From 3f59d17a68341b1e1452bf4e238c0ea5802ee00e Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Tue, 17 Sep 2024 13:51:45 +0200
Subject: [PATCH] handle allow_all variation for JupyterHub 4/5

---
 ldapauthenticator/ldapauthenticator.py         | 18 +++++++++++++-----
 .../tests/test_ldapauthenticator.py            |  7 ++++++-
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/ldapauthenticator/ldapauthenticator.py b/ldapauthenticator/ldapauthenticator.py
index e010180..7326228 100644
--- a/ldapauthenticator/ldapauthenticator.py
+++ b/ldapauthenticator/ldapauthenticator.py
@@ -556,11 +556,19 @@ async def authenticate(self, handler, data):
         return {"name": username, "auth_state": auth_state}
 
     async def check_allowed(self, username, auth_model):
-        allowed = super().check_allowed(username, auth_model)
-        if isawaitable(allowed):
-            allowed = await allowed
-        if allowed is True:
-            return True
+        if not hasattr(self, "allow_all"):
+            # super for JupyterHub < 5
+            # default behavior: no allow config => allow all
+            if not self.allowed_users and not self.allowed_groups:
+                return True
+            if self.allowed_users and username in self.allowed_users:
+                return True
+        else:
+            allowed = super().check_allowed(username, auth_model)
+            if isawaitable(allowed):
+                allowed = await allowed
+            if allowed is True:
+                return True
         if self.allowed_groups:
             # check allowed groups
             in_groups = set((auth_model.get("auth_state") or {}).get("ldap_groups", []))
diff --git a/ldapauthenticator/tests/test_ldapauthenticator.py b/ldapauthenticator/tests/test_ldapauthenticator.py
index 9c037f3..254b259 100644
--- a/ldapauthenticator/tests/test_ldapauthenticator.py
+++ b/ldapauthenticator/tests/test_ldapauthenticator.py
@@ -153,7 +153,12 @@ async def test_allow_config(authenticator):
     )
     assert authorized is None
     # allow_all grants access
-    authenticator.allow_all = True
+    if hasattr(authenticator, "allow_all"):
+        authenticator.allow_all = True
+    else:
+        # clear allow config for JupyterHub < 5
+        authenticator.allowed_groups = []
+        authenticator.allowed_users = set()
     authorized = await authenticator.get_authenticated_user(
         None, {"username": "professor", "password": "professor"}
     )