kallithea Changeset - 4a2a66bf93c5

Changeset - 4a2a66bf93c5

Parent rev.

Child rev.

[Not reviewed]

default

0 8 0

Søren Løvborg - 10 years ago 2015-06-26 20:36:05
kwi@kwi.dk

AuthUser: Drop ip_addr field

None of the AuthUser consumers actually need to get the IP address from
the AuthUser object, so it's just redundant.

Also, AuthUser represents a user session, and should not be used as a
generic user + IP address data structure.

8 files changed with 33 insertions and 35 deletions:

kallithea/controllers/admin/my_account.py

kallithea/controllers/admin/users.py

kallithea/controllers/api/__init__.py

kallithea/controllers/login.py

kallithea/lib/auth.py

kallithea/lib/base.py

kallithea/templates/admin/my_account/my_account_profile.html

kallithea/templates/admin/users/user_edit_profile.html

0 comments (0 inline, 0 general)

kallithea/controllers/admin/my_account.py

➞

Show inline comments

@@ @@ -98,8 +98,8 @@ class MyAccountController(BaseController @@
         # url('my_account')
         c.active = 'profile'
         self.__load_data()
         c.perm_user = AuthUser(user_id=self.authuser.user_id,
                                ip_addr=self.ip_addr)
         c.perm_user = AuthUser(user_id=self.authuser.user_id)
         c.ip_addr = self.ip_addr
         c.extern_type = c.user.extern_type
         c.extern_name = c.user.extern_name
@@ @@ -193,8 +193,8 @@ class MyAccountController(BaseController @@
     def my_account_perms(self):
         c.active = 'perms'
         self.__load_data()
         c.perm_user = AuthUser(user_id=self.authuser.user_id,
                                ip_addr=self.ip_addr)
         c.perm_user = AuthUser(user_id=self.authuser.user_id)
         c.ip_addr = self.ip_addr
         return render('admin/my_account/my_account.html')

kallithea/controllers/admin/users.py

➞

Show inline comments

@@ @@ -168,7 +168,8 @@ class UsersController(BaseController): @@
         c.user = user_model.get(id)
         c.extern_type = c.user.extern_type
         c.extern_name = c.user.extern_name
         c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
         c.perm_user = AuthUser(user_id=id)
         c.ip_addr = self.ip_addr
         _form = UserForm(edit=True, old_data={'user_id': id,
                                               'email': c.user.email})()
         form_result = {}
@@ @@ -248,7 +249,8 @@ class UsersController(BaseController): @@
         c.active = 'profile'
         c.extern_type = c.user.extern_type
         c.extern_name = c.user.extern_name
         c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
         c.perm_user = AuthUser(user_id=id)
         c.ip_addr = self.ip_addr
         defaults = c.user.get_dict()
         return htmlfill.render(
@@ @@ -260,7 +262,8 @@ class UsersController(BaseController): @@
     def edit_advanced(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         c.active = 'advanced'
         c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
         c.perm_user = AuthUser(user_id=id)
         c.ip_addr = self.ip_addr
         umodel = UserModel()
         defaults = c.user.get_dict()
@@ @@ -331,7 +334,8 @@ class UsersController(BaseController): @@
     def edit_perms(self, id):
         c.user = self._get_user_or_raise_if_default(id)
         c.active = 'perms'
         c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
         c.perm_user = AuthUser(user_id=id)
         c.ip_addr = self.ip_addr
         umodel = UserModel()
         defaults = c.user.get_dict()

kallithea/controllers/api/__init__.py

➞

Show inline comments

@@ @@ -159,8 +159,8 @@ class JSONRPCController(WSGIController): @@
                                      message='Invalid API key')
             #check if we are allowed to use this IP
             auth_u = AuthUser(u.user_id, self._req_api_key, ip_addr=ip_addr)
             if not auth_u.ip_allowed:
             auth_u = AuthUser(u.user_id, self._req_api_key)
             if not auth_u.is_ip_allowed(ip_addr):
                 return jsonrpc_error(retid=self._req_id,
                         message='request from IP:%s not allowed' % (ip_addr,))
             else:

kallithea/controllers/login.py

➞

Show inline comments

@@ @@ -109,7 +109,7 @@ class LoginController(BaseController): @@
             c.came_from = url('home')
         not_default = self.authuser.username != User.DEFAULT_USER
-        ip_allowed = self.authuser.ip_allowed
+        ip_allowed = self.authuser.is_ip_allowed(self.ip_addr)
         # redirect if already logged in
         if self.authuser.is_authenticated and not_default and ip_allowed:

kallithea/lib/auth.py

➞

Show inline comments

@@ @@ -468,14 +468,13 @@ class AuthUser(object): @@
     anonymous access is enabled and if so, it returns default user as logged in
     """
-    def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
     def __init__(self, user_id=None, api_key=None, username=None):
         self.user_id = user_id
         self._api_key = api_key
         self.api_key = None
         self.username = username
         self.ip_addr = ip_addr
         self.name = ''
         self.lastname = ''
         self.email = ''
@@ @@ -596,17 +595,13 @@ class AuthUser(object): @@
         return [x[0] for x in self.permissions['user_groups'].iteritems()
                 if x[1] == 'usergroup.admin']
     @property
     def ip_allowed(self):
     def is_ip_allowed(self, ip_addr):
         """
         Checks if ip_addr used in constructor is allowed from defined list of
         allowed ip_addresses for user
         :returns: boolean, True if ip is in allowed ip range
         Determine if `ip_addr` is on the list of allowed IP addresses
         for this user.
         """
         # check IP
         inherit = self.inherit_default_permissions
-        return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
         return AuthUser.check_ip_allowed(self.user_id, ip_addr,
                                          inherit_from_default=inherit)
     @classmethod
@@ @@ -622,8 +617,8 @@ class AuthUser(object): @@
             return False
     def __repr__(self):
         return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
             % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
         return "<AuthUser('id:%s[%s] auth:%s')>"\
             % (self.user_id, self.username, self.is_authenticated)
     def set_authenticated(self, authenticated=True):
         if self.user_id != self.anonymous_user.user_id:
@@ @@ -729,14 +724,14 @@ class LoginRequired(object): @@
         return decorator(self.__wrapper, func)
     def __wrapper(self, func, *fargs, **fkwargs):
         cls = fargs[0]
         user = cls.authuser
         loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
         controller = fargs[0]
         user = controller.authuser
         loc = "%s:%s" % (controller.__class__.__name__, func.__name__)
         log.debug('Checking access for user %s @ %s' % (user, loc))
         # check if our IP is allowed
         if not user.ip_allowed:
             return redirect_to_login(_('IP %s not allowed' % (user.ip_addr)))
         if not user.is_ip_allowed(controller.ip_addr):
             return redirect_to_login(_('IP %s not allowed') % controller.ip_addr)
         # check if we used an API key and it's a valid one
         api_key = request.GET.get('api_key')

kallithea/lib/base.py

➞

Show inline comments

@@ @@ -342,7 +342,7 @@ class BaseController(WSGIController): @@
         self.scm_model = ScmModel(self.sa)
     @staticmethod
-    def _determine_auth_user(ip_addr, api_key, session_authuser):
     def _determine_auth_user(api_key, session_authuser):
         """
         Create an `AuthUser` object given the IP address of the request, the
         API key (if any), and the authuser from the session.
@@ @@ -350,13 +350,13 @@ class BaseController(WSGIController): @@
         if api_key:
             # when using API_KEY we are sure user exists.
-            auth_user = AuthUser(api_key=api_key, ip_addr=ip_addr)
             auth_user = AuthUser(api_key=api_key)
             authenticated = False
         else:
             cookie_store = CookieStoreWrapper(session_authuser)
             user_id = cookie_store.get('user_id')
             try:
-                auth_user = AuthUser(user_id=user_id, ip_addr=ip_addr)
                 auth_user = AuthUser(user_id=user_id)
             except UserCreationError as e:
                 # container auth or other auth functions that create users on
                 # the fly can throw UserCreationError to signal issues with
@@ @@ -364,7 +364,7 @@ class BaseController(WSGIController): @@
                 # exception object.
                 from kallithea.lib import helpers as h
                 h.flash(e, 'error')
-                auth_user = AuthUser(ip_addr=ip_addr)
                 auth_user = AuthUser()
             authenticated = cookie_store.get('is_authenticated')
@@ @@ -386,7 +386,6 @@ class BaseController(WSGIController): @@
             #set globals for auth user
             self.authuser = c.authuser = request.user = self._determine_auth_user(
                 self.ip_addr,
                 request.GET.get('api_key'),
                 session.get('authuser'),
+            )

kallithea/templates/admin/my_account/my_account_profile.html

➞

Show inline comments

@@ @@ -13,7 +13,7 @@ ${h.form(url('my_account'), method='post @@
                 %else:
                 <strong>${_('Avatars are disabled')}</strong>
                 <br/>${c.user.email or _('Missing email, please update your user email address.')}
-                    [${_('Current IP')}: ${c.perm_user.ip_addr or "?"}]
                     [${_('Current IP')}: ${c.ip_addr}]
                 %endif
                </p>
            </div>

kallithea/templates/admin/users/user_edit_profile.html

➞

Show inline comments

@@ @@ -12,7 +12,7 @@ ${h.form(url('update_user', id=c.user.us @@
                 <br/>${c.user.email or _('Missing email, please update this user email address.')}
                         ##show current ip just if we show ourself
                         %if c.authuser.username == c.user.username:
-                            [${_('Current IP')}: ${c.perm_user.ip_addr or "?"}]
                             [${_('Current IP')}: ${c.ip_addr}]
                         %endif
                 %endif
            </div>

0 comments (0 inline, 0 general)