misc: remove unused option to bind a session to an IP address (#55960)

2021-08-03 23:19:24 +02:00 · 2021-08-03 23:19:24 +02:00 · 41cf01ccd9
parent 21f7ccf668
commit 41cf01ccd9
4 changed files with 2 additions and 67 deletions
--- a/tests/admin_pages/test_settings.py
+++ b/tests/admin_pages/test_settings.py
@ -68,7 +68,6 @@ def test_settings(pub):
    app.get('/backoffice/settings/identification')
    app.get('/backoffice/settings/sitename')
    app.get('/backoffice/settings/sms')
-    app.get('/backoffice/settings/session')
    app.get('/backoffice/settings/admin-permissions')


@ -302,23 +301,6 @@ def test_settings_export_import(pub):
    assert 'Unknown referenced role (qux)' in resp


-def test_settings_session(pub):
-    create_superuser(pub)
-    app = login(get_app(pub))
-    resp = app.get('/backoffice/settings/session')
-    assert resp.form['ip_linked'].checked is False
-    resp.form['ip_linked'].checked = True
-    resp = resp.form.submit('submit')
-    pub.reload_cfg()
-    assert pub.cfg['session']['ip_linked'] is True
-
-    resp = app.get('/backoffice/settings/session')
-    assert resp.form['ip_linked'].checked is True
-    resp.form['ip_linked'].checked = False
-    resp = resp.form.submit('cancel')
-    assert pub.cfg['session']['ip_linked'] is True
-
-
 def test_settings_themes(pub):
    create_superuser(pub)
    app = login(get_app(pub))
--- a/wcs/admin/settings.py
+++ b/wcs/admin/settings.py
@ -500,7 +500,6 @@ class SettingsDirectory(QommonSettingsDirectory):
        'certificates',
        'texts',
        'install_theme',
-        'session',
        'download_theme',
        'postgresql',
        ('admin-permissions', 'admin_permissions'),
@ -571,12 +570,6 @@ class SettingsDirectory(QommonSettingsDirectory):
                    _(method_admin.label),
                )

-        if enabled('session'):
-            r += htmltext('<dt><a href="session">%s</a></dt> <dd>%s</dd>') % (
-                _('Session'),
-                _('Configure session management'),
-            )
-
        if enabled('permissions'):
            roles = list(get_publisher().role_class.select())
            if roles:
--- a/wcs/qommon/admin/settings.py
+++ b/wcs/qommon/admin/settings.py
@ -30,32 +30,6 @@ class SettingsDirectory(AccessControlled, Directory):
    def _q_access(self):
        get_response().breadcrumb.append(('settings/', _('Settings')))

-    def session(self):
-        form = Form(enctype='multipart/form-data')
-        session_cfg = get_cfg('session', {})
-        form.add(
-            CheckboxWidget,
-            'ip_linked',
-            title=_('Fix sessions to an IP address'),
-            value=session_cfg.get('ip_linked'),
-        )
-
-        form.add_submit('submit', _('Submit'))
-        form.add_submit('cancel', _('Cancel'))
-        if form.get_widget('cancel').parse():
-            return redirect('.')
-
-        if not form.is_submitted() or form.has_errors():
-            get_response().breadcrumb.append(('session', _('Session')))
-            html_top('settings', title=_('Session'))
-            r = TemplateIO(html=True)
-            r += htmltext('<h2>%s</h2>') % _('Session')
-            r += form.render()
-            return r.getvalue()
-        else:
-            cfg_submit(form, 'session', ['ip_linked'])
-            return redirect('.')
-
    def language(self):
        form = Form(enctype='multipart/form-data')
        language_cfg = get_cfg('language', {})
--- a/wcs/qommon/sessions.py
+++ b/wcs/qommon/sessions.py
@ -24,13 +24,12 @@ from django.conf import settings
 from django.core.signing import BadSignature, Signer
 from django.utils.encoding import force_bytes, force_text
 from quixote import get_publisher
-from quixote.publish import get_request, get_session, get_session_manager
+from quixote.publish import get_session_manager
 from quixote.session import Session as QuixoteSession
 from quixote.session import SessionManager as QuixoteSessionManager
 from quixote.util import randbytes

 from . import misc
-from .publisher import get_cfg
 from .storage import StorableObject
 from .upload_storage import get_storage_object

@ -351,20 +350,7 @@ class Session(QommonSession, CaptchaSession, StorableObject):


 class QommonSessionManager(QuixoteSessionManager):
-    def start_request(self):
-        QuixoteSessionManager.start_request(self)
-        session_cfg = get_cfg('session', {})
-        ip_linked = session_cfg.get('ip_linked', False)
-        if ip_linked:
-            env = get_request().environ
-            ip = env.get('X_FORWARDED_FOR', env.get('REMOTE_ADDR'))
-            session = get_session()
-            if ip != session._remote_address:
-                # clean cookie
-                get_session_manager().expire_session()
-                # start a new cookie
-                QuixoteSessionManager.start_request(self)
-                session = get_session()
+    pass


 class StorageSessionManager(QommonSessionManager):