Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 18 additions & 6 deletions remoteappmanager/jupyterhub/auth/github_whitelist_authenticator.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ class FileWhitelistMixin(LoggingConfigurable):
"""

#: The path of the whitelist file.
whitelist_file = Unicode()
whitelist_file = Unicode(config=True)

#: When the file was last modified, so that we can reload appropriately.
_whitelist_file_last_modified = Float()
Expand All @@ -19,31 +19,43 @@ class FileWhitelistMixin(LoggingConfigurable):

@property
def whitelist(self):
"""Returns the whitelist for the approved users.
"""
# Note: we return a copy because other code in jupyterhub
# will modify the set. We don't want our cache to be modified.
try:
cur_mtime = os.path.getmtime(self.whitelist_file)
if cur_mtime <= self._whitelist_file_last_modified:
# File older than last change.
# keep using the current cached whitelist
return self._whitelist
return set(self._whitelist)

self.log.info("Whitelist file more recent than the old one. "
"Updating whitelist.")

with open(self.whitelist_file, "r") as f:
whitelisted_users = set(x.strip() for x in f.readlines())
whitelisted_users = set(self.normalize_username(x.strip())
for x in f.readlines())
except FileNotFoundError:
# empty set means everybody is allowed
return {}
return set()
except Exception:
# For other exceptions, assume the file is broken, log it
# and return what we have.
self.log.exception("Unable to access whitelist.")
return self._whitelist
return set(self._whitelist)

self._whitelist = whitelisted_users
self._whitelist_file_last_modified = cur_mtime

return self._whitelist
return set(self._whitelist)

@whitelist.setter
def whitelist(self, value):
"""Dummy setter that does nothing.
Jupyterhub assumes it can normalize the names and set them
back. We can't let it perform this operation. """
pass


class GitHubWhitelistAuthenticator(FileWhitelistMixin, GitHubOAuthenticator):
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ def test_basic_auth_with_whitelist_file(self):

auth = self.auth
auth.whitelist_file = whitelist_path

response = yield auth.get_authenticated_user(Mock(),
{"username": "foo"})
self.assertEqual(response, "foo")
Expand Down Expand Up @@ -87,3 +86,13 @@ def test_exception_during_read(self):
response = yield auth.get_authenticated_user(Mock(),
{"username": "foo"})
self.assertEqual(response, None)

def test_dummy_setter(self):
whitelist_path = os.path.join(self.tempdir, "whitelist.txt")
with open(whitelist_path, "w") as f:
f.write("bar\n")

auth = self.auth
auth.whitelist_file = whitelist_path
auth.whitelist = set()
self.assertNotEqual(auth.whitelist, set())