kallithea Changeset - dd532af216d9

Changeset - dd532af216d9

Parent rev.

Child rev.

[Not reviewed]

beta

0 12 0

Marcin Kuzminski - 15 years ago 2010-11-11 01:05:43
marcin@python-works.com

#49 Enabled anonymous access for web interface controllable from permissions pannel

12 files changed with 113 insertions and 64 deletions:

rhodecode/controllers/admin/permissions.py

rhodecode/controllers/admin/settings.py

rhodecode/controllers/admin/users.py

rhodecode/controllers/login.py

rhodecode/lib/auth.py

rhodecode/lib/db_manage.py

rhodecode/model/forms.py

rhodecode/model/permission_model.py

rhodecode/model/user.py

rhodecode/public/css/style.css

rhodecode/templates/admin/permissions/permissions.html

rhodecode/templates/base/base.html

0 comments (0 inline, 0 general)

rhodecode/controllers/admin/permissions.py

➞

Show inline comments

@@ @@ -57,7 +57,8 @@ class PermissionsController(BaseControll @@
                               ('repository.write', _('Write'),),
                               ('repository.admin', _('Admin'),)]
         self.register_choices = [
             ('hg.register.none', 'disabled'),
             ('hg.register.none',
                 _('disabled')),
             ('hg.register.manual_activate',
                             _('allowed with manual account activation')),
             ('hg.register.auto_activate',
@@ @@ -142,8 +143,10 @@ class PermissionsController(BaseControll @@
         c.create_choices = self.create_choices
         if id == 'default':
             defaults = {'_method':'put'}
             for p in UserModel().get_by_username('default').user_perms:
             default_user = UserModel().get_by_username('default')
             defaults = {'_method':'put',
                         'anonymous':default_user.active}
             for p in default_user.user_perms:
                 if p.permission.permission_name.startswith('repository.'):
                     defaults['default_perm'] = p.permission.permission_name

rhodecode/controllers/admin/settings.py

➞

Show inline comments

@@ @@ -121,11 +121,15 @@ class SettingsController(BaseController) @@
                 try:
                     hgsettings1 = self.sa.query(RhodeCodeSettings)\
                     .filter(RhodeCodeSettings.app_settings_name == 'title').one()
                         .filter(RhodeCodeSettings.app_settings_name \
                                 == 'title').one()
                     hgsettings1.app_settings_value = form_result['rhodecode_title']
                     hgsettings2 = self.sa.query(RhodeCodeSettings)\
                     .filter(RhodeCodeSettings.app_settings_name == 'realm').one()
                         .filter(RhodeCodeSettings.app_settings_name \
                                 == 'realm').one()
                     hgsettings2.app_settings_value = form_result['rhodecode_realm']

rhodecode/controllers/admin/users.py

➞

Show inline comments

@@ @@ -155,8 +155,7 @@ class UsersController(BaseController): @@
         if not c.user:
             return redirect(url('users'))
         if c.user.username == 'default':
             h.flash(_("You can't edit this user since it's"
               " crucial for entire application"), category='warning')
             h.flash(_("You can't edit this user"), category='warning')
             return redirect(url('users'))
         defaults = c.user.__dict__

rhodecode/controllers/login.py

➞

Show inline comments

@@ @@ -46,7 +46,9 @@ class LoginController(BaseController): @@
         #redirect if already logged in
         c.came_from = request.GET.get('came_from', None)
         if c.rhodecode_user.is_authenticated:
         if c.rhodecode_user.is_authenticated \
                             and c.rhodecode_user.username != 'default':
             return redirect(url('home'))
         if request.POST:

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -26,6 +26,7 @@ from pylons import config, session, url, @@
 from pylons.controllers.util import abort, redirect
 from rhodecode.lib.utils import get_repo_slug
 from rhodecode.model import meta
 from rhodecode.model.user import UserModel
 from rhodecode.model.caching_query import FromCache
 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \
     UserToPerm
@@ @@ -72,7 +73,6 @@ def check_password(password, hashed): @@
     return bcrypt.hashpw(password, hashed) == hashed
 def authfunc(environ, username, password):
     from rhodecode.model.user import UserModel
     user = UserModel().get_by_username(username, cache=False)
     if user:
@@ @@ -99,6 +99,8 @@ class AuthUser(object): @@
         self.is_admin = False
         self.permissions = {}
     def __repr__(self):
         return "<AuthUser('id:%s:%s')>" % (self.user_id, self.username)
 def set_available_permissions(config):
     """
@@ @@ -122,33 +124,6 @@ def set_available_permissions(config): @@
 def set_base_path(config):
     config['base_path'] = config['pylons.app_globals'].base_path
 def fill_data(user):
     """
     Fills user data with those from database and log out user if not present
     in database
     :param user:
     """
     sa = meta.Session()
     try:
         dbuser = sa.query(User)\
         .options(FromCache('sql_cache_short', 'getuser_%s' % user.user_id))\
         .get(user.user_id)
     except:
         pass
     finally:
         meta.Session.remove()
     if dbuser:
         user.username = dbuser.username
         user.is_admin = dbuser.admin
         user.name = dbuser.name
         user.lastname = dbuser.lastname
         user.email = dbuser.email
     else:
         user.is_authenticated = False
     return user
 def fill_perms(user):
     """
@@ @@ -163,9 +138,7 @@ def fill_perms(user): @@
     #===========================================================================
     # fetch default permissions
     #===========================================================================
     default_user = sa.query(User)\
         .options(FromCache('sql_cache_short', 'getuser_%s' % 'default'))\
         .filter(User.username == 'default').scalar()
     default_user = UserModel(sa).get_by_username('default', cache=True)
     default_perms = sa.query(RepoToPerm, Repository, Permission)\
         .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
@@ @@ -231,8 +204,22 @@ def get_user(session): @@
     :param session:
     """
     user = session.get('rhodecode_user', AuthUser())
     #if the user is not logged in we check for anonymous access
     #if user is logged and it's a default user check if we still have anonymous
     #access enabled
     if user.user_id is None or user.username == 'default':
         anonymous_user = UserModel().get_by_username('default', cache=True)
         if anonymous_user.active is True:
             #then we set this user is logged in
             user.is_authenticated = True
         else:
             user.is_authenticated = False
     if user.is_authenticated:
         user = fill_data(user)
         user = UserModel().fill_data(user)
     user = fill_perms(user)
     session['rhodecode_user'] = user
     session.save()
@@ @@ -286,18 +273,19 @@ class PermsDecorator(object): @@
 #        _wrapper.__name__ = func.__name__
 #        _wrapper.__dict__.update(func.__dict__)
 #        _wrapper.__doc__ = func.__doc__
         self.user_perms = session.get('rhodecode_user', AuthUser()).permissions
         log.debug('checking %s permissions %s for %s',
            self.__class__.__name__, self.required_perms, func.__name__)
         self.user = session.get('rhodecode_user', AuthUser())
         self.user_perms = self.user.permissions
         log.debug('checking %s permissions %s for %s %s',
            self.__class__.__name__, self.required_perms, func.__name__,
                self.user)
         if self.check_permissions():
             log.debug('Permission granted for %s', func.__name__)
+            log.debug('Permission granted for %s %s', func.__name__, self.user)
             return func(*fargs, **fkwargs)
         else:
             log.warning('Permission denied for %s', func.__name__)
+            log.warning('Permission denied for %s %s', func.__name__, self.user)
             #redirect with forbidden ret code
             return abort(403)
@@ @@ -383,16 +371,17 @@ class PermsFunction(object): @@
             return False
         self.user_perms = user.permissions
         self.granted_for = user.username
         log.debug('checking %s %s', self.__class__.__name__, self.required_perms)
         log.debug('checking %s %s %s', self.__class__.__name__,
                   self.required_perms, user)
         if self.check_permissions():
             log.debug('Permission granted for %s @%s', self.granted_for,
                       check_Location)
             log.debug('Permission granted for %s @ %s %s', self.granted_for,
                       check_Location, user)
             return True
         else:
             log.warning('Permission denied for %s @%s', self.granted_for,
                         check_Location)
             log.warning('Permission denied for %s @ %s %s', self.granted_for,
                         check_Location, user)
             return False
     def check_permissions(self):

rhodecode/lib/db_manage.py

➞

Show inline comments

@@ @@ -227,9 +227,9 @@ class DbManage(object): @@
         def_user = User()
         def_user.username = 'default'
         def_user.password = get_crypt_password(str(uuid.uuid1())[:8])
         def_user.name = 'default'
         def_user.lastname = 'default'
         def_user.email = 'default@default.com'
         def_user.name = 'Anonymous'
         def_user.lastname = 'User'
         def_user.email = 'anonymous@rhodecode.org'
         def_user.admin = False
         def_user.active = False
         try:

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -358,6 +358,7 @@ def DefaultPermissionsForm(perms_choices @@
         allow_extra_fields = True
         filter_extra_fields = True
         overwrite_default = OneOf(['true', 'false'], if_missing='false')
         anonymous = OneOf(['True', 'False'], if_missing=False)
         default_perm = OneOf(perms_choices)
         default_register = OneOf(register_choices)
         default_create = OneOf(create_choices)

rhodecode/model/permission_model.py

➞

Show inline comments

@@ @@ -59,30 +59,41 @@ class PermissionModel(object): @@
                 .filter(User.username == form_result['perm_user_name']).scalar()
         u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all()
         if len(u2p) != 3:
             raise Exception('There is more than 3 defined'
             ' permissions for default user. This should not happen please verify'
             ' your database')
             raise Exception('Defined: %s should be 3  permissions for default'
                             ' user. This should not happen please verify'
                             ' your database' % len(u2p))
         try:
             #stage 1 change defaults
             for p in u2p:
                 if p.permission.permission_name.startswith('repository.'):
                     p.permission = self.get_permission_by_name(form_result['default_perm'])
                     p.permission = self.get_permission_by_name(
                                        form_result['default_perm'])
                     self.sa.add(p)
                 if p.permission.permission_name.startswith('hg.register.'):
                     p.permission = self.get_permission_by_name(form_result['default_register'])
                     p.permission = self.get_permission_by_name(
                                        form_result['default_register'])
                     self.sa.add(p)
                 if p.permission.permission_name.startswith('hg.create.'):
                     p.permission = self.get_permission_by_name(form_result['default_create'])
                     p.permission = self.get_permission_by_name(
                                         form_result['default_create'])
                     self.sa.add(p)
             #stage 2 update all default permissions for repos if checked
             if form_result['overwrite_default'] == 'true':
                 for r2p in self.sa.query(RepoToPerm).filter(RepoToPerm.user == perm_user).all():
                     r2p.permission = self.get_permission_by_name(form_result['default_perm'])
                 for r2p in self.sa.query(RepoToPerm)\
                                .filter(RepoToPerm.user == perm_user).all():
                     r2p.permission = self.get_permission_by_name(
                                          form_result['default_perm'])
                     self.sa.add(r2p)
             #stage 3 set anonymous access
             if perm_user.username == 'default':
                 perm_user.active = bool(form_result['anonymous'])
                 self.sa.add(perm_user)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())

rhodecode/model/user.py

➞

Show inline comments

@@ @@ -143,3 +143,24 @@ class UserModel(object): @@
     def reset_password(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.reset_user_password, data['email'])
     def fill_data(self, user):
         """
         Fills user data with those from database and log out user if not
         present in database
         :param user:
         """
         log.debug('filling auth user data')
         try:
             dbuser = self.get(user.user_id)
             user.username = dbuser.username
             user.is_admin = dbuser.admin
             user.name = dbuser.name
             user.lastname = dbuser.lastname
             user.email = dbuser.email
         except:
             log.error(traceback.format_exc())
             user.is_authenticated = False
         return user

rhodecode/public/css/style.css

➞

Show inline comments

@@ @@ -2096,7 +2096,7 @@ border:1px solid #666; @@
 clear:both;
 overflow:hidden;
 margin:0;
-padding:2px 0;
+padding:2px 2px;
+}
 #content div.box div.form div.fields div.field div.checkboxes div.checkbox input,#content div.box div.form div.fields div.field div.radios div.radio input {

rhodecode/templates/admin/permissions/permissions.html

➞

Show inline comments

@@ @@ -26,7 +26,16 @@ @@
     <div class="form">
         <!-- fields -->
         <div class="fields">
             <div class="field">
                 <div class="label label-checkbox">
                     <label for="anonymous">${_('Anonymous access')}:</label>
                 </div>
                 <div class="checkboxes">
                     <div class="checkbox">
                         ${h.checkbox('anonymous',True)}
                     </div>
                 </div>
             </div>
 			<div class="field">
 				<div class="label">
 					<label for="default_perm">${_('Repository permission')}:</label>

rhodecode/templates/base/base.html

➞

Show inline comments

@@ @@ -20,12 +20,22 @@ @@
 	            <div class="gravatar">
 	            	<img alt="gravatar" src="${h.gravatar_url(c.rhodecode_user.email,24)}" />
 	            </div>
 	        %if c.rhodecode_user.username == 'default':
                 <div class="account">
                     ${h.link_to('%s %s'%(c.rhodecode_user.name,c.rhodecode_user.lastname),h.url('#'))}<br/>
                     ${h.link_to(c.rhodecode_user.username,h.url('#'))}
                 </div>
             </li>
             <li class="last highlight">${h.link_to(u'Login',h.url('login_home'))}</li>
 	        %else:
 	            <div class="account">
 	            	${h.link_to('%s %s'%(c.rhodecode_user.name,c.rhodecode_user.lastname),h.url('admin_settings_my_account'))}<br/>
 	            	${h.link_to(c.rhodecode_user.username,h.url('admin_settings_my_account'))}
 	            </div>
             </li>
             <li class="last highlight">${h.link_to(u'Logout',h.url('logout_home'))}</li>
             %endif
         </ul>
         <!-- end user -->
         <div id="header-inner" class="title top-left-rounded-corner top-right-rounded-corner">

0 comments (0 inline, 0 general)