Changeset - b27e515df83c
Parent rev.
Child rev.
[Not reviewed]
default
0 9 0
Christian Oyarzun - 11 years ago 2014-11-17 20:42:45
oyarzun@gmail.com
ssh: introduce 'kallithea-cli ssh-update-authorized-keys' command for updating authorized_keys file

Based on work by Ilya Beda <ir4y.ix@gmail.com> on
https://bitbucket.org/ir4y/rhodecode/commits/branch/ssh_server_support ,
incorporating gearbox support by Anton Schur <tonich.sh@gmail.com> and also
heavily modified by Mads Kiilerich.

This commit also incorporates a fix for Windows by Dominik Ruf,
and better handling of the case where the parent dir of 'authorized_keys'
does not exist or is not writable, by Bradley M. Kuhn <bkuhn@ebb.org>.
9 files changed with 105 insertions and 3 deletions:
CONTRIBUTORS
1
1
development.ini
6
kallithea/bin/kallithea_cli_ssh.py
11
kallithea/lib/paster_commands/template.ini.mako
6
kallithea/lib/ssh.py
25
kallithea/model/ssh_key.py
51
1
kallithea/templates/about.html
1
1
kallithea/tests/conftest.py
3
scripts/contributor_data.py
1
0 comments (0 inline, 0 general)
CONTRIBUTORS
Show inline comments
 
@@ -4,126 +4,126 @@ List of contributors to Kallithea projec
 
    Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> 2014-2019
 
    Étienne Gilli <etienne.gilli@gmail.com> 2015-2017 2019
 
    Mads Kiilerich <mads@kiilerich.com> 2016-2019
 
    Allan Nordhøy <epost@anotheragency.no> 2017-2019
 
    ssantos <ssantos@web.de> 2018-2019
 
    Danni Randeris <danniranderis@gmail.com> 2019
 
    Edmund Wong <ewong@crazy-cat.org> 2019
 
    Manuel Jacob <me@manueljacob.de> 2019
 
    Wolfgang Scherer <wolfgang.scherer@gmx.de> 2019
 
    Dominik Ruf <dominikruf@gmail.com> 2012 2014-2018
 
    Michal Čihař <michal@cihar.com> 2014-2015 2018
 
    Branko Majic <branko@majic.rs> 2015 2018
 
    Chris Rule <crule@aegistg.com> 2018
 
    Jesús Sánchez <jsanchezfdz95@gmail.com> 2018
 
    Patrick Vane <patrick_vane@lowentry.com> 2018
 
    Pheng Heong Tan <phtan90@gmail.com> 2018
 
    Максим Якимчук <xpinovo@gmail.com> 2018
 
    Марс Ямбар <mjambarmeta@gmail.com> 2018
 
    Mads Kiilerich <madski@unity3d.com> 2012-2017
 
    Unity Technologies 2012-2017
 
    Søren Løvborg <sorenl@unity3d.com> 2015-2017
 
    Sam Jaques <sam.jaques@me.com> 2015 2017
 
    Asterios Dimitriou <steve@pci.gr> 2016-2017
 
    Alessandro Molina <alessandro.molina@axant.it> 2017
 
    Anton Schur <tonich.sh@gmail.com> 2017
 
    Ching-Chen Mao <mao@lins.fju.edu.tw> 2017
 
    Eivind Tagseth <eivindt@gmail.com> 2017
 
    FUJIWARA Katsunori <foozy@lares.dti.ne.jp> 2017
 
    Holger Schramm <info@schramm.by> 2017
 
    Karl Goetz <karl@kgoetz.id.au> 2017
 
    Lars Kruse <devel@sumpfralle.de> 2017
 
    Marko Semet <markosemet@googlemail.com> 2017
 
    Viktar Vauchkevich <victorenator@gmail.com> 2017
 
    Takumi IINO <trot.thunder@gmail.com> 2012-2016
 
    Jan Heylen <heyleke@gmail.com> 2015-2016
 
    Robert Martinez <ntttq@inboxen.org> 2015-2016
 
    Robert Rauch <mail@robertrauch.de> 2015-2016
 
    Angel Ezquerra <angel.ezquerra@gmail.com> 2016
 
    Anton Shestakov <av6@dwimlabs.net> 2016
 
    Brandon Jones <bjones14@gmail.com> 2016
 
    Kateryna Musina <kateryna@unity3d.com> 2016
 
    Konstantin Veretennicov <kveretennicov@gmail.com> 2016
 
    Oscar Curero <oscar@naiandei.net> 2016
 
    Robert James Dennington <tinytimrob@googlemail.com> 2016
 
    timeless@gmail.com 2016
 
    YFdyh000 <yfdyh000@gmail.com> 2016
 
    Aras Pranckevičius <aras@unity3d.com> 2012-2013 2015
 
    Sean Farley <sean.michael.farley@gmail.com> 2013-2015
 
    Bradley M. Kuhn <bkuhn@sfconservancy.org> 2014-2015
 
    Christian Oyarzun <oyarzun@gmail.com> 2014-2015
 
    Joseph Rivera <rivera.d.joseph@gmail.com> 2014-2015
 
    Anatoly Bubenkov <bubenkoff@gmail.com> 2015
 
    Andrew Bartlett <abartlet@catalyst.net.nz> 2015
 
    Balázs Úr <urbalazs@gmail.com> 2015
 
    Ben Finney <ben@benfinney.id.au> 2015
 
    Daniel Hobley <danielh@unity3d.com> 2015
 
    David Avigni <david.avigni@ankapi.com> 2015
 
    Denis Blanchette <dblanchette@coveo.com> 2015
 
    duanhongyi <duanhongyi@doopai.com> 2015
 
    EriCSN Chang <ericsning@gmail.com> 2015
 
    Grzegorz Krason <grzegorz.krason@gmail.com> 2015
 
    Jiří Suchan <yed@vanyli.net> 2015
 
    Kazunari Kobayashi <kobanari@nifty.com> 2015
 
    Kevin Bullock <kbullock@ringworld.org> 2015
 
    kobanari <kobanari@nifty.com> 2015
 
    Marc Abramowitz <marc@marc-abramowitz.com> 2015
 
    Marc Villetard <marc.villetard@gmail.com> 2015
 
    Matthias Zilk <matthias.zilk@gmail.com> 2015
 
    Michael Pohl <michael@mipapo.de> 2015
 
    Michael V. DePalatis <mike@depalatis.net> 2015
 
    Morten Skaaning <mortens@unity3d.com> 2015
 
    Nick High <nick@silverchip.org> 2015
 
    Niemand Jedermann <predatorix@web.de> 2015
 
    Peter Vitt <petervitt@web.de> 2015
 
    Ronny Pfannschmidt <opensource@ronnypfannschmidt.de> 2015
 
    Tuux <tuxa@galaxie.eu.org> 2015
 
    Viktar Palstsiuk <vipals@gmail.com> 2015
 
    Ante Ilic <ante@unity3d.com> 2014
 
    Bradley M. Kuhn <bkuhn@sfconservancy.org> 2014
 
    Calinou <calinou@opmbx.org> 2014
 
    Daniel Anderson <daniel@dattrix.com> 2014
 
    Henrik Stuart <hg@hstuart.dk> 2014
 
    Ingo von Borstel <kallithea@planetmaker.de> 2014
 
    Jelmer Vernooij <jelmer@samba.org> 2014
 
    Jim Hague <jim.hague@acm.org> 2014
 
    Matt Fellows <kallithea@matt-fellows.me.uk> 2014
 
    Max Roman <max@choloclos.se> 2014
 
    Na'Tosha Bard <natosha@unity3d.com> 2014
 
    Rasmus Selsmark <rasmuss@unity3d.com> 2014
 
    Tim Freund <tim@freunds.net> 2014
 
    Travis Burtrum <android@moparisthebest.com> 2014
 
    Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com> 2014
 
    Marcin Kuźmiński <marcin@python-works.com> 2010-2013
 
    xpol <xpolife@gmail.com> 2012-2013
 
    Aparkar <aparkar@icloud.com> 2013
 
    Dennis Brakhane <brakhane@googlemail.com> 2013
 
    Grzegorz Rożniecki <xaerxess@gmail.com> 2013
 
    Ilya Beda <ir4y.ix@gmail.com> 2013
 
    Jonathan Sternberg <jonathansternberg@gmail.com> 2013
 
    Leonardo Carneiro <leonardo@unity3d.com> 2013
 
    Magnus Ericmats <magnus.ericmats@gmail.com> 2013
 
    Martin Vium <martinv@unity3d.com> 2013
 
    Simon Lopez <simon.lopez@slopez.org> 2013
 
    Ton Plomp <tcplomp@gmail.com> 2013
 
    Augusto Herrmann <augusto.herrmann@planejamento.gov.br> 2011-2012
 
    Dan Sheridan <djs@adelard.com> 2012
 
    Dies Koper <diesk@fast.au.fujitsu.com> 2012
 
    Erwin Kroon <e.kroon@smartmetersolutions.nl> 2012
 
    H Waldo G <gwaldo@gmail.com> 2012
 
    hppj <hppj@postmage.biz> 2012
 
    Indra Talip <indra.talip@gmail.com> 2012
 
    mikespook 2012
 
    nansenat16 <nansenat16@null.tw> 2012
 
    Philip Jameson <philip.j@hostdime.com> 2012
 
    Raoul Thill <raoul.thill@gmail.com> 2012
 
    Stefan Engel <mail@engel-stefan.de> 2012
 
    Tony Bussieres <t.bussieres@gmail.com> 2012
 
    Vincent Caron <vcaron@bearstech.com> 2012
 
    Vincent Duvert <vincent@duvert.net> 2012
 
    Vladislav Poluhin <nuklea@gmail.com> 2012
 
    Zachary Auclair <zach101@gmail.com> 2012
 
    Ankit Solanki <ankit.solanki@gmail.com> 2011
 
    Dmitri Kuznetsov 2011
 
    Jared Bunting <jared.bunting@peachjean.com> 2011
 
    Jason Harris <jason@jasonfharris.com> 2011
 
    Les Peabody <lpeabody@gmail.com> 2011
 
    Liad Shani <liadff@gmail.com> 2011
development.ini
Show inline comments
 
@@ -187,96 +187,102 @@ issue_pat = #(\d+)
 
issue_server_link = https://issues.example.com/{repo}/issue/\1
 

			




	
	
	
		
 
## substitution pattern to use as the link text

			




	
	
	
		
 
## If issue_sub is empty, the text matched by issue_pat is retained verbatim

			




	
	
	
		
 
## for the link text. Otherwise, the link text is that of issue_sub, with any

			




	
	
	
		
 
## backreferences to groups in issue_pat replaced.

			




	
	
	
		
 

			




	
	
	
		
 
issue_sub =

			




	
	
	
		
 

			




	
	
	
		
 
## issue_pat, issue_server_link and issue_sub can have suffixes to specify

			




	
	
	
		
 
## multiple patterns, to other issues server, wiki or others

			




	
	
	
		
 
## below an example how to create a wiki pattern

			




	
	
	
		
 
# wiki-some-id -> https://wiki.example.com/some-id

			




	
	
	
		
 

			




	
	
	
		
 
#issue_pat_wiki = wiki-(\S+)

			




	
	
	
		
 
#issue_server_link_wiki = https://wiki.example.com/\1

			




	
	
	
		
 
#issue_sub_wiki = WIKI-\1

			




	
	
	
		
 

			




	
	
	
		
 
## alternative return HTTP header for failed authentication. Default HTTP

			




	
	
	
		
 
## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with

			




	
	
	
		
 
## handling that. Set this variable to 403 to return HTTPForbidden

			




	
	
	
		
 
auth_ret_code =

			




	
	
	
		
 

			




	
	
	
		
 
## allows to change the repository location in settings page

			




	
	
	
		
 
allow_repo_location_change = True

			




	
	
	
		
 

			




	
	
	
		
 
## allows to setup custom hooks in settings page

			




	
	
	
		
 
allow_custom_hooks_settings = True

			




	
	
	
		
 

			




	
	
	
		
 
## extra extensions for indexing, space separated and without the leading '.'.

			




	
	
	
		
 
# index.extensions =

			




	
	
	
		
 
#    gemfile

			




	
	
	
		
 
#    lock

			




	
	
	
		
 

			




	
	
	
		
 
## extra filenames for indexing, space separated

			




	
	
	
		
 
# index.filenames =

			




	
	
	
		
 
#    .dockerignore

			




	
	
	
		
 
#    .editorconfig

			




	
	
	
		
 
#    INSTALL

			




	
	
	
		
 
#    CHANGELOG

			




	
	
	
		
 

			




	
	
	
		
 
####################################

			




	
	
	
		
 
###           SSH CONFIG        ####

			




	
	
	
		
 
####################################

			




	
	
	
		
 

			




	
	
	
		
 
## SSH is disabled by default, until an Administrator decides to enable it.

			




	
	
	
		
 
ssh_enabled = false

			




	
	
	
		
 

			




	
	
	
		
 
## File where users' SSH keys will be stored *if* ssh_enabled is true.

			




	
	
	
		
 
#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys

			




	
	
	
		
 

			




	
	
	
		
 
## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.

			




	
	
	
		
 
#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

			




	
	
	
		
 

			




	
	
	
		
 
####################################

			




	
	
	
		
 
###        CELERY CONFIG        ####

			




	
	
	
		
 
####################################

			




	
	
	
		
 

			




	
	
	
		
 
use_celery = false

			




	
	
	
		
 

			




	
	
	
		
 
## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:

			




	
	
	
		
 
broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

			




	
	
	
		
 

			




	
	
	
		
 
celery.imports = kallithea.lib.celerylib.tasks

			




	
	
	
		
 
celery.accept.content = pickle

			




	
	
	
		
 
celery.result.backend = amqp

			




	
	
	
		
 
celery.result.dburi = amqp://

			




	
	
	
		
 
celery.result.serialier = json

			




	
	
	
		
 

			




	
	
	
		
 
#celery.send.task.error.emails = true

			




	
	
	
		
 
#celery.amqp.task.result.expires = 18000

			




	
	
	
		
 

			




	
	
	
		
 
celeryd.concurrency = 2

			




	
	
	
		
 
celeryd.max.tasks.per.child = 1

			




	
	
	
		
 

			




	
	
	
		
 
## If true, tasks will never be sent to the queue, but executed locally instead.

			




	
	
	
		
 
celery.always.eager = false

			




	
	
	
		
 

			




	
	
	
		
 
####################################

			




	
	
	
		
 
###         BEAKER CACHE        ####

			




	
	
	
		
 
####################################

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.data_dir = %(here)s/data/cache/data

			




	
	
	
		
 
beaker.cache.lock_dir = %(here)s/data/cache/lock

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.regions = short_term,long_term,sql_cache_short

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.short_term.type = memory

			




	
	
	
		
 
beaker.cache.short_term.expire = 60

			




	
	
	
		
 
beaker.cache.short_term.key_length = 256

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.long_term.type = memory

			




	
	
	
		
 
beaker.cache.long_term.expire = 36000

			




	
	
	
		
 
beaker.cache.long_term.key_length = 256

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.sql_cache_short.type = memory

			




	
	
	
		
 
beaker.cache.sql_cache_short.expire = 10

			




	
	
	
		
 
beaker.cache.sql_cache_short.key_length = 256

			




	
	
	
		
 

			




	
	
	
		
 
####################################

			




	
	
	
		
 
###       BEAKER SESSION        ####

			




	
	
	
		
 
####################################

			




        

    


    
    

    

        

                

                    kallithea/bin/kallithea_cli_ssh.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
# -*- coding: utf-8 -*-

			




	
	
	
		
 
# This program is free software: you can redistribute it and/or modify

			




	
	
	
		
 
# it under the terms of the GNU General Public License as published by

			




	
	
	
		
 
# the Free Software Foundation, either version 3 of the License, or

			




	
	
	
		
 
# (at your option) any later version.

			




	
	
	
		
 
#

			




	
	
	
		
 
# This program is distributed in the hope that it will be useful,

			




	
	
	
		
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of

			




	
	
	
		
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

			




	
	
	
		
 
# GNU General Public License for more details.

			




	
	
	
		
 
#

			




	
	
	
		
 
# You should have received a copy of the GNU General Public License

			




	
	
	
		
 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

			




	
	
	
		
 

			




	
	
	
		
 
import click

			




	
	
	
		
 
import kallithea.bin.kallithea_cli_base as cli_base

			




	
	
	
		
 

			




	
	
	
		
 
import os

			




	
	
	
		
 
import sys

			




	
	
	
		
 
import re

			




	
	
	
		
 
import logging

			




	
	
	
		
 
import shlex

			




	
	
	
		
 

			




	
	
	
		
 
import kallithea

			




	
	
	
		
 
from kallithea.lib.utils2 import str2bool

			




	
	
	
		
 
from kallithea.lib.vcs.backends.git.ssh import GitSshHandler

			




	
	
	
		
 
from kallithea.lib.vcs.backends.hg.ssh import MercurialSshHandler

			




	
	
	
		
 
from kallithea.model.ssh_key import SshKeyModel

			




	
	
	
		
 

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
@cli_base.register_command(config_file_initialize_app=True, hidden=True)

			




	
	
	
		
 
@click.argument('user-id', type=click.INT, required=True)

			




	
	
	
		
 
@click.argument('key-id', type=click.INT, required=True)

			




	
	
	
		
 
def ssh_serve(user_id, key_id):

			




	
	
	
		
 
    """Serve SSH repository protocol access.

			




	
	
	
		
 

			




	
	
	
		
 
    The trusted command that is invoked from .ssh/authorized_keys to serve SSH

			




	
	
	
		
 
    protocol access. The access will be granted as the specified user ID, and

			




	
	
	
		
 
    logged as using the specified key ID.

			




	
	
	
		
 
    """

			




	
	
	
		
 
    ssh_enabled = kallithea.CONFIG.get('ssh_enabled', False)

			




	
	
	
		
 
    if not str2bool(ssh_enabled):

			




	
	
	
		
 
        sys.stderr.write("SSH access is disabled.\n")

			




	
	
	
		
 
        return sys.exit(1)

			




	
	
	
		
 

			




	
	
	
		
 
    ssh_original_command = os.environ.get('SSH_ORIGINAL_COMMAND', '')

			




	
	
	
		
 
    connection = re.search('^([\d\.]+)', os.environ.get('SSH_CONNECTION', ''))

			




	
	
	
		
 
    client_ip = connection.group(1) if connection else '0.0.0.0'

			




	
	
	
		
 
    log.debug('ssh-serve was invoked for SSH command %r from %s', ssh_original_command, client_ip)

			




	
	
	
		
 

			




	
	
	
		
 
    if not ssh_original_command:

			




	
	
	
		
 
        if os.environ.get('SSH_CONNECTION'):

			




	
	
	
		
 
            sys.stderr.write("'kallithea-cli ssh-serve' can only provide protocol access over SSH. Interactive SSH login for this user is disabled.\n")

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            sys.stderr.write("'kallithea-cli ssh-serve' cannot be called directly. It must be specified as command in an SSH authorized_keys file.\n")

			




	
	
	
		
 
        return sys.exit(1)

			




	
	
	
		
 

			




	
	
	
		
 
    try:

			




	
	
	
		
 
        ssh_command_parts = shlex.split(ssh_original_command)

			




	
	
	
		
 
    except ValueError as e:

			




	
	
	
		
 
        sys.stderr.write('Error parsing SSH command %r: %s\n' % (ssh_original_command, e))

			




	
	
	
		
 
        sys.exit(1)

			




	
	
	
		
 
    for VcsHandler in [MercurialSshHandler, GitSshHandler]:

			




	
	
	
		
 
        vcs_handler = VcsHandler.make(ssh_command_parts)

			




	
	
	
		
 
        if vcs_handler is not None:

			




	
	
	
		
 
            vcs_handler.serve(user_id, key_id, client_ip)

			




	
	
	
		
 
            assert False # serve is written so it never will terminate

			




	
	
	
		
 

			




	
	
	
		
 
    sys.stderr.write("This account can only be used for repository access. SSH command %r is not supported.\n" % ssh_original_command)

			




	
	
	
		
 
    sys.exit(1)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
@cli_base.register_command(config_file_initialize_app=True)

			




	
	
	
		
 
def ssh_update_authorized_keys():

			




	
	
	
		
 
    """Update .ssh/authorized_keys file.

			




	
	
	
		
 

			




	
	
	
		
 
    The file is usually maintained automatically, but this command will also re-write it.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    SshKeyModel().write_authorized_keys()

			




        

    


    
    

    

        

                

                    kallithea/lib/paster_commands/template.ini.mako
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -284,96 +284,102 @@ issue_pat = #(\d+)

			




	
	
	
		
 
issue_server_link = https://issues.example.com/{repo}/issue/\1

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## substitution pattern to use as the link text</%text>

			




	
	
	
		
 
<%text>## If issue_sub is empty, the text matched by issue_pat is retained verbatim</%text>

			




	
	
	
		
 
<%text>## for the link text. Otherwise, the link text is that of issue_sub, with any</%text>

			




	
	
	
		
 
<%text>## backreferences to groups in issue_pat replaced.</%text>

			




	
	
	
		
 

			




	
	
	
		
 
issue_sub =

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## issue_pat, issue_server_link and issue_sub can have suffixes to specify</%text>

			




	
	
	
		
 
<%text>## multiple patterns, to other issues server, wiki or others</%text>

			




	
	
	
		
 
<%text>## below an example how to create a wiki pattern</%text>

			




	
	
	
		
 
# wiki-some-id -> https://wiki.example.com/some-id

			




	
	
	
		
 

			




	
	
	
		
 
#issue_pat_wiki = wiki-(\S+)

			




	
	
	
		
 
#issue_server_link_wiki = https://wiki.example.com/\1

			




	
	
	
		
 
#issue_sub_wiki = WIKI-\1

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>

			




	
	
	
		
 
<%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>

			




	
	
	
		
 
<%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>

			




	
	
	
		
 
auth_ret_code =

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## allows to change the repository location in settings page</%text>

			




	
	
	
		
 
allow_repo_location_change = True

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## allows to setup custom hooks in settings page</%text>

			




	
	
	
		
 
allow_custom_hooks_settings = True

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## extra extensions for indexing, space separated and without the leading '.'.</%text>

			




	
	
	
		
 
# index.extensions =

			




	
	
	
		
 
#    gemfile

			




	
	
	
		
 
#    lock

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## extra filenames for indexing, space separated</%text>

			




	
	
	
		
 
# index.filenames =

			




	
	
	
		
 
#    .dockerignore

			




	
	
	
		
 
#    .editorconfig

			




	
	
	
		
 
#    INSTALL

			




	
	
	
		
 
#    CHANGELOG

			




	
	
	
		
 

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 
<%text>###           SSH CONFIG        ####</%text>

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## SSH is disabled by default, until an Administrator decides to enable it.</%text>

			




	
	
	
		
 
ssh_enabled = false

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## File where users' SSH keys will be stored *if* ssh_enabled is true.</%text>

			




	
	
	
		
 
#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.</%text>

			




	
	
	
		
 
#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

			




	
	
	
		
 

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 
<%text>###        CELERY CONFIG        ####</%text>

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 

			




	
	
	
		
 
use_celery = false

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:</%text>

			




	
	
	
		
 
broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

			




	
	
	
		
 

			




	
	
	
		
 
celery.imports = kallithea.lib.celerylib.tasks

			




	
	
	
		
 
celery.accept.content = pickle

			




	
	
	
		
 
celery.result.backend = amqp

			




	
	
	
		
 
celery.result.dburi = amqp://

			




	
	
	
		
 
celery.result.serialier = json

			




	
	
	
		
 

			




	
	
	
		
 
#celery.send.task.error.emails = true

			




	
	
	
		
 
#celery.amqp.task.result.expires = 18000

			




	
	
	
		
 

			




	
	
	
		
 
celeryd.concurrency = 2

			




	
	
	
		
 
celeryd.max.tasks.per.child = 1

			




	
	
	
		
 

			




	
	
	
		
 
<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

			




	
	
	
		
 
celery.always.eager = false

			




	
	
	
		
 

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 
<%text>###         BEAKER CACHE        ####</%text>

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.data_dir = %(here)s/data/cache/data

			




	
	
	
		
 
beaker.cache.lock_dir = %(here)s/data/cache/lock

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.regions = short_term,long_term,sql_cache_short

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.short_term.type = memory

			




	
	
	
		
 
beaker.cache.short_term.expire = 60

			




	
	
	
		
 
beaker.cache.short_term.key_length = 256

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.long_term.type = memory

			




	
	
	
		
 
beaker.cache.long_term.expire = 36000

			




	
	
	
		
 
beaker.cache.long_term.key_length = 256

			




	
	
	
		
 

			




	
	
	
		
 
beaker.cache.sql_cache_short.type = memory

			




	
	
	
		
 
beaker.cache.sql_cache_short.expire = 10

			




	
	
	
		
 
beaker.cache.sql_cache_short.key_length = 256

			




	
	
	
		
 

			




	
	
	
		
 
<%text>####################################</%text>

			




	
	
	
		
 
<%text>###       BEAKER SESSION        ####</%text>

			




	
	
	
		
 
<%text>####################################</%text>

			




        

    


    
    

    

        

                

                    kallithea/lib/ssh.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -44,48 +44,73 @@ def parse_pub_key(ssh_key):

			




	
	
	
		
 
    SshKeyParseError: SSH key is missing

			




	
	
	
		
 
    >>> parse_pub_key('''AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ''')

			




	
	
	
		
 
    Traceback (most recent call last):

			




	
	
	
		
 
    ...

			




	
	
	
		
 
    SshKeyParseError: Incorrect SSH key - it must have both a key type and a base64 part

			




	
	
	
		
 
    >>> parse_pub_key('''abc AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ''')

			




	
	
	
		
 
    Traceback (most recent call last):

			




	
	
	
		
 
    ...

			




	
	
	
		
 
    SshKeyParseError: Incorrect SSH key - it must start with 'ssh-(rsa|dss|ed25519)'

			




	
	
	
		
 
    >>> parse_pub_key('''ssh-rsa  AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ''')

			




	
	
	
		
 
    Traceback (most recent call last):

			




	
	
	
		
 
    ...

			




	
	
	
		
 
    SshKeyParseError: Incorrect SSH key - failed to decode base64 part 'AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ'

			




	
	
	
		
 
    >>> parse_pub_key('''ssh-rsa  AAAAB2NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ==''')

			




	
	
	
		
 
    Traceback (most recent call last):

			




	
	
	
		
 
    ...

			




	
	
	
		
 
    SshKeyParseError: Incorrect SSH key - base64 part is not 'ssh-rsa' as claimed but 'csh-rsa'

			




	
	
	
		
 
    >>> parse_pub_key('''ssh-rsa  AAAAB3NzaC1yc2EAAAA'LVGhpcyBpcyBmYWtlIQ''')

			




	
	
	
		
 
    Traceback (most recent call last):

			




	
	
	
		
 
    ...

			




	
	
	
		
 
    SshKeyParseError: Incorrect SSH key - unexpected characters in base64 part "AAAAB3NzaC1yc2EAAAA'LVGhpcyBpcyBmYWtlIQ"

			




	
	
	
		
 
    >>> parse_pub_key(''' ssh-rsa  AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ== and a comment

			




	
	
	
		
 
    ... ''')

			




	
	
	
		
 
    ('ssh-rsa', '\x00\x00\x00\x07ssh-rsa\x00\x00\x00\x0bThis is fake!', 'and a comment\n')

			




	
	
	
		
 
    """

			




	
	
	
		
 
    if not ssh_key:

			




	
	
	
		
 
        raise SshKeyParseError(_("SSH key is missing"))

			




	
	
	
		
 

			




	
	
	
		
 
    parts = ssh_key.split(None, 2)

			




	
	
	
		
 
    if len(parts) < 2:

			




	
	
	
		
 
        raise SshKeyParseError(_("Incorrect SSH key - it must have both a key type and a base64 part"))

			




	
	
	
		
 

			




	
	
	
		
 
    keytype, keyvalue, comment = (parts + [''])[:3]

			




	
	
	
		
 
    if keytype not in ('ssh-rsa', 'ssh-dss', 'ssh-ed25519'):

			




	
	
	
		
 
        raise SshKeyParseError(_("Incorrect SSH key - it must start with 'ssh-(rsa|dss|ed25519)'"))

			




	
	
	
		
 

			




	
	
	
		
 
    if re.search(r'[^a-zA-Z0-9+/=]', keyvalue):

			




	
	
	
		
 
        raise SshKeyParseError(_("Incorrect SSH key - unexpected characters in base64 part %r") % keyvalue)

			




	
	
	
		
 

			




	
	
	
		
 
    try:

			




	
	
	
		
 
        decoded = keyvalue.decode('base64')

			




	
	
	
		
 
    except binascii.Error:

			




	
	
	
		
 
        raise SshKeyParseError(_("Incorrect SSH key - failed to decode base64 part %r") % keyvalue)

			




	
	
	
		
 

			




	
	
	
		
 
    if not decoded.startswith('\x00\x00\x00\x07' + str(keytype) + '\x00'):

			




	
	
	
		
 
        raise SshKeyParseError(_("Incorrect SSH key - base64 part is not %r as claimed but %r") % (str(keytype), str(decoded[4:].split('\0', 1)[0])))

			




	
	
	
		
 

			




	
	
	
		
 
    return keytype, decoded, comment

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
SSH_OPTIONS = 'no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def authorized_keys_line(kallithea_cli_path, config_file, key):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Return a line as it would appear in .authorized_keys

			




	
	
	
		
 

			




	
	
	
		
 
    >>> from kallithea.model.db import UserSshKeys, User

			




	
	
	
		
 
    >>> user = User(user_id=7, username='uu')

			




	
	
	
		
 
    >>> key = UserSshKeys(user_ssh_key_id=17, user=user, description='test key')

			




	
	
	
		
 
    >>> key.public_key='''ssh-rsa  AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ== and a comment'''

			




	
	
	
		
 
    >>> authorized_keys_line('/srv/kallithea/venv/bin/kallithea-cli', '/srv/kallithea/my.ini', key)

			




	
	
	
		
 
    'no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/srv/kallithea/venv/bin/kallithea-cli ssh-serve -c /srv/kallithea/my.ini 7 17" ssh-rsa AAAAB3NzaC1yc2EAAAALVGhpcyBpcyBmYWtlIQ==\\n'

			




	
	
	
		
 
    """

			




	
	
	
		
 
    try:

			




	
	
	
		
 
        keytype, decoded, comment = parse_pub_key(key.public_key)

			




	
	
	
		
 
    except SshKeyParseError:

			




	
	
	
		
 
        return '# Invalid Kallithea SSH key: %s %s\n' % (key.user.user_id, key.user_ssh_key_id)

			




	
	
	
		
 
    mimekey = decoded.encode('base64').replace('\n', '')

			




	
	
	
		
 
    return '%s,command="%s ssh-serve -c %s %s %s" %s %s\n' % (

			




	
	
	
		
 
        SSH_OPTIONS, kallithea_cli_path, config_file,

			




	
	
	
		
 
        key.user.user_id, key.user_ssh_key_id,

			




	
	
	
		
 
        keytype, mimekey)

			




        

    


    
    

    

        

                

                    kallithea/model/ssh_key.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
# -*- coding: utf-8 -*-

			




	
	
	
		
 
# This program is free software: you can redistribute it and/or modify

			




	
	
	
		
 
# it under the terms of the GNU General Public License as published by

			




	
	
	
		
 
# the Free Software Foundation, either version 3 of the License, or

			




	
	
	
		
 
# (at your option) any later version.

			




	
	
	
		
 
#

			




	
	
	
		
 
# This program is distributed in the hope that it will be useful,

			




	
	
	
		
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of

			




	
	
	
		
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

			




	
	
	
		
 
# GNU General Public License for more details.

			




	
	
	
		
 
#

			




	
	
	
		
 
# You should have received a copy of the GNU General Public License

			




	
	
	
		
 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

			




	
	
	
		
 
"""

			




	
	
	
		
 
kallithea.model.ssh_key

			




	
	
	
		
 
~~~~~~~~~~~~~~~~~~~~~~~

			




	
	
	
		
 

			




	
	
	
		
 
SSH key model for Kallithea

			




	
	
	
		
 

			




	
	
	
		
 
"""

			




	
	
	
		
 

			




	
	
	
		
 
import logging

			




	
	
	
		
 
import os

			




	
	
	
		
 
import stat

			




	
	
	
		
 
import tempfile

			




	
	
	
		
 
import errno

			




	
	
	
		
 

			




	
	
	
		
 
from tg import config

			




	
	
	
		
 
from tg.i18n import ugettext as _

			




	
	
	
		
 

			




	
	
	
		
 
from kallithea.lib.utils2 import safe_str

			




	
	
	
		
 
from kallithea.lib.utils2 import safe_str, str2bool

			




	
	
	
		
 
from kallithea.model.db import UserSshKeys, User

			




	
	
	
		
 
from kallithea.model.meta import Session

			




	
	
	
		
 
from kallithea.lib import ssh

			




	
	
	
		
 

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class SshKeyModelException(Exception):

			




	
	
	
		
 
    """Exception raised by SshKeyModel methods to report errors"""

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class SshKeyModel(object):

			




	
	
	
		
 

			




	
	
	
		
 
    def create(self, user, description, public_key):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        :param user: user or user_id

			




	
	
	
		
 
        :param description: description of SshKey

			




	
	
	
		
 
        :param publickey: public key text

			




	
	
	
		
 
        Will raise SshKeyModelException on errors

			




	
	
	
		
 
        """

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            keytype, pub, comment = ssh.parse_pub_key(public_key)

			




	
	
	
		
 
        except ssh.SshKeyParseError as e:

			




	
	
	
		
 
            raise SshKeyModelException(_('SSH key %r is invalid: %s') % (safe_str(public_key), e.message))

			




	
	
	
		
 
        if not description.strip():

			




	
	
	
		
 
            description = comment.strip()

			




	
	
	
		
 

			




	
	
	
		
 
        user = User.guess_instance(user)

			




	
	
	
		
 

			




	
	
	
		
 
        new_ssh_key = UserSshKeys()

			




	
	
	
		
 
        new_ssh_key.user_id = user.user_id

			




	
	
	
		
 
        new_ssh_key.description = description

			




	
	
	
		
 
        new_ssh_key.public_key = public_key

			




	
	
	
		
 

			




	
	
	
		
 
        for ssh_key in UserSshKeys.query().filter(UserSshKeys.fingerprint == new_ssh_key.fingerprint).all():

			




	
	
	
		
 
            raise SshKeyModelException(_('SSH key %s is already used by %s') %

			




	
	
	
		
 
                                       (new_ssh_key.fingerprint, ssh_key.user.username))

			




	
	
	
		
 

			




	
	
	
		
 
        Session().add(new_ssh_key)

			




	
	
	
		
 

			




	
	
	
		
 
        return new_ssh_key

			




	
	
	
		
 

			




	
	
	
		
 
    def delete(self, public_key, user=None):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Deletes given public_key, if user is set it also filters the object for

			




	
	
	
		
 
        deletion by given user.

			




	
	
	
		
 
        Will raise SshKeyModelException on errors

			




	
	
	
		
 
        """

			




	
	
	
		
 
        ssh_key = UserSshKeys.query().filter(UserSshKeys._public_key == public_key)

			




	
	
	
		
 

			




	
	
	
		
 
        if user:

			




	
	
	
		
 
            user = User.guess_instance(user)

			




	
	
	
		
 
            ssh_key = ssh_key.filter(UserSshKeys.user_id == user.user_id)

			




	
	
	
		
 

			




	
	
	
		
 
        ssh_key = ssh_key.scalar()

			




	
	
	
		
 
        if ssh_key is None:

			




	
	
	
		
 
            raise SshKeyModelException(_('SSH key %r not found') % safe_str(public_key))

			




	
	
	
		
 
        Session().delete(ssh_key)

			




	
	
	
		
 

			




	
	
	
		
 
    def get_ssh_keys(self, user):

			




	
	
	
		
 
        user = User.guess_instance(user)

			




	
	
	
		
 
        user_ssh_keys = UserSshKeys.query() \

			




	
	
	
		
 
            .filter(UserSshKeys.user_id == user.user_id).all()

			




	
	
	
		
 
        return user_ssh_keys

			




	
	
	
		
 

			




	
	
	
		
 
    def write_authorized_keys(self):

			




	
	
	
		
 
        if not str2bool(config.get('ssh_enabled', False)):

			




	
	
	
		
 
            log.error("Will not write SSH authorized_keys file - ssh_enabled is not configured")

			




	
	
	
		
 
            return

			




	
	
	
		
 
        authorized_keys = config.get('ssh_authorized_keys')

			




	
	
	
		
 
        kallithea_cli_path = config.get('kallithea_cli_path', 'kallithea-cli')

			




	
	
	
		
 
        if not authorized_keys:

			




	
	
	
		
 
            log.error('Cannot write SSH authorized_keys file - ssh_authorized_keys is not configured')

			




	
	
	
		
 
            return

			




	
	
	
		
 
        log.info('Writing %s', authorized_keys)

			




	
	
	
		
 

			




	
	
	
		
 
        authorized_keys_dir = os.path.dirname(authorized_keys)

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            os.makedirs(authorized_keys_dir)

			




	
	
	
		
 
            os.chmod(authorized_keys_dir, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR) # ~/.ssh/ must be 0700

			




	
	
	
		
 
        except OSError as exception:

			




	
	
	
		
 
            if exception.errno != errno.EEXIST:

			




	
	
	
		
 
                raise

			




	
	
	
		
 
        # Now, test that the directory is or was created in a readable way by previous.

			




	
	
	
		
 
        if not (os.path.isdir(authorized_keys_dir) and

			




	
	
	
		
 
                os.access(authorized_keys_dir, os.W_OK)):

			




	
	
	
		
 
            raise Exception("Directory of authorized_keys cannot be written to so authorized_keys file %s cannot be written" % (authorized_keys))

			




	
	
	
		
 

			




	
	
	
		
 
        # Make sure we don't overwrite a key file with important content

			




	
	
	
		
 
        if os.path.exists(authorized_keys):

			




	
	
	
		
 
            with open(authorized_keys) as f:

			




	
	
	
		
 
                for l in f:

			




	
	
	
		
 
                    if not l.strip() or l.startswith('#'):

			




	
	
	
		
 
                        pass # accept empty lines and comments

			




	
	
	
		
 
                    elif ssh.SSH_OPTIONS in l and ' ssh-serve ' in l:

			




	
	
	
		
 
                        pass # Kallithea entries are ok to overwrite

			




	
	
	
		
 
                    else:

			




	
	
	
		
 
                        raise Exception("Safety check failed, found %r in %s - please review and remove it" % (l.strip(), authorized_keys))

			




	
	
	
		
 

			




	
	
	
		
 
        fh, tmp_authorized_keys = tempfile.mkstemp('.authorized_keys', dir=os.path.dirname(authorized_keys))

			




	
	
	
		
 
        with os.fdopen(fh, 'w') as f:

			




	
	
	
		
 
            for key in UserSshKeys.query().join(UserSshKeys.user).filter(User.active == True):

			




	
	
	
		
 
                f.write(ssh.authorized_keys_line(kallithea_cli_path, config['__file__'], key))

			




	
	
	
		
 
        os.chmod(tmp_authorized_keys, stat.S_IRUSR | stat.S_IWUSR)

			




	
	
	
		
 
        # This preliminary remove is needed for Windows, not for Unix.

			




	
	
	
		
 
        # TODO In Python 3, the remove+rename sequence below should become os.replace.

			




	
	
	
		
 
        if os.path.exists(authorized_keys):

			




	
	
	
		
 
            os.remove(authorized_keys)

			




	
	
	
		
 
        os.rename(tmp_authorized_keys, authorized_keys)

			




        

    


    
    

    

        

                

                    kallithea/templates/about.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -26,127 +26,127 @@

			




	
	
	
		
 

			




	
	
	
		
 
  <li>Copyright &copy; 2012&ndash;2019, Mads Kiilerich</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, 2014&ndash;2017, 2019, Andrej Shadura</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014&ndash;2019, Thomas De Schampheleire</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015&ndash;2017, 2019, Étienne Gilli</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017&ndash;2019, Allan Nordhøy</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018&ndash;2019, ssantos</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2019, Danni Randeris</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2019, Edmund Wong</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2019, Manuel Jacob</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2019, Wolfgang Scherer</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, 2014&ndash;2018, Dominik Ruf</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014&ndash;2015, 2018, Michal Čihař</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, 2018, Branko Majic</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018, Chris Rule</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018, Jesús Sánchez</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018, Patrick Vane</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018, Pheng Heong Tan</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018, Максим Якимчук</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2018, Марс Ямбар</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012&ndash;2017, Unity Technologies</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015&ndash;2017, Søren Løvborg</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, 2017, Sam Jaques</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016&ndash;2017, Asterios Dimitriou</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Alessandro Molina</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Anton Schur</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Ching-Chen Mao</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Eivind Tagseth</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, FUJIWARA Katsunori</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Holger Schramm</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Karl Goetz</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Lars Kruse</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Marko Semet</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2017, Viktar Vauchkevich</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012&ndash;2016, Takumi IINO</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015&ndash;2016, Jan Heylen</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015&ndash;2016, Robert Martinez</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015&ndash;2016, Robert Rauch</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Angel Ezquerra</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Anton Shestakov</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Brandon Jones</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Kateryna Musina</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Konstantin Veretennicov</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Oscar Curero</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, Robert James Dennington</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, timeless@gmail.com</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2016, YFdyh000</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012&ndash;2013, 2015, Aras Pranckevičius</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014&ndash;2015, Bradley M. Kuhn</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014&ndash;2015, Christian Oyarzun</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014&ndash;2015, Joseph Rivera</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014&ndash;2015, Sean Farley</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Anatoly Bubenkov</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Andrew Bartlett</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Balázs Úr</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Ben Finney</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Daniel Hobley</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, David Avigni</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Denis Blanchette</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, duanhongyi</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, EriCSN Chang</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Grzegorz Krason</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Jiří Suchan</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Kazunari Kobayashi</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Kevin Bullock</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, kobanari</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Marc Abramowitz</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Marc Villetard</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Matthias Zilk</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Michael Pohl</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Michael V. DePalatis</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Morten Skaaning</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Nick High</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Niemand Jedermann</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Peter Vitt</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Ronny Pfannschmidt</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Tuux</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2015, Viktar Palstsiuk</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Ante Ilic</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Bradley M. Kuhn</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Calinou</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Daniel Anderson</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Henrik Stuart</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Ingo von Borstel</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Jelmer Vernooij</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Jim Hague</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Matt Fellows</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Max Roman</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Na'Tosha Bard</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Rasmus Selsmark</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Tim Freund</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Travis Burtrum</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2014, Zoltan Gyarmati</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2010&ndash;2013, Marcin Kuźmiński</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2010&ndash;2013, RhodeCode GmbH</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, 2013, Aparkar</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012&ndash;2013, xpol</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Dennis Brakhane</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Grzegorz Rożniecki</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Ilya Beda</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Jonathan Sternberg</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Leonardo Carneiro</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Magnus Ericmats</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Martin Vium</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2013, Simon Lopez</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011&ndash;2012, Augusto Herrmann</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Dan Sheridan</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, H Waldo G</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, hppj</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Indra Talip</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, mikespook</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, nansenat16</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Philip Jameson</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Raoul Thill</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Tony Bussieres</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Vincent Duvert</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Vladislav Poluhin</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2012, Zachary Auclair</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Ankit Solanki</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Dmitri Kuznetsov</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Jared Bunting</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Jason Harris</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Les Peabody</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Liad Shani</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Lorenzo M. Catucci</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Matt Zuba</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Nicolas VINOT</li>

			




	
	
	
		
 
  <li>Copyright &copy; 2011, Shawn K. O'Shea</li>

			




        

    


    
    

    

        

                

                    kallithea/tests/conftest.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
import os

			




	
	
	
		
 
import re

			




	
	
	
		
 
import sys

			




	
	
	
		
 
import logging

			




	
	
	
		
 
import pkg_resources

			




	
	
	
		
 
import time

			




	
	
	
		
 

			




	
	
	
		
 
import formencode

			




	
	
	
		
 
from paste.deploy import loadwsgi

			




	
	
	
		
 
from routes.util import URLGenerator

			




	
	
	
		
 
import pytest

			




	
	
	
		
 
from pytest_localserver.http import WSGIServer

			




	
	
	
		
 

			




	
	
	
		
 
from kallithea.controllers.root import RootController

			




	
	
	
		
 
from kallithea.lib import inifile

			




	
	
	
		
 
from kallithea.lib.utils import repo2db_mapper

			




	
	
	
		
 
from kallithea.model.user import UserModel

			




	
	
	
		
 
from kallithea.model.meta import Session

			




	
	
	
		
 
from kallithea.model.db import Setting, User, UserIpMap

			




	
	
	
		
 
from kallithea.model.scm import ScmModel

			




	
	
	
		
 
from kallithea.tests.base import invalidate_all_caches, TEST_USER_REGULAR_LOGIN, TESTS_TMP_PATH, \

			




	
	
	
		
 
    TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS

			




	
	
	
		
 
import kallithea.tests.base # FIXME: needed for setting testapp instance!!!

			




	
	
	
		
 

			




	
	
	
		
 
from tg.util.webtest import test_context

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def pytest_configure():

			




	
	
	
		
 
    os.environ['TZ'] = 'UTC'

			




	
	
	
		
 
    if not kallithea.is_windows:

			




	
	
	
		
 
        time.tzset() # only available on Unix

			




	
	
	
		
 

			




	
	
	
		
 
    path = os.getcwd()

			




	
	
	
		
 
    sys.path.insert(0, path)

			




	
	
	
		
 
    pkg_resources.working_set.add_entry(path)

			




	
	
	
		
 

			




	
	
	
		
 
    # Disable INFO logging of test database creation, restore with NOTSET

			




	
	
	
		
 
    logging.disable(logging.INFO)

			




	
	
	
		
 

			




	
	
	
		
 
    ini_settings = {

			




	
	
	
		
 
        '[server:main]': {

			




	
	
	
		
 
            'port': '4999',

			




	
	
	
		
 
        },

			




	
	
	
		
 
        '[app:main]': {

			




	
	
	
		
 
            'ssh_enabled': 'true',

			




	
	
	
		
 
            # Mainly to safeguard against accidentally overwriting the real one:

			




	
	
	
		
 
            'ssh_authorized_keys': os.path.join(TESTS_TMP_PATH, 'authorized_keys'),

			




	
	
	
		
 
            #'ssh_locale': 'C',

			




	
	
	
		
 
            'app_instance_uuid': 'test',

			




	
	
	
		
 
            'show_revision_number': 'true',

			




	
	
	
		
 
            'beaker.cache.sql_cache_short.expire': '1',

			




	
	
	
		
 
            'session.secret': '{74e0cd75-b339-478b-b129-07dd221def1f}',

			




	
	
	
		
 
            #'i18n.lang': '',

			




	
	
	
		
 
        },

			




	
	
	
		
 
        '[handler_console]': {

			




	
	
	
		
 
            'formatter': 'color_formatter',

			




	
	
	
		
 
        },

			




	
	
	
		
 
        # The 'handler_console_sql' block is very similar to the one in

			




	
	
	
		
 
        # development.ini, but without the explicit 'level=DEBUG' setting:

			




	
	
	
		
 
        # it causes duplicate sqlalchemy debug logs, one through

			




	
	
	
		
 
        # handler_console_sql and another through another path.

			




	
	
	
		
 
        '[handler_console_sql]': {

			




	
	
	
		
 
            'formatter': 'color_formatter_sql',

			




	
	
	
		
 
        },

			




	
	
	
		
 
    }

			




	
	
	
		
 
    if os.environ.get('TEST_DB'):

			




	
	
	
		
 
        ini_settings['[app:main]']['sqlalchemy.url'] = os.environ.get('TEST_DB')

			




	
	
	
		
 

			




	
	
	
		
 
    test_ini_file = os.path.join(TESTS_TMP_PATH, 'test.ini')

			




	
	
	
		
 
    inifile.create(test_ini_file, None, ini_settings)

			




	
	
	
		
 

			




	
	
	
		
 
    context = loadwsgi.loadcontext(loadwsgi.APP, 'config:%s' % test_ini_file)

			




	
	
	
		
 
    from kallithea.tests.fixture import create_test_env, create_test_index

			




	
	
	
		
 

			




	
	
	
		
 
    # set KALLITHEA_NO_TMP_PATH=1 to disable re-creating the database and test repos

			




	
	
	
		
 
    if not int(os.environ.get('KALLITHEA_NO_TMP_PATH', 0)):

			




	
	
	
		
 
        create_test_env(TESTS_TMP_PATH, context.config())

			




	
	
	
		
 

			




	
	
	
		
 
    # set KALLITHEA_WHOOSH_TEST_DISABLE=1 to disable whoosh index during tests

			




	
	
	
		
 
    if not int(os.environ.get('KALLITHEA_WHOOSH_TEST_DISABLE', 0)):

			




	
	
	
		
 
        create_test_index(TESTS_TMP_PATH, context.config(), True)

			




	
	
	
		
 

			




	
	
	
		
 
    kallithea.tests.base.testapp = context.create()

			




	
	
	
		
 
    # do initial repo scan

			




	
	
	
		
 
    repo2db_mapper(ScmModel().repo_scan(TESTS_TMP_PATH))

			




	
	
	
		
 

			




	
	
	
		
 
    logging.disable(logging.NOTSET)

			




	
	
	
		
 

			




	
	
	
		
 
    kallithea.tests.base.url = URLGenerator(RootController().mapper, {'HTTP_HOST': 'example.com'})

			




	
	
	
		
 

			




	
	
	
		
 
    # set fixed language for form messages, regardless of environment settings

			




	
	
	
		
 
    formencode.api.set_stdtranslation(languages=[])

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
@pytest.fixture

			




	
	
	
		
 
def create_test_user():

			




        

    


    
    

    

        

                

                    scripts/contributor_data.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -22,76 +22,77 @@ name_fixes['Jason F. Harris'] = "Jason H

			




	
	
	
		
 
name_fixes['Jelmer Vernooij'] = "Jelmer Vernooij <jelmer@samba.org>"

			




	
	
	
		
 
name_fixes['jfh <jason@jasonfharris.com>'] = "Jason Harris <jason@jasonfharris.com>"

			




	
	
	
		
 
name_fixes['Leonardo Carneiro<leonardo@unity3d.com>'] = "Leonardo Carneiro <leonardo@unity3d.com>"

			




	
	
	
		
 
name_fixes['leonardo'] = "Leonardo Carneiro <leonardo@unity3d.com>"

			




	
	
	
		
 
name_fixes['Leonardo <leo@unity3d.com>'] = "Leonardo Carneiro <leonardo@unity3d.com>"

			




	
	
	
		
 
name_fixes['Les Peabody'] = "Les Peabody <lpeabody@gmail.com>"

			




	
	
	
		
 
name_fixes['"Lorenzo M. Catucci" <lorenzo@sancho.ccd.uniroma2.it>'] = "Lorenzo M. Catucci <lorenzo@sancho.ccd.uniroma2.it>"

			




	
	
	
		
 
name_fixes['Lukasz Balcerzak'] = "Łukasz Balcerzak <lukaszbalcerzak@gmail.com>"

			




	
	
	
		
 
name_fixes['mao <mao@lins.fju.edu.tw>'] = "Ching-Chen Mao <mao@lins.fju.edu.tw>"

			




	
	
	
		
 
name_fixes['marcink'] = "Marcin Kuźmiński <marcin@python-works.com>"

			




	
	
	
		
 
name_fixes['Marcin Kuzminski'] = "Marcin Kuźmiński <marcin@python-works.com>"

			




	
	
	
		
 
name_fixes['nansenat16@null.tw'] = "nansenat16 <nansenat16@null.tw>"

			




	
	
	
		
 
name_fixes['Peter Vitt'] = "Peter Vitt <petervitt@web.de>"

			




	
	
	
		
 
name_fixes['philip.j@hostdime.com'] = "Philip Jameson <philip.j@hostdime.com>"

			




	
	
	
		
 
name_fixes['Søren Løvborg'] = "Søren Løvborg <sorenl@unity3d.com>"

			




	
	
	
		
 
name_fixes['Thomas De Schampheleire'] = "Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>"

			




	
	
	
		
 
name_fixes['Hosted Weblate'] = "<>"

			




	
	
	
		
 
name_fixes['Weblate'] = "<>"

			




	
	
	
		
 
name_fixes['xpol'] = "xpol <xpolife@gmail.com>"

			




	
	
	
		
 
name_fixes['Lars <devel@sumpfralle.de>'] = "Lars Kruse <devel@sumpfralle.de>"

			




	
	
	
		
 

			




	
	
	
		
 
# Some committer email address domains that indicate that another entity might

			




	
	
	
		
 
# hold some copyright too:

			




	
	
	
		
 
domain_extra = {}

			




	
	
	
		
 
domain_extra['unity3d.com'] = "Unity Technologies"

			




	
	
	
		
 
domain_extra['rhodecode.com'] = "RhodeCode GmbH"

			




	
	
	
		
 

			




	
	
	
		
 
# Repository history show some old contributions that traditionally hasn't been

			




	
	
	
		
 
# listed in about.html - preserve that:

			




	
	
	
		
 
no_about = set(total_ignore)

			




	
	
	
		
 
# The following contributors were traditionally not listed in about.html and it

			




	
	
	
		
 
# seems unclear if the copyright is personal or belongs to a company.

			




	
	
	
		
 
no_about.add(('Thayne Harbaugh <thayne@fusionio.com>', '2011'))

			




	
	
	
		
 
no_about.add(('Dies Koper <diesk@fast.au.fujitsu.com>', '2012'))

			




	
	
	
		
 
no_about.add(('Erwin Kroon <e.kroon@smartmetersolutions.nl>', '2012'))

			




	
	
	
		
 
no_about.add(('Vincent Caron <vcaron@bearstech.com>', '2012'))

			




	
	
	
		
 
# These contributors' contributions might be too small to be copyrightable:

			




	
	
	
		
 
no_about.add(('philip.j@hostdime.com', '2012'))

			




	
	
	
		
 
no_about.add(('Stefan Engel <mail@engel-stefan.de>', '2012'))

			




	
	
	
		
 
no_about.add(('Ton Plomp <tcplomp@gmail.com>', '2013'))

			




	
	
	
		
 
# Was reworked and contributed later and shadowed by other contributions:

			




	
	
	
		
 
no_about.add(('Sean Farley <sean.michael.farley@gmail.com>', '2013'))

			




	
	
	
		
 

			




	
	
	
		
 
# Contributors in about.html and CONTRIBUTORS not appearing in repository

			




	
	
	
		
 
# history:

			




	
	
	
		
 
other = [

			




	
	
	
		
 
    # Work folded into commits attributed to others:

			




	
	
	
		
 
    ('2013', 'Ilya Beda <ir4y.ix@gmail.com>'),

			




	
	
	
		
 
    ('2015', 'Bradley M. Kuhn <bkuhn@sfconservancy.org>'),

			




	
	
	
		
 
]

			




	
	
	
		
 

			




	
	
	
		
 
# Preserve contributors listed in about.html but not appearing in repository

			




	
	
	
		
 
# history:

			




	
	
	
		
 
other_about = [

			




	
	
	
		
 
    ("2011", "Aparkar <aparkar@icloud.com>"),

			




	
	
	
		
 
    ("2010", "RhodeCode GmbH"),

			




	
	
	
		
 
    ("2011", "RhodeCode GmbH"),

			




	
	
	
		
 
    ("2012", "RhodeCode GmbH"),

			




	
	
	
		
 
    ("2013", "RhodeCode GmbH"),

			




	
	
	
		
 
]

			




	
	
	
		
 

			




	
	
	
		
 
# Preserve contributors listed in CONTRIBUTORS but not appearing in repository

			




	
	
	
		
 
# history:

			




	
	
	
		
 
other_contributors = [

			




	
	
	
		
 
    ("", "Andrew Kesterson <andrew@aklabs.net>"),

			




	
	
	
		
 
    ("", "cejones"),

			




	
	
	
		
 
    ("", "David A. Sjøen <david.sjoen@westcon.no>"),

			




	
	
	
		
 
    ("", "James Rhodes <jrhodes@redpointsoftware.com.au>"),

			




	
	
	
		
 
    ("", "Jonas Oberschweiber <jonas.oberschweiber@d-velop.de>"),

			




	
	
	
		
 
    ("", "larikale"),

			




	
	
	
		
 
    ("", "RhodeCode GmbH"),

			




	
	
	
		
 
    ("", "Sebastian Kreutzberger <sebastian@rhodecode.com>"),

			




	
	
	
		
 
    ("", "Steve Romanow <slestak989@gmail.com>"),

			




	
	
	
		
 
    ("", "SteveCohen"),

			




	
	
	
		
 
    ("", "Thomas <thomas@rhodecode.com>"),

			




	
	
	
		
 
    ("", "Thomas Waldmann <tw-public@gmx.de>"),

			




	
	
	
		
 
]

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.