diff --git a/src/postorius/auth/decorators.py b/src/postorius/auth/decorators.py index b71cbb7..4a0cf6b 100644 --- a/src/postorius/auth/decorators.py +++ b/src/postorius/auth/decorators.py @@ -20,31 +20,11 @@ from __future__ import absolute_import, unicode_literals -from django.contrib.auth import authenticate, login from django.core.exceptions import PermissionDenied from postorius.auth.utils import set_user_access_props -def basic_auth_login(fn): - def wrapper(*args, **kwargs): - request = args[0] - if request.user.is_authenticated(): - print('already logged in') - if not request.user.is_authenticated(): - if 'HTTP_AUTHORIZATION' in request.META: - authmeth, auth = request.META['HTTP_AUTHORIZATION'].split(' ', - 1) - if authmeth.lower() == 'basic': - auth = auth.strip().decode('base64') - username, password = auth.split(':', 1) - user = authenticate(username=username, password=password) - if user: - login(request, user) - return fn(request, **kwargs) - return wrapper - - def list_owner_required(fn): """Check if the logged in user is the list owner of the given list. Assumes that the request object is the first arg and that list_id @@ -85,7 +65,7 @@ return wrapper -def superuser_or_403(fn): +def superuser_required(fn): """Make sure that the logged in user is a superuser or otherwise raise PermissionDenied. Assumes the request object to be the first arg.""" @@ -95,15 +75,3 @@ raise PermissionDenied return fn(*args, **kwargs) return wrapper - - -def loggedin_or_403(fn): - """Make sure that the logged in user is not anonymous or otherwise raise - PermissionDenied. - Assumes the request object to be the first arg.""" - def wrapper(*args, **kwargs): - user = args[0].user - if not user.is_authenticated(): - raise PermissionDenied - return fn(*args, **kwargs) - return wrapper diff --git a/src/postorius/tests/test_auth_decorators.py b/src/postorius/tests/test_auth_decorators.py index 3db47c0..9913e6c 100644 --- a/src/postorius/tests/test_auth_decorators.py +++ b/src/postorius/tests/test_auth_decorators.py @@ -26,7 +26,7 @@ from postorius.auth.decorators import (list_owner_required, list_moderator_required, - superuser_or_403) + superuser_required) from postorius.tests.utils import create_mock_list from mailmanclient import Client @@ -41,8 +41,8 @@ return True -@superuser_or_403 -def dummy_superuser_or_403(request): +@superuser_required +def dummy_superuser_required(request): return True @@ -199,7 +199,7 @@ class TestSuperUserOr403(TestCase): - """Tests superuser_or_403 auth decorator""" + """Tests superuser_required auth decorator""" def setUp(self): self.request_factory = RequestFactory() @@ -218,7 +218,7 @@ request = self.request_factory.get( '/lists/foolist.example.org/settings/') request.user = AnonymousUser() - self.assertRaises(PermissionDenied, dummy_superuser_or_403, request) + self.assertRaises(PermissionDenied, dummy_superuser_required, request) @patch.object(Client, 'get_list') def test_normal_user(self, mock_get_list): @@ -228,7 +228,7 @@ request = self.request_factory.get( '/lists/foolist.example.org/settings/') request.user = create_user() - self.assertRaises(PermissionDenied, dummy_superuser_or_403, request) + self.assertRaises(PermissionDenied, dummy_superuser_required, request) @patch.object(Client, 'get_list') def test_super_user(self, mock_get_list): @@ -240,4 +240,4 @@ request.user = create_user() request.user.is_superuser = True request.user.save() - self.assertTrue(dummy_superuser_or_403(request)) + self.assertTrue(dummy_superuser_required(request))