Coverage for gws-app/gws/plugin/account/auth_provider.py: 0%

1"""Account-based authorization provider.""" 

2 

3from typing import Optional, cast 

4 

5import gws 

6import gws.base.auth 

7 

8from . import core, helper 

9 

10gws.ext.new.authProvider('account') 

11 

12 

13class Config(gws.base.auth.provider.Config): 

14 """Account-based authorization provider. (added in 8.1)""" 

15 pass 

16 

17 

18class Object(gws.base.auth.provider.Object): 

19 h: helper.Object 

20 

21 def configure(self): 

22 self.h = cast(helper.Object, self.root.app.helper('account')) 

23 

24 def authenticate(self, method, credentials): 

25 try: 

26 account = self.h.get_account_by_credentials(credentials, expected_status=core.Status.active) 

27 except helper.Error as exc: 

28 raise gws.ForbiddenError() from exc 

29 

30 if account: 

31 return self._make_user(account) 

32 

33 def get_user(self, local_uid): 

34 account = self.h.get_account_by_id(local_uid) 

35 if account: 

36 return self._make_user(account) 

37 

38 def _make_user(self, account: dict) -> gws.User: 

39 user_rec = {} 

40 

41 for k, v in account.items(): 

42 if k == self.h.adminModel.uidName: 

43 user_rec['localUid'] = str(v) 

44 else: 

45 user_rec[k] = v 

46 

47 return gws.base.auth.user.from_record(self, user_rec)