From f17974ab32ee8162bb0dcb4386c2bf7609905efd Mon Sep 17 00:00:00 2001 From: Tim Abbott Date: Mon, 2 Oct 2017 17:29:20 -0700 Subject: [PATCH] DummyAuthBackend: Require being passed a realm object. We should now always know the realm in our auth code paths. --- zerver/tests/test_auth_backends.py | 3 +++ zerver/views/auth.py | 4 ++-- zerver/views/registration.py | 2 +- zproject/backends.py | 5 +++-- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py index 1ceb886f9b..2dbf16dcd2 100644 --- a/zerver/tests/test_auth_backends.py +++ b/zerver/tests/test_auth_backends.py @@ -130,11 +130,14 @@ class AuthBackendTest(ZulipTestCase): def test_dummy_backend(self): # type: () -> None + realm = get_realm("zulip") username = self.get_username() self.verify_backend(ZulipDummyBackend(), good_kwargs=dict(username=username, + realm=realm, use_dummy_backend=True), bad_kwargs=dict(username=username, + realm=realm, use_dummy_backend=False)) def setup_subdomain(self, user_profile): diff --git a/zerver/views/auth.py b/zerver/views/auth.py index f97f8d7b8a..8b64ede456 100644 --- a/zerver/views/auth.py +++ b/zerver/views/auth.py @@ -228,7 +228,7 @@ def remote_user_jwt(request): # that the request.backend attribute gets set. return_data = {} # type: Dict[str, bool] user_profile = authenticate(username=email, - realm_subdomain=realm.subdomain, + realm=realm, return_data=return_data, use_dummy_backend=True) except UserProfile.DoesNotExist: @@ -417,7 +417,7 @@ def authenticate_remote_user(realm, email_address): return None, return_data user_profile = authenticate(username=email_address, - realm_subdomain=realm.subdomain, + realm=realm, use_dummy_backend=True, return_data=return_data) return user_profile, return_data diff --git a/zerver/views/registration.py b/zerver/views/registration.py index 89100746a1..aa15988c1e 100644 --- a/zerver/views/registration.py +++ b/zerver/views/registration.py @@ -232,7 +232,7 @@ def accounts_register(request): # This dummy_backend check below confirms the user is # authenticating to the correct subdomain. auth_result = authenticate(username=user_profile.email, - realm_subdomain=realm.subdomain, + realm=realm, return_data=return_data, use_dummy_backend=True) if return_data.get('invalid_subdomain'): diff --git a/zproject/backends.py b/zproject/backends.py index cd24202373..b2ac2fcff5 100644 --- a/zproject/backends.py +++ b/zproject/backends.py @@ -288,15 +288,16 @@ class ZulipDummyBackend(ZulipAuthMixin): Used when we want to log you in but we don't know which backend to use. """ - def authenticate(self, username: Optional[Text]=None, realm_subdomain: Optional[Text]=None, + def authenticate(self, username: Optional[Text]=None, realm: Optional[Realm]=None, use_dummy_backend: bool=False, return_data: Optional[Dict[str, Any]]=None) -> Optional[UserProfile]: assert username is not None + assert realm is not None if use_dummy_backend: user_profile = common_get_active_user_by_email(username) if user_profile is None: return None - if not user_matches_subdomain(realm_subdomain, user_profile): + if not user_matches_subdomain(realm.subdomain, user_profile): if return_data is not None: return_data["invalid_subdomain"] = True return None