# HG changeset patch
# User Søren Løvborg <sorenl@unity3d.com>
# Date 2016-04-19 17:58:21
# Node ID ea02c8b2b52901fe2c4db9f6c7c3fb5a9fc3dc39
# Parent  abc1ada5907617988a42f6ec98dc3d1206ba35e0

auth: prevent misuse of PermFunction in bool context

Evaluating a PermFunction as a boolean, rather than calling it, is
almost certainly an error. If not, "pf is not None" can be used.

diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py
--- a/kallithea/lib/auth.py
+++ b/kallithea/lib/auth.py
@@ -1002,6 +1002,13 @@ class PermsFunction(object):
         self.repo_name = None
         self.group_name = None
 
+    def __nonzero__(self):
+        """ Defend against accidentally forgetting to call the object
+            and instead evaluating it directly in a boolean context,
+            which could have security implications.
+        """
+        raise AssertionError(self.__class__.__name__ + ' is not a bool and must be called!')
+
     def __call__(self, check_location='', user=None):
         if not user:
             #TODO: remove this someday,put as user as attribute here