From cb84e6f0b70f30450bd4b1ea677ccf5343aaa78a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= <sybren@stuvel.eu>
Date: Tue, 30 Aug 2016 14:18:43 +0200
Subject: [PATCH] Allow CLI commands to set the current user to a non-existing
 admin user.

---
 pillar/api/utils/authentication.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/pillar/api/utils/authentication.py b/pillar/api/utils/authentication.py
index 407aa2e5..66003dc9 100644
--- a/pillar/api/utils/authentication.py
+++ b/pillar/api/utils/authentication.py
@@ -15,6 +15,22 @@ from flask import current_app
 
 log = logging.getLogger(__name__)
 
+CLI_USER = {
+    'user_id': 'CLI',
+    'groups': [],
+    'roles': {'admin'},
+}
+
+
+def force_cli_user():
+    """Sets g.current_user to the CLI_USER object.
+
+    This is used as a marker to avoid authorization checks and just allow everything.
+    """
+
+    log.warning('Logging in as CLI_USER, circumventing authentication.')
+    g.current_user = CLI_USER
+
 
 def validate_token():
     """Validate the token provided in the request and populate the current_user