authentication failure in a top store falls back to the base store
This commit is contained in:
parent
bfb565777d
commit
ec7a64c66f
|
@ -9,10 +9,11 @@ class AdelineIdpSession(authentic.sessions.BasicSession):
|
|||
authn_request_query_string = None
|
||||
msp_login_dump = None
|
||||
msp_init_federate = False
|
||||
force_base_store = False
|
||||
|
||||
def has_info(self):
|
||||
return self.authn_request_query_string or \
|
||||
self.msp_login_dump or self.msp_init_federate or \
|
||||
self.msp_login_dump or self.msp_init_federate or self.force_base_store or \
|
||||
authentic.sessions.BasicSession.has_info(self)
|
||||
is_dirty = has_info
|
||||
|
||||
|
|
|
@ -21,6 +21,18 @@ class MergedIdentityStore(authentic.identities.IdentitiesStoreStorage):
|
|||
return None
|
||||
|
||||
|
||||
class InheritingIdentityStore(authentic.identities.IdentitiesStoreStorage):
|
||||
def get_identity_for_account(self, account):
|
||||
t = authentic.identities.IdentitiesStoreStorage.get_identity_for_account(self, account)
|
||||
if not t:
|
||||
store = get_collectivity_store(None)
|
||||
t = store.get_identity_for_account(account)
|
||||
if t:
|
||||
get_session().force_base_store = True
|
||||
load_store()
|
||||
return t
|
||||
|
||||
|
||||
def get_collectivity_identity_class(collectivity_id):
|
||||
class CollectivityIdentity(authentic.identities.Identity):
|
||||
_names = 'identities-' + str(collectivity_id)
|
||||
|
@ -32,8 +44,8 @@ def get_collectivity_store(collectivity_id):
|
|||
raise NotImplementedError()
|
||||
elif collectivity_id:
|
||||
# Vandoeuvre (546555) and others
|
||||
store = authentic.identities.IdentitiesStoreStorage(
|
||||
identity_class = get_collectivity_identity_class(collectivity_id))
|
||||
store = InheritingIdentityStore(
|
||||
identity_class = get_collectivity_identity_class(collectivity_id))
|
||||
else:
|
||||
store = MergedIdentityStore()
|
||||
return store
|
||||
|
@ -41,4 +53,6 @@ def get_collectivity_store(collectivity_id):
|
|||
|
||||
def load_store():
|
||||
coll_id = get_request().get_header('X-Gdd-Account-Number')
|
||||
if get_session().force_base_store:
|
||||
coll_id = None
|
||||
get_publisher().store = get_collectivity_store(coll_id)
|
||||
|
|
Reference in New Issue