kallithea Changeset - 5bbcc0cac389

Changeset - 5bbcc0cac389

Parent rev.

Child rev.

[Not reviewed]

default

0 2 0

Marcin Kuzminski - 15 years ago 2010-07-21 22:57:36
marcin@python-works.com

added session remove in forms, and added name and lastname to auth user

2 files changed with 5 insertions and 1 deletions:

pylons_app/lib/auth.py

pylons_app/model/forms.py

0 comments (0 inline, 0 general)

pylons_app/lib/auth.py

➞

Show inline comments

@@ @@ -32,96 +32,98 @@ from pylons_app.model.db import User, Re @@
 from sqlalchemy.exc import OperationalError
 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
 import crypt
 import logging
 log = logging.getLogger(__name__)
 def get_crypt_password(password):
     """
     Cryptographic function used for password hashing
     @param password: password to hash
     """
     return crypt.crypt(password, '6a')
 @cache_region('super_short_term', 'cached_user')
 def get_user_cached(username):
     sa = meta.Session
     try:
         user = sa.query(User).filter(User.username == username).one()
     finally:
         meta.Session.remove()
     return user
 def authfunc(environ, username, password):
     password_crypt = get_crypt_password(password)
     try:
         user = get_user_cached(username)
     except (NoResultFound, MultipleResultsFound, OperationalError) as e:
         log.error(e)
         user = None
     if user:
         if user.active:
             if user.username == username and user.password == password_crypt:
                 log.info('user %s authenticated correctly', username)
                 return True
         else:
             log.error('user %s is disabled', username)
     return False
 class  AuthUser(object):
     """
     A simple object that handles a mercurial username for authentication
     """
     def __init__(self):
         self.username = 'None'
         self.name = ''
         self.lastname = ''
         self.user_id = None
         self.is_authenticated = False
         self.is_admin = False
         self.permissions = {}
 def set_available_permissions(config):
     """
     This function will propagate pylons globals with all available defined
     permission given in db. We don't wannt to check each time from db for new
     permissions since adding a new permission also requires application restart
     ie. to decorate new views with the newly created permission
     @param config:
     """
     log.info('getting information about all available permissions')
     try:
         sa = meta.Session
         all_perms = sa.query(Permission).all()
     finally:
         meta.Session.remove()
     config['available_permissions'] = [x.permission_name for x in all_perms]
 def set_base_path(config):
     config['base_path'] = config['pylons.app_globals'].base_path
 def fill_perms(user):
     sa = meta.Session
     user.permissions['repositories'] = {}
     #first fetch default permissions
     default_perms = sa.query(Repo2Perm, Repository, Permission)\
         .join((Repository, Repo2Perm.repository == Repository.repo_name))\
         .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\
         .filter(Repo2Perm.user_id == sa.query(User).filter(User.username ==
                                             'default').one().user_id).all()
     if user.is_admin:
         user.permissions['global'] = set(['hg.admin'])
         #admin have all rights full
         for perm in default_perms:
             p = 'repository.admin'
             user.permissions['repositories'][perm.Repo2Perm.repository] = p
     else:
         user.permissions['global'] = set()
         for perm in default_perms:
             if perm.Repository.private:

pylons_app/model/forms.py

➞

Show inline comments

@@ @@ -52,122 +52,124 @@ class ValidAuthToken(formencode.validato @@
         if value != authentication_token():
             raise formencode.Invalid(self.message('invalid_token', state,
                                             search_number=value), value, state)
 class ValidUsername(formencode.validators.FancyValidator):
     def validate_python(self, value, state):
         if value in ['default', 'new_user']:
             raise formencode.Invalid(_('Invalid username'), value, state)
 class ValidPassword(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         if value:
             return get_crypt_password(value)
 class ValidAuth(formencode.validators.FancyValidator):
     messages = {
             'invalid_password':_('invalid password'),
             'invalid_login':_('invalid user name'),
             'disabled_account':_('Your acccount is disabled')
+            }
     #error mapping
     e_dict = {'username':messages['invalid_login'],
               'password':messages['invalid_password']}
     e_dict_disable = {'username':messages['disabled_account']}
     def validate_python(self, value, state):
         sa = meta.Session
         crypted_passwd = get_crypt_password(value['password'])
         username = value['username']
         try:
             user = sa.query(User).filter(User.username == username).one()
         except (NoResultFound, MultipleResultsFound, OperationalError) as e:
             log.error(e)
             user = None
             raise formencode.Invalid(self.message('invalid_password',
                                      state=State_obj), value, state,
                                      error_dict=self.e_dict)
         if user:
             if user.active:
                 if user.username == username and user.password == crypted_passwd:
                     from pylons_app.lib.auth import AuthUser
                     auth_user = AuthUser()
                     auth_user.username = username
                     auth_user.is_authenticated = True
                     auth_user.is_admin = user.admin
                     auth_user.user_id = user.user_id
                     auth_user.name = user.name
                     auth_user.lastname = user.lastname
                     session['hg_app_user'] = auth_user
                     session.save()
                     log.info('user %s is now authenticated', username)
                     try:
                         user.last_login = datetime.datetime.now()
                         sa.add(user)
                         sa.commit()
                     except (OperationalError) as e:
                         log.error(e)
                         sa.rollback()
                     return value
                 else:
                     log.warning('user %s not authenticated', username)
                     raise formencode.Invalid(self.message('invalid_password',
                                              state=State_obj), value, state,
                                              error_dict=self.e_dict)
             else:
                 log.warning('user %s is disabled', username)
                 raise formencode.Invalid(self.message('disabled_account',
                                          state=State_obj),
                                          value, state,
                                          error_dict=self.e_dict_disable)
+        meta.Session.remove()
 class ValidRepoUser(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         sa = meta.Session
         try:
             self.user_db = sa.query(User)\
                 .filter(User.active == True)\
                 .filter(User.username == value).one()
         except Exception:
             raise formencode.Invalid(_('This username is not valid'),
                                      value, state)
         return self.user_db.user_id
 def ValidRepoName(edit=False):
     class _ValidRepoName(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             slug = h.repo_name_slug(value)
             if slug in ['_admin']:
                 raise formencode.Invalid(_('This repository name is disallowed'),
                                          value, state)
             sa = meta.Session
             if sa.query(Repository).get(slug) and not edit:
                 raise formencode.Invalid(_('This repository already exists'),
                                          value, state)
             return slug
     return _ValidRepoName
 class ValidPerms(formencode.validators.FancyValidator):
     messages = {'perm_new_user_name':_('This username is not valid')}
     def to_python(self, value, state):
         perms_update = []
         perms_new = []
         #build a list of permission to update and new permission to create
         for k, v in value.items():
             if k.startswith('perm_'):
                 if  k.startswith('perm_new_user'):
                     new_perm = value.get('perm_new_user', False)
                     new_user = value.get('perm_new_user_name', False)
                     if new_user and new_perm:
                         if (new_user, new_perm) not in perms_new:
                             perms_new.append((new_user, new_perm))
                 else:
                     usr = k[5:]
                     if usr == 'default':
                         if value['private']:

0 comments (0 inline, 0 general)