hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-19 16:03:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

deprecate instead of remove @admin_only auth decorator

Browse Source 
no harm in keeping it around for a deprecation cycle
This commit is contained in:
Min RK
2021-10-25 13:00:43 +02:00
parent b2f0208fcc
commit 487c4524ad
1 changed files with 25 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
jupyterhub/utils.py
View File

@@ -292,6 +292,31 @@ def authenticated_403(self):
raise web.HTTPError(403) raise web.HTTPError(403)
def admin_only(f):
"""Deprecated!"""
# write it this way to trigger deprecation warning at decoration time,
# not on the method call
warnings.warn(
"""@jupyterhub.utils.admin_only is deprecated in JupyterHub 2.0.
Use the new `@jupyterhub.scopes.needs_scope` decorator to resolve permissions,
or check against `self.current_user.parsed_scopes`.
""",
DeprecationWarning,
stacklevel=2,
)
# the original decorator
@auth_decorator
def admin_only(self):
"""Decorator for restricting access to admin users"""
user = self.current_user
if user is None or not user.admin:
raise web.HTTPError(403)
return admin_only(f)
@auth_decorator @auth_decorator
def metrics_authentication(self): def metrics_authentication(self):
"""Decorator for restricting access to metrics""" """Decorator for restricting access to metrics"""