[#1184] Update user checks in package create and update auth functions

The `auth_is_registered_user` function's name is misleading, as it only checks if there is a user on the Pylons context object (ie if it is logged in). It has been renamed to `auth_is_loggedin_user`, keeping the old as deprecated. The function is not used anymore on the auth functions, as the user should be always present in the context dict passed to the functions (The controller sets context['user'] to c.user). Conflicts: ckan/new_authz.py
ckan · Oct 28, 2013 · 212e000 · 212e000
1 parent 1586f38
commit 212e000
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 5 deletions.
diff --git a/ckan/logic/auth/create.py b/ckan/logic/auth/create.py
@@ -6,7 +6,7 @@
 
 def package_create(context, data_dict=None):
     user = context['user']
-    if not new_authz.auth_is_registered_user() and not user:
+    if not user:
         check1 = new_authz.check_config_permission('anon_create_dataset')
     else:
         check1 = new_authz.check_config_permission('create_dataset_if_not_in_organization') \
@@ -31,7 +31,7 @@ def package_create(context, data_dict=None):
 
 def file_upload(context, data_dict=None):
     user = context['user']
-    if not new_authz.auth_is_registered_user():
+    if not user:
         return {'success': False, 'msg': _('User %s not authorized to create packages') % user}
     return {'success': True}
 

diff --git a/ckan/logic/auth/update.py b/ckan/logic/auth/update.py
@@ -23,7 +23,7 @@ def package_update(context, data_dict):
         )
     else:
         # If dataset is not owned then we can edit if config permissions allow
-        if new_authz.auth_is_registered_user():
+        if user:
             check1 = new_authz.check_config_permission(
                 'create_dataset_if_not_in_organization')
         else:

diff --git a/ckan/new_authz.py b/ckan/new_authz.py
@@ -9,6 +9,8 @@
 import ckan.model as model
 from ckan.common import OrderedDict, _, c
 
+import ckan.lib.maintain as maintain
+
 log = getLogger(__name__)
 
 # This is a private cache used by get_auth_function() and should never
@@ -297,9 +299,14 @@ def check_config_permission(permission):
         return CONFIG_PERMISSIONS[permission]
     return False
 
-
-
+@maintain.deprecated('Use auth_is_loggedin_user instead')
 def auth_is_registered_user():
+    '''
+    This function is deprecated, please use the auth_is_loggedin_user instead
+    '''
+    return auth_is_loggedin_user()
+
+def auth_is_loggedin_user():
     ''' Do we have a logged in user '''
     try:
         context_user = c.user