kallithea Changeset - de71a4bde097

Changeset - de71a4bde097

Parent rev.

Child rev.

[Not reviewed]

beta

1 9 1

Marcin Kuzminski - 14 years ago 2011-10-31 20:42:41
marcin@python-works.com

Some code cleanups and fixes

10 files changed with 70 insertions and 52 deletions:

development.ini

production.ini

rhodecode/controllers/login.py

rhodecode/lib/auth.py

rhodecode/lib/base.py

rhodecode/model/forms.py

rhodecode/model/user.py

rhodecode/tests/__init__.py

rhodecode/tests/_test_concurency.py

rename

test.ini

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -50,12 +50,14 @@ cache_dir = %(here)s/data @@
 index_dir = %(here)s/data/index
 app_instance_uuid = develop
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 25
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost

production.ini

➞

Show inline comments

@@ @@ -50,12 +50,14 @@ cache_dir = %(here)s/data @@
 index_dir = %(here)s/data/index
 app_instance_uuid = prod1234
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 50
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost

rhodecode/controllers/login.py

➞

Show inline comments

@@ @@ -46,26 +46,26 @@ log = logging.getLogger(__name__) @@
 class LoginController(BaseController):
     def __before__(self):
         super(LoginController, self).__before__()
     def index(self):
         #redirect if already logged in
+        # redirect if already logged in
         c.came_from = request.GET.get('came_from', None)
         if self.rhodecode_user.is_authenticated \
                             and self.rhodecode_user.username != 'default':
             return redirect(url('home'))
         if request.POST:
             #import Login Form validator class
             login_form = LoginForm()
             try:
                 c.form_result = login_form.to_python(dict(request.POST))
                 #form checks for username/password, now we're authenticated
+                # form checks for username/password, now we're authenticated
                 username = c.form_result['username']
                 user = User.get_by_username(username, case_insensitive=True)
                 auth_user = AuthUser(user.user_id)
                 auth_user.set_authenticated()
                 session['rhodecode_user'] = auth_user
                 session.save()

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -122,30 +122,38 @@ def get_crypt_password(password): @@
     return RhodeCodeCrypto.hash_string(password)
 def check_password(password, hashed):
     return RhodeCodeCrypto.hash_check(password, hashed)
 def generate_api_key(username, salt=None):
 def generate_api_key(str_, salt=None):
     """
     Generates API KEY from given string
     :param str_:
     :param salt:
     """
     if salt is None:
         salt = _RandomNameSequence().next()
-    return hashlib.sha1(username + salt).hexdigest()
+    return hashlib.sha1(str_ + salt).hexdigest()
 def authfunc(environ, username, password):
     """Dummy authentication function used in Mercurial/Git/ and access control,
     """
     Dummy authentication function used in Mercurial/Git/ and access control,
     :param environ: needed only for using in Basic auth
     """
     return authenticate(username, password)
 def authenticate(username, password):
     """Authentication function used for access control,
     """
     Authentication function used for access control,
     firstly checks for db authentication then if ldap is enabled for ldap
     authentication, also creates ldap user if not in database
     :param username: username
     :param password: password
     """
@@ @@ -225,39 +233,41 @@ def authenticate(username, password): @@
 def login_container_auth(username):
     user = User.get_by_username(username)
     if user is None:
         user_model = UserModel()
         user_attrs = {
                  'name': username,
                  'lastname': None,
                  'email': None,
+                }
         if not user_model.create_for_container_auth(username, user_attrs):
             'name': username,
             'lastname': None,
             'email': None,
+        }
         user = user_model.create_for_container_auth(username, user_attrs)
         if not user:
             return None
         user = User.get_by_username(username)
         log.info('User %s was created by container authentication', username)
     if not user.active:
         return None
     user.update_lastlogin()
     log.debug('User %s is now logged in by container authentication', user.username)
     log.debug('User %s is now logged in by container authentication',
               user.username)
     return user
-def get_container_username(environ, cfg=config):
 def get_container_username(environ, cfg):
     from paste.httpheaders import REMOTE_USER
     from paste.deploy.converters import asbool
     proxy_pass_enabled = asbool(cfg.get('proxypass_auth_enabled', False))
     username = REMOTE_USER(environ)
     if not username and asbool(cfg.get('proxypass_auth_enabled', False)):
     if not username and proxy_pass_enabled:
         username = environ.get('HTTP_X_FORWARDED_USER')
     if username:
         #Removing realm and domain from username
     if username and proxy_pass_enabled:
         # Removing realm and domain from username
         username = username.partition('@')[0]
         username = username.rpartition('\\')[2]
         log.debug('Received username %s from container', username)
     return username
@@ @@ -273,13 +283,13 @@ class AuthUser(object): @@
     def __init__(self, user_id=None, api_key=None, username=None):
         self.user_id = user_id
         self.api_key = None
         self.username = username
         self.name = ''
         self.lastname = ''
         self.email = ''
         self.is_authenticated = False
         self.admin = False
         self.permissions = {}
@@ @@ -287,34 +297,37 @@ class AuthUser(object): @@
         self.propagate_data()
     def propagate_data(self):
         user_model = UserModel()
         self.anonymous_user = User.get_by_username('default')
         is_user_loaded = False
         # try go get user by api key
         if self._api_key and self._api_key != self.anonymous_user.api_key:
             #try go get user by api key
             log.debug('Auth User lookup by API KEY %s', self._api_key)
             is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
         elif self.user_id is not None \
             and self.user_id != self.anonymous_user.user_id:
         # lookup by userid
         elif (self.user_id is not None and
               self.user_id != self.anonymous_user.user_id):
             log.debug('Auth User lookup by USER ID %s', self.user_id)
             is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
         # lookup by username
         elif self.username:
             log.debug('Auth User lookup by USER NAME %s', self.username)
             dbuser = login_container_auth(self.username)
             if dbuser is not None:
                 for k, v in dbuser.get_dict().items():
                     setattr(self, k, v)
                 self.set_authenticated()
                 is_user_loaded = True
         if not is_user_loaded:
             # if we cannot authenticate user try anonymous
             if self.anonymous_user.active is True:
                 user_model.fill_data(self,
                                      user_id=self.anonymous_user.user_id)
                 #then we set this user is logged in
                 user_model.fill_data(self,user_id=self.anonymous_user.user_id)
                 # then we set this user is logged in
                 self.is_authenticated = True
             else:
                 self.user_id = None
                 self.username = None
                 self.is_authenticated = False
@@ @@ -334,19 +347,19 @@ class AuthUser(object): @@
     def __repr__(self):
         return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username,
                                               self.is_authenticated)
     def set_authenticated(self, authenticated=True):
         if self.user_id != self.anonymous_user.user_id:
             self.is_authenticated = authenticated
 def set_available_permissions(config):
     """This function will propagate pylons globals with all available defined
     """
     This function will propagate pylons globals with all available defined
     permission given in db. We don't want to check each time from db for new
     permissions since adding a new permission also requires application restart
     ie. to decorate new views with the newly created permission
     :param config: current pylons config instance
@@ @@ -471,13 +484,13 @@ class PermsDecorator(object): @@
                 h.flash(_('You need to be a signed in to '
                           'view this page'),
                         category='warning')
                 return redirect(url('login_home', came_from=p))
             else:
                 #redirect with forbidden ret code
+                # redirect with forbidden ret code
                 return abort(403)
     def check_permissions(self):
         """Dummy function for overriding"""
         raise Exception('You have to write this function in child class')
@@ @@ -658,6 +671,7 @@ class HasPermissionAnyMiddleware(object) @@
                                                 self.username, self.repo_name)
         if self.required_perms.intersection(self.user_perms):
             log.debug('permission granted')
             return True
         log.debug('permission denied')
         return False

rhodecode/lib/base.py

➞

Show inline comments

@@ @@ -30,30 +30,28 @@ class BaseController(WSGIController): @@
         c.backends = BACKENDS.keys()
         self.cut_off_limit = int(config.get('cut_off_limit'))
         self.sa = meta.Session()
         self.scm_model = ScmModel(self.sa)
         #c.unread_journal = scm_model.get_unread_journal()
     def __call__(self, environ, start_response):
         """Invoke the Controller"""
         # WSGIController.__call__ dispatches to the Controller method
         # the request is routed to. This routing information is
         # available in environ['pylons.routes_dict']
         start = time.time()
         try:
-            # putting this here makes sure that we update permissions each time
+            # make sure that we update permissions each time we call controller
             api_key = request.GET.get('api_key')
             user_id = getattr(session.get('rhodecode_user'), 'user_id', None)
             if asbool(config.get('container_auth_enabled', False)):
                 username = get_container_username(environ)
             else:
                 username = None
             self.rhodecode_user = c.rhodecode_user = AuthUser(user_id, api_key, username)
             auth_user = AuthUser(user_id, api_key, username)
             self.rhodecode_user = c.rhodecode_user = auth_user
             if not self.rhodecode_user.is_authenticated and \
                        self.rhodecode_user.user_id is not None:
                 self.rhodecode_user.set_authenticated(
                                         getattr(session.get('rhodecode_user'),
                                        'is_authenticated', False))
             session['rhodecode_user'] = self.rhodecode_user
@@ @@ -63,17 +61,19 @@ class BaseController(WSGIController): @@
             log.debug('Request time: %.3fs' % (time.time()-start))
             meta.Session.remove()
 class BaseRepoController(BaseController):
     """
     Base class for controllers responsible for loading all needed data
     for those controllers, loaded items are
     Base class for controllers responsible for loading all needed data for
     repository loaded items are
     c.rhodecode_repo: instance of scm repository (taken from cache)
     c.rhodecode_repo: instance of scm repository
     c.rhodecode_db_repo: instance of db
     c.repository_followers: number of followers
     c.repository_forks: number of forks
     """
     def __before__(self):
         super(BaseRepoController, self).__before__()
         if c.repo_name:
@@ @@ -83,10 +83,9 @@ class BaseRepoController(BaseController) @@
             if c.rhodecode_repo is None:
                 log.error('%s this repository is present in database but it '
                           'cannot be created as an scm instance', c.repo_name)
                 redirect(url('home'))
             c.repository_followers = \
                 self.scm_model.get_followers(c.repo_name)
             c.repository_followers = self.scm_model.get_followers(c.repo_name)
             c.repository_forks = self.scm_model.get_forks(c.repo_name)

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -205,13 +205,13 @@ class ValidAuth(formencode.validators.Fa @@
     e_dict_disable = {'username':messages['disabled_account']}
     def validate_python(self, value, state):
         password = value['password']
         username = value['username']
         user = User.get_by_username(username)
         if authenticate(username, password):
             return value
         else:
             if user and user.active is False:
                 log.warning('user %s is disabled', username)
                 raise formencode.Invalid(self.message('disabled_account',

rhodecode/model/user.py

➞

Show inline comments

@@ @@ -103,26 +103,26 @@ class UserModel(BaseModel): @@
             try:
                 new_user = User()
                 new_user.username = username
                 new_user.password = None
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = True
+                new_user.active = attrs.get('active', True)
                 new_user.name = attrs['name']
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 self.sa.commit()
-                return True
+                return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('User %s already exists. Skipping creation of account for container auth.',
                   username)
         return False
         log.debug('User %s already exists. Skipping creation of account'
                   ' for container auth.', username)
         return None
     def create_ldap(self, username, password, user_dn, attrs):
         """
         Checks if user is in database, if not creates this user marked
         as ldap user
@@ @@ -138,27 +138,27 @@ class UserModel(BaseModel): @@
                 new_user = User()
                 # add ldap account always lowercase
                 new_user.username = username.lower()
                 new_user.password = get_crypt_password(password)
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = attrs.get('active',True)
+                new_user.active = attrs.get('active', True)
                 new_user.ldap_dn = safe_unicode(user_dn)
                 new_user.name = attrs['name']
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 self.sa.commit()
-                return True
+                return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('this %s user exists skipping creation of ldap account',
                   username)
-        return False
+        return None
     def create_registration(self, form_data):
         from rhodecode.lib.celerylib import tasks, run_task
         try:
             new_user = User()
             for k, v in form_data.items():

rhodecode/tests/__init__.py

➞

Show inline comments

@@ @@ -18,23 +18,22 @@ from pylons import config, url @@
 from routes.util import URLGenerator
 from webtest import TestApp
 from rhodecode.model import meta
 import logging
 log = logging.getLogger(__name__)
 import pylons.test
 __all__ = ['environ', 'url', 'TestController', 'TESTS_TMP_PATH', 'HG_REPO',
            'GIT_REPO', 'NEW_HG_REPO', 'NEW_GIT_REPO', 'HG_FORK', 'GIT_FORK',
            'TEST_USER_ADMIN_LOGIN', 'TEST_USER_ADMIN_PASS' ]
 # Invoke websetup with the current config file
 #SetupCommand('setup-app').run([config_file])
+# SetupCommand('setup-app').run([config_file])
 ##RUNNING DESIRED TESTS
 # nosetests -x rhodecode.tests.functional.test_admin_settings:TestSettingsController.test_my_account
 # nosetests --pdb --pdb-failures
 environ = {}
@@ @@ -66,13 +65,13 @@ class TestController(TestCase): @@
     def log_user(self, username=TEST_USER_ADMIN_LOGIN,
                  password=TEST_USER_ADMIN_PASS):
         response = self.app.post(url(controller='login', action='index'),
                                  {'username':username,
                                   'password':password})
         if 'invalid user name' in response.body:
             self.fail('could not login using %s %s' % (username, password))
         self.assertEqual(response.status, '302 Found')
         self.assertEqual(response.session['rhodecode_user'].username, username)
         return response.follow()

rhodecode/tests/_test_concurency.py

➞

Show inline comments

file renamed from rhodecode/tests/test_concurency.py to rhodecode/tests/_test_concurency.py

test.ini

➞

Show inline comments

@@ @@ -48,12 +48,14 @@ cache_dir = /tmp/data @@
 index_dir = /tmp/index
 app_instance_uuid = develop-test
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 25
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost

0 comments (0 inline, 0 general)