Fixed authentication for anonymous users

This commit is contained in:
Jean-Marc Martins 2013-09-12 17:39:20 +02:00
parent 43785e48a9
commit 58faf725b0
2 changed files with 13 additions and 3 deletions

View File

@ -279,7 +279,7 @@ class Application(object):
user = password = None
if not items or function == self.options or \
auth.is_authenticated(user, password):
auth.is_authenticated(user, password) if user else True:
read_allowed_items, write_allowed_items = \
self.collect_allowed_items(items, user)
@ -290,6 +290,14 @@ class Application(object):
status, headers, answer = function(
environ, read_allowed_items, write_allowed_items, content,
user)
elif not user:
# Unknown or unauthorized user
log.LOGGER.info("%s refused" % (user or "Anonymous user"))
status = client.UNAUTHORIZED
headers = {
"WWW-Authenticate":
"Basic realm=\"%s\"" % config.get("server", "realm")}
answer = None
else:
# Good user but has no rights to any of the given collections
status, headers, answer = NOT_ALLOWED

View File

@ -93,5 +93,7 @@ def _read_from_sections(user, collection, permission):
def authorized(user, collection, right):
"""Check if the user is allowed to read or write the collection."""
rights_type = config.get("rights", "type").lower()
return rights_type == "none" or (user and _read_from_sections(
user, collection.url.rstrip("/") or "/", right))
return rights_type == "none" or (
(True if not user else user) and _read_from_sections(
user if user else "", collection.url.rstrip("/") or "/", right)
)