First stab at token auth. The UI could use a little bit of polishing.

2013-10-16 14:24:10 -04:00 · 2013-10-16 14:24:10 -04:00 · 283f9b81ae
commit 283f9b81ae
parent f1746417b1
9 changed files with 360 additions and 91 deletions
--- a/auth/permissions.py
+++ b/auth/permissions.py
@ -80,19 +80,14 @@ def on_identity_loaded(sender, identity):
    identity_changed.send(app, identity=switch_to_deferred)

  elif identity.auth_type == 'token':
-    logger.debug('Computing permissions for token: %s' % identity.id)
+    logger.debug('Loading permissions for token: %s' % identity.id)
+    token_data = model.load_token_data(identity.id)

-    token = model.get_token(identity.id)
-
-    if token.user:
-      query = model.get_user_repo_permissions(token.user, token.repository)
-      for permission in query:
-        t_grant = _RepositoryNeed(token.repository.namespace,
-                                  token.repository.name, permission.role.name)
-        logger.debug('Token added permission: {0}'.format(t_grant))
-        identity.provides.add(t_grant)
-    else:
-      logger.debug('Token was anonymous.')
+    repo_grant = _RepositoryNeed(token_data.repository.namespace,
+                                 token_data.repository.name,
+                                 token_data.role.name)
+    logger.debug('Delegate token added permission: {0}'.format(repo_grant))
+    identity.provides.add(repo_grant)

  else:
    logger.error('Unknown identity auth type: %s' % identity.auth_type)