kallithea Changeset - 4419551b2915

Changeset - 4419551b2915

Parent rev.

Child rev.

[Not reviewed]

codereview

0 7 0

Marcin Kuzminski - 13 years ago 2012-06-17 21:37:07
marcin@python-works.com

Switched forms to new validators

7 files changed with 203 insertions and 661 deletions:

rhodecode/controllers/admin/users.py

rhodecode/model/forms.py

140

613

rhodecode/model/repos_group.py

rhodecode/model/user.py

rhodecode/tests/functional/test_admin_settings.py

rhodecode/tests/functional/test_admin_users.py

rhodecode/tests/functional/test_login.py

0 comments (0 inline, 0 general)

rhodecode/controllers/admin/users.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.controllers.admin.users
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Users crud controller for pylons
     :created_on: Apr 4, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 import formencode
 from formencode import htmlfill
 from pylons import request, session, tmpl_context as c, url, config
 from pylons.controllers.util import redirect
 from pylons.i18n.translation import _
 from rhodecode.lib.exceptions import DefaultUserException, \
     UserOwnsReposException
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
     AuthUser
 from rhodecode.lib.base import BaseController, render
 from rhodecode.model.db import User, Permission, UserEmailMap
 from rhodecode.model.forms import UserForm
 from rhodecode.model.user import UserModel
 from rhodecode.model.meta import Session
 from rhodecode.lib.utils import action_logger
 log = logging.getLogger(__name__)
 class UsersController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('user', 'users')
     @LoginRequired()
     @HasPermissionAllDecorator('hg.admin')
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(UsersController, self).__before__()
         c.available_permissions = config['available_permissions']
     def index(self, format='html'):
         """GET /users: All items in the collection"""
         # url('users')
         c.users_list = self.sa.query(User).all()
         return render('admin/users/users.html')
     def create(self):
         """POST /users: Create a new item"""
         # url('users')
         user_model = UserModel()
         user_form = UserForm()()
         try:
             form_result = user_form.to_python(dict(request.POST))
             user_model.create(form_result)
             usr = form_result['username']
             action_logger(self.rhodecode_user, 'admin_created_user:%s' % usr,
                           None, self.ip_addr, self.sa)
             h.flash(_('created user %s') % usr,
                     category='success')
             Session.commit()
         except formencode.Invalid, errors:
             return htmlfill.render(
                 render('admin/users/user_add.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during creation of user %s') \
                     % request.POST.get('username'), category='error')
         return redirect(url('users'))
     def new(self, format='html'):
         """GET /users/new: Form to create a new item"""
         # url('new_user')
         return render('admin/users/user_add.html')
     def update(self, id):
         """PUT /users/id: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('update_user', id=ID),
         #           method='put')
         # url('user', id=ID)
         user_model = UserModel()
         c.user = user_model.get(id)
         c.perm_user = AuthUser(user_id=id)
         _form = UserForm(edit=True, old_data={'user_id': id,
                                               'email': c.user.email})()
         form_result = {}
         try:
             form_result = _form.to_python(dict(request.POST))
             user_model.update(id, form_result)
             usr = form_result['username']
             action_logger(self.rhodecode_user, 'admin_updated_user:%s' % usr,
                           None, self.ip_addr, self.sa)
             h.flash(_('User updated successfully'), category='success')
             Session.commit()
         except formencode.Invalid, errors:
             e = errors.error_dict or {}
             perm = Permission.get_by_key('hg.create.repository')
             e.update({'create_repo_perm': user_model.has_perm(id, perm)})
             return htmlfill.render(
                 render('admin/users/user_edit.html'),
                 defaults=errors.value,
                 errors=e,
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during update of user %s') \
                     % form_result.get('username'), category='error')
         return redirect(url('users'))
     def delete(self, id):
         """DELETE /users/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('delete_user', id=ID),
         #           method='delete')
         # url('user', id=ID)
         user_model = UserModel()
         try:
             user_model.delete(id)
             Session.commit()
             h.flash(_('successfully deleted user'), category='success')
         except (UserOwnsReposException, DefaultUserException), e:
             h.flash(e, category='warning')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of user'),
                     category='error')
         return redirect(url('users'))
     def show(self, id, format='html'):
         """GET /users/id: Show a specific item"""
         # url('user', id=ID)
     def edit(self, id, format='html'):
         """GET /users/id/edit: Form to edit an existing item"""
         # url('edit_user', id=ID)
         c.user = User.get(id)
         if not c.user:
             return redirect(url('users'))
         if c.user.username == 'default':
             h.flash(_("You can't edit this user"), category='warning')
             return redirect(url('users'))
         c.perm_user = AuthUser(user_id=id)
         c.user.permissions = {}
         c.granted_permissions = UserModel().fill_perms(c.user)\
             .permissions['global']
         c.user_email_map = UserEmailMap.query()\
                         .filter(UserEmailMap.user == c.user).all()
         defaults = c.user.get_dict()
         perm = Permission.get_by_key('hg.create.repository')
         defaults.update({'create_repo_perm': UserModel().has_perm(id, perm)})
         return htmlfill.render(
             render('admin/users/user_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False
+        )
     def update_perm(self, id):
         """PUT /users_perm/id: Update an existing item"""
         # url('user_perm', id=ID, method='put')
         grant_perm = request.POST.get('create_repo_perm', False)
         user_model = UserModel()
         if grant_perm:
             perm = Permission.get_by_key('hg.create.none')
             user_model.revoke_perm(id, perm)
             perm = Permission.get_by_key('hg.create.repository')
             user_model.grant_perm(id, perm)
             h.flash(_("Granted 'repository create' permission to user"),
                     category='success')
             Session.commit()
         else:
             perm = Permission.get_by_key('hg.create.repository')
             user_model.revoke_perm(id, perm)
             perm = Permission.get_by_key('hg.create.none')
             user_model.grant_perm(id, perm)
             h.flash(_("Revoked 'repository create' permission to user"),
                     category='success')
             Session.commit()
         return redirect(url('edit_user', id=id))
     def add_email(self, id):
-        """PUT /user_emails/id: Update an existing item"""
+        """POST /user_emails:Add an existing item"""
         # url('user_emails', id=ID, method='put')
         #TODO: validation and form !!!
         email = request.POST.get('new_email')
         user_model = UserModel()
         try:
             user_model.add_extra_email(id, email)
             Session.commit()
             h.flash(_("Added email %s to user" % email), category='success')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during email saving'),
                     category='error')
         return redirect(url('edit_user', id=id))
     def delete_email(self, id):
         """DELETE /user_emails_delete/id: Delete an existing item"""
         # url('user_emails_delete', id=ID, method='delete')
         user_model = UserModel()
         user_model.delete_extra_email(id, request.POST.get('del_email'))
         Session.commit()
         h.flash(_("Removed email from user"), category='success')
         return redirect(url('edit_user', id=id))

rhodecode/model/forms.py

➞

Show inline comments

 """ this is forms validation classes
 http://formencode.org/module-formencode.validators.html
 for list off all availible validators
 we can create our own validators
 The table below outlines the options which can be used in a schema in addition to the validators themselves
 pre_validators          []     These validators will be applied before the schema
 chained_validators      []     These validators will be applied after the schema
 allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present
 filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed
 if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
 ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
 <name> = formencode.validators.<name of validator>
 <name> must equal form name
 list=[1,2,3,4,5]
 for SELECT use formencode.All(OneOf(list), Int())
 """
 import os
 import re
 import logging
 import traceback
 import formencode
 from formencode import All
 from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \
     Email, Bool, StringBoolean, Set
 from pylons.i18n.translation import _
 from webhelpers.pylonslib.secure_form import authentication_token
 from rhodecode.config.routing import ADMIN_PREFIX
 from rhodecode.lib.utils import repo_name_slug
 from rhodecode.lib.auth import authenticate, get_crypt_password
 from rhodecode.lib.exceptions import LdapImportError
 from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository
 from rhodecode.model import validators as v
 from rhodecode import BACKENDS
 log = logging.getLogger(__name__)
 #this is needed to translate the messages using _() in validators
 class State_obj(object):
     _ = staticmethod(_)
 #==============================================================================
 # VALIDATORS
 #==============================================================================
 class ValidAuthToken(formencode.validators.FancyValidator):
     messages = {'invalid_token': _('Token mismatch')}
     def validate_python(self, value, state):
         if value != authentication_token():
             raise formencode.Invalid(
                 self.message('invalid_token',
                              state, search_number=value),
                 value,
                 state
+            )
 def ValidUsername(edit, old_data):
     class _ValidUsername(formencode.validators.FancyValidator):
         def validate_python(self, value, state):
             if value in ['default', 'new_user']:
                 raise formencode.Invalid(_('Invalid username'), value, state)
             #check if user is unique
             old_un = None
             if edit:
                 old_un = User.get(old_data.get('user_id')).username
             if old_un != value or not edit:
                 if User.get_by_username(value, case_insensitive=True):
                     raise formencode.Invalid(_('This username already '
                                                'exists') , value, state)
             if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:
                 raise formencode.Invalid(
                     _('Username may only contain alphanumeric characters '
                       'underscores, periods or dashes and must begin with '
                       'alphanumeric character'),
                     value,
                     state
+                )
     return _ValidUsername
 def ValidUsersGroup(edit, old_data):
     class _ValidUsersGroup(formencode.validators.FancyValidator):
         def validate_python(self, value, state):
             if value in ['default']:
                 raise formencode.Invalid(_('Invalid group name'), value, state)
             #check if group is unique
             old_ugname = None
             if edit:
                 old_ugname = UsersGroup.get(
                             old_data.get('users_group_id')).users_group_name
             if old_ugname != value or not edit:
                 if UsersGroup.get_by_group_name(value, cache=False,
                                                case_insensitive=True):
                     raise formencode.Invalid(_('This users group '
                                                'already exists'), value,
                                              state)
             if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:
                 raise formencode.Invalid(
                     _('RepoGroup name may only contain  alphanumeric characters '
                       'underscores, periods or dashes and must begin with '
                       'alphanumeric character'),
                     value,
                     state
+                )
     return _ValidUsersGroup
 def ValidReposGroup(edit, old_data):
     class _ValidReposGroup(formencode.validators.FancyValidator):
         def validate_python(self, value, state):
             # TODO WRITE VALIDATIONS
             group_name = value.get('group_name')
             group_parent_id = value.get('group_parent_id')
             # slugify repo group just in case :)
             slug = repo_name_slug(group_name)
             # check for parent of self
             parent_of_self = lambda: (
                 old_data['group_id'] == int(group_parent_id)
                 if group_parent_id else False
+            )
             if edit and parent_of_self():
                     e_dict = {
                         'group_parent_id': _('Cannot assign this group as parent')
+                    }
                     raise formencode.Invalid('', value, state,
                                              error_dict=e_dict)
             old_gname = None
             if edit:
                 old_gname = RepoGroup.get(old_data.get('group_id')).group_name
             if old_gname != group_name or not edit:
                 # check group
                 gr = RepoGroup.query()\
                       .filter(RepoGroup.group_name == slug)\
                       .filter(RepoGroup.group_parent_id == group_parent_id)\
                       .scalar()
                 if gr:
                     e_dict = {
                         'group_name': _('This group already exists')
+                    }
                     raise formencode.Invalid('', value, state,
                                              error_dict=e_dict)
                 # check for same repo
                 repo = Repository.query()\
                       .filter(Repository.repo_name == slug)\
                       .scalar()
                 if repo:
                     e_dict = {
                         'group_name': _('Repository with this name already exists')
+                    }
                     raise formencode.Invalid('', value, state,
                                              error_dict=e_dict)
     return _ValidReposGroup
 class ValidPassword(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         if not value:
             return
         if value.get('password'):
             try:
                 value['password'] = get_crypt_password(value['password'])
             except UnicodeEncodeError:
                 e_dict = {'password': _('Invalid characters in password')}
                 raise formencode.Invalid('', value, state, error_dict=e_dict)
         if value.get('password_confirmation'):
             try:
                 value['password_confirmation'] = \
                     get_crypt_password(value['password_confirmation'])
             except UnicodeEncodeError:
                 e_dict = {
                     'password_confirmation': _('Invalid characters in password')
+                }
                 raise formencode.Invalid('', value, state, error_dict=e_dict)
         if value.get('new_password'):
             try:
                 value['new_password'] = \
                     get_crypt_password(value['new_password'])
             except UnicodeEncodeError:
                 e_dict = {'new_password': _('Invalid characters in password')}
                 raise formencode.Invalid('', value, state, error_dict=e_dict)
         return value
 class ValidPasswordsMatch(formencode.validators.FancyValidator):
     def validate_python(self, value, state):
         pass_val = value.get('password') or value.get('new_password')
         if pass_val != value['password_confirmation']:
             e_dict = {'password_confirmation':
                    _('Passwords do not match')}
             raise formencode.Invalid('', value, state, error_dict=e_dict)
 class ValidAuth(formencode.validators.FancyValidator):
     messages = {
         'invalid_password':_('invalid password'),
         'invalid_login':_('invalid user name'),
         'disabled_account':_('Your account is disabled')
+    }
     # error mapping
     e_dict = {'username': messages['invalid_login'],
               'password': messages['invalid_password']}
     e_dict_disable = {'username': messages['disabled_account']}
     def validate_python(self, value, state):
         password = value['password']
         username = value['username']
         user = User.get_by_username(username)
         if authenticate(username, password):
             return value
         else:
             if user and user.active is False:
                 log.warning('user %s is disabled' % username)
                 raise formencode.Invalid(
                     self.message('disabled_account',
                     state=State_obj),
                     value, state,
                     error_dict=self.e_dict_disable
+                )
             else:
                 log.warning('user %s failed to authenticate' % username)
                 raise formencode.Invalid(
                     self.message('invalid_password',
                     state=State_obj), value, state,
                     error_dict=self.e_dict
+                )
 class ValidRepoUser(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         try:
             User.query().filter(User.active == True)\
                 .filter(User.username == value).one()
         except Exception:
             raise formencode.Invalid(_('This username is not valid'),
                                      value, state)
         return value
 def ValidRepoName(edit, old_data):
     class _ValidRepoName(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             repo_name = value.get('repo_name')
             slug = repo_name_slug(repo_name)
             if slug in [ADMIN_PREFIX, '']:
                 e_dict = {'repo_name': _('This repository name is disallowed')}
                 raise formencode.Invalid('', value, state, error_dict=e_dict)
             if value.get('repo_group'):
                 gr = RepoGroup.get(value.get('repo_group'))
                 group_path = gr.full_path
                 # value needs to be aware of group name in order to check
                 # db key This is an actual just the name to store in the
                 # database
                 repo_name_full = group_path + RepoGroup.url_sep() + repo_name
             else:
                 group_path = ''
                 repo_name_full = repo_name
             value['repo_name_full'] = repo_name_full
             rename = old_data.get('repo_name') != repo_name_full
             create = not edit
             if  rename or create:
                 if group_path != '':
                     if Repository.get_by_repo_name(repo_name_full):
                         e_dict = {
                             'repo_name': _('This repository already exists in '
                                            'a group "%s"') % gr.group_name
+                        }
                         raise formencode.Invalid('', value, state,
                                                  error_dict=e_dict)
                 elif RepoGroup.get_by_group_name(repo_name_full):
                         e_dict = {
                             'repo_name': _('There is a group with this name '
                                            'already "%s"') % repo_name_full
+                        }
                         raise formencode.Invalid('', value, state,
                                                  error_dict=e_dict)
                 elif Repository.get_by_repo_name(repo_name_full):
                         e_dict = {'repo_name': _('This repository '
                                                 'already exists')}
                         raise formencode.Invalid('', value, state,
                                                  error_dict=e_dict)
             return value
     return _ValidRepoName
 def ValidForkName(*args, **kwargs):
     return ValidRepoName(*args, **kwargs)
 def SlugifyName():
     class _SlugifyName(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             return repo_name_slug(value)
     return _SlugifyName
 def ValidCloneUri():
     from rhodecode.lib.utils import make_ui
     def url_handler(repo_type, url, proto, ui=None):
         if repo_type == 'hg':
             from mercurial.httprepo import httprepository, httpsrepository
             if proto == 'https':
                 httpsrepository(make_ui('db'), url).capabilities
             elif proto == 'http':
                 httprepository(make_ui('db'), url).capabilities
         elif repo_type == 'git':
             #TODO: write a git url validator
             pass
     class _ValidCloneUri(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             repo_type = value.get('repo_type')
             url = value.get('clone_uri')
             e_dict = {'clone_uri': _('invalid clone url')}
             if not url:
                 pass
             elif url.startswith('https'):
                 try:
                     url_handler(repo_type, url, 'https', make_ui('db'))
                 except Exception:
                     log.error(traceback.format_exc())
                     raise formencode.Invalid('', value, state, error_dict=e_dict)
             elif url.startswith('http'):
                 try:
                     url_handler(repo_type, url, 'http', make_ui('db'))
                 except Exception:
                     log.error(traceback.format_exc())
                     raise formencode.Invalid('', value, state, error_dict=e_dict)
             else:
                 e_dict = {'clone_uri': _('Invalid clone url, provide a '
                                          'valid clone http\s url')}
                 raise formencode.Invalid('', value, state, error_dict=e_dict)
             return value
     return _ValidCloneUri
 def ValidForkType(old_data):
     class _ValidForkType(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             if old_data['repo_type'] != value:
                 raise formencode.Invalid(_('Fork have to be the same '
                                            'type as original'), value, state)
             return value
     return _ValidForkType
 def ValidPerms(type_='repo'):
     if type_ == 'group':
         EMPTY_PERM = 'group.none'
     elif type_ == 'repo':
         EMPTY_PERM = 'repository.none'
     class _ValidPerms(formencode.validators.FancyValidator):
         messages = {
             'perm_new_member_name':
                 _('This username or users group name is not valid')
+        }
         def to_python(self, value, state):
             perms_update = []
             perms_new = []
             # build a list of permission to update and new permission to create
             for k, v in value.items():
                 # means new added member to permissions
                 if k.startswith('perm_new_member'):
                     new_perm = value.get('perm_new_member', False)
                     new_member = value.get('perm_new_member_name', False)
                     new_type = value.get('perm_new_member_type')
                     if new_member and new_perm:
                         if (new_member, new_perm, new_type) not in perms_new:
                             perms_new.append((new_member, new_perm, new_type))
                 elif k.startswith('u_perm_') or k.startswith('g_perm_'):
                     member = k[7:]
                     t = {'u': 'user',
                          'g': 'users_group'
                     }[k[0]]
                     if member == 'default':
                         if value.get('private'):
                             # set none for default when updating to private repo
                             v = EMPTY_PERM
                     perms_update.append((member, v, t))
             value['perms_updates'] = perms_update
             value['perms_new'] = perms_new
             # update permissions
             for k, v, t in perms_new:
                 try:
                     if t is 'user':
                         self.user_db = User.query()\
                             .filter(User.active == True)\
                             .filter(User.username == k).one()
                     if t is 'users_group':
                         self.user_db = UsersGroup.query()\
                             .filter(UsersGroup.users_group_active == True)\
                             .filter(UsersGroup.users_group_name == k).one()
                 except Exception:
                     msg = self.message('perm_new_member_name',
                                          state=State_obj)
                     raise formencode.Invalid(
                         msg, value, state, error_dict={'perm_new_member_name': msg}
+                    )
             return value
     return _ValidPerms
 class ValidSettings(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         # settings  form can't edit user
         if 'user' in value:
             del['value']['user']
         return value
 class ValidPath(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         if not os.path.isdir(value):
             msg = _('This is not a valid path')
             raise formencode.Invalid(msg, value, state,
                                      error_dict={'paths_root_path': msg})
         return value
 def UniqSystemEmail(old_data):
     class _UniqSystemEmail(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             value = value.lower()
             if (old_data.get('email') or '').lower() != value:
                 user = User.get_by_email(value, case_insensitive=True)
                 if user:
                     raise formencode.Invalid(
                         _("This e-mail address is already taken"), value, state
+                    )
             return value
     return _UniqSystemEmail
 class ValidSystemEmail(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         value = value.lower()
         user = User.get_by_email(value, case_insensitive=True)
         if  user is None:
             raise formencode.Invalid(
                 _("This e-mail address doesn't exist."), value, state
+            )
         return value
 class LdapLibValidator(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         try:
             import ldap
         except ImportError:
             raise LdapImportError
         return value
 class AttrLoginValidator(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         if not value or not isinstance(value, (str, unicode)):
             raise formencode.Invalid(
                 _("The LDAP Login attribute of the CN must be specified - "
                   "this is the name of the attribute that is equivalent "
                   "to 'username'"), value, state
+            )
         return value
 #==============================================================================
 # FORMS
 #==============================================================================
 class LoginForm(formencode.Schema):
     allow_extra_fields = True
     filter_extra_fields = True
     username = UnicodeString(
+    username = v.UnicodeString(
         strip=True,
         min=1,
         not_empty=True,
         messages={
            'empty': _('Please enter a login'),
            'tooShort': _('Enter a value %(min)i characters long or more')}
            'empty': _(u'Please enter a login'),
            'tooShort': _(u'Enter a value %(min)i characters long or more')}
+    )
     password = UnicodeString(
+    password = v.UnicodeString(
         strip=False,
         min=3,
         not_empty=True,
         messages={
             'empty': _('Please enter a password'),
             'tooShort': _('Enter %(min)i characters or more')}
             'empty': _(u'Please enter a password'),
             'tooShort': _(u'Enter %(min)i characters or more')}
+    )
     remember = StringBoolean(if_missing=False)
+    remember = v.StringBoolean(if_missing=False)
     chained_validators = [ValidAuth]
+    chained_validators = [v.ValidAuth()]
 def UserForm(edit=False, old_data={}):
     class _UserForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(UnicodeString(strip=True, min=1, not_empty=True),
                        ValidUsername(edit, old_data))
         username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                        v.ValidUsername(edit, old_data))
         if edit:
             new_password = All(UnicodeString(strip=False, min=6, not_empty=False))
             password_confirmation = All(UnicodeString(strip=False, min=6,
                                                       not_empty=False))
             admin = StringBoolean(if_missing=False)
             new_password = All(
                 v.UnicodeString(strip=False, min=6, not_empty=False)
+            )
             password_confirmation = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=False),
+            )
             admin = v.StringBoolean(if_missing=False)
         else:
             password = All(UnicodeString(strip=False, min=6, not_empty=True))
             password_confirmation = All(UnicodeString(strip=False, min=6,
                                                       not_empty=False))
             password = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=True)
+            )
             password_confirmation = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=False)
+            )
         active = StringBoolean(if_missing=False)
         name = UnicodeString(strip=True, min=1, not_empty=False)
         lastname = UnicodeString(strip=True, min=1, not_empty=False)
         email = All(Email(not_empty=True), UniqSystemEmail(old_data))
         active = v.StringBoolean(if_missing=False)
         name = v.UnicodeString(strip=True, min=1, not_empty=False)
         lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
         email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
-        chained_validators = [ValidPasswordsMatch, ValidPassword]
+        chained_validators = [v.ValidPasswordsMatch()]
     return _UserForm
 def UsersGroupForm(edit=False, old_data={}, available_members=[]):
     class _UsersGroupForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                        ValidUsersGroup(edit, old_data))
         users_group_name = All(
             v.UnicodeString(strip=True, min=1, not_empty=True),
             v.ValidUsersGroup(edit, old_data)
+        )
         users_group_active = StringBoolean(if_missing=False)
+        users_group_active = v.StringBoolean(if_missing=False)
         if edit:
             users_group_members = OneOf(available_members, hideList=False,
                                         testValueList=True,
                                         if_missing=None, not_empty=False)
             users_group_members = v.OneOf(
                 available_members, hideList=False, testValueList=True,
                 if_missing=None, not_empty=False
+            )
     return _UsersGroupForm
 def ReposGroupForm(edit=False, old_data={}, available_groups=[]):
     class _ReposGroupForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         group_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                                SlugifyName())
         group_description = UnicodeString(strip=True, min=1,
         group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                v.SlugifyName())
         group_description = v.UnicodeString(strip=True, min=1,
                                                 not_empty=True)
         group_parent_id = OneOf(available_groups, hideList=False,
+        group_parent_id = v.OneOf(available_groups, hideList=False,
                                         testValueList=True,
                                         if_missing=None, not_empty=False)
         chained_validators = [ValidReposGroup(edit, old_data), ValidPerms('group')]
         chained_validators = [v.ValidReposGroup(edit, old_data),
                               v.ValidPerms('group')]
     return _ReposGroupForm
 def RegisterForm(edit=False, old_data={}):
     class _RegisterForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(ValidUsername(edit, old_data),
                        UnicodeString(strip=True, min=1, not_empty=True))
         password = All(UnicodeString(strip=False, min=6, not_empty=True))
         password_confirmation = All(UnicodeString(strip=False, min=6, not_empty=True))
         active = StringBoolean(if_missing=False)
         name = UnicodeString(strip=True, min=1, not_empty=False)
         lastname = UnicodeString(strip=True, min=1, not_empty=False)
         email = All(Email(not_empty=True), UniqSystemEmail(old_data))
         username = All(
             v.ValidUsername(edit, old_data),
             v.UnicodeString(strip=True, min=1, not_empty=True)
+        )
         password = All(
             v.ValidPassword(),
             v.UnicodeString(strip=False, min=6, not_empty=True)
+        )
         password_confirmation = All(
             v.ValidPassword(),
             v.UnicodeString(strip=False, min=6, not_empty=True)
+        )
         active = v.StringBoolean(if_missing=False)
         name = v.UnicodeString(strip=True, min=1, not_empty=False)
         lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
         email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
-        chained_validators = [ValidPasswordsMatch, ValidPassword]
+        chained_validators = [v.ValidPasswordsMatch()]
     return _RegisterForm
 def PasswordResetForm():
     class _PasswordResetForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         email = All(ValidSystemEmail(), Email(not_empty=True))
+        email = All(v.ValidSystemEmail(), v.Email(not_empty=True))
     return _PasswordResetForm
 def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
              repo_groups=[], landing_revs=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         clone_uri = All(UnicodeString(strip=True, min=1, not_empty=False))
         repo_group = OneOf(repo_groups, hideList=True)
         repo_type = OneOf(supported_backends)
         description = UnicodeString(strip=True, min=1, not_empty=False)
         private = StringBoolean(if_missing=False)
         enable_statistics = StringBoolean(if_missing=False)
         enable_downloads = StringBoolean(if_missing=False)
         landing_rev = OneOf(landing_revs, hideList=True)
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_type = v.OneOf(supported_backends)
         description = v.UnicodeString(strip=True, min=1, not_empty=False)
         private = v.StringBoolean(if_missing=False)
         enable_statistics = v.StringBoolean(if_missing=False)
         enable_downloads = v.StringBoolean(if_missing=False)
         landing_rev = v.OneOf(landing_revs, hideList=True)
         if edit:
             #this is repo owner
             user = All(UnicodeString(not_empty=True), ValidRepoUser)
+            user = All(v.UnicodeString(not_empty=True), v.ValidRepoUser())
         chained_validators = [ValidCloneUri()(),
                               ValidRepoName(edit, old_data),
                               ValidPerms()]
         chained_validators = [v.ValidCloneUri(),
                               v.ValidRepoName(edit, old_data),
                               v.ValidPerms()]
     return _RepoForm
 def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                  repo_groups=[]):
     class _RepoForkForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         repo_group = OneOf(repo_groups, hideList=True)
         repo_type = All(ValidForkType(old_data), OneOf(supported_backends))
         description = UnicodeString(strip=True, min=1, not_empty=True)
         private = StringBoolean(if_missing=False)
         copy_permissions = StringBoolean(if_missing=False)
         update_after_clone = StringBoolean(if_missing=False)
         fork_parent_id = UnicodeString()
         chained_validators = [ValidForkName(edit, old_data)]
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         private = v.StringBoolean(if_missing=False)
         copy_permissions = v.StringBoolean(if_missing=False)
         update_after_clone = v.StringBoolean(if_missing=False)
         fork_parent_id = v.UnicodeString()
         chained_validators = [v.ValidForkName(edit, old_data)]
     return _RepoForkForm
 def RepoSettingsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                      repo_groups=[], landing_revs=[]):
 def RepoSettingsForm(edit=False, old_data={},
                      supported_backends=BACKENDS.keys(), repo_groups=[],
                      landing_revs=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         description = UnicodeString(strip=True, min=1, not_empty=True)
         repo_group = OneOf(repo_groups, hideList=True)
         private = StringBoolean(if_missing=False)
         landing_rev = OneOf(landing_revs, hideList=True)
         chained_validators = [ValidRepoName(edit, old_data), ValidPerms(),
                               ValidSettings]
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         repo_group = v.OneOf(repo_groups, hideList=True)
         private = v.StringBoolean(if_missing=False)
         landing_rev = v.OneOf(landing_revs, hideList=True)
         chained_validators = [v.ValidRepoName(edit, old_data), v.ValidPerms(),
                               v.ValidSettings()]
     return _RepoForm
 def ApplicationSettingsForm():
     class _ApplicationSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         rhodecode_title = UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_realm = UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_ga_code = UnicodeString(strip=True, min=1, not_empty=False)
         rhodecode_title = v.UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_ga_code = v.UnicodeString(strip=True, min=1, not_empty=False)
     return _ApplicationSettingsForm
 def ApplicationUiSettingsForm():
     class _ApplicationUiSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         web_push_ssl = OneOf(['true', 'false'], if_missing='false')
         paths_root_path = All(ValidPath(), UnicodeString(strip=True, min=1, not_empty=True))
         hooks_changegroup_update = OneOf(['True', 'False'], if_missing=False)
         hooks_changegroup_repo_size = OneOf(['True', 'False'], if_missing=False)
         hooks_changegroup_push_logger = OneOf(['True', 'False'], if_missing=False)
         hooks_preoutgoing_pull_logger = OneOf(['True', 'False'], if_missing=False)
         web_push_ssl = v.OneOf(['true', 'false'], if_missing='false')
         paths_root_path = All(
             v.ValidPath(),
             v.UnicodeString(strip=True, min=1, not_empty=True)
+        )
         hooks_changegroup_update = v.OneOf(['True', 'False'],
                                            if_missing=False)
         hooks_changegroup_repo_size = v.OneOf(['True', 'False'],
                                               if_missing=False)
         hooks_changegroup_push_logger = v.OneOf(['True', 'False'],
                                                 if_missing=False)
         hooks_preoutgoing_pull_logger = v.OneOf(['True', 'False'],
                                                 if_missing=False)
     return _ApplicationUiSettingsForm
 def DefaultPermissionsForm(perms_choices, register_choices, create_choices):
     class _DefaultPermissionsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         overwrite_default = StringBoolean(if_missing=False)
         anonymous = OneOf(['True', 'False'], if_missing=False)
         default_perm = OneOf(perms_choices)
         default_register = OneOf(register_choices)
         default_create = OneOf(create_choices)
         overwrite_default = v.StringBoolean(if_missing=False)
         anonymous = v.OneOf(['True', 'False'], if_missing=False)
         default_perm = v.OneOf(perms_choices)
         default_register = v.OneOf(register_choices)
         default_create = v.OneOf(create_choices)
     return _DefaultPermissionsForm
 def LdapSettingsForm(tls_reqcert_choices, search_scope_choices, tls_kind_choices):
 def LdapSettingsForm(tls_reqcert_choices, search_scope_choices,
                      tls_kind_choices):
     class _LdapSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         #pre_validators = [LdapLibValidator]
         ldap_active = StringBoolean(if_missing=False)
         ldap_host = UnicodeString(strip=True,)
         ldap_port = Number(strip=True,)
         ldap_tls_kind = OneOf(tls_kind_choices)
         ldap_tls_reqcert = OneOf(tls_reqcert_choices)
         ldap_dn_user = UnicodeString(strip=True,)
         ldap_dn_pass = UnicodeString(strip=True,)
         ldap_base_dn = UnicodeString(strip=True,)
         ldap_filter = UnicodeString(strip=True,)
         ldap_search_scope = OneOf(search_scope_choices)
         ldap_attr_login = All(AttrLoginValidator, UnicodeString(strip=True,))
         ldap_attr_firstname = UnicodeString(strip=True,)
         ldap_attr_lastname = UnicodeString(strip=True,)
         ldap_attr_email = UnicodeString(strip=True,)
         ldap_active = v.StringBoolean(if_missing=False)
         ldap_host = v.UnicodeString(strip=True,)
         ldap_port = v.Number(strip=True,)
         ldap_tls_kind = v.OneOf(tls_kind_choices)
         ldap_tls_reqcert = v.OneOf(tls_reqcert_choices)
         ldap_dn_user = v.UnicodeString(strip=True,)
         ldap_dn_pass = v.UnicodeString(strip=True,)
         ldap_base_dn = v.UnicodeString(strip=True,)
         ldap_filter = v.UnicodeString(strip=True,)
         ldap_search_scope = v.OneOf(search_scope_choices)
         ldap_attr_login = All(
             v.AttrLoginValidator(),
             v.UnicodeString(strip=True,)
+        )
         ldap_attr_firstname = v.UnicodeString(strip=True,)
         ldap_attr_lastname = v.UnicodeString(strip=True,)
         ldap_attr_email = v.UnicodeString(strip=True,)
     return _LdapSettingsForm

rhodecode/model/repos_group.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.user_group
     ~~~~~~~~~~~~~~~~~~~~~~~~~~
     users groups model for RhodeCode
     :created_on: Jan 25, 2011
     :author: marcink
     :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import logging
 import traceback
 import shutil
 from rhodecode.lib.utils2 import LazyProperty
 from rhodecode.model import BaseModel
 from rhodecode.model.db import RepoGroup, RhodeCodeUi, UserRepoGroupToPerm, \
     User, Permission, UsersGroupRepoGroupToPerm, UsersGroup
 log = logging.getLogger(__name__)
 class ReposGroupModel(BaseModel):
     def __get_users_group(self, users_group):
         return self._get_instance(UsersGroup, users_group,
                                   callback=UsersGroup.get_by_group_name)
     def __get_repos_group(self, repos_group):
         return self._get_instance(RepoGroup, repos_group,
                                   callback=RepoGroup.get_by_group_name)
     @LazyProperty
     def repos_path(self):
         """
         Get's the repositories root path from database
         """
         q = RhodeCodeUi.get_by_key('/').one()
         return q.ui_value
     def _create_default_perms(self, new_group):
         # create default permission
         repo_group_to_perm = UserRepoGroupToPerm()
         default_perm = 'group.read'
         for p in User.get_by_username('default').user_perms:
             if p.permission.permission_name.startswith('group.'):
                 default_perm = p.permission.permission_name
                 break
         repo_group_to_perm.permission_id = self.sa.query(Permission)\
                 .filter(Permission.permission_name == default_perm)\
                 .one().permission_id
         repo_group_to_perm.group = new_group
         repo_group_to_perm.user_id = User.get_by_username('default').user_id
         self.sa.add(repo_group_to_perm)
     def __create_group(self, group_name):
         """
         makes repositories group on filesystem
         :param repo_name:
         :param parent_id:
         """
         create_path = os.path.join(self.repos_path, group_name)
         log.debug('creating new group in %s' % create_path)
         if os.path.isdir(create_path):
             raise Exception('That directory already exists !')
         os.makedirs(create_path)
     def __rename_group(self, old, new):
         """
         Renames a group on filesystem
         :param group_name:
         """
         if old == new:
             log.debug('skipping group rename')
             return
         log.debug('renaming repos group from %s to %s' % (old, new))
         old_path = os.path.join(self.repos_path, old)
         new_path = os.path.join(self.repos_path, new)
         log.debug('renaming repos paths from %s to %s' % (old_path, new_path))
         if os.path.isdir(new_path):
             raise Exception('Was trying to rename to already '
                             'existing dir %s' % new_path)
         shutil.move(old_path, new_path)
     def __delete_group(self, group):
         """
         Deletes a group from a filesystem
         :param group: instance of group from database
         """
         paths = group.full_path.split(RepoGroup.url_sep())
         paths = os.sep.join(paths)
         rm_path = os.path.join(self.repos_path, paths)
         if os.path.isdir(rm_path):
             # delete only if that path really exists
             os.rmdir(rm_path)
     def create(self, group_name, group_description, parent, just_db=False):
         try:
             new_repos_group = RepoGroup()
             new_repos_group.group_description = group_description
             new_repos_group.parent_group = self.__get_repos_group(parent)
             new_repos_group.group_name = new_repos_group.get_new_name(group_name)
             self.sa.add(new_repos_group)
             self._create_default_perms(new_repos_group)
             if not just_db:
                 # we need to flush here, in order to check if database won't
                 # throw any exceptions, create filesystem dirs at the very end
                 self.sa.flush()
                 self.__create_group(new_repos_group.group_name)
             return new_repos_group
         except:
             log.error(traceback.format_exc())
             raise
     def update(self, repos_group_id, form_data):
         try:
             repos_group = RepoGroup.get(repos_group_id)
             # update permissions
             for member, perm, member_type in form_data['perms_updates']:
                 if member_type == 'user':
                     # this updates also current one if found
                     ReposGroupModel().grant_user_permission(
                         repos_group=repos_group, user=member, perm=perm
+                    )
                 else:
                     ReposGroupModel().grant_users_group_permission(
                         repos_group=repos_group, group_name=member, perm=perm
+                    )
             # set new permissions
             for member, perm, member_type in form_data['perms_new']:
                 if member_type == 'user':
                     ReposGroupModel().grant_user_permission(
                         repos_group=repos_group, user=member, perm=perm
+                    )
                 else:
                     ReposGroupModel().grant_users_group_permission(
                         repos_group=repos_group, group_name=member, perm=perm
+                    )
             old_path = repos_group.full_path
             # change properties
             repos_group.group_description = form_data['group_description']
             repos_group.parent_group = RepoGroup.get(form_data['group_parent_id'])
             repos_group.group_parent_id = form_data['group_parent_id']
             repos_group.group_name = repos_group.get_new_name(form_data['group_name'])
             new_path = repos_group.full_path
             self.sa.add(repos_group)
             # we need to get all repositories from this new group and
             # rename them accordingly to new group path
             for r in repos_group.repositories:
                 r.repo_name = r.get_new_name(r.just_name)
                 self.sa.add(r)
             self.__rename_group(old_path, new_path)
             return repos_group
         except:
             log.error(traceback.format_exc())
             raise
     def delete(self, users_group_id):
     def delete(self, repos_group):
         repos_group = self.__get_repos_group(repos_group)
         try:
             users_group = RepoGroup.get(users_group_id)
             self.sa.delete(users_group)
             self.__delete_group(users_group)
             self.sa.delete(repos_group)
             self.__delete_group(repos_group)
         except:
-            log.error(traceback.format_exc())
+            log.exception('Error removing repos_group %s' % repos_group)
             raise
     def grant_user_permission(self, repos_group, user, perm):
         """
         Grant permission for user on given repositories group, or update
         existing one if found
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param user: Instance of User, user_id or username
         :param perm: Instance of Permission, or permission_name
         """
         repos_group = self.__get_repos_group(repos_group)
         user = self._get_user(user)
         permission = self._get_perm(perm)
         # check if we have that permission already
         obj = self.sa.query(UserRepoGroupToPerm)\
             .filter(UserRepoGroupToPerm.user == user)\
             .filter(UserRepoGroupToPerm.group == repos_group)\
             .scalar()
         if obj is None:
             # create new !
             obj = UserRepoGroupToPerm()
         obj.group = repos_group
         obj.user = user
         obj.permission = permission
         self.sa.add(obj)
     def revoke_user_permission(self, repos_group, user):
         """
         Revoke permission for user on given repositories group
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param user: Instance of User, user_id or username
         """
         repos_group = self.__get_repos_group(repos_group)
         user = self._get_user(user)
         obj = self.sa.query(UserRepoGroupToPerm)\
             .filter(UserRepoGroupToPerm.user == user)\
             .filter(UserRepoGroupToPerm.group == repos_group)\
             .one()
         self.sa.delete(obj)
     def grant_users_group_permission(self, repos_group, group_name, perm):
         """
         Grant permission for users group on given repositories group, or update
         existing one if found
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param group_name: Instance of UserGroup, users_group_id,
             or users group name
         :param perm: Instance of Permission, or permission_name
         """
         repos_group = self.__get_repos_group(repos_group)
         group_name = self.__get_users_group(group_name)
         permission = self._get_perm(perm)
         # check if we have that permission already
         obj = self.sa.query(UsersGroupRepoGroupToPerm)\
             .filter(UsersGroupRepoGroupToPerm.group == repos_group)\
             .filter(UsersGroupRepoGroupToPerm.users_group == group_name)\
             .scalar()
         if obj is None:
             # create new
             obj = UsersGroupRepoGroupToPerm()
         obj.group = repos_group
         obj.users_group = group_name
         obj.permission = permission
         self.sa.add(obj)
     def revoke_users_group_permission(self, repos_group, group_name):
         """
         Revoke permission for users group on given repositories group
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param group_name: Instance of UserGroup, users_group_id,
             or users group name
         """
         repos_group = self.__get_repos_group(repos_group)
         group_name = self.__get_users_group(group_name)
         obj = self.sa.query(UsersGroupRepoGroupToPerm)\
             .filter(UsersGroupRepoGroupToPerm.group == repos_group)\
             .filter(UsersGroupRepoGroupToPerm.users_group == group_name)\
             .one()
         self.sa.delete(obj)

rhodecode/model/user.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.user
     ~~~~~~~~~~~~~~~~~~~~
     users model for RhodeCode
     :created_on: Apr 9, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from pylons import url
 from pylons.i18n.translation import _
 from rhodecode.lib.utils2 import safe_unicode, generate_api_key
 from rhodecode.lib.caching_query import FromCache
 from rhodecode.model import BaseModel
 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \
     UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember, \
     Notification, RepoGroup, UserRepoGroupToPerm, UsersGroupRepoGroupToPerm, \
     UserEmailMap
 from rhodecode.lib.exceptions import DefaultUserException, \
     UserOwnsReposException
 from sqlalchemy.exc import DatabaseError
 from sqlalchemy.orm import joinedload
 log = logging.getLogger(__name__)
 PERM_WEIGHTS = {
     'repository.none': 0,
     'repository.read': 1,
     'repository.write': 3,
     'repository.admin': 4,
     'group.none': 0,
     'group.read': 1,
     'group.write': 3,
     'group.admin': 4,
+}
 class UserModel(BaseModel):
     def get(self, user_id, cache=False):
         user = self.sa.query(User)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % user_id))
         return user.get(user_id)
     def get_user(self, user):
         return self._get_user(user)
     def get_by_username(self, username, cache=False, case_insensitive=False):
         if case_insensitive:
             user = self.sa.query(User).filter(User.username.ilike(username))
         else:
             user = self.sa.query(User)\
                 .filter(User.username == username)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % username))
         return user.scalar()
     def get_by_api_key(self, api_key, cache=False):
         return User.get_by_api_key(api_key, cache)
     def create(self, form_data):
         from rhodecode.lib.auth import get_crypt_password
         try:
             new_user = User()
             for k, v in form_data.items():
                 if k == 'password':
                     v = get_crypt_password(v)
                 setattr(new_user, k, v)
             new_user.api_key = generate_api_key(form_data['username'])
             self.sa.add(new_user)
             return new_user
         except:
             log.error(traceback.format_exc())
             raise
     def create_or_update(self, username, password, email, name, lastname,
                          active=True, admin=False, ldap_dn=None):
         """
         Creates a new instance if not found, or updates current one
         :param username:
         :param password:
         :param email:
         :param active:
         :param name:
         :param lastname:
         :param active:
         :param admin:
         :param ldap_dn:
         """
         from rhodecode.lib.auth import get_crypt_password
         log.debug('Checking for %s account in RhodeCode database' % username)
         user = User.get_by_username(username, case_insensitive=True)
         if user is None:
             log.debug('creating new user %s' % username)
             new_user = User()
         else:
             log.debug('updating user %s' % username)
             new_user = user
         try:
             new_user.username = username
             new_user.admin = admin
             new_user.password = get_crypt_password(password)
             new_user.api_key = generate_api_key(username)
             new_user.email = email
             new_user.active = active
             new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None
             new_user.name = name
             new_user.lastname = lastname
             self.sa.add(new_user)
             return new_user
         except (DatabaseError,):
             log.error(traceback.format_exc())
             raise
     def create_for_container_auth(self, username, attrs):
         """
         Creates the given user if it's not already in the database
         :param username:
         :param attrs:
         """
         if self.get_by_username(username, case_insensitive=True) is None:
             # autogenerate email for container account without one
             generate_email = lambda usr: '%s@container_auth.account' % usr
             try:
                 new_user = User()
                 new_user.username = username
                 new_user.password = None
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = attrs.get('active', True)
                 new_user.name = attrs['name'] or generate_email(username)
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('User %s already exists. Skipping creation of account'
                   ' for container auth.', username)
         return None
     def create_ldap(self, username, password, user_dn, attrs):
         """
         Checks if user is in database, if not creates this user marked
         as ldap user
         :param username:
         :param password:
         :param user_dn:
         :param attrs:
         """
         from rhodecode.lib.auth import get_crypt_password
         log.debug('Checking for such ldap account in RhodeCode database')
         if self.get_by_username(username, case_insensitive=True) is None:
             # autogenerate email for ldap account without one
             generate_email = lambda usr: '%s@ldap.account' % usr
             try:
                 new_user = User()
                 username = username.lower()
                 # add ldap account always lowercase
                 new_user.username = username
                 new_user.password = get_crypt_password(password)
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email'] or generate_email(username)
                 new_user.active = attrs.get('active', True)
                 new_user.ldap_dn = safe_unicode(user_dn)
                 new_user.name = attrs['name']
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('this %s user exists skipping creation of ldap account',
                   username)
         return None
     def create_registration(self, form_data):
         from rhodecode.model.notification import NotificationModel
         try:
             form_data['admin'] = False
             new_user = self.create(form_data)
             self.sa.add(new_user)
             self.sa.flush()
             # notification to admins
             subject = _('new user registration')
             body = ('New user registration\n'
                     '---------------------\n'
                     '- Username: %s\n'
                     '- Full Name: %s\n'
                     '- Email: %s\n')
             body = body % (new_user.username, new_user.full_name,
                            new_user.email)
             edit_url = url('edit_user', id=new_user.user_id, qualified=True)
             kw = {'registered_user_url': edit_url}
             NotificationModel().create(created_by=new_user, subject=subject,
                                        body=body, recipients=None,
                                        type_=Notification.TYPE_REGISTRATION,
                                        email_kwargs=kw)
         except:
             log.error(traceback.format_exc())
             raise
     def update(self, user_id, form_data):
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
             for k, v in form_data.items():
                 if k == 'new_password' and v != '':
                     user.password = v
                     user.api_key = generate_api_key(user.username)
                 else:
                     setattr(user, k, v)
             self.sa.add(user)
         except:
             log.error(traceback.format_exc())
             raise
     def update_my_account(self, user_id, form_data):
         from rhodecode.lib.auth import get_crypt_password
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
                       " crucial for entire application")
+                )
             for k, v in form_data.items():
                 if k == 'new_password' and v != '':
                     user.password = v
+                    user.password = get_crypt_password(v)
                     user.api_key = generate_api_key(user.username)
                 else:
                     if k not in ['admin', 'active']:
                         setattr(user, k, v)
             self.sa.add(user)
         except:
             log.error(traceback.format_exc())
             raise
     def delete(self, user):
         user = self._get_user(user)
         try:
             if user.username == 'default':
                 raise DefaultUserException(
                     _(u"You can't remove this user since it's"
                       " crucial for entire application")
+                )
             if user.repositories:
                 repos = [x.repo_name for x in user.repositories]
                 raise UserOwnsReposException(
                     _(u'user "%s" still owns %s repositories and cannot be '
                       'removed. Switch owners or remove those repositories. %s')
                     % (user.username, len(repos), ', '.join(repos))
+                )
             self.sa.delete(user)
         except:
             log.error(traceback.format_exc())
             raise
     def reset_password_link(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.send_password_link, data['email'])
     def reset_password(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.reset_user_password, data['email'])
     def fill_data(self, auth_user, user_id=None, api_key=None):
         """
         Fetches auth_user by user_id,or api_key if present.
         Fills auth_user attributes with those taken from database.
         Additionally set's is_authenitated if lookup fails
         present in database
         :param auth_user: instance of user to set attributes
         :param user_id: user id to fetch by
         :param api_key: api key to fetch by
         """
         if user_id is None and api_key is None:
             raise Exception('You need to pass user_id or api_key')
         try:
             if api_key:
                 dbuser = self.get_by_api_key(api_key)
             else:
                 dbuser = self.get(user_id)
             if dbuser is not None and dbuser.active:
                 log.debug('filling %s data' % dbuser)
                 for k, v in dbuser.get_dict().items():
                     setattr(auth_user, k, v)
             else:
                 return False
         except:
             log.error(traceback.format_exc())
             auth_user.is_authenticated = False
             return False
         return True
     def fill_perms(self, user):
         """
         Fills user permission attribute with permissions taken from database
         works for permissions given for repositories, and for permissions that
         are granted to groups
         :param user: user instance to fill his perms
         """
         RK = 'repositories'
         GK = 'repositories_groups'
         GLOBAL = 'global'
         user.permissions[RK] = {}
         user.permissions[GK] = {}
         user.permissions[GLOBAL] = set()
         #======================================================================
         # fetch default permissions
         #======================================================================
         default_user = User.get_by_username('default', cache=True)
         default_user_id = default_user.user_id
         default_repo_perms = Permission.get_default_perms(default_user_id)
         default_repo_groups_perms = Permission.get_default_group_perms(default_user_id)
         if user.is_admin:
             #==================================================================
             # admin user have all default rights for repositories
             # and groups set to admin
             #==================================================================
             user.permissions[GLOBAL].add('hg.admin')
             # repositories
             for perm in default_repo_perms:
                 r_k = perm.UserRepoToPerm.repository.repo_name
                 p = 'repository.admin'
                 user.permissions[RK][r_k] = p
             # repositories groups
             for perm in default_repo_groups_perms:
                 rg_k = perm.UserRepoGroupToPerm.group.group_name
                 p = 'group.admin'
                 user.permissions[GK][rg_k] = p
             return user
         #==================================================================
         # set default permissions first for repositories and groups
         #==================================================================
         uid = user.user_id
         # default global permissions
         default_global_perms = self.sa.query(UserToPerm)\
             .filter(UserToPerm.user_id == default_user_id)
         for perm in default_global_perms:
             user.permissions[GLOBAL].add(perm.permission.permission_name)
         # defaults for repositories, taken from default user
         for perm in default_repo_perms:
             r_k = perm.UserRepoToPerm.repository.repo_name
             if perm.Repository.private and not (perm.Repository.user_id == uid):
                 # disable defaults for private repos,
                 p = 'repository.none'
             elif perm.Repository.user_id == uid:
                 # set admin if owner
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions[RK][r_k] = p
         # defaults for repositories groups taken from default user permission
         # on given group
         for perm in default_repo_groups_perms:
             rg_k = perm.UserRepoGroupToPerm.group.group_name
             p = perm.Permission.permission_name
             user.permissions[GK][rg_k] = p
         #==================================================================
         # overwrite defaults with user permissions if any found
         #==================================================================
         # user global permissions
         user_perms = self.sa.query(UserToPerm)\
                 .options(joinedload(UserToPerm.permission))\
                 .filter(UserToPerm.user_id == uid).all()
         for perm in user_perms:
             user.permissions[GLOBAL].add(perm.permission.permission_name)
         # user explicit permissions for repositories
         user_repo_perms = \
          self.sa.query(UserRepoToPerm, Permission, Repository)\
          .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
          .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
          .filter(UserRepoToPerm.user_id == uid)\
          .all()
         for perm in user_repo_perms:
             # set admin if owner
             r_k = perm.UserRepoToPerm.repository.repo_name
             if perm.Repository.user_id == uid:
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions[RK][r_k] = p
         # USER GROUP
         #==================================================================
         # check if user is part of user groups for this repository and
         # fill in (or replace with higher) permissions
         #==================================================================
         # users group global
         user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\
             .options(joinedload(UsersGroupToPerm.permission))\
             .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==
                    UsersGroupMember.users_group_id))\
             .filter(UsersGroupMember.user_id == uid).all()
         for perm in user_perms_from_users_groups:
             user.permissions[GLOBAL].add(perm.permission.permission_name)
         # users group for repositories permissions
         user_repo_perms_from_users_groups = \
          self.sa.query(UsersGroupRepoToPerm, Permission, Repository,)\
          .join((Repository, UsersGroupRepoToPerm.repository_id == Repository.repo_id))\
          .join((Permission, UsersGroupRepoToPerm.permission_id == Permission.permission_id))\
          .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id == UsersGroupMember.users_group_id))\
          .filter(UsersGroupMember.user_id == uid)\
          .all()
         for perm in user_repo_perms_from_users_groups:
             r_k = perm.UsersGroupRepoToPerm.repository.repo_name
             p = perm.Permission.permission_name
             cur_perm = user.permissions[RK][r_k]
             # overwrite permission only if it's greater than permission
             # given from other sources
             if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
                 user.permissions[RK][r_k] = p
         # REPO GROUP
         #==================================================================
         # get access for this user for repos group and override defaults
         #==================================================================
         # user explicit permissions for repository
         user_repo_groups_perms = \
          self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\
          .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
          .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
          .filter(UserRepoGroupToPerm.user_id == uid)\
          .all()
         for perm in user_repo_groups_perms:
             rg_k = perm.UserRepoGroupToPerm.group.group_name
             p = perm.Permission.permission_name
             cur_perm = user.permissions[GK][rg_k]
             if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
                 user.permissions[GK][rg_k] = p
         # REPO GROUP + USER GROUP
         #==================================================================
         # check if user is part of user groups for this repo group and
         # fill in (or replace with higher) permissions
         #==================================================================
         # users group for repositories permissions
         user_repo_group_perms_from_users_groups = \
          self.sa.query(UsersGroupRepoGroupToPerm, Permission, RepoGroup)\
          .join((RepoGroup, UsersGroupRepoGroupToPerm.group_id == RepoGroup.group_id))\
          .join((Permission, UsersGroupRepoGroupToPerm.permission_id == Permission.permission_id))\
          .join((UsersGroupMember, UsersGroupRepoGroupToPerm.users_group_id == UsersGroupMember.users_group_id))\
          .filter(UsersGroupMember.user_id == uid)\
          .all()
         for perm in user_repo_group_perms_from_users_groups:
             g_k = perm.UsersGroupRepoGroupToPerm.group.group_name
             p = perm.Permission.permission_name
             cur_perm = user.permissions[GK][g_k]
             # overwrite permission only if it's greater than permission
             # given from other sources
             if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
                 user.permissions[GK][g_k] = p
         return user
     def has_perm(self, user, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class '
                             'got %s instead' % type(perm))
         user = self._get_user(user)
         return UserToPerm.query().filter(UserToPerm.user == user)\
             .filter(UserToPerm.permission == perm).scalar() is not None
     def grant_perm(self, user, perm):
         """
         Grant user global permissions
         :param user:
         :param perm:
         """
         user = self._get_user(user)
         perm = self._get_perm(perm)
         # if this permission is already granted skip it
         _perm = UserToPerm.query()\
             .filter(UserToPerm.user == user)\
             .filter(UserToPerm.permission == perm)\
             .scalar()
         if _perm:
             return
         new = UserToPerm()
         new.user = user
         new.permission = perm
         self.sa.add(new)
     def revoke_perm(self, user, perm):
         """
         Revoke users global permissions
         :param user:
         :param perm:
         """
         user = self._get_user(user)
         perm = self._get_perm(perm)
         obj = UserToPerm.query()\
                 .filter(UserToPerm.user == user)\
                 .filter(UserToPerm.permission == perm)\
                 .scalar()
         if obj:
             self.sa.delete(obj)
     def add_extra_email(self, user, email):
         """
         Adds email address to UserEmailMap
         :param user:
         :param email:
         """
         user = self._get_user(user)
         obj = UserEmailMap()
         obj.user = user
         obj.email = email
         self.sa.add(obj)
         return obj
     def delete_extra_email(self, user, email_id):
         """
         Removes email address from UserEmailMap
         :param user:
         :param email_id:
         """
         user = self._get_user(user)
         obj = UserEmailMap.query().get(email_id)
         if obj:
             self.sa.delete(obj)
@@ \ No newline at end of file @@

rhodecode/tests/functional/test_admin_settings.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 from rhodecode.lib.auth import get_crypt_password, check_password
 from rhodecode.model.db import User, RhodeCodeSetting
 from rhodecode.tests import *
 from rhodecode.lib import helpers as h
 class TestAdminSettingsController(TestController):
     def test_index(self):
         response = self.app.get(url('admin_settings'))
         # Test response...
     def test_index_as_xml(self):
         response = self.app.get(url('formatted_admin_settings', format='xml'))
     def test_create(self):
         response = self.app.post(url('admin_settings'))
     def test_new(self):
         response = self.app.get(url('admin_new_setting'))
     def test_new_as_xml(self):
         response = self.app.get(url('formatted_admin_new_setting', format='xml'))
     def test_update(self):
         response = self.app.put(url('admin_setting', setting_id=1))
     def test_update_browser_fakeout(self):
         response = self.app.post(url('admin_setting', setting_id=1), params=dict(_method='put'))
     def test_delete(self):
         response = self.app.delete(url('admin_setting', setting_id=1))
     def test_delete_browser_fakeout(self):
         response = self.app.post(url('admin_setting', setting_id=1), params=dict(_method='delete'))
     def test_show(self):
         response = self.app.get(url('admin_setting', setting_id=1))
     def test_show_as_xml(self):
         response = self.app.get(url('formatted_admin_setting', setting_id=1, format='xml'))
     def test_edit(self):
         response = self.app.get(url('admin_edit_setting', setting_id=1))
     def test_edit_as_xml(self):
         response = self.app.get(url('formatted_admin_edit_setting',
                                     setting_id=1, format='xml'))
     def test_ga_code_active(self):
         self.log_user()
         old_title = 'RhodeCode'
         old_realm = 'RhodeCode authentication'
         new_ga_code = 'ga-test-123456789'
         response = self.app.post(url('admin_setting', setting_id='global'),
                                      params=dict(
                                                  _method='put',
                                                  rhodecode_title=old_title,
                                                  rhodecode_realm=old_realm,
                                                  rhodecode_ga_code=new_ga_code
                                                  ))
         self.checkSessionFlash(response, 'Updated application settings')
         self.assertEqual(RhodeCodeSetting
                          .get_app_settings()['rhodecode_ga_code'], new_ga_code)
         response = response.follow()
         self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
                         in response.body)
     def test_ga_code_inactive(self):
         self.log_user()
         old_title = 'RhodeCode'
         old_realm = 'RhodeCode authentication'
         new_ga_code = ''
         response = self.app.post(url('admin_setting', setting_id='global'),
                                      params=dict(
                                                  _method='put',
                                                  rhodecode_title=old_title,
                                                  rhodecode_realm=old_realm,
                                                  rhodecode_ga_code=new_ga_code
                                                  ))
         self.assertTrue('Updated application settings' in
                         response.session['flash'][0][1])
         self.assertEqual(RhodeCodeSetting
                         .get_app_settings()['rhodecode_ga_code'], new_ga_code)
         response = response.follow()
         self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
                         not in response.body)
     def test_title_change(self):
         self.log_user()
         old_title = 'RhodeCode'
         new_title = old_title + '_changed'
         old_realm = 'RhodeCode authentication'
         for new_title in ['Changed', 'Żółwik', old_title]:
             response = self.app.post(url('admin_setting', setting_id='global'),
                                          params=dict(
                                                      _method='put',
                                                      rhodecode_title=new_title,
                                                      rhodecode_realm=old_realm,
                                                      rhodecode_ga_code=''
                                                      ))
             self.checkSessionFlash(response, 'Updated application settings')
             self.assertEqual(RhodeCodeSetting
                              .get_app_settings()['rhodecode_title'],
                              new_title.decode('utf-8'))
             response = response.follow()
             self.assertTrue("""<h1><a href="/">%s</a></h1>""" % new_title
                         in response.body)
     def test_my_account(self):
         self.log_user()
         response = self.app.get(url('admin_settings_my_account'))
         self.assertTrue('value="test_admin' in response.body)
     def test_my_account_update(self):
         self.log_user()
         new_email = 'new@mail.pl'
         new_name = 'NewName'
         new_lastname = 'NewLastname'
         new_password = 'test123'
         response = self.app.post(url('admin_settings_my_account_update'),
                                  params=dict(_method='put',
                                              username='test_admin',
                                              new_password=new_password,
                                              password_confirmation = new_password,
                                              password='',
                                              name=new_name,
                                              lastname=new_lastname,
                                              email=new_email,))
         response.follow()
         assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change'
         user = self.Session.query(User).filter(User.username == 'test_admin').one()
         assert user.email == new_email , 'incorrect user email after update got %s vs %s' % (user.email, new_email)
         assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name)
         assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname)
         assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password)
         #bring back the admin settings
         old_email = 'test_admin@mail.com'
         old_name = 'RhodeCode'
         old_lastname = 'Admin'
         old_password = 'test12'
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password=old_password,
                                                             password_confirmation = old_password,
                                                             password='',
                                                             name=old_name,
                                                             lastname=old_lastname,
                                                             email=old_email,))
         response.follow()
         self.checkSessionFlash(response,
                                'Your account was updated successfully')
         user = self.Session.query(User).filter(User.username == 'test_admin').one()
         assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)
         assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)
         assert user.name == old_name, 'updated field mismatch %s vs %s' % (user.name, old_name)
         assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname)
         assert check_password(old_password, user.password) is True , 'password updated field mismatch %s vs %s' % (user.password, old_password)
     def test_my_account_update_err_email_exists(self):
         self.log_user()
         new_email = 'test_regular@mail.com'#already exisitn email
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password='test12',
                                                             password_confirmation = 'test122',
                                                             name='NewName',
                                                             lastname='NewLastname',
                                                             email=new_email,))
         assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email'
     def test_my_account_update_err(self):
         self.log_user('test_regular2', 'test12')
         new_email = 'newmail.pl'
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
         response = self.app.post(url('admin_settings_my_account_update'),
                                  params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password='test12',
                                                             password_confirmation = 'test122',
                                                             name='NewName',
                                                             lastname='NewLastname',
                                                             email=new_email,))
         assert 'An email address must contain a single @' in response.body, 'Missing error message about wrong email'
         assert 'This username already exists' in response.body, 'Missing error message about existing user'
                                             email=new_email,)
+                                 )
         response.mustcontain('An email address must contain a single @')
         from rhodecode.model import validators
         msg = validators.ValidUsername(edit=False,
                                     old_data={})._messages['username_exists']
         msg = h.html_escape(msg % {'username': 'test_admin'})
         response.mustcontain(u"%s" % msg)

rhodecode/tests/functional/test_admin_users.py

➞

Show inline comments

 from sqlalchemy.orm.exc import NoResultFound
 from rhodecode.tests import *
 from rhodecode.model.db import User, Permission
 from rhodecode.lib.auth import check_password
 from sqlalchemy.orm.exc import NoResultFound
 from rhodecode.model.user import UserModel
 from rhodecode.model import validators
 from rhodecode.lib import helpers as h
 class TestAdminUsersController(TestController):
     def test_index(self):
         self.log_user()
         response = self.app.get(url('users'))
         # Test response...
     def test_index_as_xml(self):
         response = self.app.get(url('formatted_users', format='xml'))
     def test_create(self):
         self.log_user()
         username = 'newtestuser'
         password = 'test12'
         password_confirmation = password
         name = 'name'
         lastname = 'lastname'
         email = 'mail@mail.com'
         response = self.app.post(url('users'),
                                  {'username':username,
                                    'password':password,
                                    'password_confirmation':password_confirmation,
                                    'name':name,
                                    'active':True,
                                    'lastname':lastname,
                                    'email':email})
         self.checkSessionFlash(response, '''created user %s''' % (username))
         self.assertTrue('''created user %s''' % (username) in
                         response.session['flash'][0])
         new_user = self.Session.query(User).\
             filter(User.username == username).one()
         self.assertEqual(new_user.username,username)
         self.assertEqual(check_password(password, new_user.password),True)
         self.assertEqual(new_user.name,name)
         self.assertEqual(new_user.lastname,lastname)
         self.assertEqual(new_user.email,email)
         response.follow()
         response = response.follow()
         self.assertTrue("""edit">newtestuser</a>""" in response.body)
     def test_create_err(self):
         self.log_user()
         username = 'new_user'
         password = ''
         name = 'name'
         lastname = 'lastname'
         email = 'errmail.com'
         response = self.app.post(url('users'), {'username':username,
                                                'password':password,
                                                'name':name,
                                                'active':False,
                                                'lastname':lastname,
                                                'email':email})
         self.assertTrue("""<span class="error-message">Invalid username</span>""" in response.body)
         self.assertTrue("""<span class="error-message">Please enter a value</span>""" in response.body)
         self.assertTrue("""<span class="error-message">An email address must contain a single @</span>""" in response.body)
         msg = validators.ValidUsername(False, {})._messages['system_invalid_username']
         msg = h.html_escape(msg % {'username': 'new_user'})
         response.mustcontain("""<span class="error-message">%s</span>""" % msg)
         response.mustcontain("""<span class="error-message">Please enter a value</span>""")
         response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""")
         def get_user():
             self.Session.query(User).filter(User.username == username).one()
         self.assertRaises(NoResultFound, get_user), 'found user in database'
     def test_new(self):
         self.log_user()
         response = self.app.get(url('new_user'))
     def test_new_as_xml(self):
         response = self.app.get(url('formatted_new_user', format='xml'))
     def test_update(self):
         response = self.app.put(url('user', id=1))
     def test_update_browser_fakeout(self):
         response = self.app.post(url('user', id=1), params=dict(_method='put'))
     def test_delete(self):
         self.log_user()
         username = 'newtestuserdeleteme'
         password = 'test12'
         name = 'name'
         lastname = 'lastname'
         email = 'todeletemail@mail.com'
         response = self.app.post(url('users'), {'username':username,
                                                'password':password,
                                                'password_confirmation':password,
                                                'name':name,
                                                'active':True,
                                                'lastname':lastname,
                                                'email':email})
         response = response.follow()
         new_user = self.Session.query(User)\
             .filter(User.username == username).one()
         response = self.app.delete(url('user', id=new_user.user_id))
         self.assertTrue("""successfully deleted user""" in
                         response.session['flash'][0])
     def test_delete_browser_fakeout(self):
         response = self.app.post(url('user', id=1),
                                  params=dict(_method='delete'))
     def test_show(self):
         response = self.app.get(url('user', id=1))
     def test_show_as_xml(self):
         response = self.app.get(url('formatted_user', id=1, format='xml'))
     def test_edit(self):
         self.log_user()
         user = User.get_by_username(TEST_USER_ADMIN_LOGIN)
         response = self.app.get(url('edit_user', id=user.user_id))
     def test_add_perm_create_repo(self):
         self.log_user()
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), False)
         self.assertEqual(UserModel().has_perm(user, perm_create), False)
         response = self.app.post(url('user_perm', id=user.user_id),
                                  params=dict(_method='put',
                                              create_repo_perm=True))
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), False)
         self.assertEqual(UserModel().has_perm(user, perm_create), True)
     def test_revoke_perm_create_repo(self):
         self.log_user()
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR2_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), False)
         self.assertEqual(UserModel().has_perm(user, perm_create), False)
         response = self.app.post(url('user_perm', id=user.user_id),
                                  params=dict(_method='put'))
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR2_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), True)
         self.assertEqual(UserModel().has_perm(user, perm_create), False)
     def test_edit_as_xml(self):
         response = self.app.get(url('formatted_edit_user', id=1, format='xml'))

rhodecode/tests/functional/test_login.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 from rhodecode.tests import *
 from rhodecode.model.db import User, Notification
 from rhodecode.lib.utils2 import generate_api_key
 from rhodecode.lib.auth import check_password
 from rhodecode.model.meta import Session
 from rhodecode.lib import helpers as h
 from rhodecode.model import validators
 class TestLoginController(TestController):
     def tearDown(self):
         for n in Notification.query().all():
             Session.delete(n)
         Session.commit()
         self.assertEqual(Notification.query().all(), [])
     def test_index(self):
         response = self.app.get(url(controller='login', action='index'))
         self.assertEqual(response.status, '200 OK')
         # Test response...
     def test_login_admin_ok(self):
         response = self.app.post(url(controller='login', action='index'),
                                  {'username':'test_admin',
                                   'password':'test12'})
         self.assertEqual(response.status, '302 Found')
         self.assertEqual(response.session['rhodecode_user'].get('username') ,
                          'test_admin')
         response = response.follow()
         self.assertTrue('%s repository' % HG_REPO in response.body)
     def test_login_regular_ok(self):
         response = self.app.post(url(controller='login', action='index'),
                                  {'username':'test_regular',
                                   'password':'test12'})
         self.assertEqual(response.status, '302 Found')
         self.assertEqual(response.session['rhodecode_user'].get('username') ,
                          'test_regular')
         response = response.follow()
         self.assertTrue('%s repository' % HG_REPO in response.body)
         self.assertTrue('<a title="Admin" href="/_admin">' not in response.body)
     def test_login_ok_came_from(self):
         test_came_from = '/_admin/users'
         response = self.app.post(url(controller='login', action='index',
                                      came_from=test_came_from),
                                  {'username':'test_admin',
                                   'password':'test12'})
         self.assertEqual(response.status, '302 Found')
         response = response.follow()
         self.assertEqual(response.status, '200 OK')
         self.assertTrue('Users administration' in response.body)
     def test_login_short_password(self):
         response = self.app.post(url(controller='login', action='index'),
                                  {'username':'test_admin',
                                   'password':'as'})
         self.assertEqual(response.status, '200 OK')
         self.assertTrue('Enter 3 characters or more' in response.body)
     def test_login_wrong_username_password(self):
         response = self.app.post(url(controller='login', action='index'),
                                  {'username':'error',
                                   'password':'test12'})
         self.assertEqual(response.status , '200 OK')
         self.assertTrue('invalid user name' in response.body)
         self.assertTrue('invalid password' in response.body)
     #==========================================================================
     # REGISTRATIONS
     #==========================================================================
     def test_register(self):
         response = self.app.get(url(controller='login', action='register'))
         self.assertTrue('Sign Up to RhodeCode' in response.body)
     def test_register_err_same_username(self):
         uname = 'test_admin'
         response = self.app.post(url(controller='login', action='register'),
-                                            {'username':'test_admin',
+                                            {'username': uname,
                                              'password':'test12',
                                              'password_confirmation':'test12',
                                              'email':'goodmail@domain.com',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         self.assertTrue('This username already exists' in response.body)
         msg = validators.ValidUsername()._messages['username_exists']
         msg = h.html_escape(msg % {'username': uname})
         response.mustcontain(msg)
     def test_register_err_same_email(self):
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':'test_admin_0',
                                              'password':'test12',
                                              'password_confirmation':'test12',
                                              'email':'test_admin@mail.com',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         response.mustcontain('This e-mail address is already taken')
         msg = validators.UniqSystemEmail()()._messages['email_taken']
         response.mustcontain(msg)
     def test_register_err_same_email_case_sensitive(self):
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':'test_admin_1',
                                              'password':'test12',
                                              'password_confirmation':'test12',
                                              'email':'TesT_Admin@mail.COM',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         response.mustcontain('This e-mail address is already taken')
         msg = validators.UniqSystemEmail()()._messages['email_taken']
         response.mustcontain(msg)
     def test_register_err_wrong_data(self):
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':'xs',
                                              'password':'test',
                                              'password_confirmation':'test',
                                              'email':'goodmailm',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         response.mustcontain('An email address must contain a single @')
         response.mustcontain('Enter a value 6 characters long or more')
     def test_register_err_username(self):
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':'error user',
                                              'password':'test12',
                                              'password_confirmation':'test12',
                                              'email':'goodmailm',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         response.mustcontain('An email address must contain a single @')
         response.mustcontain('Username may only contain '
                 'alphanumeric characters underscores, '
                 'periods or dashes and must begin with '
                 'alphanumeric character')
     def test_register_err_case_sensitive(self):
         usr = 'Test_Admin'
         response = self.app.post(url(controller='login', action='register'),
-                                            {'username':'Test_Admin',
+                                            {'username': usr,
                                              'password':'test12',
                                              'password_confirmation':'test12',
                                              'email':'goodmailm',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         self.assertTrue('An email address must contain a single @' in response.body)
         self.assertTrue('This username already exists' in response.body)
         response.mustcontain('An email address must contain a single @')
         msg = validators.ValidUsername()._messages['username_exists']
         msg = h.html_escape(msg % {'username': usr})
         response.mustcontain(msg)
     def test_register_special_chars(self):
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':'xxxaxn',
                                              'password':'ąćźżąśśśś',
                                              'password_confirmation':'ąćźżąśśśś',
                                              'email':'goodmailm@test.plx',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status , '200 OK')
         self.assertTrue('Invalid characters in password' in response.body)
         msg = validators.ValidPassword()._messages['invalid_password']
         response.mustcontain(msg)
     def test_register_password_mismatch(self):
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':'xs',
                                              'password':'123qwe',
                                              'password_confirmation':'qwe123',
                                              'email':'goodmailm@test.plxa',
                                              'name':'test',
                                              'lastname':'test'})
         self.assertEqual(response.status, '200 OK')
         response.mustcontain('Passwords do not match')
         msg = validators.ValidPasswordsMatch()._messages['password_mismatch']
         response.mustcontain(msg)
     def test_register_ok(self):
         username = 'test_regular4'
         password = 'qweqwe'
         email = 'marcin@test.com'
         name = 'testname'
         lastname = 'testlastname'
         response = self.app.post(url(controller='login', action='register'),
                                             {'username':username,
                                              'password':password,
                                              'password_confirmation':password,
                                              'email':email,
                                              'name':name,
                                              'lastname':lastname,
                                              'admin':True}) # This should be overriden
         self.assertEqual(response.status, '302 Found')
         self.checkSessionFlash(response, 'You have successfully registered into rhodecode')
         ret = self.Session.query(User).filter(User.username == 'test_regular4').one()
         self.assertEqual(ret.username, username)
         self.assertEqual(check_password(password, ret.password), True)
         self.assertEqual(ret.email, email)
         self.assertEqual(ret.name, name)
         self.assertEqual(ret.lastname, lastname)
         self.assertNotEqual(ret.api_key, None)
         self.assertEqual(ret.admin, False)
     def test_forgot_password_wrong_mail(self):
         bad_email = 'marcin@wrongmail.org'
         response = self.app.post(
                         url(controller='login', action='password_reset'),
-                            {'email': 'marcin@wrongmail.org',}
+                            {'email': bad_email, }
+        )
         response.mustcontain("This e-mail address doesn't exist")
         msg = validators.ValidSystemEmail()._messages['non_existing_email']
         msg = h.html_escape(msg % {'email': bad_email})
         response.mustcontain()
     def test_forgot_password(self):
         response = self.app.get(url(controller='login',
                                     action='password_reset'))
         self.assertEqual(response.status, '200 OK')
         username = 'test_password_reset_1'
         password = 'qweqwe'
         email = 'marcin@python-works.com'
         name = 'passwd'
         lastname = 'reset'
         new = User()
         new.username = username
         new.password = password
         new.email = email
         new.name = name
         new.lastname = lastname
         new.api_key = generate_api_key(username)
         self.Session.add(new)
         self.Session.commit()
         response = self.app.post(url(controller='login',
                                      action='password_reset'),
                                  {'email':email, })
         self.checkSessionFlash(response, 'Your password reset link was sent')
         response = response.follow()
         # BAD KEY
         key = "bad"
         response = self.app.get(url(controller='login',
                                     action='password_reset_confirmation',
                                     key=key))
         self.assertEqual(response.status, '302 Found')
         self.assertTrue(response.location.endswith(url('reset_password')))
         # GOOD KEY
         key = User.get_by_username(username).api_key
         response = self.app.get(url(controller='login',
                                     action='password_reset_confirmation',
                                     key=key))
         self.assertEqual(response.status, '302 Found')
         self.assertTrue(response.location.endswith(url('login_home')))
         self.checkSessionFlash(response,
                                ('Your password reset was successful, '
                                 'new password has been sent to your email'))
         response = response.follow()

0 comments (0 inline, 0 general)