##// END OF EJS Templates
authn: Fix ordering of authentication plugins.
johbo -
r103:a7d4bfcc default
parent child Browse files
Show More
@@ -1,78 +1,83 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2012-2016 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import logging
22 22
23 23 from pyramid.exceptions import ConfigurationError
24 24 from zope.interface import implementer
25 25
26 26 from rhodecode.authentication.interface import IAuthnPluginRegistry
27 27 from rhodecode.lib.utils2 import safe_str
28 from rhodecode.model.settings import SettingsModel
28 29
29 30 log = logging.getLogger(__name__)
30 31
31 32
32 33 @implementer(IAuthnPluginRegistry)
33 34 class AuthenticationPluginRegistry(object):
34 35
35 36 # INI settings key to set a fallback authentication plugin.
36 37 fallback_plugin_key = 'rhodecode.auth_plugin_fallback'
37 38
38 39 def __init__(self, settings):
39 40 self._plugins = {}
40 41 self._fallback_plugin = settings.get(self.fallback_plugin_key, None)
41 42
42 43 def add_authn_plugin(self, config, plugin):
43 44 plugin_id = plugin.get_id()
44 45 if plugin_id in self._plugins.keys():
45 46 raise ConfigurationError(
46 47 'Cannot register authentication plugin twice: "%s"', plugin_id)
47 48 else:
48 49 log.debug('Register authentication plugin: "%s"', plugin_id)
49 50 self._plugins[plugin_id] = plugin
50 51
51 52 def get_plugins(self):
52 53 def sort_key(plugin):
53 54 return str.lower(safe_str(plugin.get_display_name()))
54 55
55 56 return sorted(self._plugins.values(), key=sort_key)
56 57
57 58 def get_plugin(self, plugin_id):
58 59 return self._plugins.get(plugin_id, None)
59 60
60 61 def get_plugins_for_authentication(self):
61 62 """
62 63 Returns a list of plugins which should be consulted when authenticating
63 64 a user. It only returns plugins which are enabled and active.
64 65 Additionally it includes the fallback plugin from the INI file, if
65 66 `rhodecode.auth_plugin_fallback` is set to a plugin ID.
66 67 """
67 68 plugins = []
68 for plugin in self.get_plugins():
69 if (self._fallback_plugin and
70 plugin.get_id() == self._fallback_plugin):
71 log.warn(
72 'Using fallback authentication plugin from INI file: "%s"',
73 plugin.get_id())
69
70 # Add all enabled and active plugins to the list. We iterate over the
71 # auth_plugins setting from DB beacuse it also represents the ordering.
72 enabled_plugins = SettingsModel().get_auth_plugins()
73 for plugin_id in enabled_plugins:
74 plugin = self.get_plugin(plugin_id)
75 if plugin is not None and plugin.is_active():
74 76 plugins.append(plugin)
75 elif plugin.is_enabled() and plugin.is_active():
77
78 # Add the fallback plugin from ini file.
79 plugin = self.get_plugin(self._fallback_plugin)
80 if plugin is not None and plugin not in plugins:
76 81 plugins.append(plugin)
77 82
78 83 return plugins
General Comments 0
You need to be logged in to leave comments. Login now