From 07b9128ab6431e5e481633141123e580a60ed0e6 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 11 Nov 2013 19:03:18 -0500 Subject: [PATCH] Return 403 if the user logged in is now an org and handle it on the client --- endpoints/api.py | 8 +++++--- static/js/app.js | 9 ++++++++- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/endpoints/api.py b/endpoints/api.py index 88305f213..d13f8b730 100644 --- a/endpoints/api.py +++ b/endpoints/api.py @@ -40,6 +40,10 @@ def api_login_required(f): def decorated_view(*args, **kwargs): if not current_user.is_authenticated(): abort(401) + + if current_user.db_user().organization: + abort(403) + return f(*args, **kwargs) return decorated_view @@ -78,7 +82,7 @@ def get_logged_in_user(): 'can_create_repo': admin_org.can() or CreateRepositoryPermission(o.username).can() } - if current_user.is_anonymous(): + if current_user.is_anonymous() or current_user.db_user().organization: return jsonify({'anonymous': True}) user = current_user.db_user() @@ -223,9 +227,7 @@ def conduct_signin(username, password): @api_login_required def logout(): logout_user() - identity_changed.send(app, identity=AnonymousIdentity()) - return make_response('Success', 200) diff --git a/static/js/app.js b/static/js/app.js index 8fb7773be..6298544d0 100644 --- a/static/js/app.js +++ b/static/js/app.js @@ -867,7 +867,14 @@ quayApp.directive('ngBlur', function() { }; }); -quayApp.run(['$location', '$rootScope', function($location, $rootScope) { +quayApp.run(['$location', '$rootScope', 'Restangular', 'UserService', function($location, $rootScope, Restangular, UserService) { + Restangular.setResponseInterceptor(function(data, operation, what, url, response, deferred) { + if (response.status == 403) { + UserService.load(); + } + return data; + }); + $rootScope.$on('$routeChangeSuccess', function (event, current, previous) { if (current.$$route.title) { $rootScope.title = current.$$route.title;