New refreshusers.py helper to assure htaccess is current #181
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
external auth provider login are in fact able to open their files in the Files web page without just hitting an Apache auth error. In practice the helper script looks up user accounts and checks that the corresponding .htaccess file for each account is in sync with the user database contents for that user. In particular that the short_id field commonly doubling as Apache REMOTE_USER is in fact included as a valid 'require user XYZ' clause in the .htaccess file of the user. Matching users where that is not already the case will get all their automatic account files including .htaccess refreshed. Site operators can supply expire range and ID pattern filters like for certain other scripts to target specific users only.
jonasbardino
added
enhancement
…taccess
function for common runs.
Explicitly only run unit tests for py2 when on main/edge as the embedded
refresh call with create_user relies on a py2-only str.encode('string_escape')
construct that will fail on py3. Can probably be enabled on next/experimental.
jonasbardino
added
unit test
and removed
follow-up pending
… will cause problems in the require user line. Fix detection of neither extoid nor extoidc auth.
albu-diku
reviewed
Jan 29, 2025
| self.assertHtaccessRequireUserClause(DUMMY_HTACCESS_PATH, | ||
| DUMMY_REQUIRE_USER) | ||
|
|
||
| @unittest.skipUnless(PY2, "Python 2 only") |
There was a problem hiding this comment.
I don't think it's a good idea to add new tests that target Python 2 given we're trying quite hard to get rid of it - more important is that these tests work on Python 3. What is preventing them working on that or, preferably, both?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New
refreshusers.pyhelper to assure that one or more user accounts with external auth provider login are in fact able to open their files in the Files web page without just hitting an Apache auth error. In practice the helper script looks up user accounts and checks that the corresponding.htaccessfile for each account is in sync with the user database contents for that user. In particular that theshort_idfield commonly doubling as ApacheREMOTE_USERis in fact included as a validrequire user "XYZ"clause in the.htaccessfile of the user.Matching users where that is not already the case will get all their automatic account files including
.htaccessrefreshed.Site operators can supply expire range and ID pattern filters like for certain other scripts to target specific users only.
The code is fully functional and tested in practice, so it can be merged,
but it would be nice towe now include unit tests to help verify general correctness.