diff --git a/pillar/application/modules/projects.py b/pillar/application/modules/projects.py index 0cdae93b..aca04843 100644 --- a/pillar/application/modules/projects.py +++ b/pillar/application/modules/projects.py @@ -33,7 +33,7 @@ def after_inserting_projects(items): :param items: List of project docs that have been inserted (normally one) """ - current_user = g.get('current_user', None) + current_user = g.current_user users_collection = app.data.driver.db['users'] user = users_collection.find_one({'_id': current_user['user_id']}) diff --git a/pillar/application/utils/authentication.py b/pillar/application/utils/authentication.py index 5d96d012..7fc7a8a8 100644 --- a/pillar/application/utils/authentication.py +++ b/pillar/application/utils/authentication.py @@ -52,14 +52,18 @@ def validate_token(): from it. When the token is successfully validated, sets `g.current_user` to contain - the user information. + the user information, otherwise it is set to None. @returns True iff the user is logged in with a valid Blender ID token. """ + # Default to no user at all. + g.current_user = None + if not request.authorization: # If no authorization headers are provided, we are getting a request # from a non logged in user. Proceed accordingly. + log.debug('No authentication headers, so not logged in.') return False token = request.authorization.username diff --git a/pillar/application/utils/authorization.py b/pillar/application/utils/authorization.py index 8c7baf1d..4af60d76 100644 --- a/pillar/application/utils/authorization.py +++ b/pillar/application/utils/authorization.py @@ -17,7 +17,7 @@ def check_permissions(resource, method, append_allowed_methods=False): if method != 'GET' and append_allowed_methods: raise ValueError("append_allowed_methods only allowed with 'GET' method") - current_user = g.get('current_user', None) + current_user = g.current_user if 'permissions' in resource: # If permissions are embedded in the node (this overrides any other