kallithea Changeset - 1ae319cb41b1

Changeset - 1ae319cb41b1

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Anton Schur - 9 years ago 2017-04-06 15:55:55
tonich.sh@gmail.com

middleware: convert check_locking_state to be a separate function

Prepare for use with SSH.

3 files changed with 40 insertions and 40 deletions:

kallithea/lib/base.py

kallithea/lib/middleware/simplegit.py

kallithea/lib/middleware/simplehg.py

0 comments (0 inline, 0 general)

kallithea/lib/base.py

➞

Show inline comments

@@ @@ -127,48 +127,84 @@ def log_in_user(user, remember, is_exter @@
     assert not auth_user.is_default_user
     auth_user.is_authenticated = True
     # Start new session to prevent session fixation attacks.
     session.invalidate()
     session['authuser'] = cookie = auth_user.to_cookie()
     # If they want to be remembered, update the cookie.
     # NOTE: Assumes that beaker defaults to browser session cookie.
     if remember:
         t = datetime.datetime.now() + datetime.timedelta(days=365)
         session._set_cookie_expires(t)
     session.save()
     log.info('user %s is now authenticated and stored in '
              'session, session attrs %s', user.username, cookie)
     # dumps session attrs back to cookie
     session._update_cookie_out()
     return auth_user
 def check_locking_state(action, repo_name, user):
     """
     Checks locking on this repository, if locking is enabled, and if lock
     is present. Returns a tuple of make_lock, locked, locked_by. make_lock
     can have 3 states: None (do nothing), True (make lock), and False
     (release lock). This value is later propagated to hooks, telling them
     what to do.
     """
     locked = False  # defines that locked error should be thrown to user
     make_lock = None
     repo = Repository.get_by_repo_name(repo_name)
     locked_by = repo.locked
     if repo and repo.enable_locking:
         if action == 'push':
             # Check if repo already is locked !, if it is compare users
             user_id, _date = locked_by
             if user.user_id == user_id:
                 log.debug('Got push from user %s, now unlocking', user)
                 # Unlock if we have push from the user who locked
                 make_lock = False
             else:
                 # Another used tried to push - deny access with something like 423 Locked!
                 locked = True
         if action == 'pull':
             if repo.locked[0] and repo.locked[1]:
                 locked = True
             else:
                 log.debug('Setting lock on repo %s by %s', repo, user)
                 make_lock = True
     else:
         log.debug('Repository %s does not have locking enabled', repo)
     log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
               make_lock, locked, locked_by)
     return make_lock, locked, locked_by
 class BasicAuth(paste.auth.basic.AuthBasicAuthenticator):
     def __init__(self, realm, authfunc, auth_http_code=None):
         self.realm = realm
         self.authfunc = authfunc
         self._rc_auth_http_code = auth_http_code
     def build_authentication(self):
         head = paste.httpheaders.WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
         if self._rc_auth_http_code and self._rc_auth_http_code == '403':
             # return 403 if alternative http return code is specified in
             # Kallithea config
             return paste.httpexceptions.HTTPForbidden(headers=head)
         return paste.httpexceptions.HTTPUnauthorized(headers=head)
     def authenticate(self, environ):
         authorization = paste.httpheaders.AUTHORIZATION(environ)
         if not authorization:
             return self.build_authentication()
         (authmeth, auth) = authorization.split(' ', 1)
         if 'basic' != authmeth.lower():
             return self.build_authentication()
         auth = auth.strip().decode('base64')
         _parts = auth.split(':', 1)
@@ @@ -303,84 +339,48 @@ class BaseVCSController(object): @@
         if ip_allowed:
             log.info('Access for IP:%s allowed', ip_addr)
         else:
             return False
         if action == 'push':
             if not HasPermissionAnyMiddleware('repository.write',
                                               'repository.admin')(user,
                                                                   repo_name):
                 return False
         else:
             #any other action need at least read permission
             if not HasPermissionAnyMiddleware('repository.read',
                                               'repository.write',
                                               'repository.admin')(user,
                                                                   repo_name):
                 return False
         return True
     def _get_ip_addr(self, environ):
         return _get_ip_addr(environ)
     def _check_locking_state(self, action, repo_name, user):
         """
         Checks locking on this repository, if locking is enabled, and if lock
         is present. Returns a tuple of make_lock, locked, locked_by. make_lock
         can have 3 states: None (do nothing), True (make lock), and False
         (release lock). This value is later propagated to hooks, telling them
         what to do.
         """
         locked = False  # defines that locked error should be thrown to user
         make_lock = None
         repo = Repository.get_by_repo_name(repo_name)
         locked_by = repo.locked
         if repo and repo.enable_locking:
             if action == 'push':
                 # Check if repo already is locked !, if it is compare users
                 user_id, _date = locked_by
                 if user.user_id == user_id:
                     log.debug('Got push from user %s, now unlocking', user)
                     # Unlock if we have push from the user who locked
                     make_lock = False
                 else:
                     # Another used tried to push - deny access with something like 423 Locked!
                     locked = True
             if action == 'pull':
                 if repo.locked[0] and repo.locked[1]:
                     locked = True
                 else:
                     log.debug('Setting lock on repo %s by %s', repo, user)
                     make_lock = True
         else:
             log.debug('Repository %s does not have locking enabled', repo)
         log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
                   make_lock, locked, locked_by)
         return make_lock, locked, locked_by
     def __call__(self, environ, start_response):
         start = time.time()
         try:
             return self._handle_request(environ, start_response)
         finally:
             log = logging.getLogger('kallithea.' + self.__class__.__name__)
             log.debug('Request time: %.3fs', time.time() - start)
             meta.Session.remove()
 class BaseController(TGController):
     def _before(self, *args, **kwargs):
         """
         _before is called before controller methods and after __call__
         """
         c.kallithea_version = __version__
         rc_config = Setting.get_app_settings()
         # Visual options
         c.visual = AttributeDict({})
         ## DB stored
         c.visual.show_public_icon = str2bool(rc_config.get('show_public_icon'))

kallithea/lib/middleware/simplegit.py

➞

Show inline comments

@@ @@ -19,49 +19,49 @@ SimpleGit middleware for handling git pr @@
 It's implemented with basic auth function
 This file was forked by the Kallithea project in July 2014.
 Original author and date, and relevant copyright and licensing information is below:
 :created_on: Apr 28, 2010
 :author: marcink
 :copyright: (c) 2013 RhodeCode GmbH, and others.
 :license: GPLv3, see LICENSE.md for more details.
 """
 import os
 import re
 import logging
 import traceback
 from paste.httpheaders import REMOTE_USER, AUTH_TYPE
 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
     HTTPNotAcceptable
 from kallithea.model.db import Ui
 from kallithea.lib.utils2 import safe_str, safe_unicode, fix_PATH, get_server_url, \
     _set_extras
 from kallithea.lib.base import BaseVCSController, WSGIResultCloseCallback
+from kallithea.lib.base import BaseVCSController, WSGIResultCloseCallback, check_locking_state
 from kallithea.lib.utils import make_ui, is_valid_repo
 from kallithea.lib.exceptions import HTTPLockedRC
 from kallithea.lib.hooks import pre_pull
 from kallithea.lib import auth_modules
 log = logging.getLogger(__name__)
 GIT_PROTO_PAT = re.compile(r'^/(.+)/(info/refs|git-upload-pack|git-receive-pack)')
 def is_git(environ):
     path_info = environ['PATH_INFO']
     isgit_path = GIT_PROTO_PAT.match(path_info)
     log.debug('pathinfo: %s detected as Git %s',
         path_info, isgit_path is not None
+    )
     return isgit_path
 class SimpleGit(BaseVCSController):
     def _handle_request(self, environ, start_response):
         if not is_git(environ):
@@ @@ -103,49 +103,49 @@ class SimpleGit(BaseVCSController): @@
         # in hooks executed by kallithea
         from kallithea import CONFIG
         server_url = get_server_url(environ)
         extras = {
             'ip': ip_addr,
             'username': user.username,
             'action': action,
             'repository': repo_name,
             'scm': 'git',
             'config': CONFIG['__file__'],
             'server_url': server_url,
             'make_lock': None,
             'locked_by': [None, None]
+        }
         #===================================================================
         # GIT REQUEST HANDLING
         #===================================================================
         repo_path = os.path.join(safe_str(self.basepath),str_repo_name)
         log.debug('Repository path is %s', repo_path)
         # CHECK LOCKING only if it's not ANONYMOUS USER
         if not user.is_default_user:
             log.debug('Checking locking on repository')
-            make_lock, locked, locked_by = self._check_locking_state(action, repo_name, user)
+            make_lock, locked, locked_by = check_locking_state(action, repo_name, user)
             # store the make_lock for later evaluation in hooks
             extras.update({'make_lock': make_lock,
                            'locked_by': locked_by})
         fix_PATH()
         log.debug('HOOKS extras is %s', extras)
         baseui = make_ui('db')
         self.__inject_extras(repo_path, baseui, extras)
         try:
             self._handle_githooks(repo_name, action, baseui, environ)
             log.info('%s action on Git repo "%s" by "%s" from %s',
                      action, str_repo_name, safe_str(user.username), ip_addr)
             app = self.__make_app(repo_name, repo_path, extras)
             result = app(environ, start_response)
             if action == 'push':
                 result = WSGIResultCloseCallback(result,
                     lambda: self._invalidate_cache(repo_name))
             return result
         except HTTPLockedRC as e:
             log.debug('Locked, response %s: %s', e.code, e.title)
             return e(environ, start_response)
         except Exception:
             log.error(traceback.format_exc())

kallithea/lib/middleware/simplehg.py

➞

Show inline comments

@@ @@ -16,49 +16,49 @@ kallithea.lib.middleware.simplehg @@
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 SimpleHg middleware for handling mercurial protocol request
 (push/clone etc.). It's implemented with basic auth function
 This file was forked by the Kallithea project in July 2014.
 Original author and date, and relevant copyright and licensing information is below:
 :created_on: Apr 28, 2010
 :author: marcink
 :copyright: (c) 2013 RhodeCode GmbH, and others.
 :license: GPLv3, see LICENSE.md for more details.
 """
 import os
 import logging
 import traceback
 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
     HTTPNotAcceptable, HTTPBadRequest
 from kallithea.lib.utils2 import safe_str, safe_unicode, fix_PATH, get_server_url, \
     _set_extras
 from kallithea.lib.base import BaseVCSController, WSGIResultCloseCallback
+from kallithea.lib.base import BaseVCSController, WSGIResultCloseCallback, check_locking_state
 from kallithea.lib.utils import make_ui, is_valid_repo, ui_sections
 from kallithea.lib.vcs.utils.hgcompat import RepoError, hgweb_mod
 from kallithea.lib.exceptions import HTTPLockedRC
 log = logging.getLogger(__name__)
 def is_mercurial(environ):
     """
     Returns True if request's target is mercurial server - header
     ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``.
     """
     http_accept = environ.get('HTTP_ACCEPT')
     path_info = environ['PATH_INFO']
     if http_accept and http_accept.startswith('application/mercurial'):
         ishg_path = True
     else:
         ishg_path = False
     log.debug('pathinfo: %s detected as Mercurial %s',
         path_info, ishg_path
+    )
     return ishg_path
@@ @@ -112,49 +112,49 @@ class SimpleHg(BaseVCSController): @@
             'ip': ip_addr,
             'username': user.username,
             'action': action,
             'repository': repo_name,
             'scm': 'hg',
             'config': CONFIG['__file__'],
             'server_url': server_url,
             'make_lock': None,
             'locked_by': [None, None]
+        }
         #======================================================================
         # MERCURIAL REQUEST HANDLING
         #======================================================================
         repo_path = os.path.join(safe_str(self.basepath), str_repo_name)
         log.debug('Repository path is %s', repo_path)
         # A Mercurial HTTP server will see listkeys operations (bookmarks,
         # phases and obsolescence marker) in a different request - we don't
         # want to check locking on those
         if environ['QUERY_STRING'] == 'cmd=listkeys':
             pass
         # CHECK LOCKING only if it's not ANONYMOUS USER
         elif not user.is_default_user:
             log.debug('Checking locking on repository')
-            make_lock, locked, locked_by = self._check_locking_state(action, repo_name, user)
+            make_lock, locked, locked_by = check_locking_state(action, repo_name, user)
             # store the make_lock for later evaluation in hooks
             extras.update({'make_lock': make_lock,
                            'locked_by': locked_by})
         fix_PATH()
         log.debug('HOOKS extras is %s', extras)
         baseui = make_ui('db')
         self.__inject_extras(repo_path, baseui, extras)
         try:
             log.info('%s action on Mercurial repo "%s" by "%s" from %s',
                      action, str_repo_name, safe_str(user.username), ip_addr)
             app = self.__make_app(repo_path, baseui, extras)
             result = app(environ, start_response)
             if action == 'push':
                 result = WSGIResultCloseCallback(result,
                     lambda: self._invalidate_cache(repo_name))
             return result
         except RepoError as e:
             if str(e).find('not found') != -1:
                 return HTTPNotFound()(environ, start_response)
         except HTTPLockedRC as e:
             # Before Mercurial 3.6, lock exceptions were caught here
             log.debug('Locked, response %s: %s', e.code, e.title)

0 comments (0 inline, 0 general)