Changeset - 9ddbfaeefb73
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 14 years ago 2012-02-21 00:18:00
marcin@python-works.com
API: allowed password field to be null when used with ldap_dn ref #362
- added errors about non unique email to create_user api function
1 file changed with 9 insertions and 5 deletions:
rhodecode/controllers/api/api.py
9
5
0 comments (0 inline, 0 general)
rhodecode/controllers/api/api.py
Show inline comments
 
@@ -7,60 +7,57 @@
 

			




	
	
	
		
 
    :created_on: Aug 20, 2011

			




	
	
	
		
 
    :author: marcink

			




	
	
	
		
 
    :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>

			




	
	
	
		
 
    :license: GPLv3, see COPYING for more details.

			




	
	
	
		
 
"""

			




	
	
	
		
 
# This program is free software; you can redistribute it and/or

			




	
	
	
		
 
# modify it under the terms of the GNU General Public License

			




	
	
	
		
 
# as published by the Free Software Foundation; version 2

			




	
	
	
		
 
# of the License or (at your opinion) any later version of the license.

			




	
	
	
		
 
#

			




	
	
	
		
 
# This program is distributed in the hope that it will be useful,

			




	
	
	
		
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of

			




	
	
	
		
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

			




	
	
	
		
 
# GNU General Public License for more details.

			




	
	
	
		
 
#

			




	
	
	
		
 
# You should have received a copy of the GNU General Public License

			




	
	
	
		
 
# along with this program; if not, write to the Free Software

			




	
	
	
		
 
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

			




	
	
	
		
 
# MA  02110-1301, USA.

			




	
	
	
		
 

			




	
	
	
		
 
import traceback

			




	
	
	
		
 
import logging

			




	
	
	
		
 

			




	
	
	
		
 
from sqlalchemy.orm.exc import NoResultFound

			




	
	
	
		
 

			




	
	
	
		
 
from rhodecode.controllers.api import JSONRPCController, JSONRPCError

			




	
	
	
		
 
from rhodecode.lib.auth import HasPermissionAllDecorator, \

			




	
	
	
		
 
    HasPermissionAnyDecorator

			




	
	
	
		
 
    HasPermissionAnyDecorator, PasswordGenerator

			




	
	
	
		
 

			




	
	
	
		
 
from rhodecode.model.meta import Session

			




	
	
	
		
 
from rhodecode.model.scm import ScmModel

			




	
	
	
		
 
from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository

			




	
	
	
		
 
from rhodecode.model.repo import RepoModel

			




	
	
	
		
 
from rhodecode.model.user import UserModel

			




	
	
	
		
 
from rhodecode.model.repo_permission import RepositoryPermissionModel

			




	
	
	
		
 
from rhodecode.model.users_group import UsersGroupModel

			




	
	
	
		
 
from rhodecode.model.repos_group import ReposGroupModel

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class ApiController(JSONRPCController):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    API Controller

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    Each method needs to have USER as argument this is then based on given

			




	
	
	
		
 
    API_KEY propagated as instance of user object

			




	
	
	
		
 

			




	
	
	
		
 
    Preferably this should be first argument also

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    Each function should also **raise** JSONRPCError for any

			




	
	
	
		
 
    errors that happens

			




	
	
	
		
 

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    @HasPermissionAllDecorator('hg.admin')

			




	
	
		
 
@@ -110,66 +107,73 @@ class ApiController(JSONRPCController):

			




	
	
	
		
 
    def get_users(self, apiuser):

			




	
	
	
		
 
        """"

			




	
	
	
		
 
        Get all users

			




	
	
	
		
 

			




	
	
	
		
 
        :param apiuser:

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        result = []

			




	
	
	
		
 
        for user in User.getAll():

			




	
	
	
		
 
            result.append(

			




	
	
	
		
 
                dict(

			




	
	
	
		
 
                    id=user.user_id,

			




	
	
	
		
 
                    username=user.username,

			




	
	
	
		
 
                    firstname=user.name,

			




	
	
	
		
 
                    lastname=user.lastname,

			




	
	
	
		
 
                    email=user.email,

			




	
	
	
		
 
                    active=user.active,

			




	
	
	
		
 
                    admin=user.admin,

			




	
	
	
		
 
                    ldap=user.ldap_dn

			




	
	
	
		
 
                )

			




	
	
	
		
 
            )

			




	
	
	
		
 
        return result

			




	
	
	
		
 

			




	
	
	
		
 
    @HasPermissionAllDecorator('hg.admin')

			




	
	
	
		
 
    def create_user(self, apiuser, username, password, email, firstname=None,

			




	
	
	
		
 
    def create_user(self, apiuser, username, email, password, firstname=None,

			




	
	
	
		
 
                    lastname=None, active=True, admin=False, ldap_dn=None):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Create new user

			




	
	
	
		
 

			




	
	
	
		
 
        :param apiuser:

			




	
	
	
		
 
        :param username:

			




	
	
	
		
 
        :param password:

			




	
	
	
		
 
        :param email:

			




	
	
	
		
 
        :param name:

			




	
	
	
		
 
        :param lastname:

			




	
	
	
		
 
        :param active:

			




	
	
	
		
 
        :param admin:

			




	
	
	
		
 
        :param ldap_dn:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        if User.get_by_username(username):

			




	
	
	
		
 
            raise JSONRPCError("user %s already exist" % username)

			




	
	
	
		
 

			




	
	
	
		
 
        if User.get_by_email(email, case_insensitive=True):

			




	
	
	
		
 
            raise JSONRPCError("email %s already exist" % email)

			




	
	
	
		
 

			




	
	
	
		
 
        if ldap_dn:

			




	
	
	
		
 
            # generate temporary password if ldap_dn

			




	
	
	
		
 
            password = PasswordGenerator().gen_password(length=8)

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            usr = UserModel().create_or_update(

			




	
	
	
		
 
                username, password, email, firstname,

			




	
	
	
		
 
                lastname, active, admin, ldap_dn

			




	
	
	
		
 
            )

			




	
	
	
		
 
            Session.commit()

			




	
	
	
		
 
            return dict(

			




	
	
	
		
 
                id=usr.user_id,

			




	
	
	
		
 
                msg='created new user %s' % username

			




	
	
	
		
 
            )

			




	
	
	
		
 
        except Exception:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            raise JSONRPCError('failed to create user %s' % username)

			




	
	
	
		
 

			




	
	
	
		
 
    @HasPermissionAllDecorator('hg.admin')

			




	
	
	
		
 
    def update_user(self, apiuser, username, password, email, firstname=None,

			




	
	
	
		
 
                    lastname=None, active=True, admin=False, ldap_dn=None):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Updates given user

			




	
	
	
		
 

			




	
	
	
		
 
        :param apiuser:

			




	
	
	
		
 
        :param username:

			




	
	
	
		
 
        :param password:

			




	
	
	
		
 
        :param email:

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.