Build in fakeauth into the fake authkit.authenticate module

[bluechips.git] / bluechips / lib / permissions.py

diff --git a/bluechips/lib/permissions.py b/bluechips/lib/permissions.py
index 0da8687faa3b313867f1109f20e62bef2eeb69cb..a22eb0b0e130c4a372755a02de94bd3ee85849e2 100644 (file)
--- a/bluechips/lib/permissions.py
+++ b/bluechips/lib/permissions.py
@@ -3,7 +3,7 @@ authkit authorization permission objects for BlueChips
 """
 
 from authkit.authenticate import AddDictToEnviron
-from authkit.authorize import NotAuthorizedError
+from authkit.authorize import NotAuthenticatedError, NotAuthorizedError
 from authkit.permissions import RequestPermission
 
 from sqlalchemy.exceptions import InvalidRequestError
@@ -16,8 +16,8 @@ class BlueChipUser(RequestPermission):
         if 'REMOTE_USER' not in environ:
             raise NotAuthenticatedError('Not Authenticated')
         try:
-            user = meta.Session.query(model.User).\
-                filter_by(username=environ['REMOTE_USER']).\
+            environ['user'] = meta.Session.query(model.User).\
+                filter_by(username=unicode(environ['REMOTE_USER'])).\
                 one()
         except InvalidRequestError:
             raise NotAuthorizedError('You are not allowed access.')
@@ -28,8 +28,11 @@ class DummyAuthenticate(AddDictToEnviron):
     Set the authkit.authenticate environment variable so
     authkit.authorize shuts up
     """
-    def __init__(self, app):
-        super(DummyAuthenticate, self).__init__(app, {
-                'authkit.authenticate': True})
+    def __init__(self, app, app_conf):
+        newenv = {}
+        newenv['authkit.authenticate'] = True
+        if 'fake_username' in app_conf:
+            newenv['REMOTE_USER'] = app_conf['fake_username']
+        super(DummyAuthenticate, self).__init__(app, newenv)
 
 __all__ = ['BlueChipUser', 'DummyAuthenticate']