Mercurial > kallithea

changeset 5316:49f656a0ccdd

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
auth: miscellaneous improvements and typo fixes
author Søren Løvborg <kwi@kwi.dk>
date Sun, 26 Jul 2015 13:58:50 +0200
parents 8b8f51f36542
children 71c2b7054e55
files kallithea/controllers/admin/auth_settings.py kallithea/controllers/login.py kallithea/lib/auth.py kallithea/lib/base.py kallithea/model/user.py
diffstat 5 files changed, 9 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/kallithea/controllers/admin/auth_settings.py	Sun Jul 26 13:58:50 2015 +0200
+++ b/kallithea/controllers/admin/auth_settings.py	Sun Jul 26 13:58:50 2015 +0200
@@ -107,6 +107,9 @@
         try:
             new_enabled_plugins = _auth_plugins_validator.to_python(request.POST.get('auth_plugins'))
         except formencode.Invalid:
+            # User provided an invalid plugin list. Just fall back to
+            # the list of currently enabled plugins. (We'll re-validate
+            # and show an error message to the user, below.)
             pass
         else:
             # Hide plugins that the user has asked to be disabled, but
--- a/kallithea/controllers/login.py	Sun Jul 26 13:58:50 2015 +0200
+++ b/kallithea/controllers/login.py	Sun Jul 26 13:58:50 2015 +0200
@@ -235,7 +235,7 @@
 
     def authentication_token(self):
         """Return the CSRF protection token for the session - just like it
-        could have been screen scrabed from a page with a form.
+        could have been screen scraped from a page with a form.
         Only intended for testing but might also be useful for other kinds
         of automation.
         """
--- a/kallithea/lib/auth.py	Sun Jul 26 13:58:50 2015 +0200
+++ b/kallithea/lib/auth.py	Sun Jul 26 13:58:50 2015 +0200
@@ -472,6 +472,8 @@
     to the default anonymous user (if enabled). It's up to other parts
     of the code to check e.g. if a supplied password is correct, and if
     so, set `is_authenticated` to True.
+
+    However, `AuthUser` does refuse to load a user that is not `active`.
     """
 
     def __init__(self, user_id=None, api_key=None, username=None,
--- a/kallithea/lib/base.py	Sun Jul 26 13:58:50 2015 +0200
+++ b/kallithea/lib/base.py	Sun Jul 26 13:58:50 2015 +0200
@@ -378,8 +378,8 @@
     @staticmethod
     def _determine_auth_user(api_key, session_authuser):
         """
-        Create an `AuthUser` object given the IP address of the request, the
-        API key (if any), and the authuser from the session.
+        Create an `AuthUser` object given the API key (if any) and the
+        value of the authuser session cookie.
         """
 
         # Authenticate by API key
--- a/kallithea/model/user.py	Sun Jul 26 13:58:50 2015 +0200
+++ b/kallithea/model/user.py	Sun Jul 26 13:58:50 2015 +0200
@@ -333,10 +333,8 @@
 
     def fill_data(self, auth_user, user_id=None, api_key=None, username=None):
         """
-        Fetches auth_user by user_id,or api_key if present.
+        Fetches auth_user by user_id, api_key or username, if present.
         Fills auth_user attributes with those taken from database.
-        Additionally sets is_authenticated if lookup fails
-        present in database
 
         :param auth_user: instance of user to set attributes
         :param user_id: user id to fetch by