diff --git a/rhodecode/apps/admin/views/security.py b/rhodecode/apps/admin/views/security.py --- a/rhodecode/apps/admin/views/security.py +++ b/rhodecode/apps/admin/views/security.py @@ -17,13 +17,8 @@ # and proprietary license terms, please see https://rhodecode.com/licenses/ import logging -import formencode -from rhodecode import BACKENDS from rhodecode.apps._base import BaseAppView -from rhodecode.model.meta import Session -from rhodecode.model.settings import SettingsModel -from rhodecode.model.forms import WhitelistedVcsClientsForm from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator log = logging.getLogger(__name__) @@ -42,31 +37,10 @@ class AdminSecurityView(BaseAppView): c.active = 'security' return self._get_template_context(c) + @LoginRequired() @HasPermissionAllDecorator('hg.admin') - def vcs_whitelisted_client_versions_edit(self): - _ = self.request.translate + def admin_security_modify_allowed_vcs_client_versions(self): c = self.load_default_context() - render_ctx = {} - settings = SettingsModel() - form = WhitelistedVcsClientsForm(_, )() - if self.request.method == 'POST': - try: - result = form.to_python(self.request.POST) - for k, v in result.items(): - if v: - setting = settings.create_or_update_setting(name=f'{k}_allowed_clients', val=v) - Session().add(setting) - Session().commit() - - except formencode.Invalid as errors: - render_ctx.update({ - 'errors': errors.error_dict - }) - for key in BACKENDS.keys(): - verbose_name = f"initial_{key}" - if existing := settings.get_setting_by_name(name=f'{key}_allowed_clients'): - render_ctx[verbose_name] = existing.app_settings_value - else: - render_ctx[verbose_name] = '*' - return self._get_template_context(c, **render_ctx) + c.active = 'security' + return self._get_template_context(c) diff --git a/rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako b/rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako deleted file mode 100644 --- a/rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako +++ /dev/null @@ -1,62 +0,0 @@ - - -
-
- ${h.secure_form(h.route_path('check_2fa'), request=request, id='allowed_clients_form')} -

- ${h.text('git', class_="form-control", value=initial_git)}

-

- ${h.text('hg', class_="form-control", value=initial_hg)}

-

- ${h.text('svn', class_="form-control", value=initial_svn)}

- %for k, v in errors.items(): - ${k}: ${v} -
- %endfor -

${_('Set rules for allowed git, hg or svn client versions. You can set exact version (for example 2.0.9) or use comparison operators to set earliest or latest version (>=2.6.0)')}

- - ${h.submit('send', _('Save'), class_="btn btn-primary")} - ${h.end_form()} -
-
diff --git a/rhodecode/templates/admin/security/security.mako b/rhodecode/templates/admin/security/security.mako --- a/rhodecode/templates/admin/security/security.mako +++ b/rhodecode/templates/admin/security/security.mako @@ -38,42 +38,13 @@

${_('Allowed client versions')}

- %if c.rhodecode_edition_id != 'EE':

${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='sales@rhodecode.com')|n}

${_('Some outdated client versions may have security vulnerabilities. This section have rules for whitelisting versions of clients for Git, Mercurial and SVN.')}

- %else: -
-
- %endif
+ - -