rhodecode-enterprise-ce Commit - r1510:77606b4c

authentication: enabled authentication with auth_token and repository scope....

marcink -

r1510:77606b4c default

parent child

The requested changes are too big and content was truncated. Show full diff

rhodecode/authentication/base.py

0 +10 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Authentication modules
             """
             import colander
             import logging
             import time
             import traceback
             import warnings
             from pyramid.threadlocal import get_current_registry
             from sqlalchemy.ext.hybrid import hybrid_property
             from rhodecode.authentication.interface import IAuthnPluginRegistry
             from rhodecode.authentication.schema import AuthnPluginSettingsSchemaBase
             from rhodecode.lib import caches
             from rhodecode.lib.auth import PasswordGenerator, _RhodeCodeCryptoBCrypt
             from rhodecode.lib.utils2 import md5_safe, safe_int
             from rhodecode.lib.utils2 import safe_str
             from rhodecode.model.db import User
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import SettingsModel
             from rhodecode.model.user import UserModel
             from rhodecode.model.user_group import UserGroupModel
             log = logging.getLogger(__name__)
             # auth types that authenticate() function can receive
             VCS_TYPE = 'vcs'
             HTTP_TYPE = 'http'
             class LazyFormencode(object):
                 def __init__(self, formencode_obj, *args, **kwargs):
                     self.formencode_obj = formencode_obj
                     self.args = args
                     self.kwargs = kwargs
                 def __call__(self, *args, **kwargs):
                     from inspect import isfunction
                     formencode_obj = self.formencode_obj
                     if isfunction(formencode_obj):
                         # case we wrap validators into functions
                         formencode_obj = self.formencode_obj(*args, **kwargs)
                     return formencode_obj(*self.args, **self.kwargs)
             class RhodeCodeAuthPluginBase(object):
                 # cache the authentication request for N amount of seconds. Some kind
                 # of authentication methods are very heavy and it's very efficient to cache
                 # the result of a call. If it's set to None (default) cache is off
                 AUTH_CACHE_TTL = None
                 AUTH_CACHE = {}
                 auth_func_attrs = {
                     "username": "unique username",
                     "firstname": "first name",
                     "lastname": "last name",
                     "email": "email address",
                     "groups": '["list", "of", "groups"]',
                     "extern_name": "name in external source of record",
                     "extern_type": "type of external source of record",
                     "admin": 'True|False defines if user should be RhodeCode super admin',
                     "active":
                         'True|False defines active state of user internally for RhodeCode',
                     "active_from_extern":
                         "True|False\None, active state from the external auth, "
                         "None means use definition from RhodeCode extern_type active value"
                 }
                 # set on authenticate() method and via set_auth_type func.
                 auth_type = None
+                # set on authenticate() method and via set_calling_scope_repo, this is a
+                # calling scope repository when doing authentication most likely on VCS
+                # operations
+                acl_repo_name = None
                 # List of setting names to store encrypted. Plugins may override this list
                 # to store settings encrypted.
                 _settings_encrypted = []
                 # Mapping of python to DB settings model types. Plugins may override or
                 # extend this mapping.
                 _settings_type_map = {
                     colander.String: 'unicode',
                     colander.Integer: 'int',
                     colander.Boolean: 'bool',
                     colander.List: 'list',
                 }
                 def __init__(self, plugin_id):
                     self._plugin_id = plugin_id
                 def __str__(self):
                     return self.get_id()
                 def _get_setting_full_name(self, name):
                     """
                     Return the full setting name used for storing values in the database.
                     """
                     # TODO: johbo: Using the name here is problematic. It would be good to
                     # introduce either new models in the database to hold Plugin and
                     # PluginSetting or to use the plugin id here.
                     return 'auth_{}_{}'.format(self.name, name)
                 def _get_setting_type(self, name):
                     """
                     Return the type of a setting. This type is defined by the SettingsModel
                     and determines how the setting is stored in DB. Optionally the suffix
                     `.encrypted` is appended to instruct SettingsModel to store it
                     encrypted.
                     """
                     schema_node = self.get_settings_schema().get(name)
                     db_type = self._settings_type_map.get(
                         type(schema_node.typ), 'unicode')
                     if name in self._settings_encrypted:
                         db_type = '{}.encrypted'.format(db_type)
                     return db_type
                 def is_enabled(self):
                     """
                     Returns true if this plugin is enabled. An enabled plugin can be
                     configured in the admin interface but it is not consulted during
                     authentication.
                     """
                     auth_plugins = SettingsModel().get_auth_plugins()
                     return self.get_id() in auth_plugins
                 def is_active(self):
                     """
                     Returns true if the plugin is activated. An activated plugin is
                     consulted during authentication, assumed it is also enabled.
                     """
                     return self.get_setting_by_name('enabled')
                 def get_id(self):
                     """
                     Returns the plugin id.
                     """
                     return self._plugin_id
                 def get_display_name(self):
                     """
                     Returns a translation string for displaying purposes.
                     """
                     raise NotImplementedError('Not implemented in base class')
                 def get_settings_schema(self):
                     """
                     Returns a colander schema, representing the plugin settings.
                     """
                     return AuthnPluginSettingsSchemaBase()
                 def get_setting_by_name(self, name, default=None):
                     """
                     Returns a plugin setting by name.
                     """
                     full_name = self._get_setting_full_name(name)
                     db_setting = SettingsModel().get_setting_by_name(full_name)
                     return db_setting.app_settings_value if db_setting else default
                 def create_or_update_setting(self, name, value):
                     """
                     Create or update a setting for this plugin in the persistent storage.
                     """
                     full_name = self._get_setting_full_name(name)
                     type_ = self._get_setting_type(name)
                     db_setting = SettingsModel().create_or_update_setting(
                         full_name, value, type_)
                     return db_setting.app_settings_value
                 def get_settings(self):
                     """
                     Returns the plugin settings as dictionary.
                     """
                     settings = {}
                     for node in self.get_settings_schema():
                         settings[node.name] = self.get_setting_by_name(node.name)
                     return settings
                 @property
                 def validators(self):
                     """
                     Exposes RhodeCode validators modules
                     """
                     # this is a hack to overcome issues with pylons threadlocals and
                     # translator object _() not beein registered properly.
                     class LazyCaller(object):
                         def __init__(self, name):
                             self.validator_name = name
                         def __call__(self, *args, **kwargs):
                             from rhodecode.model import validators as v
                             obj = getattr(v, self.validator_name)
                             # log.debug('Initializing lazy formencode object: %s', obj)
                             return LazyFormencode(obj, *args, **kwargs)
                     class ProxyGet(object):
                         def __getattribute__(self, name):
                             return LazyCaller(name)
                     return ProxyGet()
                 @hybrid_property
                 def name(self):
                     """
                     Returns the name of this authentication plugin.
                     :returns: string
                     """
                     raise NotImplementedError("Not implemented in base class")
                 def get_url_slug(self):
                     """
                     Returns a slug which should be used when constructing URLs which refer
                     to this plugin. By default it returns the plugin name. If the name is
                     not suitable for using it in an URL the plugin should override this
                     method.
                     """
                     return self.name
                 @property
                 def is_headers_auth(self):
                     """
                     Returns True if this authentication plugin uses HTTP headers as
                     authentication method.
                     """
                     return False
                 @hybrid_property
                 def is_container_auth(self):
                     """
                     Deprecated method that indicates if this authentication plugin uses
                     HTTP headers as authentication method.
                     """
                     warnings.warn(
                         'Use is_headers_auth instead.', category=DeprecationWarning)
                     return self.is_headers_auth
                 @hybrid_property
                 def allows_creating_users(self):
                     """
                     Defines if Plugin allows users to be created on-the-fly when
                     authentication is called. Controls how external plugins should behave
                     in terms if they are allowed to create new users, or not. Base plugins
                     should not be allowed to, but External ones should be !
                     :return: bool
                     """
                     return False
                 def set_auth_type(self, auth_type):
                     self.auth_type = auth_type
+                def set_calling_scope_repo(self, acl_repo_name):
+                    self.acl_repo_name = acl_repo_name
                 def allows_authentication_from(
                         self, user, allows_non_existing_user=True,
                         allowed_auth_plugins=None, allowed_auth_sources=None):
                     """
                     Checks if this authentication module should accept a request for
                     the current user.
                     :param user: user object fetched using plugin's get_user() method.
                     :param allows_non_existing_user: if True, don't allow the
                         user to be empty, meaning not existing in our database
                     :param allowed_auth_plugins: if provided, users extern_type will be
                         checked against a list of provided extern types, which are plugin
                         auth_names in the end
                     :param allowed_auth_sources: authentication type allowed,
                         `http` or `vcs` default is both.
                         defines if plugin will accept only http authentication vcs
                         authentication(git/hg) or both
                     :returns: boolean
                     """
                     if not user and not allows_non_existing_user:
                         log.debug('User is empty but plugin does not allow empty users,'
                                   'not allowed to authenticate')
                         return False
                     expected_auth_plugins = allowed_auth_plugins or [self.name]
                     if user and (user.extern_type and
                                  user.extern_type not in expected_auth_plugins):
                         log.debug(
                             'User `%s` is bound to `%s` auth type. Plugin allows only '
                             '%s, skipping', user, user.extern_type, expected_auth_plugins)
                         return False
                     # by default accept both
                     expected_auth_from = allowed_auth_sources or [HTTP_TYPE, VCS_TYPE]
                     if self.auth_type not in expected_auth_from:
                         log.debug('Current auth source is %s but plugin only allows %s',
                                   self.auth_type, expected_auth_from)
                         return False
                     return True
                 def get_user(self, username=None, **kwargs):
                     """
                     Helper method for user fetching in plugins, by default it's using
                     simple fetch by username, but this method can be custimized in plugins
                     eg. headers auth plugin to fetch user by environ params
                     :param username: username if given to fetch from database
                     :param kwargs: extra arguments needed for user fetching.
                     """
                     user = None
                     log.debug(
                         'Trying to fetch user `%s` from RhodeCode database', username)
                     if username:
                         user = User.get_by_username(username)
                         if not user:
                             log.debug('User not found, fallback to fetch user in '
                                       'case insensitive mode')
                             user = User.get_by_username(username, case_insensitive=True)
                     else:
                         log.debug('provided username:`%s` is empty skipping...', username)
                     if not user:
                         log.debug('User `%s` not found in database', username)
                     else:
                         log.debug('Got DB user:%s', user)
                     return user
                 def user_activation_state(self):
                     """
                     Defines user activation state when creating new users
                     :returns: boolean
                     """
                     raise NotImplementedError("Not implemented in base class")
                 def auth(self, userobj, username, passwd, settings, **kwargs):
                     """
                     Given a user object (which may be null), username, a plaintext
                     password, and a settings object (containing all the keys needed as
                     listed in settings()), authenticate this user's login attempt.
                     Return None on failure. On success, return a dictionary of the form:
                         see: RhodeCodeAuthPluginBase.auth_func_attrs
                     This is later validated for correctness
                     """
                     raise NotImplementedError("not implemented in base class")
                 def _authenticate(self, userobj, username, passwd, settings, **kwargs):
                     """
                     Wrapper to call self.auth() that validates call on it
                     :param userobj: userobj
                     :param username: username
                     :param passwd: plaintext password
                     :param settings: plugin settings
                     """
                     auth = self.auth(userobj, username, passwd, settings, **kwargs)
                     if auth:
                         # check if hash should be migrated ?
                         new_hash = auth.get('_hash_migrate')
                         if new_hash:
                             self._migrate_hash_to_bcrypt(username, passwd, new_hash)
                         return self._validate_auth_return(auth)
                     return auth
                 def _migrate_hash_to_bcrypt(self, username, password, new_hash):
                     new_hash_cypher = _RhodeCodeCryptoBCrypt()
                     # extra checks, so make sure new hash is correct.
                     password_encoded = safe_str(password)
                     if new_hash and new_hash_cypher.hash_check(
                             password_encoded, new_hash):
                         cur_user = User.get_by_username(username)
                         cur_user.password = new_hash
                         Session().add(cur_user)
                         Session().flush()
                         log.info('Migrated user %s hash to bcrypt', cur_user)
                 def _validate_auth_return(self, ret):
                     if not isinstance(ret, dict):
                         raise Exception('returned value from auth must be a dict')
                     for k in self.auth_func_attrs:
                         if k not in ret:
                             raise Exception('Missing %s attribute from returned data' % k)
                     return ret
             class RhodeCodeExternalAuthPlugin(RhodeCodeAuthPluginBase):
                 @hybrid_property
                 def allows_creating_users(self):
                     return True
                 def use_fake_password(self):
                     """
                     Return a boolean that indicates whether or not we should set the user's
                     password to a random value when it is authenticated by this plugin.
                     If your plugin provides authentication, then you will generally
                     want this.
                     :returns: boolean
                     """
                     raise NotImplementedError("Not implemented in base class")
                 def _authenticate(self, userobj, username, passwd, settings, **kwargs):
                     # at this point _authenticate calls plugin's `auth()` function
                     auth = super(RhodeCodeExternalAuthPlugin, self)._authenticate(
                         userobj, username, passwd, settings, **kwargs)
                     if auth:
                         # maybe plugin will clean the username ?
                         # we should use the return value
                         username = auth['username']
                         # if external source tells us that user is not active, we should
                         # skip rest of the process. This can prevent from creating users in
                         # RhodeCode when using external authentication, but if it's
                         # inactive user we shouldn't create that user anyway
                         if auth['active_from_extern'] is False:
                             log.warning(
                                 "User %s authenticated against %s, but is inactive",
                                 username, self.__module__)
                             return None
                         cur_user = User.get_by_username(username, case_insensitive=True)
                         is_user_existing = cur_user is not None
                         if is_user_existing:
                             log.debug('Syncing user `%s` from '
                                       '`%s` plugin', username, self.name)
                         else:
                             log.debug('Creating non existing user `%s` from '
                                       '`%s` plugin', username, self.name)
                         if self.allows_creating_users:
                             log.debug('Plugin `%s` allows to '
                                       'create new users', self.name)
                         else:
                             log.debug('Plugin `%s` does not allow to '
                                       'create new users', self.name)
                         user_parameters = {
                             'username': username,
                             'email': auth["email"],
                             'firstname': auth["firstname"],
                             'lastname': auth["lastname"],
                             'active': auth["active"],
                             'admin': auth["admin"],
                             'extern_name': auth["extern_name"],
                             'extern_type': self.name,
                             'plugin': self,
                             'allow_to_create_user': self.allows_creating_users,
                         }
                         if not is_user_existing:
                             if self.use_fake_password():
                                 # Randomize the PW because we don't need it, but don't want
                                 # them blank either
                                 passwd = PasswordGenerator().gen_password(length=16)
                             user_parameters['password'] = passwd
                         else:
                             # Since the password is required by create_or_update method of
                             # UserModel, we need to set it explicitly.
                             # The create_or_update method is smart and recognises the
                             # password hashes as well.
                             user_parameters['password'] = cur_user.password
                         # we either create or update users, we also pass the flag
                         # that controls if this method can actually do that.
                         # raises NotAllowedToCreateUserError if it cannot, and we try to.
                         user = UserModel().create_or_update(**user_parameters)
                         Session().flush()
                         # enforce user is just in given groups, all of them has to be ones
                         # created from plugins. We store this info in _group_data JSON
                         # field
                         try:
                             groups = auth['groups'] or []
                             UserGroupModel().enforce_groups(user, groups, self.name)
                         except Exception:
                             # for any reason group syncing fails, we should
                             # proceed with login
                             log.error(traceback.format_exc())
                         Session().commit()
                     return auth
             def loadplugin(plugin_id):
                 """
                 Loads and returns an instantiated authentication plugin.
                 Returns the RhodeCodeAuthPluginBase subclass on success,
                 or None on failure.
                 """
                 # TODO: Disusing pyramids thread locals to retrieve the registry.
                 authn_registry = get_authn_registry()
                 plugin = authn_registry.get_plugin(plugin_id)
                 if plugin is None:
                     log.error('Authentication plugin not found: "%s"', plugin_id)
                 return plugin
             def get_authn_registry(registry=None):
                 registry = registry or get_current_registry()
                 authn_registry = registry.getUtility(IAuthnPluginRegistry)
                 return authn_registry
             def get_auth_cache_manager(custom_ttl=None):
                 return caches.get_cache_manager(
                     'auth_plugins', 'rhodecode.authentication', custom_ttl)
             def authenticate(username, password, environ=None, auth_type=None,
-                             skip_missing=False, registry=None):
+                             skip_missing=False, registry=None, acl_repo_name=None):
                 """
                 Authentication function used for access control,
                 It tries to authenticate based on enabled authentication modules.
                 :param username: username can be empty for headers auth
                 :param password: password can be empty for headers auth
                 :param environ: environ headers passed for headers auth
                 :param auth_type: type of authentication, either `HTTP_TYPE` or `VCS_TYPE`
                 :param skip_missing: ignores plugins that are in db but not in environment
                 :returns: None if auth failed, plugin_user dict if auth is correct
                 """
                 if not auth_type or auth_type not in [HTTP_TYPE, VCS_TYPE]:
                     raise ValueError('auth type must be on of http, vcs got "%s" instead'
                                      % auth_type)
                 headers_only = environ and not (username and password)
                 authn_registry = get_authn_registry(registry)
                 for plugin in authn_registry.get_plugins_for_authentication():
                     plugin.set_auth_type(auth_type)
+                    plugin.set_calling_scope_repo(acl_repo_name)
                     user = plugin.get_user(username)
                     display_user = user.username if user else username
                     if headers_only and not plugin.is_headers_auth:
                         log.debug('Auth type is for headers only and plugin `%s` is not '
                                   'headers plugin, skipping...', plugin.get_id())
                         continue
                     # load plugin settings from RhodeCode database
                     plugin_settings = plugin.get_settings()
                     log.debug('Plugin settings:%s', plugin_settings)
                     log.debug('Trying authentication using ** %s **', plugin.get_id())
                     # use plugin's method of user extraction.
                     user = plugin.get_user(username, environ=environ,
                                            settings=plugin_settings)
                     display_user = user.username if user else username
                     log.debug(
                         'Plugin %s extracted user is `%s`', plugin.get_id(), display_user)
                     if not plugin.allows_authentication_from(user):
                         log.debug('Plugin %s does not accept user `%s` for authentication',
                                   plugin.get_id(), display_user)
                         continue
                     else:
                         log.debug('Plugin %s accepted user `%s` for authentication',
                                   plugin.get_id(), display_user)
                     log.info('Authenticating user `%s` using %s plugin',
                              display_user, plugin.get_id())
                     _cache_ttl = 0
                     if isinstance(plugin.AUTH_CACHE_TTL, (int, long)):
                         # plugin cache set inside is more important than the settings value
                         _cache_ttl = plugin.AUTH_CACHE_TTL
                     elif plugin_settings.get('cache_ttl'):
                         _cache_ttl = safe_int(plugin_settings.get('cache_ttl'), 0)
                     plugin_cache_active = bool(_cache_ttl and _cache_ttl > 0)
                     # get instance of cache manager configured for a namespace
                     cache_manager = get_auth_cache_manager(custom_ttl=_cache_ttl)
                     log.debug('AUTH_CACHE_TTL for plugin `%s` active: %s (TTL: %s)',
                               plugin.get_id(), plugin_cache_active, _cache_ttl)
                     # for environ based password can be empty, but then the validation is
                     # on the server that fills in the env data needed for authentication
                     _password_hash = md5_safe(plugin.name + username + (password or ''))
                     # _authenticate is a wrapper for .auth() method of plugin.
                     # it checks if .auth() sends proper data.
                     # For RhodeCodeExternalAuthPlugin it also maps users to
                     # Database and maps the attributes returned from .auth()
                     # to RhodeCode database. If this function returns data
                     # then auth is correct.
                     start = time.time()
                     log.debug('Running plugin `%s` _authenticate method', plugin.get_id())
                     def auth_func():
                         """
                         This function is used internally in Cache of Beaker to calculate
                         Results
                         """
                         return plugin._authenticate(
                             user, username, password, plugin_settings,
                             environ=environ or {})
                     if plugin_cache_active:
                         plugin_user = cache_manager.get(
                             _password_hash, createfunc=auth_func)
                     else:
                         plugin_user = auth_func()
                     auth_time = time.time() - start
                     log.debug('Authentication for plugin `%s` completed in %.3fs, '
                               'expiration time of fetched cache %.1fs.',
                               plugin.get_id(), auth_time, _cache_ttl)
                     log.debug('PLUGIN USER DATA: %s', plugin_user)
                     if plugin_user:
                         log.debug('Plugin returned proper authentication data')
                         return plugin_user
                     # we failed to Auth because .auth() method didn't return proper user
                     log.debug("User `%s` failed to authenticate against %s",
                               display_user, plugin.get_id())
                 return None
             def chop_at(s, sub, inclusive=False):
                 """Truncate string ``s`` at the first occurrence of ``sub``.
                 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
                 >>> chop_at("plutocratic brats", "rat")
                 'plutoc'
                 >>> chop_at("plutocratic brats", "rat", True)
                 'plutocrat'
                 """
                 pos = s.find(sub)
                 if pos == -1:
                     return s
                 if inclusive:
                     return s[:pos+len(sub)]
                 return s[:pos]

rhodecode/authentication/plugins/auth_token.py

0 +9 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             RhodeCode authentication token plugin for built in internal auth
             """
             import logging
             from rhodecode.translation import _
             from rhodecode.authentication.base import (
                 RhodeCodeAuthPluginBase, VCS_TYPE, hybrid_property)
             from rhodecode.authentication.routes import AuthnPluginResourceBase
-            from rhodecode.model.db import User, UserApiKeys
+            from rhodecode.model.db import User, UserApiKeys, Repository
             log = logging.getLogger(__name__)
             def plugin_factory(plugin_id, *args, **kwds):
                 plugin = RhodeCodeAuthPlugin(plugin_id)
                 return plugin
             class RhodecodeAuthnResource(AuthnPluginResourceBase):
                 pass
             class RhodeCodeAuthPlugin(RhodeCodeAuthPluginBase):
                 """
                 Enables usage of authentication tokens for vcs operations.
                 """
                 def includeme(self, config):
                     config.add_authn_plugin(self)
                     config.add_authn_resource(self.get_id(), RhodecodeAuthnResource(self))
                     config.add_view(
                         'rhodecode.authentication.views.AuthnPluginViewBase',
                         attr='settings_get',
                         renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
                         request_method='GET',
                         route_name='auth_home',
                         context=RhodecodeAuthnResource)
                     config.add_view(
                         'rhodecode.authentication.views.AuthnPluginViewBase',
                         attr='settings_post',
                         renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
                         request_method='POST',
                         route_name='auth_home',
                         context=RhodecodeAuthnResource)
                 def get_display_name(self):
                     return _('Rhodecode Token Auth')
                 @hybrid_property
                 def name(self):
                     return "authtoken"
                 def user_activation_state(self):
                     def_user_perms = User.get_default_user().AuthUser.permissions['global']
                     return 'hg.register.auto_activate' in def_user_perms
                 def allows_authentication_from(
                         self, user, allows_non_existing_user=True,
                         allowed_auth_plugins=None, allowed_auth_sources=None):
                     """
                     Custom method for this auth that doesn't accept empty users. And also
                     allows users from all other active plugins to use it and also
                     authenticate against it. But only via vcs mode
                     """
                     from rhodecode.authentication.base import get_authn_registry
                     authn_registry = get_authn_registry()
                     active_plugins = set(
                         [x.name for x in authn_registry.get_plugins_for_authentication()])
                     active_plugins.discard(self.name)
                     allowed_auth_plugins = [self.name] + list(active_plugins)
                     # only for vcs operations
                     allowed_auth_sources = [VCS_TYPE]
                     return super(RhodeCodeAuthPlugin, self).allows_authentication_from(
                         user, allows_non_existing_user=False,
                         allowed_auth_plugins=allowed_auth_plugins,
                         allowed_auth_sources=allowed_auth_sources)
                 def auth(self, userobj, username, password, settings, **kwargs):
                     if not userobj:
                         log.debug('userobj was:%s skipping' % (userobj, ))
                         return None
                     user_attrs = {
                         "username": userobj.username,
                         "firstname": userobj.firstname,
                         "lastname": userobj.lastname,
                         "groups": [],
                         "email": userobj.email,
                         "admin": userobj.admin,
                         "active": userobj.active,
                         "active_from_extern": userobj.active,
                         "extern_name": userobj.user_id,
                         "extern_type": userobj.extern_type,
                     }
                     log.debug('Authenticating user with args %s', user_attrs)
                     if userobj.active:
+                        # calling context repo for token scopes
+                        scope_repo_id = None
+                        if self.acl_repo_name:
+                            repo = Repository.get_by_repo_name(self.acl_repo_name)
+                            scope_repo_id = repo.repo_id if repo else None
                         token_match = userobj.authenticate_by_token(
-                            password, roles=[UserApiKeys.ROLE_VCS])
+                            password, roles=[UserApiKeys.ROLE_VCS],
+                            scope_repo_id=scope_repo_id)
                         if userobj.username == username and token_match:
                             log.info(
                                 'user `%s` successfully authenticated via %s',
                                 user_attrs['username'], self.name)
                             return user_attrs
                         log.error(
                             'user `%s` failed to authenticate via %s, reason: bad or '
                             'inactive token.', username, self.name)
                     else:
                         log.warning(
                             'user `%s` failed to authenticate via %s, reason: account not '
                             'active.', username, self.name)
                     return None

rhodecode/lib/base.py

0 +3 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             The base Controller API
             Provides the BaseController class for subclassing. And usage in different
             controllers
             """
             import logging
             import socket
             import ipaddress
             import pyramid.threadlocal
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
             from paste.httpheaders import WWW_AUTHENTICATE, AUTHORIZATION
             from pylons import config, tmpl_context as c, request, session, url
             from pylons.controllers import WSGIController
             from pylons.controllers.util import redirect
             from pylons.i18n import translation
             # marcink: don't remove this import
             from pylons.templating import render_mako as render  # noqa
             from pylons.i18n.translation import _
             from webob.exc import HTTPFound
             import rhodecode
             from rhodecode.authentication.base import VCS_TYPE
             from rhodecode.lib import auth, utils2
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import AuthUser, CookieStoreWrapper
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils import (
                 get_repo_slug, set_rhodecode_config, password_changed,
                 get_enabled_hook_classes)
             from rhodecode.lib.utils2 import (
                 str2bool, safe_unicode, AttributeDict, safe_int, md5, aslist)
             from rhodecode.lib.vcs.exceptions import RepositoryRequirementError
             from rhodecode.model import meta
             from rhodecode.model.db import Repository, User, ChangesetComment
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             log = logging.getLogger(__name__)
             def _filter_proxy(ip):
                 """
                 Passed in IP addresses in HEADERS can be in a special format of multiple
                 ips. Those comma separated IPs are passed from various proxies in the
                 chain of request processing. The left-most being the original client.
                 We only care about the first IP which came from the org. client.
                 :param ip: ip string from headers
                 """
                 if ',' in ip:
                     _ips = ip.split(',')
                     _first_ip = _ips[0].strip()
                     log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)
                     return _first_ip
                 return ip
             def _filter_port(ip):
                 """
                 Removes a port from ip, there are 4 main cases to handle here.
                 - ipv4 eg. 127.0.0.1
                 - ipv6 eg. ::1
                 - ipv4+port eg. 127.0.0.1:8080
                 - ipv6+port eg. [::1]:8080
                 :param ip:
                 """
                 def is_ipv6(ip_addr):
                     if hasattr(socket, 'inet_pton'):
                         try:
                             socket.inet_pton(socket.AF_INET6, ip_addr)
                         except socket.error:
                             return False
                     else:
                         # fallback to ipaddress
                         try:
                             ipaddress.IPv6Address(ip_addr)
                         except Exception:
                             return False
                     return True
                 if ':' not in ip:  # must be ipv4 pure ip
                     return ip
                 if '[' in ip and ']' in ip:  # ipv6 with port
                     return ip.split(']')[0][1:].lower()
                 # must be ipv6 or ipv4 with port
                 if is_ipv6(ip):
                     return ip
                 else:
                     ip, _port = ip.split(':')[:2]  # means ipv4+port
                     return ip
             def get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 _filters = lambda x: _filter_port(_filter_proxy(x))
                 ip = environ.get(proxy_key)
                 if ip:
                     return _filters(ip)
                 ip = environ.get(proxy_key2)
                 if ip:
                     return _filters(ip)
                 ip = environ.get(def_key, '0.0.0.0')
                 return _filters(ip)
             def get_server_ip_addr(environ, log_errors=True):
                 hostname = environ.get('SERVER_NAME')
                 try:
                     return socket.gethostbyname(hostname)
                 except Exception as e:
                     if log_errors:
                         # in some cases this lookup is not possible, and we don't want to
                         # make it an exception in logs
                         log.exception('Could not retrieve server ip address: %s', e)
                     return hostname
             def get_server_port(environ):
                 return environ.get('SERVER_PORT')
             def get_access_path(environ):
                 path = environ.get('PATH_INFO')
                 org_req = environ.get('pylons.original_request')
                 if org_req:
                     path = org_req.environ.get('PATH_INFO')
                 return path
             def vcs_operation_context(
                     environ, repo_name, username, action, scm, check_locking=True,
                     is_shadow_repo=False):
                 """
                 Generate the context for a vcs operation, e.g. push or pull.
                 This context is passed over the layers so that hooks triggered by the
                 vcs operation know details like the user, the user's IP address etc.
                 :param check_locking: Allows to switch of the computation of the locking
                     data. This serves mainly the need of the simplevcs middleware to be
                     able to disable this for certain operations.
                 """
                 # Tri-state value: False: unlock, None: nothing, True: lock
                 make_lock = None
                 locked_by = [None, None, None]
                 is_anonymous = username == User.DEFAULT_USER
                 if not is_anonymous and check_locking:
                     log.debug('Checking locking on repository "%s"', repo_name)
                     user = User.get_by_username(username)
                     repo = Repository.get_by_repo_name(repo_name)
                     make_lock, __, locked_by = repo.get_locking_state(
                         action, user.user_id)
                 settings_model = VcsSettingsModel(repo=repo_name)
                 ui_settings = settings_model.get_ui_settings()
                 extras = {
                     'ip': get_ip_addr(environ),
                     'username': username,
                     'action': action,
                     'repository': repo_name,
                     'scm': scm,
                     'config': rhodecode.CONFIG['__file__'],
                     'make_lock': make_lock,
                     'locked_by': locked_by,
                     'server_url': utils2.get_server_url(environ),
                     'hooks': get_enabled_hook_classes(ui_settings),
                     'is_shadow_repo': is_shadow_repo,
                 }
                 return extras
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, registry, auth_http_code=None,
-                             initial_call_detection=False):
+                             initial_call_detection=False, acl_repo_name=None):
                     self.realm = realm
                     self.initial_call = initial_call_detection
                     self.authfunc = authfunc
                     self.registry = registry
+                    self.acl_repo_name = acl_repo_name
                     self._rc_auth_http_code = auth_http_code
                 def _get_response_from_code(self, http_code):
                     try:
                         return get_exception(safe_int(http_code))
                     except Exception:
                         log.exception('Failed to fetch response for code %s' % http_code)
                         return HTTPForbidden
                 def build_authentication(self):
                     head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
                     if self._rc_auth_http_code and not self.initial_call:
                         # return alternative HTTP code if alternative http return code
                         # is specified in RhodeCode config, but ONLY if it's not the
                         # FIRST call
                         custom_response_klass = self._get_response_from_code(
                             self._rc_auth_http_code)
                         return custom_response_klass(headers=head)
                     return HTTPUnauthorized(headers=head)
                 def authenticate(self, environ):
                     authorization = AUTHORIZATION(environ)
                     if not authorization:
                         return self.build_authentication()
                     (authmeth, auth) = authorization.split(' ', 1)
                     if 'basic' != authmeth.lower():
                         return self.build_authentication()
                     auth = auth.strip().decode('base64')
                     _parts = auth.split(':', 1)
                     if len(_parts) == 2:
                         username, password = _parts
                         if self.authfunc(
                                 username, password, environ, VCS_TYPE,
-                                registry=self.registry):
+                                registry=self.registry, acl_repo_name=self.acl_repo_name):
                             return username
                         if username and password:
                             # we mark that we actually executed authentication once, at
                             # that point we can use the alternative auth code
                             self.initial_call = False
                     return self.build_authentication()
                 __call__ = authenticate
             def attach_context_attributes(context, request):
                 """
                 Attach variables into template context called `c`, please note that
                 request could be pylons or pyramid request in here.
                 """
                 rc_config = SettingsModel().get_all_settings(cache=True)
                 context.rhodecode_version = rhodecode.__version__
                 context.rhodecode_edition = config.get('rhodecode.edition')
                 # unique secret + version does not leak the version but keep consistency
                 context.rhodecode_version_hash = md5(
                     config.get('beaker.session.secret', '') +
                     rhodecode.__version__)[:8]
                 # Default language set for the incoming request
                 context.language = translation.get_lang()[0]
                 # Visual options
                 context.visual = AttributeDict({})
                 # DB stored Visual Items
                 context.visual.show_public_icon = str2bool(
                     rc_config.get('rhodecode_show_public_icon'))
                 context.visual.show_private_icon = str2bool(
                     rc_config.get('rhodecode_show_private_icon'))
                 context.visual.stylify_metatags = str2bool(
                     rc_config.get('rhodecode_stylify_metatags'))
                 context.visual.dashboard_items = safe_int(
                     rc_config.get('rhodecode_dashboard_items', 100))
                 context.visual.admin_grid_items = safe_int(
                     rc_config.get('rhodecode_admin_grid_items', 100))
                 context.visual.repository_fields = str2bool(
                     rc_config.get('rhodecode_repository_fields'))
                 context.visual.show_version = str2bool(
                     rc_config.get('rhodecode_show_version'))
                 context.visual.use_gravatar = str2bool(
                     rc_config.get('rhodecode_use_gravatar'))
                 context.visual.gravatar_url = rc_config.get('rhodecode_gravatar_url')
                 context.visual.default_renderer = rc_config.get(
                     'rhodecode_markup_renderer', 'rst')
                 context.visual.comment_types = ChangesetComment.COMMENT_TYPES
                 context.visual.rhodecode_support_url = \
                     rc_config.get('rhodecode_support_url') or url('rhodecode_support')
                 context.pre_code = rc_config.get('rhodecode_pre_code')
                 context.post_code = rc_config.get('rhodecode_post_code')
                 context.rhodecode_name = rc_config.get('rhodecode_title')
                 context.default_encodings = aslist(config.get('default_encoding'), sep=',')
                 # if we have specified default_encoding in the request, it has more
                 # priority
                 if request.GET.get('default_encoding'):
                     context.default_encodings.insert(0, request.GET.get('default_encoding'))
                 context.clone_uri_tmpl = rc_config.get('rhodecode_clone_uri_tmpl')
                 # INI stored
                 context.labs_active = str2bool(
                     config.get('labs_settings_active', 'false'))
                 context.visual.allow_repo_location_change = str2bool(
                     config.get('allow_repo_location_change', True))
                 context.visual.allow_custom_hooks_settings = str2bool(
                     config.get('allow_custom_hooks_settings', True))
                 context.debug_style = str2bool(config.get('debug_style', False))
                 context.rhodecode_instanceid = config.get('instance_id')
                 # AppEnlight
                 context.appenlight_enabled = str2bool(config.get('appenlight', 'false'))
                 context.appenlight_api_public_key = config.get(
                     'appenlight.api_public_key', '')
                 context.appenlight_server_url = config.get('appenlight.server_url', '')
                 # JS template context
                 context.template_context = {
                     'repo_name': None,
                     'repo_type': None,
                     'repo_landing_commit': None,
                     'rhodecode_user': {
                         'username': None,
                         'email': None,
                         'notification_status': False
                     },
                     'visual': {
                         'default_renderer': None
                     },
                     'commit_data': {
                         'commit_id': None
                     },
                     'pull_request_data': {'pull_request_id': None},
                     'timeago': {
                         'refresh_time': 120 * 1000,
                         'cutoff_limit': 1000 * 60 * 60 * 24 * 7
                     },
                     'pylons_dispatch': {
                         # 'controller': request.environ['pylons.routes_dict']['controller'],
                         # 'action': request.environ['pylons.routes_dict']['action'],
                     },
                     'pyramid_dispatch': {
                     },
                     'extra': {'plugins': {}}
                 }
                 # END CONFIG VARS
                 # TODO: This dosn't work when called from pylons compatibility tween.
                 # Fix this and remove it from base controller.
                 # context.repo_name = get_repo_slug(request)  # can be empty
                 diffmode = 'sideside'
                 if request.GET.get('diffmode'):
                     if request.GET['diffmode'] == 'unified':
                         diffmode = 'unified'
                 elif request.session.get('diffmode'):
                     diffmode = request.session['diffmode']
                 context.diffmode = diffmode
                 if request.session.get('diffmode') != diffmode:
                     request.session['diffmode'] = diffmode
                 context.csrf_token = auth.get_csrf_token()
                 context.backends = rhodecode.BACKENDS.keys()
                 context.backends.sort()
                 context.unread_notifications = NotificationModel().get_unread_cnt_for_user(
                     context.rhodecode_user.user_id)
                 context.pyramid_request = pyramid.threadlocal.get_current_request()
             def get_auth_user(environ):
                 ip_addr = get_ip_addr(environ)
                 # make sure that we update permissions each time we call controller
                 _auth_token = (request.GET.get('auth_token', '') or
                                request.GET.get('api_key', ''))
                 if _auth_token:
                     # when using API_KEY we assume user exists, and
                     # doesn't need auth based on cookies.
                     auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr)
                     authenticated = False
                 else:
                     cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                     try:
                         auth_user = AuthUser(user_id=cookie_store.get('user_id', None),
                                              ip_addr=ip_addr)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                         # container auth or other auth functions that create users
                         # on the fly can throw this exception signaling that there's
                         # issue with user creation, explanation should be provided
                         # in Exception itself. We then create a simple blank
                         # AuthUser
                         auth_user = AuthUser(ip_addr=ip_addr)
                     if password_changed(auth_user, session):
                         session.invalidate()
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         auth_user = AuthUser(ip_addr=ip_addr)
                     authenticated = cookie_store.get('is_authenticated')
                 if not auth_user.is_authenticated and auth_user.is_user_object:
                     # user is not authenticated and not empty
                     auth_user.set_authenticated(authenticated)
                 return auth_user
             class BaseController(WSGIController):
                 def __before__(self):
                     """
                     __before__ is called before controller methods and after __call__
                     """
                     # on each call propagate settings calls into global settings.
                     set_rhodecode_config(config)
                     attach_context_attributes(c, request)
                     # TODO: Remove this when fixed in attach_context_attributes()
                     c.repo_name = get_repo_slug(request)  # can be empty
                     self.cut_off_limit_diff = safe_int(config.get('cut_off_limit_diff'))
                     self.cut_off_limit_file = safe_int(config.get('cut_off_limit_file'))
                     self.sa = meta.Session
                     self.scm_model = ScmModel(self.sa)
                     # set user language
                     user_lang = getattr(c.pyramid_request, '_LOCALE_', None)
                     if user_lang:
                         translation.set_lang(user_lang)
                         log.debug('set language to %s for user %s',
                                   user_lang, self._rhodecode_user)
                 def _dispatch_redirect(self, with_url, environ, start_response):
                     resp = HTTPFound(with_url)
                     environ['SCRIPT_NAME'] = ''  # handle prefix middleware
                     environ['PATH_INFO'] = with_url
                     return resp(environ, start_response)
                 def __call__(self, environ, start_response):
                     """Invoke the Controller"""
                     # WSGIController.__call__ dispatches to the Controller method
                     # the request is routed to. This routing information is
                     # available in environ['pylons.routes_dict']
                     from rhodecode.lib import helpers as h
                     # Provide the Pylons context to Pyramid's debugtoolbar if it asks
                     if environ.get('debugtoolbar.wants_pylons_context', False):
                         environ['debugtoolbar.pylons_context'] = c._current_obj()
                     _route_name = '.'.join([environ['pylons.routes_dict']['controller'],
                                             environ['pylons.routes_dict']['action']])
                     self.rc_config = SettingsModel().get_all_settings(cache=True)
                     self.ip_addr = get_ip_addr(environ)
                     # The rhodecode auth user is looked up and passed through the
                     # environ by the pylons compatibility tween in pyramid.
                     # So we can just grab it from there.
                     auth_user = environ['rc_auth_user']
                     # set globals for auth user
                     request.user = auth_user
                     c.rhodecode_user = self._rhodecode_user = auth_user
                     log.info('IP: %s User: %s accessed %s [%s]' % (
                         self.ip_addr, auth_user, safe_unicode(get_access_path(environ)),
                         _route_name)
                     )
                     # TODO: Maybe this should be move to pyramid to cover all views.
                     # check user attributes for password change flag
                     user_obj = auth_user.get_instance()
                     if user_obj and user_obj.user_data.get('force_password_change'):
                         h.flash('You are required to change your password', 'warning',
                                 ignore_duplicate=True)
                         skip_user_check_urls = [
                             'error.document', 'login.logout', 'login.index',
                             'admin/my_account.my_account_password',
                             'admin/my_account.my_account_password_update'
                         ]
                         if _route_name not in skip_user_check_urls:
                             return self._dispatch_redirect(
                                 url('my_account_password'), environ, start_response)
                     return WSGIController.__call__(self, environ, start_response)
             class BaseRepoController(BaseController):
                 """
                 Base class for controllers responsible for loading all needed data for
                 repository loaded items are
                 c.rhodecode_repo: instance of scm repository
                 c.rhodecode_db_repo: instance of db
                 c.repository_requirements_missing: shows that repository specific data
                     could not be displayed due to the missing requirements
                 c.repository_pull_requests: show number of open pull requests
                 """
                 def __before__(self):
                     super(BaseRepoController, self).__before__()
                     if c.repo_name:  # extracted from routes
                         db_repo = Repository.get_by_repo_name(c.repo_name)
                         if not db_repo:
                             return
                         log.debug(
                             'Found repository in database %s with state `%s`',
                             safe_unicode(db_repo), safe_unicode(db_repo.repo_state))
                         route = getattr(request.environ.get('routes.route'), 'name', '')
                         # allow to delete repos that are somehow damages in filesystem
                         if route in ['delete_repo']:
                             return
                         if db_repo.repo_state in [Repository.STATE_PENDING]:
                             if route in ['repo_creating_home']:
                                 return
                             check_url = url('repo_creating_home', repo_name=c.repo_name)
                             return redirect(check_url)
                         self.rhodecode_db_repo = db_repo
                         missing_requirements = False
                         try:
                             self.rhodecode_repo = self.rhodecode_db_repo.scm_instance()
                         except RepositoryRequirementError as e:
                             missing_requirements = True
                             self._handle_missing_requirements(e)
                         if self.rhodecode_repo is None and not missing_requirements:
                             log.error('%s this repository is present in database but it '
                                       'cannot be created as an scm instance', c.repo_name)
                             h.flash(_(
                                 "The repository at %(repo_name)s cannot be located.") %
                                 {'repo_name': c.repo_name},
                                 category='error', ignore_duplicate=True)
                             redirect(url('home'))
                         # update last change according to VCS data
                         if not missing_requirements:
                             commit = db_repo.get_commit(
                                 pre_load=["author", "date", "message", "parents"])
                             db_repo.update_commit_cache(commit)
                         # Prepare context
                         c.rhodecode_db_repo = db_repo
                         c.rhodecode_repo = self.rhodecode_repo
                         c.repository_requirements_missing = missing_requirements
                         self._update_global_counters(self.scm_model, db_repo)
                 def _update_global_counters(self, scm_model, db_repo):
                     """
                     Base variables that are exposed to every page of repository
                     """
                     c.repository_pull_requests = scm_model.get_pull_requests(db_repo)
                 def _handle_missing_requirements(self, error):
                     self.rhodecode_repo = None
                     log.error(
                         'Requirements are missing for repository %s: %s',
                         c.repo_name, error.message)
                     summary_url = url('summary_home', repo_name=c.repo_name)
                     statistics_url = url('edit_repo_statistics', repo_name=c.repo_name)
                     settings_update_url = url('repo', repo_name=c.repo_name)
                     path = request.path
                     should_redirect = (
                         path not in (summary_url, settings_update_url)
                         and '/settings' not in path or path == statistics_url
                     )
                     if should_redirect:
                         redirect(summary_url)

rhodecode/lib/middleware/simplevcs.py

0 +4 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2014-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             SimpleVCS middleware for handling protocol request (push/clone etc.)
             It's implemented with basic auth function
             """
             import os
             import logging
             import importlib
             import re
             from functools import wraps
             from paste.httpheaders import REMOTE_USER, AUTH_TYPE
             from webob.exc import (
                 HTTPNotFound, HTTPForbidden, HTTPNotAcceptable, HTTPInternalServerError)
             import rhodecode
             from rhodecode.authentication.base import authenticate, VCS_TYPE
             from rhodecode.lib.auth import AuthUser, HasPermissionAnyMiddleware
             from rhodecode.lib.base import BasicAuth, get_ip_addr, vcs_operation_context
             from rhodecode.lib.exceptions import (
                 HTTPLockedRC, HTTPRequirementError, UserCreationError,
                 NotAllowedToCreateUserError)
             from rhodecode.lib.hooks_daemon import prepare_callback_daemon
             from rhodecode.lib.middleware import appenlight
             from rhodecode.lib.middleware.utils import scm_app_http
             from rhodecode.lib.utils import (
                 is_valid_repo, get_rhodecode_realm, get_rhodecode_base_path, SLUG_RE)
             from rhodecode.lib.utils2 import safe_str, fix_PATH, str2bool, safe_unicode
             from rhodecode.lib.vcs.conf import settings as vcs_settings
             from rhodecode.lib.vcs.backends import base
             from rhodecode.model import meta
             from rhodecode.model.db import User, Repository, PullRequest
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.pull_request import PullRequestModel
             log = logging.getLogger(__name__)
             def initialize_generator(factory):
                 """
                 Initializes the returned generator by draining its first element.
                 This can be used to give a generator an initializer, which is the code
                 up to the first yield statement. This decorator enforces that the first
                 produced element has the value ``"__init__"`` to make its special
                 purpose very explicit in the using code.
                 """
                 @wraps(factory)
                 def wrapper(*args, **kwargs):
                     gen = factory(*args, **kwargs)
                     try:
                         init = gen.next()
                     except StopIteration:
                         raise ValueError('Generator must yield at least one element.')
                     if init != "__init__":
                         raise ValueError('First yielded element must be "__init__".')
                     return gen
                 return wrapper
             class SimpleVCS(object):
                 """Common functionality for SCM HTTP handlers."""
                 SCM = 'unknown'
                 acl_repo_name = None
                 url_repo_name = None
                 vcs_repo_name = None
                 # We have to handle requests to shadow repositories different than requests
                 # to normal repositories. Therefore we have to distinguish them. To do this
                 # we use this regex which will match only on URLs pointing to shadow
                 # repositories.
                 shadow_repo_re = re.compile(
                     '(?P<groups>(?:{slug_pat}/)*)'  # repo groups
                     '(?P<target>{slug_pat})/'       # target repo
                     'pull-request/(?P<pr_id>\d+)/'  # pull request
                     'repository$'                   # shadow repo
                     .format(slug_pat=SLUG_RE.pattern))
                 def __init__(self, application, config, registry):
                     self.registry = registry
                     self.application = application
                     self.config = config
                     # re-populated by specialized middleware
                     self.repo_vcs_config = base.Config()
                     # base path of repo locations
                     self.basepath = get_rhodecode_base_path()
                     # authenticate this VCS request using authfunc
                     auth_ret_code_detection = \
                         str2bool(self.config.get('auth_ret_code_detection', False))
                     self.authenticate = BasicAuth(
                         '', authenticate, registry, config.get('auth_ret_code'),
                         auth_ret_code_detection)
                     self.ip_addr = '0.0.0.0'
                 def set_repo_names(self, environ):
                     """
                     This will populate the attributes acl_repo_name, url_repo_name,
                     vcs_repo_name and is_shadow_repo. In case of requests to normal (non
                     shadow) repositories all names are equal. In case of requests to a
                     shadow repository the acl-name points to the target repo of the pull
                     request and the vcs-name points to the shadow repo file system path.
                     The url-name is always the URL used by the vcs client program.
                     Example in case of a shadow repo:
                         acl_repo_name = RepoGroup/MyRepo
                         url_repo_name = RepoGroup/MyRepo/pull-request/3/repository
                         vcs_repo_name = /repo/base/path/RepoGroup/.__shadow_MyRepo_pr-3'
                     """
                     # First we set the repo name from URL for all attributes. This is the
                     # default if handling normal (non shadow) repo requests.
                     self.url_repo_name = self._get_repository_name(environ)
                     self.acl_repo_name = self.vcs_repo_name = self.url_repo_name
                     self.is_shadow_repo = False
                     # Check if this is a request to a shadow repository.
                     match = self.shadow_repo_re.match(self.url_repo_name)
                     if match:
                         match_dict = match.groupdict()
                         # Build acl repo name from regex match.
                         acl_repo_name = safe_unicode('{groups}{target}'.format(
                             groups=match_dict['groups'] or '',
                             target=match_dict['target']))
                         # Retrieve pull request instance by ID from regex match.
                         pull_request = PullRequest.get(match_dict['pr_id'])
                         # Only proceed if we got a pull request and if acl repo name from
                         # URL equals the target repo name of the pull request.
                         if pull_request and (acl_repo_name ==
                                              pull_request.target_repo.repo_name):
                             # Get file system path to shadow repository.
                             workspace_id = PullRequestModel()._workspace_id(pull_request)
                             target_vcs = pull_request.target_repo.scm_instance()
                             vcs_repo_name = target_vcs._get_shadow_repository_path(
                                 workspace_id)
                             # Store names for later usage.
                             self.vcs_repo_name = vcs_repo_name
                             self.acl_repo_name = acl_repo_name
                             self.is_shadow_repo = True
                     log.debug('Setting all VCS repository names: %s', {
                         'acl_repo_name': self.acl_repo_name,
                         'url_repo_name': self.url_repo_name,
                         'vcs_repo_name': self.vcs_repo_name,
                     })
                 @property
                 def scm_app(self):
                     custom_implementation = self.config['vcs.scm_app_implementation']
                     if custom_implementation == 'http':
                         log.info('Using HTTP implementation of scm app.')
                         scm_app_impl = scm_app_http
                     else:
                         log.info('Using custom implementation of scm_app: "{}"'.format(
                             custom_implementation))
                         scm_app_impl = importlib.import_module(custom_implementation)
                     return scm_app_impl
                 def _get_by_id(self, repo_name):
                     """
                     Gets a special pattern _<ID> from clone url and tries to replace it
                     with a repository_name for support of _<ID> non changeable urls
                     """
                     data = repo_name.split('/')
                     if len(data) >= 2:
                         from rhodecode.model.repo import RepoModel
                         by_id_match = RepoModel().get_repo_by_id(repo_name)
                         if by_id_match:
                             data[1] = by_id_match.repo_name
                     return safe_str('/'.join(data))
                 def _invalidate_cache(self, repo_name):
                     """
                     Set's cache for this repository for invalidation on next access
                     :param repo_name: full repo name, also a cache key
                     """
                     ScmModel().mark_for_invalidation(repo_name)
                 def is_valid_and_existing_repo(self, repo_name, base_path, scm_type):
                     db_repo = Repository.get_by_repo_name(repo_name)
                     if not db_repo:
                         log.debug('Repository `%s` not found inside the database.',
                                   repo_name)
                         return False
                     if db_repo.repo_type != scm_type:
                         log.warning(
                             'Repository `%s` have incorrect scm_type, expected %s got %s',
                             repo_name, db_repo.repo_type, scm_type)
                         return False
                     return is_valid_repo(repo_name, base_path, explicit_scm=scm_type)
                 def valid_and_active_user(self, user):
                     """
                     Checks if that user is not empty, and if it's actually object it checks
                     if he's active.
                     :param user: user object or None
                     :return: boolean
                     """
                     if user is None:
                         return False
                     elif user.active:
                         return True
                     return False
                 def _check_permission(self, action, user, repo_name, ip_addr=None):
                     """
                     Checks permissions using action (push/pull) user and repository
                     name
                     :param action: push or pull action
                     :param user: user instance
                     :param repo_name: repository name
                     """
                     # check IP
                     inherit = user.inherit_default_permissions
                     ip_allowed = AuthUser.check_ip_allowed(user.user_id, ip_addr,
                                                            inherit_from_default=inherit)
                     if ip_allowed:
                         log.info('Access for IP:%s allowed', ip_addr)
                     else:
                         return False
                     if action == 'push':
                         if not HasPermissionAnyMiddleware('repository.write',
                                                           'repository.admin')(user,
                                                                               repo_name):
                             return False
                     else:
                         # any other action need at least read permission
                         if not HasPermissionAnyMiddleware('repository.read',
                                                           'repository.write',
                                                           'repository.admin')(user,
                                                                               repo_name):
                             return False
                     return True
                 def _check_ssl(self, environ, start_response):
                     """
                     Checks the SSL check flag and returns False if SSL is not present
                     and required True otherwise
                     """
                     org_proto = environ['wsgi._org_proto']
                     # check if we have SSL required  ! if not it's a bad request !
                     require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl'))
                     if require_ssl and org_proto == 'http':
                         log.debug('proto is %s and SSL is required BAD REQUEST !',
                                   org_proto)
                         return False
                     return True
                 def __call__(self, environ, start_response):
                     try:
                         return self._handle_request(environ, start_response)
                     except Exception:
                         log.exception("Exception while handling request")
                         appenlight.track_exception(environ)
                         return HTTPInternalServerError()(environ, start_response)
                     finally:
                         meta.Session.remove()
                 def _handle_request(self, environ, start_response):
                     if not self._check_ssl(environ, start_response):
                         reason = ('SSL required, while RhodeCode was unable '
                                   'to detect this as SSL request')
                         log.debug('User not allowed to proceed, %s', reason)
                         return HTTPNotAcceptable(reason)(environ, start_response)
                     if not self.url_repo_name:
                         log.warning('Repository name is empty: %s', self.url_repo_name)
                         # failed to get repo name, we fail now
                         return HTTPNotFound()(environ, start_response)
                     log.debug('Extracted repo name is %s', self.url_repo_name)
                     ip_addr = get_ip_addr(environ)
                     username = None
                     # skip passing error to error controller
                     environ['pylons.status_code_redirect'] = True
                     # ======================================================================
                     # GET ACTION PULL or PUSH
                     # ======================================================================
                     action = self._get_action(environ)
                     # ======================================================================
                     # Check if this is a request to a shadow repository of a pull request.
                     # In this case only pull action is allowed.
                     # ======================================================================
                     if self.is_shadow_repo and action != 'pull':
                         reason = 'Only pull action is allowed for shadow repositories.'
                         log.debug('User not allowed to proceed, %s', reason)
                         return HTTPNotAcceptable(reason)(environ, start_response)
                     # ======================================================================
                     # CHECK ANONYMOUS PERMISSION
                     # ======================================================================
                     if action in ['pull', 'push']:
                         anonymous_user = User.get_default_user()
                         username = anonymous_user.username
                         if anonymous_user.active:
                             # ONLY check permissions if the user is activated
                             anonymous_perm = self._check_permission(
                                 action, anonymous_user, self.acl_repo_name, ip_addr)
                         else:
                             anonymous_perm = False
                         if not anonymous_user.active or not anonymous_perm:
                             if not anonymous_user.active:
                                 log.debug('Anonymous access is disabled, running '
                                           'authentication')
                             if not anonymous_perm:
                                 log.debug('Not enough credentials to access this '
                                           'repository as anonymous user')
                             username = None
                             # ==============================================================
                             # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                             # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                             # ==============================================================
                             # try to auth based on environ, container auth methods
                             log.debug('Running PRE-AUTH for container based authentication')
                             pre_auth = authenticate(
-                                '', '', environ, VCS_TYPE, registry=self.registry)
+                                '', '', environ, VCS_TYPE, registry=self.registry,
+                                acl_repo_name=self.acl_repo_name)
                             if pre_auth and pre_auth.get('username'):
                                 username = pre_auth['username']
                             log.debug('PRE-AUTH got %s as username', username)
                             # If not authenticated by the container, running basic auth
+                            # before inject the calling repo_name for special scope checks
+                            self.authenticate.acl_repo_name = self.acl_repo_name
                             if not username:
                                 self.authenticate.realm = get_rhodecode_realm()
                                 try:
                                     result = self.authenticate(environ)
                                 except (UserCreationError, NotAllowedToCreateUserError) as e:
                                     log.error(e)
                                     reason = safe_str(e)
                                     return HTTPNotAcceptable(reason)(environ, start_response)
                                 if isinstance(result, str):
                                     AUTH_TYPE.update(environ, 'basic')
                                     REMOTE_USER.update(environ, result)
                                     username = result
                                 else:
                                     return result.wsgi_application(environ, start_response)
                             # ==============================================================
                             # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
                             # ==============================================================
                             user = User.get_by_username(username)
                             if not self.valid_and_active_user(user):
                                 return HTTPForbidden()(environ, start_response)
                             username = user.username
                             user.update_lastactivity()
                             meta.Session().commit()
                             # check user attributes for password change flag
                             user_obj = user
                             if user_obj and user_obj.username != User.DEFAULT_USER and \
                                     user_obj.user_data.get('force_password_change'):
                                 reason = 'password change required'
                                 log.debug('User not allowed to authenticate, %s', reason)
                                 return HTTPNotAcceptable(reason)(environ, start_response)
                             # check permissions for this repository
                             perm = self._check_permission(
                                 action, user, self.acl_repo_name, ip_addr)
                             if not perm:
                                 return HTTPForbidden()(environ, start_response)
                     # extras are injected into UI object and later available
                     # in hooks executed by rhodecode
                     check_locking = _should_check_locking(environ.get('QUERY_STRING'))
                     extras = vcs_operation_context(
                         environ, repo_name=self.acl_repo_name, username=username,
                         action=action, scm=self.SCM, check_locking=check_locking,
                         is_shadow_repo=self.is_shadow_repo
                     )
                     # ======================================================================
                     # REQUEST HANDLING
                     # ======================================================================
                     repo_path = os.path.join(
                         safe_str(self.basepath), safe_str(self.vcs_repo_name))
                     log.debug('Repository path is %s', repo_path)
                     fix_PATH()
                     log.info(
                         '%s action on %s repo "%s" by "%s" from %s',
                         action, self.SCM, safe_str(self.url_repo_name),
                         safe_str(username), ip_addr)
                     return self._generate_vcs_response(
                         environ, start_response, repo_path, extras, action)
                 @initialize_generator
                 def _generate_vcs_response(
                         self, environ, start_response, repo_path, extras, action):
                     """
                     Returns a generator for the response content.
                     This method is implemented as a generator, so that it can trigger
                     the cache validation after all content sent back to the client. It
                     also handles the locking exceptions which will be triggered when
                     the first chunk is produced by the underlying WSGI application.
                     """
                     callback_daemon, extras = self._prepare_callback_daemon(extras)
                     config = self._create_config(extras, self.acl_repo_name)
                     log.debug('HOOKS extras is %s', extras)
                     app = self._create_wsgi_app(repo_path, self.url_repo_name, config)
                     try:
                         with callback_daemon:
                             try:
                                 response = app(environ, start_response)
                             finally:
                                 # This statement works together with the decorator
                                 # "initialize_generator" above. The decorator ensures that
                                 # we hit the first yield statement before the generator is
                                 # returned back to the WSGI server. This is needed to
                                 # ensure that the call to "app" above triggers the
                                 # needed callback to "start_response" before the
                                 # generator is actually used.
                                 yield "__init__"
                             for chunk in response:
                                 yield chunk
                     except Exception as exc:
                         # TODO: martinb: Exceptions are only raised in case of the Pyro4
                         # backend. Refactor this except block after dropping Pyro4 support.
                         # TODO: johbo: Improve "translating" back the exception.
                         if getattr(exc, '_vcs_kind', None) == 'repo_locked':
                             exc = HTTPLockedRC(*exc.args)
                             _code = rhodecode.CONFIG.get('lock_ret_code')
                             log.debug('Repository LOCKED ret code %s!', (_code,))
                         elif getattr(exc, '_vcs_kind', None) == 'requirement':
                             log.debug(
                                 'Repository requires features unknown to this Mercurial')
                             exc = HTTPRequirementError(*exc.args)
                         else:
                             raise
                         for chunk in exc(environ, start_response):
                             yield chunk
                     finally:
                         # invalidate cache on push
                         try:
                             if action == 'push':
                                 self._invalidate_cache(self.url_repo_name)
                         finally:
                             meta.Session.remove()
                 def _get_repository_name(self, environ):
                     """Get repository name out of the environmnent
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _get_action(self, environ):
                     """Map request commands into a pull or push command.
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _create_wsgi_app(self, repo_path, repo_name, config):
                     """Return the WSGI app that will finally handle the request."""
                     raise NotImplementedError()
                 def _create_config(self, extras, repo_name):
                     """Create a safe config representation."""
                     raise NotImplementedError()
                 def _prepare_callback_daemon(self, extras):
                     return prepare_callback_daemon(
                         extras, protocol=vcs_settings.HOOKS_PROTOCOL,
                         use_direct_calls=vcs_settings.HOOKS_DIRECT_CALLS)
             def _should_check_locking(query_string):
                 # this is kind of hacky, but due to how mercurial handles client-server
                 # server see all operation on commit; bookmarks, phases and
                 # obsolescence marker in different transaction, we don't want to check
                 # locking on those
                 return query_string not in ['cmd=listkeys']

rhodecode/model/db.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/conftest.py

0 +19 -9

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             py.test config for test suite for making push/pull operations.
             .. important::
                You must have git >= 1.8.5 for tests to work fine. With 68b939b git started
                to redirect things to stderr instead of stdout.
             """
             import ConfigParser
             import os
             import subprocess32
             import tempfile
             import textwrap
             import pytest
             import rhodecode
             from rhodecode.model.db import Repository
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import SettingsModel
             from rhodecode.tests import (
                 GIT_REPO, HG_REPO, TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,)
             from rhodecode.tests.fixture import Fixture
             from rhodecode.tests.utils import (
                 set_anonymous_access, is_url_reachable, wait_for_url)
             RC_LOG = os.path.join(tempfile.gettempdir(), 'rc.log')
             REPO_GROUP = 'a_repo_group'
             HG_REPO_WITH_GROUP = '%s/%s' % (REPO_GROUP, HG_REPO)
             GIT_REPO_WITH_GROUP = '%s/%s' % (REPO_GROUP, GIT_REPO)
             def assert_no_running_instance(url):
                 if is_url_reachable(url):
                     print("Hint: Usually this means another instance of Enterprise "
                           "is running in the background.")
                     pytest.fail(
                         "Port is not free at %s, cannot start web interface" % url)
             def get_host_url(pylons_config):
                 """Construct the host url using the port in the test configuration."""
                 config = ConfigParser.ConfigParser()
                 config.read(pylons_config)
                 return '127.0.0.1:%s' % config.get('server:main', 'port')
             class RcWebServer(object):
                 """
                 Represents a running RCE web server used as a test fixture.
                 """
                 def __init__(self, pylons_config):
                     self.pylons_config = pylons_config
                 def repo_clone_url(self, repo_name, **kwargs):
                     params = {
                         'user': TEST_USER_ADMIN_LOGIN,
                         'passwd': TEST_USER_ADMIN_PASS,
                         'host': get_host_url(self.pylons_config),
                         'cloned_repo': repo_name,
                     }
                     params.update(**kwargs)
                     _url = 'http://%(user)s:%(passwd)s@%(host)s/%(cloned_repo)s' % params
                     return _url
             @pytest.fixture(scope="module")
             def rcextensions(request, pylonsapp, tmpdir_factory):
                 """
                 Installs a testing rcextensions pack to ensure they work as expected.
                 """
                 init_content = textwrap.dedent("""
                     # Forward import the example rcextensions to make it
                     # active for our tests.
                     from rhodecode.tests.other.example_rcextensions import *
                 """)
                 # Note: rcextensions are looked up based on the path of the ini file
                 root_path = tmpdir_factory.getbasetemp()
                 rcextensions_path = root_path.join('rcextensions')
                 init_path = rcextensions_path.join('__init__.py')
                 if rcextensions_path.check():
                     pytest.fail(
                         "Path for rcextensions already exists, please clean up before "
                         "test run this path: %s" % (rcextensions_path, ))
                     return
                 request.addfinalizer(rcextensions_path.remove)
                 init_path.write_binary(init_content, ensure=True)
             @pytest.fixture(scope="module")
             def repos(request, pylonsapp):
                 """Create a copy of each test repo in a repo group."""
                 fixture = Fixture()
                 repo_group = fixture.create_repo_group(REPO_GROUP)
                 repo_group_id = repo_group.group_id
                 fixture.create_fork(HG_REPO, HG_REPO,
                                     repo_name_full=HG_REPO_WITH_GROUP,
                                     repo_group=repo_group_id)
                 fixture.create_fork(GIT_REPO, GIT_REPO,
                                     repo_name_full=GIT_REPO_WITH_GROUP,
                                     repo_group=repo_group_id)
                 @request.addfinalizer
                 def cleanup():
                     fixture.destroy_repo(HG_REPO_WITH_GROUP)
                     fixture.destroy_repo(GIT_REPO_WITH_GROUP)
                     fixture.destroy_repo_group(repo_group_id)
             @pytest.fixture(scope="module")
-            def rc_web_server_config(pylons_config):
+            def rc_web_server_config(testini_factory):
                 """
                 Configuration file used for the fixture `rc_web_server`.
                 """
-                return pylons_config
+                CUSTOM_PARAMS = [
+                    {'handler_console': {'level': 'DEBUG'}},
+                ]
+                return testini_factory(CUSTOM_PARAMS)
             @pytest.fixture(scope="module")
             def rc_web_server(
                     request, pylonsapp, rc_web_server_config, repos, rcextensions):
                 """
                 Run the web server as a subprocess.
                 Since we have already a running vcsserver, this is not spawned again.
                 """
                 env = os.environ.copy()
                 env['RC_NO_TMP_PATH'] = '1'
-                server_out = open(RC_LOG, 'w')
+                rc_log = RC_LOG
+                server_out = open(rc_log, 'w')
                 # TODO: Would be great to capture the output and err of the subprocess
                 # and make it available in a section of the py.test report in case of an
                 # error.
                 host_url = 'http://' + get_host_url(rc_web_server_config)
                 assert_no_running_instance(host_url)
-                command = ['rcserver', rc_web_server_config]
+                command = ['pserve', rc_web_server_config]
                 print('Starting rcserver: {}'.format(host_url))
                 print('Command: {}'.format(command))
-                print('Logfile: {}'.format(RC_LOG))
+                print('Logfile: {}'.format(rc_log))
                 proc = subprocess32.Popen(
                     command, bufsize=0, env=env, stdout=server_out, stderr=server_out)
                 wait_for_url(host_url, timeout=30)
                 @request.addfinalizer
                 def stop_web_server():
                     # TODO: Find out how to integrate with the reporting of py.test to
                     # make this information available.
-                    print "\nServer log file written to %s" % (RC_LOG, )
+                    print("\nServer log file written to %s" % (rc_log, ))
                     proc.kill()
+                    server_out.flush()
                     server_out.close()
                 return RcWebServer(rc_web_server_config)
             @pytest.fixture(scope='class', autouse=True)
             def disable_anonymous_user_access(pylonsapp):
                 set_anonymous_access(False)
             @pytest.fixture
             def disable_locking(pylonsapp):
                 r = Repository.get_by_repo_name(GIT_REPO)
                 Repository.unlock(r)
                 r.enable_locking = False
                 Session().add(r)
                 Session().commit()
                 r = Repository.get_by_repo_name(HG_REPO)
                 Repository.unlock(r)
                 r.enable_locking = False
                 Session().add(r)
                 Session().commit()
             @pytest.fixture
             def enable_auth_plugins(request, pylonsapp, csrf_token):
                 """
                 Return a factory object that when called, allows to control which
                 authentication plugins are enabled.
                 """
                 def _enable_plugins(plugins_list, override=None):
                     override = override or {}
                     params = {
                         'auth_plugins': ','.join(plugins_list),
-                        'csrf_token': csrf_token,
+                    # helper translate some names to others
+                    name_map = {
+                        'token': 'authtoken'
                     }
                     for module in plugins_list:
-                        plugin = rhodecode.authentication.base.loadplugin(module)
+                        plugin_name = module.partition('#')[-1]
-                        plugin_name = plugin.name
+                        if plugin_name in name_map:
+                            plugin_name = name_map[plugin_name]
                         enabled_plugin = 'auth_%s_enabled' % plugin_name
                         cache_ttl = 'auth_%s_cache_ttl' % plugin_name
                         # default params that are needed for each plugin,
                         # `enabled` and `cache_ttl`
                         params.update({
                             enabled_plugin: True,
                             cache_ttl: 0
                         })
                         if override.get:
                             params.update(override.get(module, {}))
                         validated_params = params
                         for k, v in validated_params.items():
                             setting = SettingsModel().create_or_update_setting(k, v)
                             Session().add(setting)
                         Session().commit()
                 def cleanup():
                     _enable_plugins(['egg:rhodecode-enterprise-ce#rhodecode'])
                 request.addfinalizer(cleanup)
                 return _enable_plugins
             @pytest.fixture
             def fs_repo_only(request, rhodecode_fixtures):
                 def fs_repo_fabric(repo_name, repo_type):
                     rhodecode_fixtures.create_repo(repo_name, repo_type=repo_type)
                     rhodecode_fixtures.destroy_repo(repo_name, fs_remove=False)
                     def cleanup():
                         rhodecode_fixtures.destroy_repo(repo_name, fs_remove=True)
                         rhodecode_fixtures.destroy_repo_on_filesystem(repo_name)
                     request.addfinalizer(cleanup)
                 return fs_repo_fabric

rhodecode/tests/other/vcs_operations/test_vcs_operations.py

0 +111 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Test suite for making push/pull operations, on specially modified INI files
             .. important::
                You must have git >= 1.8.5 for tests to work fine. With 68b939b git started
                to redirect things to stderr instead of stdout.
             """
             import os
             import time
             import pytest
             from rhodecode.lib.vcs.backends.git.repository import GitRepository
             from rhodecode.lib.vcs.nodes import FileNode
+            from rhodecode.model.auth_token import AuthTokenModel
             from rhodecode.model.db import Repository, UserIpMap, CacheKey
             from rhodecode.model.meta import Session
             from rhodecode.model.user import UserModel
             from rhodecode.tests import (GIT_REPO, HG_REPO, TEST_USER_ADMIN_LOGIN)
             from rhodecode.tests.other.vcs_operations import (
                 Command, _check_proper_clone, _check_proper_git_push, _add_files_and_push,
                 HG_REPO_WITH_GROUP, GIT_REPO_WITH_GROUP)
             @pytest.mark.usefixtures("disable_locking")
-            class TestVCSOperations:
+            class TestVCSOperations(object):
                 def test_clone_hg_repo_by_admin(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'hg')
                 def test_clone_git_repo_by_admin(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     cmd = Command('/tmp')
                     stdout, stderr = cmd.execute('git clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'git')
                     cmd.assert_returncode_success()
                 def test_clone_hg_repo_by_id_by_admin(self, rc_web_server, tmpdir):
                     repo_id = Repository.get_by_repo_name(HG_REPO).repo_id
                     clone_url = rc_web_server.repo_clone_url('_%s' % repo_id)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'hg')
                 def test_clone_git_repo_by_id_by_admin(self, rc_web_server, tmpdir):
                     repo_id = Repository.get_by_repo_name(GIT_REPO).repo_id
                     clone_url = rc_web_server.repo_clone_url('_%s' % repo_id)
                     cmd = Command('/tmp')
                     stdout, stderr = cmd.execute('git clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'git')
                     cmd.assert_returncode_success()
                 def test_clone_hg_repo_with_group_by_admin(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO_WITH_GROUP)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'hg')
                 def test_clone_git_repo_with_group_by_admin(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO_WITH_GROUP)
                     cmd = Command('/tmp')
                     stdout, stderr = cmd.execute('git clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'git')
                     cmd.assert_returncode_success()
                 def test_clone_git_repo_shallow_by_admin(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     cmd = Command('/tmp')
                     stdout, stderr = cmd.execute(
                         'git clone --depth=1', clone_url, tmpdir.strpath)
                     assert '' == stdout
                     assert 'Cloning into' in stderr
                     cmd.assert_returncode_success()
                 def test_clone_wrong_credentials_hg(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO, passwd='bad!')
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     assert 'abort: authorization failed' in stderr
                 def test_clone_wrong_credentials_git(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO, passwd='bad!')
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     assert 'fatal: Authentication failed' in stderr
                 def test_clone_git_dir_as_hg(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     assert 'HTTP Error 404: Not Found' in stderr
                 def test_clone_hg_repo_as_git(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     assert 'not found' in stderr
                 def test_clone_non_existing_path_hg(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url('trololo')
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     assert 'HTTP Error 404: Not Found' in stderr
                 def test_clone_non_existing_path_git(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url('trololo')
                     stdout, stderr = Command('/tmp').execute('git clone', clone_url)
                     assert 'not found' in stderr
                 def test_clone_existing_path_hg_not_in_database(
                         self, rc_web_server, tmpdir, fs_repo_only):
                     db_name = fs_repo_only('not-in-db-hg', repo_type='hg')
                     clone_url = rc_web_server.repo_clone_url(db_name)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     assert 'HTTP Error 404: Not Found' in stderr
                 def test_clone_existing_path_git_not_in_database(
                         self, rc_web_server, tmpdir, fs_repo_only):
                     db_name = fs_repo_only('not-in-db-git', repo_type='git')
                     clone_url = rc_web_server.repo_clone_url(db_name)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     assert 'not found' in stderr
                 def test_clone_existing_path_hg_not_in_database_different_scm(
                         self, rc_web_server, tmpdir, fs_repo_only):
                     db_name = fs_repo_only('not-in-db-git', repo_type='git')
                     clone_url = rc_web_server.repo_clone_url(db_name)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     assert 'HTTP Error 404: Not Found' in stderr
                 def test_clone_existing_path_git_not_in_database_different_scm(
                         self, rc_web_server, tmpdir, fs_repo_only):
                     db_name = fs_repo_only('not-in-db-hg', repo_type='hg')
                     clone_url = rc_web_server.repo_clone_url(db_name)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     assert 'not found' in stderr
                 def test_push_new_file_hg(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     stdout, stderr = _add_files_and_push(
                         'hg', tmpdir.strpath, clone_url=clone_url)
                     assert 'pushing to' in stdout
                     assert 'size summary' in stdout
                 def test_push_new_file_git(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     # commit some stuff into this repo
                     stdout, stderr = _add_files_and_push(
                         'git', tmpdir.strpath, clone_url=clone_url)
                     _check_proper_git_push(stdout, stderr)
                 def test_push_invalidates_cache_hg(self, rc_web_server, tmpdir):
                     key = CacheKey.query().filter(CacheKey.cache_key == HG_REPO).scalar()
                     if not key:
                         key = CacheKey(HG_REPO, HG_REPO)
                     key.cache_active = True
                     Session().add(key)
                     Session().commit()
                     clone_url = rc_web_server.repo_clone_url(HG_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     stdout, stderr = _add_files_and_push(
                         'hg', tmpdir.strpath, clone_url=clone_url, files_no=1)
                     key = CacheKey.query().filter(CacheKey.cache_key == HG_REPO).one()
                     assert key.cache_active is False
                 def test_push_invalidates_cache_git(self, rc_web_server, tmpdir):
                     key = CacheKey.query().filter(CacheKey.cache_key == GIT_REPO).scalar()
                     if not key:
                         key = CacheKey(GIT_REPO, GIT_REPO)
                     key.cache_active = True
                     Session().add(key)
                     Session().commit()
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     # commit some stuff into this repo
                     stdout, stderr = _add_files_and_push(
                         'git', tmpdir.strpath, clone_url=clone_url, files_no=1)
                     _check_proper_git_push(stdout, stderr)
                     key = CacheKey.query().filter(CacheKey.cache_key == GIT_REPO).one()
                     assert key.cache_active is False
                 def test_push_wrong_credentials_hg(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     push_url = rc_web_server.repo_clone_url(
                         HG_REPO, user='bad', passwd='name')
                     stdout, stderr = _add_files_and_push(
                         'hg', tmpdir.strpath, clone_url=push_url)
                     assert 'abort: authorization failed' in stderr
                 def test_push_wrong_credentials_git(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     push_url = rc_web_server.repo_clone_url(
                         GIT_REPO, user='bad', passwd='name')
                     stdout, stderr = _add_files_and_push(
                         'git', tmpdir.strpath, clone_url=push_url)
                     assert 'fatal: Authentication failed' in stderr
                 def test_push_back_to_wrong_url_hg(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(HG_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     stdout, stderr = _add_files_and_push(
                         'hg', tmpdir.strpath,
                         clone_url=rc_web_server.repo_clone_url('not-existing'))
                     assert 'HTTP Error 404: Not Found' in stderr
                 def test_push_back_to_wrong_url_git(self, rc_web_server, tmpdir):
                     clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                     stdout, stderr = Command('/tmp').execute(
                         'git clone', clone_url, tmpdir.strpath)
                     stdout, stderr = _add_files_and_push(
                         'git', tmpdir.strpath,
                         clone_url=rc_web_server.repo_clone_url('not-existing'))
                     assert 'not found' in stderr
                 def test_ip_restriction_hg(self, rc_web_server, tmpdir):
                     user_model = UserModel()
                     try:
                         user_model.add_extra_ip(TEST_USER_ADMIN_LOGIN, '10.10.10.10/32')
                         Session().commit()
                         time.sleep(2)
                         clone_url = rc_web_server.repo_clone_url(HG_REPO)
                         stdout, stderr = Command('/tmp').execute(
                             'hg clone', clone_url, tmpdir.strpath)
                         assert 'abort: HTTP Error 403: Forbidden' in stderr
                     finally:
                         # release IP restrictions
                         for ip in UserIpMap.getAll():
                             UserIpMap.delete(ip.ip_id)
                         Session().commit()
                     time.sleep(2)
                     stdout, stderr = Command('/tmp').execute(
                         'hg clone', clone_url, tmpdir.strpath)
                     _check_proper_clone(stdout, stderr, 'hg')
                 def test_ip_restriction_git(self, rc_web_server, tmpdir):
                     user_model = UserModel()
                     try:
                         user_model.add_extra_ip(TEST_USER_ADMIN_LOGIN, '10.10.10.10/32')
                         Session().commit()
                         time.sleep(2)
                         clone_url = rc_web_server.repo_clone_url(GIT_REPO)
                         stdout, stderr = Command('/tmp').execute(
                             'git clone', clone_url, tmpdir.strpath)
                         msg = "The requested URL returned error: 403"
                         assert msg in stderr
                     finally:
                         # release IP restrictions
                         for ip in UserIpMap.getAll():
                             UserIpMap.delete(ip.ip_id)
                         Session().commit()
                     time.sleep(2)
                     cmd = Command('/tmp')
                     stdout, stderr = cmd.execute('git clone', clone_url, tmpdir.strpath)
                     cmd.assert_returncode_success()
                     _check_proper_clone(stdout, stderr, 'git')
+                def test_clone_by_auth_token(
+                        self, rc_web_server, tmpdir, user_util, enable_auth_plugins):
+                    enable_auth_plugins(['egg:rhodecode-enterprise-ce#token',
+                                         'egg:rhodecode-enterprise-ce#rhodecode'])
+                    user = user_util.create_user()
+                    token = user.auth_tokens[1]
+                    clone_url = rc_web_server.repo_clone_url(
+                        HG_REPO, user=user.username, passwd=token)
+                    stdout, stderr = Command('/tmp').execute(
+                        'hg clone', clone_url, tmpdir.strpath)
+                    _check_proper_clone(stdout, stderr, 'hg')
+                def test_clone_by_auth_token_expired(
+                        self, rc_web_server, tmpdir, user_util, enable_auth_plugins):
+                    enable_auth_plugins(['egg:rhodecode-enterprise-ce#token',
+                                         'egg:rhodecode-enterprise-ce#rhodecode'])
+                    user = user_util.create_user()
+                    auth_token = AuthTokenModel().create(
+                        user.user_id, 'test-token', -10, AuthTokenModel.cls.ROLE_VCS)
+                    token = auth_token.api_key
+                    clone_url = rc_web_server.repo_clone_url(
+                        HG_REPO, user=user.username, passwd=token)
+                    stdout, stderr = Command('/tmp').execute(
+                        'hg clone', clone_url, tmpdir.strpath)
+                    assert 'abort: authorization failed' in stderr
+                def test_clone_by_auth_token_bad_role(
+                        self, rc_web_server, tmpdir, user_util, enable_auth_plugins):
+                    enable_auth_plugins(['egg:rhodecode-enterprise-ce#token',
+                                         'egg:rhodecode-enterprise-ce#rhodecode'])
+                    user = user_util.create_user()
+                    auth_token = AuthTokenModel().create(
+                        user.user_id, 'test-token', -1, AuthTokenModel.cls.ROLE_API)
+                    token = auth_token.api_key
+                    clone_url = rc_web_server.repo_clone_url(
+                        HG_REPO, user=user.username, passwd=token)
+                    stdout, stderr = Command('/tmp').execute(
+                        'hg clone', clone_url, tmpdir.strpath)
+                    assert 'abort: authorization failed' in stderr
+                def test_clone_by_auth_token_user_disabled(
+                        self, rc_web_server, tmpdir, user_util, enable_auth_plugins):
+                    enable_auth_plugins(['egg:rhodecode-enterprise-ce#token',
+                                         'egg:rhodecode-enterprise-ce#rhodecode'])
+                    user = user_util.create_user()
+                    user.active = False
+                    Session().add(user)
+                    Session().commit()
+                    token = user.auth_tokens[1]
+                    clone_url = rc_web_server.repo_clone_url(
+                        HG_REPO, user=user.username, passwd=token)
+                    stdout, stderr = Command('/tmp').execute(
+                        'hg clone', clone_url, tmpdir.strpath)
+                    assert 'abort: authorization failed' in stderr
+                def test_clone_by_auth_token_with_scope(
+                        self, rc_web_server, tmpdir, user_util, enable_auth_plugins):
+                    enable_auth_plugins(['egg:rhodecode-enterprise-ce#token',
+                                         'egg:rhodecode-enterprise-ce#rhodecode'])
+                    user = user_util.create_user()
+                    auth_token = AuthTokenModel().create(
+                        user.user_id, 'test-token', -1, AuthTokenModel.cls.ROLE_VCS)
+                    token = auth_token.api_key
+                    # manually set scope
+                    auth_token.repo = Repository.get_by_repo_name(HG_REPO)
+                    Session().add(auth_token)
+                    Session().commit()
+                    clone_url = rc_web_server.repo_clone_url(
+                        HG_REPO, user=user.username, passwd=token)
+                    stdout, stderr = Command('/tmp').execute(
+                        'hg clone', clone_url, tmpdir.strpath)
+                    _check_proper_clone(stdout, stderr, 'hg')
+                def test_clone_by_auth_token_with_wrong_scope(
+                        self, rc_web_server, tmpdir, user_util, enable_auth_plugins):
+                    enable_auth_plugins(['egg:rhodecode-enterprise-ce#token',
+                                         'egg:rhodecode-enterprise-ce#rhodecode'])
+                    user = user_util.create_user()
+                    auth_token = AuthTokenModel().create(
+                        user.user_id, 'test-token', -1, AuthTokenModel.cls.ROLE_VCS)
+                    token = auth_token.api_key
+                    # manually set scope
+                    auth_token.repo = Repository.get_by_repo_name(GIT_REPO)
+                    Session().add(auth_token)
+                    Session().commit()
+                    clone_url = rc_web_server.repo_clone_url(
+                        HG_REPO, user=user.username, passwd=token)
+                    stdout, stderr = Command('/tmp').execute(
+                        'hg clone', clone_url, tmpdir.strpath)
+                    assert 'abort: authorization failed' in stderr
             def test_git_sets_default_branch_if_not_master(
                     backend_git, tmpdir, disable_locking, rc_web_server):
                 empty_repo = backend_git.create_repo()
                 clone_url = rc_web_server.repo_clone_url(empty_repo.repo_name)
                 cmd = Command(tmpdir.strpath)
                 cmd.execute('git clone', clone_url)
                 repo = GitRepository(os.path.join(tmpdir.strpath, empty_repo.repo_name))
                 repo.in_memory_commit.add(FileNode('file', content=''))
                 repo.in_memory_commit.commit(
                     message='Commit on branch test',
                     author='Automatic test',
                     branch='test')
                 repo_cmd = Command(repo.path)
                 stdout, stderr = repo_cmd.execute('git push --verbose origin test')
                 _check_proper_git_push(
                     stdout, stderr, branch='test', should_set_default_branch=True)
                 stdout, stderr = cmd.execute(
                     'git clone', clone_url, empty_repo.repo_name + '-clone')
                 _check_proper_clone(stdout, stderr, 'git')
                 # Doing an explicit commit in order to get latest user logs on MySQL
                 Session().commit()
             def test_git_fetches_from_remote_repository_with_annotated_tags(
                     backend_git, disable_locking, rc_web_server):
                 # Note: This is a test specific to the git backend. It checks the
                 # integration of fetching from a remote repository which contains
                 # annotated tags.
                 # Dulwich shows this specific behavior only when
                 # operating against a remote repository.
                 source_repo = backend_git['annotated-tag']
                 target_vcs_repo = backend_git.create_repo().scm_instance()
                 target_vcs_repo.fetch(rc_web_server.repo_clone_url(source_repo.repo_name))

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages