Add auto-auth requirement to all admin pages

Instead ofhaving to explicitly decorate all methods with auth_protect() use the fact all pages go through Page.__call__ to conditionally check if the user is anoynous and set a default when instantiating AdminPage so that all admin pages require authentication. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
author: Simo Sorce <simo@redhat.com> 2014-10-06 23:32:34 -0400
committer: Patrick Uiterwijk <puiterwijk@redhat.com> 2014-10-07 16:48:35 +0200
commit: 6c60a2e0c335ecc907cfcd576165be45021086a9 (patch)
tree: 834ca0144c397c6fb3356a6b7bbd5aea6b5ec946
parent: 3d38500a756d26294956c53bdcc82313a8bbfc55 (diff)
download: ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.gz
ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.xz
ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.zip
5 files changed, 9 insertions, 18 deletions
diff --git a/ipsilon/admin/common.py b/ipsilon/admin/common.py
index 19ca6ff..5928763 100755
--- a/ipsilon/admin/common.py
+++ b/ipsilon/admin/common.py
@@ -19,7 +19,7 @@
 
 import cherrypy
 from ipsilon.util.page import Page
-from ipsilon.util.page import admin_protect, auth_protect
+from ipsilon.util.page import admin_protect
 
 
 class AdminPage(Page):
@@ -31,6 +31,7 @@ class AdminPage(Page):
             'Pragma': 'no-cache',
             'Expires': 'Thu, 01 Dec 1994 16:00:00 GMT',
         })
+        self.auth_protect = True
 
 
 class AdminPluginPage(AdminPage):
@@ -121,7 +122,6 @@ class Admin(AdminPage):
         self.url = '%s/%s' % (self.basepath, mount)
         self.menu = []
 
-    @auth_protect
     def root(self, *args, **kwargs):
         return self._template('admin/index.html',
                               title='Configuration',
diff --git a/ipsilon/admin/info.py b/ipsilon/admin/info.py
index 1ce06f1..cea6b0e 100755
--- a/ipsilon/admin/info.py
+++ b/ipsilon/admin/info.py
@@ -3,7 +3,7 @@
 # Copyright (C) 2014  Ipsilon Contributors see COPYING for license
 
 import cherrypy
-from ipsilon.util.page import admin_protect, auth_protect
+from ipsilon.util.page import admin_protect
 from ipsilon.util.plugin import PluginObject
 from ipsilon.admin.common import AdminPluginPage
 from ipsilon.admin.common import AdminPage
@@ -112,7 +112,6 @@ class InfoPlugins(AdminPage):
                               enabled=ordered,
                               menu=self._master.menu)
 
-    @auth_protect
     def root(self, *args, **kwargs):
         return self.root_with_msg()
 
diff --git a/ipsilon/admin/login.py b/ipsilon/admin/login.py
index 62e0a0e..4645917 100755
--- a/ipsilon/admin/login.py
+++ b/ipsilon/admin/login.py
@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import cherrypy
-from ipsilon.util.page import admin_protect, auth_protect
+from ipsilon.util.page import admin_protect
 from ipsilon.util.plugin import PluginObject
 from ipsilon.admin.common import AdminPluginPage
 from ipsilon.admin.common import AdminPage
@@ -144,7 +144,6 @@ class LoginPlugins(AdminPage):
                               enabled=ordered,
                               menu=self._master.menu)
 
-    @auth_protect
     def root(self, *args, **kwargs):
         return self.root_with_msg()
 
diff --git a/ipsilon/admin/providers.py b/ipsilon/admin/providers.py
index ce21e16..eea61e7 100755
--- a/ipsilon/admin/providers.py
+++ b/ipsilon/admin/providers.py
@@ -19,7 +19,7 @@
 
 
 import cherrypy
-from ipsilon.util.page import admin_protect, auth_protect
+from ipsilon.util.page import admin_protect
 from ipsilon.providers.common import FACILITY
 from ipsilon.admin.common import AdminPluginPage
 from ipsilon.admin.common import AdminPage
@@ -57,7 +57,6 @@ class ProviderPlugins(AdminPage):
                               enabled=enabled_plugins,
                               menu=self._master.menu)
 
-    @auth_protect
     def root(self, *args, **kwargs):
         return self.root_with_msg()
 
diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py
index 1815ceb..f98b2d9 100755
--- a/ipsilon/util/page.py
+++ b/ipsilon/util/page.py
@@ -34,16 +34,6 @@ def admin_protect(fn):
     return check
 
 
-def auth_protect(fn):
-    def check(self, *args, **kwargs):
-        if UserSession().get_user().is_anonymous:
-            raise cherrypy.HTTPRedirect(self.basepath)
-        else:
-            return fn(self, *args, **kwargs)
-
-    return check
-
-
 class Page(Log):
     def __init__(self, site, form=False):
         if 'template_env' not in site:
@@ -53,6 +43,7 @@ class Page(Log):
         self.user = None
         self._is_form_page = form
         self.default_headers = dict()
+        self.auth_protect = False
 
     def _compare_urls(self, url1, url2):
         u1 = unquote(url1)
@@ -67,6 +58,9 @@ class Page(Log):
 
         self.user = UserSession().get_user()
 
+        if self.auth_protect and self.user.is_anonymous:
+            raise cherrypy.HTTPError(401)
+
         if len(args) > 0:
             op = getattr(self, args[0], None)
             if callable(op) and getattr(op, 'public_function', None):
author	Simo Sorce <simo@redhat.com>	2014-10-06 23:32:34 -0400
committer	Patrick Uiterwijk <puiterwijk@redhat.com>	2014-10-07 16:48:35 +0200
commit	6c60a2e0c335ecc907cfcd576165be45021086a9 (patch)
tree	834ca0144c397c6fb3356a6b7bbd5aea6b5ec946
parent	3d38500a756d26294956c53bdcc82313a8bbfc55 (diff)
download	ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.gz ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.xz ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.zip