kallithea Changeset - de71a4bde097

Changeset - de71a4bde097

Parent rev.

Child rev.

[Not reviewed]

beta

1 9 1

Marcin Kuzminski - 14 years ago 2011-10-31 20:42:41
marcin@python-works.com

Some code cleanups and fixes

8 files changed with 54 insertions and 36 deletions:

development.ini

production.ini

rhodecode/lib/auth.py

rhodecode/lib/base.py

rhodecode/model/user.py

rhodecode/tests/__init__.py

rhodecode/tests/_test_concurency.py

rename

test.ini

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -53,6 +53,8 @@ cut_off_limit = 256000 @@
 force_https = false
 commit_parse_limit = 25
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####

production.ini

➞

Show inline comments

@@ @@ -53,6 +53,8 @@ cut_off_limit = 256000 @@
 force_https = false
 commit_parse_limit = 50
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -125,16 +125,23 @@ def get_crypt_password(password): @@
 def check_password(password, hashed):
     return RhodeCodeCrypto.hash_check(password, hashed)
 def generate_api_key(str_, salt=None):
     """
     Generates API KEY from given string
 def generate_api_key(username, salt=None):
     :param str_:
     :param salt:
     """
     if salt is None:
         salt = _RandomNameSequence().next()
-    return hashlib.sha1(username + salt).hexdigest()
+    return hashlib.sha1(str_ + salt).hexdigest()
 def authfunc(environ, username, password):
     """Dummy authentication function used in Mercurial/Git/ and access control,
     """
     Dummy authentication function used in Mercurial/Git/ and access control,
     :param environ: needed only for using in Basic auth
     """
@@ @@ -142,7 +149,8 @@ def authfunc(environ, username, password @@
 def authenticate(username, password):
     """Authentication function used for access control,
     """
     Authentication function used for access control,
     firstly checks for db authentication then if ldap is enabled for ldap
     authentication, also creates ldap user if not in database
@@ @@ -232,28 +240,30 @@ def login_container_auth(username): @@
                  'lastname': None,
                  'email': None,
+                }
         if not user_model.create_for_container_auth(username, user_attrs):
         user = user_model.create_for_container_auth(username, user_attrs)
         if not user:
             return None
         user = User.get_by_username(username)
         log.info('User %s was created by container authentication', username)
     if not user.active:
         return None
     user.update_lastlogin()
     log.debug('User %s is now logged in by container authentication', user.username)
     log.debug('User %s is now logged in by container authentication',
               user.username)
     return user
-def get_container_username(environ, cfg=config):
 def get_container_username(environ, cfg):
     from paste.httpheaders import REMOTE_USER
     from paste.deploy.converters import asbool
     proxy_pass_enabled = asbool(cfg.get('proxypass_auth_enabled', False))
     username = REMOTE_USER(environ)
-    if not username and asbool(cfg.get('proxypass_auth_enabled', False)):
+    if not username and proxy_pass_enabled:
         username = environ.get('HTTP_X_FORWARDED_USER')
     if username:
+    if username and proxy_pass_enabled:
         #Removing realm and domain from username
         username = username.partition('@')[0]
         username = username.rpartition('\\')[2]
@@ @@ -290,14 +300,17 @@ class AuthUser(object): @@
         user_model = UserModel()
         self.anonymous_user = User.get_by_username('default')
         is_user_loaded = False
         # try go get user by api key
         if self._api_key and self._api_key != self.anonymous_user.api_key:
             #try go get user by api key
             log.debug('Auth User lookup by API KEY %s', self._api_key)
             is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
         elif self.user_id is not None \
             and self.user_id != self.anonymous_user.user_id:
         # lookup by userid
         elif (self.user_id is not None and
               self.user_id != self.anonymous_user.user_id):
             log.debug('Auth User lookup by USER ID %s', self.user_id)
             is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
         # lookup by username
         elif self.username:
             log.debug('Auth User lookup by USER NAME %s', self.username)
             dbuser = login_container_auth(self.username)
@@ @@ -308,9 +321,9 @@ class AuthUser(object): @@
                 is_user_loaded = True
         if not is_user_loaded:
             # if we cannot authenticate user try anonymous
             if self.anonymous_user.active is True:
                 user_model.fill_data(self,
                                      user_id=self.anonymous_user.user_id)
                 user_model.fill_data(self,user_id=self.anonymous_user.user_id)
                 #then we set this user is logged in
                 self.is_authenticated = True
             else:
@@ @@ -337,13 +350,13 @@ class AuthUser(object): @@
                                               self.is_authenticated)
     def set_authenticated(self, authenticated=True):
         if self.user_id != self.anonymous_user.user_id:
             self.is_authenticated = authenticated
 def set_available_permissions(config):
     """This function will propagate pylons globals with all available defined
     """
     This function will propagate pylons globals with all available defined
     permission given in db. We don't want to check each time from db for new
     permissions since adding a new permission also requires application restart
     ie. to decorate new views with the newly created permission
@@ @@ -661,3 +674,4 @@ class HasPermissionAnyMiddleware(object) @@
             return True
         log.debug('permission denied')
         return False

rhodecode/lib/base.py

➞

Show inline comments

@@ @@ -33,8 +33,6 @@ class BaseController(WSGIController): @@
         self.sa = meta.Session()
         self.scm_model = ScmModel(self.sa)
         #c.unread_journal = scm_model.get_unread_journal()
     def __call__(self, environ, start_response):
         """Invoke the Controller"""
         # WSGIController.__call__ dispatches to the Controller method
@@ @@ -42,15 +40,15 @@ class BaseController(WSGIController): @@
         # available in environ['pylons.routes_dict']
         start = time.time()
         try:
-            # putting this here makes sure that we update permissions each time
+            # make sure that we update permissions each time we call controller
             api_key = request.GET.get('api_key')
             user_id = getattr(session.get('rhodecode_user'), 'user_id', None)
             if asbool(config.get('container_auth_enabled', False)):
                 username = get_container_username(environ)
             else:
                 username = None
             self.rhodecode_user = c.rhodecode_user = AuthUser(user_id, api_key, username)
             auth_user = AuthUser(user_id, api_key, username)
             self.rhodecode_user = c.rhodecode_user = auth_user
             if not self.rhodecode_user.is_authenticated and \
                        self.rhodecode_user.user_id is not None:
                 self.rhodecode_user.set_authenticated(
@@ @@ -66,11 +64,13 @@ class BaseController(WSGIController): @@
 class BaseRepoController(BaseController):
     """
     Base class for controllers responsible for loading all needed data
     for those controllers, loaded items are
     Base class for controllers responsible for loading all needed data for
     repository loaded items are
     c.rhodecode_repo: instance of scm repository (taken from cache)
     c.rhodecode_repo: instance of scm repository
     c.rhodecode_db_repo: instance of db
     c.repository_followers: number of followers
     c.repository_forks: number of forks
     """
     def __before__(self):
@@ @@ -86,7 +86,6 @@ class BaseRepoController(BaseController) @@
                 redirect(url('home'))
             c.repository_followers = \
                 self.scm_model.get_followers(c.repo_name)
             c.repository_followers = self.scm_model.get_followers(c.repo_name)
             c.repository_forks = self.scm_model.get_forks(c.repo_name)

rhodecode/model/user.py

➞

Show inline comments

@@ @@ -106,20 +106,20 @@ class UserModel(BaseModel): @@
                 new_user.password = None
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = True
+                new_user.active = attrs.get('active', True)
                 new_user.name = attrs['name']
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 self.sa.commit()
-                return True
+                return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('User %s already exists. Skipping creation of account for container auth.',
                   username)
         return False
         log.debug('User %s already exists. Skipping creation of account'
                   ' for container auth.', username)
         return None
     def create_ldap(self, username, password, user_dn, attrs):
         """
@@ @@ -148,14 +148,14 @@ class UserModel(BaseModel): @@
                 self.sa.add(new_user)
                 self.sa.commit()
-                return True
+                return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('this %s user exists skipping creation of ldap account',
                   username)
-        return False
+        return None
     def create_registration(self, form_data):
         from rhodecode.lib.celerylib import tasks, run_task

rhodecode/tests/__init__.py

➞

Show inline comments

@@ @@ -21,7 +21,6 @@ from webtest import TestApp @@
 from rhodecode.model import meta
 import logging
 log = logging.getLogger(__name__)
 import pylons.test

rhodecode/tests/_test_concurency.py

➞

Show inline comments

file renamed from rhodecode/tests/test_concurency.py to rhodecode/tests/_test_concurency.py

test.ini

➞

Show inline comments

@@ @@ -51,6 +51,8 @@ cut_off_limit = 256000 @@
 force_https = false
 commit_parse_limit = 25
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####

0 comments (0 inline, 0 general)