def rq_reload_acl_rules(self, id, *args):
u"""
Reloads system ACLs database to cache
"""
ACLDB().reload_rules()
return _(u"ACL Rules reloaded.")
def __reginit__(self):
self.authenticated = False
self.authorized = False
self.clientdb = ClientDB()
self.acldb = ACLDB()
# this one is to do operation on sites from the console
# or the command line
self._sitedb = SiteDB()
self.tags = ACLTags()
def authorize(self, user_site, client, need_login=False):
if not isinstance(user_site, SiteInfo):
if not self.exists(user_site):
return False
user, site = self.split_user_site(user_site)
siteinfo = SiteInfo(user, site)
else:
siteinfo = user_site
if not siteinfo.loaded:
return False
if not ACLDB().check(acl='authorize', client=client.get_tags(),
site=siteinfo.get_tags()):
return False
self.siteinfo = siteinfo
if need_login and siteinfo.login is None:
self.select_login()
return True
def authenticate(self, username, auth_tokens, **tokens):
"""
Authenticate the client connecting as C{username} with C{**tokens}.
If authentication is successful, set the attribute C{clientinfo} as
an instance of L{ClientInfo}.
This only controls the connection from the client to the proxy.
@param username: the username
@type username: str
@param **tokens: the authentication tokens (password, key, ...)
@type **tokens: dict
@return: True if authenticated, False otherwise.
@rtype: bool
"""
clientinfo = ClientInfo(username, **tokens)
if not ACLDB().check(acl='authenticate', client=clientinfo.get_tags()):
return False
if clientinfo.authenticate(**auth_tokens):
self.clientinfo = clientinfo
return True
else:
return False
def func_reload_acl_rules(self, *args):
ACLDB().reload_rules()
return True
def func_check_acl(self, _chan, *args, **kw):
if not len(args):
return False
namespaces = self.namespaces[_chan]
return ACLDB().check(acl=args[0], **namespaces)
