Show More
@@ -1,72 +1,46 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2024 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import logging |
|
20 | import formencode | |
|
21 | 20 | |
|
22 | from rhodecode import BACKENDS | |
|
23 | 21 | from rhodecode.apps._base import BaseAppView |
|
24 | from rhodecode.model.meta import Session | |
|
25 | from rhodecode.model.settings import SettingsModel | |
|
26 | from rhodecode.model.forms import WhitelistedVcsClientsForm | |
|
27 | 22 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator |
|
28 | 23 | |
|
29 | 24 | log = logging.getLogger(__name__) |
|
30 | 25 | |
|
31 | 26 | |
|
32 | 27 | class AdminSecurityView(BaseAppView): |
|
33 | 28 | |
|
34 | 29 | def load_default_context(self): |
|
35 | 30 | c = self._get_local_tmpl_context() |
|
36 | 31 | return c |
|
37 | 32 | |
|
38 | 33 | @LoginRequired() |
|
39 | 34 | @HasPermissionAllDecorator('hg.admin') |
|
40 | 35 | def security(self): |
|
41 | 36 | c = self.load_default_context() |
|
42 | 37 | c.active = 'security' |
|
43 | 38 | return self._get_template_context(c) |
|
44 | 39 | |
|
40 | ||
|
45 | 41 | @LoginRequired() |
|
46 | 42 | @HasPermissionAllDecorator('hg.admin') |
|
47 | def vcs_whitelisted_client_versions_edit(self): | |
|
48 | _ = self.request.translate | |
|
43 | def admin_security_modify_allowed_vcs_client_versions(self): | |
|
49 | 44 | c = self.load_default_context() |
|
50 | render_ctx = {} | |
|
51 | settings = SettingsModel() | |
|
52 | form = WhitelistedVcsClientsForm(_, )() | |
|
53 | if self.request.method == 'POST': | |
|
54 | try: | |
|
55 | result = form.to_python(self.request.POST) | |
|
56 | for k, v in result.items(): | |
|
57 | if v: | |
|
58 | setting = settings.create_or_update_setting(name=f'{k}_allowed_clients', val=v) | |
|
59 | Session().add(setting) | |
|
60 | Session().commit() | |
|
61 | ||
|
62 | except formencode.Invalid as errors: | |
|
63 | render_ctx.update({ | |
|
64 | 'errors': errors.error_dict | |
|
65 | }) | |
|
66 | for key in BACKENDS.keys(): | |
|
67 | verbose_name = f"initial_{key}" | |
|
68 | if existing := settings.get_setting_by_name(name=f'{key}_allowed_clients'): | |
|
69 | render_ctx[verbose_name] = existing.app_settings_value | |
|
70 | else: | |
|
71 | render_ctx[verbose_name] = '*' | |
|
72 | return self._get_template_context(c, **render_ctx) | |
|
45 | c.active = 'security' | |
|
46 | return self._get_template_context(c) |
@@ -1,79 +1,50 b'' | |||
|
1 | 1 | <%inherit file="/base/base.mako"/> |
|
2 | 2 | |
|
3 | 3 | <%def name="title()"> |
|
4 | 4 | ${_('Security Admin')} |
|
5 | 5 | %if c.rhodecode_name: |
|
6 | 6 | · ${h.branding(c.rhodecode_name)} |
|
7 | 7 | %endif |
|
8 | 8 | </%def> |
|
9 | 9 | |
|
10 | 10 | <%def name="breadcrumbs_links()"></%def> |
|
11 | 11 | |
|
12 | 12 | <%def name="menu_bar_nav()"> |
|
13 | 13 | ${self.menu_items(active='admin')} |
|
14 | 14 | </%def> |
|
15 | 15 | |
|
16 | 16 | <%def name="menu_bar_subnav()"> |
|
17 | 17 | ${self.admin_menu(active='security')} |
|
18 | 18 | </%def> |
|
19 | 19 | |
|
20 | 20 | <%def name="main()"> |
|
21 | 21 | |
|
22 | 22 | <div class="box"> |
|
23 | 23 | |
|
24 | 24 | <div class="panel panel-default"> |
|
25 | 25 | <div class="panel-heading"> |
|
26 | 26 | <h3 class="panel-title">${_('Security Audit')}</h3> |
|
27 | 27 | </div> |
|
28 | 28 | <div class="panel-body"> |
|
29 | 29 | <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4> |
|
30 | 30 | <p> |
|
31 | 31 | ${_('You can scan your repositories for exposed secrets, passwords, etc')} |
|
32 | 32 | </p> |
|
33 | 33 | </div> |
|
34 | 34 | </div> |
|
35 | 35 | |
|
36 | 36 | <div class="panel panel-default"> |
|
37 | 37 | <div class="panel-heading"> |
|
38 | 38 | <h3 class="panel-title">${_('Allowed client versions')}</h3> |
|
39 | 39 | </div> |
|
40 | 40 | <div class="panel-body"> |
|
41 | %if c.rhodecode_edition_id != 'EE': | |
|
42 | 41 | <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4> |
|
43 | 42 | <p> |
|
44 | 43 | ${_('Some outdated client versions may have security vulnerabilities. This section have rules for whitelisting versions of clients for Git, Mercurial and SVN.')} |
|
45 | 44 | </p> |
|
46 | %else: | |
|
47 | <div class="inner form" id="container"> | |
|
48 | 45 |
|
|
49 | %endif | |
|
50 | </div> | |
|
46 | ||
|
51 | 47 | |
|
52 | 48 | </div> |
|
53 | 49 | |
|
54 | <script> | |
|
55 | $(document).ready(function() { | |
|
56 | $.ajax({ | |
|
57 | url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'), | |
|
58 | type: 'GET', | |
|
59 | success: function(response) { | |
|
60 | $('#container').html(response); | |
|
61 | }, | |
|
62 | }); | |
|
63 | $(document).on('submit', '#allowed_clients_form', function(event) { | |
|
64 | event.preventDefault(); | |
|
65 | var formData = $(this).serialize(); | |
|
66 | ||
|
67 | $.ajax({ | |
|
68 | url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'), | |
|
69 | type: 'POST', | |
|
70 | data: formData, | |
|
71 | success: function(response) { | |
|
72 | $('#container').html(response); | |
|
73 | }, | |
|
74 | }); | |
|
75 | }); | |
|
76 | }); | |
|
77 | </script> | |
|
78 | ||
|
79 | 50 | </%def> |
|
1 | NO CONTENT: file was removed |
General Comments 0
You need to be logged in to leave comments.
Login now