Connexion CAS / non CAS: correctif

app/auth/models.py

@@ -180,7 +180,7 @@ class User(UserMixin, ScoDocModel):
 
     def set_password(self, password):
         "Set password"
-        current_app.logger.info(f"set_password({self})")
+        log(f"set_password({self})")
         if password:
             self.password_hash = generate_password_hash(password)
         else:
@@ -213,10 +213,21 @@ class User(UserMixin, ScoDocModel):
 
         # if CAS activated and cas_id, allow only super-user and users with cas_allow_scodoc_login
         cas_enabled = ScoDocSiteConfig.is_cas_enabled()
-        if cas_enabled:
-            if ScoDocSiteConfig.get("cas_force") and not self.is_administrator():
-                return False  # si CAS forcé, n'accepte que super-admin
-            if self.cas_id and not self.cas_allow_scodoc_login:
+        if cas_enabled and not self.is_administrator():
+            if not self.cas_allow_scodoc_login:
+                # CAS activé et compte non autorisé à se logguer sur ScoDoc
+                log(
+                    f"""auth: login attempt for user {self.user_name}: scodoc login not allowed
+                    """
+                )
+                return False
+            # si CAS activé et forcé et cas_id renseigné, on ne peut pas se logguer
+            if self.cas_id and ScoDocSiteConfig.get("cas_force"):
+                log(
+                    f"""auth: login attempt for user {self.user_name
+                        } (cas_id='{
+                        self.cas_id}'): cas forced and cas_id set: scodoc login not allowed"""
+                )
                 return False
 
         if not self.password_hash:  # user without password can't login

sco_version.py

@@ -3,7 +3,7 @@
 
 "Infos sur version ScoDoc"
 
-SCOVERSION = "9.7.41"
+SCOVERSION = "9.7.42"
 
 SCONAME = "ScoDoc"