diff options
Diffstat (limited to 'sugar_network/node/auth.py')
-rw-r--r-- | sugar_network/node/auth.py | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/sugar_network/node/auth.py b/sugar_network/node/auth.py index fdb7975..131cda5 100644 --- a/sugar_network/node/auth.py +++ b/sugar_network/node/auth.py @@ -25,23 +25,29 @@ _config = None def validate(request, role): - enforce(_validate(request.principal, role), ad.Forbidden, + enforce(_validate(request, role), ad.Forbidden, 'No enough permissions to proceed the operation') def try_validate(request, role): - return _validate(request.principal, role) or False + return _validate(request, role) or False -def _validate(user, role): +def _validate(request, role): global _config + if role == 'user': + if request.principal: + return True + else: + request.principal = 'anonymous' + if _config is None: _config = ConfigParser() config_path = join(node.data_root.value, 'authorization.conf') if exists(config_path): _config.read(config_path) - if _config.has_option(user, role): - return _config.get(user, role).strip().lower() in \ + if _config.has_option(request.principal, role): + return _config.get(request.principal, role).strip().lower() in \ ('true', 'on', '1', 'allow') |