Changeset - 389d02a5df52
Parent rev.
Child rev.
[Not reviewed]
beta
0 2 0
Marcin Kuzminski - 15 years ago 2010-11-27 15:50:25
marcin@python-works.com
Added isanonymous decorator for checking permissions for anonymous access
2 files changed with 45 insertions and 16 deletions:
rhodecode/controllers/admin/settings.py
18
15
rhodecode/lib/auth.py
27
1
0 comments (0 inline, 0 general)
rhodecode/controllers/admin/settings.py
Show inline comments
 
#!/usr/bin/env python
 
# encoding: utf-8
 
# settings controller for pylons
 
# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
 
#
 
# -*- coding: utf-8 -*-
 
"""
 
    package.rhodecode.controllers.admin.settings
 
    ~~~~~~~~~~~~~~
 
    settings controller for rhodecode admin
 
 
    :created_on: Jul 14, 2010
 
    :author: marcink
 
    :copyright: (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
 
    :license: GPLv3, see COPYING for more details.
 
"""
 
# This program is free software; you can redistribute it and/or
 
# modify it under the terms of the GNU General Public License
 
# as published by the Free Software Foundation; version 2
 
@@ -17,11 +23,7 @@
 
# along with this program; if not, write to the Free Software
 
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 
# MA  02110-1301, USA.
 
"""
 
Created on July 14, 2010
 
settings controller for pylons
 
@author: marcink
 
"""
 

			




	
	
	
		
 
from formencode import htmlfill

			




	
	
	
		
 
from pylons import request, session, tmpl_context as c, url, app_globals as g, \

			




	
	
	
		
 
    config

			




	
	
		
 
@@ -29,7 +31,7 @@ from pylons.controllers.util import abor

			




	
	
	
		
 
from pylons.i18n.translation import _

			




	
	
	
		
 
from rhodecode.lib import helpers as h

			




	
	
	
		
 
from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \

			




	
	
	
		
 
    HasPermissionAnyDecorator

			




	
	
	
		
 
    HasPermissionAnyDecorator, NotAnonymous

			




	
	
	
		
 
from rhodecode.lib.base import BaseController, render

			




	
	
	
		
 
from rhodecode.lib.celerylib import tasks, run_task

			




	
	
	
		
 
from rhodecode.lib.utils import repo2db_mapper, invalidate_cache, \

			




	
	
		
 
@@ -236,13 +238,13 @@ class SettingsController(BaseController)

			




	
	
	
		
 
        """GET /admin/settings/setting_id/edit: Form to edit an existing item"""

			




	
	
	
		
 
        # url('admin_edit_setting', setting_id=ID)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    @NotAnonymous()

			




	
	
	
		
 
    def my_account(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        GET /_admin/my_account Displays info about my account 

			




	
	
	
		
 
        """

			




	
	
	
		
 
        # url('admin_settings_my_account')

			




	
	
	
		
 

			




	
	
	
		
 
        # url('admin_settings_my_account')

			




	
	
	
		
 
        c.user = UserModel().get(c.rhodecode_user.user_id, cache=False)

			




	
	
	
		
 
        all_repos = self.sa.query(Repository)\

			




	
	
	
		
 
            .filter(Repository.user_id == c.user.user_id)\

			




	
	
		
 
@@ -280,7 +282,7 @@ class SettingsController(BaseController)

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            form_result = _form.to_python(dict(request.POST))

			




	
	
	
		
 
            user_model.update_my_account(uid, form_result)

			




	
	
	
		
 
            h.flash(_('Your account was updated succesfully'),

			




	
	
	
		
 
            h.flash(_('Your account was updated successfully'),

			




	
	
	
		
 
                    category='success')

			




	
	
	
		
 

			




	
	
	
		
 
        except formencode.Invalid, errors:

			




	
	
		
 
@@ -300,11 +302,12 @@ class SettingsController(BaseController)

			




	
	
	
		
 
                encoding="UTF-8")

			




	
	
	
		
 
        except Exception:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            h.flash(_('error occured during update of user %s') \

			




	
	
	
		
 
            h.flash(_('error occurred during update of user %s') \

			




	
	
	
		
 
                    % form_result.get('username'), category='error')

			




	
	
	
		
 

			




	
	
	
		
 
        return redirect(url('my_account'))

			




	
	
	
		
 

			




	
	
	
		
 
    @NotAnonymous()

			




	
	
	
		
 
    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

			




	
	
	
		
 
    def create_repository(self):

			




	
	
	
		
 
        """GET /_admin/create_repository: Form to create a new item"""

			




        

    


    
    

    

        

                

                    rhodecode/lib/auth.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -297,7 +297,8 @@ def get_user(session):

			




	
	
	
		
 
# CHECK DECORATORS

			




	
	
	
		
 
#===============================================================================

			




	
	
	
		
 
class LoginRequired(object):

			




	
	
	
		
 
    """Must be logged in to execute this function else redirect to login page"""

			




	
	
	
		
 
    """Must be logged in to execute this function else 

			




	
	
	
		
 
    redirect to login page"""

			




	
	
	
		
 

			




	
	
	
		
 
    def __call__(self, func):

			




	
	
	
		
 
        return decorator(self.__wrapper, func)

			




	
	
		
 
@@ -322,6 +323,31 @@ class LoginRequired(object):

			




	
	
	
		
 
            log.debug('redirecting to login page with %s', p)

			




	
	
	
		
 
            return redirect(url('login_home', came_from=p))

			




	
	
	
		
 

			




	
	
	
		
 
class NotAnonymous(object):

			




	
	
	
		
 
    """Must be logged in to execute this function else 

			




	
	
	
		
 
    redirect to login page"""

			




	
	
	
		
 

			




	
	
	
		
 
    def __call__(self, func):

			




	
	
	
		
 
        return decorator(self.__wrapper, func)

			




	
	
	
		
 

			




	
	
	
		
 
    def __wrapper(self, func, *fargs, **fkwargs):

			




	
	
	
		
 
        user = session.get('rhodecode_user', AuthUser())

			




	
	
	
		
 
        log.debug('Checking if user is not anonymous')

			




	
	
	
		
 

			




	
	
	
		
 
        anonymous = user.username == 'default'

			




	
	
	
		
 

			




	
	
	
		
 
        if anonymous:

			




	
	
	
		
 
            p = ''

			




	
	
	
		
 
            if request.environ.get('SCRIPT_NAME') != '/':

			




	
	
	
		
 
                p += request.environ.get('SCRIPT_NAME')

			




	
	
	
		
 

			




	
	
	
		
 
            p += request.environ.get('PATH_INFO')

			




	
	
	
		
 
            if request.environ.get('QUERY_STRING'):

			




	
	
	
		
 
                p += '?' + request.environ.get('QUERY_STRING')

			




	
	
	
		
 
            return redirect(url('login_home', came_from=p))

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            return func(*fargs, **fkwargs)

			




	
	
	
		
 

			




	
	
	
		
 
class PermsDecorator(object):

			




	
	
	
		
 
    """Base class for decorators"""

			




	
	
	
		
 

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.