From 839c1468cbe2025e759458bbe82c2f99a5ea347f Mon Sep 17 00:00:00 2001 From: SerenaFeng Date: Fri, 20 Oct 2017 16:13:29 +0800 Subject: allow authentication to be disabled in local deployment situation, authentication can be disabled by setting authenticate=False of ui section in config.ini JIRA: RELENG-324 Change-Id: I9157d1723851feb12435033dbdd59035e3eb5777 Signed-off-by: SerenaFeng --- testapi/etc/config.ini | 3 ++- testapi/opnfv_testapi/cmd/server.py | 2 +- testapi/opnfv_testapi/common/check.py | 3 ++- testapi/opnfv_testapi/tests/unit/common/test_config.py | 3 ++- testapi/opnfv_testapi/ui/auth/user.py | 15 +++++++++++---- 5 files changed, 18 insertions(+), 8 deletions(-) diff --git a/testapi/etc/config.ini b/testapi/etc/config.ini index 8d0bde2..86cb0ca 100644 --- a/testapi/etc/config.ini +++ b/testapi/etc/config.ini @@ -16,7 +16,8 @@ results_per_page = 20 # With debug_on set to true, error traces will be shown in HTTP responses debug = True -authenticate = False +token_check = False +authenticate = True [ui] url = http://localhost:8000 diff --git a/testapi/opnfv_testapi/cmd/server.py b/testapi/opnfv_testapi/cmd/server.py index b7d3caa..011a6cd 100644 --- a/testapi/opnfv_testapi/cmd/server.py +++ b/testapi/opnfv_testapi/cmd/server.py @@ -42,7 +42,7 @@ def make_app(): return swagger.Application( url_mappings.mappings, debug=CONF.api_debug, - auth=CONF.api_authenticate, + auth=CONF.api_token_check, cookie_secret='opnfv-testapi', ) diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py index e80b1c6..fd30c9b 100644 --- a/testapi/opnfv_testapi/common/check.py +++ b/testapi/opnfv_testapi/common/check.py @@ -14,13 +14,14 @@ from tornado import gen from opnfv_testapi.common import constants from opnfv_testapi.common import message from opnfv_testapi.common import raises +from opnfv_testapi.common.config import CONF from opnfv_testapi.db import api as dbapi def is_authorized(method): @functools.wraps(method) def wrapper(self, *args, **kwargs): - if self.table in ['pods']: + if CONF.api_authenticate and self.table in ['pods']: testapi_id = self.get_secure_cookie(constants.TESTAPI_ID) if not testapi_id: raises.Unauthorized(message.not_login()) diff --git a/testapi/opnfv_testapi/tests/unit/common/test_config.py b/testapi/opnfv_testapi/tests/unit/common/test_config.py index ea22972..6d160ce 100644 --- a/testapi/opnfv_testapi/tests/unit/common/test_config.py +++ b/testapi/opnfv_testapi/tests/unit/common/test_config.py @@ -12,7 +12,8 @@ def test_config_normal(mocker, config_normal): assert CONF.mongo_dbname == 'test_results_collection' assert CONF.api_port == 8000 assert CONF.api_debug is True - assert CONF.api_authenticate is False + assert CONF.api_token_check is False + assert CONF.api_authenticate is True assert CONF.ui_url == 'http://localhost:8000' diff --git a/testapi/opnfv_testapi/ui/auth/user.py b/testapi/opnfv_testapi/ui/auth/user.py index ab86007..ff2c2a9 100644 --- a/testapi/opnfv_testapi/ui/auth/user.py +++ b/testapi/opnfv_testapi/ui/auth/user.py @@ -1,5 +1,6 @@ from opnfv_testapi.common import constants from opnfv_testapi.common import raises +from opnfv_testapi.common.config import CONF from opnfv_testapi.resources import handlers from opnfv_testapi.resources import models @@ -19,8 +20,14 @@ class UserHandler(handlers.GenericApiHandler): self.table_cls = User def get(self): - username = self.get_secure_cookie(constants.TESTAPI_ID) - if username: - self._get_one(query={'user': username}) + if CONF.api_authenticate: + username = self.get_secure_cookie(constants.TESTAPI_ID) + if username: + self._get_one(query={'user': username}) + else: + raises.Unauthorized('Unauthorized') else: - raises.Unauthorized('Unauthorized') + self.finish_request(User('anonymous', + 'anonymous@linuxfoundation.com', + 'anonymous lf', + constants.TESTAPI_USERS).format()) -- cgit 1.2.3-korg