From 1a51c0d51315454fe3773f4bddb43a391c9bce27 Mon Sep 17 00:00:00 2001 From: Zach Sailer Date: Thu, 10 Mar 2022 10:36:35 -0800 Subject: [PATCH] allow handlers to work without an authorizer in the settings --- jupyter_server/auth/decorator.py | 21 ++++++++++++++++++++- jupyter_server/base/handlers.py | 2 +- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/jupyter_server/auth/decorator.py b/jupyter_server/auth/decorator.py index 926808fd85..ba8f109fd0 100644 --- a/jupyter_server/auth/decorator.py +++ b/jupyter_server/auth/decorator.py @@ -2,6 +2,7 @@ """ # Copyright (c) Jupyter Development Team. # Distributed under the terms of the Modified BSD License. +import warnings from functools import wraps from typing import Callable from typing import Optional @@ -13,6 +14,20 @@ from .utils import HTTP_METHOD_TO_AUTH_ACTION +def raise_no_authorizer_warning(): + warnings.warn( + "The Tornado web application does not have an 'authorizer' defined " + "in its settings. In future releases of jupyter_server, this will " + "be a required key for all subclasses of `JupyterHandler`. For an " + "example, see the jupyter_server source code for how to " + "add an authorizer to the tornado settings: " + "https://github.com/jupyter-server/jupyter_server/blob/" + "653740cbad7ce0c8a8752ce83e4d3c2c754b13cb/jupyter_server/serverapp.py" + "#L234-L256", + # stacklevel=2 + ) + + def authorized( action: Optional[Union[str, Callable]] = None, resource: Optional[str] = None, @@ -61,7 +76,11 @@ def inner(self, *args, **kwargs): raise HTTPError(status_code=403, log_message=message) # If the user is allowed to do this action, # call the method. - if self.authorizer.is_authorized(self, user, action, resource): + if not self.authorizer: + with warnings.catch_warnings(): + warnings.simplefilter("once") + raise_no_authorizer_warning() + elif self.authorizer.is_authorized(self, user, action, resource): return method(self, *args, **kwargs) # else raise an exception. else: diff --git a/jupyter_server/base/handlers.py b/jupyter_server/base/handlers.py index 0361b12d3a..8f395730ab 100644 --- a/jupyter_server/base/handlers.py +++ b/jupyter_server/base/handlers.py @@ -193,7 +193,7 @@ def login_available(self): @property def authorizer(self): - return self.settings["authorizer"] + return self.settings.get("authorizer") class JupyterHandler(AuthenticatedHandler):