kallithea Changeset - 6da70f4569bf

Changeset - 6da70f4569bf

Parent rev.

Child rev.

[Not reviewed]

default

0 4 0

Thomas De Schampheleire - 6 years ago 2019-07-19 01:12:35
thomas.de_schampheleire@nokia.com

ssh: introduce ini setting 'ssh_enabled', disabled by default

Administrators should control the use of SSH and may want to disable SSH
access, temporarily or permanently.

An explicit setting ssh_enabled is better than e.g. checking for a valid
ssh_authorized_keys setting, to allow such trivial temporary disabling.

To keep the controllers simple, introduce a decorator IfSshEnabled instead
of repeating the same config checks in every method.

4 files changed with 28 insertions and 0 deletions:

development.ini

kallithea/lib/base.py

kallithea/lib/paster_commands/template.ini.mako

kallithea/tests/conftest.py

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -217,24 +217,31 @@ allow_custom_hooks_settings = True @@
 # index.extensions =
 #    gemfile
 #    lock
 ## extra filenames for indexing, space separated
 # index.filenames =
 #    .dockerignore
 #    .editorconfig
 #    INSTALL
 #    CHANGELOG
 ####################################
 ###           SSH CONFIG        ####
 ####################################
 ## SSH is disabled by default, until an Administrator decides to enable it.
 ssh_enabled = false
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 ## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:
 broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost
 celery.imports = kallithea.lib.celerylib.tasks
 celery.accept.content = pickle
 celery.result.backend = amqp
 celery.result.dburi = amqp://

kallithea/lib/base.py

➞

Show inline comments

@@ @@ -399,24 +399,25 @@ class BaseController(TGController): @@
                 (function() {
                     var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
                     ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
                     var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
                     })();
             </script>''' % c.ga_code
         c.site_name = rc_config.get('title')
         c.clone_uri_tmpl = rc_config.get('clone_uri_tmpl') or Repository.DEFAULT_CLONE_URI
         ## INI stored
         c.visual.allow_repo_location_change = str2bool(config.get('allow_repo_location_change', True))
         c.visual.allow_custom_hooks_settings = str2bool(config.get('allow_custom_hooks_settings', True))
         c.ssh_enabled = str2bool(config.get('ssh_enabled', False))
         c.instance_id = config.get('instance_id')
         c.issues_url = config.get('bugtracker', url('issues_url'))
         # END CONFIG VARS
         c.repo_name = get_repo_slug(request)  # can be empty
         c.backends = BACKENDS.keys()
         self.cut_off_limit = safe_int(config.get('cut_off_limit'))
         c.my_pr_count = PullRequest.query(reviewer_id=request.authuser.user_id, include_closed=False).count()
@@ @@ -627,12 +628,24 @@ def jsonify(func, *args, **kwargs): @@
         # A JSON list response is syntactically valid JavaScript and can be
         # loaded and executed as JavaScript by a malicious third-party site
         # using <script>, which can lead to cross-site data leaks.
         # JSON responses should therefore be scalars or objects (i.e. Python
         # dicts), because a JSON object is a syntax error if intepreted as JS.
         msg = "JSON responses with Array envelopes are susceptible to " \
               "cross-site data leak attacks, see " \
               "https://web.archive.org/web/20120519231904/http://wiki.pylonshq.com/display/pylonsfaq/Warnings"
         warnings.warn(msg, Warning, 2)
         log.warning(msg)
     log.debug("Returning JSON wrapped action output")
     return json.dumps(data, encoding='utf-8')
 @decorator.decorator
 def IfSshEnabled(func, *args, **kwargs):
     """Decorator for functions that can only be called if SSH access is enabled.
     If SSH access is disabled in the configuration file, HTTPNotFound is raised.
     """
     if not c.ssh_enabled:
         from kallithea.lib import helpers as h
         h.flash(_("SSH access is disabled."), category='warning')
         raise webob.exc.HTTPNotFound()
     return func(*args, **kwargs)

kallithea/lib/paster_commands/template.ini.mako

➞

Show inline comments

@@ @@ -314,24 +314,31 @@ allow_custom_hooks_settings = True @@
 # index.extensions =
 #    gemfile
 #    lock
 <%text>## extra filenames for indexing, space separated</%text>
 # index.filenames =
 #    .dockerignore
 #    .editorconfig
 #    INSTALL
 #    CHANGELOG
 <%text>####################################</%text>
 <%text>###           SSH CONFIG        ####</%text>
 <%text>####################################</%text>
 <%text>## SSH is disabled by default, until an Administrator decides to enable it.</%text>
 ssh_enabled = false
 <%text>####################################</%text>
 <%text>###        CELERY CONFIG        ####</%text>
 <%text>####################################</%text>
 use_celery = false
 <%text>## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:</%text>
 broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost
 celery.imports = kallithea.lib.celerylib.tasks
 celery.accept.content = pickle
 celery.result.backend = amqp
 celery.result.dburi = amqp://

kallithea/tests/conftest.py

➞

Show inline comments

@@ @@ -33,24 +33,25 @@ def pytest_configure(): @@
     path = os.getcwd()
     sys.path.insert(0, path)
     pkg_resources.working_set.add_entry(path)
     # Disable INFO logging of test database creation, restore with NOTSET
     logging.disable(logging.INFO)
     ini_settings = {
         '[server:main]': {
             'port': '4999',
         },
         '[app:main]': {
             'ssh_enabled': 'true',
             'app_instance_uuid': 'test',
             'show_revision_number': 'true',
             'beaker.cache.sql_cache_short.expire': '1',
             'session.secret': '{74e0cd75-b339-478b-b129-07dd221def1f}',
             #'i18n.lang': '',
         },
         '[handler_console]': {
             'formatter': 'color_formatter',
         },
         # The 'handler_console_sql' block is very similar to the one in
         # development.ini, but without the explicit 'level=DEBUG' setting:
         # it causes duplicate sqlalchemy debug logs, one through

0 comments (0 inline, 0 general)