Fixed authentication for anonymous users
This commit is contained in:
parent
43785e48a9
commit
58faf725b0
@ -279,7 +279,7 @@ class Application(object):
|
||||
user = password = None
|
||||
|
||||
if not items or function == self.options or \
|
||||
auth.is_authenticated(user, password):
|
||||
auth.is_authenticated(user, password) if user else True:
|
||||
|
||||
read_allowed_items, write_allowed_items = \
|
||||
self.collect_allowed_items(items, user)
|
||||
@ -290,6 +290,14 @@ class Application(object):
|
||||
status, headers, answer = function(
|
||||
environ, read_allowed_items, write_allowed_items, content,
|
||||
user)
|
||||
elif not user:
|
||||
# Unknown or unauthorized user
|
||||
log.LOGGER.info("%s refused" % (user or "Anonymous user"))
|
||||
status = client.UNAUTHORIZED
|
||||
headers = {
|
||||
"WWW-Authenticate":
|
||||
"Basic realm=\"%s\"" % config.get("server", "realm")}
|
||||
answer = None
|
||||
else:
|
||||
# Good user but has no rights to any of the given collections
|
||||
status, headers, answer = NOT_ALLOWED
|
||||
|
@ -93,5 +93,7 @@ def _read_from_sections(user, collection, permission):
|
||||
def authorized(user, collection, right):
|
||||
"""Check if the user is allowed to read or write the collection."""
|
||||
rights_type = config.get("rights", "type").lower()
|
||||
return rights_type == "none" or (user and _read_from_sections(
|
||||
user, collection.url.rstrip("/") or "/", right))
|
||||
return rights_type == "none" or (
|
||||
(True if not user else user) and _read_from_sections(
|
||||
user if user else "", collection.url.rstrip("/") or "/", right)
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user