Changeset - b5b34d71b23b
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 13 years ago 2012-06-19 22:28:44
marcin@python-works.com
fix crypt password on update my account
1 file changed with 2 insertions and 1 deletions:
rhodecode/model/user.py
2
1
0 comments (0 inline, 0 general)
rhodecode/model/user.py
Show inline comments
 
@@ -154,202 +154,203 @@ class UserModel(BaseModel):
 
        if self.get_by_username(username, case_insensitive=True) is None:
 

			




	
	
	
		
 
            # autogenerate email for container account without one

			




	
	
	
		
 
            generate_email = lambda usr: '%s@container_auth.account' % usr

			




	
	
	
		
 

			




	
	
	
		
 
            try:

			




	
	
	
		
 
                new_user = User()

			




	
	
	
		
 
                new_user.username = username

			




	
	
	
		
 
                new_user.password = None

			




	
	
	
		
 
                new_user.api_key = generate_api_key(username)

			




	
	
	
		
 
                new_user.email = attrs['email']

			




	
	
	
		
 
                new_user.active = attrs.get('active', True)

			




	
	
	
		
 
                new_user.name = attrs['name'] or generate_email(username)

			




	
	
	
		
 
                new_user.lastname = attrs['lastname']

			




	
	
	
		
 

			




	
	
	
		
 
                self.sa.add(new_user)

			




	
	
	
		
 
                return new_user

			




	
	
	
		
 
            except (DatabaseError,):

			




	
	
	
		
 
                log.error(traceback.format_exc())

			




	
	
	
		
 
                self.sa.rollback()

			




	
	
	
		
 
                raise

			




	
	
	
		
 
        log.debug('User %s already exists. Skipping creation of account'

			




	
	
	
		
 
                  ' for container auth.', username)

			




	
	
	
		
 
        return None

			




	
	
	
		
 

			




	
	
	
		
 
    def create_ldap(self, username, password, user_dn, attrs):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Checks if user is in database, if not creates this user marked

			




	
	
	
		
 
        as ldap user

			




	
	
	
		
 

			




	
	
	
		
 
        :param username:

			




	
	
	
		
 
        :param password:

			




	
	
	
		
 
        :param user_dn:

			




	
	
	
		
 
        :param attrs:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        from rhodecode.lib.auth import get_crypt_password

			




	
	
	
		
 
        log.debug('Checking for such ldap account in RhodeCode database')

			




	
	
	
		
 
        if self.get_by_username(username, case_insensitive=True) is None:

			




	
	
	
		
 

			




	
	
	
		
 
            # autogenerate email for ldap account without one

			




	
	
	
		
 
            generate_email = lambda usr: '%s@ldap.account' % usr

			




	
	
	
		
 

			




	
	
	
		
 
            try:

			




	
	
	
		
 
                new_user = User()

			




	
	
	
		
 
                username = username.lower()

			




	
	
	
		
 
                # add ldap account always lowercase

			




	
	
	
		
 
                new_user.username = username

			




	
	
	
		
 
                new_user.password = get_crypt_password(password)

			




	
	
	
		
 
                new_user.api_key = generate_api_key(username)

			




	
	
	
		
 
                new_user.email = attrs['email'] or generate_email(username)

			




	
	
	
		
 
                new_user.active = attrs.get('active', True)

			




	
	
	
		
 
                new_user.ldap_dn = safe_unicode(user_dn)

			




	
	
	
		
 
                new_user.name = attrs['name']

			




	
	
	
		
 
                new_user.lastname = attrs['lastname']

			




	
	
	
		
 

			




	
	
	
		
 
                self.sa.add(new_user)

			




	
	
	
		
 
                return new_user

			




	
	
	
		
 
            except (DatabaseError,):

			




	
	
	
		
 
                log.error(traceback.format_exc())

			




	
	
	
		
 
                self.sa.rollback()

			




	
	
	
		
 
                raise

			




	
	
	
		
 
        log.debug('this %s user exists skipping creation of ldap account',

			




	
	
	
		
 
                  username)

			




	
	
	
		
 
        return None

			




	
	
	
		
 

			




	
	
	
		
 
    def create_registration(self, form_data):

			




	
	
	
		
 
        from rhodecode.model.notification import NotificationModel

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            form_data['admin'] = False

			




	
	
	
		
 
            new_user = self.create(form_data)

			




	
	
	
		
 

			




	
	
	
		
 
            self.sa.add(new_user)

			




	
	
	
		
 
            self.sa.flush()

			




	
	
	
		
 

			




	
	
	
		
 
            # notification to admins

			




	
	
	
		
 
            subject = _('new user registration')

			




	
	
	
		
 
            body = ('New user registration\n'

			




	
	
	
		
 
                    '---------------------\n'

			




	
	
	
		
 
                    '- Username: %s\n'

			




	
	
	
		
 
                    '- Full Name: %s\n'

			




	
	
	
		
 
                    '- Email: %s\n')

			




	
	
	
		
 
            body = body % (new_user.username, new_user.full_name,

			




	
	
	
		
 
                           new_user.email)

			




	
	
	
		
 
            edit_url = url('edit_user', id=new_user.user_id, qualified=True)

			




	
	
	
		
 
            kw = {'registered_user_url': edit_url}

			




	
	
	
		
 
            NotificationModel().create(created_by=new_user, subject=subject,

			




	
	
	
		
 
                                       body=body, recipients=None,

			




	
	
	
		
 
                                       type_=Notification.TYPE_REGISTRATION,

			




	
	
	
		
 
                                       email_kwargs=kw)

			




	
	
	
		
 

			




	
	
	
		
 
        except:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            raise

			




	
	
	
		
 

			




	
	
	
		
 
    def update(self, user_id, form_data):

			




	
	
	
		
 
        from rhodecode.lib.auth import get_crypt_password

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            user = self.get(user_id, cache=False)

			




	
	
	
		
 
            if user.username == 'default':

			




	
	
	
		
 
                raise DefaultUserException(

			




	
	
	
		
 
                                _("You can't Edit this user since it's"

			




	
	
	
		
 
                                  " crucial for entire application"))

			




	
	
	
		
 

			




	
	
	
		
 
            for k, v in form_data.items():

			




	
	
	
		
 
                if k == 'new_password' and v != '':

			




	
	
	
		
 
                    user.password = v

			




	
	
	
		
 
                    user.password = get_crypt_password(v)

			




	
	
	
		
 
                    user.api_key = generate_api_key(user.username)

			




	
	
	
		
 
                else:

			




	
	
	
		
 
                    setattr(user, k, v)

			




	
	
	
		
 

			




	
	
	
		
 
            self.sa.add(user)

			




	
	
	
		
 
        except:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            raise

			




	
	
	
		
 

			




	
	
	
		
 
    def update_my_account(self, user_id, form_data):

			




	
	
	
		
 
        from rhodecode.lib.auth import get_crypt_password

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            user = self.get(user_id, cache=False)

			




	
	
	
		
 
            if user.username == 'default':

			




	
	
	
		
 
                raise DefaultUserException(

			




	
	
	
		
 
                    _("You can't Edit this user since it's"

			




	
	
	
		
 
                      " crucial for entire application")

			




	
	
	
		
 
                )

			




	
	
	
		
 
            for k, v in form_data.items():

			




	
	
	
		
 
                if k == 'new_password' and v != '':

			




	
	
	
		
 
                    user.password = get_crypt_password(v)

			




	
	
	
		
 
                    user.api_key = generate_api_key(user.username)

			




	
	
	
		
 
                else:

			




	
	
	
		
 
                    if k not in ['admin', 'active']:

			




	
	
	
		
 
                        setattr(user, k, v)

			




	
	
	
		
 

			




	
	
	
		
 
            self.sa.add(user)

			




	
	
	
		
 
        except:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            raise

			




	
	
	
		
 

			




	
	
	
		
 
    def delete(self, user):

			




	
	
	
		
 
        user = self._get_user(user)

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            if user.username == 'default':

			




	
	
	
		
 
                raise DefaultUserException(

			




	
	
	
		
 
                    _(u"You can't remove this user since it's"

			




	
	
	
		
 
                      " crucial for entire application")

			




	
	
	
		
 
                )

			




	
	
	
		
 
            if user.repositories:

			




	
	
	
		
 
                repos = [x.repo_name for x in user.repositories]

			




	
	
	
		
 
                raise UserOwnsReposException(

			




	
	
	
		
 
                    _(u'user "%s" still owns %s repositories and cannot be '

			




	
	
	
		
 
                      'removed. Switch owners or remove those repositories. %s')

			




	
	
	
		
 
                    % (user.username, len(repos), ', '.join(repos))

			




	
	
	
		
 
                )

			




	
	
	
		
 
            self.sa.delete(user)

			




	
	
	
		
 
        except:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            raise

			




	
	
	
		
 

			




	
	
	
		
 
    def reset_password_link(self, data):

			




	
	
	
		
 
        from rhodecode.lib.celerylib import tasks, run_task

			




	
	
	
		
 
        run_task(tasks.send_password_link, data['email'])

			




	
	
	
		
 

			




	
	
	
		
 
    def reset_password(self, data):

			




	
	
	
		
 
        from rhodecode.lib.celerylib import tasks, run_task

			




	
	
	
		
 
        run_task(tasks.reset_user_password, data['email'])

			




	
	
	
		
 

			




	
	
	
		
 
    def fill_data(self, auth_user, user_id=None, api_key=None):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Fetches auth_user by user_id,or api_key if present.

			




	
	
	
		
 
        Fills auth_user attributes with those taken from database.

			




	
	
	
		
 
        Additionally set's is_authenitated if lookup fails

			




	
	
	
		
 
        present in database

			




	
	
	
		
 

			




	
	
	
		
 
        :param auth_user: instance of user to set attributes

			




	
	
	
		
 
        :param user_id: user id to fetch by

			




	
	
	
		
 
        :param api_key: api key to fetch by

			




	
	
	
		
 
        """

			




	
	
	
		
 
        if user_id is None and api_key is None:

			




	
	
	
		
 
            raise Exception('You need to pass user_id or api_key')

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            if api_key:

			




	
	
	
		
 
                dbuser = self.get_by_api_key(api_key)

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                dbuser = self.get(user_id)

			




	
	
	
		
 

			




	
	
	
		
 
            if dbuser is not None and dbuser.active:

			




	
	
	
		
 
                log.debug('filling %s data' % dbuser)

			




	
	
	
		
 
                for k, v in dbuser.get_dict().items():

			




	
	
	
		
 
                    setattr(auth_user, k, v)

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                return False

			




	
	
	
		
 

			




	
	
	
		
 
        except:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            auth_user.is_authenticated = False

			




	
	
	
		
 
            return False

			




	
	
	
		
 

			




	
	
	
		
 
        return True

			




	
	
	
		
 

			




	
	
	
		
 
    def fill_perms(self, user):

			




	
	
	
		
 
        """

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.