From ece29d7b6cfeb193e0fe7ee66a238f6dedba1144 Mon Sep 17 00:00:00 2001 From: Lance Edgar Date: Sun, 14 Jul 2024 23:29:17 -0500 Subject: [PATCH] fix: update usage of auth handler, per rattail changes --- pyproject.toml | 2 +- tailbone/api/core.py | 4 ++-- tailbone/auth.py | 14 +++++++++----- tailbone/subscribers.py | 9 +++++++-- 4 files changed, 19 insertions(+), 10 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index de65655a..22fa5676 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -53,7 +53,7 @@ dependencies = [ "pyramid_mako", "pyramid_retry", "pyramid_tm", - "rattail[db,bouncer]>=0.16.0", + "rattail[db,bouncer]>=0.17.0", "sa-filters", "simplejson", "transaction", diff --git a/tailbone/api/core.py b/tailbone/api/core.py index b278d4af..0d8eec32 100644 --- a/tailbone/api/core.py +++ b/tailbone/api/core.py @@ -2,7 +2,7 @@ ################################################################################ # # Rattail -- Retail Software Framework -# Copyright © 2010-2023 Lance Edgar +# Copyright © 2010-2024 Lance Edgar # # This file is part of Rattail. # @@ -102,7 +102,7 @@ class APIView(View): auth = app.get_auth_handler() # basic / default info - is_admin = user.is_admin() + is_admin = auth.user_is_admin(user) employee = app.get_employee(user) info = { 'uuid': user.uuid, diff --git a/tailbone/auth.py b/tailbone/auth.py index 5a35caa6..826c5d40 100644 --- a/tailbone/auth.py +++ b/tailbone/auth.py @@ -45,11 +45,12 @@ def login_user(request, user, timeout=NOTSET): Perform the steps necessary to login the given user. Note that this returns a ``headers`` dict which you should pass to the redirect. """ - app = request.rattail_config.get_app() + config = request.rattail_config + app = config.get_app() user.record_event(app.enum.USER_EVENT_LOGIN) headers = remember(request, user.uuid) if timeout is NOTSET: - timeout = session_timeout_for_user(user) + timeout = session_timeout_for_user(config, user) log.debug("setting session timeout for '{}' to {}".format(user.username, timeout)) set_session_timeout(request, timeout) return headers @@ -70,15 +71,18 @@ def logout_user(request): return headers -def session_timeout_for_user(user): +def session_timeout_for_user(config, user): """ Returns the "max" session timeout for the user, according to roles """ - from rattail.db.auth import authenticated_role + app = config.get_app() + auth = app.get_auth_handler() - roles = user.roles + [authenticated_role(Session())] + authenticated = auth.get_role_authenticated(Session()) + roles = user.roles + [authenticated] timeouts = [role.session_timeout for role in roles if role.session_timeout is not None] + if timeouts and 0 not in timeouts: return max(timeouts) diff --git a/tailbone/subscribers.py b/tailbone/subscribers.py index 12e1e32a..181c84bc 100644 --- a/tailbone/subscribers.py +++ b/tailbone/subscribers.py @@ -98,10 +98,15 @@ def new_request(event): request = event.request # invoke upstream logic + # nb. this sets request.wutta_config base.new_request(event) + config = request.wutta_config + app = config.get_app() + auth = app.get_auth_handler() + # compatibility - rattail_config = request.wutta_config + rattail_config = config request.rattail_config = rattail_config def user(request): @@ -120,7 +125,7 @@ def new_request(event): # assign client IP address to the session, for sake of versioning Session().continuum_remote_addr = request.client_addr - request.is_admin = bool(request.user) and request.user.is_admin() + request.is_admin = auth.user_is_admin(request.user) request.is_root = request.is_admin and request.session.get('is_root', False) # TODO: why would this ever be null?