kallithea Changeset - 3e84ac8ed579

Changeset - 3e84ac8ed579

Parent rev.

Child rev.

[Not reviewed]

default

0 7 1

Christian Oyarzun - 11 years ago 2014-11-17 20:42:45
oyarzun@gmail.com

ssh: admin management of ssh keys

Based on work by Ilya Beda <ir4y.ix@gmail.com> on
https://bitbucket.org/ir4y/rhodecode/commits/branch/ssh_server_support .
Bootstrap support, updates for POST methods, and tests by Anton Schur
<tonich.sh@gmail.com>.
Additional Bootstrap fixes by Dominik Ruf.
Also heavily modified by Mads Kiilerich.

8 files changed with 161 insertions and 3 deletions:

CONTRIBUTORS

kallithea/config/routing.py

kallithea/controllers/admin/users.py

kallithea/templates/about.html

kallithea/templates/admin/users/user_edit.html

kallithea/templates/admin/users/user_edit_ssh_keys.html

kallithea/tests/functional/test_admin_users.py

scripts/contributor_data.py

0 comments (0 inline, 0 general)

CONTRIBUTORS

➞

Show inline comments

@@ @@ -4,143 +4,144 @@ List of contributors to Kallithea projec @@
     Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> 2014-2019
     Étienne Gilli <etienne.gilli@gmail.com> 2015-2017 2019
     Mads Kiilerich <mads@kiilerich.com> 2016-2019
     Allan Nordhøy <epost@anotheragency.no> 2017-2019
     ssantos <ssantos@web.de> 2018-2019
     Danni Randeris <danniranderis@gmail.com> 2019
     Edmund Wong <ewong@crazy-cat.org> 2019
     Manuel Jacob <me@manueljacob.de> 2019
     Wolfgang Scherer <wolfgang.scherer@gmx.de> 2019
     Dominik Ruf <dominikruf@gmail.com> 2012 2014-2018
     Michal Čihař <michal@cihar.com> 2014-2015 2018
     Branko Majic <branko@majic.rs> 2015 2018
     Chris Rule <crule@aegistg.com> 2018
     Jesús Sánchez <jsanchezfdz95@gmail.com> 2018
     Patrick Vane <patrick_vane@lowentry.com> 2018
     Pheng Heong Tan <phtan90@gmail.com> 2018
     Максим Якимчук <xpinovo@gmail.com> 2018
     Марс Ямбар <mjambarmeta@gmail.com> 2018
     Mads Kiilerich <madski@unity3d.com> 2012-2017
     Unity Technologies 2012-2017
     Søren Løvborg <sorenl@unity3d.com> 2015-2017
     Sam Jaques <sam.jaques@me.com> 2015 2017
     Asterios Dimitriou <steve@pci.gr> 2016-2017
     Alessandro Molina <alessandro.molina@axant.it> 2017
     Anton Schur <tonich.sh@gmail.com> 2017
     Ching-Chen Mao <mao@lins.fju.edu.tw> 2017
     Eivind Tagseth <eivindt@gmail.com> 2017
     FUJIWARA Katsunori <foozy@lares.dti.ne.jp> 2017
     Holger Schramm <info@schramm.by> 2017
     Karl Goetz <karl@kgoetz.id.au> 2017
     Lars Kruse <devel@sumpfralle.de> 2017
     Marko Semet <markosemet@googlemail.com> 2017
     Viktar Vauchkevich <victorenator@gmail.com> 2017
     Takumi IINO <trot.thunder@gmail.com> 2012-2016
     Jan Heylen <heyleke@gmail.com> 2015-2016
     Robert Martinez <ntttq@inboxen.org> 2015-2016
     Robert Rauch <mail@robertrauch.de> 2015-2016
     Angel Ezquerra <angel.ezquerra@gmail.com> 2016
     Anton Shestakov <av6@dwimlabs.net> 2016
     Brandon Jones <bjones14@gmail.com> 2016
     Kateryna Musina <kateryna@unity3d.com> 2016
     Konstantin Veretennicov <kveretennicov@gmail.com> 2016
     Oscar Curero <oscar@naiandei.net> 2016
     Robert James Dennington <tinytimrob@googlemail.com> 2016
     timeless@gmail.com 2016
     YFdyh000 <yfdyh000@gmail.com> 2016
     Aras Pranckevičius <aras@unity3d.com> 2012-2013 2015
     Sean Farley <sean.michael.farley@gmail.com> 2013-2015
     Christian Oyarzun <oyarzun@gmail.com> 2014-2015
     Joseph Rivera <rivera.d.joseph@gmail.com> 2014-2015
     Anatoly Bubenkov <bubenkoff@gmail.com> 2015
     Andrew Bartlett <abartlet@catalyst.net.nz> 2015
     Balázs Úr <urbalazs@gmail.com> 2015
     Ben Finney <ben@benfinney.id.au> 2015
     Daniel Hobley <danielh@unity3d.com> 2015
     David Avigni <david.avigni@ankapi.com> 2015
     Denis Blanchette <dblanchette@coveo.com> 2015
     duanhongyi <duanhongyi@doopai.com> 2015
     EriCSN Chang <ericsning@gmail.com> 2015
     Grzegorz Krason <grzegorz.krason@gmail.com> 2015
     Jiří Suchan <yed@vanyli.net> 2015
     Kazunari Kobayashi <kobanari@nifty.com> 2015
     Kevin Bullock <kbullock@ringworld.org> 2015
     kobanari <kobanari@nifty.com> 2015
     Marc Abramowitz <marc@marc-abramowitz.com> 2015
     Marc Villetard <marc.villetard@gmail.com> 2015
     Matthias Zilk <matthias.zilk@gmail.com> 2015
     Michael Pohl <michael@mipapo.de> 2015
     Michael V. DePalatis <mike@depalatis.net> 2015
     Morten Skaaning <mortens@unity3d.com> 2015
     Nick High <nick@silverchip.org> 2015
     Niemand Jedermann <predatorix@web.de> 2015
     Peter Vitt <petervitt@web.de> 2015
     Ronny Pfannschmidt <opensource@ronnypfannschmidt.de> 2015
     Tuux <tuxa@galaxie.eu.org> 2015
     Viktar Palstsiuk <vipals@gmail.com> 2015
     Ante Ilic <ante@unity3d.com> 2014
     Bradley M. Kuhn <bkuhn@sfconservancy.org> 2014
     Calinou <calinou@opmbx.org> 2014
     Daniel Anderson <daniel@dattrix.com> 2014
     Henrik Stuart <hg@hstuart.dk> 2014
     Ingo von Borstel <kallithea@planetmaker.de> 2014
     Jelmer Vernooĳ <jelmer@samba.org> 2014
     Jim Hague <jim.hague@acm.org> 2014
     Matt Fellows <kallithea@matt-fellows.me.uk> 2014
     Max Roman <max@choloclos.se> 2014
     Na'Tosha Bard <natosha@unity3d.com> 2014
     Rasmus Selsmark <rasmuss@unity3d.com> 2014
     Tim Freund <tim@freunds.net> 2014
     Travis Burtrum <android@moparisthebest.com> 2014
     Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com> 2014
     Marcin Kuźmiński <marcin@python-works.com> 2010-2013
     xpol <xpolife@gmail.com> 2012-2013
     Aparkar <aparkar@icloud.com> 2013
     Dennis Brakhane <brakhane@googlemail.com> 2013
     Grzegorz Rożniecki <xaerxess@gmail.com> 2013
     Ilya Beda <ir4y.ix@gmail.com> 2013
     Jonathan Sternberg <jonathansternberg@gmail.com> 2013
     Leonardo Carneiro <leonardo@unity3d.com> 2013
     Magnus Ericmats <magnus.ericmats@gmail.com> 2013
     Martin Vium <martinv@unity3d.com> 2013
     Simon Lopez <simon.lopez@slopez.org> 2013
     Ton Plomp <tcplomp@gmail.com> 2013
     Augusto Herrmann <augusto.herrmann@planejamento.gov.br> 2011-2012
     Dan Sheridan <djs@adelard.com> 2012
     Dies Koper <diesk@fast.au.fujitsu.com> 2012
     Erwin Kroon <e.kroon@smartmetersolutions.nl> 2012
     H Waldo G <gwaldo@gmail.com> 2012
     hppj <hppj@postmage.biz> 2012
     Indra Talip <indra.talip@gmail.com> 2012
     mikespook 2012
     nansenat16 <nansenat16@null.tw> 2012
     Philip Jameson <philip.j@hostdime.com> 2012
     Raoul Thill <raoul.thill@gmail.com> 2012
     Stefan Engel <mail@engel-stefan.de> 2012
     Tony Bussieres <t.bussieres@gmail.com> 2012
     Vincent Caron <vcaron@bearstech.com> 2012
     Vincent Duvert <vincent@duvert.net> 2012
     Vladislav Poluhin <nuklea@gmail.com> 2012
     Zachary Auclair <zach101@gmail.com> 2012
     Ankit Solanki <ankit.solanki@gmail.com> 2011
     Dmitri Kuznetsov 2011
     Jared Bunting <jared.bunting@peachjean.com> 2011
     Jason Harris <jason@jasonfharris.com> 2011
     Les Peabody <lpeabody@gmail.com> 2011
     Liad Shani <liadff@gmail.com> 2011
     Lorenzo M. Catucci <lorenzo@sancho.ccd.uniroma2.it> 2011
     Matt Zuba <matt.zuba@goodwillaz.org> 2011
     Nicolas VINOT <aeris@imirhil.fr> 2011
     Shawn K. O'Shea <shawn@eth0.net> 2011
     Thayne Harbaugh <thayne@fusionio.com> 2011
     Łukasz Balcerzak <lukaszbalcerzak@gmail.com> 2010
     Andrew Kesterson <andrew@aklabs.net>
     cejones
     David A. Sjøen <david.sjoen@westcon.no>
     James Rhodes <jrhodes@redpointsoftware.com.au>
     Jonas Oberschweiber <jonas.oberschweiber@d-velop.de>
     larikale
     RhodeCode GmbH
     Sebastian Kreutzberger <sebastian@rhodecode.com>
     Steve Romanow <slestak989@gmail.com>
     SteveCohen
     Thomas <thomas@rhodecode.com>
     Thomas Waldmann <tw-public@gmx.de>

kallithea/config/routing.py

➞

Show inline comments

@@ @@ -90,192 +90,199 @@ def make_map(config): @@
     rmap.redirect('/favicon.ico', '/images/favicon.ico')
     rmap.connect('repo_switcher_data', '/_repos', controller='home',
                  action='repo_switcher_data')
     rmap.connect('users_and_groups_data', '/_users_and_groups', controller='home',
                  action='users_and_groups_data')
     rmap.connect('rst_help',
                  "http://docutils.sourceforge.net/docs/user/rst/quickref.html",
                  _static=True)
     rmap.connect('kallithea_project_url', "https://kallithea-scm.org/", _static=True)
     rmap.connect('issues_url', 'https://bitbucket.org/conservancy/kallithea/issues', _static=True)
     # ADMIN REPOSITORY ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/repos') as m:
         m.connect("repos", "/repos",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("repos", "/repos",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_repo", "/create_repository",
                   action="create_repository", conditions=dict(method=["GET"]))
         m.connect("update_repo", "/repos/{repo_name:.*?}",
                   action="update", conditions=dict(method=["POST"],
                   function=check_repo))
         m.connect("delete_repo", "/repos/{repo_name:.*?}/delete",
                   action="delete", conditions=dict(method=["POST"]))
     # ADMIN REPOSITORY GROUPS ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/repo_groups') as m:
         m.connect("repos_groups", "/repo_groups",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("repos_groups", "/repo_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_repos_group", "/repo_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_repos_group", "/repo_groups/{group_name:.*?}",
                   action="update", conditions=dict(method=["POST"],
                                                    function=check_group))
         m.connect("repos_group", "/repo_groups/{group_name:.*?}",
                   action="show", conditions=dict(method=["GET"],
                                                  function=check_group))
         # EXTRAS REPO GROUP ROUTES
         m.connect("edit_repo_group", "/repo_groups/{group_name:.*?}/edit",
                   action="edit",
                   conditions=dict(method=["GET"], function=check_group))
         m.connect("edit_repo_group_advanced", "/repo_groups/{group_name:.*?}/edit/advanced",
                   action="edit_repo_group_advanced",
                   conditions=dict(method=["GET"], function=check_group))
         m.connect("edit_repo_group_perms", "/repo_groups/{group_name:.*?}/edit/permissions",
                   action="edit_repo_group_perms",
                   conditions=dict(method=["GET"], function=check_group))
         m.connect("edit_repo_group_perms_update", "/repo_groups/{group_name:.*?}/edit/permissions",
                   action="update_perms",
                   conditions=dict(method=["POST"], function=check_group))
         m.connect("edit_repo_group_perms_delete", "/repo_groups/{group_name:.*?}/edit/permissions/delete",
                   action="delete_perms",
                   conditions=dict(method=["POST"], function=check_group))
         m.connect("delete_repo_group", "/repo_groups/{group_name:.*?}/delete",
                   action="delete", conditions=dict(method=["POST"],
                                                    function=check_group_skip_path))
     # ADMIN USER ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users') as m:
         m.connect("new_user", "/users/new",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users", "/users",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users", "/users.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_user", "/users/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_user", "/users/{id}",
                   action="update", conditions=dict(method=["POST"]))
         m.connect("delete_user", "/users/{id}/delete",
                   action="delete", conditions=dict(method=["POST"]))
         m.connect("edit_user", "/users/{id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         # EXTRAS USER ROUTES
         m.connect("edit_user_advanced", "/users/{id}/edit/advanced",
                   action="edit_advanced", conditions=dict(method=["GET"]))
         m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",
                   action="edit_api_keys", conditions=dict(method=["GET"]))
         m.connect("edit_user_api_keys_update", "/users/{id}/edit/api_keys",
                   action="add_api_key", conditions=dict(method=["POST"]))
         m.connect("edit_user_api_keys_delete", "/users/{id}/edit/api_keys/delete",
                   action="delete_api_key", conditions=dict(method=["POST"]))
         m.connect("edit_user_ssh_keys", "/users/{id}/edit/ssh_keys",
                   action="edit_ssh_keys", conditions=dict(method=["GET"]))
         m.connect("edit_user_ssh_keys", "/users/{id}/edit/ssh_keys",
                   action="ssh_keys_add", conditions=dict(method=["POST"]))
         m.connect("edit_user_ssh_keys_delete", "/users/{id}/edit/ssh_keys/delete",
                   action="ssh_keys_delete", conditions=dict(method=["POST"]))
         m.connect("edit_user_perms", "/users/{id}/edit/permissions",
                   action="edit_perms", conditions=dict(method=["GET"]))
         m.connect("edit_user_perms_update", "/users/{id}/edit/permissions",
                   action="update_perms", conditions=dict(method=["POST"]))
         m.connect("edit_user_emails", "/users/{id}/edit/emails",
                   action="edit_emails", conditions=dict(method=["GET"]))
         m.connect("edit_user_emails_update", "/users/{id}/edit/emails",
                   action="add_email", conditions=dict(method=["POST"]))
         m.connect("edit_user_emails_delete", "/users/{id}/edit/emails/delete",
                   action="delete_email", conditions=dict(method=["POST"]))
         m.connect("edit_user_ips", "/users/{id}/edit/ips",
                   action="edit_ips", conditions=dict(method=["GET"]))
         m.connect("edit_user_ips_update", "/users/{id}/edit/ips",
                   action="add_ip", conditions=dict(method=["POST"]))
         m.connect("edit_user_ips_delete", "/users/{id}/edit/ips/delete",
                   action="delete_ip", conditions=dict(method=["POST"]))
     # ADMIN USER GROUPS REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/user_groups') as m:
         m.connect("users_groups", "/user_groups",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users_groups", "/user_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_users_group", "/user_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_users_group", "/user_groups/{id}",
                   action="update", conditions=dict(method=["POST"]))
         m.connect("delete_users_group", "/user_groups/{id}/delete",
                   action="delete", conditions=dict(method=["POST"]))
         m.connect("edit_users_group", "/user_groups/{id}/edit",
                   action="edit", conditions=dict(method=["GET"]),
                   function=check_user_group)
         # EXTRAS USER GROUP ROUTES
         m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",
                   action="edit_default_perms", conditions=dict(method=["GET"]))
         m.connect("edit_user_group_default_perms_update", "/user_groups/{id}/edit/default_perms",
                   action="update_default_perms", conditions=dict(method=["POST"]))
         m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",
                   action="edit_perms", conditions=dict(method=["GET"]))
         m.connect("edit_user_group_perms_update", "/user_groups/{id}/edit/perms",
                   action="update_perms", conditions=dict(method=["POST"]))
         m.connect("edit_user_group_perms_delete", "/user_groups/{id}/edit/perms/delete",
                   action="delete_perms", conditions=dict(method=["POST"]))
         m.connect("edit_user_group_advanced", "/user_groups/{id}/edit/advanced",
                   action="edit_advanced", conditions=dict(method=["GET"]))
         m.connect("edit_user_group_members", "/user_groups/{id}/edit/members",
                   action="edit_members", conditions=dict(method=["GET"]))
     # ADMIN PERMISSIONS ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/permissions') as m:
         m.connect("admin_permissions", "/permissions",
                   action="permission_globals", conditions=dict(method=["POST"]))
         m.connect("admin_permissions", "/permissions",
                   action="permission_globals", conditions=dict(method=["GET"]))
         m.connect("admin_permissions_ips", "/permissions/ips",
                   action="permission_ips", conditions=dict(method=["GET"]))
         m.connect("admin_permissions_perms", "/permissions/perms",
                   action="permission_perms", conditions=dict(method=["GET"]))
     # ADMIN DEFAULTS ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/defaults') as m:
         m.connect('defaults', 'defaults',
                   action="index")
         m.connect('defaults_update', 'defaults/{id}/update',
                   action="update", conditions=dict(method=["POST"]))
     # ADMIN AUTH SETTINGS
     rmap.connect('auth_settings', '%s/auth' % ADMIN_PREFIX,
                  controller='admin/auth_settings', action='auth_settings',
                  conditions=dict(method=["POST"]))
     rmap.connect('auth_home', '%s/auth' % ADMIN_PREFIX,
                  controller='admin/auth_settings')
     # ADMIN SETTINGS ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/settings') as m:
         m.connect("admin_settings", "/settings",
                   action="settings_vcs", conditions=dict(method=["POST"]))
         m.connect("admin_settings", "/settings",
                   action="settings_vcs", conditions=dict(method=["GET"]))
         m.connect("admin_settings_mapping", "/settings/mapping",
                   action="settings_mapping", conditions=dict(method=["POST"]))
         m.connect("admin_settings_mapping", "/settings/mapping",
                   action="settings_mapping", conditions=dict(method=["GET"]))

kallithea/controllers/admin/users.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 """
 kallithea.controllers.admin.users
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Users crud controller
 This file was forked by the Kallithea project in July 2014.
 Original author and date, and relevant copyright and licensing information is below:
 :created_on: Apr 4, 2010
 :author: marcink
 :copyright: (c) 2013 RhodeCode GmbH, and others.
 :license: GPLv3, see LICENSE.md for more details.
 """
 import logging
 import traceback
 import formencode
 from formencode import htmlfill
 from tg import request, tmpl_context as c, config, app_globals
 from tg.i18n import ugettext as _
 from sqlalchemy.sql.expression import func
 from webob.exc import HTTPFound, HTTPNotFound
 import kallithea
 from kallithea.config.routing import url
 from kallithea.lib.exceptions import DefaultUserException, \
     UserOwnsReposException, UserCreationError
 from kallithea.lib import helpers as h
 from kallithea.lib.auth import LoginRequired, HasPermissionAnyDecorator, \
     AuthUser
 from kallithea.lib import auth_modules
 from kallithea.lib.base import BaseController, render
+from kallithea.lib.base import BaseController, render, IfSshEnabled
 from kallithea.model.api_key import ApiKeyModel
+from kallithea.model.ssh_key import SshKeyModel
 from kallithea.model.db import User, UserEmailMap, UserIpMap, UserToPerm
 from kallithea.model.forms import UserForm, CustomDefaultPermissionsForm
 from kallithea.model.user import UserModel
 from kallithea.model.meta import Session
 from kallithea.lib.utils import action_logger
 from kallithea.lib.utils2 import datetime_to_time, safe_int, generate_api_key
 log = logging.getLogger(__name__)
 class UsersController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     @LoginRequired()
     @HasPermissionAnyDecorator('hg.admin')
     def _before(self, *args, **kwargs):
         super(UsersController, self)._before(*args, **kwargs)
         c.available_permissions = config['available_permissions']
     def index(self, format='html'):
         c.users_list = User.query().order_by(User.username) \
                         .filter_by(is_default_user=False) \
                         .order_by(func.lower(User.username)) \
                         .all()
         users_data = []
         total_records = len(c.users_list)
         _tmpl_lookup = app_globals.mako_lookup
         template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
         grav_tmpl = '<div class="gravatar">%s</div>'
         username = lambda user_id, username: (
                 template.get_def("user_name")
                 .render(user_id, username, _=_, h=h, c=c))
         user_actions = lambda user_id, username: (
                 template.get_def("user_actions")
                 .render(user_id, username, _=_, h=h, c=c))
         for user in c.users_list:
             users_data.append({
                 "gravatar": grav_tmpl % h.gravatar(user.email, size=20),
                 "raw_name": user.username,
                 "username": username(user.user_id, user.username),
                 "firstname": h.escape(user.name),
                 "lastname": h.escape(user.lastname),
                 "last_login": h.fmt_date(user.last_login),
                 "last_login_raw": datetime_to_time(user.last_login),
                 "active": h.boolicon(user.active),
                 "admin": h.boolicon(user.admin),
                 "extern_type": user.extern_type,
                 "extern_name": user.extern_name,
                 "action": user_actions(user.user_id, user.username),
             })
         c.data = {
             "sort": None,
             "dir": "asc",
             "records": users_data
+        }
         return render('admin/users/users.html')
     def create(self):
         c.default_extern_type = User.DEFAULT_AUTH_TYPE
         c.default_extern_name = ''
         user_model = UserModel()
         user_form = UserForm()()
         try:
             form_result = user_form.to_python(dict(request.POST))
             user = user_model.create(form_result)
             action_logger(request.authuser, 'admin_created_user:%s' % user.username,
                           None, request.ip_addr)
             h.flash(_('Created user %s') % user.username,
                     category='success')
             Session().commit()
         except formencode.Invalid as errors:
             return htmlfill.render(
                 render('admin/users/user_add.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8",
                 force_defaults=False)
         except UserCreationError as e:
             h.flash(e, 'error')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('Error occurred during creation of user %s')
                     % request.POST.get('username'), category='error')
         raise HTTPFound(location=url('edit_user', id=user.user_id))
     def new(self, format='html'):
         c.default_extern_type = User.DEFAULT_AUTH_TYPE
         c.default_extern_name = ''
@@ @@ -336,96 +336,130 @@ class UsersController(BaseController): @@
             else:
                 user_model.grant_perm(id, 'hg.fork.none')
             h.flash(_("Updated permissions"), category='success')
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during permissions saving'),
                     category='error')
         raise HTTPFound(location=url('edit_user_perms', id=id))
     def edit_emails(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         c.active = 'emails'
         c.user_email_map = UserEmailMap.query() \
             .filter(UserEmailMap.user == c.user).all()
         defaults = c.user.get_dict()
         return htmlfill.render(
             render('admin/users/user_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False)
     def add_email(self, id):
         user = self._get_user_or_raise_if_default(id)
         email = request.POST.get('new_email')
         user_model = UserModel()
         try:
             user_model.add_extra_email(id, email)
             Session().commit()
             h.flash(_("Added email %s to user") % email, category='success')
         except formencode.Invalid as error:
             msg = error.error_dict['email']
             h.flash(msg, category='error')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during email saving'),
                     category='error')
         raise HTTPFound(location=url('edit_user_emails', id=id))
     def delete_email(self, id):
         user = self._get_user_or_raise_if_default(id)
         email_id = request.POST.get('del_email_id')
         user_model = UserModel()
         user_model.delete_extra_email(id, email_id)
         Session().commit()
         h.flash(_("Removed email from user"), category='success')
         raise HTTPFound(location=url('edit_user_emails', id=id))
     def edit_ips(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         c.active = 'ips'
         c.user_ip_map = UserIpMap.query() \
             .filter(UserIpMap.user == c.user).all()
         c.default_user_ip_map = UserIpMap.query() \
             .filter(UserIpMap.user == User.get_default_user()).all()
         defaults = c.user.get_dict()
         return htmlfill.render(
             render('admin/users/user_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False)
     def add_ip(self, id):
         ip = request.POST.get('new_ip')
         user_model = UserModel()
         try:
             user_model.add_extra_ip(id, ip)
             Session().commit()
             h.flash(_("Added IP address %s to user whitelist") % ip, category='success')
         except formencode.Invalid as error:
             msg = error.error_dict['ip']
             h.flash(msg, category='error')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred while adding IP address'),
                     category='error')
         if 'default_user' in request.POST:
             raise HTTPFound(location=url('admin_permissions_ips'))
         raise HTTPFound(location=url('edit_user_ips', id=id))
     def delete_ip(self, id):
         ip_id = request.POST.get('del_ip_id')
         user_model = UserModel()
         user_model.delete_extra_ip(id, ip_id)
         Session().commit()
         h.flash(_("Removed IP address from user whitelist"), category='success')
         if 'default_user' in request.POST:
             raise HTTPFound(location=url('admin_permissions_ips'))
         raise HTTPFound(location=url('edit_user_ips', id=id))
     @IfSshEnabled
     def edit_ssh_keys(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         c.active = 'ssh_keys'
         c.user_ssh_keys = SshKeyModel().get_ssh_keys(c.user.user_id)
         defaults = c.user.get_dict()
         return htmlfill.render(
             render('admin/users/user_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False)
     @IfSshEnabled
     def ssh_keys_add(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         description = request.POST.get('description')
         public_key = request.POST.get('public_key')
         new_ssh_key = SshKeyModel().create(c.user.user_id,
                                        description, public_key)
         Session().commit()
         h.flash(_("SSH key %s successfully added") % new_ssh_key.fingerprint, category='success')
         raise HTTPFound(location=url('edit_user_ssh_keys', id=c.user.user_id))
     @IfSshEnabled
     def ssh_keys_delete(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         public_key = request.POST.get('del_public_key')
         SshKeyModel().delete(public_key, c.user.user_id)
         Session().commit()
         h.flash(_("SSH key successfully deleted"), category='success')
         raise HTTPFound(location=url('edit_user_ssh_keys', id=c.user.user_id))

kallithea/templates/about.html

➞

Show inline comments

@@ @@ -28,158 +28,159 @@ @@
   <li>Copyright &copy; 2012, 2014&ndash;2017, 2019, Andrej Shadura</li>
   <li>Copyright &copy; 2014&ndash;2019, Thomas De Schampheleire</li>
   <li>Copyright &copy; 2015&ndash;2017, 2019, Étienne Gilli</li>
   <li>Copyright &copy; 2017&ndash;2019, Allan Nordhøy</li>
   <li>Copyright &copy; 2018&ndash;2019, ssantos</li>
   <li>Copyright &copy; 2019, Danni Randeris</li>
   <li>Copyright &copy; 2019, Edmund Wong</li>
   <li>Copyright &copy; 2019, Manuel Jacob</li>
   <li>Copyright &copy; 2019, Wolfgang Scherer</li>
   <li>Copyright &copy; 2012, 2014&ndash;2018, Dominik Ruf</li>
   <li>Copyright &copy; 2014&ndash;2015, 2018, Michal Čihař</li>
   <li>Copyright &copy; 2015, 2018, Branko Majic</li>
   <li>Copyright &copy; 2018, Chris Rule</li>
   <li>Copyright &copy; 2018, Jesús Sánchez</li>
   <li>Copyright &copy; 2018, Patrick Vane</li>
   <li>Copyright &copy; 2018, Pheng Heong Tan</li>
   <li>Copyright &copy; 2018, Максим Якимчук</li>
   <li>Copyright &copy; 2018, Марс Ямбар</li>
   <li>Copyright &copy; 2012&ndash;2017, Unity Technologies</li>
   <li>Copyright &copy; 2015&ndash;2017, Søren Løvborg</li>
   <li>Copyright &copy; 2015, 2017, Sam Jaques</li>
   <li>Copyright &copy; 2016&ndash;2017, Asterios Dimitriou</li>
   <li>Copyright &copy; 2017, Alessandro Molina</li>
   <li>Copyright &copy; 2017, Anton Schur</li>
   <li>Copyright &copy; 2017, Ching-Chen Mao</li>
   <li>Copyright &copy; 2017, Eivind Tagseth</li>
   <li>Copyright &copy; 2017, FUJIWARA Katsunori</li>
   <li>Copyright &copy; 2017, Holger Schramm</li>
   <li>Copyright &copy; 2017, Karl Goetz</li>
   <li>Copyright &copy; 2017, Lars Kruse</li>
   <li>Copyright &copy; 2017, Marko Semet</li>
   <li>Copyright &copy; 2017, Viktar Vauchkevich</li>
   <li>Copyright &copy; 2012&ndash;2016, Takumi IINO</li>
   <li>Copyright &copy; 2015&ndash;2016, Jan Heylen</li>
   <li>Copyright &copy; 2015&ndash;2016, Robert Martinez</li>
   <li>Copyright &copy; 2015&ndash;2016, Robert Rauch</li>
   <li>Copyright &copy; 2016, Angel Ezquerra</li>
   <li>Copyright &copy; 2016, Anton Shestakov</li>
   <li>Copyright &copy; 2016, Brandon Jones</li>
   <li>Copyright &copy; 2016, Kateryna Musina</li>
   <li>Copyright &copy; 2016, Konstantin Veretennicov</li>
   <li>Copyright &copy; 2016, Oscar Curero</li>
   <li>Copyright &copy; 2016, Robert James Dennington</li>
   <li>Copyright &copy; 2016, timeless@gmail.com</li>
   <li>Copyright &copy; 2016, YFdyh000</li>
   <li>Copyright &copy; 2012&ndash;2013, 2015, Aras Pranckevičius</li>
   <li>Copyright &copy; 2014&ndash;2015, Christian Oyarzun</li>
   <li>Copyright &copy; 2014&ndash;2015, Joseph Rivera</li>
   <li>Copyright &copy; 2014&ndash;2015, Sean Farley</li>
   <li>Copyright &copy; 2015, Anatoly Bubenkov</li>
   <li>Copyright &copy; 2015, Andrew Bartlett</li>
   <li>Copyright &copy; 2015, Balázs Úr</li>
   <li>Copyright &copy; 2015, Ben Finney</li>
   <li>Copyright &copy; 2015, Daniel Hobley</li>
   <li>Copyright &copy; 2015, David Avigni</li>
   <li>Copyright &copy; 2015, Denis Blanchette</li>
   <li>Copyright &copy; 2015, duanhongyi</li>
   <li>Copyright &copy; 2015, EriCSN Chang</li>
   <li>Copyright &copy; 2015, Grzegorz Krason</li>
   <li>Copyright &copy; 2015, Jiří Suchan</li>
   <li>Copyright &copy; 2015, Kazunari Kobayashi</li>
   <li>Copyright &copy; 2015, Kevin Bullock</li>
   <li>Copyright &copy; 2015, kobanari</li>
   <li>Copyright &copy; 2015, Marc Abramowitz</li>
   <li>Copyright &copy; 2015, Marc Villetard</li>
   <li>Copyright &copy; 2015, Matthias Zilk</li>
   <li>Copyright &copy; 2015, Michael Pohl</li>
   <li>Copyright &copy; 2015, Michael V. DePalatis</li>
   <li>Copyright &copy; 2015, Morten Skaaning</li>
   <li>Copyright &copy; 2015, Nick High</li>
   <li>Copyright &copy; 2015, Niemand Jedermann</li>
   <li>Copyright &copy; 2015, Peter Vitt</li>
   <li>Copyright &copy; 2015, Ronny Pfannschmidt</li>
   <li>Copyright &copy; 2015, Tuux</li>
   <li>Copyright &copy; 2015, Viktar Palstsiuk</li>
   <li>Copyright &copy; 2014, Ante Ilic</li>
   <li>Copyright &copy; 2014, Bradley M. Kuhn</li>
   <li>Copyright &copy; 2014, Calinou</li>
   <li>Copyright &copy; 2014, Daniel Anderson</li>
   <li>Copyright &copy; 2014, Henrik Stuart</li>
   <li>Copyright &copy; 2014, Ingo von Borstel</li>
   <li>Copyright &copy; 2014, Jelmer Vernooĳ</li>
   <li>Copyright &copy; 2014, Jim Hague</li>
   <li>Copyright &copy; 2014, Matt Fellows</li>
   <li>Copyright &copy; 2014, Max Roman</li>
   <li>Copyright &copy; 2014, Na'Tosha Bard</li>
   <li>Copyright &copy; 2014, Rasmus Selsmark</li>
   <li>Copyright &copy; 2014, Tim Freund</li>
   <li>Copyright &copy; 2014, Travis Burtrum</li>
   <li>Copyright &copy; 2014, Zoltan Gyarmati</li>
   <li>Copyright &copy; 2010&ndash;2013, Marcin Kuźmiński</li>
   <li>Copyright &copy; 2010&ndash;2013, RhodeCode GmbH</li>
   <li>Copyright &copy; 2011, 2013, Aparkar</li>
   <li>Copyright &copy; 2012&ndash;2013, xpol</li>
   <li>Copyright &copy; 2013, Dennis Brakhane</li>
   <li>Copyright &copy; 2013, Grzegorz Rożniecki</li>
   <li>Copyright &copy; 2013, Ilya Beda</li>
   <li>Copyright &copy; 2013, Jonathan Sternberg</li>
   <li>Copyright &copy; 2013, Leonardo Carneiro</li>
   <li>Copyright &copy; 2013, Magnus Ericmats</li>
   <li>Copyright &copy; 2013, Martin Vium</li>
   <li>Copyright &copy; 2013, Simon Lopez</li>
   <li>Copyright &copy; 2011&ndash;2012, Augusto Herrmann</li>
   <li>Copyright &copy; 2012, Dan Sheridan</li>
   <li>Copyright &copy; 2012, H Waldo G</li>
   <li>Copyright &copy; 2012, hppj</li>
   <li>Copyright &copy; 2012, Indra Talip</li>
   <li>Copyright &copy; 2012, mikespook</li>
   <li>Copyright &copy; 2012, nansenat16</li>
   <li>Copyright &copy; 2012, Philip Jameson</li>
   <li>Copyright &copy; 2012, Raoul Thill</li>
   <li>Copyright &copy; 2012, Tony Bussieres</li>
   <li>Copyright &copy; 2012, Vincent Duvert</li>
   <li>Copyright &copy; 2012, Vladislav Poluhin</li>
   <li>Copyright &copy; 2012, Zachary Auclair</li>
   <li>Copyright &copy; 2011, Ankit Solanki</li>
   <li>Copyright &copy; 2011, Dmitri Kuznetsov</li>
   <li>Copyright &copy; 2011, Jared Bunting</li>
   <li>Copyright &copy; 2011, Jason Harris</li>
   <li>Copyright &copy; 2011, Les Peabody</li>
   <li>Copyright &copy; 2011, Liad Shani</li>
   <li>Copyright &copy; 2011, Lorenzo M. Catucci</li>
   <li>Copyright &copy; 2011, Matt Zuba</li>
   <li>Copyright &copy; 2011, Nicolas VINOT</li>
   <li>Copyright &copy; 2011, Shawn K. O'Shea</li>
   <li>Copyright &copy; 2010, Łukasz Balcerzak</li>
 ## We did not list the following copyright holders, given that they appeared
 ## to use for-profit company affiliations in their contribution in the
 ## Mercurial log and therefore I didn't know if copyright was theirs or
 ## their company's.
 ## Copyright &copy; 2011 Thayne Harbaugh <thayne@fusionio.com>
 ## Copyright &copy; 2012 Dies Koper <diesk@fast.au.fujitsu.com>
 ## Copyright &copy; 2012 Erwin Kroon <e.kroon@smartmetersolutions.nl>
 ## Copyright &copy; 2012 Vincent Caron <vcaron@bearstech.com>
 ##
 ## These contributors' contributions may not be copyrightable:
 ## philip.j@hostdime.com in 2012
 ## Stefan Engel <mail@engel-stefan.de> in 2012
 ## Ton Plomp <tcplomp@gmail.com> in 2013
 ##
   </ul>
   <p>The above are the copyright holders who have submitted direct
   contributions to the Kallithea repository.</p>
   <p>In the <a href="https://kallithea-scm.org/repos/kallithea">Kallithea
   source code</a>, there is a
   <a href="https://kallithea-scm.org/repos/kallithea/files/tip/LICENSE.md">list
   of third-party libraries and code that Kallithea incorporates</a>.</p>
   <p>The front-end contains a <a href="${h.url('/LICENSES.txt')}">list of
   software that is used to build the front-end</a> but isn't distributed as a
   part of Kallithea.</p>
   </div>
 </div>
 </%def>

kallithea/templates/admin/users/user_edit.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 <%inherit file="/base/base.html"/>
 <%block name="title">
     ${_('%s user settings') % c.user.username}
 </%block>
 <%def name="breadcrumbs_links()">
     ${h.link_to(_('Admin'),h.url('admin_home'))}
     &raquo;
     ${h.link_to(_('Users'),h.url('users'))}
     &raquo;
     ${c.user.username}
 </%def>
 <%block name="header_menu">
     ${self.menu('admin')}
 </%block>
 <%def name="main()">
 <div class="panel panel-primary">
     <div class="panel-heading clearfix">
         ${self.breadcrumbs()}
     </div>
     ##main
     <div class="panel-body settings">
       <ul class="nav nav-pills nav-stacked">
         <li class="${'active' if c.active=='profile' else ''}"><a href="${h.url('edit_user', id=c.user.user_id)}">${_('Profile')}</a></li>
         <li class="${'active' if c.active=='emails' else ''}"><a href="${h.url('edit_user_emails', id=c.user.user_id)}">${_('Emails')}</a></li>
         %if c.ssh_enabled:
           <li class="${'active' if c.active=='ssh_keys' else ''}"><a href="${h.url('edit_user_ssh_keys', id=c.user.user_id)}">${_('SSH Keys')}</a></li>
         %endif
         <li class="${'active' if c.active=='api_keys' else ''}"><a href="${h.url('edit_user_api_keys', id=c.user.user_id)}">${_('API Keys')}</a></li>
         <li class="${'active' if c.active=='ips' else ''}"><a href="${h.url('edit_user_ips', id=c.user.user_id)}">${_('IP Whitelist')}</a></li>
         <li class="${'active' if c.active=='advanced' else ''}"><a href="${h.url('edit_user_advanced', id=c.user.user_id)}">${_('Advanced')}</a></li>
         <li class="${'active' if c.active=='perms' else ''}"><a href="${h.url('edit_user_perms', id=c.user.user_id)}">${_('Show Permissions')}</a></li>
       </ul>
       <div>
           <%include file="/admin/users/user_edit_${c.active}.html"/>
       </div>
     </div>
 </div>
 </%def>

kallithea/templates/admin/users/user_edit_ssh_keys.html

➞

Show inline comments

@@ new file 100644 @@
 <table class="table">
     %if c.user_ssh_keys:
         <tr>
             <th>${_('Fingerprint')}</th>
             <th>${_('Description')}</th>
             <th>${_('Action')}</th>
         </tr>
         %for ssh_key in c.user_ssh_keys:
           <tr>
             <td>
                 ${ssh_key.fingerprint}
             </td>
             <td>
                 ${ssh_key.description}
             </td>
             <td>
                 ${h.form(url('edit_user_ssh_keys_delete', id=c.user.user_id))}
                     ${h.hidden('del_public_key', ssh_key.public_key)}
                     <button class="btn btn-danger btn-xs" type="submit"
                             onclick="return confirm('${_('Confirm to remove this SSH key: %s') % ssh_key.fingerprint}');">
                         <i class="icon-trashcan"></i>
                         ${_('Remove')}
                     </button>
                 ${h.end_form()}
             </td>
           </tr>
         %endfor
     %else:
         <tr>
             <td>
                 <div class="ip">${_('No SSH keys have been added')}</div>
             </td>
         </tr>
     %endif
 </table>
 <div>
     ${h.form(url('edit_user_ssh_keys', id=c.user.user_id))}
     <div class="form">
             <div class="form-group">
                 <label class="control-label">${_('New SSH key')}</label>
             </div>
             <div class="form-group">
                 <label class="control-label" for="public_key">${_('Public key')}:</label>
                 <div>
                     ${h.textarea('public_key', '', class_='form-control', placeholder=_('Public key (contents of e.g. ~/.ssh/id_rsa.pub)'), cols=80, rows=5)}
                 </div>
             </div>
             <div class="form-group">
                 <label class="control-label" for="description">${_('Description')}:</label>
                 <div>
                     ${h.text('description', class_='form-control', placeholder=_('Description'))}
                 </div>
             </div>
             <div class="form-group">
                 <div class="buttons">
                     ${h.submit('save', _('Add'), class_="btn btn-default")}
                     ${h.reset('reset', _('Reset'), class_="btn btn-default")}
                 </div>
             </div>
     </div>
     ${h.end_form()}
 </div>

kallithea/tests/functional/test_admin_users.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 from sqlalchemy.orm.exc import NoResultFound, ObjectDeletedError
 import pytest
 from kallithea.tests.base import *
 from kallithea.tests.fixture import Fixture
 from kallithea.controllers.admin.users import UsersController
 from kallithea.model.db import User, Permission, UserIpMap, UserApiKeys, RepoGroup
+from kallithea.model.db import User, Permission, UserIpMap, UserApiKeys, RepoGroup, UserSshKeys
 from kallithea.lib.auth import check_password
 from kallithea.model.user import UserModel
 from kallithea.model import validators
 from kallithea.lib import helpers as h
 from kallithea.model.meta import Session
 from webob.exc import HTTPNotFound
 from tg.util.webtest import test_context
 fixture = Fixture()
 @pytest.fixture
 def user_and_repo_group_fail():
     username = 'repogrouperr'
     groupname = u'repogroup_fail'
     user = fixture.create_user(name=username)
     repo_group = fixture.create_repo_group(name=groupname, cur_user=username)
     yield user, repo_group
     # cleanup
     if RepoGroup.get_by_group_name(groupname):
         fixture.destroy_repo_group(repo_group)
 class TestAdminUsersController(TestController):
     test_user_1 = 'testme'
     @classmethod
     def teardown_class(cls):
         if User.get_by_username(cls.test_user_1):
             UserModel().delete(cls.test_user_1)
             Session().commit()
     def test_index(self):
         self.log_user()
         response = self.app.get(url('users'))
         # TODO: Test response...
     def test_create(self):
         self.log_user()
         username = 'newtestuser'
         password = 'test12'
         password_confirmation = password
         name = u'name'
         lastname = u'lastname'
         email = 'mail@example.com'
         response = self.app.post(url('new_user'),
             {'username': username,
              'password': password,
              'password_confirmation': password_confirmation,
              'firstname': name,
              'active': True,
              'lastname': lastname,
              'extern_name': 'internal',
              'extern_type': 'internal',
              'email': email,
              '_authentication_token': self.authentication_token()})
         # 302 Found
         # The resource was found at http://localhost/_admin/users/5/edit; you should be redirected automatically.
         self.checkSessionFlash(response, '''Created user %s''' % username)
         response = response.follow()
         response.mustcontain("""%s user settings""" % username) # in <title>
         new_user = Session().query(User). \
             filter(User.username == username).one()
         assert new_user.username == username
         assert check_password(password, new_user.password) == True
         assert new_user.name == name
         assert new_user.lastname == lastname
         assert new_user.email == email
     def test_create_err(self):
         self.log_user()
         username = 'new_user'
         password = ''
         name = u'name'
         lastname = u'lastname'
         email = 'errmail.example.com'
         response = self.app.post(url('new_user'),
             {'username': username,
              'password': password,
              'name': name,
              'active': False,
              'lastname': lastname,
              'email': email,
              '_authentication_token': self.authentication_token()})
         with test_context(self.app):
             msg = validators.ValidUsername(False, {})._messages['system_invalid_username']
         msg = h.html_escape(msg % {'username': 'new_user'})
         response.mustcontain("""<span class="error-message">%s</span>""" % msg)
@@ @@ -421,185 +421,233 @@ class TestAdminUsersController(TestContr @@
             response.mustcontain(no=[ip_range])
         else:
             response = self.app.get(url('edit_user_ips', id=user_id))
             response.mustcontain(ip)
             response.mustcontain(ip_range)
     def test_delete_ip(self, auto_clear_ip_permissions):
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         user_id = user.user_id
         ip = '127.0.0.1/32'
         ip_range = '127.0.0.1 - 127.0.0.1'
         with test_context(self.app):
             new_ip = UserModel().add_extra_ip(user_id, ip)
             Session().commit()
         new_ip_id = new_ip.ip_id
         response = self.app.get(url('edit_user_ips', id=user_id))
         response.mustcontain(ip)
         response.mustcontain(ip_range)
         self.app.post(url('edit_user_ips_delete', id=user_id),
                       params=dict(del_ip_id=new_ip_id, _authentication_token=self.authentication_token()))
         response = self.app.get(url('edit_user_ips', id=user_id))
         response.mustcontain('All IP addresses are allowed')
         response.mustcontain(no=[ip])
         response.mustcontain(no=[ip_range])
     def test_api_keys(self):
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         response = self.app.get(url('edit_user_api_keys', id=user.user_id))
         response.mustcontain(user.api_key)
         response.mustcontain('Expires: Never')
     @parametrize('desc,lifetime', [
         ('forever', -1),
         ('5mins', 60*5),
         ('30days', 60*60*24*30),
     ])
     def test_add_api_keys(self, desc, lifetime):
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         user_id = user.user_id
         response = self.app.post(url('edit_user_api_keys_update', id=user_id),
                  {'description': desc, 'lifetime': lifetime, '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'API key successfully created')
         try:
             response = response.follow()
             user = User.get(user_id)
             for api_key in user.api_keys:
                 response.mustcontain(api_key)
         finally:
             for api_key in UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all():
                 Session().delete(api_key)
                 Session().commit()
     def test_remove_api_key(self):
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         user_id = user.user_id
         response = self.app.post(url('edit_user_api_keys_update', id=user_id),
                 {'description': 'desc', 'lifetime': -1, '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'API key successfully created')
         response = response.follow()
         # now delete our key
         keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
         assert 1 == len(keys)
         response = self.app.post(url('edit_user_api_keys_delete', id=user_id),
                  {'del_api_key': keys[0].api_key, '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'API key successfully deleted')
         keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
         assert 0 == len(keys)
     def test_reset_main_api_key(self):
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         user_id = user.user_id
         api_key = user.api_key
         response = self.app.get(url('edit_user_api_keys', id=user_id))
         response.mustcontain(api_key)
         response.mustcontain('Expires: Never')
         response = self.app.post(url('edit_user_api_keys_delete', id=user_id),
                  {'del_api_key_builtin': api_key, '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'API key successfully reset')
         response = response.follow()
         response.mustcontain(no=[api_key])
     def test_add_ssh_key(self):
         description = u'something'
         public_key = u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC6Ycnc2oUZHQnQwuqgZqTTdMDZD7ataf3JM7oG2Fw8JR6cdmz4QZLe5mfDwaFwG2pWHLRpVqzfrD/Pn3rIO++bgCJH5ydczrl1WScfryV1hYMJ/4EzLGM657J1/q5EI+b9SntKjf4ax+KP322L0TNQGbZUHLbfG2MwHMrYBQpHUQ== me@localhost'
         fingerprint = u'Ke3oUCNJM87P0jJTb3D+e3shjceP2CqMpQKVd75E9I8'
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         user_id = user.user_id
         response = self.app.post(url('edit_user_ssh_keys', id=user_id),
                                  {'description': description,
                                   'public_key': public_key,
                                   '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'SSH key %s successfully added' % fingerprint)
         response = response.follow()
         response.mustcontain(fingerprint)
         ssh_key = UserSshKeys.query().filter(UserSshKeys.user_id == user_id).one()
         assert ssh_key.fingerprint == fingerprint
         assert ssh_key.description == description
         Session().delete(ssh_key)
         Session().commit()
     def test_remove_ssh_key(self):
         description = u''
         public_key = u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC6Ycnc2oUZHQnQwuqgZqTTdMDZD7ataf3JM7oG2Fw8JR6cdmz4QZLe5mfDwaFwG2pWHLRpVqzfrD/Pn3rIO++bgCJH5ydczrl1WScfryV1hYMJ/4EzLGM657J1/q5EI+b9SntKjf4ax+KP322L0TNQGbZUHLbfG2MwHMrYBQpHUQ== me@localhost'
         fingerprint = u'Ke3oUCNJM87P0jJTb3D+e3shjceP2CqMpQKVd75E9I8'
         self.log_user()
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         user_id = user.user_id
         response = self.app.post(url('edit_user_ssh_keys', id=user_id),
                                  {'description': description,
                                   'public_key': public_key,
                                   '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'SSH key %s successfully added' % fingerprint)
         response.follow()
         ssh_key = UserSshKeys.query().filter(UserSshKeys.user_id == user_id).one()
         assert ssh_key.description == description
         response = self.app.post(url('edit_user_ssh_keys_delete', id=user_id),
                                  {'del_public_key': ssh_key.public_key,
                                   '_authentication_token': self.authentication_token()})
         self.checkSessionFlash(response, 'SSH key successfully deleted')
         keys = UserSshKeys.query().all()
         assert 0 == len(keys)
 class TestAdminUsersController_unittest(TestController):
     """ Unit tests for the users controller """
     def test_get_user_or_raise_if_default(self, monkeypatch, test_context_fixture):
         # flash complains about an non-existing session
         def flash_mock(*args, **kwargs):
             pass
         monkeypatch.setattr(h, 'flash', flash_mock)
         u = UsersController()
         # a regular user should work correctly
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         assert u._get_user_or_raise_if_default(user.user_id) == user
         # the default user should raise
         with pytest.raises(HTTPNotFound):
             u._get_user_or_raise_if_default(User.get_default_user().user_id)
 class TestAdminUsersControllerForDefaultUser(TestController):
     """
     Edit actions on the default user are not allowed.
     Validate that they throw a 404 exception.
     """
     def test_edit_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user', id=user.user_id), status=404)
     def test_edit_advanced_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user_advanced', id=user.user_id), status=404)
     # API keys
     def test_edit_api_keys_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user_api_keys', id=user.user_id), status=404)
     def test_add_api_keys_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.post(url('edit_user_api_keys_update', id=user.user_id),
                  {'_authentication_token': self.authentication_token()}, status=404)
     def test_delete_api_keys_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.post(url('edit_user_api_keys_delete', id=user.user_id),
                  {'_authentication_token': self.authentication_token()}, status=404)
     # Permissions
     def test_edit_perms_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user_perms', id=user.user_id), status=404)
     def test_update_perms_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.post(url('edit_user_perms_update', id=user.user_id),
                  {'_authentication_token': self.authentication_token()}, status=404)
     # Emails
     def test_edit_emails_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user_emails', id=user.user_id), status=404)
     def test_add_emails_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.post(url('edit_user_emails_update', id=user.user_id),
                  {'_authentication_token': self.authentication_token()}, status=404)
     def test_delete_emails_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.post(url('edit_user_emails_delete', id=user.user_id),
                  {'_authentication_token': self.authentication_token()}, status=404)
     # IP addresses
     # Add/delete of IP addresses for the default user is used to maintain
     # the global IP whitelist and thus allowed. Only 'edit' is forbidden.
     def test_edit_ip_default_user(self):
         self.log_user()
         user = User.get_default_user()
         response = self.app.get(url('edit_user_ips', id=user.user_id), status=404)

scripts/contributor_data.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 # Some committers are so wrong that it doesn't point at any contributor:
 total_ignore = set()
 total_ignore.add('*** failed to import extension hggit: No module named hggit')
 total_ignore.add('<>')
 # Normalize some committer names where people have contributed under different
 # names or email addresses:
 name_fixes = {}
 name_fixes['Andrew Shadura'] = "Andrej Shadura <andrew@shadura.me>"
 name_fixes['aparkar'] = "Aparkar <aparkar@icloud.com>"
 name_fixes['Aras Pranckevicius'] = "Aras Pranckevičius <aras@unity3d.com>"
 name_fixes['Augosto Hermann'] = "Augusto Herrmann <augusto.herrmann@planejamento.gov.br>"
 name_fixes['"Bradley M. Kuhn" <bkuhn@ebb.org>'] = "Bradley M. Kuhn <bkuhn@sfconservancy.org>"
 name_fixes['dmitri.kuznetsov'] = "Dmitri Kuznetsov"
 name_fixes['Dmitri Kuznetsov'] = "Dmitri Kuznetsov"
 name_fixes['domruf'] = "Dominik Ruf <dominikruf@gmail.com>"
 name_fixes['Ingo von borstel'] = "Ingo von Borstel <kallithea@planetmaker.de>"
 name_fixes['Jan Heylen'] = "Jan Heylen <heyleke@gmail.com>"
 name_fixes['Jason F. Harris'] = "Jason Harris <jason@jasonfharris.com>"
 name_fixes['Jelmer Vernooij'] = "Jelmer Vernooĳ <jelmer@samba.org>"
 name_fixes['jfh <jason@jasonfharris.com>'] = "Jason Harris <jason@jasonfharris.com>"
 name_fixes['Leonardo Carneiro<leonardo@unity3d.com>'] = "Leonardo Carneiro <leonardo@unity3d.com>"
 name_fixes['leonardo'] = "Leonardo Carneiro <leonardo@unity3d.com>"
 name_fixes['Leonardo <leo@unity3d.com>'] = "Leonardo Carneiro <leonardo@unity3d.com>"
 name_fixes['Les Peabody'] = "Les Peabody <lpeabody@gmail.com>"
 name_fixes['"Lorenzo M. Catucci" <lorenzo@sancho.ccd.uniroma2.it>'] = "Lorenzo M. Catucci <lorenzo@sancho.ccd.uniroma2.it>"
 name_fixes['Lukasz Balcerzak'] = "Łukasz Balcerzak <lukaszbalcerzak@gmail.com>"
 name_fixes['mao <mao@lins.fju.edu.tw>'] = "Ching-Chen Mao <mao@lins.fju.edu.tw>"
 name_fixes['marcink'] = "Marcin Kuźmiński <marcin@python-works.com>"
 name_fixes['Marcin Kuzminski'] = "Marcin Kuźmiński <marcin@python-works.com>"
 name_fixes['nansenat16@null.tw'] = "nansenat16 <nansenat16@null.tw>"
 name_fixes['Peter Vitt'] = "Peter Vitt <petervitt@web.de>"
 name_fixes['philip.j@hostdime.com'] = "Philip Jameson <philip.j@hostdime.com>"
 name_fixes['Søren Løvborg'] = "Søren Løvborg <sorenl@unity3d.com>"
 name_fixes['Thomas De Schampheleire'] = "Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>"
 name_fixes['Hosted Weblate'] = "<>"
 name_fixes['Weblate'] = "<>"
 name_fixes['xpol'] = "xpol <xpolife@gmail.com>"
 name_fixes['Lars <devel@sumpfralle.de>'] = "Lars Kruse <devel@sumpfralle.de>"
 # Some committer email address domains that indicate that another entity might
 # hold some copyright too:
 domain_extra = {}
 domain_extra['unity3d.com'] = "Unity Technologies"
 domain_extra['rhodecode.com'] = "RhodeCode GmbH"
 # Repository history show some old contributions that traditionally hasn't been
 # listed in about.html - preserve that:
 no_about = set(total_ignore)
 # The following contributors were traditionally not listed in about.html and it
 # seems unclear if the copyright is personal or belongs to a company.
 no_about.add(('Thayne Harbaugh <thayne@fusionio.com>', '2011'))
 no_about.add(('Dies Koper <diesk@fast.au.fujitsu.com>', '2012'))
 no_about.add(('Erwin Kroon <e.kroon@smartmetersolutions.nl>', '2012'))
 no_about.add(('Vincent Caron <vcaron@bearstech.com>', '2012'))
 # These contributors' contributions might be too small to be copyrightable:
 no_about.add(('philip.j@hostdime.com', '2012'))
 no_about.add(('Stefan Engel <mail@engel-stefan.de>', '2012'))
 no_about.add(('Ton Plomp <tcplomp@gmail.com>', '2013'))
 # Was reworked and contributed later and shadowed by other contributions:
 no_about.add(('Sean Farley <sean.michael.farley@gmail.com>', '2013'))
 # Contributors in about.html and CONTRIBUTORS not appearing in repository
 # history:
 other = [
     # Work folded into commits attributed to others:
     ('2013', 'Ilya Beda <ir4y.ix@gmail.com>'),
+]
 # Preserve contributors listed in about.html but not appearing in repository
 # history:
 other_about = [
     ("2011", "Aparkar <aparkar@icloud.com>"),
     ("2010", "RhodeCode GmbH"),
     ("2011", "RhodeCode GmbH"),
     ("2012", "RhodeCode GmbH"),
     ("2013", "RhodeCode GmbH"),
+]
 # Preserve contributors listed in CONTRIBUTORS but not appearing in repository
 # history:
 other_contributors = [
     ("", "Andrew Kesterson <andrew@aklabs.net>"),
     ("", "cejones"),
     ("", "David A. Sjøen <david.sjoen@westcon.no>"),
     ("", "James Rhodes <jrhodes@redpointsoftware.com.au>"),
     ("", "Jonas Oberschweiber <jonas.oberschweiber@d-velop.de>"),
     ("", "larikale"),
     ("", "RhodeCode GmbH"),
     ("", "Sebastian Kreutzberger <sebastian@rhodecode.com>"),
     ("", "Steve Romanow <slestak989@gmail.com>"),
     ("", "SteveCohen"),
     ("", "Thomas <thomas@rhodecode.com>"),
     ("", "Thomas Waldmann <tw-public@gmx.de>"),
+]

0 comments (0 inline, 0 general)