Show More
@@ -158,20 +158,20 b' def request_view(request):' | |||||
158 | # search not expired tokens only |
|
158 | # search not expired tokens only | |
159 |
|
159 | |||
160 | try: |
|
160 | try: | |
161 | u = User.get_by_auth_token(request.rpc_api_key) |
|
161 | api_user = User.get_by_auth_token(request.rpc_api_key) | |
162 |
|
162 | |||
163 | if u is None: |
|
163 | if api_user is None: | |
164 | return jsonrpc_error( |
|
164 | return jsonrpc_error( | |
165 | request, retid=request.rpc_id, message='Invalid API KEY') |
|
165 | request, retid=request.rpc_id, message='Invalid API KEY') | |
166 |
|
166 | |||
167 | if not u.active: |
|
167 | if not api_user.active: | |
168 | return jsonrpc_error( |
|
168 | return jsonrpc_error( | |
169 | request, retid=request.rpc_id, |
|
169 | request, retid=request.rpc_id, | |
170 | message='Request from this user not allowed') |
|
170 | message='Request from this user not allowed') | |
171 |
|
171 | |||
172 | # check if we are allowed to use this IP |
|
172 | # check if we are allowed to use this IP | |
173 | auth_u = AuthUser( |
|
173 | auth_u = AuthUser( | |
174 | u.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) |
|
174 | api_user.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) | |
175 | if not auth_u.ip_allowed: |
|
175 | if not auth_u.ip_allowed: | |
176 | return jsonrpc_error( |
|
176 | return jsonrpc_error( | |
177 | request, retid=request.rpc_id, |
|
177 | request, retid=request.rpc_id, | |
@@ -180,11 +180,14 b' def request_view(request):' | |||||
180 | else: |
|
180 | else: | |
181 | log.info('Access for IP:%s allowed' % (request.rpc_ip_addr,)) |
|
181 | log.info('Access for IP:%s allowed' % (request.rpc_ip_addr,)) | |
182 |
|
182 | |||
|
183 | # register our auth-user | |||
|
184 | request.rpc_user = auth_u | |||
|
185 | ||||
183 | # now check if token is valid for API |
|
186 | # now check if token is valid for API | |
184 | role = UserApiKeys.ROLE_API |
|
187 | role = UserApiKeys.ROLE_API | |
185 | extra_auth_tokens = [ |
|
188 | extra_auth_tokens = [ | |
186 | x.api_key for x in User.extra_valid_auth_tokens(u, role=role)] |
|
189 | x.api_key for x in User.extra_valid_auth_tokens(api_user, role=role)] | |
187 | active_tokens = [u.api_key] + extra_auth_tokens |
|
190 | active_tokens = [api_user.api_key] + extra_auth_tokens | |
188 |
|
191 | |||
189 | log.debug('Checking if API key has proper role') |
|
192 | log.debug('Checking if API key has proper role') | |
190 | if request.rpc_api_key not in active_tokens: |
|
193 | if request.rpc_api_key not in active_tokens: |
@@ -38,15 +38,30 b' class RhodecodeEvent(object):' | |||||
38 | self.utc_timestamp = datetime.utcnow() |
|
38 | self.utc_timestamp = datetime.utcnow() | |
39 |
|
39 | |||
40 | @property |
|
40 | @property | |
|
41 | def auth_user(self): | |||
|
42 | if not self.request: | |||
|
43 | return | |||
|
44 | ||||
|
45 | user = getattr(self.request, 'user', None) | |||
|
46 | if user: | |||
|
47 | return user | |||
|
48 | ||||
|
49 | api_user = getattr(self.request, 'rpc_user', None) | |||
|
50 | if api_user: | |||
|
51 | return api_user | |||
|
52 | ||||
|
53 | @property | |||
41 | def actor(self): |
|
54 | def actor(self): | |
42 | if self.request: |
|
55 | auth_user = self.auth_user | |
43 | return self.request.user.get_instance() |
|
56 | if auth_user: | |
|
57 | return auth_user.get_instance() | |||
44 | return SYSTEM_USER |
|
58 | return SYSTEM_USER | |
45 |
|
59 | |||
46 | @property |
|
60 | @property | |
47 | def actor_ip(self): |
|
61 | def actor_ip(self): | |
48 | if self.request: |
|
62 | auth_user = self.auth_user | |
49 | return self.request.user.ip_addr |
|
63 | if auth_user: | |
|
64 | return auth_user.ip_addr | |||
50 | return '<no ip available>' |
|
65 | return '<no ip available>' | |
51 |
|
66 | |||
52 | @property |
|
67 | @property |
General Comments 0
You need to be logged in to leave comments.
Login now