X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=bluechips%2Flib%2Fpermissions.py;h=4a30fdc3e0c66b59ab27bc7b866aa1b6eb276ca4;hb=a59d19c0581702321ebb6f89ab20f158cdc9d7bc;hp=a22eb0b0e130c4a372755a02de94bd3ee85849e2;hpb=ad599e867f780bca7ca1e96e463be00bc4884354;p=bluechips.git diff --git a/bluechips/lib/permissions.py b/bluechips/lib/permissions.py index a22eb0b..4a30fdc 100644 --- a/bluechips/lib/permissions.py +++ b/bluechips/lib/permissions.py @@ -6,21 +6,18 @@ from authkit.authenticate import AddDictToEnviron from authkit.authorize import NotAuthenticatedError, NotAuthorizedError from authkit.permissions import RequestPermission -from sqlalchemy.exceptions import InvalidRequestError - from bluechips import model from bluechips.model import meta class BlueChipUser(RequestPermission): def check(self, app, environ, start_response): if 'REMOTE_USER' not in environ: - raise NotAuthenticatedError('Not Authenticated') - try: - environ['user'] = meta.Session.query(model.User).\ - filter_by(username=unicode(environ['REMOTE_USER'])).\ - one() - except InvalidRequestError: - raise NotAuthorizedError('You are not allowed access.') + raise NotAuthenticatedError('Not Authenticated') # pragma: nocover + environ['user'] = meta.Session.query(model.User).\ + filter_by(username=unicode(environ['REMOTE_USER'])).\ + first() + if environ['user'] == None: + raise NotAuthorizedError('You are not allowed access.') # pragma: nocover return app(environ, start_response) class DummyAuthenticate(AddDictToEnviron): @@ -31,6 +28,7 @@ class DummyAuthenticate(AddDictToEnviron): def __init__(self, app, app_conf): newenv = {} newenv['authkit.authenticate'] = True + newenv['authkit.config'] = {'setup.enable': True} if 'fake_username' in app_conf: newenv['REMOTE_USER'] = app_conf['fake_username'] super(DummyAuthenticate, self).__init__(app, newenv)