Show More
| @@ -82,7 +82,7 b' class AdminSettingsView(BaseAppView):' | |||
|
|
82 | 82 | if k == '/': |
|
|
83 | 83 | k = 'root_path' |
|
|
84 | 84 | |
|
|
85 |
if k in [ |
|
|
|
85 | if k in ['publish', 'enabled']: | |
|
|
86 | 86 | v = str2bool(v) |
|
|
87 | 87 | |
|
|
88 | 88 | if k.find('.') != -1: |
| @@ -164,7 +164,6 b' class AdminSettingsView(BaseAppView):' | |||
|
|
164 | 164 | return Response(html) |
|
|
165 | 165 | |
|
|
166 | 166 | try: |
|
|
167 | model.update_global_ssl_setting(form_result['web_push_ssl']) | |
|
|
168 | 167 | model.update_global_hook_settings(form_result) |
|
|
169 | 168 | |
|
|
170 | 169 | model.create_or_update_global_svn_settings(form_result) |
| @@ -50,7 +50,7 b' from rhodecode.lib.utils2 import Attribu' | |||
|
|
50 | 50 | from rhodecode.lib.exc_tracking import store_exception, format_exc |
|
|
51 | 51 | from rhodecode.subscribers import ( |
|
|
52 | 52 | scan_repositories_if_enabled, write_js_routes_if_enabled, |
|
|
53 | write_metadata_if_needed, write_usage_data) | |
|
|
53 | write_metadata_if_needed, write_usage_data, import_license_if_present) | |
|
|
54 | 54 | from rhodecode.lib.statsd_client import StatsdClient |
|
|
55 | 55 | |
|
|
56 | 56 | log = logging.getLogger(__name__) |
| @@ -400,7 +400,8 b' def includeme(config, auth_resources=Non' | |||
|
|
400 | 400 | pyramid.events.ApplicationCreated) |
|
|
401 | 401 | config.add_subscriber(write_js_routes_if_enabled, |
|
|
402 | 402 | pyramid.events.ApplicationCreated) |
|
|
403 | ||
|
|
403 | config.add_subscriber(import_license_if_present, | |
|
|
404 | pyramid.events.ApplicationCreated) | |
|
|
404 | 405 | |
|
|
405 | 406 | # Set the default renderer for HTML templates to mako. |
|
|
406 | 407 | config.add_mako_renderer('.html') |
| @@ -570,7 +570,6 b' class DbManage(object):' | |||
|
|
570 | 570 | self.create_ui_settings(path) |
|
|
571 | 571 | |
|
|
572 | 572 | ui_config = [ |
|
|
573 | ('web', 'push_ssl', 'False'), | |
|
|
574 | 573 | ('web', 'allow_archive', 'gz zip bz2'), |
|
|
575 | 574 | ('web', 'allow_push', '*'), |
|
|
576 | 575 | ('web', 'baseurl', '/'), |
| @@ -339,21 +339,6 b' class SimpleVCS(object):' | |||
|
|
339 | 339 | log.exception('Failed to read http scheme') |
|
|
340 | 340 | return 'http' |
|
|
341 | 341 | |
|
|
342 | def _check_ssl(self, environ, start_response): | |
|
|
343 | """ | |
|
|
344 | Checks the SSL check flag and returns False if SSL is not present | |
|
|
345 | and required True otherwise | |
|
|
346 | """ | |
|
|
347 | org_proto = environ['wsgi._org_proto'] | |
|
|
348 | # check if we have SSL required ! if not it's a bad request ! | |
|
|
349 | require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl')) | |
|
|
350 | if require_ssl and org_proto == 'http': | |
|
|
351 | log.debug( | |
|
|
352 | 'Bad request: detected protocol is `%s` and ' | |
|
|
353 | 'SSL/HTTPS is required.', org_proto) | |
|
|
354 | return False | |
|
|
355 | return True | |
|
|
356 | ||
|
|
357 | 342 | def _get_default_cache_ttl(self): |
|
|
358 | 343 | # take AUTH_CACHE_TTL from the `rhodecode` auth plugin |
|
|
359 | 344 | plugin = loadplugin('egg:rhodecode-enterprise-ce#rhodecode') |
| @@ -373,12 +358,6 b' class SimpleVCS(object):' | |||
|
|
373 | 358 | meta.Session.remove() |
|
|
374 | 359 | |
|
|
375 | 360 | def _handle_request(self, environ, start_response): |
|
|
376 | if not self._check_ssl(environ, start_response): | |
|
|
377 | reason = ('SSL required, while RhodeCode was unable ' | |
|
|
378 | 'to detect this as SSL request') | |
|
|
379 | log.debug('User not allowed to proceed, %s', reason) | |
|
|
380 | return HTTPNotAcceptable(reason)(environ, start_response) | |
|
|
381 | ||
|
|
382 | 361 | if not self.url_repo_name: |
|
|
383 | 362 | log.warning('Repository name is empty: %s', self.url_repo_name) |
|
|
384 | 363 | # failed to get repo name, we fail now |
| @@ -386,8 +386,7 b' def config_data_from_db(clear_session=Tr' | |||
|
|
386 | 386 | safe_str(setting.section), safe_str(setting.key), |
|
|
387 | 387 | safe_str(setting.value))) |
|
|
388 | 388 | if setting.key == 'push_ssl': |
|
|
389 |
# force set push_ssl requirement to False |
|
|
|
390 | # handles that | |
|
|
389 | # force set push_ssl requirement to False this is deprecated, and we must force it to False | |
|
|
391 | 390 | config.append(( |
|
|
392 | 391 | safe_str(setting.section), safe_str(setting.key), False)) |
|
|
393 | 392 | log.debug( |
| @@ -468,7 +468,6 b' def ApplicationUiSettingsForm(localizer)' | |||
|
|
468 | 468 | _ = localizer |
|
|
469 | 469 | |
|
|
470 | 470 | class _ApplicationUiSettingsForm(_BaseVcsSettingsForm): |
|
|
471 | web_push_ssl = v.StringBoolean(if_missing=False) | |
|
|
472 | 471 | largefiles_usercache = All( |
|
|
473 | 472 | v.ValidPath(localizer), |
|
|
474 | 473 | v.UnicodeString(strip=True, min=2, not_empty=True)) |
| @@ -501,7 +501,6 b' class VcsSettingsModel(object):' | |||
|
|
501 | 501 | |
|
|
502 | 502 | SVN_BRANCH_SECTION = 'vcs_svn_branch' |
|
|
503 | 503 | SVN_TAG_SECTION = 'vcs_svn_tag' |
|
|
504 | SSL_SETTING = ('web', 'push_ssl') | |
|
|
505 | 504 | PATH_SETTING = ('paths', '/') |
|
|
506 | 505 | |
|
|
507 | 506 | def __init__(self, sa=None, repo=None): |
| @@ -713,10 +712,6 b' class VcsSettingsModel(object):' | |||
|
|
713 | 712 | # branch/tags patterns |
|
|
714 | 713 | self._create_svn_settings(self.global_settings, data) |
|
|
715 | 714 | |
|
|
716 | def update_global_ssl_setting(self, value): | |
|
|
717 | self._create_or_update_ui( | |
|
|
718 | self.global_settings, *self.SSL_SETTING, value=value) | |
|
|
719 | ||
|
|
720 | 715 | @assert_repo_settings |
|
|
721 | 716 | def delete_repo_svn_pattern(self, id_): |
|
|
722 | 717 | ui = self.repo_settings.UiDbModel.get(id_) |
| @@ -5,22 +5,7 b'' | |||
|
|
5 | 5 | |
|
|
6 | 6 | <%def name="vcs_settings_fields(suffix='', svn_branch_patterns=None, svn_tag_patterns=None, repo_type=None, display_globals=False, **kwargs)"> |
|
|
7 | 7 | % if display_globals: |
|
|
8 | <div class="panel panel-default"> | |
|
|
9 | <div class="panel-heading" id="general"> | |
|
|
10 | <h3 class="panel-title">${_('General')}<a class="permalink" href="#general"> ¶</a></h3> | |
|
|
11 | </div> | |
|
|
12 | <div class="panel-body"> | |
|
|
13 | <div class="field"> | |
|
|
14 | <div class="checkbox"> | |
|
|
15 | ${h.checkbox('web_push_ssl' + suffix, 'True')} | |
|
|
16 | <label for="web_push_ssl${suffix}">${_('Require SSL for vcs operations')}</label> | |
|
|
17 | </div> | |
|
|
18 | <div class="label"> | |
|
|
19 | <span class="help-block">${_('Activate to set RhodeCode to require SSL for pushing or pulling. If SSL certificate is missing it will return a HTTP Error 406: Not Acceptable.')}</span> | |
|
|
20 | </div> | |
|
|
21 | </div> | |
|
|
22 | </div> | |
|
|
23 | </div> | |
|
|
8 | ||
|
|
24 | 9 |
|
|
|
25 | 10 | |
|
|
26 | 11 | % if display_globals or repo_type in ['git', 'hg']: |
| @@ -120,7 +120,6 b' def test_get_config(user_util, baseapp, ' | |||
|
|
120 | 120 | |
|
|
121 | 121 | expected_config = [ |
|
|
122 | 122 | ('vcs_svn_tag', 'ff89f8c714d135d865f44b90e5413b88de19a55f', '/tags/*'), |
|
|
123 | ('web', 'push_ssl', 'False'), | |
|
|
124 | 123 | ('web', 'allow_push', '*'), |
|
|
125 | 124 | ('web', 'allow_archive', 'gz zip bz2'), |
|
|
126 | 125 | ('web', 'baseurl', '/'), |
| @@ -239,7 +239,6 b' class TestShadowRepoExposure(object):' | |||
|
|
239 | 239 | """ |
|
|
240 | 240 | controller = StubVCSController( |
|
|
241 | 241 | baseapp.config.get_settings(), request_stub.registry) |
|
|
242 | controller._check_ssl = mock.Mock() | |
|
|
243 | 242 | controller.is_shadow_repo = True |
|
|
244 | 243 | controller._action = 'pull' |
|
|
245 | 244 | controller._is_shadow_repo_dir = True |
| @@ -267,7 +266,6 b' class TestShadowRepoExposure(object):' | |||
|
|
267 | 266 | """ |
|
|
268 | 267 | controller = StubVCSController( |
|
|
269 | 268 | baseapp.config.get_settings(), request_stub.registry) |
|
|
270 | controller._check_ssl = mock.Mock() | |
|
|
271 | 269 | controller.is_shadow_repo = True |
|
|
272 | 270 | controller._action = 'pull' |
|
|
273 | 271 | controller._is_shadow_repo_dir = False |
| @@ -291,7 +289,6 b' class TestShadowRepoExposure(object):' | |||
|
|
291 | 289 | """ |
|
|
292 | 290 | controller = StubVCSController( |
|
|
293 | 291 | baseapp.config.get_settings(), request_stub.registry) |
|
|
294 | controller._check_ssl = mock.Mock() | |
|
|
295 | 292 | controller.is_shadow_repo = True |
|
|
296 | 293 | controller._action = 'push' |
|
|
297 | 294 | controller.stub_response_body = (b'dummy body value',) |
| @@ -578,17 +578,6 b' class TestCreateOrUpdateRepoHgSettings(o' | |||
|
|
578 | 578 | assert str(exc_info.value) == 'Repository is not specified' |
|
|
579 | 579 | |
|
|
580 | 580 | |
|
|
581 | class TestUpdateGlobalSslSetting(object): | |
|
|
582 | def test_updates_global_hg_settings(self): | |
|
|
583 | model = VcsSettingsModel() | |
|
|
584 | with mock.patch.object(model, '_create_or_update_ui') as create_mock: | |
|
|
585 | model.update_global_ssl_setting('False') | |
|
|
586 | Session().commit() | |
|
|
587 | ||
|
|
588 | create_mock.assert_called_once_with( | |
|
|
589 | model.global_settings, 'web', 'push_ssl', value='False') | |
|
|
590 | ||
|
|
591 | ||
|
|
592 | 581 | class TestCreateOrUpdateGlobalHgSettings(object): |
|
|
593 | 582 | FORM_DATA = { |
|
|
594 | 583 | 'extensions_largefiles': False, |
General Comments 0
You need to be logged in to leave comments.
Login now