mirror of
https://github.com/zulip/zulip.git
synced 2026-07-12 21:04:41 +08:00
DummyAuthBackend: Require being passed a realm object.
We should now always know the realm in our auth code paths.
This commit is contained in:
parent
236c4b5d96
commit
f17974ab32
@ -130,11 +130,14 @@ class AuthBackendTest(ZulipTestCase):
|
||||
|
||||
def test_dummy_backend(self):
|
||||
# type: () -> None
|
||||
realm = get_realm("zulip")
|
||||
username = self.get_username()
|
||||
self.verify_backend(ZulipDummyBackend(),
|
||||
good_kwargs=dict(username=username,
|
||||
realm=realm,
|
||||
use_dummy_backend=True),
|
||||
bad_kwargs=dict(username=username,
|
||||
realm=realm,
|
||||
use_dummy_backend=False))
|
||||
|
||||
def setup_subdomain(self, user_profile):
|
||||
|
||||
@ -228,7 +228,7 @@ def remote_user_jwt(request):
|
||||
# that the request.backend attribute gets set.
|
||||
return_data = {} # type: Dict[str, bool]
|
||||
user_profile = authenticate(username=email,
|
||||
realm_subdomain=realm.subdomain,
|
||||
realm=realm,
|
||||
return_data=return_data,
|
||||
use_dummy_backend=True)
|
||||
except UserProfile.DoesNotExist:
|
||||
@ -417,7 +417,7 @@ def authenticate_remote_user(realm, email_address):
|
||||
return None, return_data
|
||||
|
||||
user_profile = authenticate(username=email_address,
|
||||
realm_subdomain=realm.subdomain,
|
||||
realm=realm,
|
||||
use_dummy_backend=True,
|
||||
return_data=return_data)
|
||||
return user_profile, return_data
|
||||
|
||||
@ -232,7 +232,7 @@ def accounts_register(request):
|
||||
# This dummy_backend check below confirms the user is
|
||||
# authenticating to the correct subdomain.
|
||||
auth_result = authenticate(username=user_profile.email,
|
||||
realm_subdomain=realm.subdomain,
|
||||
realm=realm,
|
||||
return_data=return_data,
|
||||
use_dummy_backend=True)
|
||||
if return_data.get('invalid_subdomain'):
|
||||
|
||||
@ -288,15 +288,16 @@ class ZulipDummyBackend(ZulipAuthMixin):
|
||||
Used when we want to log you in but we don't know which backend to use.
|
||||
"""
|
||||
|
||||
def authenticate(self, username: Optional[Text]=None, realm_subdomain: Optional[Text]=None,
|
||||
def authenticate(self, username: Optional[Text]=None, realm: Optional[Realm]=None,
|
||||
use_dummy_backend: bool=False,
|
||||
return_data: Optional[Dict[str, Any]]=None) -> Optional[UserProfile]:
|
||||
assert username is not None
|
||||
assert realm is not None
|
||||
if use_dummy_backend:
|
||||
user_profile = common_get_active_user_by_email(username)
|
||||
if user_profile is None:
|
||||
return None
|
||||
if not user_matches_subdomain(realm_subdomain, user_profile):
|
||||
if not user_matches_subdomain(realm.subdomain, user_profile):
|
||||
if return_data is not None:
|
||||
return_data["invalid_subdomain"] = True
|
||||
return None
|
||||
|
||||
Loading…
Reference in New Issue
Block a user