rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add has_perm() etc. to request during the NewRequest event

Browse source 
still get the occasional server error when handling what should be a
simple 404 request e.g. for /wp-login.php

error indicates there is no `request.has_perm()` at the time, so
hoping this moves it earlier in the life cycle so it *will* exist..
This commit is contained in:
Lance Edgar 2023-03-25 01:01:52 -05:00
parent 714c0a6cfd
commit 2f8411ba2f
1 changed files with 28 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
tailbone/subscribers.py
View file

@ -62,6 +62,16 @@ def new_request(event):
This of course assumes that a Rattail ``config`` object *has* in fact This of course assumes that a Rattail ``config`` object *has* in fact
already been placed in the application registry settings. If this is already been placed in the application registry settings. If this is
not the case, this function will do nothing. not the case, this function will do nothing.
Also, attach some goodies to the request object:
* The currently logged-in user instance (if any), as ``user``.
* ``is_admin`` flag indicating whether user has the Administrator role.
* ``is_root`` flag indicating whether user is currently elevated to root.
* A shortcut method for permission checking, as ``has_perm()``.
""" """
request = event.request request = event.request
rattail_config = request.registry.settings.get('rattail_config') rattail_config = request.registry.settings.get('rattail_config')
@ -87,12 +97,27 @@ def new_request(event):
request.is_admin = bool(request.user) and request.user.is_admin() request.is_admin = bool(request.user) and request.user.is_admin()
request.is_root = request.is_admin and request.session.get('is_root', False) request.is_root = request.is_admin and request.session.get('is_root', False)
# TODO: why would this ever be null?
if rattail_config: if rattail_config:
app = rattail_config.get_app() app = rattail_config.get_app()
auth = app.get_auth_handler() auth = app.get_auth_handler()
request.tailbone_cached_permissions = auth.get_permissions( request.tailbone_cached_permissions = auth.get_permissions(
Session(), request.user) Session(), request.user)
def has_perm(name):
if name in request.tailbone_cached_permissions:
return True
return request.is_root
request.has_perm = has_perm
def has_any_perm(*names):
for name in names:
if has_perm(name):
return True
return False
request.has_any_perm = has_any_perm
def before_render(event): def before_render(event):
""" """
@ -206,36 +231,16 @@ def add_inbox_count(event):
def context_found(event): def context_found(event):
""" """
Attach some goodies to the request object. Attach some more goodies to the request object:
The following is attached to the request: The following is attached to the request:
* The currently logged-in user instance (if any), as ``user``. * ``get_referrer()`` function
* ``is_admin`` flag indicating whether user has the Administrator role. * ``get_session_timeout()`` function
* ``is_root`` flag indicating whether user is currently elevated to root.
* A shortcut method for permission checking, as ``has_perm()``.
* A shortcut method for fetching the referrer, as ``get_referrer()``.
""" """
request = event.request request = event.request
def has_perm(name):
if name in request.tailbone_cached_permissions:
return True
return request.is_root
request.has_perm = has_perm
def has_any_perm(*names):
for name in names:
if has_perm(name):
return True
return False
request.has_any_perm = has_any_perm
def get_referrer(default=None, **kwargs): def get_referrer(default=None, **kwargs):
if request.params.get('referrer'): if request.params.get('referrer'):
return request.params['referrer'] return request.params['referrer']