diff --git a/pkgs/python-packages.nix b/pkgs/python-packages.nix --- a/pkgs/python-packages.nix +++ b/pkgs/python-packages.nix @@ -405,19 +405,6 @@ license = [ pkgs.lib.licenses.mit ]; }; }; - backport-ipaddress = super.buildPythonPackage { - name = "backport-ipaddress-0.1"; - buildInputs = with self; []; - doCheck = false; - propagatedBuildInputs = with self; []; - src = fetchurl { - url = "https://pypi.python.org/packages/d3/30/54c6dab05a4dec44db25ff309f1fbb6b7a8bde3f2bade38bb9da67bbab8f/backport_ipaddress-0.1.tar.gz"; - md5 = "9c1f45f4361f71b124d7293a60006c05"; - }; - meta = { - license = [ pkgs.lib.licenses.psfl ]; - }; - }; backports.shutil-get-terminal-size = super.buildPythonPackage { name = "backports.shutil-get-terminal-size-1.0.0"; buildInputs = with self; []; @@ -822,13 +809,13 @@ }; }; graphviz = super.buildPythonPackage { - name = "graphviz-0.7.1"; + name = "graphviz-0.8"; buildInputs = with self; []; doCheck = false; propagatedBuildInputs = with self; []; src = fetchurl { - url = "https://pypi.python.org/packages/7d/2d/f5cfa56467ca5a65eb44e1103d89d2f65dbc4f04cf7a1f3d38e973c3d1a8/graphviz-0.7.1.zip"; - md5 = "d5926e89975121d56dec777a79bfc9d1"; + url = "https://pypi.python.org/packages/da/84/0e997520323d6b01124eb01c68d5c101814d0aab53083cd62bd75a90f70b/graphviz-0.8.zip"; + md5 = "9486a885360a5ee54a81eb2950470c71"; }; meta = { license = [ pkgs.lib.licenses.mit ]; @@ -899,6 +886,19 @@ license = [ pkgs.lib.licenses.bsdOriginal ]; }; }; + ipaddress = super.buildPythonPackage { + name = "ipaddress-1.0.18"; + buildInputs = with self; []; + doCheck = false; + propagatedBuildInputs = with self; []; + src = fetchurl { + url = "https://pypi.python.org/packages/4e/13/774faf38b445d0b3a844b65747175b2e0500164b7c28d78e34987a5bfe06/ipaddress-1.0.18.tar.gz"; + md5 = "310c2dfd64eb6f0df44aa8c59f2334a7"; + }; + meta = { + license = [ pkgs.lib.licenses.psfl ]; + }; + }; ipdb = super.buildPythonPackage { name = "ipdb-0.10.3"; buildInputs = with self; []; @@ -1446,13 +1446,13 @@ }; }; pyramid-debugtoolbar = super.buildPythonPackage { - name = "pyramid-debugtoolbar-3.0.5"; + name = "pyramid-debugtoolbar-4.2.1"; buildInputs = with self; []; doCheck = false; - propagatedBuildInputs = with self; [pyramid pyramid-mako repoze.lru Pygments]; + propagatedBuildInputs = with self; [pyramid pyramid-mako repoze.lru Pygments ipaddress]; src = fetchurl { - url = "https://pypi.python.org/packages/64/0e/df00bfb55605900e7a2f7e4a18dd83575a6651688e297d5a0aa4c208fd7d/pyramid_debugtoolbar-3.0.5.tar.gz"; - md5 = "aebab8c3bfdc6f89e4d3adc1d126538e"; + url = "https://pypi.python.org/packages/db/26/94620b7752936e2cd74838263ff366db9b454f7394bfb62d1eb2f84b29c1/pyramid_debugtoolbar-4.2.1.tar.gz"; + md5 = "3dfaced2fab1644ff5284017be9d92b9"; }; meta = { license = [ { fullName = "Repoze Public License"; } pkgs.lib.licenses.bsdOriginal ]; @@ -1722,7 +1722,7 @@ name = "rhodecode-enterprise-ce-4.9.0"; buildInputs = with self; [pytest py pytest-cov pytest-sugar pytest-runner pytest-catchlog pytest-profiling gprof2dot pytest-timeout mock WebTest cov-core coverage configobj]; doCheck = true; - propagatedBuildInputs = with self; [Babel Beaker FormEncode Mako Markdown MarkupSafe MySQL-python Paste PasteDeploy PasteScript Pygments pygments-markdown-lexer Pylons Routes SQLAlchemy Tempita URLObject WebError WebHelpers WebHelpers2 WebOb WebTest Whoosh alembic amqplib anyjson appenlight-client authomatic backport-ipaddress cssselect celery channelstream colander decorator deform docutils gevent gunicorn infrae.cache ipython iso8601 kombu lxml msgpack-python nbconvert packaging psycopg2 py-gfm pycrypto pycurl pyparsing pyramid pyramid-debugtoolbar pyramid-mako pyramid-beaker pysqlite python-dateutil python-ldap python-memcached python-pam recaptcha-client repoze.lru requests simplejson subprocess32 waitress zope.cachedescriptors dogpile.cache dogpile.core psutil py-bcrypt]; + propagatedBuildInputs = with self; [Babel Beaker FormEncode Mako Markdown MarkupSafe MySQL-python Paste PasteDeploy PasteScript Pygments pygments-markdown-lexer Pylons Routes SQLAlchemy Tempita URLObject WebError WebHelpers WebHelpers2 WebOb WebTest Whoosh alembic amqplib anyjson appenlight-client authomatic cssselect celery channelstream colander decorator deform docutils gevent gunicorn infrae.cache ipython iso8601 kombu lxml msgpack-python nbconvert packaging psycopg2 py-gfm pycrypto pycurl pyparsing pyramid pyramid-debugtoolbar pyramid-mako pyramid-beaker pysqlite python-dateutil python-ldap python-memcached python-pam recaptcha-client repoze.lru requests simplejson subprocess32 waitress zope.cachedescriptors dogpile.cache dogpile.core psutil py-bcrypt]; src = ./.; meta = { license = [ { fullName = "Affero GNU General Public License v3 or later (AGPLv3+)"; } { fullName = "AGPLv3, and Commercial License"; } ]; diff --git a/requirements.txt b/requirements.txt --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,6 @@ amqplib==1.0.2 anyjson==0.3.3 authomatic==0.1.0.post1 Babel==1.3 -backport-ipaddress==0.1 Beaker==1.9.0 celery==2.2.10 Chameleon==2.24 @@ -55,7 +54,7 @@ pygments-markdown-lexer==0.1.0.dev39 Pygments==2.2.0 pyparsing==1.5.7 pyramid-beaker==0.8 -pyramid-debugtoolbar==3.0.5 +pyramid-debugtoolbar==4.2.1 pyramid-jinja2==2.5 pyramid-mako==1.0.2 pyramid==1.9.0 diff --git a/rhodecode/config/licenses.json b/rhodecode/config/licenses.json --- a/rhodecode/config/licenses.json +++ b/rhodecode/config/licenses.json @@ -89,10 +89,7 @@ }, "python2.7-authomatic-0.1.0.post1": { "MIT License": "http://spdx.org/licenses/MIT" - }, - "python2.7-backport-ipaddress-0.1": { - "Python Software Foundation License version 2": "http://spdx.org/licenses/Python-2.0" - }, + }, "python2.7-backports.shutil-get-terminal-size-1.0.0": { "MIT License": "http://spdx.org/licenses/MIT" }, diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py --- a/rhodecode/lib/auth.py +++ b/rhodecode/lib/auth.py @@ -1991,9 +1991,10 @@ def check_ip_access(source_ip, allowed_i :param allowed_ips: list of allowed ips together with mask """ log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips)) - source_ip_address = ipaddress.ip_address(source_ip) + source_ip_address = ipaddress.ip_address(safe_unicode(source_ip)) if isinstance(allowed_ips, (tuple, list, set)): for ip in allowed_ips: + ip = safe_unicode(ip) try: network_address = ipaddress.ip_network(ip, strict=False) if source_ip_address in network_address: diff --git a/rhodecode/lib/base.py b/rhodecode/lib/base.py --- a/rhodecode/lib/base.py +++ b/rhodecode/lib/base.py @@ -101,7 +101,7 @@ def _filter_port(ip): else: # fallback to ipaddress try: - ipaddress.IPv6Address(ip_addr) + ipaddress.IPv6Address(safe_unicode(ip_addr)) except Exception: return False return True @@ -286,6 +286,7 @@ def attach_context_attributes(context, r Attach variables into template context called `c`, please note that request could be pylons or pyramid request in here. """ + rc_config = SettingsModel().get_all_settings(cache=True) context.rhodecode_version = rhodecode.__version__ diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py --- a/rhodecode/model/db.py +++ b/rhodecode/model/db.py @@ -1123,7 +1123,7 @@ class UserIpMap(Base, BaseModel): @classmethod def _get_ip_range(cls, ip_addr): - net = ipaddress.ip_network(ip_addr, strict=False) + net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False) return [str(net.network_address), str(net.broadcast_address)] def __json__(self): diff --git a/rhodecode/model/user.py b/rhodecode/model/user.py --- a/rhodecode/model/user.py +++ b/rhodecode/model/user.py @@ -777,6 +777,7 @@ class UserModel(BaseModel): def parse_ip_range(self, ip_range): ip_list = [] + def make_unique(value): seen = [] return [c for c in value if not (c in seen or seen.append(c))] @@ -788,8 +789,8 @@ class UserModel(BaseModel): ip_range = ip_range.strip() if '-' in ip_range: start_ip, end_ip = ip_range.split('-', 1) - start_ip = ipaddress.ip_address(start_ip.strip()) - end_ip = ipaddress.ip_address(end_ip.strip()) + start_ip = ipaddress.ip_address(safe_unicode(start_ip.strip())) + end_ip = ipaddress.ip_address(safe_unicode(end_ip.strip())) parsed_ip_range = [] for index in xrange(int(start_ip), int(end_ip) + 1): diff --git a/rhodecode/model/validation_schema/validators.py b/rhodecode/model/validation_schema/validators.py --- a/rhodecode/model/validation_schema/validators.py +++ b/rhodecode/model/validation_schema/validators.py @@ -27,7 +27,7 @@ import ipaddress import colander from rhodecode.translation import _ -from rhodecode.lib.utils2 import glob2re +from rhodecode.lib.utils2 import glob2re, safe_unicode log = logging.getLogger(__name__) @@ -35,7 +35,7 @@ log = logging.getLogger(__name__) def ip_addr_validator(node, value): try: # this raises an ValueError if address is not IpV4 or IpV6 - ipaddress.ip_network(value, strict=False) + ipaddress.ip_network(safe_unicode(value), strict=False) except ValueError: msg = _(u'Please enter a valid IPv4 or IpV6 address') raise colander.Invalid(node, msg) @@ -48,7 +48,7 @@ class IpAddrValidator(object): def __call__(self, node, value): try: # this raises an ValueError if address is not IpV4 or IpV6 - ipaddress.ip_network(value, strict=self.strict) + ipaddress.ip_network(safe_unicode(value), strict=self.strict) except ValueError: msg = _(u'Please enter a valid IPv4 or IpV6 address') raise colander.Invalid(node, msg) diff --git a/rhodecode/model/validators.py b/rhodecode/model/validators.py --- a/rhodecode/model/validators.py +++ b/rhodecode/model/validators.py @@ -44,7 +44,7 @@ from rhodecode.authentication.base impor from rhodecode.config.routing import ADMIN_PREFIX from rhodecode.lib.auth import HasRepoGroupPermissionAny, HasPermissionAny from rhodecode.lib.utils import repo_name_slug, make_db_config -from rhodecode.lib.utils2 import safe_int, str2bool, aslist, md5 +from rhodecode.lib.utils2 import safe_int, str2bool, aslist, md5, safe_unicode from rhodecode.lib.vcs.backends.git.repository import GitRepository from rhodecode.lib.vcs.backends.hg.repository import MercurialRepository from rhodecode.lib.vcs.backends.svn.repository import SubversionRepository @@ -972,13 +972,13 @@ def ValidIp(): # we ovveride the default to_python() call def to_python(self, value, state): v = super(_validator, self).to_python(value, state) - v = v.strip() + v = safe_unicode(v.strip()) net = ipaddress.ip_network(address=v, strict=False) return str(net) def validate_python(self, value, state): try: - addr = value.strip() + addr = safe_unicode(value.strip()) # this raises an ValueError if address is not IpV4 or IpV6 ipaddress.ip_network(addr, strict=False) except ValueError: diff --git a/rhodecode/tests/models/test_users.py b/rhodecode/tests/models/test_users.py --- a/rhodecode/tests/models/test_users.py +++ b/rhodecode/tests/models/test_users.py @@ -261,7 +261,7 @@ def test_revoke_perm(test_user): def test_ip_range_generator(ip_range, expected, expect_errors): func = UserModel().parse_ip_range if expect_errors: - pytest.raises(Exception, func, ip_range) + pytest.raises(ValueError, func, ip_range) else: parsed_list = func(ip_range) assert parsed_list == expected diff --git a/setup.py b/setup.py --- a/setup.py +++ b/setup.py @@ -99,7 +99,6 @@ install_requirements = [ 'anyjson', 'appenlight-client', 'authomatic', - 'backport_ipaddress', 'cssselect', 'celery', 'channelstream',