diff --git a/helios/models.py b/helios/models.py
index 25ecae399b914a816c077685a81c4de886744b2f..128105db2e2b0a6b5eb05fa12d876ad7d462d546 100644
--- a/helios/models.py
+++ b/helios/models.py
@@ -481,7 +481,7 @@ class Election(HeliosModel):
#if self.voter_set.count() == 0:
# return
- auth_systems = copy.copy(settings.AUTH_ENABLED_AUTH_SYSTEMS)
+ auth_systems = copy.copy(settings.AUTH_ENABLED_SYSTEMS)
voter_types = [r['user__user_type'] for r in self.voter_set.values('user__user_type').distinct() if
r['user__user_type'] is not None]
diff --git a/helios/tests.py b/helios/tests.py
index a5b1a0270945a97a9284bdce8db1183e990cd92e..60103c8d3c9b9aa4193d71ea9156d804f313da64 100644
--- a/helios/tests.py
+++ b/helios/tests.py
@@ -3,6 +3,7 @@ Unit Tests for Helios
"""
import datetime
+import logging
import re
import uuid
from urllib.parse import urlencode
@@ -151,6 +152,13 @@ class ElectionModelTests(TestCase):
def test_facebook_eligibility(self):
self.election.eligibility = [{'auth_system': 'facebook', 'constraint':[{'group': {'id': '123', 'name':'Fake Group'}}]}]
+ import settings
+ fb_enabled = 'facebook' in settings.AUTH_ENABLED_SYSTEMS
+ if not fb_enabled:
+ logging.error("'facebook' not enabled for auth, cannot its constraints.")
+ self.assertFalse(self.election.user_eligible_p(self.fb_user))
+ return
+
# without openreg, this should be false
self.assertFalse(self.election.user_eligible_p(self.fb_user))
diff --git a/helios_auth/__init__.py b/helios_auth/__init__.py
index 2c9c090a97a242a71b7d3d6c177dfa31d3016476..d5e23fa983fe0874f005481d1cddae929efde928 100644
--- a/helios_auth/__init__.py
+++ b/helios_auth/__init__.py
@@ -5,6 +5,6 @@ TEMPLATE_BASE = settings.AUTH_TEMPLATE_BASE or "helios_auth/templates/base.html"
# enabled auth systems
from . import auth_systems
-ENABLED_AUTH_SYSTEMS = settings.AUTH_ENABLED_AUTH_SYSTEMS or list(auth_systems.AUTH_SYSTEMS.keys())
-DEFAULT_AUTH_SYSTEM = settings.AUTH_DEFAULT_AUTH_SYSTEM or None
+ENABLED_AUTH_SYSTEMS = settings.AUTH_ENABLED_SYSTEMS or list(auth_systems.AUTH_SYSTEMS.keys())
+DEFAULT_AUTH_SYSTEM = settings.AUTH_DEFAULT_SYSTEM or None
diff --git a/helios_auth/auth_systems/__init__.py b/helios_auth/auth_systems/__init__.py
index 07ebaa867a322cdfeeb133a9713731b2f02a44fa..e9dc9763a371790a2574f199d4b341674135b8a2 100644
--- a/helios_auth/auth_systems/__init__.py
+++ b/helios_auth/auth_systems/__init__.py
@@ -1,8 +1,8 @@
from django.conf import settings
-_enabled = settings.AUTH_ENABLED_AUTH_SYSTEMS or None
+_enabled = settings.AUTH_ENABLED_SYSTEMS or None
def _is_enabled(system):
- return _enabled is not None or system in _enabled
+ return _enabled is None or system in _enabled
AUTH_SYSTEMS = {}
@@ -43,7 +43,7 @@ if _is_enabled('clever'):
#AUTH_SYSTEMS['live'] = live
def can_check_constraint(auth_system):
- return hasattr(AUTH_SYSTEMS[auth_system], 'check_constraint')
+ return auth_system in AUTH_SYSTEMS and hasattr(AUTH_SYSTEMS[auth_system], 'check_constraint')
def can_list_categories(auth_system):
- return hasattr(AUTH_SYSTEMS[auth_system], 'list_categories')
+ return auth_system in AUTH_SYSTEMS and hasattr(AUTH_SYSTEMS[auth_system], 'list_categories')
diff --git a/helios_auth/models.py b/helios_auth/models.py
index d4e3a3282ce220688b109da22fa018c667817125..15fa0253c7e16acc1200f61d0d527f2d01aa76fb 100644
--- a/helios_auth/models.py
+++ b/helios_auth/models.py
@@ -8,7 +8,7 @@ Ben Adida
"""
from django.db import models
-from .auth_systems import AUTH_SYSTEMS
+from .auth_systems import can_check_constraint, AUTH_SYSTEMS
from .jsonfield import JSONField
@@ -115,12 +115,12 @@ class User(models.Model):
# from here on we know we match the auth system, but do we match one of the constraints?
- auth_system = AUTH_SYSTEMS[self.user_type]
-
# does the auth system allow for checking a constraint?
- if not hasattr(auth_system, 'check_constraint'):
+ if not can_check_constraint(self.user_type):
return False
-
+
+ auth_system = AUTH_SYSTEMS[self.user_type]
+
for constraint in eligibility_case['constraint']:
# do we match on this constraint?
if auth_system.check_constraint(constraint=constraint, user = self):
diff --git a/helios_auth/urls.py b/helios_auth/urls.py
index 43f552dd808135eadfe1faa041cde7e95686596e..9fbc158f499f0df32cd3f31830990b537ed00f73 100644
--- a/helios_auth/urls.py
+++ b/helios_auth/urls.py
@@ -7,7 +7,7 @@ Ben Adida (ben@adida.net)
from django.conf.urls import url
-from settings import AUTH_ENABLED_AUTH_SYSTEMS
+from settings import AUTH_ENABLED_SYSTEMS
from . import views, url_names
urlpatterns = [
@@ -22,11 +22,11 @@ urlpatterns = [
]
# password auth
-if 'password' in AUTH_ENABLED_AUTH_SYSTEMS:
+if 'password' in AUTH_ENABLED_SYSTEMS:
from .auth_systems.password import urlpatterns as password_patterns
urlpatterns.extend(password_patterns)
# twitter
-if 'twitter' in AUTH_ENABLED_AUTH_SYSTEMS:
+if 'twitter' in AUTH_ENABLED_SYSTEMS:
from .auth_systems.twitter import urlpatterns as twitter_patterns
urlpatterns.extend(twitter_patterns)
diff --git a/settings.py b/settings.py
index 13b9069f694427b77490bda31e6d1b4e820f596c..c5bf2c235e33ce618d87a14af8b81ed7b6378d65 100644
--- a/settings.py
+++ b/settings.py
@@ -211,9 +211,11 @@ HELIOS_VOTERS_EMAIL = True
HELIOS_PRIVATE_DEFAULT = False
# authentication systems enabled
-#AUTH_ENABLED_AUTH_SYSTEMS = ['password','facebook','twitter', 'google', 'yahoo']
-AUTH_ENABLED_AUTH_SYSTEMS = get_from_env('AUTH_ENABLED_AUTH_SYSTEMS', 'google').split(",")
-AUTH_DEFAULT_AUTH_SYSTEM = get_from_env('AUTH_DEFAULT_AUTH_SYSTEM', None)
+# AUTH_ENABLED_SYSTEMS = ['password','facebook','twitter', 'google', 'yahoo']
+AUTH_ENABLED_SYSTEMS = get_from_env('AUTH_ENABLED_SYSTEMS',
+ get_from_env('AUTH_ENABLED_AUTH_SYSTEMS', 'password,google,facebook')
+ ).split(",")
+AUTH_DEFAULT_SYSTEM = get_from_env('AUTH_DEFAULT_SYSTEM', get_from_env('AUTH_DEFAULT_AUTH_SYSTEM', None))
# google
GOOGLE_CLIENT_ID = get_from_env('GOOGLE_CLIENT_ID', '')