Mercurial > wikked

annotate wikked/auth.py @ 158:e53a3b64dfd8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Renamed main Wikked script.
author Ludovic Chabant <ludovic@chabant.com>
date Thu, 09 Jan 2014 20:59:41 -0800
parents 9d22cf4d2412
children 5ac0b5fe4cee
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
1 import re
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
2 import logging
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
3
0
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
4
131
9d22cf4d2412 Massive change that should have been several smaller ones, but whatever:
Ludovic Chabant <ludovic@chabant.com>
parents: 82
diff changeset
5 logger = logging.getLogger(__name__)
9d22cf4d2412 Massive change that should have been several smaller ones, but whatever:
Ludovic Chabant <ludovic@chabant.com>
parents: 82
diff changeset
6
9d22cf4d2412 Massive change that should have been several smaller ones, but whatever:
Ludovic Chabant <ludovic@chabant.com>
parents: 82
diff changeset
7
0
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
8 class User(object):
47
86ee1b696070 Big refactoring:
Ludovic Chabant <ludovic@chabant.com>
parents: 35
diff changeset
9 """ A user with an account on the wiki.
86ee1b696070 Big refactoring:
Ludovic Chabant <ludovic@chabant.com>
parents: 35
diff changeset
10 """
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
11 def __init__(self, username, password):
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
12 self.username = username
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
13 self.password = password
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
14 self.groups = []
0
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
15
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
16 def is_authenticated(self):
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
17 return True
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
18
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
19 def is_active(self):
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
20 return True
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
21
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
22 def is_anonymous(self):
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
23 return False
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
24
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
25 def get_id(self):
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
26 return unicode(self.username)
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
27
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
28 def is_admin(self):
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
29 return 'administrators' in self.groups
0
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
30
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
31
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
32 class UserManager(object):
47
86ee1b696070 Big refactoring:
Ludovic Chabant <ludovic@chabant.com>
parents: 35
diff changeset
33 """ A class that keeps track of users and their permissions.
86ee1b696070 Big refactoring:
Ludovic Chabant <ludovic@chabant.com>
parents: 35
diff changeset
34 """
131
9d22cf4d2412 Massive change that should have been several smaller ones, but whatever:
Ludovic Chabant <ludovic@chabant.com>
parents: 82
diff changeset
35 def __init__(self, config):
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
36 self._updatePermissions(config)
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
37 self._updateUserInfos(config)
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
38
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
39 def getUsers(self):
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
40 for user in self._users:
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
41 yield self._createUser(user)
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
42
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
43 def getUser(self, username):
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
44 for user in self._users:
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
45 if user['username'] == username:
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
46 return self._createUser(user)
0
c946f4facfa2 Initial commit.
Ludovic Chabant <ludovic@chabant.com>
parents:
diff changeset
47 return None
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
48
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
49 def isPageReadable(self, page, username):
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
50 return self._isAllowedForMeta(page, 'readers', username)
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
51
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
52 def isPageWritable(self, page, username):
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
53 return self._isAllowedForMeta(page, 'writers', username)
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
54
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
55 def _isAllowedForMeta(self, page, meta_name, username):
47
86ee1b696070 Big refactoring:
Ludovic Chabant <ludovic@chabant.com>
parents: 35
diff changeset
56 if (self._permissions[meta_name] is not None and
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
57 username not in self._permissions[meta_name]):
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
58 return False
82
9afe4a1dbd1e Refactoring of core wiki classes:
Ludovic Chabant <ludovic@chabant.com>
parents: 47
diff changeset
59 if meta_name in page.meta:
9afe4a1dbd1e Refactoring of core wiki classes:
Ludovic Chabant <ludovic@chabant.com>
parents: 47
diff changeset
60 allowed = [r.strip() for r in re.split(r'[ ,;]', page.meta[meta_name][0])]
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
61 if username is None:
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
62 return 'anonymous' in allowed
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
63 else:
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
64 return '*' in allowed or username in allowed
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
65 return True
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
66
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
67 def _updatePermissions(self, config):
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
68 self._permissions = {
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
69 'readers': None,
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
70 'writers': None
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
71 }
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
72 if config.has_option('permissions', 'readers'):
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
73 self._permissions['readers'] = [p.strip() for p in re.split(r'[ ,;]', config.get('permissions', 'readers'))]
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
74 if config.has_option('permissions', 'writers'):
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
75 self._permissions['writers'] = [p.strip() for p in re.split(r'[ ,;]', config.get('permissions', 'writers'))]
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
76
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
77 def _updateUserInfos(self, config):
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
78 self._users = []
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
79 if config.has_section('users'):
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
80 groups = []
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
81 if config.has_section('groups'):
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
82 groups = config.items('groups')
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
83
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
84 for user in config.items('users'):
47
86ee1b696070 Big refactoring:
Ludovic Chabant <ludovic@chabant.com>
parents: 35
diff changeset
85 user_info = {'username': user[0], 'password': user[1], 'groups': []}
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
86 for group in groups:
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
87 users_in_group = [u.strip() for u in re.split(r'[ ,;]', group[1])]
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
88 if user[0] in users_in_group:
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
89 user_info['groups'].append(group[0])
35
2b35d719f342 Handle wiki and page permissions for read/write access.
Ludovic Chabant <ludovic@chabant.com>
parents: 13
diff changeset
90 self._users.append(user_info)
13
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
91
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
92 def _createUser(self, user_info):
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
93 user = User(user_info['username'], user_info['password'])
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
94 user.groups = list(user_info['groups'])
30ae685b86df Added support for authentatication
Ludovic Chabant <ludovic@chabant.com>
parents: 0
diff changeset
95 return user