Add anonymous user

author: Aleksey Lim <alsroot@sugarlabs.org> 2012-10-01 19:41:02 (GMT)
committer: Aleksey Lim <alsroot@sugarlabs.org> 2012-10-01 19:41:02 (GMT)
commit: 73779cd58ac946a72f5d740d039c8c27d4fc2fa1 (patch)
tree: dffef76462baff3684c4b69d5b500e737d284a91
parent: ad06135abee6b60aedc0c0799e5f02d00fed1fa2 (diff)
5 files changed, 55 insertions, 8 deletions
diff --git a/sugar_network/local/mountset.py b/sugar_network/local/mountset.py
index c8a3337..ac81e5d 100644
--- a/sugar_network/local/mountset.py
+++ b/sugar_network/local/mountset.py
@@ -142,8 +142,6 @@ class Mountset(dict, ad.CommandsProcessor, Commands, SyncCommands):
             del self._subscriptions[callback]
 
     def publish(self, event):
-        _logger.debug('Publish event: %r', event)
-
         for callback, condition in self._subscriptions.items():
             for key, value in condition.items():
                 if event.get(key) != value:
diff --git a/sugar_network/node/auth.py b/sugar_network/node/auth.py
index fdb7975..131cda5 100644
--- a/sugar_network/node/auth.py
+++ b/sugar_network/node/auth.py
@@ -25,23 +25,29 @@ _config = None
 
 
 def validate(request, role):
-    enforce(_validate(request.principal, role), ad.Forbidden,
+    enforce(_validate(request, role), ad.Forbidden,
             'No enough permissions to proceed the operation')
 
 
 def try_validate(request, role):
-    return _validate(request.principal, role) or False
+    return _validate(request, role) or False
 
 
-def _validate(user, role):
+def _validate(request, role):
     global _config
 
+    if role == 'user':
+        if request.principal:
+            return True
+        else:
+            request.principal = 'anonymous'
+
     if _config is None:
         _config = ConfigParser()
         config_path = join(node.data_root.value, 'authorization.conf')
         if exists(config_path):
             _config.read(config_path)
 
-    if _config.has_option(user, role):
-        return _config.get(user, role).strip().lower() in \
+    if _config.has_option(request.principal, role):
+        return _config.get(request.principal, role).strip().lower() in \
                 ('true', 'on', '1', 'allow')
diff --git a/sugar_network/node/commands.py b/sugar_network/node/commands.py
index 1df1a13..36889dc 100644
--- a/sugar_network/node/commands.py
+++ b/sugar_network/node/commands.py
@@ -91,7 +91,7 @@ class NodeCommands(ad.VolumeCommands, Commands):
             return
 
         if cmd.permissions & ad.ACCESS_AUTH:
-            enforce(request.principal is not None, router.Unauthorized,
+            enforce(auth.try_validate(request, 'user'), router.Unauthorized,
                     'User is not authenticated')
 
         if cmd.permissions & ad.ACCESS_AUTHOR and 'guid' in request:
diff --git a/sugar_network/resources/volume.py b/sugar_network/resources/volume.py
index bf5d122..a5690db 100644
--- a/sugar_network/resources/volume.py
+++ b/sugar_network/resources/volume.py
@@ -253,6 +253,7 @@ class Commands(object):
             _logger.debug('Stop pulling events to %s user', peer)
 
     def _notify(self, event):
+        _logger.debug('Publish event: %r', event)
         self._notifier.set(event)
         self._notifier = coroutine.AsyncResult()
         coroutine.dispatch()
diff --git a/tests/units/auth.py b/tests/units/auth.py
index e499f35..530a9cd 100755
--- a/tests/units/auth.py
+++ b/tests/units/auth.py
@@ -65,6 +65,48 @@ class AuthTest(tests.Test):
         client.put(['context', 'guid'], {'title': 'probe'})
         self.assertEqual('probe', client.get(['context', 'guid', 'title']))
 
+    def test_Anonymous(self):
+        client = Client(sugar_auth=False)
+
+        props = {'implement': 'guid',
+                 'type': 'package',
+                 'title': 'title',
+                 'summary': 'summary',
+                 'description': 'description',
+                 }
+        self.start_master()
+
+        self.assertRaises(RuntimeError, client.post, ['context'], props)
+
+        self.touch(('authorization.conf', [
+            '[anonymous]',
+            'user = True',
+            ]))
+        auth._config = None
+        client.post(['context'], props)
+        self.assertEqual('title', client.get(['context', 'guid', 'title']))
+        self.assertEqual(['anonymous'], client.get(['context', 'guid', 'user']))
+
+        self.stop_servers()
+        self.touch((
+            'master/context/gu/guid/user',
+            '{"seqno": 1, "value": ["fake"]}',
+            ))
+        self.start_master()
+
+        auth._config = None
+        self.assertRaises(RuntimeError, client.put, ['context', 'guid'], {'title': 'probe'})
+
+        self.touch(('authorization.conf', [
+            '[anonymous]',
+            'user = True',
+            'root = True',
+            ]))
+        auth._config = None
+        client.put(['context', 'guid'], {'title': 'probe'})
+        self.assertEqual('probe', client.get(['context', 'guid', 'title']))
+        self.assertEqual(['fake'], client.get(['context', 'guid', 'user']))
+
 
 if __name__ == '__main__':
     tests.main()
author	Aleksey Lim <alsroot@sugarlabs.org>	2012-10-01 19:41:02 (GMT)
committer	Aleksey Lim <alsroot@sugarlabs.org>	2012-10-01 19:41:02 (GMT)
commit	73779cd58ac946a72f5d740d039c8c27d4fc2fa1 (patch)
tree	dffef76462baff3684c4b69d5b500e737d284a91
parent	ad06135abee6b60aedc0c0799e5f02d00fed1fa2 (diff)