Fixed access to admin-only resources in case of disabled access control

2013-04-14 15:04:39 +02:00 · 2013-04-14 15:04:39 +02:00 · d7d8bba2e9
parent 552048efbe
commit d7d8bba2e9
2 changed files with 14 additions and 10 deletions
--- a/octoprint/server.py
+++ b/octoprint/server.py
@ -574,7 +574,7 @@ def performSystemAction():

@app.route(BASEURL + "login", methods=["POST"])
 def login():
-	if "user" in request.values.keys() and "pass" in request.values.keys():
+	if userManager is not None and "user" in request.values.keys() and "pass" in request.values.keys():
 		username = request.values["user"]
 		password = request.values["pass"]

@ -594,8 +594,7 @@ def login():
 		user = current_user
 		if user is not None and not user.is_anonymous():
 			return jsonify(user.asDict())
-		else:
-			return jsonify(SUCCESS)
+	return jsonify(SUCCESS)

@app.route(BASEURL + "logout", methods=["POST"])
@login_required
@ -613,11 +612,7 @@ def logout():
 def on_identity_loaded(sender, identity):
 	user = load_user(identity.name)
 	if user is None:
-		if userManager is None:
-			# access control is disabled, we'll create permissions for the DummyUser
-			user = users.DummyUser()
-		else:
-			return
+		return

 	identity.provides.add(UserNeed(user.get_name()))
 	if user.is_user():
@ -628,7 +623,7 @@ def on_identity_loaded(sender, identity):
 def load_user(id):
 	if userManager is not None:
 		return userManager.findUser(id)
-	return None
+	return users.DummyUser()

 #~~ startup code
 class Server():
@ -674,6 +669,7 @@ class Server():
 		login_manager.user_callback = load_user
 		if userManager is None:
 			login_manager.anonymous_user = users.DummyUser
+			principals.identity_loaders.appendleft(users.dummy_identity_loader)
 		login_manager.init_app(app)

 		if self._host is None:
--- a/octoprint/users.py
+++ b/octoprint/users.py
@ -3,6 +3,7 @@ __author__ = "Gina Häußge <osd@foosel.net>"
 __license__ = 'GNU Affero General Public License http://www.gnu.org/licenses/agpl.html'

 from flask.ext.login import UserMixin
+from flask.ext.principal import Identity
 import hashlib
 import os
 import yaml
@ -224,4 +225,11 @@ class DummyUser(User):
 		User.__init__(self, "dummy", "", True, UserManager.valid_roles)

 	def check_password(self, passwordHash):
-		return True
+		return True
+
+class DummyIdentity(Identity):
+	def __init__(self):
+		Identity.__init__(self, "dummy")
+
+def dummy_identity_loader():
+	return DummyIdentity()