Commit 0498bafa authored by Gero Müller's avatar Gero Müller
Browse files

fix guest login

parent c9d927d7
......@@ -61,12 +61,6 @@ forgot.subject = Your VISPA password
# absolute url
password_url = http://localhost:4282/vispa/password
# enable guets logins without providing any information
enable_guest_login = False
# add guest automatically to the following groups
guest_groups = []
# default workspace action, i.e. a vispa.callbacks channel
workspace_action = openFileBrowser
......@@ -130,28 +124,40 @@ ignore = [dummy]
[usermanagement]
# do auto setup?
autosetup = True
autosetup = False
# the role/permission setup of the extensions can be accepted or not
accept_extensions = True
# name of the global project
global_project = VISPA
# default user and guest group
user_group = default_user
guest_group = default_guest
user_group = user
guest_group = guest
# three roles, e.g. with ascending rank
role_1 = Student
role_2 = Tutor
role_3 = Manager
# list of permissions that must exist
permissions = ["project.read_items", "project.create_items", "project.edit_items", "project.delete_items"]
# assignment of permissions to default roles. permissions must exists (use line above)
role_1_permissions = ["project.read_items"]
role_2_permissions = ["project.read_items", "project.create_items"]
role_3_permissions = ["project.read_items", "project.create_items", "project.edit_items", "project.delete_items"]
# assignment of roles to user and guest group
user_group_roles = [1]
guest_group_roles = []
# enable guets logins without providing any information
enable_guest_login = False
[ldap-export]
enable = False
......
......@@ -47,10 +47,9 @@ class AjaxController(AbstractController):
user = User.register(cherrypy.request.db, username, email)
session = cherrypy.request.db
if vispa.config("usermanagement", "autosetup", False):
user_group = vispa.config("usermanagement", "user_group", None)
user_group = Group.get_by_name(session, user_group)
user_group.add_user(session, user, Group_User_Assoc.CONFIRMED)
user_group = vispa.config("usermanagement", "user_group", "user")
user_group = Group.get_by_name(session, user_group)
user_group.add_user(session, user, Group_User_Assoc.CONFIRMED)
if vispa.config("web", "registration.autoactive", True):
return { "hash": user.hash }
......
......@@ -229,20 +229,16 @@ class RootController(AbstractController):
raise cherrypy.HTTPRedirect(path)
# return an error when guest logins are disabled
if vispa.config("web", "enable_guest_login", False) is False:
if vispa.config("usermanagement", "enable_guest_login", False) is False:
raise cherrypy.HTTPError(403, "Guest login not allowed!")
db= cherrypy.request.db
# actual guest login
user, password = User.guest_login(req.db)
for groupname in vispa.config("web", "guest_groups", []):
user, password = User.guest_login(db)
for groupname in vispa.config("usermanagement", "guest_group", "guest"):
group = Group.get_or_create_by_name(db, groupname)
group.users.append(user)
# autosetup new guest
if vispa.config("usermanagement", "autosetup", False):
guest_group = vispa.config("usermanagement", "guest_group", None)
guest_group = Group.get_by_name(req.db, guest_group)
guest_group.add_user(req.db, user, Group_User_Assoc.CONFIRMED)
group.add_user(db, user, Group_User_Assoc.UNCONFIRMED)
# update session
cherrypy.session["user_id"] = unicode(user.id)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment