As UMC does not return groups, we need a cache object that gets us the groups for the username.

get_auth_mode(request)[source]
refresh(reason=None)[source]
async get_user(request)[source]

univention.portal.extensions.cache module

class univention.portal.extensions.cache.Cache(cache_file, reloader=None)[source]

Bases: object

Base class for Caching in general

get: Gets the complete cache content. refresh: Refreshes the cache. Gets a “reason” to decide if this is really needed. The value “force” should be handled as if it is really needed.

cache_file:

Filename where the content is stored

reloader:

Class that handles the actual refresh

get_id()[source]
get()[source]
refresh(reason=None)[source]
class univention.portal.extensions.cache.PortalFileCache(cache_file, reloader=None)[source]

Bases: univention.portal.extensions.cache.Cache

Specialized cache for portal data. The implementation does not differ from that of a base cache, but it provides more specialized cache access methods that it needs in order to work with the Portal class.

get_user_links get_entries get_folders get_portal get_categories get_menu_links

get_entries()[source]
get_folders()[source]
get_portal()[source]
get_categories()[source]
class univention.portal.extensions.cache.GroupFileCache(cache_file, reloader=None)[source]

Bases: univention.portal.extensions.cache.Cache

Caching class for groups. In fact it is just the same as the normal Cache and just here in case we want to get smarter at some point.

univention.portal.extensions.demo_reloader module

class univention.portal.extensions.demo_reloader.DemoPortalReloader(portal_dn, cache_file)[source]

Bases: univention.portal.extensions.reloader.PortalReloaderUDM

univention.portal.extensions.portal module

class univention.portal.extensions.portal.Portal(scorer, portal_cache, authenticator)[source]

Bases: object

Base (and maybe only) class for a Portal. It is the only interface exposed to the portal tools, so you could replace it entirely. But these methods need to be implemented:

get_user: Get the user for the current request login_user: New login for a user login_request: An anonymous user wants to login get_visible_content:

The content that the frontend shall present. Should be filtered by the “user”. Also gets “admin_mode”, a boolean indicating whether the user requested all the content (and is authorized to do so)

get_user_links:

Get the user links in the portal, filtered by “user” and “admin_mode”

get_menu_links:

Get the menu links in the portal, filtered by “user” and “admin_mode”

get_entries:

Get all entries of “content”, which in turn was the return value of get_visible_content

get_folders:

Get all folders of “content”, which in turn was the return value of get_visible_content

get_categories:

Get all categories of “content”, which in turn was the return value of get_visible_content

auth_mode: Mode for auth based on given “request” may_be_edited: Whether a “user” may edit this portal get_meta:

Get some information about the portal itself, given “content” and “categories”. Those were return values of get_visible_content and get_categories.

refresh:

Refresh the portal data if needed (“reason” acts as a hint). Thereby allows the object to cache its content.

score: If multiple portals are configured, use the one with the

highest score for a given “request”.

scorer:

Object that does the actual scoring. Meant to get a Scorer object

portal_cache:

Object that holds the cache. Meant to get a Cache object

authenticator:

Object that does the whole auth thing. Meant to the a Authenticator object

get_cache_id()[source]
async get_user(request)[source]
async login_user(request)[source]
async login_request(request)[source]
async logout_user(request)[source]
get_visible_content(user, admin_mode)[source]
get_entries(content)[source]
get_folders(content)[source]
get_categories(content)[source]
auth_mode(request)[source]
may_be_edited(user)[source]
get_meta(content, categories)[source]
refresh(reason=None)[source]
score(request)[source]
class univention.portal.extensions.portal.UMCPortal(scorer, authenticator)[source]

Bases: univention.portal.extensions.portal.Portal

auth_mode(request)[source]
may_be_edited(user)[source]
get_visible_content(user, admin_mode)[source]
get_entries(content)[source]
get_folders(content)[source]
get_categories(content)[source]
get_meta(content, categories)[source]
refresh(reason=None)[source]
get_cache_id()[source]

univention.portal.extensions.reloader module

class univention.portal.extensions.reloader.Reloader[source]

Bases: object

Our base class for reloading

The idea is that this class handles the reloading for caches.

refresh: In fact the only method. Gets a “reason” so that it can

decide that a refresh is not necessary. If it was necessary, it should return True

A reason “force” should be treated as very important. If the reloader refreshed the content, the overlying cache will reload itself.

refresh(reason=None)[source]
class univention.portal.extensions.reloader.MtimeBasedLazyFileReloader(cache_file)[source]

Bases: univention.portal.extensions.reloader.Reloader

Specialized class that reloads if a certain (cache) file was updated. So if a seconds process updated the file and this class is asked to reload, it just returns True. If the reason fits, it actually refreshes the content and writes it into the file.

cache_file:

Filename this object is responsible for

refresh(reason=None, content=None)[source]
class univention.portal.extensions.reloader.PortalReloaderUDM(portal_dn, cache_file)[source]

Bases: univention.portal.extensions.reloader.MtimeBasedLazyFileReloader

Specialized class that reloads a cache file with the content of a certain portal object using UDM. Reacts on reasons like “ldap:portal:<correct_dn>”.

portal_dn:

DN of the portals/portal object

cache_file:

Filename this object is responsible for

class univention.portal.extensions.reloader.GroupsReloaderLDAP(ldap_uri, binddn, password_file, ldap_base, cache_file)[source]

Bases: univention.portal.extensions.reloader.MtimeBasedLazyFileReloader

Specialized class that reloads a cache file with the content of group object in LDAP. Reacts on the reason “ldap:group

ldap_uri:

URI for the LDAP connection, e.g. “ldap://ucs:7369

binddn:

The bind dn for the connection, e.g. “cn=ucs,cn=computers,…”

password_file:

Filename that holds the password for the binddn, e.g. “/etc/machine.secret”

ldap_base:

Base in which the groups are searched in. E.g., “dc=base,dc=com” or “cn=groups,ou=OU1,dc=base,dc=com”

cache_file:

Filename this object is responsible for

univention.portal.extensions.scorer module

class univention.portal.extensions.scorer.Scorer(score=1)[source]

Bases: object

Base class for portal scoring

The idea is that when multiple portals are configured, their scorers decide which portal is to be used for a request.

score: Gets a Tornado request and returns a number. The highest score wins.

score(request)[source]
class univention.portal.extensions.scorer.DomainScorer(domain, score=10, fallback_score=0)[source]

Bases: univention.portal.extensions.scorer.Scorer

Specialized Scorer that reponds if the request went against the configured domain. For this to work you have to make your portal system available under different domains.

domain:

Name of the domain, e.g. “myportal2.fqdn.com”

score(request)[source]
class univention.portal.extensions.scorer.PathScorer(path, score=10, fallback_score=0)[source]

Bases: univention.portal.extensions.scorer.Scorer

Specialized Scorer that reponds if the request went against the configured path. For this to work you have to make your portal available under different paths, e.g. “/univention/portal” and “/univention/portal2”.

path:

The path. Does not have to match exactly, but the request’s path needs to start with this value, e.g. “/portal2”.

score(request)[source]