Files @ ca77c6da2d34
Branch filter:

Location: kallithea/kallithea/model/api_key.py

ca77c6da2d34 2.7 KiB text/x-python Show Annotation Show as Raw Download as Raw
Søren Løvborg
auth: simplify user group permission checks

In practice, Kallithea has the 'usergroup.admin' permission imply the
'usergroup.write' permission, which again implies 'usergroup.read'.

This codifies this practice by replacing the HasUserGroupPermissionAny
"perm function" with the new HasUserGroupLevel function, reducing the
risk of errors and saving quite a lot of typing.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# -*- coding: utf-8 -*-
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
"""
kallithea.model.api_key
~~~~~~~~~~~~~~~~~~~~~~~

API key model for Kallithea

This file was forked by the Kallithea project in July 2014.
Original author and date, and relevant copyright and licensing information is below:
:created_on: Sep 8, 2013
:author: marcink
:copyright: (c) 2013 RhodeCode GmbH, and others.
:license: GPLv3, see LICENSE.md for more details.
"""

import time
import logging
from sqlalchemy import or_

from kallithea.lib.utils2 import generate_api_key
from kallithea.model.base import BaseModel
from kallithea.model.db import User, UserApiKeys
from kallithea.model.meta import Session

log = logging.getLogger(__name__)


class ApiKeyModel(BaseModel):

    def create(self, user, description, lifetime=-1):
        """
        :param user: user or user_id
        :param description: description of ApiKey
        :param lifetime: expiration time in seconds
        """
        user = User.guess_instance(user)

        new_api_key = UserApiKeys()
        new_api_key.api_key = generate_api_key()
        new_api_key.user_id = user.user_id
        new_api_key.description = description
        new_api_key.expires = time.time() + (lifetime * 60) if lifetime != -1 else -1
        Session().add(new_api_key)

        return new_api_key

    def delete(self, api_key, user=None):
        """
        Deletes given api_key, if user is set it also filters the object for
        deletion by given user.
        """
        api_key = UserApiKeys.query().filter(UserApiKeys.api_key == api_key)

        if user is not None:
            user = User.guess_instance(user)
            api_key = api_key.filter(UserApiKeys.user_id == user.user_id)

        api_key = api_key.scalar()
        Session().delete(api_key)

    def get_api_keys(self, user, show_expired=True):
        user = User.guess_instance(user)
        user_api_keys = UserApiKeys.query() \
            .filter(UserApiKeys.user_id == user.user_id)
        if not show_expired:
            user_api_keys = user_api_keys \
                .filter(or_(UserApiKeys.expires == -1,
                            UserApiKeys.expires >= time.time()))
        return user_api_keys
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.