# HG changeset patch
# User Andrii Verbytskyi <andrii@rhodecode.com>
# Date 2024-09-27 09:03:43
# Node ID 5c137dd86f807208523bbd10a4ad8655a519dd47
# Parent  fb58a2b479f2ae75826adb25f24664dc250611de

feat: security-related code removed to be moved to EE

diff --git a/rhodecode/apps/admin/views/security.py b/rhodecode/apps/admin/views/security.py
--- a/rhodecode/apps/admin/views/security.py
+++ b/rhodecode/apps/admin/views/security.py
@@ -17,13 +17,8 @@
 # and proprietary license terms, please see https://rhodecode.com/licenses/
 
 import logging
-import formencode
 
-from rhodecode import BACKENDS
 from rhodecode.apps._base import BaseAppView
-from rhodecode.model.meta import Session
-from rhodecode.model.settings import SettingsModel
-from rhodecode.model.forms import WhitelistedVcsClientsForm
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
 
 log = logging.getLogger(__name__)
@@ -42,31 +37,10 @@ class AdminSecurityView(BaseAppView):
         c.active = 'security'
         return self._get_template_context(c)
 
+
     @LoginRequired()
     @HasPermissionAllDecorator('hg.admin')
-    def vcs_whitelisted_client_versions_edit(self):
-        _ = self.request.translate
+    def admin_security_modify_allowed_vcs_client_versions(self):
         c = self.load_default_context()
-        render_ctx = {}
-        settings = SettingsModel()
-        form = WhitelistedVcsClientsForm(_, )()
-        if self.request.method == 'POST':
-            try:
-                result = form.to_python(self.request.POST)
-                for k, v in result.items():
-                    if v:
-                        setting = settings.create_or_update_setting(name=f'{k}_allowed_clients', val=v)
-                        Session().add(setting)
-                Session().commit()
-
-            except formencode.Invalid as errors:
-                render_ctx.update({
-                    'errors': errors.error_dict
-                })
-        for key in BACKENDS.keys():
-            verbose_name = f"initial_{key}"
-            if existing := settings.get_setting_by_name(name=f'{key}_allowed_clients'):
-                render_ctx[verbose_name] = existing.app_settings_value
-            else:
-                render_ctx[verbose_name] = '*'
-        return self._get_template_context(c, **render_ctx)
+        c.active = 'security'
+        return self._get_template_context(c)
diff --git a/rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako b/rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako
deleted file mode 100644
--- a/rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako
+++ /dev/null
@@ -1,62 +0,0 @@
-<style>
-    .form-group {
-        margin-bottom: 15px;
-    }
-
-    .form-group label {
-        display: flex;
-        align-items: left;
-        font-weight: bold;
-    }
-
-    .form-control {
-        width: 60%;
-        padding: 10px;
-        font-size: 1rem;
-        line-height: 1.5;
-        border: 1px solid #ced4da;
-        border-radius: 4px;
-        box-sizing: border-box;
-    }
-
-    .btn-primary {
-        background-color: #007bff;
-        border: none;
-        padding: 10px 20px;
-        color: white;
-        font-size: 1rem;
-        border-radius: 4px;
-        cursor: pointer;
-    }
-
-    .btn-primary:hover {
-        background-color: #0056b3;
-    }
-    .form-group .help_block {
-        display: block;
-        width: 100%;
-        margin-top: 10px;
-        text-align: left;
-        font-size: 0.875rem;
-    }
-</style>
-
-<div>
-    <div class="form-group">
-        ${h.secure_form(h.route_path('check_2fa'), request=request, id='allowed_clients_form')}
-            <p><label for="git">${_('git')}:</label>
-            ${h.text('git', class_="form-control", value=initial_git)}</p>
-            <p><label for="hg">${_('hg')}:</label>
-            ${h.text('hg', class_="form-control", value=initial_hg)}</p>
-            <p><label for="svn">${_('svn')}:</label>
-            ${h.text('svn', class_="form-control", value=initial_svn)}</p>
-            %for k, v in errors.items():
-                <span class="error-message">${k}: ${v}</span>
-                <br />
-            %endfor
-            <p class="help_block">${_('Set rules for allowed git, hg or svn client versions. You can set exact version (for example 2.0.9) or use comparison operators to set earliest or latest version (>=2.6.0)')}</p>
-
-            ${h.submit('send', _('Save'), class_="btn btn-primary")}
-        ${h.end_form()}
-    </div>
-</div>
diff --git a/rhodecode/templates/admin/security/security.mako b/rhodecode/templates/admin/security/security.mako
--- a/rhodecode/templates/admin/security/security.mako
+++ b/rhodecode/templates/admin/security/security.mako
@@ -38,42 +38,13 @@
             <h3 class="panel-title">${_('Allowed client versions')}</h3>
         </div>
         <div class="panel-body">
-            %if c.rhodecode_edition_id != 'EE':
             <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
             <p>
                 ${_('Some outdated client versions may have security vulnerabilities. This section have rules for whitelisting versions of clients for Git, Mercurial and SVN.')}
             </p>
-            %else:
-                <div class="inner form" id="container">
-                </div>
-            %endif
     </div>
 
+
 </div>
 
-<script>
-    $(document).ready(function() {
-        $.ajax({
-            url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'),
-            type: 'GET',
-            success: function(response) {
-                $('#container').html(response);
-            },
-        });
-    $(document).on('submit', '#allowed_clients_form', function(event) {
-                event.preventDefault();
-                var formData = $(this).serialize();
-
-                $.ajax({
-                    url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'),
-                    type: 'POST',
-                    data: formData,
-                    success: function(response) {
-                    $('#container').html(response);
-                },
-                });
-            });
-        });
-</script>
-
 </%def>