X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Flogin%2Fauthkrb.py;h=e352aa2d17ab027546d9efe95a8a80f200fec798;hp=965d018b635634084eceefc345cac501fdf4c243;hb=d71af443d0178aeded3a6e65921292819f9f3b5b;hpb=73c60e2df7ac240ddd847568e782a9b06f3ea520

diff --git a/ipsilon/login/authkrb.py b/ipsilon/login/authkrb.py
old mode 100755
new mode 100644
index 965d018..e352aa2
--- a/ipsilon/login/authkrb.py
+++ b/ipsilon/login/authkrb.py
@@ -1,5 +1,3 @@
-#!/usr/bin/python
-#
 # Copyright (C) 2014  Simo Sorce <simo@redhat.com>
 #
 # see file 'COPYING' for use and warranty information
@@ -18,9 +16,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from ipsilon.login.common import LoginPageBase, LoginManagerBase
-from ipsilon.login.common import FACILITY
 from ipsilon.util.plugin import PluginObject
-from ipsilon.util.trans import Transaction
 from ipsilon.util.user import UserSession
 from string import Template
 import cherrypy
@@ -38,7 +34,7 @@ class Krb(LoginPageBase):
 class KrbAuth(LoginPageBase):
 
     def root(self, *args, **kwargs):
-        trans = Transaction('login', **kwargs)
+        trans = self.get_valid_transaction('login', **kwargs)
         # If we can get here, we must be authenticated and remote_user
         # was set. Check the session has a user set already or error.
         us = UserSession()
@@ -62,8 +58,9 @@ class KrbError(LoginPageBase):
         if 'WWW-Authenticate' not in cherrypy.request.headers:
             cherrypy.response.status = 401
 
-            if self.lm.next_login:
-                return self.lm.next_login.page.root(*args, **kwargs)
+            next_login = self.lm.next_login()
+            if next_login:
+                return next_login.page.root(*args, **kwargs)
 
             conturl = '%s/login' % self.basepath
             return self._template('login/krb.html',
@@ -71,7 +68,8 @@ class KrbError(LoginPageBase):
                                   cont=conturl)
 
         # If we get here, negotiate failed
-        return self.lm.auth_failed(Transaction('login', **kwargs))
+        trans = self.get_valid_transaction('login', **kwargs)
+        return self.lm.auth_failed(trans)
 
 
 class LoginManager(LoginManagerBase):
@@ -84,6 +82,7 @@ class LoginManager(LoginManagerBase):
         self.description = """
 Kereros Negotiate authentication plugin. Relies on the mod_auth_kerb apache
 plugin for actual authentication. """
+        self.new_config(self.name)
 
     def get_tree(self, site):
         self.page = Krb(site, self)
@@ -116,9 +115,10 @@ CONF_TEMPLATE = """
 
 class Installer(object):
 
-    def __init__(self):
+    def __init__(self, *pargs):
         self.name = 'krb'
         self.ptype = 'login'
+        self.pargs = pargs
 
     def install_args(self, group):
         group.add_argument('--krb', choices=['yes', 'no'], default='no',
@@ -151,18 +151,15 @@ class Installer(object):
             httpd_conf.write(hunk)
 
         # Add configuration data to database
-        po = PluginObject()
+        po = PluginObject(*self.pargs)
         po.name = 'krb'
         po.wipe_data()
 
         # Update global config, put 'krb' always first
-        po.name = 'global'
-        globalconf = po.get_plugin_config(FACILITY)
-        if 'order' in globalconf:
-            order = globalconf['order'].split(',')
-        else:
-            order = []
-        order.insert(0, 'krb')
-        globalconf['order'] = ','.join(order)
-        po.set_config(globalconf)
-        po.save_plugin_config(FACILITY)
+        ph = self.pargs[0]
+        ph.refresh_enabled()
+        if 'krb' not in ph.enabled:
+            enabled = []
+            enabled.extend(ph.enabled)
+            enabled.insert(0, 'krb')
+            ph.save_enabled(enabled)