diff options
-rw-r--r-- | kvmd/apps/__init__.py | 2 | ||||
-rw-r--r-- | kvmd/apps/kvmd/__init__.py | 2 | ||||
-rw-r--r-- | kvmd/apps/kvmd/auth.py | 22 | ||||
-rw-r--r-- | testenv/tests/apps/kvmd/test_auth.py | 4 |
4 files changed, 15 insertions, 15 deletions
diff --git a/kvmd/apps/__init__.py b/kvmd/apps/__init__.py index 82ca1fa7..1c29b182 100644 --- a/kvmd/apps/__init__.py +++ b/kvmd/apps/__init__.py @@ -198,7 +198,7 @@ def _get_config_scheme() -> Dict: }, "auth": { - "disabled": Option(False, type=valid_bool), + "enabled": Option(True, type=valid_bool), "internal": { "type": Option("htpasswd"), diff --git a/kvmd/apps/kvmd/__init__.py b/kvmd/apps/kvmd/__init__.py index fb79bb7e..d21de499 100644 --- a/kvmd/apps/kvmd/__init__.py +++ b/kvmd/apps/kvmd/__init__.py @@ -69,7 +69,7 @@ def main(argv: Optional[List[str]]=None) -> None: external_type=config.auth.external.type, external_kwargs=(config.auth.external._unpack(ignore=["type"]) if config.auth.external.type else {}), force_internal_users=config.auth.internal.force_users, - disabled=config.auth.disabled, + enabled=config.auth.enabled, ), info_manager=InfoManager(**config.info._unpack()), log_reader=LogReader(), diff --git a/kvmd/apps/kvmd/auth.py b/kvmd/apps/kvmd/auth.py index 03b067aa..5e3551b5 100644 --- a/kvmd/apps/kvmd/auth.py +++ b/kvmd/apps/kvmd/auth.py @@ -46,20 +46,20 @@ class AuthManager: external_kwargs: Dict, force_internal_users: List[str], - disabled: bool, + enabled: bool, ) -> None: - self.__disabled = disabled - if disabled: + self.__enabled = enabled + if not enabled: get_logger().warning("AUTHORIZATION IS DISABLED") self.__internal_service: Optional[BaseAuthService] = None - if not disabled: + if enabled: self.__internal_service = get_auth_service_class(internal_type)(**internal_kwargs) get_logger().info("Using internal auth service %r", self.__internal_service.get_plugin_name()) self.__external_service: Optional[BaseAuthService] = None - if not disabled and external_type: + if enabled and external_type: self.__external_service = get_auth_service_class(external_type)(**external_kwargs) get_logger().info("Using external auth service %r", self.__external_service.get_plugin_name()) @@ -68,10 +68,10 @@ class AuthManager: self.__tokens: Dict[str, str] = {} # {token: user} def is_auth_enabled(self) -> bool: - return (not self.__disabled) + return self.__enabled async def authorize(self, user: str, passwd: str) -> bool: - assert not self.__disabled + assert self.__enabled assert self.__internal_service if user not in self.__force_internal_users and self.__external_service: @@ -87,7 +87,7 @@ class AuthManager: return ok async def login(self, user: str, passwd: str) -> Optional[str]: - assert not self.__disabled + assert self.__enabled if (await self.authorize(user, passwd)): for (token, token_user) in self.__tokens.items(): if user == token_user: @@ -100,18 +100,18 @@ class AuthManager: return None def logout(self, token: str) -> None: - assert not self.__disabled + assert self.__enabled user = self.__tokens.pop(token, "") if user: get_logger().info("Logged out user %r", user) def check(self, token: str) -> Optional[str]: - assert not self.__disabled + assert self.__enabled return self.__tokens.get(token) @aiotools.atomic async def cleanup(self) -> None: - if not self.__disabled: + if self.__enabled: assert self.__internal_service await self.__internal_service.cleanup() if self.__external_service: diff --git a/testenv/tests/apps/kvmd/test_auth.py b/testenv/tests/apps/kvmd/test_auth.py index 8039292a..66e54dca 100644 --- a/testenv/tests/apps/kvmd/test_auth.py +++ b/testenv/tests/apps/kvmd/test_auth.py @@ -59,7 +59,7 @@ async def _get_configured_manager( external_type=("htpasswd" if external_path else ""), external_kwargs=(_make_service_kwargs(external_path) if external_path else {}), force_internal_users=(force_internal_users or []), - disabled=False, + enabled=True, ) try: @@ -147,7 +147,7 @@ async def test_ok__disabled() -> None: external_type="", external_kwargs={}, force_internal_users=[], - disabled=True, + enabled=False, ) assert not manager.is_auth_enabled() |