Search code examples
ldapploneplone-4.x

Plone 4 - get type of authenticated user


I have users registered on the website and users that are logging in using an external account (plone.app.ldap is used).

How can I get the type of logged in user?

membership = getToolByName(self.context, 'portal_membership')
authenticated_user = membership.getAuthenticatedMember()

(Pdb) authenticated_user
<MemberData at /mywebsite/portal_memberdata/myuserid used for /mywebsite/acl_users>

I have the logged in user, but no idea how to find how it is registered. (It seems membership_tool.listMembers() gives me the registered users list. Maybe I can use this...)

My goal is to send the type of account to Google Analytics as custom dimension in a custom event and creating some nice reports (the type of account will be a filter for the results).


Solution

  • The goal of the PAS service is exactly your problem :-)

    It's called pluggable auth service. This means you can register several services and the PAS gives you a single entry point to perform manipulations and queries. This means you usually don't have to care about whether the user is a plone user or ldap user.

    AFAIK the only possible way is to ask the ldap plugin directly:

    ldap: The id of your AD/LDAP plugin

    plone: Your plone site

    >>> membership = getToolByName(plone, 'portal_membership')
    >>> authenticated_user = membership.getAuthenticatedMember()
    
    >>> search = plone.acl_users.ldap.acl_users.searchUsers
    <bound method LDAPUserFolder.searchUsers of <LDAPUserFolder at /fd/acl_users/ldap/acl_users>>
    
    >>> search(uid=authenticated_user.getId())
    [{'dn': 'cn=Test USER,ou=Users, ...', 'uid': 'test.user', 'sn': 'Test', 'mail': '[email protected]', 'givenName': 'USER', 'cn': 'Test User'}]
    

    The search result depends on your ad/ldap configuration.