Merge pull request #832 from plomino/Fix_email_username

Fix email username
plomino · Aug 25, 2017 · 6e12070 · 6e12070
2 parents 04dcf92 + f07b4bc
commit 6e12070
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 14 deletions.
diff --git a/src/Products/CMFPlomino/accesscontrol.py b/src/Products/CMFPlomino/accesscontrol.py
@@ -156,7 +156,10 @@ def getCurrentMember(self):
     def getCurrentUserId(self):
         """ Returns the current user id.
         """
-        return self.getCurrentMember().getUserName()
+        user_id = 'Anonymous'
+        if not api.user.is_anonymous():
+            user_id = self.getCurrentMember().getId()
+        return user_id
 
     security.declarePublic('getCurrentUserGroups')
 
@@ -173,7 +176,7 @@ def getCurrentUserRights(self):
         """
         try:
             userid = self.getCurrentUserId()
-            if userid == 'Anonymous User':
+            if userid == 'Anonymous':
                 return [getattr(self, "AnomynousAccessRight", "NoAccess")]
 
             rights = self.get_local_roles_for_userid(userid)
@@ -217,11 +220,12 @@ def hasCurrentUserRight(self, right):
     def getCurrentUserRoles(self):
         """ Get current user roles
         """
-        userid = self.getCurrentMember().getUserName()
+        user_id = self.getCurrentMember().getId()
+        # 'Anonymous User' will have zero/empty user roles
         allroles = self.getUserRoles()
         roles = []
         for r in allroles:
-            if self.hasUserRole(userid, r):
+            if self.hasUserRole(user_id, r):
                 roles.append(r)
         return roles
 
@@ -240,12 +244,12 @@ def isCurrentUserReader(self, doc):
                     self.checkUserPermission(config.ACL_PERMISSION)):
                 isreader = True
             else:
-                username = self.getCurrentMember().getUserName()
-                if username == "Anonymous User":
+                user_id = self.getCurrentMember().getId()
+                if api.user.is_anonymous():
                     user_groups_roles = set(['Anonymous'])
                 else:
                     user_groups_roles = set(
-                        ['Anonymous', username] +
+                        ['Anonymous', user_id] +
                         self.getCurrentUserGroups() +
                         self.getCurrentUserRoles())
                 if allowed_readers.intersection(user_groups_roles):
@@ -298,7 +302,9 @@ def isCurrentUserAuthor(self, doc):
             if '*' in authors:
                 return True
 
-            name = self.getCurrentMember().getUserName()
+            name = 'Anonymous'
+            if not api.user.is_anonymous():
+                name = self.getCurrentMember().getId()
             if name in authors:
                 return True
 

diff --git a/src/Products/CMFPlomino/document.py b/src/Products/CMFPlomino/document.py
@@ -477,9 +477,11 @@ def save(self, form=None, creation=False, refresh_index=True,
         if asAuthor:
             # getItem('Plomino_Authors', []) might return '' or None
             authors = asList(self.getItem('Plomino_Authors') or [])
-            name = db.getCurrentMember().getUserName()
-            if name not in authors:
-                authors.append(name)
+            user_id = 'Anonymous'
+            if not getToolByName(self, 'portal_membership').isAnonymousUser():
+                user_id = db.getCurrentMember().getId()
+            if user_id not in authors:
+                authors.append(user_id)
             self.setItem('Plomino_Authors', authors)
 
         # execute the onSaveDocument code of the form

diff --git a/src/Products/CMFPlomino/index/index.py b/src/Products/CMFPlomino/index/index.py
@@ -161,8 +161,16 @@ def dbsearch(self, request, sortindex=None, reverse=0,
         """
         if only_allowed:
             user_groups_roles = ['Anonymous', '*']
-            user_id = self.getCurrentMember().getUserName()
-            if user_id != "Anonymous User":
+            # when me is < SpecialUser 'Anonymous User' >
+            # then me.id is 'acl_users'
+            # then me.getId() is None
+            # then self.getCurrentUserId() is 'Anonymous User'
+            # when the site is using email as login name
+            # then getUserName() and getCurrentUserId() will return email
+            # instead of id
+            # There is possible username is 'Anonymous'
+            user_id = self.getCurrentMember().getId()
+            if not getToolByName(self, 'portal_membership').isAnonymousUser():
                 user_groups_roles += (
                     [user_id] +
                     self.getCurrentUserGroups() +

diff --git a/src/Products/CMFPlomino/tests/plomino.txt b/src/Products/CMFPlomino/tests/plomino.txt
@@ -333,7 +333,7 @@ JSON API
 A document can be exported as JSON::
 
     >>> doc11.tojson()
-    '{"field2": "My favorite song is Rhythm is love", "Plomino_Authors": ["test-user"], "field1": "Rhythm is love", "field4": "side-effect", "Form": "frm1"}'
+    '{"field2": "My favorite song is Rhythm is love", "Plomino_Authors": ["test_user_1_"], "field1": "Rhythm is love", "field4": "side-effect", "Form": "frm1"}'
 
 We can export only one field::