kallithea Changeset - a8d759613d8f

Changeset - a8d759613d8f

Parent rev.

Child rev.

[Not reviewed]

beta

0 4 0

Marcin Kuzminski - 15 years ago 2011-03-09 19:47:52
marcin@python-works.com

fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
and repositories feeds

4 files changed with 15 insertions and 11 deletions:

rhodecode/controllers/feed.py

rhodecode/controllers/journal.py

rhodecode/lib/auth.py

rhodecode/model/user.py

0 comments (0 inline, 0 general)

rhodecode/controllers/feed.py

➞

Show inline comments

@@ @@ -39,7 +39,7 @@ log = logging.getLogger(__name__) @@
 class FeedController(BaseRepoController):
     @LoginRequired()
+    @LoginRequired(api_access=True)
     @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                    'repository.admin')
     def __before__(self):

rhodecode/controllers/journal.py

➞

Show inline comments

@@ @@ -46,7 +46,7 @@ log = logging.getLogger(__name__) @@
 class JournalController(BaseController):
-    @LoginRequired()
     def __before__(self):
         super(JournalController, self).__before__()
         c.rhodecode_user = self.rhodecode_user
@@ @@ -55,6 +55,7 @@ class JournalController(BaseController): @@
         self.ttl = "5"
         self.feed_nr = 20
     @LoginRequired()
     @NotAnonymous()
     def index(self):
         # Return a rendered template
@@ @@ -117,6 +118,7 @@ class JournalController(BaseController): @@
         return journal
     @LoginRequired()
     @NotAnonymous()
     def toggle_following(self):
         cur_token = request.POST.get('auth_token')
@@ @@ -147,7 +149,7 @@ class JournalController(BaseController): @@
+    @LoginRequired()
     def public_journal(self):
         # Return a rendered template
         p = int(request.params.get('page', 1))
@@ @@ -169,7 +171,7 @@ class JournalController(BaseController): @@
         return render('journal/public_journal.html')
+    @LoginRequired(api_access=True)
     def public_journal_atom(self):
         """
         Produce an atom-1.0 feed via feedgenerator module
@@ @@ -203,6 +205,7 @@ class JournalController(BaseController): @@
         response.content_type = feed.mime_type
         return feed.writeString('utf-8')
     @LoginRequired(api_access=True)
     def public_journal_rss(self):
         """
         Produce an rss2 feed via feedgenerator module

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -230,7 +230,7 @@ class AuthUser(object): @@
     def __init__(self, user_id=None, api_key=None):
         self.user_id = user_id
-        self.api_key = api_key
+        self.api_key = None
         self.username = 'None'
         self.name = ''
@@ @@ -239,19 +239,19 @@ class AuthUser(object): @@
         self.is_authenticated = False
         self.admin = False
         self.permissions = {}
         self._api_key = api_key
         self.propagate_data()
     def propagate_data(self):
         user_model = UserModel()
         if self.api_key:
         self.anonymous_user = user_model.get_by_username('default', cache=True)
         if self._api_key:
             #try go get user by api key
             log.debug('Auth User lookup by API KEY %s', self.api_key)
             user_model.fill_data(self, api_key=self.api_key)
             log.debug('Auth User lookup by API KEY %s', self._api_key)
             user_model.fill_data(self, api_key=self._api_key)
         else:
             log.debug('Auth User lookup by USER ID %s', self.user_id)
             self.anonymous_user = user_model.get_by_username('default', cache=True)
             if self.user_id is not None and self.user_id != self.anonymous_user.user_id:
                 user_model.fill_data(self, user_id=self.user_id)
             else:

rhodecode/model/user.py

➞

Show inline comments

@@ @@ -230,7 +230,7 @@ class UserModel(BaseModel): @@
         :param user_id: user id to fetch by
         :param api_key: api key to fetch by
         """
-        if not user_id and not not api_key:
+        if user_id is None and api_key is None:
             raise Exception('You need to pass user_id or api_key')
         try:
@@ @@ -239,6 +239,7 @@ class UserModel(BaseModel): @@
             else:
                 dbuser = self.get(user_id)
             if dbuser is not None:
             log.debug('filling %s data', dbuser)
             for k, v in dbuser.get_dict().items():
                 setattr(auth_user, k, v)

0 comments (0 inline, 0 general)