diff options
author | Simo Sorce <simo@redhat.com> | 2014-10-06 23:32:34 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-07 16:48:35 +0200 |
commit | 6c60a2e0c335ecc907cfcd576165be45021086a9 (patch) | |
tree | 834ca0144c397c6fb3356a6b7bbd5aea6b5ec946 | |
parent | 3d38500a756d26294956c53bdcc82313a8bbfc55 (diff) | |
download | ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.gz ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.xz ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.zip |
Add auto-auth requirement to all admin pages
Instead ofhaving to explicitly decorate all methods with auth_protect()
use the fact all pages go through Page.__call__ to conditionally check
if the user is anoynous and set a default when instantiating AdminPage
so that all admin pages require authentication.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
-rwxr-xr-x | ipsilon/admin/common.py | 4 | ||||
-rwxr-xr-x | ipsilon/admin/info.py | 3 | ||||
-rwxr-xr-x | ipsilon/admin/login.py | 3 | ||||
-rwxr-xr-x | ipsilon/admin/providers.py | 3 | ||||
-rwxr-xr-x | ipsilon/util/page.py | 14 |
5 files changed, 9 insertions, 18 deletions
diff --git a/ipsilon/admin/common.py b/ipsilon/admin/common.py index 19ca6ff..5928763 100755 --- a/ipsilon/admin/common.py +++ b/ipsilon/admin/common.py @@ -19,7 +19,7 @@ import cherrypy from ipsilon.util.page import Page -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect class AdminPage(Page): @@ -31,6 +31,7 @@ class AdminPage(Page): 'Pragma': 'no-cache', 'Expires': 'Thu, 01 Dec 1994 16:00:00 GMT', }) + self.auth_protect = True class AdminPluginPage(AdminPage): @@ -121,7 +122,6 @@ class Admin(AdminPage): self.url = '%s/%s' % (self.basepath, mount) self.menu = [] - @auth_protect def root(self, *args, **kwargs): return self._template('admin/index.html', title='Configuration', diff --git a/ipsilon/admin/info.py b/ipsilon/admin/info.py index 1ce06f1..cea6b0e 100755 --- a/ipsilon/admin/info.py +++ b/ipsilon/admin/info.py @@ -3,7 +3,7 @@ # Copyright (C) 2014 Ipsilon Contributors see COPYING for license import cherrypy -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect from ipsilon.util.plugin import PluginObject from ipsilon.admin.common import AdminPluginPage from ipsilon.admin.common import AdminPage @@ -112,7 +112,6 @@ class InfoPlugins(AdminPage): enabled=ordered, menu=self._master.menu) - @auth_protect def root(self, *args, **kwargs): return self.root_with_msg() diff --git a/ipsilon/admin/login.py b/ipsilon/admin/login.py index 62e0a0e..4645917 100755 --- a/ipsilon/admin/login.py +++ b/ipsilon/admin/login.py @@ -18,7 +18,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import cherrypy -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect from ipsilon.util.plugin import PluginObject from ipsilon.admin.common import AdminPluginPage from ipsilon.admin.common import AdminPage @@ -144,7 +144,6 @@ class LoginPlugins(AdminPage): enabled=ordered, menu=self._master.menu) - @auth_protect def root(self, *args, **kwargs): return self.root_with_msg() diff --git a/ipsilon/admin/providers.py b/ipsilon/admin/providers.py index ce21e16..eea61e7 100755 --- a/ipsilon/admin/providers.py +++ b/ipsilon/admin/providers.py @@ -19,7 +19,7 @@ import cherrypy -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect from ipsilon.providers.common import FACILITY from ipsilon.admin.common import AdminPluginPage from ipsilon.admin.common import AdminPage @@ -57,7 +57,6 @@ class ProviderPlugins(AdminPage): enabled=enabled_plugins, menu=self._master.menu) - @auth_protect def root(self, *args, **kwargs): return self.root_with_msg() diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py index 1815ceb..f98b2d9 100755 --- a/ipsilon/util/page.py +++ b/ipsilon/util/page.py @@ -34,16 +34,6 @@ def admin_protect(fn): return check -def auth_protect(fn): - def check(self, *args, **kwargs): - if UserSession().get_user().is_anonymous: - raise cherrypy.HTTPRedirect(self.basepath) - else: - return fn(self, *args, **kwargs) - - return check - - class Page(Log): def __init__(self, site, form=False): if 'template_env' not in site: @@ -53,6 +43,7 @@ class Page(Log): self.user = None self._is_form_page = form self.default_headers = dict() + self.auth_protect = False def _compare_urls(self, url1, url2): u1 = unquote(url1) @@ -67,6 +58,9 @@ class Page(Log): self.user = UserSession().get_user() + if self.auth_protect and self.user.is_anonymous: + raise cherrypy.HTTPError(401) + if len(args) > 0: op = getattr(self, args[0], None) if callable(op) and getattr(op, 'public_function', None): |