1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
import time
import os.path
from MoinMoin import user, log
from MoinMoin.auth import GivenAuth
from MoinMoin.web.session import FileSessionService
from MoinMoin.config.multiconfig import DefaultConfig
class SSLAuth(GivenAuth):
# Usage:
#auth = [SSLAuth()]
def __init__(self):
GivenAuth.__init__(self, env_var="HTTP_X_FORWARDED_USER")
self.log = log.getLogger(__name__)
def transform_username(self, name):
return name[4:]
def request(self, request, user_obj, **kw):
u = None
_ = request.getText
# always revalidate auth
if user_obj and user_obj.auth_method == self.name:
user_obj = None
# something else authenticated before us
if user_obj:
self.log.debug("already authenticated, doing nothing")
return user_obj, True
if self.user_name is not None:
auth_username = self.user_name
elif self.env_var is None:
auth_username = request.remote_user
else:
auth_username = request.environ.get(self.env_var)
self.log.debug("auth_username = %r" % auth_username)
if auth_username:
auth_username = self.decode_username(auth_username)
auth_username = self.transform_username(auth_username)
self.log.debug("auth_username (after decode/transform) = %r"
% auth_username)
uid = user._getUserIdByKey(request, 'aliasname', auth_username)
if uid is not None:
u = user.User(request, uid, auth_method=self.name,
auth_attribs=('name', 'password'))
self.log.debug("u: %r" % u)
if u and self.autocreate:
self.log.debug("autocreating user")
u.create_or_update()
if u and u.valid:
self.log.debug("returning valid user %r" % u)
return u, True # True to get other methods called, too
else:
self.log.debug("returning %r" % user_obj)
return user_obj, True
class AuditingSessionService(FileSessionService):
def finalize(self, request, session):
if session.new:
session["from_ua"] = request.in_headers.get("User-Agent")
session["from_ip"] = request.in_headers.get("X-Forwarded-For")
session["started"] = int(time.time())
if not request.cfg.can_remember:
request.user.remember_me = False
FileSessionService.finalize(self, request, session)
class BaseConfig(DefaultConfig):
data_dir = "/srv/wiki/data/" # Docker Default
plugin_dirs = ["/srv/wiki-common/plugins"]
page_front_page = u"FrontPage"
theme_default = u"crute_modernized"
supplementation_page = True
mail_from = u"wiki-noreply@crute.us"
# Use mail_smarthost in prod
#mail_sendmail = "/usr/sbin/sendmail -t -i"
acl_rights_before = u"AdminGroup:read,write,delete,revert,admin"
acl_rights_after = u"All:"
acl_rights_default = u"Known:read,write,delete,revert All:"
acl_hierarchic = True
actions_excluded = DefaultConfig.actions_excluded[:]
actions_excluded.remove("xmlrpc")
logo_string = u'<img src="/WikiStatic?action=AttachFile&do=get&target=logo.png"/>'
url_prefix_static = u"/static"
navi_bar = [
u"%(page_front_page)s",
u"RecentChanges",
u"FindPage",
]
editor_force = False
editor_ui = "freechoice"
cookie_secure = True
cookie_httponly = True
session_service = AuditingSessionService()
can_remember = True
# Moin won't use these if the proper bindings aren't installed
xapian_search = True
xapian_stemming = True
show_highlight_msg = True
@property
def data_underlay_dir(self):
return os.path.join(self.data_dir, "underlay/")
|