Fix rights type "None"
This commit is contained in:
parent
15ef75301f
commit
f7f26afd6b
@ -302,8 +302,7 @@ class Application(object):
|
|||||||
status, headers, answer = NOT_ALLOWED
|
status, headers, answer = NOT_ALLOWED
|
||||||
else:
|
else:
|
||||||
# Unknown or unauthorized user
|
# Unknown or unauthorized user
|
||||||
log.LOGGER.info(
|
log.LOGGER.info("%s refused" % (user or "Anonymous user"))
|
||||||
"%s refused" % (user or "Anonymous user"))
|
|
||||||
status, headers, answer = WRONG_CREDENTIALS
|
status, headers, answer = WRONG_CREDENTIALS
|
||||||
|
|
||||||
# Set content length
|
# Set content length
|
||||||
|
@ -38,8 +38,8 @@ except ImportError:
|
|||||||
|
|
||||||
|
|
||||||
FILENAME = os.path.expanduser(config.get("rights", "file"))
|
FILENAME = os.path.expanduser(config.get("rights", "file"))
|
||||||
|
TYPE = config.get("rights", "type").lower()
|
||||||
DEFINED_RIGHTS = {
|
DEFINED_RIGHTS = {
|
||||||
"none": "[rw]\nuser:.*\ncollection:.*\npermission:rw",
|
|
||||||
"owner_write": "[r]\nuser:.*\ncollection:.*\npermission:r\n"
|
"owner_write": "[r]\nuser:.*\ncollection:.*\npermission:r\n"
|
||||||
"[w]\nuser:.*\ncollection:^%(login)s/.+$\npermission:w",
|
"[w]\nuser:.*\ncollection:^%(login)s/.+$\npermission:w",
|
||||||
"owner_only": "[rw]\nuser:.\ncollection: ^%(login)s/.+$\npermission:rw"}
|
"owner_only": "[rw]\nuser:.\ncollection: ^%(login)s/.+$\npermission:rw"}
|
||||||
@ -48,17 +48,16 @@ DEFINED_RIGHTS = {
|
|||||||
def _read_from_sections(user, collection, permission):
|
def _read_from_sections(user, collection, permission):
|
||||||
"""Get regex sections."""
|
"""Get regex sections."""
|
||||||
regex = ConfigParser({"login": user, "path": collection})
|
regex = ConfigParser({"login": user, "path": collection})
|
||||||
rights_type = config.get("rights", "type").lower()
|
if TYPE in DEFINED_RIGHTS:
|
||||||
if rights_type in DEFINED_RIGHTS:
|
log.LOGGER.debug("Rights type '%s'" % TYPE)
|
||||||
log.LOGGER.debug("Rights type '%s'" % rights_type)
|
regex.read_string(DEFINED_RIGHTS[TYPE])
|
||||||
regex.read_string(DEFINED_RIGHTS[rights_type])
|
elif TYPE == "from_file":
|
||||||
elif rights_type == "from_file":
|
|
||||||
log.LOGGER.debug("Reading rights from file %s" % FILENAME)
|
log.LOGGER.debug("Reading rights from file %s" % FILENAME)
|
||||||
if not regex.read(FILENAME):
|
if not regex.read(FILENAME):
|
||||||
log.LOGGER.error("File '%s' not found for rights" % FILENAME)
|
log.LOGGER.error("File '%s' not found for rights" % FILENAME)
|
||||||
return False
|
return False
|
||||||
else:
|
else:
|
||||||
log.LOGGER.error("Unknown rights type '%s'" % rights_type)
|
log.LOGGER.error("Unknown rights type '%s'" % TYPE)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
for section in regex.sections():
|
for section in regex.sections():
|
||||||
@ -80,5 +79,5 @@ def _read_from_sections(user, collection, permission):
|
|||||||
|
|
||||||
def authorized(user, collection, right):
|
def authorized(user, collection, right):
|
||||||
"""Check if the user is allowed to read or write the collection."""
|
"""Check if the user is allowed to read or write the collection."""
|
||||||
return user and _read_from_sections(
|
return TYPE == "none" or (user and _read_from_sections(
|
||||||
user, collection.url.rstrip("/") or "/", right)
|
user, collection.url.rstrip("/") or "/", right))
|
||||||
|
Loading…
Reference in New Issue
Block a user