-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
make context['user'] always username or None #2817
make context['user'] always username or None #2817
Conversation
@vitorbaptista does this change fix the tests for you, like #2801 ? |
👍 |
@wardi Unfortunately it doesn't. The test is simply: @helpers.change_config('ckan.auth.anon_create_dataset', False)
def test_new_requires_user_to_be_able_to_create_packages(self):
url = toolkit.url_for('import_datapackage')
response = self.app.get(url)
assert_equals(302, response.status_int) Where the # ckan/authz.py
def auth_is_anon_user(context):
''' Is this an anonymous user?
eg Not logged in if a web request and not user defined in context
if logic functions called directly
See ckan/lib/base.py:232 for pylons context object logic
'''
context_user = context.get('user') # context_user == u"Unknown IP Address"
is_anon_user = not bool(context_user) # is_anon_user == False (should be True)
return is_anon_user |
Hmm. I wonder how we're getting "Unknown IP Address" in context['user']. @vitorbaptista Is the import_datapackage controller code putting |
@wardi the "Unknown IP Address" comes from https://github.com/ckan/ckan/blob/master/ckan/lib/base.py#L261 |
@vitorbaptista I see. That's being stored in c.remote_addr, I'm trying to figure out how that value ends up in context['user']. The code I changed is trying to prevent it ending up there via c.author |
@vitorbaptista I think this could be your problem https://github.com/ckan/ckanext-datapackager/blob/master/ckanext/datapackager/controllers/datapackage.py#L38 |
@wardi you're right! Removing the I don't know the implications of this PR but, as far as I'm concerned, it's good to go. |
For more information about it, check ckan/ckan#2817
This removes the need to detect IP addresses and other non-username strings in
context['user']
. This is important because this value is used to determine authorization to perform actions.