diff src/server/server.py @ 471:de039f008333

server side: added config only option empty_password_allowed_warning_dangerous_list, which allow to connect with a profile with empty password. /!\ MUST not be used if Libervia is accessible from outside, this option is mainly useful for developpers.
author Goffi <goffi@goffi.org>
date Tue, 10 Jun 2014 15:59:52 +0200
parents 34ce41e014c4
children 42c8e91af048
line wrap: on
line diff
--- a/src/server/server.py	Tue Jun 10 15:38:47 2014 +0200
+++ b/src/server/server.py	Tue Jun 10 15:59:52 2014 +0200
@@ -631,9 +631,10 @@
             raise Exception('No profile_key allowed')
 
         profile_check = self.sat_host.bridge.getProfileName(login_)
-        if not profile_check or profile_check != login_ or not password_:
+        if ((not profile_check or profile_check != login_) or
+            (not password_ and profile_check not in self.sat_host.empty_password_allowed_warning_dangerous_list)):
+            return "PROFILE AUTH ERROR"
             # profiles with empty passwords are restricted to local frontends
-            return "PROFILE AUTH ERROR"
 
         if login_ in self.profiles_waiting:
             return "ALREADY WAITING"
@@ -1015,7 +1016,7 @@
                            ['passphrase', 'k', '', _(u"Passphrase for the SàT profile named '%s'") % C.SERVICE_PROFILE, str],
                            ['data_dir', 'd', DATA_DIR_DEFAULT, _(u'Data directory for Libervia'), coerceDataDir],
                           ] # options which are in sat.conf and on command line, see https://twistedmatrix.com/documents/current/api/twisted.python.usage.Options.html
-    OPT_PARAMETERS_CFG = [] # Options which are in sat.conf only
+    OPT_PARAMETERS_CFG = [['empty_password_allowed_warning_dangerous_list', None, '', None]] # Options which are in sat.conf only
 
     def __init__(self, *args, **kwargs):
         self.initialised = defer.Deferred()