Changeset - 4c4e1ec26e95
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Thomas De Schampheleire - 8 years ago 2018-05-16 21:19:56
thomas.de_schampheleire@nokia.com
auth: raise log level of 'permission denied' from DEBUG to INFO (issue #243)

Denying an access can be quite relevant to an administrator.
A log level of INFO is more reasonable than DEBUG.
1 file changed with 1 insertions and 1 deletions:
kallithea/lib/auth.py
1
1
0 comments (0 inline, 0 general)
kallithea/lib/auth.py
Show inline comments
 
@@ -839,49 +839,49 @@ class NotAnonymous(object):
 
        else:
 
            return func(*fargs, **fkwargs)
 

			




	
	
	
		
 

			




	
	
	
		
 
class _PermsDecorator(object):

			




	
	
	
		
 
    """Base class for controller decorators with multiple permissions"""

			




	
	
	
		
 

			




	
	
	
		
 
    def __init__(self, *required_perms):

			




	
	
	
		
 
        self.required_perms = required_perms # usually very short - a list is thus fine

			




	
	
	
		
 

			




	
	
	
		
 
    def __call__(self, func):

			




	
	
	
		
 
        return decorator(self.__wrapper, func)

			




	
	
	
		
 

			




	
	
	
		
 
    def __wrapper(self, func, *fargs, **fkwargs):

			




	
	
	
		
 
        cls = fargs[0]

			




	
	
	
		
 
        user = request.authuser

			




	
	
	
		
 
        log.debug('checking %s permissions %s for %s %s',

			




	
	
	
		
 
          self.__class__.__name__, self.required_perms, cls, user)

			




	
	
	
		
 

			




	
	
	
		
 
        if self.check_permissions(user):

			




	
	
	
		
 
            log.debug('Permission granted for %s %s', cls, user)

			




	
	
	
		
 
            return func(*fargs, **fkwargs)

			




	
	
	
		
 

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            log.debug('Permission denied for %s %s', cls, user)

			




	
	
	
		
 
            log.info('Permission denied for %s %s', cls, user)

			




	
	
	
		
 
            if user.is_default_user:

			




	
	
	
		
 
                raise _redirect_to_login(_('You need to be signed in to view this page'))

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                raise HTTPForbidden()

			




	
	
	
		
 

			




	
	
	
		
 
    def check_permissions(self, user):

			




	
	
	
		
 
        raise NotImplementedError()

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class HasPermissionAnyDecorator(_PermsDecorator):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Checks the user has any of the given global permissions.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    def check_permissions(self, user):

			




	
	
	
		
 
        global_permissions = user.permissions['global'] # usually very short

			




	
	
	
		
 
        return any(p in global_permissions for p in self.required_perms)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class _PermDecorator(_PermsDecorator):

			




	
	
	
		
 
    """Base class for controller decorators with a single permission"""

			




	
	
	
		
 

			




	
	
	
		
 
    def __init__(self, required_perm):

			




	
	
	
		
 
        _PermsDecorator.__init__(self, [required_perm])

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: clio-17678
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.
            – Support