From 6c60a2e0c335ecc907cfcd576165be45021086a9 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Mon, 6 Oct 2014 23:32:34 -0400
Subject: Add auto-auth requirement to all admin pages

Instead ofhaving to explicitly decorate all methods with auth_protect()
use the fact all pages go through Page.__call__ to conditionally check
if the user is anoynous and set a default when instantiating AdminPage
so that all admin pages require authentication.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/admin/common.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'ipsilon/admin/common.py')

diff --git a/ipsilon/admin/common.py b/ipsilon/admin/common.py
index 19ca6ff..5928763 100755
--- a/ipsilon/admin/common.py
+++ b/ipsilon/admin/common.py
@@ -19,7 +19,7 @@
 
 import cherrypy
 from ipsilon.util.page import Page
-from ipsilon.util.page import admin_protect, auth_protect
+from ipsilon.util.page import admin_protect
 
 
 class AdminPage(Page):
@@ -31,6 +31,7 @@ class AdminPage(Page):
             'Pragma': 'no-cache',
             'Expires': 'Thu, 01 Dec 1994 16:00:00 GMT',
         })
+        self.auth_protect = True
 
 
 class AdminPluginPage(AdminPage):
@@ -121,7 +122,6 @@ class Admin(AdminPage):
         self.url = '%s/%s' % (self.basepath, mount)
         self.menu = []
 
-    @auth_protect
     def root(self, *args, **kwargs):
         return self._template('admin/index.html',
                               title='Configuration',
-- 
cgit