def auth(self, inode, bits):
def _auth(user, inode):
if user["password"] != inode.passwd:
raise ServiceAuthenticationError()
ns = user["ns"].split(",")
rns = inode.node_path.split("/")
if len(rns) > 1:
rns = '.'.join(rns[0:2])
else:
rns = rns[0]
if rns.lstrip(".") not in ns:
raise ServiceAuthenticationError("this ns is not allowed")
return inode
def _fail(e):
log.msg("Authentication failed: %s" % str(e.value),
level=logging.DEBUG)
raise ServiceAuthenticationError()
# if no admin_user, disable authentication
if self.admin_user == '':
return inode
# admin user has all privileges
if (inode.user == self.admin_user and
inode.passwd == self.admin_passwd):
return inode
d = dbBackend.selectNode("_meta.users." + inode.user)
d.addCallbacks(_auth, _fail, callbackArgs=(inode,))
return d
def selectNode(self, inode):
d = dbBackend.selectNode(inode.node_path)
return d