Mercurial > kallithea
changeset 7485:c6ce891312ef
auth: consistently use request.authuser - drop request.user
This seems like old tech debt. Now, just get rid of it.
| author | Mads Kiilerich <mads@kiilerich.com> |
|---|---|
| date | Wed, 26 Dec 2018 02:21:26 +0100 |
| parents | e4af9e2deb83 |
| children | 088155584e2e |
| files | kallithea/controllers/api/__init__.py kallithea/lib/auth.py kallithea/lib/base.py kallithea/tests/fixture.py |
| diffstat | 4 files changed, 8 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/controllers/api/__init__.py Wed Dec 26 02:18:59 2018 +0100 +++ b/kallithea/controllers/api/__init__.py Wed Dec 26 02:21:26 2018 +0100 @@ -182,7 +182,7 @@ # this is little trick to inject logged in user for # perms decorators to work they expect the controller class to have # authuser attribute set - request.authuser = request.user = auth_u + request.authuser = auth_u # This attribute will need to be first param of a method that uses # api_key, which is translated to instance of user at that name
--- a/kallithea/lib/auth.py Wed Dec 26 02:18:59 2018 +0100 +++ b/kallithea/lib/auth.py Wed Dec 26 02:21:26 2018 +0100 @@ -944,11 +944,11 @@ class HasPermissionAny(_PermsFunction): def __call__(self, purpose=None): - global_permissions = request.user.permissions['global'] # usually very short + global_permissions = request.authuser.permissions['global'] # usually very short ok = any(p in global_permissions for p in self.required_perms) log.debug('Check %s for global %s (%s): %s' % - (request.user.username, self.required_perms, purpose, ok)) + (request.authuser.username, self.required_perms, purpose, ok)) return ok @@ -963,19 +963,19 @@ class HasRepoPermissionLevel(_PermFunction): def __call__(self, repo_name, purpose=None): - return request.user.has_repository_permission_level(repo_name, self.required_perm, purpose) + return request.authuser.has_repository_permission_level(repo_name, self.required_perm, purpose) class HasRepoGroupPermissionLevel(_PermFunction): def __call__(self, group_name, purpose=None): - return request.user.has_repository_group_permission_level(group_name, self.required_perm, purpose) + return request.authuser.has_repository_group_permission_level(group_name, self.required_perm, purpose) class HasUserGroupPermissionLevel(_PermFunction): def __call__(self, user_group_name, purpose=None): - return request.user.has_user_group_permission_level(user_group_name, self.required_perm, purpose) + return request.authuser.has_user_group_permission_level(user_group_name, self.required_perm, purpose) #==============================================================================
--- a/kallithea/lib/base.py Wed Dec 26 02:18:59 2018 +0100 +++ b/kallithea/lib/base.py Wed Dec 26 02:21:26 2018 +0100 @@ -529,7 +529,7 @@ if type.lower() == 'bearer': bearer_token = params - request.authuser = request.user = self._determine_auth_user( + request.authuser = self._determine_auth_user( request.GET.get('api_key'), bearer_token, session.get('authuser'),
--- a/kallithea/tests/fixture.py Wed Dec 26 02:18:59 2018 +0100 +++ b/kallithea/tests/fixture.py Wed Dec 26 02:21:26 2018 +0100 @@ -333,7 +333,7 @@ org_repo = other_repo = Repository.get_by_repo_name(repo_name) owner_user = User.get_by_username(TEST_USER_ADMIN_LOGIN) reviewers = [User.get_by_username(TEST_USER_REGULAR_LOGIN)] - request.authuser = request.user = AuthUser(dbuser=owner_user) + request.authuser = AuthUser(dbuser=owner_user) # creating a PR sends a message with an absolute URL - without routing that requires mocking with mock.patch.object(helpers, 'url', (lambda arg, qualified=False, **kwargs: ('https://localhost' if qualified else '') + '/fake/' + arg)): cmd = CreatePullRequestAction(org_repo, other_repo, org_ref, other_ref, title, u'No description', owner_user, reviewers)