rhodecode-enterprise-ce Commit - r2951:93db3089

auth-tokens: abstracted adding token for users into UserModel method for easier usage in scripts, and in future in API.

marcink -

r2951:93db3089 default

parent child

rhodecode/apps/admin/views/users.py

0 +4 -3

                      description = self.request.POST.get('description')
                      role = self.request.POST.get('role')
-                     token = AuthTokenModel().create(
-                         c.user.user_id, description, lifetime, role)
+                     token = UserModel().add_auth_token(
+                         user=c.user.user_id,
+                         lifetime_minutes=lifetime, role=role, description=description,
+                         scope_callback=self.maybe_attach_token_scope)
                      token_data = token.get_api_data()
-                     self.maybe_attach_token_scope(token)
                      audit_logger.store_web(
                          'user.edit.token.add', action_data={
                              'data': {'token': token_data, 'user': user_data}},

rhodecode/apps/login/views.py

0 +7 -6

                              # Generate reset URL and send mail.
                              user = User.get_by_email(user_email)
-                             # generate password reset token that expires in 10minutes
-                             desc = 'Generated token for password reset from {}'.format(
+                             # generate password reset token that expires in 10 minutes
+                             description = u'Generated token for password reset from {}'.format(
                                  datetime.datetime.now().isoformat())
-                             reset_token = AuthTokenModel().create(
-                                 user, lifetime=10,
-                                 description=desc,
-                                 role=UserApiKeys.ROLE_PASSWORD_RESET)
+                             reset_token = UserModel().add_auth_token(
+                                 user=user, lifetime_minutes=10,
+                                 role=UserModel.auth_token_role.ROLE_PASSWORD_RESET,
+                                 description=description)
                              Session().commit()
                              log.debug('Successfully created password recovery token')

rhodecode/apps/my_account/views/my_account.py

0 +4 -3

                      description = self.request.POST.get('description')
                      role = self.request.POST.get('role')
-                     token = AuthTokenModel().create(
-                         c.user.user_id, description, lifetime, role)
+                     token = UserModel().add_auth_token(
+                         user=c.user.user_id,
+                         lifetime_minutes=lifetime, role=role, description=description,
+                         scope_callback=self.maybe_attach_token_scope)
                      token_data = token.get_api_data()
-                     self.maybe_attach_token_scope(token)
                      audit_logger.store_web(
                          'user.edit.token.add', action_data={
                              'data': {'token': token_data, 'user': 'self'}},

rhodecode/lib/db_manage.py

0 +7 -6

                  def create_user(self, username, password, email='', admin=False,
                                  strict_creation_check=True, api_key=None):
-                     log.info('creating user %s' % username)
+                     log.info('creating user `%s`' % username)
                      user = UserModel().create_or_update(
                          username, password, email, firstname=u'RhodeCode', lastname=u'Admin',
                          active=True, admin=admin, extern_type="rhodecode",
                          strict_creation_check=strict_creation_check)
                      if api_key:
-                         log.info('setting a provided api key for the user %s', username)
-                         from rhodecode.model.auth_token import AuthTokenModel
-                         AuthTokenModel().create(
-                             user=user, description=u'BUILTIN TOKEN')
+                         log.info('setting a new default auth token for user `%s`', username)
+                         UserModel().add_auth_token(
+                             user=user, lifetime_minutes=-1,
+                             role=UserModel.auth_token_role.ROLE_ALL,
+                             description=u'BUILTIN TOKEN')
                  def create_default_user(self):
                      log.info('creating default user')
                                                          firstname=u'Anonymous',
                                                          lastname=u'User',
                                                          strict_creation_check=False)
-                     # based on configuration options activate/deactive this user which
+                     # based on configuration options activate/de-activate this user which
                      # controlls anonymous access
                      if self.cli_args.get('public_access') is False:
                          log.info('Public access disabled')

rhodecode/model/user.py

0 +25 -3

                          if not edit:
                              # add the RSS token
-                             AuthTokenModel().create(username,
-                                                     description=u'Generated feed token',
-                                                     role=AuthTokenModel.cls.ROLE_FEED)
+                             self.add_auth_token(
+                                 user=username, lifetime_minutes=-1,
+                                 role=self.auth_token_role.ROLE_FEED,
+                                 description=u'Generated feed token')
                              kwargs = new_user.get_dict()
                              # backward compat, require api_keys present
                              kwargs['api_keys'] = kwargs['auth_tokens']
                      self.sa.add(obj)
                      return obj
+                 auth_token_role = AuthTokenModel.cls
+                 def add_auth_token(self, user, lifetime_minutes, role, description=u'',
+                                    scope_callback=None):
+                     """
+                     Add AuthToken for user.
+                     :param user: username/user_id
+                     :param lifetime_minutes: in minutes the lifetime for token, -1 equals no limit
+                     :param role: one of AuthTokenModel.cls.ROLE_*
+                     :param description: optional string description
+                     """
+                     token = AuthTokenModel().create(
+                         user, description, lifetime_minutes, role)
+                     if scope_callback and callable(scope_callback):
+                         # call the callback if we provide, used to attach scope for EE edition
+                         scope_callback(token)
+                     return token
                  def delete_extra_ip(self, user, ip_id):
                      """
                      Removes ip address from UserIpMap

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages