Files
@ 245b4e3abf39
Branch filter:
Location: kallithea/docs/usage/statistics.rst - annotation
245b4e3abf39
1.2 KiB
text/prs.fallenstein.rst
auth: add AuthUser.is_anonymous, along with some exposition
This reveals the name of the NotAnonymous decorator to be misleading,
an unfortunate detail only documented here, but which must be properly
resolved in a later changeset.
Note that NotAnonymous behaves as advertised as long as it is used
together with LoginRequired, which is always the case in the current
code, so there's no actual security issue here, the code is just weird,
hard to read and fragile.
---
Some thoughts on cleaning this up in a future changeset: As it turns
out, every controller (except the login page!) should be LoginRequired
decorated (since it doesn't actually block anonymous users, as long as
anonymous access is enabled in the Kallithea config). Thus the most
obvious solution would be to move the LoginRequired functionality into
BaseController (with an override for LoginController), and delete the
decorator entirely. However, LoginRequired does one other thing: it
carries information about whether API access is enabled for individual
controller methods ("@LoginRequired(api_key=True)"), and also performs
the check for this, something which is not easily moved into the base
controller class, since the base controller doesn't know which method is
about to be called. Possibly that can be determined by poking Pylons,
but such code is likely to break with the upcoming TurboGears 2 move.
Thus such cleanup is probably better revisited after the switch to TG2.
This reveals the name of the NotAnonymous decorator to be misleading,
an unfortunate detail only documented here, but which must be properly
resolved in a later changeset.
Note that NotAnonymous behaves as advertised as long as it is used
together with LoginRequired, which is always the case in the current
code, so there's no actual security issue here, the code is just weird,
hard to read and fragile.
---
Some thoughts on cleaning this up in a future changeset: As it turns
out, every controller (except the login page!) should be LoginRequired
decorated (since it doesn't actually block anonymous users, as long as
anonymous access is enabled in the Kallithea config). Thus the most
obvious solution would be to move the LoginRequired functionality into
BaseController (with an override for LoginController), and delete the
decorator entirely. However, LoginRequired does one other thing: it
carries information about whether API access is enabled for individual
controller methods ("@LoginRequired(api_key=True)"), and also performs
the check for this, something which is not easily moved into the base
controller class, since the base controller doesn't know which method is
about to be called. Possibly that can be determined by poking Pylons,
but such code is likely to break with the upcoming TurboGears 2 move.
Thus such cleanup is probably better revisited after the switch to TG2.
bbd499c7b55e bbd499c7b55e ac7e43325817 ac7e43325817 ac7e43325817 bbd499c7b55e 5ae8e644aa88 ac7e43325817 ac7e43325817 ac7e43325817 bbd499c7b55e ac7e43325817 ac7e43325817 ac7e43325817 ac7e43325817 ac7e43325817 bbd499c7b55e ac7e43325817 ac7e43325817 ac7e43325817 bbd499c7b55e ac7e43325817 ac7e43325817 ac7e43325817 bbd499c7b55e ac7e43325817 bbd499c7b55e ac7e43325817 ac7e43325817 ac7e43325817 ac7e43325817 | .. _statistics:
=====================
Repository statistics
=====================
Kallithea has a *repository statistics* feature, disabled by default. When
enabled, the amount of commits per committer is visualized in a timeline. This
feature can be enabled using the ``Enable statistics`` checkbox on the
repository ``Settings`` page.
The statistics system makes heavy demands on the server resources, so
in order to keep a balance between usability and performance, statistics are
cached inside the database and gathered incrementally.
When Celery is disabled:
On each first visit to the summary page a set of 250 commits are parsed and
added to the statistics cache. This incremental gathering also happens on each
visit to the statistics page, until all commits are fetched.
Statistics are kept cached until additional commits are added to the
repository. In such a case Kallithea will only fetch the new commits when
updating its statistics cache.
When Celery is enabled:
On the first visit to the summary page, Kallithea will create tasks that will
execute on Celery workers. These tasks will gather all of the statistics until
all commits are parsed. Each task parses 250 commits, then launches a new
task.
|