kallithea Changeset - 6e75963503cc

Changeset - 6e75963503cc

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Thomas De Schampheleire - 8 years ago 2018-04-23 22:06:37
thomas.de_schampheleire@nokia.com

admin: auth: make sure list of auth modules is consistent

When authentication modules are enabled, but fail to be enabled e.g. due to
missing dependencies (pam, ldap), the list of enabled plugins still contains
the failing module. However, the 'Enabled/Disabled' button correctly shows
Disabled, causing a mismatch between both.

Worse, the mismatch cannot be corrected by clicking the Enabled/Disabled
button, one needs to manually clear the problematic entry in the list of
enabled plugins.

Fix by always populating the list with the actually enabled plugins, not
those requested by the user in case there are failures.

1 file changed with 3 insertions and 3 deletions:

kallithea/controllers/admin/auth_settings.py

0 comments (0 inline, 0 general)

kallithea/controllers/admin/auth_settings.py

➞

Show inline comments

@@ @@ -34,102 +34,102 @@ from webob.exc import HTTPFound @@
 from kallithea.config.routing import url
 from kallithea.lib import helpers as h
 from kallithea.lib.compat import formatted_json
 from kallithea.lib.base import BaseController, render
 from kallithea.lib.auth import LoginRequired, HasPermissionAnyDecorator
 from kallithea.lib import auth_modules
 from kallithea.model.forms import AuthSettingsForm
 from kallithea.model.db import Setting
 from kallithea.model.meta import Session
 log = logging.getLogger(__name__)
 class AuthSettingsController(BaseController):
     @LoginRequired()
     @HasPermissionAnyDecorator('hg.admin')
     def _before(self, *args, **kwargs):
         super(AuthSettingsController, self)._before(*args, **kwargs)
     def __load_defaults(self):
         c.available_plugins = [
             'kallithea.lib.auth_modules.auth_internal',
             'kallithea.lib.auth_modules.auth_container',
             'kallithea.lib.auth_modules.auth_ldap',
             'kallithea.lib.auth_modules.auth_crowd',
             'kallithea.lib.auth_modules.auth_pam'
+        ]
         self.enabled_plugins = auth_modules.get_auth_plugins()
         c.enabled_plugin_names = [plugin.__class__.__module__ for plugin in self.enabled_plugins]
     def __render(self, defaults, errors):
         c.defaults = {}
         c.plugin_settings = {}
         c.plugin_shortnames = {}
         for plugin in self.enabled_plugins:
             module = plugin.__class__.__module__
             c.plugin_shortnames[module] = plugin.name
             c.plugin_settings[module] = plugin.plugin_settings()
             for v in c.plugin_settings[module]:
                 fullname = "auth_%s_%s" % (plugin.name, v["name"])
                 if "default" in v:
                     c.defaults[fullname] = v["default"]
                 # Current values will be the default on the form, if there are any
                 setting = Setting.get_by_name(fullname)
                 if setting is not None:
                     c.defaults[fullname] = setting.app_settings_value
         if defaults:
             c.defaults.update(defaults)
         # we want to show , separated list of enabled plugins
         c.defaults['auth_plugins'] = ','.join(c.enabled_plugin_names)
         if defaults:
             c.defaults.update(defaults)
         log.debug(formatted_json(defaults))
         return formencode.htmlfill.render(
             render('admin/auth/auth_settings.html'),
             defaults=c.defaults,
             errors=errors,
             prefix_error=False,
             encoding="UTF-8",
             force_defaults=False)
     def index(self):
         self.__load_defaults()
         return self.__render(defaults=None, errors=None)
     def auth_settings(self):
         """POST create and store auth settings"""
         self.__load_defaults()
         log.debug("POST Result: %s", formatted_json(dict(request.POST)))
         # First, parse only the plugin list (not the plugin settings).
         _auth_plugins_validator = AuthSettingsForm([]).fields['auth_plugins']
         try:
             new_enabled_plugins = _auth_plugins_validator.to_python(request.POST.get('auth_plugins'))
         except formencode.Invalid:
             # User provided an invalid plugin list. Just fall back to
             # the list of currently enabled plugins. (We'll re-validate
             # and show an error message to the user, below.)
             pass
         else:
             # Hide plugins that the user has asked to be disabled, but
             # do not show plugins that the user has asked to be enabled
             # (yet), since that'll cause validation errors and/or wrong
             # settings being applied (e.g. checkboxes being cleared),
             # since the plugin settings will not be in the POST data.
             c.enabled_plugin_names = [p for p in c.enabled_plugin_names if p in new_enabled_plugins]
         # Next, parse everything including plugin settings.
         _form = AuthSettingsForm(c.enabled_plugin_names)()
         try:
             form_result = _form.to_python(dict(request.POST))
             for k, v in form_result.items():
                 if k == 'auth_plugins':
                     # we want to store it comma separated inside our settings
                     v = ','.join(v)
                 log.debug("%s = %s", k, str(v))
                 setting = Setting.create_or_update(k, v)
             Session().commit()
             h.flash(_('Auth settings updated successfully'),

0 comments (0 inline, 0 general)