Closed perrinjerome closed 3 years ago
Jérome Perrin wrote at 2021-4-28 02:11 -0700:
... Would it make sense to introduce a new transform
strip
? I can send a patch if that makes sense.
It looks too specialized.
If we change something, then _get_login_transform_method
should use an adapter to determine the transform method.
This way, applications could define any transformation they need
via configuration.
I found out I can use a python script in a parent folder and it will be used thanks to acquisition, but that seems better to do that in non-restricted python
You could use an "External Method"; this way, the transform
would be unrestricted. Of course, strip
can as easily be implemented
in restricted mode.
and without relying on acquisition.
You could put the callable object implementing the transform
directly on acl_users
itself, thus avoidung acquisition.
You would need to put this object programmatically into
acl_users
, because
the ZMI restricts the type for objects which can be put
(via the ZMI) into acl_users
.
Thanks for feedback.
This follows the style of the existing lower
and upper
transforms, but the login transform does not really follow the way of how the rest of PAS can be customized. Are you also thinking about something like an ILoginTransformationPlugin
with a method applyTransform
and then we could configure this with a plugin ?
Thanks also for the tips.
Jérome Perrin wrote at 2021-4-28 03:16 -0700:
Are you also thinking about something like an
ILoginTransformationPlugin
with a methodapplyTransform
and then we could configure this with a plugin ?
Not exactly. My thought was for the use of a ZTK (= "Zope Tool Kit") adapter. But your thought would provide similar flexibility and could be more in line with the PAS philosophy.
Thanks. I need to think more about all this.
This login transform functionality operate globally at PAS level, but I start to feel that conceptually this should operate only at the level of IUserEnumerationPlugin
- at least in my case I have multiple user sources, but stripping white space might not be OK for all the user sources. For my use case, I'm going to try implementing the transform in my custom IUserEnumerationPlugin
plugin.
( Edit: clarify that I'm planning to modify my custom code for now, not the ZODBUserManager
)
@perrinjerome Is this issue solved for you, so we can close it or is there still something open for you?
Yes, thanks again for feedback. There are better solutions than adding new transformation methods directly in PAS like I initially thought.
PAS allows to configure a "Transform to apply to login name" and come with two built in transforms:
lower
andupper
. Both also usevalue.strip()
:https://github.com/zopefoundation/Products.PluggableAuthService/blob/d77e403ca53b8b915d47c5a72549e1a3cde84934/src/Products/PluggableAuthService/PluggableAuthService.py#L1035-L1053
I have an application where I want to keep case sensitive names, but I'm interested in stripping the white spaces.
Would it make sense to introduce a new transform
strip
? I can send a patch if that makes sense.I found out I can use a python script in a parent folder and it will be used thanks to acquisition, but that seems better to do that in non-restricted python and without relying on acquisition.