# HG changeset patch # User Mads Kiilerich # Date 2018-12-26 02:21:26 # Node ID c6ce891312efa7578a0b35de74414be7249d0a53 # Parent e4af9e2deb83240cd5b1fae6713614203e8a0309 auth: consistently use request.authuser - drop request.user This seems like old tech debt. Now, just get rid of it. diff --git a/kallithea/controllers/api/__init__.py b/kallithea/controllers/api/__init__.py --- a/kallithea/controllers/api/__init__.py +++ b/kallithea/controllers/api/__init__.py @@ -182,7 +182,7 @@ class JSONRPCController(TGController): # this is little trick to inject logged in user for # perms decorators to work they expect the controller class to have # authuser attribute set - request.authuser = request.user = auth_u + request.authuser = auth_u # This attribute will need to be first param of a method that uses # api_key, which is translated to instance of user at that name diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py --- a/kallithea/lib/auth.py +++ b/kallithea/lib/auth.py @@ -944,11 +944,11 @@ class _PermsFunction(object): class HasPermissionAny(_PermsFunction): def __call__(self, purpose=None): - global_permissions = request.user.permissions['global'] # usually very short + global_permissions = request.authuser.permissions['global'] # usually very short ok = any(p in global_permissions for p in self.required_perms) log.debug('Check %s for global %s (%s): %s' % - (request.user.username, self.required_perms, purpose, ok)) + (request.authuser.username, self.required_perms, purpose, ok)) return ok @@ -963,19 +963,19 @@ class _PermFunction(_PermsFunction): class HasRepoPermissionLevel(_PermFunction): def __call__(self, repo_name, purpose=None): - return request.user.has_repository_permission_level(repo_name, self.required_perm, purpose) + return request.authuser.has_repository_permission_level(repo_name, self.required_perm, purpose) class HasRepoGroupPermissionLevel(_PermFunction): def __call__(self, group_name, purpose=None): - return request.user.has_repository_group_permission_level(group_name, self.required_perm, purpose) + return request.authuser.has_repository_group_permission_level(group_name, self.required_perm, purpose) class HasUserGroupPermissionLevel(_PermFunction): def __call__(self, user_group_name, purpose=None): - return request.user.has_user_group_permission_level(user_group_name, self.required_perm, purpose) + return request.authuser.has_user_group_permission_level(user_group_name, self.required_perm, purpose) #============================================================================== diff --git a/kallithea/lib/base.py b/kallithea/lib/base.py --- a/kallithea/lib/base.py +++ b/kallithea/lib/base.py @@ -529,7 +529,7 @@ class BaseController(TGController): if type.lower() == 'bearer': bearer_token = params - request.authuser = request.user = self._determine_auth_user( + request.authuser = self._determine_auth_user( request.GET.get('api_key'), bearer_token, session.get('authuser'), diff --git a/kallithea/tests/fixture.py b/kallithea/tests/fixture.py --- a/kallithea/tests/fixture.py +++ b/kallithea/tests/fixture.py @@ -333,7 +333,7 @@ class Fixture(object): org_repo = other_repo = Repository.get_by_repo_name(repo_name) owner_user = User.get_by_username(TEST_USER_ADMIN_LOGIN) reviewers = [User.get_by_username(TEST_USER_REGULAR_LOGIN)] - request.authuser = request.user = AuthUser(dbuser=owner_user) + request.authuser = AuthUser(dbuser=owner_user) # creating a PR sends a message with an absolute URL - without routing that requires mocking with mock.patch.object(helpers, 'url', (lambda arg, qualified=False, **kwargs: ('https://localhost' if qualified else '') + '/fake/' + arg)): cmd = CreatePullRequestAction(org_repo, other_repo, org_ref, other_ref, title, u'No description', owner_user, reviewers)