From: Simo Sorce Date: Tue, 7 Oct 2014 03:32:34 +0000 (-0400) Subject: Add auto-auth requirement to all admin pages X-Git-Tag: v0.3.0~63 X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=commitdiff_plain;h=6c60a2e0c335ecc907cfcd576165be45021086a9 Add auto-auth requirement to all admin pages Instead ofhaving to explicitly decorate all methods with auth_protect() use the fact all pages go through Page.__call__ to conditionally check if the user is anoynous and set a default when instantiating AdminPage so that all admin pages require authentication. Signed-off-by: Simo Sorce Reviewed-by: Patrick Uiterwijk --- diff --git a/ipsilon/admin/common.py b/ipsilon/admin/common.py index 19ca6ff..5928763 100755 --- a/ipsilon/admin/common.py +++ b/ipsilon/admin/common.py @@ -19,7 +19,7 @@ import cherrypy from ipsilon.util.page import Page -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect class AdminPage(Page): @@ -31,6 +31,7 @@ class AdminPage(Page): 'Pragma': 'no-cache', 'Expires': 'Thu, 01 Dec 1994 16:00:00 GMT', }) + self.auth_protect = True class AdminPluginPage(AdminPage): @@ -121,7 +122,6 @@ class Admin(AdminPage): self.url = '%s/%s' % (self.basepath, mount) self.menu = [] - @auth_protect def root(self, *args, **kwargs): return self._template('admin/index.html', title='Configuration', diff --git a/ipsilon/admin/info.py b/ipsilon/admin/info.py index 1ce06f1..cea6b0e 100755 --- a/ipsilon/admin/info.py +++ b/ipsilon/admin/info.py @@ -3,7 +3,7 @@ # Copyright (C) 2014 Ipsilon Contributors see COPYING for license import cherrypy -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect from ipsilon.util.plugin import PluginObject from ipsilon.admin.common import AdminPluginPage from ipsilon.admin.common import AdminPage @@ -112,7 +112,6 @@ class InfoPlugins(AdminPage): enabled=ordered, menu=self._master.menu) - @auth_protect def root(self, *args, **kwargs): return self.root_with_msg() diff --git a/ipsilon/admin/login.py b/ipsilon/admin/login.py index 62e0a0e..4645917 100755 --- a/ipsilon/admin/login.py +++ b/ipsilon/admin/login.py @@ -18,7 +18,7 @@ # along with this program. If not, see . import cherrypy -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect from ipsilon.util.plugin import PluginObject from ipsilon.admin.common import AdminPluginPage from ipsilon.admin.common import AdminPage @@ -144,7 +144,6 @@ class LoginPlugins(AdminPage): enabled=ordered, menu=self._master.menu) - @auth_protect def root(self, *args, **kwargs): return self.root_with_msg() diff --git a/ipsilon/admin/providers.py b/ipsilon/admin/providers.py index ce21e16..eea61e7 100755 --- a/ipsilon/admin/providers.py +++ b/ipsilon/admin/providers.py @@ -19,7 +19,7 @@ import cherrypy -from ipsilon.util.page import admin_protect, auth_protect +from ipsilon.util.page import admin_protect from ipsilon.providers.common import FACILITY from ipsilon.admin.common import AdminPluginPage from ipsilon.admin.common import AdminPage @@ -57,7 +57,6 @@ class ProviderPlugins(AdminPage): enabled=enabled_plugins, menu=self._master.menu) - @auth_protect def root(self, *args, **kwargs): return self.root_with_msg() diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py index 1815ceb..f98b2d9 100755 --- a/ipsilon/util/page.py +++ b/ipsilon/util/page.py @@ -34,16 +34,6 @@ def admin_protect(fn): return check -def auth_protect(fn): - def check(self, *args, **kwargs): - if UserSession().get_user().is_anonymous: - raise cherrypy.HTTPRedirect(self.basepath) - else: - return fn(self, *args, **kwargs) - - return check - - class Page(Log): def __init__(self, site, form=False): if 'template_env' not in site: @@ -53,6 +43,7 @@ class Page(Log): self.user = None self._is_form_page = form self.default_headers = dict() + self.auth_protect = False def _compare_urls(self, url1, url2): u1 = unquote(url1) @@ -67,6 +58,9 @@ class Page(Log): self.user = UserSession().get_user() + if self.auth_protect and self.user.is_anonymous: + raise cherrypy.HTTPError(401) + if len(args) > 0: op = getattr(self, args[0], None) if callable(op) and getattr(op, 'public_function', None):