Changeset - 6ece8795104a
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Liad Shani - 14 years ago 2011-10-27 21:01:16
liadff@gmail.com
Added container-based authentication support to git middleware
1 file changed with 3 insertions and 3 deletions:
rhodecode/lib/middleware/simplegit.py
3
3
0 comments (0 inline, 0 general)
rhodecode/lib/middleware/simplegit.py
Show inline comments
 
@@ -67,13 +67,13 @@ from dulwich.repo import Repo
 
from dulwich.web import HTTPGitApplication
 

			




	
	
	
		
 
from paste.auth.basic import AuthBasicAuthenticator

			




	
	
	
		
 
from paste.httpheaders import REMOTE_USER, AUTH_TYPE

			




	
	
	
		
 

			




	
	
	
		
 
from rhodecode.lib import safe_str

			




	
	
	
		
 
from rhodecode.lib.auth import authfunc, HasPermissionAnyMiddleware

			




	
	
	
		
 
from rhodecode.lib.auth import authfunc, HasPermissionAnyMiddleware, get_container_username

			




	
	
	
		
 
from rhodecode.lib.utils import invalidate_cache, is_valid_repo

			




	
	
	
		
 
from rhodecode.model.db import User

			




	
	
	
		
 

			




	
	
	
		
 
from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError

			




	
	
	
		
 

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
		
 
@@ -145,13 +145,13 @@ class SimpleGit(object):

			




	
	
	
		
 
                              'authentication')

			




	
	
	
		
 
                #==============================================================

			




	
	
	
		
 
                # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE

			




	
	
	
		
 
                # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS

			




	
	
	
		
 
                #==============================================================

			




	
	
	
		
 

			




	
	
	
		
 
                if not REMOTE_USER(environ):

			




	
	
	
		
 
                if not get_container_username(environ, self.config):

			




	
	
	
		
 
                    self.authenticate.realm = \

			




	
	
	
		
 
                        safe_str(self.config['rhodecode_realm'])

			




	
	
	
		
 
                    result = self.authenticate(environ)

			




	
	
	
		
 
                    if isinstance(result, str):

			




	
	
	
		
 
                        AUTH_TYPE.update(environ, 'basic')

			




	
	
	
		
 
                        REMOTE_USER.update(environ, result)

			




	
	
		
 
@@ -161,13 +161,13 @@ class SimpleGit(object):

			




	
	
	
		
 
                #==============================================================

			




	
	
	
		
 
                # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME FROM

			




	
	
	
		
 
                # BASIC AUTH

			




	
	
	
		
 
                #==============================================================

			




	
	
	
		
 

			




	
	
	
		
 
                if action in ['pull', 'push']:

			




	
	
	
		
 
                    username = REMOTE_USER(environ)

			




	
	
	
		
 
                    username = get_container_username(environ, self.config)

			




	
	
	
		
 
                    try:

			




	
	
	
		
 
                        user = self.__get_user(username)

			




	
	
	
		
 
                        if user is None:

			




	
	
	
		
 
                            return HTTPForbidden()(environ, start_response)                        

			




	
	
	
		
 
                        username = user.username

			




	
	
	
		
 
                    except:

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.