class BlueChipUser(RequestPermission):
def check(self, app, environ, start_response):
if 'REMOTE_USER' not in environ:
- raise NotAuthenticatedError('Not Authenticated')
+ raise NotAuthenticatedError('Not Authenticated') # pragma: nocover
environ['user'] = meta.Session.query(model.User).\
filter_by(username=unicode(environ['REMOTE_USER'])).\
first()
if environ['user'] == None:
+ raise NotAuthorizedError('You are not allowed access.') # pragma: nocover
+ return app(environ, start_response)
+
+class BlueChipResident(RequestPermission):
+ def check(self, app, environ, start_response):
+ if 'user' not in environ:
+ raise NotAuthenticatedError('Not Authenticated')
+
+ if not getattr(environ['user'], 'resident', False):
raise NotAuthorizedError('You are not allowed access.')
+
return app(environ, start_response)
class DummyAuthenticate(AddDictToEnviron):
newenv['REMOTE_USER'] = app_conf['fake_username']
super(DummyAuthenticate, self).__init__(app, newenv)
-__all__ = ['BlueChipUser', 'DummyAuthenticate']
+
+def authenticate(environ, username, password):
+ user = meta.Session.query(model.User).\
+ filter_by(username=unicode(username),
+ password=unicode(password)).first()
+ return (user is not None)
+
+__all__ = ['BlueChipUser', 'DummyAuthenticate', 'authenticate']