Show More
| @@ -158,33 +158,36 b' def request_view(request):' | |||
|
|
158 | 158 | # search not expired tokens only |
|
|
159 | 159 | |
|
|
160 | 160 | try: |
|
|
161 | u = User.get_by_auth_token(request.rpc_api_key) | |
|
|
161 | api_user = User.get_by_auth_token(request.rpc_api_key) | |
|
|
162 | 162 | |
|
|
163 | if u is None: | |
|
|
163 | if api_user is None: | |
|
|
164 | 164 | return jsonrpc_error( |
|
|
165 | 165 | request, retid=request.rpc_id, message='Invalid API KEY') |
|
|
166 | 166 | |
|
|
167 | if not u.active: | |
|
|
167 | if not api_user.active: | |
|
|
168 | 168 | return jsonrpc_error( |
|
|
169 | 169 | request, retid=request.rpc_id, |
|
|
170 | 170 | message='Request from this user not allowed') |
|
|
171 | 171 | |
|
|
172 | 172 | # check if we are allowed to use this IP |
|
|
173 | 173 | auth_u = AuthUser( |
|
|
174 | u.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) | |
|
|
174 | api_user.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) | |
|
|
175 | 175 | if not auth_u.ip_allowed: |
|
|
176 | 176 | return jsonrpc_error( |
|
|
177 | 177 | request, retid=request.rpc_id, |
|
|
178 | 178 | message='Request from IP:%s not allowed' % ( |
|
|
179 | request.rpc_ip_addr,)) | |
|
|
179 | request.rpc_ip_addr,)) | |
|
|
180 | 180 | else: |
|
|
181 | 181 | log.info('Access for IP:%s allowed' % (request.rpc_ip_addr,)) |
|
|
182 | 182 | |
|
|
183 | # register our auth-user | |
|
|
184 | request.rpc_user = auth_u | |
|
|
185 | ||
|
|
183 | 186 | # now check if token is valid for API |
|
|
184 | 187 | role = UserApiKeys.ROLE_API |
|
|
185 | 188 | extra_auth_tokens = [ |
|
|
186 | x.api_key for x in User.extra_valid_auth_tokens(u, role=role)] | |
|
|
187 | active_tokens = [u.api_key] + extra_auth_tokens | |
|
|
189 | x.api_key for x in User.extra_valid_auth_tokens(api_user, role=role)] | |
|
|
190 | active_tokens = [api_user.api_key] + extra_auth_tokens | |
|
|
188 | 191 | |
|
|
189 | 192 | log.debug('Checking if API key has proper role') |
|
|
190 | 193 | if request.rpc_api_key not in active_tokens: |
| @@ -38,15 +38,30 b' class RhodecodeEvent(object):' | |||
|
|
38 | 38 | self.utc_timestamp = datetime.utcnow() |
|
|
39 | 39 | |
|
|
40 | 40 | @property |
|
|
41 | def auth_user(self): | |
|
|
42 | if not self.request: | |
|
|
43 | return | |
|
|
44 | ||
|
|
45 | user = getattr(self.request, 'user', None) | |
|
|
46 | if user: | |
|
|
47 | return user | |
|
|
48 | ||
|
|
49 | api_user = getattr(self.request, 'rpc_user', None) | |
|
|
50 | if api_user: | |
|
|
51 | return api_user | |
|
|
52 | ||
|
|
53 | @property | |
|
|
41 | 54 | def actor(self): |
|
|
42 | if self.request: | |
|
|
43 | return self.request.user.get_instance() | |
|
|
55 | auth_user = self.auth_user | |
|
|
56 | if auth_user: | |
|
|
57 | return auth_user.get_instance() | |
|
|
44 | 58 | return SYSTEM_USER |
|
|
45 | 59 | |
|
|
46 | 60 | @property |
|
|
47 | 61 | def actor_ip(self): |
|
|
48 | if self.request: | |
|
|
49 | return self.request.user.ip_addr | |
|
|
62 | auth_user = self.auth_user | |
|
|
63 | if auth_user: | |
|
|
64 | return auth_user.ip_addr | |
|
|
50 | 65 | return '<no ip available>' |
|
|
51 | 66 | |
|
|
52 | 67 | @property |
General Comments 0
You need to be logged in to leave comments.
Login now