Created
August 17, 2017 05:42
-
-
Save mistercrunch/33bd67cc627572b2cac598608b8f81c0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AirbnbAuthRemoteUserView(AuthRemoteUserView): | |
def add_role_if_missing(self, sm, user_id, role_name): | |
found_role = sm.find_role(role_name) | |
session = sm.get_session | |
user = session.query(sm.user_model).get(user_id) | |
if found_role and found_role not in user.roles: | |
user.roles += [found_role] | |
session.commit() | |
@expose('/login/') | |
def login(self): | |
# Flushing flash message "Access is denied" | |
if web_session and '_flashes' in web_session: | |
web_session.pop('_flashes') | |
from flask import g | |
if g and g.user is not None and g.user.is_authenticated(): | |
return redirect(self.redirect_url()) | |
sm = self.appbuilder.sm | |
error_msg = None | |
if any([ | |
k not in request.headers | |
for k in ['X-LDAP-Username', 'X-LDAP-Groups']]): | |
raise | |
username = request.headers.get('X-LDAP-Username') | |
groups = request.headers.get('X-LDAP-Groups', '').lower().split(',') | |
session = sm.get_session | |
user = session.query(sm.user_model).filter_by(username=username).first() | |
if user and not user.is_active(): | |
return ( | |
"Your account is not activated, " | |
"ask an admin to check the 'Is Active?' box in your " | |
"user profile") | |
if any([gr in ACCEPTED_ROLES for gr in groups]): | |
role = sm.find_role('alpha') | |
else: | |
role = sm.find_role('gamma') | |
if user is None and username: | |
user = sm.add_user( | |
username=username, | |
first_name=username, | |
last_name='', | |
email="{}@airbnb.com".format(username), | |
role=role) | |
msg = ("Welcome to Superset, {}".format(username)) | |
flash(as_unicode(msg), 'info') | |
user = sm.auth_user_remote_user(username) | |
elif role not in user.roles: | |
user = session.query(sm.user_model).get(user.id) | |
user.roles += [role] | |
session.commit() | |
self.add_role_if_missing(sm, user.id, 'airbnb_anon') | |
self.add_role_if_missing(sm, user.id, 'sql_lab') | |
login_user(user) | |
return redirect(self.redirect_url()) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment