From 73eeae98716c0e25f31cdb2c347c1939525d6ef7 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Fri, 3 Oct 2014 13:24:37 -0400
Subject: Redirect anonymous users away

It makes no sense to let anonymous users interact with the admin
pages so tighten up access and redirect away users that have no
rights.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/util/page.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'ipsilon/util')

diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py
index 10f10aa..aa075de 100755
--- a/ipsilon/util/page.py
+++ b/ipsilon/util/page.py
@@ -34,6 +34,16 @@ def admin_protect(fn):
     return check
 
 
+def auth_protect(fn):
+    def check(self, *args, **kwargs):
+        if UserSession().get_user().is_anonymous:
+            raise cherrypy.HTTPRedirect(self.basepath)
+        else:
+            return fn(self, *args, **kwargs)
+
+    return check
+
+
 class Page(Log):
     def __init__(self, site, form=False):
         if 'template_env' not in site:
-- 
cgit