diff options
author | Simo Sorce <simo@redhat.com> | 2014-10-06 23:32:34 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-07 16:48:35 +0200 |
commit | 6c60a2e0c335ecc907cfcd576165be45021086a9 (patch) | |
tree | 834ca0144c397c6fb3356a6b7bbd5aea6b5ec946 /ipsilon/util/page.py | |
parent | 3d38500a756d26294956c53bdcc82313a8bbfc55 (diff) | |
download | ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.gz ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.tar.xz ipsilon-6c60a2e0c335ecc907cfcd576165be45021086a9.zip |
Add auto-auth requirement to all admin pages
Instead ofhaving to explicitly decorate all methods with auth_protect()
use the fact all pages go through Page.__call__ to conditionally check
if the user is anoynous and set a default when instantiating AdminPage
so that all admin pages require authentication.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/util/page.py')
-rwxr-xr-x | ipsilon/util/page.py | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py index 1815ceb..f98b2d9 100755 --- a/ipsilon/util/page.py +++ b/ipsilon/util/page.py @@ -34,16 +34,6 @@ def admin_protect(fn): return check -def auth_protect(fn): - def check(self, *args, **kwargs): - if UserSession().get_user().is_anonymous: - raise cherrypy.HTTPRedirect(self.basepath) - else: - return fn(self, *args, **kwargs) - - return check - - class Page(Log): def __init__(self, site, form=False): if 'template_env' not in site: @@ -53,6 +43,7 @@ class Page(Log): self.user = None self._is_form_page = form self.default_headers = dict() + self.auth_protect = False def _compare_urls(self, url1, url2): u1 = unquote(url1) @@ -67,6 +58,9 @@ class Page(Log): self.user = UserSession().get_user() + if self.auth_protect and self.user.is_anonymous: + raise cherrypy.HTTPError(401) + if len(args) > 0: op = getattr(self, args[0], None) if callable(op) and getattr(op, 'public_function', None): |