diff MoinMoin/app.py @ 300:e8bd41ab7bdd

AccessControlList: do not require cfg object Giving the cfg to the ACL object caused some issues (for example, the AclTokenizer in the whoosh branch needed cfg and was part of the schema. whoosh tries to pickle the schema and that did not work for cfg). Refactored "auth_trusted" - this is now a user object attribute, so the ACL code does not need to know the list of trusted auth methods (which is still in cfg, but it shouldn't even be there). It is AccessControlList(acl_lines=[], default='', valid=None) now, you need to give the list of valid rights strings via valid param. TODO: deal with cfg.acl_rights_functions, cfg.acl_rights_contents (defaults?) Got rid of ContentACL and FunctionACL classes, they were pointless as "valid" needs to be given anyway.
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 01 Aug 2011 20:08:15 +0200
parents e6f585ac9766
children 2305be335d83 8f36c9135963
line wrap: on
line diff
--- a/MoinMoin/app.py	Fri Jul 29 00:34:24 2011 +0200
+++ b/MoinMoin/app.py	Mon Aug 01 20:08:15 2011 +0200
@@ -260,6 +260,10 @@
         userobj = user.User(auth_method='invalid')
     # if we have a valid user we store it in the session
     if userobj.valid:
+        # TODO: auth_trusted should be set by the auth method (auth class
+        # could have a param where the admin could tell whether he wants to
+        # trust it)
+        userobj.auth_trusted = userobj.auth_method in app.cfg.auth_methods_trusted
         session['user.id'] = userobj.id
         session['user.auth_method'] = userobj.auth_method
         session['user.auth_attribs'] = userobj.auth_attribs