kallithea Changeset - f3fa50c89783

Changeset - f3fa50c89783

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Max Roman - 11 years ago 2014-09-13 20:46:09
max@choloclos.se

Fix Admin Group Membership when using the Atlassian Crowd plugin .

1 file changed with 1 insertions and 1 deletions:

kallithea/lib/auth_modules/auth_crowd.py

0 comments (0 inline, 0 general)

kallithea/lib/auth_modules/auth_crowd.py

➞

Show inline comments

@@ @@ -191,54 +191,54 @@ class KallitheaAuthPlugin(auth_modules.K @@
         """
         Given a user object (which may be null), username, a plaintext password,
         and a settings object (containing all the keys needed as listed in settings()),
         authenticate this user's login attempt.
         Return None on failure. On success, return a dictionary of the form:
             see: KallitheaAuthPluginBase.auth_func_attrs
         This is later validated for correctness
         """
         if not username or not password:
             log.debug('Empty username or password skipping...')
             return None
         log.debug("Crowd settings: \n%s" % (formatted_json(settings)))
         server = CrowdServer(**settings)
         server.set_credentials(settings["app_name"], settings["app_password"])
         crowd_user = server.user_auth(username, password)
         log.debug("Crowd returned: \n%s" % (formatted_json(crowd_user)))
         if not crowd_user["status"]:
             return None
         res = server.user_groups(crowd_user["name"])
         log.debug("Crowd groups: \n%s" % (formatted_json(res)))
         crowd_user["groups"] = [x["name"] for x in res["groups"]]
         # old attrs fetched from Kallithea database
         admin = getattr(userobj, 'admin', False)
         active = getattr(userobj, 'active', True)
         email = getattr(userobj, 'email', '')
         firstname = getattr(userobj, 'firstname', '')
         lastname = getattr(userobj, 'lastname', '')
         extern_type = getattr(userobj, 'extern_type', '')
         user_attrs = {
             'username': username,
             'firstname': crowd_user["first-name"] or firstname,
             'lastname': crowd_user["last-name"] or lastname,
             'groups': crowd_user["groups"],
             'email': crowd_user["email"] or email,
             'admin': admin,
             'active': active,
             'active_from_extern': crowd_user.get('active'),
             'extern_name': crowd_user["name"],
             'extern_type': extern_type,
+        }
         # set an admin if we're in admin_groups of crowd
         for group in settings["admin_groups"]:
+        for group in settings["admin_groups"].split(","):
             if group in user_attrs["groups"]:
                 user_attrs["admin"] = True
         log.debug("Final crowd user object: \n%s" % (formatted_json(user_attrs)))
         log.info('user %s authenticated correctly' % user_attrs['username'])
         return user_attrs

0 comments (0 inline, 0 general)