Changeset - 7e8d80882865
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Søren Løvborg - 10 years ago 2015-07-26 13:58:50
kwi@kwi.dk
auth: refactor user lookup in AuthUser constructor for clarity

First, note that `fill_data` checks that the specified `db.User` is
`active` before copying anything, and returns False if not.

Now, previously when calling e.g. `AuthUser(user_id=anonymous_user_id)`,
`_propagate_data` would explicitly refuse to look up the anonymous
user, but then fall back to the anonymous user anyway (if `active`),
or use None values (if not `active`).

Given the same situation, the new code simply looks up the anonymous
user like it would any other user, and copies data using `fill_data`.
If the anonymous user is not `active`, we fall back to the existing
code path and behave as before (that is, use None values).
1 file changed with 14 insertions and 11 deletions:
kallithea/lib/auth.py
14
11
0 comments (0 inline, 0 general)
kallithea/lib/auth.py
Show inline comments
 
@@ -506,28 +506,31 @@ class AuthUser(object):
 
        is_user_loaded = False
 

			




	
	
	
		
 
        # lookup by userid

			




	
	
	
		
 
        if self.user_id is not None and self.user_id != self.anonymous_user.user_id:

			




	
	
	
		
 
        if self.user_id is not None:

			




	
	
	
		
 
            log.debug('Auth User lookup by USER ID %s' % self.user_id)

			




	
	
	
		
 
            is_user_loaded = user_model.fill_data(self, user_model.get(self.user_id))

			




	
	
	
		
 

			




	
	
	
		
 
        # try go get user by API key

			




	
	
	
		
 
        elif self._api_key and self._api_key != self.anonymous_user.api_key:

			




	
	
	
		
 
        elif self._api_key:

			




	
	
	
		
 
            log.debug('Auth User lookup by API key %s' % self._api_key)

			




	
	
	
		
 
            is_user_loaded = user_model.fill_data(self, User.get_by_api_key(self._api_key))

			




	
	
	
		
 

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            log.debug('No data in %s that could been used to log in' % self)

			




	
	
	
		
 

			




	
	
	
		
 
        # If user cannot be found, try falling back to anonymous.

			




	
	
	
		
 
        if not is_user_loaded:

			




	
	
	
		
 
            # if we cannot authenticate user try anonymous

			




	
	
	
		
 
            if self.anonymous_user.active:

			




	
	
	
		
 
                user_model.fill_data(self, self.anonymous_user)

			




	
	
	
		
 
                # then we set this user is logged in

			




	
	
	
		
 
                self.is_authenticated = True

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                self.user_id = None

			




	
	
	
		
 
                self.username = None

			




	
	
	
		
 
                self.is_authenticated = False

			




	
	
	
		
 
            is_user_loaded =  user_model.fill_data(self, self.anonymous_user)

			




	
	
	
		
 

			




	
	
	
		
 
        # Still no luck? Give up.

			




	
	
	
		
 
        if not is_user_loaded:

			




	
	
	
		
 
            self.user_id = None

			




	
	
	
		
 
            self.username = None

			




	
	
	
		
 
            self.is_authenticated = False

			




	
	
	
		
 

			




	
	
	
		
 
        # The anonymous user is always "logged in".

			




	
	
	
		
 
        if self.user_id == self.anonymous_user.user_id:

			




	
	
	
		
 
            self.is_authenticated = True

			




	
	
	
		
 

			




	
	
	
		
 
        if not self.username:

			




	
	
	
		
 
            self.username = 'None'

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.