kallithea Changeset - 716911af91e1

Changeset - 716911af91e1

Parent rev.

Child rev.

[Not reviewed]

beta

0 10 0

Marcin Kuzminski - 15 years ago 2011-03-06 00:06:28
marcin@python-works.com

Added api_key into user, api key get's generated again after password change
updated ini files

10 files changed with 84 insertions and 150 deletions:

development.ini

production.ini

rhodecode/lib/__init__.py

rhodecode/lib/auth.py

rhodecode/lib/celerylib/tasks.py

rhodecode/lib/db_manage.py

rhodecode/model/user.py

rhodecode/public/css/style.css

rhodecode/templates/admin/users/user_edit.html

129

rhodecode/templates/admin/users/user_edit_my_account.html

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -32,7 +32,7 @@ threadpool_workers = 5 @@
 threadpool_max_requests = 6
 ##option to use threads of process
-use_threadpool = false
+use_threadpool = true
 use = egg:Paste#http
 host = 0.0.0.0

production.ini

➞

Show inline comments

@@ @@ -29,7 +29,7 @@ debug = true @@
 threadpool_workers = 5
 ##max request before thread respawn
-threadpool_max_requests = 2
+threadpool_max_requests = 6
 ##option to use threads of process
 use_threadpool = true
@@ @@ -47,7 +47,7 @@ cache_dir = %(here)s/data @@
 index_dir = %(here)s/data/index
 cut_off_limit = 256000
 force_https = false
-commit_parse_limit = 250
+commit_parse_limit = 25
 use_gravatar = true
 ####################################
@@ @@ -94,7 +94,6 @@ beaker.cache.short_term.expire=60 @@
 beaker.cache.long_term.type=memory
 beaker.cache.long_term.expire=36000
 beaker.cache.sql_cache_short.type=memory
 beaker.cache.sql_cache_short.expire=10
@@ @@ -141,7 +140,8 @@ logview.pylons.util = #eee @@
 #########################################################
 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###
 #########################################################
 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode
 #sqlalchemy.db1.echo = False
 #sqlalchemy.db1.pool_recycle = 3600
 sqlalchemy.convert_unicode = true

rhodecode/lib/__init__.py

➞

Show inline comments

@@ @@ -27,3 +27,12 @@ @@
 def str2bool(v):
     return v.lower() in ["yes", "true", "t", "1"] if v else None
 def generate_api_key(username, salt=None):
     from tempfile import _RandomNameSequence
     import hashlib
     if salt is None:
         salt = _RandomNameSequence().next()
     return hashlib.sha1(username + salt).hexdigest()

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -28,7 +28,8 @@ import bcrypt @@
 import random
 import logging
 import traceback
 import hashlib
 from tempfile import _RandomNameSequence
 from decorator import decorator
 from pylons import config, session, url, request
@@ @@ -87,6 +88,12 @@ def get_crypt_password(password): @@
     """
     return bcrypt.hashpw(password, bcrypt.gensalt(10))
 def generate_api_key(username, salt=None):
     if salt is None:
         salt = _RandomNameSequence().next()
     return hashlib.sha1(username + salt).hexdigest()
 def check_password(password, hashed):
     return bcrypt.hashpw(password, hashed) == hashed

rhodecode/lib/celerylib/tasks.py

➞

Show inline comments

@@ @@ -245,6 +245,7 @@ def reset_user_password(user_email): @@
                              auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
             if user:
                 user.password = auth.get_crypt_password(new_passwd)
                 user.api_key = auth.generate_api_key(user.username)
                 sa.add(user)
                 sa.commit()
                 log.info('change password for %s', user_email)

rhodecode/lib/db_manage.py

➞

Show inline comments

@@ @@ -35,7 +35,7 @@ from os.path import dirname as dn, join @@
 from rhodecode import __dbversion__
 from rhodecode.model import meta
 from rhodecode.lib.auth import get_crypt_password
+from rhodecode.lib.auth import get_crypt_password, generate_api_key
 from rhodecode.lib.utils import ask_ok
 from rhodecode.model import init_model
 from rhodecode.model.db import User, Permission, RhodeCodeUi, RhodeCodeSettings, \
@@ @@ -442,6 +442,7 @@ class DbManage(object): @@
         new_user = User()
         new_user.username = username
         new_user.password = get_crypt_password(password)
         new_user.api_key = generate_api_key(username)
         new_user.name = 'RhodeCode'
         new_user.lastname = 'Admin'
         new_user.email = email
@@ @@ -461,6 +462,7 @@ class DbManage(object): @@
         def_user = User()
         def_user.username = 'default'
         def_user.password = get_crypt_password(str(uuid.uuid1())[:8])
         def_user.api_key = generate_api_key('default')
         def_user.name = 'Anonymous'
         def_user.lastname = 'User'
         def_user.email = 'anonymous@rhodecode.org'
@@ @@ -484,8 +486,8 @@ class DbManage(object): @@
                  ('hg.create.repository', 'Repository create'),
                  ('hg.create.none', 'Repository creation disabled'),
                  ('hg.register.none', 'Register disabled'),
                  ('hg.register.manual_activate', 'Register new user with rhodecode without manual activation'),
                  ('hg.register.auto_activate', 'Register new user with rhodecode without auto activation'),
                  ('hg.register.manual_activate', 'Register new user with RhodeCode without manual activation'),
                  ('hg.register.auto_activate', 'Register new user with RhodeCode without auto activation'),
+                ]
         for p in perms:

rhodecode/model/user.py

➞

Show inline comments

@@ @@ -37,6 +37,7 @@ from rhodecode.model.db import User @@
 from rhodecode.lib.exceptions import DefaultUserException, UserOwnsReposException
 from sqlalchemy.exc import DatabaseError
 from rhodecode.lib import generate_api_key
 log = logging.getLogger(__name__)
@@ @@ -68,6 +69,7 @@ class UserModel(BaseModel): @@
             for k, v in form_data.items():
                 setattr(new_user, k, v)
             new_user.api_key = generate_api_key(form_data['username'])
             self.sa.add(new_user)
             self.sa.commit()
         except:
@@ @@ -91,6 +93,7 @@ class UserModel(BaseModel): @@
                 new_user = User()
                 new_user.username = username.lower() # add ldap account always lowercase
                 new_user.password = get_crypt_password(password)
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = True
                 new_user.ldap_dn = user_dn
@@ @@ -134,19 +137,20 @@ class UserModel(BaseModel): @@
     def update(self, user_id, form_data):
         try:
             new_user = self.get(user_id, cache=False)
             if new_user.username == 'default':
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
             for k, v in form_data.items():
                 if k == 'new_password' and v != '':
                     new_user.password = v
                     user.password = v
                     user.api_key = generate_api_key(user.username)
                 else:
-                    setattr(new_user, k, v)
+                    setattr(user, k, v)
-            self.sa.add(new_user)
+            self.sa.add(user)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
@@ @@ -155,19 +159,20 @@ class UserModel(BaseModel): @@
     def update_my_account(self, user_id, form_data):
         try:
             new_user = self.get(user_id, cache=False)
             if new_user.username == 'default':
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
             for k, v in form_data.items():
                 if k == 'new_password' and v != '':
                     new_user.password = v
                     user.password = v
                     user.api_key = generate_api_key(user.username)
                 else:
                     if k not in ['admin', 'active']:
-                        setattr(new_user, k, v)
+                        setattr(user, k, v)
-            self.sa.add(new_user)
+            self.sa.add(user)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())

rhodecode/public/css/style.css

➞

Show inline comments

@@ @@ -858,7 +858,7 @@ padding:0 0 8px; @@
 padding:0 0 8px !important;
+}
 #content div.box div.form div.fields div.field div.label label {
+#content div.box div.form div.fields div.field div.label label, div.label label{
 color:#393939;
 font-weight:700;
+}

rhodecode/templates/admin/users/user_edit.html

➞

Show inline comments

@@ @@ -26,19 +26,23 @@ @@
     <!-- end box / title -->
     ${h.form(url('user', id=c.user.user_id),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="field">
            <div class="gravatar_box">
                <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(c.user.email)}"/></div>
                <p>
                <strong>Change your avatar at <a href="http://gravatar.com">gravatar.com</a></strong><br/>
                ${_('Using')} ${c.user.email}
                </p>
            </div>
         </div>
         <div class="field">
             <div class="label">
                 <label>${_('API key')}</label> ${c.user.api_key}
             </div>
         </div>
         <div class="fields">
              <div class="field">
                 <div class="gravatar_box">
               		<div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(c.user.email)}"/></div>
               		<p>
               		<strong>Change your avatar at <a href="http://gravatar.com">gravatar.com</a></strong><br/>
               		${_('Using')} ${c.user.email}
               		</p>
             	</div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="username">${_('Username')}:</label>
                 </div>
@@ @@ -52,7 +56,7 @@ @@
                     <label for="ldap_dn">${_('LDAP DN')}:</label>
                 </div>
                 <div class="input">
-                    ${h.text('ldap_dn',class_='small')}
+                    ${h.text('ldap_dn',class_='medium')}
                 </div>
              </div>
@@ @@ -122,122 +126,24 @@ @@
     <div class="title">
         <h5>${_('Permissions')}</h5>
     </div>
 	<form id="map_form" method="post" action="{%url update_permissions %}">
 	<div class="form">
 	  <div class="fields">
 		<table>
 		        <tr>
 		            <td class="label">${_('Permissions')}:</td>
 		            <td>
 		                <div>
 		                    <div style="float:left">
 		                    <div class="text">${_('Granted permissions')}</div>
 		                        ${h.select('granted_permissions',[],c.granted_permissions,multiple=True,size=8,style="min-width:210px")}
 		                    </div>
 		                    <div style="float:left;width:20px;padding-top:50px">
 		                        <img alt="add" id="add_element"
 		                            style="padding:2px;cursor:pointer"
 		                            src="${h.url("/images/icons/arrow_left.png")}">
 		                        <br />
 		                        <img alt="remove" id="remove_element"
 		                            style="padding:2px;cursor:pointer"
 		                            src="${h.url("/images/icons/arrow_right.png")}">
 		                    </div>
 		                    <div style="float:left">
 		                        <div class="text">${_('Available permissions')}</div>
 		                         ${h.select('available_permissions',[],c.available_permissions,multiple=True,size=8,style="min-width:210px")}
 		                    </div>
 		                </div>
 		            </td>
 		        </tr>
 		</table>
         <div class="buttons">
          ${h.submit('Save','Save',class_="ui-button")}
         </div>
 	  </div>
 	</div>
 	</form>
 <script type="text/javascript">
     YAHOO.util.Event.onDOMReady(function(){
             var D = YAHOO.util.Dom;
             var E = YAHOO.util.Event;
             //temp container for storage.
             var cache = new Array();
             var c =  D.get('id_granted_permissions');
             //get only selected options for further fullfilment
             for(var i = 0;node =c.options[i];i++){
                 if(node.selected){
                     //push selected to my temp storage left overs :)
                     cache.push(node);
+                }
+            }
             //clear select
             c.options.length = 0;
             //fill it with remembered options
             for(var i = 0;node = cache[i];i++){
                 c.options[i]=new Option(node.text, node.value, false, false);
+            }
             function target_callback(e){
                 window.location='/admin/t4?g='+e.target.value;
+            }
             function prompts_action_callback(e){
                 var choosen = D.get('id_granted_permissions');
                 var availible = D.get('id_available_permissions');
                 if (this.id=='add_element'){
                     for(var i=0; node = availible.options[i];i++){
                         if(node.selected){
                             choosen.appendChild(new Option(node.text, node.value, false, false));
+                        }
+                    }
+                }
                 else if (this.id=='remove_element'){
                     //temp container for storage.
                     cache = new Array();
                     for(var i = 0;node = choosen.options[i];i++){
                         if(!node.selected){
                             //push left overs :)
                             cache.push(node);
+                        }
+                    }
                     //clear select
                     choosen.options.length = 0;
                     for(var i = 0;node = cache[i];i++){
                         choosen.options[i]=new Option(node.text, node.value, false, false);
+                    }
+                }
                 else{
+                }
+            }
             E.addListener('id_groups','change',target_callback);
             E.addListener(['add_element','remove_element'],'click',prompts_action_callback)
             E.addListener('map_form','submit',function(){
                 var choosen = D.get('id_granted_permissions');
                 for (var i = 0; i < choosen.options.length; i++) {
                     choosen.options[i].selected = 'selected';
+                }
             })
         });
 </script>
     ${h.form(url('user', id=c.user.user_id),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
              <div class="field">
                 <div class="label label-checkbox">
                     <label for="">${_('Create repositories')}:</label>
                 </div>
                 <div class="checkboxes">
                     ${h.checkbox('create',value=True)}
                 </div>
              </div>
             <div class="buttons">
               ${h.submit('save','Save',class_="ui-button")}
               ${h.reset('reset','Reset',class_="ui-button")}
             </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>

rhodecode/templates/admin/users/user_edit_my_account.html

➞

Show inline comments

@@ @@ -34,7 +34,11 @@ @@
                     </p>
                 </div>
              </div>
 	        <div class="field">
 	            <div class="label">
 	                <label>${_('API key')}</label> ${c.user.api_key}
 	            </div>
 	        </div>
 	        <div class="fields">
 	             <div class="field">
 	                <div class="label">

0 comments (0 inline, 0 general)