changeset 3720:aae5351b8a1e

allow trusted users to go beyond surge action limits, but log their names if it happens
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Tue, 17 Jun 2008 18:38:44 +0200
parents 0ab086afb8b6
children 497c47e00539
files MoinMoin/request/__init__.py docs/CHANGES
diffstat 2 files changed, 8 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/request/__init__.py	Tue Jun 17 09:25:50 2008 +0200
+++ b/MoinMoin/request/__init__.py	Tue Jun 17 18:38:44 2008 +0200
@@ -331,6 +331,10 @@
         except StandardError:
             pass
 
+        if surge_detected and validuser and self.user.auth_method in self.cfg.auth_methods_trusted:
+            logging.info("Trusted user %s would have triggered surge protection if not trusted." % self.user.name)
+            return False  # do not subject trusted users to surge protection
+
         return surge_detected
 
     def getDicts(self):
--- a/docs/CHANGES	Tue Jun 17 09:25:50 2008 +0200
+++ b/docs/CHANGES	Tue Jun 17 18:38:44 2008 +0200
@@ -64,6 +64,10 @@
       Xapian (it uses utf-8 since 1.0.0, so we can use it)).
     * Use better ACLs and comments on system/help pages,
       remove MoinPagesEditorGroup (not needed any more).
+    * If a user is authenticated by a trusted authentication (see also
+      cfg.auth_methods_trusted) then he won't trigger surge protection.
+      But moin will log a INFO level log msg with the user's name so you can
+      find the culprit in case he/she is overusing ressources.
     * docs: added UPDATE instructions