3 files changed, 2 insertions, 35 deletions

diff --git a/libbe/command/html.py b/libbe/command/html.py
index 5186417..3dfeb75 100644
--- a/libbe/command/html.py
+++ b/libbe/command/html.py
@@ -794,7 +794,6 @@ class HTML (libbe.util.wsgi.ServerCommand):
             if option.name not in [
                 'read-only',
                 'notify',
-                'auth',
                 ]]
 
         self.options.extend([
@@ -854,7 +853,6 @@ class HTML (libbe.util.wsgi.ServerCommand):
         # provide defaults for the dropped options
         params['read-only'] = True
         params['notify'] = None
-        params['auth'] = None
         return super(HTML, self)._run(**params)
 
     def _get_app(self, logger, storage, index_file='', generation_time=None,
diff --git a/libbe/command/serve_commands.py b/libbe/command/serve_commands.py
index 30b4a69..c2a1be8 100644
--- a/libbe/command/serve_commands.py
+++ b/libbe/command/serve_commands.py
@@ -80,7 +80,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
 
     # handlers
     def run(self, environ, start_response):
-        self.check_login(environ)
         data = self.post_data(environ)
         source = 'post'
         try:
@@ -113,15 +112,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
     def _parse_post(self, post):
         return libbe.storage.util.mapfile.parse(post)
 
-    def check_login(self, environ):
-        user = environ.get('be-auth.user', None)
-        if user is not None:  # we're running under AuthenticationApp
-            if environ['REQUEST_METHOD'] == 'POST':
-                # TODO: better detection of commands requiring writes
-                if user == 'guest' or self.storage.is_writeable() == False:
-                    raise _Unauthorized() # only non-guests allowed to write
-            # allow read-only commands for all users
-
     def _notify(self, environ, command, id, params):
         message = self._format_notification(environ, command, id, params)
         self._submit_notification(message)
@@ -179,9 +169,8 @@ And in another terminal (or after backgrounding the server)::
     $ be --server http://localhost:8000/ list
 
 If you bind your server to a public interface, take a look at the
-``--read-only`` option or the combined ``--ssl --auth FILE``
-options so other people can't mess with your repository.  If you do use
-authentication, you'll need to send in your username and password::
+``--read-only`` option so other people can't mess with your
+repository.
 
     $ be --server http://username:password@localhost:8000/ list
 """
diff --git a/libbe/command/serve_storage.py b/libbe/command/serve_storage.py
index 086cb84..e32c5bc 100644
--- a/libbe/command/serve_storage.py
+++ b/libbe/command/serve_storage.py
@@ -95,7 +95,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
 
     # handlers
     def add(self, environ, start_response):
-        self.check_login(environ)
         data = self.post_data(environ)
         source = 'post'
         id = self.data_get_id(data, source=source)
@@ -110,7 +109,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, None)
 
     def exists(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         id = self.data_get_id(data, source=source)
@@ -120,7 +118,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, content)
 
     def remove(self, environ, start_response):
-        self.check_login(environ)
         data = self.post_data(environ)
         source = 'post'
         id = self.data_get_id(data, source=source)
@@ -135,7 +132,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, None)
 
     def ancestors(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         id = self.data_get_id(data, source=source)
@@ -145,7 +141,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, content)
 
     def children(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         id = self.data_get_id(data, default=None, source=source)
@@ -155,7 +150,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, content)
 
     def get(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         try:
@@ -170,7 +164,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
                                 headers=[('X-BE-Version', be_version)])
 
     def set(self, environ, start_response):
-        self.check_login(environ)
         data = self.post_data(environ)
         try:
             id = environ['be-server.url_args'][0]
@@ -185,7 +178,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, None)
 
     def commit(self, environ, start_response):
-        self.check_login(environ)
         data = self.post_data(environ)
         if not 'summary' in data:
             raise libbe.util.wsgi.HandlerError(
@@ -211,7 +203,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, revision)
 
     def revision_id(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         index = int(self.data_get_string(
@@ -221,7 +212,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, content)
 
     def changed(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         revision = self.data_get_string(
@@ -231,7 +221,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         return self.ok_response(environ, start_response, content)
 
     def version(self, environ, start_response):
-        self.check_login(environ)
         data = self.query_data(environ)
         source = 'query'
         revision = self.data_get_string(
@@ -239,15 +228,6 @@ class ServerApp (libbe.util.wsgi.WSGI_AppObject,
         content = self.storage.storage_version(revision)
         return self.ok_response(environ, start_response, content)
 
-    # handler utility functions
-    def check_login(self, environ):
-        user = environ.get('be-auth.user', None)
-        if user is not None:  # we're running under AuthenticationApp
-            if environ['REQUEST_METHOD'] == 'POST':
-                if user == 'guest' or self.storage.is_writeable() == False:
-                    raise _Unauthorized() # only non-guests allowed to write
-            # allow read-only commands for all users
-
     def _notify(self, environ, command, id, params):
         message = self._format_notification(environ, command, id, params)
         self._submit_notification(message)