(*args, **kwargs)
| 99 | def login_required(perm=None): |
| 100 | def _dec(func): |
| 101 | def _view(*args, **kwargs): |
| 102 | s = request.environ.get('beaker.session') |
| 103 | if s.get("name", None) and s.get("authenticated", False): |
| 104 | if perm: |
| 105 | perms = parse_permissions(s) |
| 106 | if perm not in perms or not perms[perm]: |
| 107 | if request.headers.get('X-Requested-With') == 'XMLHttpRequest': |
| 108 | return HTTPError(403, "Forbidden") |
| 109 | else: |
| 110 | return redirect(PREFIX + "/nopermission") |
| 111 | |
| 112 | return func(*args, **kwargs) |
| 113 | else: |
| 114 | if PYLOAD.getConfigValue("webinterface", "basicauth") == "True": |
| 115 | user, password = request.auth or (None, None) |
| 116 | if user is None: |
| 117 | response.headers['WWW-Authenticate'] = 'Basic realm="pyLoad"' |
| 118 | return HTTPError(401, "Access denied") |
| 119 | else: |
| 120 | info = PYLOAD.checkAuth(user, password) |
| 121 | if not info: |
| 122 | return HTTPError(403, "Forbidden") |
| 123 | else: |
| 124 | set_session(request, info) |
| 125 | return func(*args, **kwargs) |
| 126 | else: |
| 127 | if request.headers.get('X-Requested-With') == 'XMLHttpRequest': |
| 128 | return HTTPError(403, "Forbidden") |
| 129 | else: |
| 130 | return redirect(PREFIX + "/login") |
| 131 | |
| 132 | return _view |
| 133 |
nothing calls this directly
no test coverage detected