Completed first alpha release

Include the reset and purge functionalities and french translations.

CONTRIBUTORS.txt

@@ -1 +1,2 @@
-- Gilles Lenfant: Main developer
+* `Gilles Lenfant <gilles.lenfant_AT_alterway.fr>`_: Main developer and french
+  translation

README.rst

@@ -37,7 +37,7 @@ Installation
 Production site
 ---------------
 
-As usual in your ``zc.buildout`` configuration ::
+As usual in your ``zc.buildout`` configuration: ::
 
   [instance]
   recipe = plone.recipe.zope2instance
@@ -48,7 +48,7 @@ As usual in your ``zc.buildout`` configuration ::
 Development site
 ----------------
 
-Developers of ``aws.authrss`` should use this ::
+Developers of ``aws.authrss`` should use this: ::
 
   [instance]
   recipe = plone.recipe.zope2instance
@@ -66,12 +66,12 @@ Customization
 =============
 
 ``aws.authrss`` comes with its own tokens manager that stores tokens in an
-OOBtree. See the module ``aws.authrss.tokenmanager.DefaulttokenManager``.
+``OOBtree``. See the module ``aws.authrss.tokenmanager.DefaulttokenManager``.
 
-You may proide your own tokens manager registering an utility that implements
+You may provide your own tokens manager registering an utility that implements
 ``aws.authrss.interfaces.ITokenManager`` in your component's
 ``override.zcml``. Then install this local utility using a GenericSetup
-``componentregistry.xml`` file like this one ::
+``componentregistry.xml`` file like this one: ::
 
   <?xml version="1.0"?>
   <componentregistry>
@@ -83,12 +83,28 @@ You may proide your own tokens manager registering an utility that implements
     </utilities>
   </componentregistry>
 
+Credits
+=======
+
+This Plone component is sponsored by `Alter Way <http://www.alterway.fr/>`_
+
+Links
+=====
+
+At github.com
+  https://github.com/glenfant/aws.authrss
+
+At the cheeseshop
+  http://pypi.python.org/pypi/aws.authrss
 
 Planned features
 ================
 
 Provide the same authenticated RSS feeds to search results but this requires to
-override the standard ``search.py`` template, and I hate overriding
+override the standard ``search`` template machinery, and I hate overriding
 templates. Patches are welcome.
 
+Do not assign tokens to users authenticated from an user folder that's not in
+the Plone site.
 
+Add unit tests to KSS handlers (Any help appreciated).

setup.py

@@ -12,7 +12,7 @@ def read(*names):
 version = read('src', 'aws', 'authrss', 'version.txt')
 
 long_description = (
-    read('README.txt')
+    read('README.rst')
     + '\n' +
     'Contributors\n'
     '============\n'

src/aws/authrss/browser/configure.zcml

@@ -2,6 +2,11 @@
    xmlns="http://namespaces.zope.org/zope"
    xmlns:browser="http://namespaces.zope.org/browser">
 
+  <browser:resourceDirectory
+      name="aws.authrss"
+      directory="static"
+      />
+
   <!-- Eek, there should be some ISyndicatable somewhere, but... -->
 
   <browser:view
@@ -19,5 +24,41 @@
      layer="aws.authrss.interfaces.IAuthRSSLayer"
      permission="zope.Public"
      />
+
+  <browser:page
+      name="personal-rss-token"
+      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
+      class=".views.PersonalTokenView"
+      template="templates/personal_token.pt"
+      layer="aws.authrss.interfaces.IAuthRSSLayer"
+      permission="cmf.SetOwnProperties"
+      />
+
+  <browser:page
+      name="rss-token-controlpanel"
+      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
+      class=".views.ControlPanelView"
+      template="templates/controlpanel.pt"
+      layer="aws.authrss.interfaces.IAuthRSSLayer"
+      permission="aws.authrss.PurgeTokens"
+      />
+
+  <!-- KSS actions -->
+
+  <browser:page
+      name="reset_rss_auth_token"
+      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
+      class=".views.KSSTokensUtils"
+      attribute="resetToken"
+      permission="cmf.SetOwnProperties"
+      />
+
+  <browser:page
+      name="purge_rss_auth_tokens"
+      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
+      class=".views.KSSTokensUtils"
+      attribute="purgeTokens"
+      permission="aws.authrss.PurgeTokens"
+      />
 
 </configure>

src/aws/authrss/browser/static/authrss.kss

@@ -0,0 +1,9 @@
+#aws-authrss-token-reset:click {
+    evt-click-preventdefault: true;
+    action-server: reset_rss_auth_token;
+}
+
+#aws-authrss-totens-purge:click {
+    evt-click-preventdefault: true;
+    action-server: purge_rss_auth_tokens;
+}

src/aws/authrss/browser/templates/controlpanel.pt

@@ -0,0 +1,39 @@
+<html xmlns="http://www.w3.org/1999/xhtml"
+      xmlns:metal="http://xml.zope.org/namespaces/metal"
+      xmlns:tal="http://xml.zope.org/namespaces/tal"
+      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
+      metal:use-macro="context/prefs_main_template/macros/master"
+      i18n:domain="aws.authrss">
+
+  <metal:main fill-slot="prefs_configlet_main">
+    <a href=""
+       i18n:domain="plone"
+       id="setup-link"
+       tal:attributes="href string:$portal_url/plone_control_panel"
+       i18n:translate="">
+      Site Setup
+    </a> &rsaquo;
+
+    <h1 class="documentFirstHeading" i18n:translate="">Authenticated RSS tokens</h1>
+
+    <div class="documentDescription" i18n:translate="">
+      Authenticated users RSS tokens maintenance
+    </div>
+    <fieldset>
+      <legend i18n:translate="">Remove tokens of removed users</legend>
+      <p i18n:translate="purge_explain">
+        You may remove the tokens of gone user clicking the button below. This
+        will reduce a little the size of the database and speed up token <->
+        user lookup.
+      </p>
+      <button class="context"
+              id="aws-authrss-totens-purge"
+              name="aws-authrss-totens-purge"
+              i18n:translate=""
+              >
+        Cleanup
+      </button>
+    </fieldset>
+  </metal:main>
+
+</html>

src/aws/authrss/browser/templates/personal_token.pt

@@ -0,0 +1,48 @@
+<html xmlns="http://www.w3.org/1999/xhtml"
+      xmlns:metal="http://xml.zope.org/namespaces/metal"
+      xmlns:tal="http://xml.zope.org/namespaces/tal"
+      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
+      metal:use-macro="context/main_template/macros/master"
+      i18n:domain="aws.authrss">
+
+  <div metal:fill-slot="body" id="content">
+    <h1 class="documentFirstHeading" i18n:translate="">My RSS token</h1>
+
+    <p i18n:translate="explain_rss_token_1">
+      Your private RSS token grants your privileges to your favorite RSS reader
+      that may show up summary and links to contents you are allowed to view
+      when authenticated on this site.
+    </p>
+    <p i18n:translate="explain_rss_token_2">
+      This RSS token does <strong>not</strong> reveal your login or password for
+      this site, nor grant another user who knows your token to anything else
+      than reading a private RSS feed.
+    </p>
+    <p i18n:translate="explain_rss_token_3">
+      You may reset here this token at any time. If you reset this token, your
+      next visit to your favorite RSS reader will show only summary and links to
+      contents available to anonymous users. In order to have your private
+      contents available in your RSS reader, you will need to edit its RSS feeds
+      settings to this site and replace the previous token value by the one
+      displayed below.
+    </p>
+    <fieldset>
+      <legend i18n:translate="">Your token</legend>
+      <input type="text"
+             id="aws-authrss-token-value"
+             name="aws-authrss-token-value"
+             value="#"
+             style="width: 30em"
+             readonly="readonly"
+             tal:attributes="value view/tokenValue"
+             />
+      <button class="context"
+              id="aws-authrss-token-reset"
+              name="aws-authrss-token-reset"
+              i18n:translate=""
+              >
+        Reset
+      </button>
+    </fieldset>
+  </div>
+</html>

src/aws/authrss/browser/views.py

@@ -4,25 +4,38 @@
 
 from zope.component import getMultiAdapter, getUtility
 from Products.Five import BrowserView
+from plone.app.kss.plonekssview import PloneKSSView
+from kss.core import kssaction
+
+from aws.authrss import aws_authrss_messagefactory as _
 from aws.authrss.interfaces import ITokenManager
 from aws.authrss.utils import GrantPrivilegesForToken
 
 
-class RSSLinkView(BrowserView):
-    """Builds the link for authenticated RSS
+class AuthRSSViewMixin(object):
+    """Mixin class for some utilities common to various views
     """
-    def __call__(self, *args, **kwargs):
-        """Runs the view
+    def tokenForThisUser(self):
+        """Token for authenticated user or None for anonymous
         """
         portal_state = getMultiAdapter((self.context, self.request), name=u'plone_portal_state')
-        method = "/RSS"  # Fallback to default usual RSS
         if not portal_state.anonymous():
 
             # We have an authenticated member
             user_id = portal_state.member().getId()
             token_mgr = getUtility(ITokenManager)
-            token = token_mgr.tokenForUserId(user_id)
-            method = '/AUTH-RSS?token={0}'.format(token)
+            return token_mgr.tokenForUserId(user_id)
+        return None
+
+
+class RSSLinkView(BrowserView, AuthRSSViewMixin):
+    """Builds the link for authenticated RSS
+    """
+    def __call__(self, *args, **kwargs):
+        """Runs the view
+        """
+        token = self.tokenForThisUser()
+        method = '/AUTH-RSS?token={0}'.format(token) if token is not None else '/RSS'
         context_state = getMultiAdapter((self.context, self.request), name=u'plone_context_state')
         return context_state.object_url() + method
 
@@ -38,3 +51,74 @@ def __call__(self, *args, **kwargs):
             feed = self.context.RSS()
         return feed
 
+
+class PersonalTokenView(BrowserView, AuthRSSViewMixin):
+    """The user may view/change his token from here
+    """
+    def __init__(self, *args, **kwargs):
+        super(PersonalTokenView, self).__init__(*args, **kwargs)
+
+        # Hiding content tabs and portlets
+        self.request.set('disable_border', 1)
+        self.request.set('disable_plone.leftcolumn', 1)
+        self.request.set('disable_plone.rightcolumn', 1)
+        return
+
+    def tokenValue(self):
+        """Token value for UI
+        """
+        token = self.tokenForThisUser()
+        if token is None:
+            token = _(u'invalid_token', default=u"Invalid token")
+        return token
+
+
+class KSSTokensUtils(PloneKSSView):
+    """KSS actions handler
+    """
+    @kssaction
+    def resetToken(self):
+        """Reset the user's token
+        """
+        portal_state = getMultiAdapter((self.context, self.request), name=u'plone_portal_state')
+        if portal_state.anonymous():
+            return
+
+        user_id = portal_state.member().getId()
+        token_mgr = getUtility(ITokenManager)
+        new_token = token_mgr.resetToken(user_id)
+        core_cs = self.getCommandSet('core')
+        core_cs.setAttribute('#aws-authrss-token-value', 'value', new_token)
+        plone_cs = self.getCommandSet('plone')
+        plone_cs.issuePortalMessage(
+            _(u'msg_token_changed',
+              default=u"Your RSS token has been changed")
+              )
+        return
+
+    @kssaction
+    def purgeTokens(self):
+        """Remove the tokens of unknown or gone users
+        """
+        pruned = 0
+        plone_tools = getMultiAdapter((self.context, self.request), name=u'plone_tools')
+        mtool = plone_tools.membership()
+        token_mgr = getUtility(ITokenManager)
+        for user_id in token_mgr.knownUserIds():
+            if mtool.getMemberById(user_id) is None:
+                token_mgr.pruneUserId(user_id)
+                pruned += 1
+        plone_cs= self.getCommandSet('plone')
+        message = _(
+            u'msg_pruned_users',
+            default=u"${pruned} unknown user(s) have been removed from RSS tokens registry",
+            mapping={u'pruned': str(pruned)}
+            )
+        plone_cs.issuePortalMessage(message)
+        return
+
+
+class ControlPanelView(BrowserView):
+    """Control panel
+    """
+    pass

src/aws/authrss/configure.zcml

@@ -5,17 +5,21 @@
    xmlns:genericsetup="http://namespaces.zope.org/genericsetup"
    i18n_domain="aws.authrss">
 
-  <five:registerPackage package="." initialize=".initialize" />
+  <i18n:registerTranslations directory="locales" />
 
-  <include package=".browser" />
+  <five:registerPackage package="." initialize=".initialize" />
 
-  <!-- Purge granted to managers only by default (no need to make a roles map GS export) -->
+  <!-- Purge granted to managers only by default (no need to make a roles map GS
+       export) -->
 
   <permission
-     id="aws.authrss.PurgeToken"
-     title="Plone Site Setup: Purge RSS authentication tokens"
+     id="aws.authrss.PurgeTokens"
+     title="Plone Site Setup: RSS authentication tokens"
      />
 
+  <include package=".browser" />
+
+
   <genericsetup:registerProfile
      name="default"
      title="Authenticated RSS feeds (aws.authrss)"

src/aws/authrss/interfaces.py

@@ -32,3 +32,7 @@ def resetToken(user_id):
     def pruneUserId(user_id):
         """Remove the token for an user about to be removed
         """
+
+    def knownUserIds():
+        """An iterable over (or sequence of) registered user ids
+        """