Accords-Library-Archive
/
gallery.accords-library.com
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

back/auth: fix access rank, add config validation

This commit is contained in:
rr- 2016-03-30 21:23:19 +02:00
parent bb474e4cf5
commit 28c90a25f3
3 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config.ini.dist
View File

@ -23,8 +23,7 @@ user = bot
pass = groovy123 pass = groovy123
[service] [service]
# note: anonymous, admin and nobody are always reserved user_ranks = anonymous, regular_user, power_user, mod, admin, nobody
user_ranks = regular_user, power_user, mod
default_user_rank = regular_user default_user_rank = regular_user
users_per_page = 20 users_per_page = 20
posts_per_page = 40 posts_per_page = 40
@ -53,7 +52,7 @@ users:edit:self:email = regular_user
users:edit:self:avatar = regular_user users:edit:self:avatar = regular_user
users:edit:self:rank = mod users:edit:self:rank = mod
users:delete:any = admin users:delete:any = admin
users:delete:self = restricted_user users:delete:self = regular_user
posts:create:anonymous = regular_user posts:create:anonymous = regular_user
posts:create:identified = regular_user posts:create:identified = regular_user

24
szurubooru/config.py
View File

@ -3,12 +3,36 @@
import os import os
import configobj import configobj
class ConfigurationError(RuntimeError):
''' A problem with config.ini file. '''
pass
class Config(object): class Config(object):
''' INI config parser and container. ''' ''' INI config parser and container. '''
def __init__(self): def __init__(self):
self.config = configobj.ConfigObj('config.ini.dist') self.config = configobj.ConfigObj('config.ini.dist')
if os.path.exists('config.ini'): if os.path.exists('config.ini'):
self.config.merge(configobj.ConfigObj('config.ini')) self.config.merge(configobj.ConfigObj('config.ini'))
self._validate()
def __getitem__(self, key): def __getitem__(self, key):
return self.config[key] return self.config[key]
def _validate(self):
'''
Checks whether config.ini doesn't contain errors that might prove
lethal at runtime.
'''
all_ranks = self['service']['user_ranks']
for privilege, rank in self['privileges'].items():
if rank not in all_ranks:
raise ConfigurationError(
'Rank %r for privilege %r is missing from user_ranks' % (
rank, privilege))
for rank in ['anonymous', 'admin', 'nobody']:
if rank not in all_ranks:
raise ConfigurationError('Fixed rank %r is missing from user_ranks' % rank)
if self['service']['default_user_rank'] not in all_ranks:
raise ConfigurationError(
'Default rank %r is missing from user_ranks' % (
self['service']['default_user_rank']))

4
szurubooru/services/auth_service.py
View File

@ -22,9 +22,7 @@ class AuthService(object):
''' '''
Throws an AuthError if the given user doesn't have given privilege. Throws an AuthError if the given user doesn't have given privilege.
''' '''
all_ranks = ['anonymous'] \ all_ranks = self._config['service']['user_ranks']
+ self._config['service']['user_ranks'] \
+ ['admin', 'nobody']
assert privilege_name in self._config['privileges'] assert privilege_name in self._config['privileges']
assert user.access_rank in all_ranks assert user.access_rank in all_ranks