Commit 1d126a2b authored by Lukas Burgey's avatar Lukas Burgey
Browse files

Add DEBUG_AUTH flag to settings

parent 2235974c
...@@ -7,6 +7,8 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) ...@@ -7,6 +7,8 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# SECURITY WARNING: don't run with debug turned on in production! # SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True DEBUG = True
DEBUG_AUTH = False
ALLOWED_HOSTS = [ ALLOWED_HOSTS = [
'hdf-portal.data.kit.edu', 'hdf-portal.data.kit.edu',
] ]
......
# pylint: disable=too-many-return-statements # pylint: disable=too-many-return-statements
import logging import logging
import re
from django.contrib.auth.models import Group from django.contrib.auth.models import Group
from django.http import HttpResponse from django.http import HttpResponse
from django.conf import settings
from django.contrib.auth import authenticate from django.contrib.auth import authenticate
from django.contrib.sessions.models import Session from django.contrib.sessions.models import Session
from .... import models from .... import models
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)
AUTH_DEBUGGING = False
ALLOW = HttpResponse('allow') ALLOW = HttpResponse('allow')
DENY = HttpResponse('deny') DENY = HttpResponse('deny')
...@@ -144,25 +143,23 @@ def resource_auth_decision(request, decision): ...@@ -144,25 +143,23 @@ def resource_auth_decision(request, decision):
permission = request.POST.get('permission', []) permission = request.POST.get('permission', [])
resource = request.POST.get('resource', '') resource = request.POST.get('resource', '')
name = request.POST.get('name', '') name = request.POST.get('name', '')
if not AUTH_DEBUGGING: if settings.DEBUG_AUTH:
return decision if decision == ALLOW:
LOGGER.debug(
if decision == ALLOW: "[resource] ALLOW %s %s '%s' for %s",
LOGGER.debug( permission,
"[resource] ALLOW %s %s '%s' for %s", resource,
permission, name,
resource, user,
name, )
user, else:
) LOGGER.error(
else: "[recource] DENY %s %s '%s' for %s",
LOGGER.error( permission,
"[recource] DENY %s %s '%s' for %s", resource,
permission, name,
resource, user,
name, )
user,
)
return decision return decision
def resource_endpoint(request): def resource_endpoint(request):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment