Merge branch 'master' of github.com:ckan/ckan

ckan/lib/cli.py

@@ -106,7 +106,7 @@ class CkanCommand(paste.script.command.Command):
     '''
     parser = paste.script.command.Command.standard_parser(verbose=True)
     parser.add_option('-c', '--config', dest='config',
-            default='development.ini', help='Config file to use.')
+        help='Config file to use.')
     parser.add_option('-f', '--file',
         action='store',
         dest='file_path',
@@ -116,12 +116,22 @@ class CkanCommand(paste.script.command.Command):
 
     def _get_config(self):
         from paste.deploy import appconfig
-        if not self.options.config:
-            msg = 'No config file supplied'
-            raise self.BadCommand(msg)
-        self.filename = os.path.abspath(self.options.config)
+
+        if self.options.config:
+            self.filename = os.path.abspath(self.options.config)
+            config_source = '-c parameter'
+        elif os.environ.get('CKAN_INI'):
+            self.filename = os.environ.get('CKAN_INI')
+            config_source = '$CKAN_INI'
+        else:
+            self.filename = 'development.ini'
+            config_source = 'default value'
+
         if not os.path.exists(self.filename):
-            raise AssertionError('Config filename %r does not exist.' % self.filename)
+            msg = 'Config file not found: %s' % self.filename
+            msg += '\n(Given by: %s)' % config_source
+            raise self.BadCommand(msg)
+
         fileConfig(self.filename)
         return appconfig('config:' + self.filename)
 

ckan/new_authz.py

@@ -94,7 +94,6 @@ def _build(self):
 
 def clear_auth_functions_cache():
     _AuthFunctions.clear()
-    CONFIG_PERMISSIONS.clear()
 
 
 def auth_functions_list():
@@ -374,28 +373,41 @@ def get_user_id_for_username(user_name, allow_none=False):
     'roles_that_cascade_to_sub_groups': 'admin',
 }
 
-CONFIG_PERMISSIONS = {}
-
 
 def check_config_permission(permission):
-    ''' Returns the permission configuration, usually True/False '''
-    # set up perms if not already done
-    if not CONFIG_PERMISSIONS:
-        for perm in CONFIG_PERMISSIONS_DEFAULTS:
-            key = 'ckan.auth.' + perm
-            default = CONFIG_PERMISSIONS_DEFAULTS[perm]
-            CONFIG_PERMISSIONS[perm] = config.get(key, default)
-            if perm == 'roles_that_cascade_to_sub_groups':
-                # this permission is a list of strings (space separated)
-                CONFIG_PERMISSIONS[perm] = \
-                    CONFIG_PERMISSIONS[perm].split(' ') \
-                    if CONFIG_PERMISSIONS[perm] else []
-            else:
-                # most permissions are boolean
-                CONFIG_PERMISSIONS[perm] = asbool(CONFIG_PERMISSIONS[perm])
-    if permission in CONFIG_PERMISSIONS:
-        return CONFIG_PERMISSIONS[permission]
-    return False
+    '''Returns the configuration value for the provided permission
+
+    Permission is a string indentifying the auth permission (eg
+    `anon_create_dataset`), optionally prefixed with `ckan.auth.`.
+
+    The possible values for `permission` are the keys of
+    CONFIG_PERMISSIONS_DEFAULTS. These can be overriden in the config file
+    by prefixing them with `ckan.auth.`.
+
+    Returns the permission value, generally True or False, except on
+    `roles_that_cascade_to_sub_groups` which is a list of strings.
+
+    '''
+
+    key = permission.replace('ckan.auth.', '')
+
+    if key not in CONFIG_PERMISSIONS_DEFAULTS:
+        return False
+
+    default_value = CONFIG_PERMISSIONS_DEFAULTS.get(key)
+
+    config_key = 'ckan.auth.' + key
+
+    value = config.get(config_key, default_value)
+
+    if key == 'roles_that_cascade_to_sub_groups':
+        # This permission is set as a list of strings (space separated)
+        value = value.split() if value else []
+    else:
+        value = asbool(value)
+
+    return value
+
 
 @maintain.deprecated('Use auth_is_loggedin_user instead')
 def auth_is_registered_user():

ckan/new_tests/helpers.py

@@ -295,13 +295,11 @@ def decorator(func):
         def wrapper(*args, **kwargs):
             _original_config = config.copy()
             config[key] = value
-            new_authz.clear_auth_functions_cache()
 
             return_value = func(*args, **kwargs)
 
             config.clear()
             config.update(_original_config)
-            new_authz.clear_auth_functions_cache()
 
             return return_value
         return nose.tools.make_decorator(func)(wrapper)

ckan/new_tests/test_authz.py

@@ -0,0 +1,66 @@
+import nose
+
+from ckan import new_authz as auth
+
+from ckan.new_tests import helpers
+
+
+assert_equals = nose.tools.assert_equals
+
+
+class TestCheckConfigPermission(object):
+
+    @helpers.change_config('ckan.auth.anon_create_dataset', None)
+    def test_get_default_value_if_not_set_in_config(self):
+
+        assert_equals(auth.check_config_permission(
+            'anon_create_dataset'),
+            auth.CONFIG_PERMISSIONS_DEFAULTS['anon_create_dataset'])
+
+    @helpers.change_config('ckan.auth.anon_create_dataset', None)
+    def test_get_default_value_also_works_with_prefix(self):
+
+        assert_equals(auth.check_config_permission(
+            'ckan.auth.anon_create_dataset'),
+            auth.CONFIG_PERMISSIONS_DEFAULTS['anon_create_dataset'])
+
+    @helpers.change_config('ckan.auth.anon_create_dataset', True)
+    def test_config_overrides_default(self):
+
+        assert_equals(auth.check_config_permission(
+            'anon_create_dataset'),
+            True)
+
+    @helpers.change_config('ckan.auth.anon_create_dataset', True)
+    def test_config_override_also_works_with_prefix(self):
+
+        assert_equals(auth.check_config_permission(
+            'ckan.auth.anon_create_dataset'),
+            True)
+
+    @helpers.change_config('ckan.auth.unknown_permission', True)
+    def test_unknown_permission_returns_false(self):
+
+        assert_equals(auth.check_config_permission(
+            'unknown_permission'),
+            False)
+
+    def test_unknown_permission_not_in_config_returns_false(self):
+
+        assert_equals(auth.check_config_permission(
+            'unknown_permission'),
+            False)
+
+    def test_default_roles_that_cascade_to_sub_groups_is_a_list(self):
+
+        assert isinstance(auth.check_config_permission(
+            'roles_that_cascade_to_sub_groups'),
+            list)
+
+    @helpers.change_config('ckan.auth.roles_that_cascade_to_sub_groups',
+                           'admin editor')
+    def test_roles_that_cascade_to_sub_groups_is_a_list(self):
+
+        assert_equals(sorted(auth.check_config_permission(
+            'roles_that_cascade_to_sub_groups')),
+            sorted(['admin', 'editor']))

ckan/templates/package/read_base.html

@@ -11,7 +11,7 @@
   {{ super() }}
   {% set description = h.markdown_extract(pkg.notes, extract_length=200)|forceescape %}
   <meta property="og:title" content="{{ h.dataset_display_name(pkg) }} - {{ g.site_title }}">
-  <meta property="og:description" content="{{ description|forceescape }}">
+  <meta property="og:description" content="{{ description|forceescape|trim }}">
 {% endblock -%}
 
 {% block content_action %}

ckan/tests/functional/api/test_user.py

@@ -68,7 +68,6 @@ class TestCreateUserApiDisabled(PylonsTestCase):
     def setup_class(cls):
         CreateTestData.create()
         cls._original_config = config.copy()
-        new_authz.clear_auth_functions_cache()
         wsgiapp = ckan.config.middleware.make_app(
             config['global_conf'], **config)
         cls.app = paste.fixture.TestApp(wsgiapp)
@@ -79,7 +78,6 @@ def setup_class(cls):
     def teardown_class(cls):
         config.clear()
         config.update(cls._original_config)
-        new_authz.clear_auth_functions_cache()
         PylonsTestCase.teardown_class()
 
         model.repo.rebuild_db()
@@ -120,7 +118,6 @@ def setup_class(cls):
         CreateTestData.create()
         cls._original_config = config.copy()
         config['ckan.auth.create_user_via_api'] = True
-        new_authz.clear_auth_functions_cache()
         wsgiapp = ckan.config.middleware.make_app(
             config['global_conf'], **config)
         cls.app = paste.fixture.TestApp(wsgiapp)
@@ -131,7 +128,6 @@ def setup_class(cls):
     def teardown_class(cls):
         config.clear()
         config.update(cls._original_config)
-        new_authz.clear_auth_functions_cache()
         PylonsTestCase.teardown_class()
 
         model.repo.rebuild_db()
@@ -170,7 +166,6 @@ def setup_class(cls):
         CreateTestData.create()
         cls._original_config = config.copy()
         config['ckan.auth.create_user_via_web'] = False
-        new_authz.clear_auth_functions_cache()
         wsgiapp = ckan.config.middleware.make_app(
             config['global_conf'], **config)
         cls.app = paste.fixture.TestApp(wsgiapp)
@@ -181,7 +176,6 @@ def setup_class(cls):
     def teardown_class(cls):
         config.clear()
         config.update(cls._original_config)
-        new_authz.clear_auth_functions_cache()
         PylonsTestCase.teardown_class()
 
         model.repo.rebuild_db()
@@ -208,7 +202,6 @@ def setup_class(cls):
         CreateTestData.create()
         cls._original_config = config.copy()
         config['ckan.auth.create_user_via_web'] = True
-        new_authz.clear_auth_functions_cache()
         wsgiapp = ckan.config.middleware.make_app(
             config['global_conf'], **config)
         cls.app = paste.fixture.TestApp(wsgiapp)
@@ -219,7 +212,6 @@ def setup_class(cls):
     def teardown_class(cls):
         config.clear()
         config.update(cls._original_config)
-        new_authz.clear_auth_functions_cache()
         PylonsTestCase.teardown_class()
 
         model.repo.rebuild_db()