# HG changeset patch
# User Martin Bornhold <martin@rhodecode.com>
# Date 2016-08-08 06:29:10
# Node ID bc63cba1c6dcf4f11624592f65a2195cc05b3550
# Parent  cb08eb7bfec5e217c9ea67ef60c4d6cf14e5795d

vcs: Pass registry to vcs for user authentication.

Explicit pass the registry insted of indirectly using it via pyramids
thread locals.

diff --git a/rhodecode/authentication/base.py b/rhodecode/authentication/base.py
--- a/rhodecode/authentication/base.py
+++ b/rhodecode/authentication/base.py
@@ -509,7 +509,7 @@ def get_auth_cache_manager(custom_ttl=No
 
 
 def authenticate(username, password, environ=None, auth_type=None,
-                 skip_missing=False):
+                 skip_missing=False, registry=None):
     """
     Authentication function used for access control,
     It tries to authenticate based on enabled authentication modules.
@@ -526,7 +526,7 @@ def authenticate(username, password, env
                          % auth_type)
     headers_only = environ and not (username and password)
 
-    authn_registry = get_authn_registry()
+    authn_registry = get_authn_registry(registry)
     for plugin in authn_registry.get_plugins_for_authentication():
         plugin.set_auth_type(auth_type)
         user = plugin.get_user(username)
diff --git a/rhodecode/lib/base.py b/rhodecode/lib/base.py
--- a/rhodecode/lib/base.py
+++ b/rhodecode/lib/base.py
@@ -205,11 +205,12 @@ def vcs_operation_context(
 
 class BasicAuth(AuthBasicAuthenticator):
 
-    def __init__(self, realm, authfunc, auth_http_code=None,
+    def __init__(self, realm, authfunc, registry, auth_http_code=None,
                  initial_call_detection=False):
         self.realm = realm
         self.initial_call = initial_call_detection
         self.authfunc = authfunc
+        self.registry = registry
         self._rc_auth_http_code = auth_http_code
 
     def _get_response_from_code(self, http_code):
@@ -242,7 +243,8 @@ class BasicAuth(AuthBasicAuthenticator):
         if len(_parts) == 2:
             username, password = _parts
             if self.authfunc(
-                    username, password, environ, VCS_TYPE):
+                    username, password, environ, VCS_TYPE,
+                    registry=self.registry):
                 return username
             if username and password:
                 # we mark that we actually executed authentication once, at
diff --git a/rhodecode/lib/middleware/simplevcs.py b/rhodecode/lib/middleware/simplevcs.py
--- a/rhodecode/lib/middleware/simplevcs.py
+++ b/rhodecode/lib/middleware/simplevcs.py
@@ -82,7 +82,8 @@ class SimpleVCS(object):
 
     SCM = 'unknown'
 
-    def __init__(self, application, config):
+    def __init__(self, application, config, registry):
+        self.registry = registry
         self.application = application
         self.config = config
         # base path of repo locations
@@ -90,9 +91,9 @@ class SimpleVCS(object):
         # authenticate this VCS request using authfunc
         auth_ret_code_detection = \
             str2bool(self.config.get('auth_ret_code_detection', False))
-        self.authenticate = BasicAuth('', authenticate,
-                                      config.get('auth_ret_code'),
-                                      auth_ret_code_detection)
+        self.authenticate = BasicAuth(
+            '', authenticate, registry, config.get('auth_ret_code'),
+            auth_ret_code_detection)
         self.ip_addr = '0.0.0.0'
 
     @property
@@ -284,7 +285,8 @@ class SimpleVCS(object):
 
                 # try to auth based on environ, container auth methods
                 log.debug('Running PRE-AUTH for container based authentication')
-                pre_auth = authenticate('', '', environ,VCS_TYPE)
+                pre_auth = authenticate(
+                    '', '', environ, VCS_TYPE, registry=self.registry)
                 if pre_auth and pre_auth.get('username'):
                     username = pre_auth['username']
                 log.debug('PRE-AUTH got %s as username', username)
diff --git a/rhodecode/lib/middleware/vcs.py b/rhodecode/lib/middleware/vcs.py
--- a/rhodecode/lib/middleware/vcs.py
+++ b/rhodecode/lib/middleware/vcs.py
@@ -126,23 +126,24 @@ class GunzipMiddleware(object):
 
 class VCSMiddleware(object):
 
-    def __init__(self, app, config, appenlight_client):
+    def __init__(self, app, config, appenlight_client, registry):
         self.application = app
         self.config = config
         self.appenlight_client = appenlight_client
+        self.registry = registry
 
     def _get_handler_app(self, environ):
         app = None
         if is_hg(environ):
-            app = SimpleHg(self.application, self.config)
+            app = SimpleHg(self.application, self.config, self.registry)
 
         if is_git(environ):
-            app = SimpleGit(self.application, self.config)
+            app = SimpleGit(self.application, self.config, self.registry)
 
         proxy_svn = rhodecode.CONFIG.get(
             'rhodecode_proxy_subversion_http_requests', False)
         if proxy_svn and is_svn(environ):
-            app = SimpleSvn(self.application, self.config)
+            app = SimpleSvn(self.application, self.config, self.registry)
 
         if app:
             app = GunzipMiddleware(app)