Skip to content

Commit

Permalink
raise warning once and allow disabled authorization
Browse files Browse the repository at this point in the history
  • Loading branch information
Zsailer committed Mar 15, 2022
1 parent 66ef12d commit a7c7f5a
Showing 1 changed file with 18 additions and 9 deletions.
27 changes: 18 additions & 9 deletions jupyter_server/auth/decorator.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@
from .utils import HTTP_METHOD_TO_AUTH_ACTION


WARNED_ABOUT_DISABLED_AUTHORIZATION = False


def raise_no_authorizer_warning():
warnings.warn(
"The Tornado web application does not have an 'authorizer' defined "
Expand All @@ -24,7 +27,7 @@ def raise_no_authorizer_warning():
"https://github.com/jupyter-server/jupyter_server/blob/"
"653740cbad7ce0c8a8752ce83e4d3c2c754b13cb/jupyter_server/serverapp.py"
"#L234-L256",
# stacklevel=2
DeprecationWarning,
)


Expand Down Expand Up @@ -74,17 +77,23 @@ def inner(self, *args, **kwargs):
if not user:
app_log.warning("Attempting to authorize request without authentication!")
raise HTTPError(status_code=403, log_message=message)
# If the user is allowed to do this action,
# call the method.

# Handle the case where an authorizer wasn't attached to the handler.
if not self.authorizer:
with warnings.catch_warnings():
warnings.simplefilter("once")
raise_no_authorizer_warning()
elif self.authorizer.is_authorized(self, user, action, resource):
warnings.simplefilter("default")
global WARNED_ABOUT_DISABLED_AUTHORIZATION
if not WARNED_ABOUT_DISABLED_AUTHORIZATION:
raise_no_authorizer_warning()
WARNED_ABOUT_DISABLED_AUTHORIZATION = True
return method(self, *args, **kwargs)
# else raise an exception.
else:
raise HTTPError(status_code=403, log_message=message)

# Only return the method if the action is authorized.
if self.authorizer.is_authorized(self, user, action, resource):
return method(self, *args, **kwargs)

# Raise an exception if the method wasn't returned (i.e. not authorized)
raise HTTPError(status_code=403, log_message=message)

return inner

Expand Down

0 comments on commit a7c7f5a

Please sign in to comment.