Show More
| @@ -23,8 +23,9 b' import re' | |||||
| 23 | import logging |
|
23 | import logging | |
| 24 | import datetime |
|
24 | import datetime | |
| 25 | import configparser |
|
25 | import configparser | |
|
|
26 | from sqlalchemy import Table | |||
| 26 |
|
27 | |||
| 27 | from rhodecode.model.db import Session, User, UserSshKeys |
|
28 | from rhodecode.lib.utils2 import AttributeDict | |
| 28 | from rhodecode.model.scm import ScmModel |
|
29 | from rhodecode.model.scm import ScmModel | |
| 29 |
|
30 | |||
| 30 | from .hg import MercurialServer |
|
31 | from .hg import MercurialServer | |
| @@ -39,11 +40,11 b' class SshWrapper(object):' | |||||
| 39 | svn_cmd_pat = re.compile(r'^svnserve -t') |
|
40 | svn_cmd_pat = re.compile(r'^svnserve -t') | |
| 40 |
|
41 | |||
| 41 | def __init__(self, command, connection_info, mode, |
|
42 | def __init__(self, command, connection_info, mode, | |
| 42 | user, user_id, key_id, shell, ini_path, env): |
|
43 | user, user_id, key_id: int, shell, ini_path: str, env): | |
| 43 | self.command = command |
|
44 | self.command = command | |
| 44 | self.connection_info = connection_info |
|
45 | self.connection_info = connection_info | |
| 45 | self.mode = mode |
|
46 | self.mode = mode | |
| 46 | self.user = user |
|
47 | self.username = user | |
| 47 | self.user_id = user_id |
|
48 | self.user_id = user_id | |
| 48 | self.key_id = key_id |
|
49 | self.key_id = key_id | |
| 49 | self.shell = shell |
|
50 | self.shell = shell | |
| @@ -59,14 +60,38 b' class SshWrapper(object):' | |||||
| 59 | return parser |
|
60 | return parser | |
| 60 |
|
61 | |||
| 61 | def update_key_access_time(self, key_id): |
|
62 | def update_key_access_time(self, key_id): | |
| 62 | key = UserSshKeys().query().filter( |
|
63 | from rhodecode.model.meta import raw_query_executor, Base | |
| 63 | UserSshKeys.ssh_key_id == key_id).scalar() |
|
64 | ||
| 64 | if key: |
|
65 | table = Table('user_ssh_keys', Base.metadata, autoload=False) | |
| 65 | key.accessed_on = datetime.datetime.utcnow() |
|
66 | stmt = ( | |
| 66 | Session().add(key) |
|
67 | table.update() | |
| 67 | Session().commit() |
|
68 | .where(table.c.ssh_key_id == key_id) | |
|
|
69 | .values(accessed_on=datetime.datetime.utcnow()) | |||
|
|
70 | .returning(table.c.accessed_on, table.c.ssh_key_fingerprint) | |||
|
|
71 | ) | |||
|
|
72 | ||||
|
|
73 | scalar_res = None | |||
|
|
74 | with raw_query_executor() as session: | |||
|
|
75 | result = session.execute(stmt) | |||
|
|
76 | if result.rowcount: | |||
|
|
77 | scalar_res = result.first() | |||
|
|
78 | ||||
|
|
79 | if scalar_res: | |||
|
|
80 | atime, ssh_key_fingerprint = scalar_res | |||
| 68 | log.debug('Update key id:`%s` fingerprint:`%s` access time', |
|
81 | log.debug('Update key id:`%s` fingerprint:`%s` access time', | |
| 69 |
key_id, |
|
82 | key_id, ssh_key_fingerprint) | |
|
|
83 | ||||
|
|
84 | def get_user(self, user_id): | |||
|
|
85 | user = AttributeDict() | |||
|
|
86 | # lazy load db imports | |||
|
|
87 | from rhodecode.model.db import User | |||
|
|
88 | dbuser = User.get(user_id) | |||
|
|
89 | if not dbuser: | |||
|
|
90 | return None | |||
|
|
91 | user.user_id = dbuser.user_id | |||
|
|
92 | user.username = dbuser.username | |||
|
|
93 | user.auth_user = dbuser.AuthUser() | |||
|
|
94 | return user | |||
| 70 |
|
95 | |||
| 71 | def get_connection_info(self): |
|
96 | def get_connection_info(self): | |
| 72 | """ |
|
97 | """ | |
| @@ -186,7 +211,7 b' class SshWrapper(object):' | |||||
| 186 |
|
211 | |||
| 187 | def wrap(self): |
|
212 | def wrap(self): | |
| 188 | mode = self.mode |
|
213 | mode = self.mode | |
| 189 | user = self.user |
|
214 | username = self.username | |
| 190 | user_id = self.user_id |
|
215 | user_id = self.user_id | |
| 191 | key_id = self.key_id |
|
216 | key_id = self.key_id | |
| 192 | shell = self.shell |
|
217 | shell = self.shell | |
| @@ -194,15 +219,16 b' class SshWrapper(object):' | |||||
| 194 | scm_detected, scm_repo, scm_mode = self.get_repo_details(mode) |
|
219 | scm_detected, scm_repo, scm_mode = self.get_repo_details(mode) | |
| 195 |
|
220 | |||
| 196 | log.debug( |
|
221 | log.debug( | |
| 197 | 'Mode: `%s` User: `%s:%s` Shell: `%s` SSH Command: `\"%s\"` ' |
|
222 | 'Mode: `%s` User: `name:%s : id:%s` Shell: `%s` SSH Command: `\"%s\"` ' | |
| 198 | 'SCM_DETECTED: `%s` SCM Mode: `%s` SCM Repo: `%s`', |
|
223 | 'SCM_DETECTED: `%s` SCM Mode: `%s` SCM Repo: `%s`', | |
| 199 | mode, user, user_id, shell, self.command, |
|
224 | mode, username, user_id, shell, self.command, | |
| 200 | scm_detected, scm_mode, scm_repo) |
|
225 | scm_detected, scm_mode, scm_repo) | |
| 201 |
|
226 | |||
|
|
227 | log.debug('SSH Connection info %s', self.get_connection_info()) | |||
|
|
228 | ||||
| 202 | # update last access time for this key |
|
229 | # update last access time for this key | |
| 203 | self.update_key_access_time(key_id) |
|
230 | if key_id: | |
| 204 |
|
231 | self.update_key_access_time(key_id) | ||
| 205 | log.debug('SSH Connection info %s', self.get_connection_info()) |
|
|||
| 206 |
|
232 | |||
| 207 | if shell and self.command is None: |
|
233 | if shell and self.command is None: | |
| 208 | log.info('Dropping to shell, no command given and shell is allowed') |
|
234 | log.info('Dropping to shell, no command given and shell is allowed') | |
| @@ -210,13 +236,13 b' class SshWrapper(object):' | |||||
| 210 | exit_code = 1 |
|
236 | exit_code = 1 | |
| 211 |
|
237 | |||
| 212 | elif scm_detected: |
|
238 | elif scm_detected: | |
| 213 |
user = |
|
239 | user = self.get_user(user_id) | |
| 214 | if not user: |
|
240 | if not user: | |
| 215 | log.warning('User with id %s not found', user_id) |
|
241 | log.warning('User with id %s not found', user_id) | |
| 216 | exit_code = -1 |
|
242 | exit_code = -1 | |
| 217 | return exit_code |
|
243 | return exit_code | |
| 218 |
|
244 | |||
| 219 |
auth_user = user. |
|
245 | auth_user = user.auth_user | |
| 220 | permissions = auth_user.permissions['repositories'] |
|
246 | permissions = auth_user.permissions['repositories'] | |
| 221 | repo_branch_permissions = auth_user.get_branch_permissions(scm_repo) |
|
247 | repo_branch_permissions = auth_user.get_branch_permissions(scm_repo) | |
| 222 | try: |
|
248 | try: | |
| @@ -24,10 +24,10 b' SQLAlchemy Metadata and Session object' | |||||
| 24 |
|
24 | |||
| 25 | from sqlalchemy.orm import declarative_base |
|
25 | from sqlalchemy.orm import declarative_base | |
| 26 | from sqlalchemy.orm import scoped_session, sessionmaker |
|
26 | from sqlalchemy.orm import scoped_session, sessionmaker | |
| 27 |
|
27 | from sqlalchemy.orm import Session as SASession | ||
| 28 | from rhodecode.lib import caching_query |
|
28 | from rhodecode.lib import caching_query | |
| 29 |
|
29 | |||
| 30 | __all__ = ['Base', 'Session'] |
|
30 | __all__ = ['Base', 'Session', 'raw_query_executor'] | |
| 31 |
|
31 | |||
| 32 | # scoped_session. Apply our custom CachingQuery class to it, |
|
32 | # scoped_session. Apply our custom CachingQuery class to it, | |
| 33 | # using a callable that will associate the dictionary |
|
33 | # using a callable that will associate the dictionary | |
| @@ -43,3 +43,9 b' Session = scoped_session(' | |||||
| 43 |
|
43 | |||
| 44 | # The declarative Base |
|
44 | # The declarative Base | |
| 45 | Base = declarative_base() |
|
45 | Base = declarative_base() | |
|
|
46 | ||||
|
|
47 | ||||
|
|
48 | def raw_query_executor(): | |||
|
|
49 | engine = Base.metadata.bind | |||
|
|
50 | session = SASession(engine) | |||
|
|
51 | return session | |||
General Comments 0
You need to be logged in to leave comments.
Login now