Mercurial > moin > 1.9
changeset 4309:7d97ce960ec2
Code review: relocate check_setuid into MoinMoin.auth with appropiate name
author | Florian Krupicka <florian.krupicka@googlemail.com> |
---|---|
date | Thu, 14 Aug 2008 23:00:17 +0200 |
parents | 3a4426122606 |
children | 748d0cbcbd9b |
files | MoinMoin/auth/__init__.py MoinMoin/web/utils.py MoinMoin/wsgiapp.py |
diffstat | 3 files changed, 19 insertions(+), 20 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/auth/__init__.py Thu Aug 14 22:35:27 2008 +0200 +++ b/MoinMoin/auth/__init__.py Thu Aug 14 23:00:17 2008 +0200 @@ -308,6 +308,23 @@ break return userobj +def setup_setuid(request, userobj): + """ Check for setuid conditions in the session and setup an user + object accordingly. Returns a tuple of the new user objects. + + @param request: a moin request object + @param userobj: a moin user object + @rtype: boolean + @return: (new_user, user) or (user, None) + """ + old_user = None + if 'setuid' in request.session and userobj.isSuperUser(): + old_user = userobj + uid = request.session['setuid'] + userobj = user.User(request, uid, auth_method='setuid') + userobj.valid = True + return (userobj, old_user) + def setup_from_session(request, session): userobj = None if 'user.id' in session:
--- a/MoinMoin/web/utils.py Thu Aug 14 22:35:27 2008 +0200 +++ b/MoinMoin/web/utils.py Thu Aug 14 23:00:17 2008 +0200 @@ -19,24 +19,6 @@ logging = log.getLogger(__name__) -def check_setuid(request, userobj): - """ Check for setuid conditions. - Returns a tuple of either new user and old user - or just user and None. - - @param request: a moin request object - @param userobj: a moin user object - @rtype: boolean - @return: (new_user, user) or (user, None) - """ - old_user = None - if 'setuid' in request.session and userobj.isSuperUser(): - old_user = userobj - uid = request.session['setuid'] - userobj = user.User(request, uid, auth_method='setuid') - userobj.valid = True - return (userobj, old_user) - def check_forbidden(request): """ Simple action and host access checks
--- a/MoinMoin/wsgiapp.py Thu Aug 14 22:35:27 2008 +0200 +++ b/MoinMoin/wsgiapp.py Thu Aug 14 23:00:17 2008 +0200 @@ -11,7 +11,7 @@ from MoinMoin.web.contexts import AllContext, Context, XMLRPCContext from MoinMoin.web.request import Request, MoinMoinFinish -from MoinMoin.web.utils import check_forbidden, check_setuid, check_surge_protect, fatal_response +from MoinMoin.web.utils import check_forbidden, check_surge_protect, fatal_response from MoinMoin.Page import Page from MoinMoin import auth, i18n, user, wikiutil, xmlrpc, error @@ -37,7 +37,7 @@ context.session = context.cfg.session_service.get_session(request) userobj = setup_user(context, context.session) - userobj, olduser = check_setuid(context, userobj) + userobj, olduser = auth.setup_setuid(context, userobj) if not userobj: userobj = user.User(context, auth_method='request:invalid')