Changeset - ff788e390497
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 14 years ago 2011-12-24 00:07:03
marcin@python-works.com
fix issue #323 auth by suername only if container auth is enabled
1 file changed with 3 insertions and 1 deletions:
rhodecode/lib/auth.py
3
1
0 comments (0 inline, 0 general)
rhodecode/lib/auth.py
Show inline comments
 
@@ -272,97 +272,99 @@ def get_container_username(environ, conf
 
    if username:
 
        # Removing realm and domain from username
 
        username = username.partition('@')[0]
 
        username = username.rpartition('\\')[2]
 
        log.debug('Received username %s from container', username)
 

			




	
	
	
		
 
    return username

			




	
	
	
		
 

			




	
	
	
		
 
class  AuthUser(object):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    A simple object that handles all attributes of user in RhodeCode

			




	
	
	
		
 

			




	
	
	
		
 
    It does lookup based on API key,given user, or user present in session

			




	
	
	
		
 
    Then it fills all required information for such user. It also checks if

			




	
	
	
		
 
    anonymous access is enabled and if so, it returns default user as logged

			




	
	
	
		
 
    in

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    def __init__(self, user_id=None, api_key=None, username=None):

			




	
	
	
		
 

			




	
	
	
		
 
        self.user_id = user_id

			




	
	
	
		
 
        self.api_key = None

			




	
	
	
		
 
        self.username = username

			




	
	
	
		
 

			




	
	
	
		
 
        self.name = ''

			




	
	
	
		
 
        self.lastname = ''

			




	
	
	
		
 
        self.email = ''

			




	
	
	
		
 
        self.is_authenticated = False

			




	
	
	
		
 
        self.admin = False

			




	
	
	
		
 
        self.permissions = {}

			




	
	
	
		
 
        self._api_key = api_key

			




	
	
	
		
 
        self.propagate_data()

			




	
	
	
		
 

			




	
	
	
		
 
    def propagate_data(self):

			




	
	
	
		
 
        user_model = UserModel()

			




	
	
	
		
 
        self.anonymous_user = User.get_by_username('default', cache=True)

			




	
	
	
		
 
        is_user_loaded = False

			




	
	
	
		
 

			




	
	
	
		
 
        # try go get user by api key

			




	
	
	
		
 
        if self._api_key and self._api_key != self.anonymous_user.api_key:

			




	
	
	
		
 
            log.debug('Auth User lookup by API KEY %s', self._api_key)

			




	
	
	
		
 
            is_user_loaded = user_model.fill_data(self, api_key=self._api_key)

			




	
	
	
		
 
        # lookup by userid    

			




	
	
	
		
 
        elif (self.user_id is not None and

			




	
	
	
		
 
              self.user_id != self.anonymous_user.user_id):

			




	
	
	
		
 
            log.debug('Auth User lookup by USER ID %s', self.user_id)

			




	
	
	
		
 
            is_user_loaded = user_model.fill_data(self, user_id=self.user_id)

			




	
	
	
		
 
        # lookup by username    

			




	
	
	
		
 
        elif self.username:

			




	
	
	
		
 
        elif self.username and \

			




	
	
	
		
 
            str2bool(config.get('container_auth_enabled', False)):

			




	
	
	
		
 
            

			




	
	
	
		
 
            log.debug('Auth User lookup by USER NAME %s', self.username)

			




	
	
	
		
 
            dbuser = login_container_auth(self.username)

			




	
	
	
		
 
            if dbuser is not None:

			




	
	
	
		
 
                for k, v in dbuser.get_dict().items():

			




	
	
	
		
 
                    setattr(self, k, v)

			




	
	
	
		
 
                self.set_authenticated()

			




	
	
	
		
 
                is_user_loaded = True

			




	
	
	
		
 

			




	
	
	
		
 
        if not is_user_loaded:

			




	
	
	
		
 
            # if we cannot authenticate user try anonymous

			




	
	
	
		
 
            if self.anonymous_user.active is True:

			




	
	
	
		
 
                user_model.fill_data(self, user_id=self.anonymous_user.user_id)

			




	
	
	
		
 
                # then we set this user is logged in

			




	
	
	
		
 
                self.is_authenticated = True

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                self.user_id = None

			




	
	
	
		
 
                self.username = None

			




	
	
	
		
 
                self.is_authenticated = False

			




	
	
	
		
 

			




	
	
	
		
 
        if not self.username:

			




	
	
	
		
 
            self.username = 'None'

			




	
	
	
		
 

			




	
	
	
		
 
        log.debug('Auth User is now %s', self)

			




	
	
	
		
 
        user_model.fill_perms(self)

			




	
	
	
		
 

			




	
	
	
		
 
    @property

			




	
	
	
		
 
    def is_admin(self):

			




	
	
	
		
 
        return self.admin

			




	
	
	
		
 

			




	
	
	
		
 
    @property

			




	
	
	
		
 
    def full_contact(self):

			




	
	
	
		
 
        return '%s %s <%s>' % (self.name, self.lastname, self.email)

			




	
	
	
		
 

			




	
	
	
		
 
    def __repr__(self):

			




	
	
	
		
 
        return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username,

			




	
	
	
		
 
                                              self.is_authenticated)

			




	
	
	
		
 

			




	
	
	
		
 
    def set_authenticated(self, authenticated=True):

			




	
	
	
		
 
        if self.user_id != self.anonymous_user.user_id:

			




	
	
	
		
 
            self.is_authenticated = authenticated

			




	
	
	
		
 

			




	
	
	
		
 
    def get_cookie_store(self):

			




	
	
	
		
 
        return {'username':self.username,

			




	
	
	
		
 
                'user_id': self.user_id,

			




	
	
	
		
 
                'is_authenticated':self.is_authenticated}

			




	
	
	
		
 

			




	
	
	
		
 
    @classmethod

			




	
	
	
		
 
    def from_cookie_store(cls, cookie_store):

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.