diff options
Diffstat (limited to 'sugar_network/node')
-rw-r--r-- | sugar_network/node/auth.py | 16 | ||||
-rw-r--r-- | sugar_network/node/commands.py | 2 |
2 files changed, 12 insertions, 6 deletions
diff --git a/sugar_network/node/auth.py b/sugar_network/node/auth.py index fdb7975..131cda5 100644 --- a/sugar_network/node/auth.py +++ b/sugar_network/node/auth.py @@ -25,23 +25,29 @@ _config = None def validate(request, role): - enforce(_validate(request.principal, role), ad.Forbidden, + enforce(_validate(request, role), ad.Forbidden, 'No enough permissions to proceed the operation') def try_validate(request, role): - return _validate(request.principal, role) or False + return _validate(request, role) or False -def _validate(user, role): +def _validate(request, role): global _config + if role == 'user': + if request.principal: + return True + else: + request.principal = 'anonymous' + if _config is None: _config = ConfigParser() config_path = join(node.data_root.value, 'authorization.conf') if exists(config_path): _config.read(config_path) - if _config.has_option(user, role): - return _config.get(user, role).strip().lower() in \ + if _config.has_option(request.principal, role): + return _config.get(request.principal, role).strip().lower() in \ ('true', 'on', '1', 'allow') diff --git a/sugar_network/node/commands.py b/sugar_network/node/commands.py index 1df1a13..36889dc 100644 --- a/sugar_network/node/commands.py +++ b/sugar_network/node/commands.py @@ -91,7 +91,7 @@ class NodeCommands(ad.VolumeCommands, Commands): return if cmd.permissions & ad.ACCESS_AUTH: - enforce(request.principal is not None, router.Unauthorized, + enforce(auth.try_validate(request, 'user'), router.Unauthorized, 'User is not authenticated') if cmd.permissions & ad.ACCESS_AUTHOR and 'guid' in request: |