archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Late-initialise CLI user & late-import UserClass class

Browse Source 
This may fix some unit tests issues.
This commit is contained in:
Sybren A. Stüvel
2017-08-18 19:14:29 +02:00
parent 575a7ed1a7
commit 566f2a4835
3 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
pillar/api/utils/authentication.py
View File

@@ -15,17 +15,9 @@ from flask import g
from flask import request from flask import request
from flask import current_app from flask import current_app
from pillar.auth import UserClass
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
CLI_USER = UserClass.construct('CLI', { CLI_USER = ...
'_id': 'CLI',
'groups': [],
'roles': {'admin'},
'email': 'local@nowhere',
'username': 'CLI',
})
def force_cli_user(): def force_cli_user():
@@ -34,7 +26,22 @@ def force_cli_user():
This is used as a marker to avoid authorization checks and just allow everything. This is used as a marker to avoid authorization checks and just allow everything.
""" """
log.warning('Logging in as CLI_USER, circumventing authentication.') global CLI_USER
from pillar.auth import UserClass
if CLI_USER is ...:
CLI_USER = UserClass.construct('CLI', {
'_id': 'CLI',
'groups': [],
'roles': {'admin'},
'email': 'local@nowhere',
'username': 'CLI',
})
log.warning('CONSTRUCTED CLI USER %s of type %s', id(CLI_USER), id(type(CLI_USER)))
log.warning('Logging in as CLI_USER (%s) of type %s, circumventing authentication.',
id(CLI_USER), id(type(CLI_USER)))
g.current_user = CLI_USER g.current_user = CLI_USER

12
pillar/api/utils/authorization.py
View File

@@ -7,8 +7,6 @@ from flask import abort
from flask import current_app from flask import current_app
from werkzeug.exceptions import Forbidden from werkzeug.exceptions import Forbidden
from pillar.auth import UserClass
CHECK_PERMISSIONS_IMPLEMENTED_FOR = {'projects', 'nodes', 'flamenco_jobs'} CHECK_PERMISSIONS_IMPLEMENTED_FOR = {'projects', 'nodes', 'flamenco_jobs'}
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@@ -355,9 +353,11 @@ def ab_testing(require_roles=set(),
return decorator return decorator
def user_has_role(role, user: UserClass=None): def user_has_role(role, user=None):
"""Returns True iff the user is logged in and has the given role.""" """Returns True iff the user is logged in and has the given role."""
from pillar.auth import UserClass
if user is None: if user is None:
user = g.get('current_user') user = g.get('current_user')
if user is not None and not isinstance(user, UserClass): if user is not None and not isinstance(user, UserClass):
@@ -371,9 +371,11 @@ def user_has_role(role, user: UserClass=None):
return user.has_role(role) return user.has_role(role)
def user_has_cap(capability: str, user: UserClass=None) -> bool: def user_has_cap(capability: str, user=None) -> bool:
"""Returns True iff the user is logged in and has the given capability.""" """Returns True iff the user is logged in and has the given capability."""
from pillar.auth import UserClass
assert capability assert capability
if user is None: if user is None:
@@ -400,6 +402,8 @@ def user_matches_roles(require_roles=set(),
returning True. returning True.
""" """
from pillar.auth import UserClass
current_user: UserClass = g.get('current_user') current_user: UserClass = g.get('current_user')
if current_user is None: if current_user is None:
return False return False

3
pillar/auth/__init__.py
View File

@@ -61,6 +61,9 @@ class UserClass(flask_login.UserMixin):
return user return user
def __str__(self):
return f'UserClass(user_id={self.user_id})'
def __getitem__(self, item): def __getitem__(self, item):
"""Compatibility layer with old dict-based g.current_user object.""" """Compatibility layer with old dict-based g.current_user object."""