kallithea Changeset - 9f5582151d53

Changeset - 9f5582151d53

Parent rev.

Child rev.

[Not reviewed]

beta

0 5 0

Marcin Kuzminski - 14 years ago 2012-03-16 22:58:05
marcin@python-works.com

Alternative HTTP response codes when client failed to Authenticate correctly

5 files changed with 37 insertions and 1 deletions:

development.ini

docs/changelog.rst

production.ini

rhodecode/config/deployment.ini_tmpl

rhodecode/lib/base.py

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

 ################################################################################
 ################################################################################
 # RhodeCode - Pylons environment configuration                                 #
 #                                                                              #
 # The %(here)s variable will be replaced with the parent directory of this file#
 ################################################################################
 [DEFAULT]
 debug = true
 pdebug = false
 ################################################################################
 ## Uncomment and replace with the address which should receive                ##
 ## any error reports after application crash                                  ##
 ## Additionally those settings will be used by RhodeCode mailing system       ##
 ################################################################################
 #email_to = admin@localhost
 #error_email_from = paste_error@localhost
 #app_email_from = rhodecode-noreply@localhost
 #error_message =
 #email_prefix = [RhodeCode]
 #smtp_server = mail.server.com
 #smtp_username =
 #smtp_password =
 #smtp_port =
 #smtp_use_tls = false
 #smtp_use_ssl = true
 # Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
 #smtp_auth =
 [server:main]
 ##nr of threads to spawn
 threadpool_workers = 5
 ##max request before thread respawn
 threadpool_max_requests = 10
 ##option to use threads of process
 use_threadpool = true
 use = egg:Paste#http
 host = 0.0.0.0
 port = 5000
 [app:main]
 use = egg:rhodecode
 full_stack = true
 static_files = true
 lang = en
 cache_dir = %(here)s/data
 index_dir = %(here)s/data/index
 app_instance_uuid = rc-develop
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 25
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 default_encoding = utf8
 ## overwrite schema of clone url
 ## available vars:
 ## scheme - http/https
 ## user - current user
 ## pass - password
 ## netloc - network location
 ## path - usually repo_name
 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
 ## issue tracking mapping for commits messages
 ## comment out issue_pat, issue_server, issue_prefix to enable
 ## pattern to get the issues from commit messages
 ## default one used here is #<numbers> with a regex passive group for `#`
 ## {id} will be all groups matched from this pattern
 issue_pat = (?:\s*#)(\d+)
 ## server url to the issue, each {id} will be replaced with match
 ## fetched from the regex and {repo} is replaced with repository name
 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
 ## prefix to add to link to indicate it's an url
 ## #314 will be replaced by <issue_prefix><id>
 issue_prefix = #
 ## instance-id prefix
 ## a prefix key for this instance used for cache invalidation when running
 ## multiple instances of rhodecode, make sure it's globally unique for
 ## all running rhodecode instances. Leave empty if you don't use it
 instance_id =
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
 ## handling that. Set this variable to 403 to return HTTPForbidden
 auth_ret_code =
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost
 broker.vhost = rabbitmqhost
 broker.port = 5672
 broker.user = rabbitmq
 broker.password = qweqwe
 celery.imports = rhodecode.lib.celerylib.tasks
 celery.result.backend = amqp
 celery.result.dburi = amqp://
 celery.result.serialier = json
 #celery.send.task.error.emails = true
 #celery.amqp.task.result.expires = 18000
 celeryd.concurrency = 2
 #celeryd.log.file = celeryd.log
 celeryd.log.level = debug
 celeryd.max.tasks.per.child = 1
 #tasks will never be sent to the queue, but executed locally instead.
 celery.always.eager = false
 ####################################
 ###         BEAKER CACHE        ####
 ####################################
 beaker.cache.data_dir=%(here)s/data/cache/data
 beaker.cache.lock_dir=%(here)s/data/cache/lock
 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
 beaker.cache.super_short_term.type=memory
 beaker.cache.super_short_term.expire=10
 beaker.cache.super_short_term.key_length = 256
 beaker.cache.short_term.type=memory
 beaker.cache.short_term.expire=60
 beaker.cache.short_term.key_length = 256
 beaker.cache.long_term.type=memory
 beaker.cache.long_term.expire=36000
 beaker.cache.long_term.key_length = 256
 beaker.cache.sql_cache_short.type=memory
 beaker.cache.sql_cache_short.expire=10
 beaker.cache.sql_cache_short.key_length = 256
 beaker.cache.sql_cache_med.type=memory
 beaker.cache.sql_cache_med.expire=360
 beaker.cache.sql_cache_med.key_length = 256
 beaker.cache.sql_cache_long.type=file
 beaker.cache.sql_cache_long.expire=3600
 beaker.cache.sql_cache_long.key_length = 256
 ####################################
 ###       BEAKER SESSION        ####
 ####################################
 ## Type of storage used for the session, current types are
 ## dbm, file, memcached, database, and memory.
 ## The storage uses the Container API
 ## that is also used by the cache system.
 ## db session example
 #beaker.session.type = ext:database
 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode
 #beaker.session.table_name = db_session
 ## encrypted cookie session, good for many instances
 #beaker.session.type = cookie
 beaker.session.type = file
 beaker.session.key = rhodecode
 # secure cookie requires AES python libraries
 #beaker.session.encrypt_key = g654dcno0-9873jhgfreyu
 #beaker.session.validate_key = 9712sds2212c--zxc123
 beaker.session.timeout = 36000
 beaker.session.httponly = true
 ## uncomment for https secure cookie
 beaker.session.secure = false
 ##auto save the session to not to use .save()
 beaker.session.auto = False
 ##true exire at browser close
 #beaker.session.cookie_expires = 3600
 ################################################################################
 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 #set debug = false
 ##################################
 ###       LOGVIEW CONFIG       ###
 ##################################
 logview.sqlalchemy = #faa
 logview.pylons.templating = #bfb
 logview.pylons.util = #eee
 #########################################################
 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###
 #########################################################
 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode
 sqlalchemy.db1.echo = false
 sqlalchemy.db1.pool_recycle = 3600
 sqlalchemy.convert_unicode = true
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
 [loggers]
 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, whoosh_indexer
 [handlers]
 keys = console, console_sql
 [formatters]
 keys = generic, color_formatter, color_formatter_sql
 #############
 ## LOGGERS ##
 #############
 [logger_root]
 level = NOTSET
 handlers = console
 [logger_routes]
 level = DEBUG
 handlers =
 qualname = routes.middleware
 # "level = DEBUG" logs the route matched and routing variables.
 propagate = 1
 [logger_beaker]
 level = DEBUG
 handlers =
 qualname = beaker.container
 propagate = 1
 [logger_templates]
 level = INFO
 handlers =
 qualname = pylons.templating
 propagate = 1
 [logger_rhodecode]
 level = DEBUG
 handlers =
 qualname = rhodecode
 propagate = 1
 [logger_sqlalchemy]
 level = INFO
 handlers = console_sql
 qualname = sqlalchemy.engine
 propagate = 0
 [logger_whoosh_indexer]
 level = DEBUG
 handlers =
 qualname = whoosh_indexer
 propagate = 1
 ##############
 ## HANDLERS ##
 ##############
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = DEBUG
 formatter = color_formatter
 [handler_console_sql]
 class = StreamHandler
 args = (sys.stderr,)
 level = DEBUG
 formatter = color_formatter_sql
 ################
 ## FORMATTERS ##
 ################
 [formatter_generic]
 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S
 [formatter_color_formatter]
 class=rhodecode.lib.colored_formatter.ColorFormatter
 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S
 [formatter_color_formatter_sql]
 class=rhodecode.lib.colored_formatter.ColorFormatterSql
 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S

docs/changelog.rst

➞

Show inline comments

 .. _changelog:
 =========
 Changelog
 =========
 .3.4 (**2012-XX-XX**)
 ----------------------
 :status: in-progress
 :branch: beta
 news
 ++++
 - Whoosh logging is now controlled by the .ini files logging setup
 - added clone-url into edit form on /settings page
 - added help text into repo add/edit forms
 - created rcextensions module with additional mappings (ref #322) and
   post push/pull/create repo hooks callbacks
 - implemented #377 Users view for his own permissions on account page
 - #399 added inheritance of permissions for users group on repos groups
 - #401 repository group is automatically pre-selected when adding repos
   inside a repository group
 - added alternative HTTP 403 response when client failed to authenticate. Helps
   solving issues with Mercurial and LDAP
 fixes
 +++++
 - fixed #390 cache invalidation problems on repos inside group
 - fixed #385 clone by ID url was loosing proxy prefix in URL
 - fixed some unicode problems with waitress
 - fixed issue with escaping < and > in changeset commits
 - fixed error occurring during recursive group creation in API
   create_repo function
 - fixed #393 py2.5 fixes for routes url generator
 - fixed #397 Private repository groups shows up before login
 - fixed #396 fixed problems with revoking users in nested groups
 .3.3 (**2012-03-02**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - fixed some python2.5 compatibility issues
 - fixed issues with removed repos was accidentally added as groups, after
   full rescan of paths
 - fixes #376 Cannot edit user (using container auth)
 - fixes #378 Invalid image urls on changeset screen with proxy-prefix
   configuration
 - fixed initial sorting of repos inside repo group
 - fixes issue when user tried to resubmit same permission into user/user_groups
 - bumped beaker version that fixes #375 leap error bug
 - fixed raw_changeset for git. It was generated with hg patch headers
 - fixed vcs issue with last_changeset for filenodes
 - fixed missing commit after hook delete
 - fixed #372 issues with git operation detection that caused a security issue
   for git repos
 .3.2 (**2012-02-28**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - fixed git protocol issues with repos-groups
 - fixed git remote repos validator that prevented from cloning remote git repos
 - fixes #370 ending slashes fixes for repo and groups
 - fixes #368 improved git-protocol detection to handle other clients
 - fixes #366 When Setting Repository Group To Blank Repo Group Wont Be
   Moved To Root
 - fixes #371 fixed issues with beaker/sqlalchemy and non-ascii cache keys
 - fixed #373 missing cascade drop on user_group_to_perm table
 .3.1 (**2012-02-27**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - redirection loop occurs when remember-me wasn't checked during login
 - fixes issues with git blob history generation
 - don't fetch branch for git in file history dropdown. Causes unneeded slowness
 .3.0 (**2012-02-26**)
 ----------------------
 news
 ++++
 - code review, inspired by github code-comments
 - #215 rst and markdown README files support
 - #252 Container-based and proxy pass-through authentication support
 - #44 branch browser. Filtering of changelog by branches
 - mercurial bookmarks support
 - new hover top menu, optimized to add maximum size for important views
 - configurable clone url template with possibility to specify  protocol like
   ssh:// or http:// and also manually alter other parts of clone_url.
 - enabled largefiles extension by default
 - optimized summary file pages and saved a lot of unused space in them
 - #239 option to manually mark repository as fork
 - #320 mapping of commit authors to RhodeCode users
 - #304 hashes are displayed using monospace font
 - diff configuration, toggle white lines and context lines
 - #307 configurable diffs, whitespace toggle, increasing context lines
 - sorting on branches, tags and bookmarks using YUI datatable
 - improved file filter on files page
 - implements #330 api method for listing nodes ar particular revision
 - #73 added linking issues in commit messages to chosen issue tracker url
   based on user defined regular expression
 - added linking of changesets in commit messages
 - new compact changelog with expandable commit messages
 - firstname and lastname are optional in user creation
 - #348 added post-create repository hook
 - #212 global encoding settings is now configurable from .ini files
 - #227 added repository groups permissions
 - markdown gets codehilite extensions
 - new API methods, delete_repositories, grante/revoke permissions for groups
   and repos
 fixes
 +++++
 - rewrote dbsession management for atomic operations, and better error handling
 - fixed sorting of repo tables
 - #326 escape of special html entities in diffs
 - normalized user_name => username in api attributes
 - fixes #298 ldap created users with mixed case emails created conflicts
   on saving a form
 - fixes issue when owner of a repo couldn't revoke permissions for users
   and groups
 - fixes #271 rare JSON serialization problem with statistics
 - fixes #337 missing validation check for conflicting names of a group with a
   repositories group
 - #340 fixed session problem for mysql and celery tasks
 - fixed #331 RhodeCode mangles repository names if the a repository group
   contains the "full path" to the repositories
 - #355 RhodeCode doesn't store encrypted LDAP passwords
 .2.5 (**2012-01-28**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - #340 Celery complains about MySQL server gone away, added session cleanup
   for celery tasks
 - #341 "scanning for repositories in None" log message during Rescan was missing
   a parameter
 - fixed creating archives with subrepos. Some hooks were triggered during that
   operation leading to crash.
 - fixed missing email in account page.
 - Reverted Mercurial to 2.0.1 for windows due to bug in Mercurial that makes
   forking on windows impossible
 .2.4 (**2012-01-19**)
 ----------------------
 news
 ++++
 - RhodeCode is bundled with mercurial series 2.0.X by default, with
   full support to largefiles extension. Enabled by default in new installations
 - #329 Ability to Add/Remove Groups to/from a Repository via AP
 - added requires.txt file with requirements
 fixes
 +++++
 - fixes db session issues with celery when emailing admins
 - #331 RhodeCode mangles repository names if the a repository group
   contains the "full path" to the repositories
 - #298 Conflicting e-mail addresses for LDAP and RhodeCode users
 - DB session cleanup after hg protocol operations, fixes issues with
   `mysql has gone away` errors
 - #333 doc fixes for get_repo api function
 - #271 rare JSON serialization problem with statistics enabled
 - #337 Fixes issues with validation of repository name conflicting with
   a group name. A proper message is now displayed.
 - #292 made ldap_dn in user edit readonly, to get rid of confusion that field
   doesn't work
 - #316 fixes issues with web description in hgrc files
 .2.3 (**2011-11-02**)
 ----------------------
 news
 ++++
 - added option to manage repos group for non admin users
 - added following API methods for get_users, create_user, get_users_groups,
   get_users_group, create_users_group, add_user_to_users_groups, get_repos,
   get_repo, create_repo, add_user_to_repo
 - implements #237 added password confirmation for my account
   and admin edit user.
 - implements #291 email notification for global events are now sent to all
   administrator users, and global config email.
 fixes
 +++++
 - added option for passing auth method for smtp mailer
 - #276 issue with adding a single user with id>10 to usergroups
 - #277 fixes windows LDAP settings in which missing values breaks the ldap auth
 - #288 fixes managing of repos in a group for non admin user
 .2.2 (**2011-10-17**)
 ----------------------
 news
 ++++
 - #226 repo groups are available by path instead of numerical id
 fixes
 +++++
 - #259 Groups with the same name but with different parent group
 - #260 Put repo in group, then move group to another group -> repo becomes unavailable
 - #258 RhodeCode 1.2 assumes egg folder is writable (lockfiles problems)
 - #265 ldap save fails sometimes on converting attributes to booleans,
   added getter and setter into model that will prevent from this on db model level
 - fixed problems with timestamps issues #251 and #213
 - fixes #266 RhodeCode allows to create repo with the same name and in
   the same parent as group
 - fixes #245 Rescan of the repositories on Windows
 - fixes #248 cannot edit repos inside a group on windows
 - fixes #219 forking problems on windows
 .2.1 (**2011-10-08**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - fixed problems with basic auth and push problems
 - gui fixes
 - fixed logger
 .2.0 (**2011-10-07**)
 ----------------------
 news
 ++++
 - implemented #47 repository groups
 - implemented #89 Can setup google analytics code from settings menu
 - implemented #91 added nicer looking archive urls with more download options
   like tags, branches
 - implemented #44 into file browsing, and added follow branch option
 - implemented #84 downloads can be enabled/disabled for each repository
 - anonymous repository can be cloned without having to pass default:default
   into clone url
 - fixed #90 whoosh indexer can index chooses repositories passed in command
   line
 - extended journal with day aggregates and paging
 - implemented #107 source code lines highlight ranges
 - implemented #93 customizable changelog on combined revision ranges -
   equivalent of githubs compare view
 - implemented #108 extended and more powerful LDAP configuration
 - implemented #56 users groups
 - major code rewrites optimized codes for speed and memory usage
 - raw and diff downloads are now in git format
 - setup command checks for write access to given path
 - fixed many issues with international characters and unicode. It uses utf8
   decode with replace to provide less errors even with non utf8 encoded strings
 - #125 added API KEY access to feeds
 - #109 Repository can be created from external Mercurial link (aka. remote
   repository, and manually updated (via pull) from admin panel
 - beta git support - push/pull server + basic view for git repos
 - added followers page and forks page
 - server side file creation (with binary file upload interface)
   and edition with commits powered by codemirror
 - #111 file browser file finder, quick lookup files on whole file tree
 - added quick login sliding menu into main page
 - changelog uses lazy loading of affected files details, in some scenarios
   this can improve speed of changelog page dramatically especially for
   larger repositories.
 - implements #214 added support for downloading subrepos in download menu.
 - Added basic API for direct operations on rhodecode via JSON
 - Implemented advanced hook management
 fixes
 +++++
 - fixed file browser bug, when switching into given form revision the url was
   not changing
 - fixed propagation to error controller on simplehg and simplegit middlewares
 - fixed error when trying to make a download on empty repository
 - fixed problem with '[' chars in commit messages in journal
 - fixed #99 Unicode errors, on file node paths with non utf-8 characters
 - journal fork fixes
 - removed issue with space inside renamed repository after deletion
 - fixed strange issue on formencode imports
 - fixed #126 Deleting repository on Windows, rename used incompatible chars.
 - #150 fixes for errors on repositories mapped in db but corrupted in
   filesystem
 - fixed problem with ascendant characters in realm #181
 - fixed problem with sqlite file based database connection pool
 - whoosh indexer and code stats share the same dynamic extensions map
 - fixes #188 - relationship delete of repo_to_perm entry on user removal
 - fixes issue #189 Trending source files shows "show more" when no more exist
 - fixes issue #197 Relative paths for pidlocks
 - fixes issue #198 password will require only 3 chars now for login form
 - fixes issue #199 wrong redirection for non admin users after creating a repository
 - fixes issues #202, bad db constraint made impossible to attach same group
   more than one time. Affects only mysql/postgres
 - fixes #218 os.kill patch for windows was missing sig param
 - improved rendering of dag (they are not trimmed anymore when number of
   heads exceeds 5)
 .1.8 (**2011-04-12**)
 ----------------------
 news
 ++++
 - improved windows support
 fixes
 +++++
 - fixed #140 freeze of python dateutil library, since new version is python2.x
   incompatible
 - setup-app will check for write permission in given path
 - cleaned up license info issue #149
 - fixes for issues #137,#116 and problems with unicode and accented characters.
 - fixes crashes on gravatar, when passed in email as unicode
 - fixed tooltip flickering problems
 - fixed came_from redirection on windows
 - fixed logging modules, and sql formatters
 - windows fixes for os.kill issue #133
 - fixes path splitting for windows issues #148
 - fixed issue #143 wrong import on migration to 1.1.X
 - fixed problems with displaying binary files, thanks to Thomas Waldmann
 - removed name from archive files since it's breaking ui for long repo names
 - fixed issue with archive headers sent to browser, thanks to Thomas Waldmann
 - fixed compatibility for 1024px displays, and larger dpi settings, thanks to
   Thomas Waldmann
 - fixed issue #166 summary pager was skipping 10 revisions on second page
 .1.7 (**2011-03-23**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - fixed (again) #136 installation support for FreeBSD
 .1.6 (**2011-03-21**)
 ----------------------
 news
 ++++
 fixes
 +++++
 - fixed #136 installation support for FreeBSD
 - RhodeCode will check for python version during installation
 .1.5 (**2011-03-17**)
 ----------------------
 news
 ++++
 - basic windows support, by exchanging pybcrypt into sha256 for windows only
   highly inspired by idea of mantis406
 fixes
 +++++
 - fixed sorting by author in main page
 - fixed crashes with diffs on binary files
 - fixed #131 problem with boolean values for LDAP
 - fixed #122 mysql problems thanks to striker69
 - fixed problem with errors on calling raw/raw_files/annotate functions
   with unknown revisions
 - fixed returned rawfiles attachment names with international character
 - cleaned out docs, big thanks to Jason Harris
 .1.4 (**2011-02-19**)

production.ini

➞

Show inline comments

 ################################################################################
 ################################################################################
 # RhodeCode - Pylons environment configuration                                 #
 #                                                                              #
 # The %(here)s variable will be replaced with the parent directory of this file#
 ################################################################################
 [DEFAULT]
 debug = true
 pdebug = false
 ################################################################################
 ## Uncomment and replace with the address which should receive                ##
 ## any error reports after application crash                                  ##
 ## Additionally those settings will be used by RhodeCode mailing system       ##
 ################################################################################
 #email_to = admin@localhost
 #error_email_from = paste_error@localhost
 #app_email_from = rhodecode-noreply@localhost
 #error_message =
 #email_prefix = [RhodeCode]
 #smtp_server = mail.server.com
 #smtp_username =
 #smtp_password =
 #smtp_port =
 #smtp_use_tls = false
 #smtp_use_ssl = true
 # Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
 #smtp_auth =
 [server:main]
 ##nr of threads to spawn
 threadpool_workers = 5
 ##max request before thread respawn
 threadpool_max_requests = 10
 ##option to use threads of process
 use_threadpool = true
 use = egg:Paste#http
 host = 127.0.0.1
 port = 8001
 [app:main]
 use = egg:rhodecode
 full_stack = true
 static_files = true
 lang = en
 cache_dir = %(here)s/data
 index_dir = %(here)s/data/index
 app_instance_uuid = rc-production
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 50
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 default_encoding = utf8
 ## overwrite schema of clone url
 ## available vars:
 ## scheme - http/https
 ## user - current user
 ## pass - password
 ## netloc - network location
 ## path - usually repo_name
 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
 ## issue tracking mapping for commits messages
 ## comment out issue_pat, issue_server, issue_prefix to enable
 ## pattern to get the issues from commit messages
 ## default one used here is #<numbers> with a regex passive group for `#`
 ## {id} will be all groups matched from this pattern
 issue_pat = (?:\s*#)(\d+)
 ## server url to the issue, each {id} will be replaced with match
 ## fetched from the regex and {repo} is replaced with repository name
 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
 ## prefix to add to link to indicate it's an url
 ## #314 will be replaced by <issue_prefix><id>
 issue_prefix = #
 ## instance-id prefix
 ## a prefix key for this instance used for cache invalidation when running
 ## multiple instances of rhodecode, make sure it's globally unique for
 ## all running rhodecode instances. Leave empty if you don't use it
 instance_id =
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
 ## handling that. Set this variable to 403 to return HTTPForbidden
 auth_ret_code =
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost
 broker.vhost = rabbitmqhost
 broker.port = 5672
 broker.user = rabbitmq
 broker.password = qweqwe
 celery.imports = rhodecode.lib.celerylib.tasks
 celery.result.backend = amqp
 celery.result.dburi = amqp://
 celery.result.serialier = json
 #celery.send.task.error.emails = true
 #celery.amqp.task.result.expires = 18000
 celeryd.concurrency = 2
 #celeryd.log.file = celeryd.log
 celeryd.log.level = debug
 celeryd.max.tasks.per.child = 1
 #tasks will never be sent to the queue, but executed locally instead.
 celery.always.eager = false
 ####################################
 ###         BEAKER CACHE        ####
 ####################################
 beaker.cache.data_dir=%(here)s/data/cache/data
 beaker.cache.lock_dir=%(here)s/data/cache/lock
 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
 beaker.cache.super_short_term.type=memory
 beaker.cache.super_short_term.expire=10
 beaker.cache.super_short_term.key_length = 256
 beaker.cache.short_term.type=memory
 beaker.cache.short_term.expire=60
 beaker.cache.short_term.key_length = 256
 beaker.cache.long_term.type=memory
 beaker.cache.long_term.expire=36000
 beaker.cache.long_term.key_length = 256
 beaker.cache.sql_cache_short.type=memory
 beaker.cache.sql_cache_short.expire=10
 beaker.cache.sql_cache_short.key_length = 256
 beaker.cache.sql_cache_med.type=memory
 beaker.cache.sql_cache_med.expire=360
 beaker.cache.sql_cache_med.key_length = 256
 beaker.cache.sql_cache_long.type=file
 beaker.cache.sql_cache_long.expire=3600
 beaker.cache.sql_cache_long.key_length = 256
 ####################################
 ###       BEAKER SESSION        ####
 ####################################
 ## Type of storage used for the session, current types are
 ## dbm, file, memcached, database, and memory.
 ## The storage uses the Container API
 ## that is also used by the cache system.
 ## db session example
 #beaker.session.type = ext:database
 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode
 #beaker.session.table_name = db_session
 ## encrypted cookie session, good for many instances
 #beaker.session.type = cookie
 beaker.session.type = file
 beaker.session.key = rhodecode
 # secure cookie requires AES python libraries
 #beaker.session.encrypt_key = g654dcno0-9873jhgfreyu
 #beaker.session.validate_key = 9712sds2212c--zxc123
 beaker.session.timeout = 36000
 beaker.session.httponly = true
 ## uncomment for https secure cookie
 beaker.session.secure = false
 ##auto save the session to not to use .save()
 beaker.session.auto = False
 ##true exire at browser close
 #beaker.session.cookie_expires = 3600
 ################################################################################
 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 set debug = false
 ##################################
 ###       LOGVIEW CONFIG       ###
 ##################################
 logview.sqlalchemy = #faa
 logview.pylons.templating = #bfb
 logview.pylons.util = #eee
 #########################################################
 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###
 #########################################################
 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode
 sqlalchemy.db1.echo = false
 sqlalchemy.db1.pool_recycle = 3600
 sqlalchemy.convert_unicode = true
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
 [loggers]
 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, whoosh_indexer
 [handlers]
 keys = console, console_sql
 [formatters]
 keys = generic, color_formatter, color_formatter_sql
 #############
 ## LOGGERS ##
 #############
 [logger_root]
 level = NOTSET
 handlers = console
 [logger_routes]
 level = DEBUG
 handlers =
 qualname = routes.middleware
 # "level = DEBUG" logs the route matched and routing variables.
 propagate = 1
 [logger_beaker]
 level = DEBUG
 handlers =
 qualname = beaker.container
 propagate = 1
 [logger_templates]
 level = INFO
 handlers =
 qualname = pylons.templating
 propagate = 1
 [logger_rhodecode]
 level = DEBUG
 handlers =
 qualname = rhodecode
 propagate = 1
 [logger_sqlalchemy]
 level = INFO
 handlers = console_sql
 qualname = sqlalchemy.engine
 propagate = 0
 [logger_whoosh_indexer]
 level = DEBUG
 handlers =
 qualname = whoosh_indexer
 propagate = 1
 ##############
 ## HANDLERS ##
 ##############
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = INFO
 formatter = generic
 [handler_console_sql]
 class = StreamHandler
 args = (sys.stderr,)
 level = WARN
 formatter = generic
 ################
 ## FORMATTERS ##
 ################
 [formatter_generic]
 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S
 [formatter_color_formatter]
 class=rhodecode.lib.colored_formatter.ColorFormatter
 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S
 [formatter_color_formatter_sql]
 class=rhodecode.lib.colored_formatter.ColorFormatterSql
 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S

rhodecode/config/deployment.ini_tmpl

➞

Show inline comments

 ################################################################################
 ################################################################################
 # RhodeCode - Pylons environment configuration                                 #
 #                                                                              #
 # The %(here)s variable will be replaced with the parent directory of this file#
 ################################################################################
 [DEFAULT]
 debug = true
 pdebug = false
 ################################################################################
 ## Uncomment and replace with the address which should receive                ##
 ## any error reports after application crash                                  ##
 ## Additionally those settings will be used by RhodeCode mailing system       ##
 ################################################################################
 #email_to = admin@localhost
 #error_email_from = paste_error@localhost
 #app_email_from = rhodecode-noreply@localhost
 #error_message =
 #email_prefix = [RhodeCode]
 #smtp_server = mail.server.com
 #smtp_username =
 #smtp_password =
 #smtp_port =
 #smtp_use_tls = false
 #smtp_use_ssl = true
 # Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
 #smtp_auth =
 [server:main]
 ##nr of threads to spawn
 threadpool_workers = 5
 ##max request before thread respawn
 threadpool_max_requests = 10
 ##option to use threads of process
 use_threadpool = true
 use = egg:Paste#http
 host = 127.0.0.1
 port = 5000
 [app:main]
 use = egg:rhodecode
 full_stack = true
 static_files = true
 lang = en
 cache_dir = %(here)s/data
 index_dir = %(here)s/data/index
 app_instance_uuid = ${app_instance_uuid}
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 50
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 default_encoding = utf8
 ## overwrite schema of clone url
 ## available vars:
 ## scheme - http/https
 ## user - current user
 ## pass - password
 ## netloc - network location
 ## path - usually repo_name
 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
 ## issue tracking mapping for commits messages
 ## comment out issue_pat, issue_server, issue_prefix to enable
 ## pattern to get the issues from commit messages
 ## default one used here is #<numbers> with a regex passive group for `#`
 ## {id} will be all groups matched from this pattern
 issue_pat = (?:\s*#)(\d+)
 ## server url to the issue, each {id} will be replaced with match
 ## fetched from the regex and {repo} is replaced with repository name
 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
 ## prefix to add to link to indicate it's an url
 ## #314 will be replaced by <issue_prefix><id>
 issue_prefix = #
 ## instance-id prefix
 ## a prefix key for this instance used for cache invalidation when running
 ## multiple instances of rhodecode, make sure it's globally unique for
 ## all running rhodecode instances. Leave empty if you don't use it
 instance_id =
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
 ## handling that. Set this variable to 403 to return HTTPForbidden
 auth_ret_code =
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost
 broker.vhost = rabbitmqhost
 broker.port = 5672
 broker.user = rabbitmq
 broker.password = qweqwe
 celery.imports = rhodecode.lib.celerylib.tasks
 celery.result.backend = amqp
 celery.result.dburi = amqp://
 celery.result.serialier = json
 #celery.send.task.error.emails = true
 #celery.amqp.task.result.expires = 18000
 celeryd.concurrency = 2
 #celeryd.log.file = celeryd.log
 celeryd.log.level = debug
 celeryd.max.tasks.per.child = 1
 #tasks will never be sent to the queue, but executed locally instead.
 celery.always.eager = false
 ####################################
 ###         BEAKER CACHE        ####
 ####################################
 beaker.cache.data_dir=%(here)s/data/cache/data
 beaker.cache.lock_dir=%(here)s/data/cache/lock
 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
 beaker.cache.super_short_term.type=memory
 beaker.cache.super_short_term.expire=10
 beaker.cache.super_short_term.key_length = 256
 beaker.cache.short_term.type=memory
 beaker.cache.short_term.expire=60
 beaker.cache.short_term.key_length = 256
 beaker.cache.long_term.type=memory
 beaker.cache.long_term.expire=36000
 beaker.cache.long_term.key_length = 256
 beaker.cache.sql_cache_short.type=memory
 beaker.cache.sql_cache_short.expire=10
 beaker.cache.sql_cache_short.key_length = 256
 beaker.cache.sql_cache_med.type=memory
 beaker.cache.sql_cache_med.expire=360
 beaker.cache.sql_cache_med.key_length = 256
 beaker.cache.sql_cache_long.type=file
 beaker.cache.sql_cache_long.expire=3600
 beaker.cache.sql_cache_long.key_length = 256
 ####################################
 ###       BEAKER SESSION        ####
 ####################################
 ## Type of storage used for the session, current types are
 ## dbm, file, memcached, database, and memory.
 ## The storage uses the Container API
 ## that is also used by the cache system.
 ## db session example
 #beaker.session.type = ext:database
 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode
 #beaker.session.table_name = db_session
 ## encrypted cookie session, good for many instances
 #beaker.session.type = cookie
 beaker.session.type = file
 beaker.session.key = rhodecode
 # secure cookie requires AES python libraries
 #beaker.session.encrypt_key = ${app_instance_secret}
 #beaker.session.validate_key = ${app_instance_secret}
 beaker.session.timeout = 36000
 beaker.session.httponly = true
 ## uncomment for https secure cookie
 beaker.session.secure = false
 ##auto save the session to not to use .save()
 beaker.session.auto = False
 ##true exire at browser close
 #beaker.session.cookie_expires = 3600
 ################################################################################
 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 set debug = false
 ##################################
 ###       LOGVIEW CONFIG       ###
 ##################################
 logview.sqlalchemy = #faa
 logview.pylons.templating = #bfb
 logview.pylons.util = #eee
 #########################################################
 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###
 #########################################################
 # SQLITE [default]
 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
 # POSTGRESQL
 # sqlalchemy.db1.url = postgresql://user:pass@localhost/rhodecode
 # MySQL
 # sqlalchemy.db1.url = mysql://user:pass@localhost/rhodecode
 # see sqlalchemy docs for others
 sqlalchemy.db1.echo = false
 sqlalchemy.db1.pool_recycle = 3600
 sqlalchemy.convert_unicode = true
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
 [loggers]
 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, whoosh_indexer
 [handlers]
 keys = console, console_sql
 [formatters]
 keys = generic, color_formatter, color_formatter_sql
 #############
 ## LOGGERS ##
 #############
 [logger_root]
 level = NOTSET
 handlers = console
 [logger_routes]
 level = DEBUG
 handlers =
 qualname = routes.middleware
 # "level = DEBUG" logs the route matched and routing variables.
 propagate = 1
 [logger_beaker]
 level = DEBUG
 handlers =
 qualname = beaker.container
 propagate = 1
 [logger_templates]
 level = INFO
 handlers =
 qualname = pylons.templating
 propagate = 1
 [logger_rhodecode]
 level = DEBUG
 handlers =
 qualname = rhodecode
 propagate = 1
 [logger_sqlalchemy]
 level = INFO
 handlers = console_sql
 qualname = sqlalchemy.engine
 propagate = 0
 [logger_whoosh_indexer]
 level = DEBUG
 handlers =
 qualname = whoosh_indexer
 propagate = 1
 ##############
 ## HANDLERS ##
 ##############
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = INFO
 formatter = generic
 [handler_console_sql]
 class = StreamHandler
 args = (sys.stderr,)
 level = WARN
 formatter = generic
 ################
 ## FORMATTERS ##
 ################
 [formatter_generic]
 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S
 [formatter_color_formatter]
 class=rhodecode.lib.colored_formatter.ColorFormatter
 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S
 [formatter_color_formatter_sql]
 class=rhodecode.lib.colored_formatter.ColorFormatterSql
 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %Y-%m-%d %H:%M:%S

rhodecode/lib/base.py

➞

Show inline comments

 """The base Controller API
 Provides the BaseController class for subclassing.
 """
 import logging
 import time
 import traceback
 from paste.auth.basic import AuthBasicAuthenticator
 from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden
 from paste.httpheaders import WWW_AUTHENTICATE
 from pylons import config, tmpl_context as c, request, session, url
 from pylons.controllers import WSGIController
 from pylons.controllers.util import redirect
 from pylons.templating import render_mako as render
 from rhodecode import __version__, BACKENDS
 from rhodecode.lib.utils2 import str2bool, safe_unicode
 from rhodecode.lib.auth import AuthUser, get_container_username, authfunc,\
     HasPermissionAnyMiddleware, CookieStoreWrapper
 from rhodecode.lib.utils import get_repo_slug, invalidate_cache
 from rhodecode.model import meta
 from rhodecode.model.db import Repository
 from rhodecode.model.notification import NotificationModel
 from rhodecode.model.scm import ScmModel
 log = logging.getLogger(__name__)
 class BasicAuth(AuthBasicAuthenticator):
     def __init__(self, realm, authfunc, auth_http_code=None):
         self.realm = realm
         self.authfunc = authfunc
         self._rc_auth_http_code = auth_http_code
     def build_authentication(self):
         head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
         if self._rc_auth_http_code and self._rc_auth_http_code == '403':
             # return 403 if alternative http return code is specified in
             # RhodeCode config
             return HTTPForbidden(headers=head)
         return HTTPUnauthorized(headers=head)
 class BaseVCSController(object):
     def __init__(self, application, config):
         self.application = application
         self.config = config
         # base path of repo locations
         self.basepath = self.config['base_path']
         #authenticate this mercurial request using authfunc
         self.authenticate = AuthBasicAuthenticator('', authfunc)
         self.authenticate = BasicAuth('', authfunc,
                                       config.get('auth_ret_code'))
         self.ipaddr = '0.0.0.0'
     def _handle_request(self, environ, start_response):
         raise NotImplementedError()
     def _get_by_id(self, repo_name):
         """
         Get's a special pattern _<ID> from clone url and tries to replace it
         with a repository_name for support of _<ID> non changable urls
         :param repo_name:
         """
         try:
             data = repo_name.split('/')
             if len(data) >= 2:
                 by_id = data[1].split('_')
                 if len(by_id) == 2 and by_id[1].isdigit():
                     _repo_name = Repository.get(by_id[1]).repo_name
                     data[1] = _repo_name
         except:
             log.debug('Failed to extract repo_name from id %s' % (
                       traceback.format_exc()
+                      )
+            )
         return '/'.join(data)
     def _invalidate_cache(self, repo_name):
         """
         Set's cache for this repository for invalidation on next access
         :param repo_name: full repo name, also a cache key
         """
         invalidate_cache('get_repo_cached_%s' % repo_name)
     def _check_permission(self, action, user, repo_name):
         """
         Checks permissions using action (push/pull) user and repository
         name
         :param action: push or pull action
         :param user: user instance
         :param repo_name: repository name
         """
         if action == 'push':
             if not HasPermissionAnyMiddleware('repository.write',
                                               'repository.admin')(user,
                                                                   repo_name):
                 return False
         else:
             #any other action need at least read permission
             if not HasPermissionAnyMiddleware('repository.read',
                                               'repository.write',
                                               'repository.admin')(user,
                                                                   repo_name):
                 return False
         return True
     def __call__(self, environ, start_response):
         start = time.time()
         try:
             return self._handle_request(environ, start_response)
         finally:
             log = logging.getLogger('rhodecode.' + self.__class__.__name__)
             log.debug('Request time: %.3fs' % (time.time() - start))
             meta.Session.remove()
 class BaseController(WSGIController):
     def __before__(self):
         c.rhodecode_version = __version__
         c.rhodecode_instanceid = config.get('instance_id')
         c.rhodecode_name = config.get('rhodecode_title')
         c.use_gravatar = str2bool(config.get('use_gravatar'))
         c.ga_code = config.get('rhodecode_ga_code')
         c.repo_name = get_repo_slug(request)
         c.backends = BACKENDS.keys()
         c.unread_notifications = NotificationModel()\
                         .get_unread_cnt_for_user(c.rhodecode_user.user_id)
         self.cut_off_limit = int(config.get('cut_off_limit'))
         self.sa = meta.Session
         self.scm_model = ScmModel(self.sa)
     def __call__(self, environ, start_response):
         """Invoke the Controller"""
         # WSGIController.__call__ dispatches to the Controller method
         # the request is routed to. This routing information is
         # available in environ['pylons.routes_dict']
         start = time.time()
         try:
             # make sure that we update permissions each time we call controller
             api_key = request.GET.get('api_key')
             cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
             user_id = cookie_store.get('user_id', None)
             username = get_container_username(environ, config)
             auth_user = AuthUser(user_id, api_key, username)
             request.user = auth_user
             self.rhodecode_user = c.rhodecode_user = auth_user
             if not self.rhodecode_user.is_authenticated and \
                        self.rhodecode_user.user_id is not None:
                 self.rhodecode_user.set_authenticated(
                     cookie_store.get('is_authenticated')
+                )
             log.info('User: %s accessed %s' % (
                 auth_user, safe_unicode(environ.get('PATH_INFO')))
+            )
             return WSGIController.__call__(self, environ, start_response)
         finally:
             log.info('Request to %s time: %.3fs' % (
                 safe_unicode(environ.get('PATH_INFO')), time.time() - start)
+            )
             meta.Session.remove()
 class BaseRepoController(BaseController):
     """
     Base class for controllers responsible for loading all needed data for
     repository loaded items are
     c.rhodecode_repo: instance of scm repository
     c.rhodecode_db_repo: instance of db
     c.repository_followers: number of followers
     c.repository_forks: number of forks
     """
     def __before__(self):
         super(BaseRepoController, self).__before__()
         if c.repo_name:
             c.rhodecode_db_repo = Repository.get_by_repo_name(c.repo_name)
             c.rhodecode_repo = c.rhodecode_db_repo.scm_instance
             if c.rhodecode_repo is None:
                 log.error('%s this repository is present in database but it '
                           'cannot be created as an scm instance', c.repo_name)
                 redirect(url('home'))
             c.repository_followers = self.scm_model.get_followers(c.repo_name)
             c.repository_forks = self.scm_model.get_forks(c.repo_name)

0 comments (0 inline, 0 general)