diff options
author | Simo Sorce <simo@redhat.com> | 2015-02-16 14:04:49 -0500 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2015-02-24 16:37:38 +0100 |
commit | 771b8fd095f3bcb922f761d297c62f1a56a997d5 (patch) | |
tree | a0b588a1135f97abf6ddff141cb461b1fd389685 /ipsilon/login/common.py | |
parent | dd8a2ecf15a7f74e2fe3d8c5ea0ff5e2fed20927 (diff) | |
download | ipsilon-771b8fd095f3bcb922f761d297c62f1a56a997d5.tar.gz ipsilon-771b8fd095f3bcb922f761d297c62f1a56a997d5.tar.xz ipsilon-771b8fd095f3bcb922f761d297c62f1a56a997d5.zip |
Prefix userdata hives with _ to avoid conflicts
The main userdata dict contains common attributes, but we add
a sepcial groups list and unmapped extras, as well as indicators
like auth_type.
All these additional attributes are now prefixed by a _ character
so that conflicts with legitimate attributes are improbable.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/login/common.py')
-rw-r--r-- | ipsilon/login/common.py | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py index 2dcdb67..3002d78 100644 --- a/ipsilon/login/common.py +++ b/ipsilon/login/common.py @@ -44,27 +44,34 @@ class LoginManagerBase(PluginConfig, PluginObject): def auth_successful(self, trans, username, auth_type=None, userdata=None): session = UserSession() + # merge attributes from login plugin and info plugin if self.info: - userattrs = self.info.get_user_attrs(username) - if userdata: - userdata.update(userattrs.get('userdata', {})) - else: - userdata = userattrs.get('userdata', {}) + infoattrs = self.info.get_user_attrs(username) + else: + infoattrs = dict() + + if userdata is None: + userdata = dict() + + if '_groups' in infoattrs: + userdata['_groups'] = list(set(userdata.get('_groups', []) + + infoattrs['_groups'])) + del infoattrs['_groups'] - # merge groups and extras from login plugin and info plugin - userdata['groups'] = list(set(userdata.get('groups', []) + - userattrs.get('groups', []))) + if '_extras' in infoattrs: + userdata['_extras'] = userdata.get('_extras', {}) + userdata['_extras'].update(infoattrs['_extras']) + del infoattrs['_extras'] - userdata['extras'] = userdata.get('extras', {}) - userdata['extras'].update(userattrs.get('extras', {})) + userdata.update(infoattrs) - self.debug("User %s attributes: %s" % (username, repr(userdata))) + self.debug("User %s attributes: %s" % (username, repr(userdata))) if auth_type: if userdata: - userdata.update({'auth_type': auth_type}) + userdata.update({'_auth_type': auth_type}) else: - userdata = {'auth_type': auth_type} + userdata = {'_auth_type': auth_type} # create session login including all the userdata just gathered session.login(username, userdata) |