Show More
| @@ -734,11 +734,12 b' class UsersView(UserAppView):' | |||
|
|
734 | 734 | description = self.request.POST.get('description') |
|
|
735 | 735 | role = self.request.POST.get('role') |
|
|
736 | 736 | |
|
|
737 |
token = |
|
|
|
738 |
c.user.user_id, |
|
|
|
737 | token = UserModel().add_auth_token( | |
|
|
738 | user=c.user.user_id, | |
|
|
739 | lifetime_minutes=lifetime, role=role, description=description, | |
|
|
740 | scope_callback=self.maybe_attach_token_scope) | |
|
|
739 | 741 | token_data = token.get_api_data() |
|
|
740 | 742 | |
|
|
741 | self.maybe_attach_token_scope(token) | |
|
|
742 | 743 | audit_logger.store_web( |
|
|
743 | 744 | 'user.edit.token.add', action_data={ |
|
|
744 | 745 | 'data': {'token': token_data, 'user': user_data}}, |
| @@ -380,12 +380,13 b' class LoginView(BaseAppView):' | |||
|
|
380 | 380 | user = User.get_by_email(user_email) |
|
|
381 | 381 | |
|
|
382 | 382 | # generate password reset token that expires in 10minutes |
|
|
383 | desc = 'Generated token for password reset from {}'.format( | |
|
|
383 | description = u'Generated token for password reset from {}'.format( | |
|
|
384 | 384 | datetime.datetime.now().isoformat()) |
|
|
385 | reset_token = AuthTokenModel().create( | |
|
|
386 | user, lifetime=10, | |
|
|
387 | description=desc, | |
|
|
388 |
role=User |
|
|
|
385 | ||
|
|
386 | reset_token = UserModel().add_auth_token( | |
|
|
387 | user=user, lifetime_minutes=10, | |
|
|
388 | role=UserModel.auth_token_role.ROLE_PASSWORD_RESET, | |
|
|
389 | description=description) | |
|
|
389 | 390 | Session().commit() |
|
|
390 | 391 | |
|
|
391 | 392 | log.debug('Successfully created password recovery token') |
| @@ -180,11 +180,12 b' class MyAccountView(BaseAppView, DataGri' | |||
|
|
180 | 180 | description = self.request.POST.get('description') |
|
|
181 | 181 | role = self.request.POST.get('role') |
|
|
182 | 182 | |
|
|
183 |
token = |
|
|
|
184 |
c.user.user_id, |
|
|
|
183 | token = UserModel().add_auth_token( | |
|
|
184 | user=c.user.user_id, | |
|
|
185 | lifetime_minutes=lifetime, role=role, description=description, | |
|
|
186 | scope_callback=self.maybe_attach_token_scope) | |
|
|
185 | 187 | token_data = token.get_api_data() |
|
|
186 | 188 | |
|
|
187 | self.maybe_attach_token_scope(token) | |
|
|
188 | 189 | audit_logger.store_web( |
|
|
189 | 190 | 'user.edit.token.add', action_data={ |
|
|
190 | 191 | 'data': {'token': token_data, 'user': 'self'}}, |
| @@ -573,17 +573,18 b' class DbManage(object):' | |||
|
|
573 | 573 | |
|
|
574 | 574 | def create_user(self, username, password, email='', admin=False, |
|
|
575 | 575 | strict_creation_check=True, api_key=None): |
|
|
576 | log.info('creating user %s' % username) | |
|
|
576 | log.info('creating user `%s`' % username) | |
|
|
577 | 577 | user = UserModel().create_or_update( |
|
|
578 | 578 | username, password, email, firstname=u'RhodeCode', lastname=u'Admin', |
|
|
579 | 579 | active=True, admin=admin, extern_type="rhodecode", |
|
|
580 | 580 | strict_creation_check=strict_creation_check) |
|
|
581 | 581 | |
|
|
582 | 582 | if api_key: |
|
|
583 |
log.info('setting a |
|
|
|
584 | from rhodecode.model.auth_token import AuthTokenModel | |
|
|
585 | AuthTokenModel().create( | |
|
|
586 | user=user, description=u'BUILTIN TOKEN') | |
|
|
583 | log.info('setting a new default auth token for user `%s`', username) | |
|
|
584 | UserModel().add_auth_token( | |
|
|
585 | user=user, lifetime_minutes=-1, | |
|
|
586 | role=UserModel.auth_token_role.ROLE_ALL, | |
|
|
587 | description=u'BUILTIN TOKEN') | |
|
|
587 | 588 | |
|
|
588 | 589 | def create_default_user(self): |
|
|
589 | 590 | log.info('creating default user') |
| @@ -594,7 +595,7 b' class DbManage(object):' | |||
|
|
594 | 595 | firstname=u'Anonymous', |
|
|
595 | 596 | lastname=u'User', |
|
|
596 | 597 | strict_creation_check=False) |
|
|
597 | # based on configuration options activate/deactive this user which | |
|
|
598 | # based on configuration options activate/de-activate this user which | |
|
|
598 | 599 | # controlls anonymous access |
|
|
599 | 600 | if self.cli_args.get('public_access') is False: |
|
|
600 | 601 | log.info('Public access disabled') |
| @@ -377,9 +377,11 b' class UserModel(BaseModel):' | |||
|
|
377 | 377 | |
|
|
378 | 378 | if not edit: |
|
|
379 | 379 | # add the RSS token |
|
|
380 | AuthTokenModel().create(username, | |
|
|
381 | description=u'Generated feed token', | |
|
|
382 |
|
|
|
|
380 | self.add_auth_token( | |
|
|
381 | user=username, lifetime_minutes=-1, | |
|
|
382 | role=self.auth_token_role.ROLE_FEED, | |
|
|
383 | description=u'Generated feed token') | |
|
|
384 | ||
|
|
383 | 385 | kwargs = new_user.get_dict() |
|
|
384 | 386 | # backward compat, require api_keys present |
|
|
385 | 387 | kwargs['api_keys'] = kwargs['auth_tokens'] |
| @@ -830,6 +832,26 b' class UserModel(BaseModel):' | |||
|
|
830 | 832 | self.sa.add(obj) |
|
|
831 | 833 | return obj |
|
|
832 | 834 | |
|
|
835 | auth_token_role = AuthTokenModel.cls | |
|
|
836 | ||
|
|
837 | def add_auth_token(self, user, lifetime_minutes, role, description=u'', | |
|
|
838 | scope_callback=None): | |
|
|
839 | """ | |
|
|
840 | Add AuthToken for user. | |
|
|
841 | ||
|
|
842 | :param user: username/user_id | |
|
|
843 | :param lifetime_minutes: in minutes the lifetime for token, -1 equals no limit | |
|
|
844 | :param role: one of AuthTokenModel.cls.ROLE_* | |
|
|
845 | :param description: optional string description | |
|
|
846 | """ | |
|
|
847 | ||
|
|
848 | token = AuthTokenModel().create( | |
|
|
849 | user, description, lifetime_minutes, role) | |
|
|
850 | if scope_callback and callable(scope_callback): | |
|
|
851 | # call the callback if we provide, used to attach scope for EE edition | |
|
|
852 | scope_callback(token) | |
|
|
853 | return token | |
|
|
854 | ||
|
|
833 | 855 | def delete_extra_ip(self, user, ip_id): |
|
|
834 | 856 | """ |
|
|
835 | 857 | Removes ip address from UserIpMap |
General Comments 0
You need to be logged in to leave comments.
Login now