rhodecode-enterprise-ce Commit - r2079:9c79ce85

admin: cleanup imports.

marcink -

r2079:9c79ce85 default

parent child

rhodecode/apps/admin/views/audit_logs.py

0 +1 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             from pyramid.view import view_config
-            from sqlalchemy.orm import joinedload
             from rhodecode.apps._base import BaseAppView
-            from rhodecode.model.db import UserLog
+            from rhodecode.model.db import joinedload, UserLog
             from rhodecode.lib.user_log_filter import user_log_filter
             from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
             from rhodecode.lib.utils2 import safe_int
             from rhodecode.lib.helpers import Page
             log = logging.getLogger(__name__)
             class AdminAuditLogsView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._register_global_c(c)
                     return c
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_audit_logs', request_method='GET',
                     renderer='rhodecode:templates/admin/admin_audit_logs.mako')
                 def admin_audit_logs(self):
                     c = self.load_default_context()
                     users_log = UserLog.query()\
                         .options(joinedload(UserLog.user))\
                         .options(joinedload(UserLog.repository))
                     # FILTERING
                     c.search_term = self.request.GET.get('filter')
                     try:
                         users_log = user_log_filter(users_log, c.search_term)
                     except Exception:
                         # we want this to crash for now
                         raise
                     users_log = users_log.order_by(UserLog.action_date.desc())
                     p = safe_int(self.request.GET.get('page', 1), 1)
                     def url_generator(**kw):
                         if c.search_term:
                             kw['filter'] = c.search_term
                         return self.request.current_route_path(_query=kw)
                     c.audit_logs = Page(users_log, page=p, items_per_page=10,
                                         url=url_generator)
                     return self._get_template_context(c)

rhodecode/apps/admin/views/main_views.py

0 0 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             from pyramid.httpexceptions import HTTPFound
             from pyramid.view import view_config
             from rhodecode.apps._base import BaseAppView
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (LoginRequired, HasPermissionAllDecorator)
             from rhodecode.model.db import PullRequest
             log = logging.getLogger(__name__)
             class AdminMainView(BaseAppView):
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_home', request_method='GET')
                 def admin_main(self):
                     # redirect _admin to audit logs...
                     raise HTTPFound(h.route_path('admin_audit_logs'))
                 @LoginRequired()
                 @view_config(route_name='pull_requests_global_0', request_method='GET')
                 @view_config(route_name='pull_requests_global_1', request_method='GET')
                 @view_config(route_name='pull_requests_global', request_method='GET')
                 def pull_requests(self):
                     """
                     Global redirect for Pull Requests
                     :param pull_request_id: id of pull requests in the system
                     """
                     pull_request = PullRequest.get_or_404(
                         self.request.matchdict['pull_request_id'])
                     pull_request_id = pull_request.pull_request_id
                     repo_name = pull_request.target_repo.repo_name
                     raise HTTPFound(
                         h.route_path('pullrequest_show', repo_name=repo_name,
                                      pull_request_id=pull_request_id))

rhodecode/apps/admin/views/open_source_licenses.py

0 0 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import collections
             import logging
             from pyramid.view import view_config
             from rhodecode.apps._base import BaseAppView
             from rhodecode.apps.admin.navigation import navigation_list
             from rhodecode.lib.auth import (LoginRequired, HasPermissionAllDecorator)
             from rhodecode.lib.utils import read_opensource_licenses
             log = logging.getLogger(__name__)
             class OpenSourceLicensesAdminSettingsView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._register_global_c(c)
                     return c
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_settings_open_source', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 def open_source_licenses(self):
                     c = self.load_default_context()
                     c.active = 'open_source'
                     c.navlist = navigation_list(self.request)
                     items = sorted(read_opensource_licenses().items(), key=lambda t: t[0])
                     c.opensource_licenses = collections.OrderedDict(items)
                     return self._get_template_context(c)

rhodecode/apps/admin/views/permissions.py

0 +3 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import re
             import logging
             import formencode
+            import formencode.htmlfill
             import datetime
             from pyramid.interfaces import IRoutesMapper
             from pyramid.view import view_config
             from pyramid.httpexceptions import HTTPFound
             from pyramid.renderers import render
             from pyramid.response import Response
             from rhodecode.apps._base import BaseAppView, DataGridAppView
             from rhodecode.apps.ssh_support import SshKeyFileChangeEvent
             from rhodecode.events import trigger
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
             from rhodecode.lib.utils2 import aslist, safe_unicode
-            from rhodecode.model.db import or_, joinedload, coalesce, User, UserIpMap, UserSshKeys
+            from rhodecode.model.db import (
+                or_, coalesce, User, UserIpMap, UserSshKeys)
             from rhodecode.model.forms import (
                 ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm)
             from rhodecode.model.meta import Session
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.settings import SettingsModel
             log = logging.getLogger(__name__)
             class AdminPermissionsView(BaseAppView, DataGridAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._register_global_c(c)
                     PermissionModel().set_global_permission_choices(
                         c, gettext_translator=self.request.translate)
                     return c
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_application', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_application(self):
                     c = self.load_default_context()
                     c.active = 'application'
                     c.user = User.get_default_user(refresh=True)
                     app_settings = SettingsModel().get_all_settings()
                     defaults = {
                         'anonymous': c.user.active,
                         'default_register_message': app_settings.get(
                             'rhodecode_register_message')
                     }
                     defaults.update(c.user.get_default_perms())
                     data = render('rhodecode:templates/admin/permissions/permissions.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_application_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_application_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'application'
                     _form = ApplicationPermissionsForm(
                         [x[0] for x in c.register_choices],
                         [x[0] for x in c.password_reset_choices],
                         [x[0] for x in c.extern_activate_choices])()
                     try:
                         form_result = _form.to_python(dict(self.request.POST))
                         form_result.update({'perm_user_name': User.DEFAULT_USER})
                         PermissionModel().update_application_permissions(form_result)
                         settings = [
                             ('register_message', 'default_register_message'),
                         ]
                         for setting, form_key in settings:
                             sett = SettingsModel().create_or_update_setting(
                                 setting, form_result[form_key])
                             Session().add(sett)
                         Session().commit()
                         h.flash(_('Application permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         data = render(
                             'rhodecode:templates/admin/permissions/permissions.mako',
                             self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception during update of permissions")
                         h.flash(_('Error occurred during update of permissions'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_permissions_application'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_object', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_objects(self):
                     c = self.load_default_context()
                     c.active = 'objects'
                     c.user = User.get_default_user(refresh=True)
                     defaults = {}
                     defaults.update(c.user.get_default_perms())
                     data = render(
                         'rhodecode:templates/admin/permissions/permissions.mako',
                         self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_object_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_objects_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'objects'
                     _form = ObjectPermissionsForm(
                         [x[0] for x in c.repo_perms_choices],
                         [x[0] for x in c.group_perms_choices],
                         [x[0] for x in c.user_group_perms_choices])()
                     try:
                         form_result = _form.to_python(dict(self.request.POST))
                         form_result.update({'perm_user_name': User.DEFAULT_USER})
                         PermissionModel().update_object_permissions(form_result)
                         Session().commit()
                         h.flash(_('Object permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         data = render(
                             'rhodecode:templates/admin/permissions/permissions.mako',
                             self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception during update of permissions")
                         h.flash(_('Error occurred during update of permissions'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_permissions_object'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_global', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_global(self):
                     c = self.load_default_context()
                     c.active = 'global'
                     c.user = User.get_default_user(refresh=True)
                     defaults = {}
                     defaults.update(c.user.get_default_perms())
                     data = render(
                         'rhodecode:templates/admin/permissions/permissions.mako',
                         self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_global_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_global_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'global'
                     _form = UserPermissionsForm(
                         [x[0] for x in c.repo_create_choices],
                         [x[0] for x in c.repo_create_on_write_choices],
                         [x[0] for x in c.repo_group_create_choices],
                         [x[0] for x in c.user_group_create_choices],
                         [x[0] for x in c.fork_choices],
                         [x[0] for x in c.inherit_default_permission_choices])()
                     try:
                         form_result = _form.to_python(dict(self.request.POST))
                         form_result.update({'perm_user_name': User.DEFAULT_USER})
                         PermissionModel().update_user_permissions(form_result)
                         Session().commit()
                         h.flash(_('Global permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         data = render(
                             'rhodecode:templates/admin/permissions/permissions.mako',
                             self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception during update of permissions")
                         h.flash(_('Error occurred during update of permissions'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_permissions_global'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_ips', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_ips(self):
                     c = self.load_default_context()
                     c.active = 'ips'
                     c.user = User.get_default_user(refresh=True)
                     c.user_ip_map = (
                         UserIpMap.query().filter(UserIpMap.user == c.user).all())
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_overview', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_overview(self):
                     c = self.load_default_context()
                     c.active = 'perms'
                     c.user = User.get_default_user(refresh=True)
                     c.perm_user = c.user.AuthUser()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_auth_token_access', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def auth_token_access(self):
                     from rhodecode import CONFIG
                     c = self.load_default_context()
                     c.active = 'auth_token_access'
                     c.user = User.get_default_user(refresh=True)
                     c.perm_user = c.user.AuthUser()
                     mapper = self.request.registry.queryUtility(IRoutesMapper)
                     c.view_data = []
                     _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)')
                     introspector = self.request.registry.introspector
                     view_intr = {}
                     for view_data in introspector.get_category('views'):
                         intr = view_data['introspectable']
                         if 'route_name' in intr and intr['attr']:
                             view_intr[intr['route_name']] = '{}:{}'.format(
                                 str(intr['derived_callable'].func_name), intr['attr']
                             )
                     c.whitelist_key = 'api_access_controllers_whitelist'
                     c.whitelist_file = CONFIG.get('__file__')
                     whitelist_views = aslist(
                         CONFIG.get(c.whitelist_key), sep=',')
                     for route_info in mapper.get_routes():
                         if not route_info.name.startswith('__'):
                             routepath = route_info.pattern
                             def replace(matchobj):
                                 if matchobj.group(1):
                                     return "{%s}" % matchobj.group(1).split(':')[0]
                                 else:
                                     return "{%s}" % matchobj.group(2)
                             routepath = _argument_prog.sub(replace, routepath)
                             if not routepath.startswith('/'):
                                 routepath = '/' + routepath
                             view_fqn = view_intr.get(route_info.name, 'NOT AVAILABLE')
                             active = view_fqn in whitelist_views
                             c.view_data.append((route_info.name, view_fqn, routepath, active))
                     c.whitelist_views = whitelist_views
                     return self._get_template_context(c)
                 def ssh_enabled(self):
                     return self.request.registry.settings.get(
                         'ssh.generate_authorized_keyfile')
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_ssh_keys', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def ssh_keys(self):
                     c = self.load_default_context()
                     c.active = 'ssh_keys'
                     c.ssh_enabled = self.ssh_enabled()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_ssh_keys_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def ssh_keys_data(self):
                     _ = self.request.translate
                     column_map = {
                         'fingerprint': 'ssh_key_fingerprint',
                         'username': User.username
                     }
                     draw, start, limit = self._extract_chunk(self.request)
                     search_q, order_by, order_dir = self._extract_ordering(
                         self.request, column_map=column_map)
                     ssh_keys_data_total_count = UserSshKeys.query()\
                         .count()
                     # json generate
                     base_q = UserSshKeys.query().join(UserSshKeys.user)
                     if search_q:
                         like_expression = u'%{}%'.format(safe_unicode(search_q))
                         base_q = base_q.filter(or_(
                             User.username.ilike(like_expression),
                             UserSshKeys.ssh_key_fingerprint.ilike(like_expression),
                         ))
                     users_data_total_filtered_count = base_q.count()
                     sort_col = self._get_order_col(order_by, UserSshKeys)
                     if sort_col:
                         if order_dir == 'asc':
                             # handle null values properly to order by NULL last
                             if order_by in ['created_on']:
                                 sort_col = coalesce(sort_col, datetime.date.max)
                             sort_col = sort_col.asc()
                         else:
                             # handle null values properly to order by NULL last
                             if order_by in ['created_on']:
                                 sort_col = coalesce(sort_col, datetime.date.min)
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     ssh_keys = base_q.all()
                     ssh_keys_data = []
                     for ssh_key in ssh_keys:
                         ssh_keys_data.append({
                             "username": h.gravatar_with_user(self.request, ssh_key.user.username),
                             "fingerprint": ssh_key.ssh_key_fingerprint,
                             "description": ssh_key.description,
                             "created_on": h.format_date(ssh_key.created_on),
                             "action": h.link_to(
                                 _('Edit'), h.route_path('edit_user_ssh_keys',
                                                         user_id=ssh_key.user.user_id))
                         })
                     data = ({
                         'draw': draw,
                         'data': ssh_keys_data,
                         'recordsTotal': ssh_keys_data_total_count,
                         'recordsFiltered': users_data_total_filtered_count,
                     })
                     return data
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_ssh_keys_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def ssh_keys_update(self):
                     _ = self.request.translate
                     self.load_default_context()
                     ssh_enabled = self.ssh_enabled()
                     key_file = self.request.registry.settings.get(
                         'ssh.authorized_keys_file_path')
                     if ssh_enabled:
                         trigger(SshKeyFileChangeEvent(), self.request.registry)
                         h.flash(_('Updated SSH keys file: {}').format(key_file),
                                 category='success')
                     else:
                         h.flash(_('SSH key support is disabled in .ini file'),
                                 category='warning')
                     raise HTTPFound(h.route_path('admin_permissions_ssh_keys'))

rhodecode/apps/admin/views/process_management.py

0 0 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import psutil
             from pyramid.view import view_config
             from rhodecode.apps._base import BaseAppView
             from rhodecode.apps.admin.navigation import navigation_list
-            from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
             from rhodecode.lib.utils2 import safe_int
             log = logging.getLogger(__name__)
             class AdminProcessManagementView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._register_global_c(c)
                     return c
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_settings_process_management', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 def process_management(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'process_management'
                     c.navlist = navigation_list(self.request)
                     c.gunicorn_processes = (
                         p for p in psutil.process_iter() if 'gunicorn' in p.name())
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_settings_process_management_signal',
                     request_method='POST', renderer='json_ext')
                 def process_management_signal(self):
                     pids = self.request.json.get('pids', [])
                     result = []
                     def on_terminate(proc):
                         msg = "process `PID:{}` terminated with exit code {}".format(
                             proc.pid, proc.returncode)
                         result.append(msg)
                     procs = []
                     for pid in pids:
                         pid = safe_int(pid)
                         if pid:
                             try:
                                 proc = psutil.Process(pid)
                             except psutil.NoSuchProcess:
                                 continue
                             children = proc.children(recursive=True)
                             if children:
                                 print('Wont kill Master Process')
                             else:
                                 procs.append(proc)
                     for p in procs:
                         p.terminate()
                     gone, alive = psutil.wait_procs(procs, timeout=10, callback=on_terminate)
                     for p in alive:
                         p.kill()
                     return {'result': result}

rhodecode/apps/admin/views/repositories.py

0 +1 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import formencode
+            import formencode.htmlfill
             from pyramid.httpexceptions import HTTPFound, HTTPForbidden
             from pyramid.view import view_config
             from pyramid.renderers import render
             from pyramid.response import Response
             from rhodecode.apps._base import BaseAppView, DataGridAppView
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.auth import (
                 LoginRequired, CSRFRequired, NotAnonymous,
                 HasPermissionAny, HasRepoGroupPermissionAny)
             from rhodecode.lib import helpers as h
             from rhodecode.lib.utils import repo_name_slug
             from rhodecode.lib.utils2 import safe_int, safe_unicode
             from rhodecode.model.forms import RepoForm
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel
             from rhodecode.model.settings import SettingsModel
             from rhodecode.model.db import Repository, RepoGroup
             log = logging.getLogger(__name__)
             class AdminReposView(BaseAppView, DataGridAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._register_global_c(c)
                     return c
                 def _load_form_data(self, c):
                     acl_groups = RepoGroupList(RepoGroup.query().all(),
                                                perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: safe_unicode(k[0]), c.repo_groups)
                     c.landing_revs_choices, c.landing_revs = \
                         ScmModel().get_repo_landing_revs()
                     c.personal_repo_group = self._rhodecode_user.personal_repo_group
                 @LoginRequired()
                 @NotAnonymous()
                 @view_config(
                     route_name='repos', request_method='GET',
                     renderer='rhodecode:templates/admin/repos/repos.mako')
                 def repository_list(self):
                     c = self.load_default_context()
                     repo_list = Repository.get_all_repos()
                     c.repo_list = RepoList(repo_list, perm_set=['repository.admin'])
                     repos_data = RepoModel().get_repos_as_dict(
                         repo_list=c.repo_list, admin=True, super_user_actions=True)
                     # json used to render the grid
                     c.data = json.dumps(repos_data)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @NotAnonymous()
                 # perms check inside
                 @view_config(
                     route_name='repo_new', request_method='GET',
                     renderer='rhodecode:templates/admin/repos/repo_add.mako')
                 def repository_new(self):
                     c = self.load_default_context()
                     new_repo = self.request.GET.get('repo', '')
                     parent_group = safe_int(self.request.GET.get('parent_group'))
                     _gr = RepoGroup.get(parent_group)
                     if not HasPermissionAny('hg.admin', 'hg.create.repository')():
                         # you're not super admin nor have global create permissions,
                         # but maybe you have at least write permission to a parent group ?
                         gr_name = _gr.group_name if _gr else None
                         # create repositories with write permission on group is set to true
                         create_on_write = HasPermissionAny('hg.create.write_on_repogroup.true')()
                         group_admin = HasRepoGroupPermissionAny('group.admin')(group_name=gr_name)
                         group_write = HasRepoGroupPermissionAny('group.write')(group_name=gr_name)
                         if not (group_admin or (group_write and create_on_write)):
                             raise HTTPForbidden()
                     self._load_form_data(c)
                     c.new_repo = repo_name_slug(new_repo)
                     # apply the defaults from defaults page
                     defaults = SettingsModel().get_default_repo_settings(strip_prefix=True)
                     # set checkbox to autochecked
                     defaults['repo_copy_permissions'] = True
                     parent_group_choice = '-1'
                     if not self._rhodecode_user.is_admin and self._rhodecode_user.personal_repo_group:
                         parent_group_choice = self._rhodecode_user.personal_repo_group
                     if parent_group and _gr:
                         if parent_group in [x[0] for x in c.repo_groups]:
                             parent_group_choice = safe_unicode(parent_group)
                     defaults.update({'repo_group': parent_group_choice})
                     data = render('rhodecode:templates/admin/repos/repo_add.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @NotAnonymous()
                 @CSRFRequired()
                 # perms check inside
                 @view_config(
                     route_name='repo_create', request_method='POST',
                     renderer='rhodecode:templates/admin/repos/repos.mako')
                 def repository_create(self):
                     c = self.load_default_context()
                     form_result = {}
                     task_id = None
                     self._load_form_data(c)
                     try:
                         # CanWriteToGroup validators checks permissions of this POST
                         form_result = RepoForm(repo_groups=c.repo_groups_choices,
                                                landing_revs=c.landing_revs_choices)()\
                                         .to_python(dict(self.request.POST))
                         # create is done sometimes async on celery, db transaction
                         # management is handled there.
                         task = RepoModel().create(form_result, self._rhodecode_user.user_id)
                         from celery.result import BaseAsyncResult
                         if isinstance(task, BaseAsyncResult):
                             task_id = task.task_id
                     except formencode.Invalid as errors:
                         data = render('rhodecode:templates/admin/repos/repo_add.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception as e:
                         msg = self._log_creation_exception(e, form_result.get('repo_name'))
                         h.flash(msg, category='error')
                         raise HTTPFound(h.route_path('home'))
                     raise HTTPFound(
                         h.route_path('repo_creating',
                                      repo_name=form_result['repo_name_full'],
                                      _query=dict(task_id=task_id)))

rhodecode/apps/admin/views/users.py

0 +1 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import datetime
             import formencode
+            import formencode.htmlfill
             from pyramid.httpexceptions import HTTPFound
             from pyramid.view import view_config
             from sqlalchemy.sql.functions import coalesce
             from sqlalchemy.exc import IntegrityError
             from rhodecode.apps._base import BaseAppView, DataGridAppView
             from rhodecode.apps.ssh_support import SshKeyFileChangeEvent
             from rhodecode.events import trigger
             from rhodecode.lib import audit_logger
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
             from rhodecode.lib import helpers as h
             from rhodecode.lib.utils2 import safe_int, safe_unicode
             from rhodecode.model.auth_token import AuthTokenModel
             from rhodecode.model.ssh_key import SshKeyModel
             from rhodecode.model.user import UserModel
             from rhodecode.model.user_group import UserGroupModel
             from rhodecode.model.db import (
                 or_, User, UserIpMap, UserEmailMap, UserApiKeys, UserSshKeys)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             class AdminUsersView(BaseAppView, DataGridAppView):
                 ALLOW_SCOPED_TOKENS = False
                 """
                 This view has alternative version inside EE, if modified please take a look
                 in there as well.
                 """
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
                     self._register_global_c(c)
                     return c
                 def _redirect_for_default_user(self, username):
                     _ = self.request.translate
                     if username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         # TODO(marcink): redirect to 'users' admin panel once this
                         # is a pyramid view
                         raise HTTPFound('/')
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='users', request_method='GET',
                     renderer='rhodecode:templates/admin/users/users.mako')
                 def users_list(self):
                     c = self.load_default_context()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     # renderer defined below
                     route_name='users_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def users_list_data(self):
                     column_map = {
                         'first_name': 'name',
                         'last_name': 'lastname',
                     }
                     draw, start, limit = self._extract_chunk(self.request)
                     search_q, order_by, order_dir = self._extract_ordering(
                         self.request, column_map=column_map)
                     _render = self.request.get_partial_renderer(
                         'data_table/_dt_elements.mako')
                     def user_actions(user_id, username):
                         return _render("user_actions", user_id, username)
                     users_data_total_count = User.query()\
                         .filter(User.username != User.DEFAULT_USER) \
                         .count()
                     # json generate
                     base_q = User.query().filter(User.username != User.DEFAULT_USER)
                     if search_q:
                         like_expression = u'%{}%'.format(safe_unicode(search_q))
                         base_q = base_q.filter(or_(
                             User.username.ilike(like_expression),
                             User._email.ilike(like_expression),
                             User.name.ilike(like_expression),
                             User.lastname.ilike(like_expression),
                         ))
                     users_data_total_filtered_count = base_q.count()
                     sort_col = getattr(User, order_by, None)
                     if sort_col:
                         if order_dir == 'asc':
                             # handle null values properly to order by NULL last
                             if order_by in ['last_activity']:
                                 sort_col = coalesce(sort_col, datetime.date.max)
                             sort_col = sort_col.asc()
                         else:
                             # handle null values properly to order by NULL last
                             if order_by in ['last_activity']:
                                 sort_col = coalesce(sort_col, datetime.date.min)
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     users_list = base_q.all()
                     users_data = []
                     for user in users_list:
                         users_data.append({
                             "username": h.gravatar_with_user(self.request, user.username),
                             "email": user.email,
                             "first_name": user.first_name,
                             "last_name": user.last_name,
                             "last_login": h.format_date(user.last_login),
                             "last_activity": h.format_date(user.last_activity),
                             "active": h.bool2icon(user.active),
                             "active_raw": user.active,
                             "admin": h.bool2icon(user.admin),
                             "extern_type": user.extern_type,
                             "extern_name": user.extern_name,
                             "action": user_actions(user.user_id, user.username),
                         })
                     data = ({
                         'draw': draw,
                         'data': users_data,
                         'recordsTotal': users_data_total_count,
                         'recordsFiltered': users_data_total_filtered_count,
                     })
                     return data
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_auth_tokens', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def auth_tokens(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'auth_tokens'
                     c.lifetime_values = [
                         (str(-1), _('forever')),
                         (str(5), _('5 minutes')),
                         (str(60), _('1 hour')),
                         (str(60 * 24), _('1 day')),
                         (str(60 * 24 * 30), _('1 month')),
                     ]
                     c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
                     c.role_values = [
                         (x, AuthTokenModel.cls._get_role_name(x))
                         for x in AuthTokenModel.cls.ROLES]
                     c.role_options = [(c.role_values, _("Role"))]
                     c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
                         c.user.user_id, show_expired=True)
                     return self._get_template_context(c)
                 def maybe_attach_token_scope(self, token):
                     # implemented in EE edition
                     pass
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_auth_tokens_add', request_method='POST')
                 def auth_tokens_add(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     user_data = c.user.get_api_data()
                     lifetime = safe_int(self.request.POST.get('lifetime'), -1)
                     description = self.request.POST.get('description')
                     role = self.request.POST.get('role')
                     token = AuthTokenModel().create(
                         c.user.user_id, description, lifetime, role)
                     token_data = token.get_api_data()
                     self.maybe_attach_token_scope(token)
                     audit_logger.store_web(
                         'user.edit.token.add', action_data={
                             'data': {'token': token_data, 'user': user_data}},
                         user=self._rhodecode_user, )
                     Session().commit()
                     h.flash(_("Auth token successfully created"), category='success')
                     return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_auth_tokens_delete', request_method='POST')
                 def auth_tokens_delete(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     user_data = c.user.get_api_data()
                     del_auth_token = self.request.POST.get('del_auth_token')
                     if del_auth_token:
                         token = UserApiKeys.get_or_404(del_auth_token)
                         token_data = token.get_api_data()
                         AuthTokenModel().delete(del_auth_token, c.user.user_id)
                         audit_logger.store_web(
                             'user.edit.token.delete', action_data={
                                 'data': {'token': token_data, 'user': user_data}},
                             user=self._rhodecode_user,)
                         Session().commit()
                         h.flash(_("Auth token successfully deleted"), category='success')
                     return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_ssh_keys', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def ssh_keys(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'ssh_keys'
                     c.default_key = self.request.GET.get('default_key')
                     c.user_ssh_keys = SshKeyModel().get_ssh_keys(c.user.user_id)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_ssh_keys_generate_keypair', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def ssh_keys_generate_keypair(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'ssh_keys_generate'
                     comment = 'RhodeCode-SSH {}'.format(c.user.email or '')
                     c.private, c.public = SshKeyModel().generate_keypair(comment=comment)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_ssh_keys_add', request_method='POST')
                 def ssh_keys_add(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     user_data = c.user.get_api_data()
                     key_data = self.request.POST.get('key_data')
                     description = self.request.POST.get('description')
                     try:
                         if not key_data:
                             raise ValueError('Please add a valid public key')
                         key = SshKeyModel().parse_key(key_data.strip())
                         fingerprint = key.hash_md5()
                         ssh_key = SshKeyModel().create(
                             c.user.user_id, fingerprint, key_data, description)
                         ssh_key_data = ssh_key.get_api_data()
                         audit_logger.store_web(
                             'user.edit.ssh_key.add', action_data={
                                 'data': {'ssh_key': ssh_key_data, 'user': user_data}},
                             user=self._rhodecode_user, )
                         Session().commit()
                         # Trigger an event on change of keys.
                         trigger(SshKeyFileChangeEvent(), self.request.registry)
                         h.flash(_("Ssh Key successfully created"), category='success')
                     except IntegrityError:
                         log.exception("Exception during ssh key saving")
                         h.flash(_('An error occurred during ssh key saving: {}').format(
                             'Such key already exists, please use a different one'),
                                 category='error')
                     except Exception as e:
                         log.exception("Exception during ssh key saving")
                         h.flash(_('An error occurred during ssh key saving: {}').format(e),
                                 category='error')
                     return HTTPFound(
                         h.route_path('edit_user_ssh_keys', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_ssh_keys_delete', request_method='POST')
                 def ssh_keys_delete(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     user_data = c.user.get_api_data()
                     del_ssh_key = self.request.POST.get('del_ssh_key')
                     if del_ssh_key:
                         ssh_key = UserSshKeys.get_or_404(del_ssh_key)
                         ssh_key_data = ssh_key.get_api_data()
                         SshKeyModel().delete(del_ssh_key, c.user.user_id)
                         audit_logger.store_web(
                             'user.edit.ssh_key.delete', action_data={
                                 'data': {'ssh_key': ssh_key_data, 'user': user_data}},
                             user=self._rhodecode_user,)
                         Session().commit()
                         # Trigger an event on change of keys.
                         trigger(SshKeyFileChangeEvent(), self.request.registry)
                         h.flash(_("Ssh key successfully deleted"), category='success')
                     return HTTPFound(h.route_path('edit_user_ssh_keys', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_emails', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def emails(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'emails'
                     c.user_email_map = UserEmailMap.query() \
                         .filter(UserEmailMap.user == c.user).all()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_emails_add', request_method='POST')
                 def emails_add(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     email = self.request.POST.get('new_email')
                     user_data = c.user.get_api_data()
                     try:
                         UserModel().add_extra_email(c.user.user_id, email)
                         audit_logger.store_web(
                             'user.edit.email.add', action_data={'email': email, 'user': user_data},
                             user=self._rhodecode_user)
                         Session().commit()
                         h.flash(_("Added new email address `%s` for user account") % email,
                                 category='success')
                     except formencode.Invalid as error:
                         h.flash(h.escape(error.error_dict['email']), category='error')
                     except Exception:
                         log.exception("Exception during email saving")
                         h.flash(_('An error occurred during email saving'),
                                 category='error')
                     raise HTTPFound(h.route_path('edit_user_emails', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_emails_delete', request_method='POST')
                 def emails_delete(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     email_id = self.request.POST.get('del_email_id')
                     user_model = UserModel()
                     email = UserEmailMap.query().get(email_id).email
                     user_data = c.user.get_api_data()
                     user_model.delete_extra_email(c.user.user_id, email_id)
                     audit_logger.store_web(
                         'user.edit.email.delete', action_data={'email': email, 'user': user_data},
                         user=self._rhodecode_user)
                     Session().commit()
                     h.flash(_("Removed email address from user account"),
                             category='success')
                     raise HTTPFound(h.route_path('edit_user_emails', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_ips', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def ips(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'ips'
                     c.user_ip_map = UserIpMap.query() \
                         .filter(UserIpMap.user == c.user).all()
                     c.inherit_default_ips = c.user.inherit_default_permissions
                     c.default_user_ip_map = UserIpMap.query() \
                         .filter(UserIpMap.user == User.get_default_user()).all()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_ips_add', request_method='POST')
                 def ips_add(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     # NOTE(marcink): this view is allowed for default users, as we can
                     # edit their IP white list
                     user_model = UserModel()
                     desc = self.request.POST.get('description')
                     try:
                         ip_list = user_model.parse_ip_range(
                             self.request.POST.get('new_ip'))
                     except Exception as e:
                         ip_list = []
                         log.exception("Exception during ip saving")
                         h.flash(_('An error occurred during ip saving:%s' % (e,)),
                                 category='error')
                     added = []
                     user_data = c.user.get_api_data()
                     for ip in ip_list:
                         try:
                             user_model.add_extra_ip(c.user.user_id, ip, desc)
                             audit_logger.store_web(
                                 'user.edit.ip.add', action_data={'ip': ip, 'user': user_data},
                                 user=self._rhodecode_user)
                             Session().commit()
                             added.append(ip)
                         except formencode.Invalid as error:
                             msg = error.error_dict['ip']
                             h.flash(msg, category='error')
                         except Exception:
                             log.exception("Exception during ip saving")
                             h.flash(_('An error occurred during ip saving'),
                                     category='error')
                     if added:
                         h.flash(
                             _("Added ips %s to user whitelist") % (', '.join(ip_list), ),
                             category='success')
                     if 'default_user' in self.request.POST:
                         # case for editing global IP list we do it for 'DEFAULT' user
                         raise HTTPFound(h.route_path('admin_permissions_ips'))
                     raise HTTPFound(h.route_path('edit_user_ips', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_ips_delete', request_method='POST')
                 def ips_delete(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     # NOTE(marcink): this view is allowed for default users, as we can
                     # edit their IP white list
                     ip_id = self.request.POST.get('del_ip_id')
                     user_model = UserModel()
                     user_data = c.user.get_api_data()
                     ip = UserIpMap.query().get(ip_id).ip_addr
                     user_model.delete_extra_ip(c.user.user_id, ip_id)
                     audit_logger.store_web(
                         'user.edit.ip.delete', action_data={'ip': ip, 'user': user_data},
                         user=self._rhodecode_user)
                     Session().commit()
                     h.flash(_("Removed ip address from user whitelist"), category='success')
                     if 'default_user' in self.request.POST:
                         # case for editing global IP list we do it for 'DEFAULT' user
                         raise HTTPFound(h.route_path('admin_permissions_ips'))
                     raise HTTPFound(h.route_path('edit_user_ips', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_groups_management', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def groups_management(self):
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     c.data = c.user.group_member
                     self._redirect_for_default_user(c.user.username)
                     groups = [UserGroupModel.get_user_groups_as_dict(group.users_group)
                               for group in c.user.group_member]
                     c.groups = json.dumps(groups)
                     c.active = 'groups'
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_groups_management_updates', request_method='POST')
                 def groups_management_updates(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     user_groups = set(self.request.POST.getall('users_group_id'))
                     user_groups_objects = []
                     for ugid in user_groups:
                         user_groups_objects.append(
                             UserGroupModel().get_group(safe_int(ugid)))
                     user_group_model = UserGroupModel()
                     user_group_model.change_groups(c.user, user_groups_objects)
                     Session().commit()
                     c.active = 'user_groups_management'
                     h.flash(_("Groups successfully changed"), category='success')
                     return HTTPFound(h.route_path(
                         'edit_user_groups_management', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_audit_logs', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def user_audit_logs(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'audit'
                     p = safe_int(self.request.GET.get('page', 1), 1)
                     filter_term = self.request.GET.get('filter')
                     user_log = UserModel().get_user_log(c.user, filter_term)
                     def url_generator(**kw):
                         if filter_term:
                             kw['filter'] = filter_term
                         return self.request.current_route_path(_query=kw)
                     c.audit_logs = h.Page(
                         user_log, page=p, items_per_page=10, url=url_generator)
                     c.filter_term = filter_term
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_perms_summary', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def user_perms_summary(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'perms_summary'
                     c.perm_user = c.user.AuthUser(ip_addr=self.request.remote_addr)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_perms_summary_json', request_method='GET',
                     renderer='json_ext')
                 def user_perms_summary_json(self):
                     self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     user = User.get_or_404(user_id)
                     self._redirect_for_default_user(user.username)
                     perm_user = user.AuthUser(ip_addr=self.request.remote_addr)
                     return perm_user.permissions

rhodecode/apps/gist/views.py

0 +1 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2013-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import time
             import logging
             import formencode
+            import formencode.htmlfill
             import peppercorn
             from pyramid.httpexceptions import HTTPNotFound, HTTPForbidden, HTTPFound
             from pyramid.view import view_config
             from pyramid.renderers import render
             from pyramid.response import Response
             from rhodecode.apps._base import BaseAppView
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import LoginRequired, NotAnonymous, CSRFRequired
             from rhodecode.lib.utils2 import time_to_datetime
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.vcs.exceptions import VCSError, NodeNotChangedError
             from rhodecode.model.gist import GistModel
             from rhodecode.model.meta import Session
             from rhodecode.model.db import Gist, User, or_
             from rhodecode.model import validation_schema
             from rhodecode.model.validation_schema.schemas import gist_schema
             log = logging.getLogger(__name__)
             class GistView(BaseAppView):
                 def load_default_context(self):
                     _ = self.request.translate
                     c = self._get_local_tmpl_context()
                     c.user = c.auth_user.get_instance()
                     c.lifetime_values = [
                         (-1, _('forever')),
                         (5, _('5 minutes')),
                         (60, _('1 hour')),
                         (60 * 24, _('1 day')),
                         (60 * 24 * 30, _('1 month')),
                     ]
                     c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
                     c.acl_options = [
                         (Gist.ACL_LEVEL_PRIVATE, _("Requires registered account")),
                         (Gist.ACL_LEVEL_PUBLIC, _("Can be accessed by anonymous users"))
                     ]
                     self._register_global_c(c)
                     return c
                 @LoginRequired()
                 @view_config(
                     route_name='gists_show', request_method='GET',
                     renderer='rhodecode:templates/admin/gists/index.mako')
                 def gist_show_all(self):
                     c = self.load_default_context()
                     not_default_user = self._rhodecode_user.username != User.DEFAULT_USER
                     c.show_private = self.request.GET.get('private') and not_default_user
                     c.show_public = self.request.GET.get('public') and not_default_user
                     c.show_all = self.request.GET.get('all') and self._rhodecode_user.admin
                     gists = _gists = Gist().query()\
                         .filter(or_(Gist.gist_expires == -1, Gist.gist_expires >= time.time()))\
                         .order_by(Gist.created_on.desc())
                     c.active = 'public'
                     # MY private
                     if c.show_private and not c.show_public:
                         gists = _gists.filter(Gist.gist_type == Gist.GIST_PRIVATE)\
                                     .filter(Gist.gist_owner == self._rhodecode_user.user_id)
                         c.active = 'my_private'
                     # MY public
                     elif c.show_public and not c.show_private:
                         gists = _gists.filter(Gist.gist_type == Gist.GIST_PUBLIC)\
                                     .filter(Gist.gist_owner == self._rhodecode_user.user_id)
                         c.active = 'my_public'
                     # MY public+private
                     elif c.show_private and c.show_public:
                         gists = _gists.filter(or_(Gist.gist_type == Gist.GIST_PUBLIC,
                                                   Gist.gist_type == Gist.GIST_PRIVATE))\
                                     .filter(Gist.gist_owner == self._rhodecode_user.user_id)
                         c.active = 'my_all'
                     # Show all by super-admin
                     elif c.show_all:
                         c.active = 'all'
                         gists = _gists
                     # default show ALL public gists
                     if not c.show_public and not c.show_private and not c.show_all:
                         gists = _gists.filter(Gist.gist_type == Gist.GIST_PUBLIC)
                         c.active = 'public'
                     _render = self.request.get_partial_renderer(
                         'data_table/_dt_elements.mako')
                     data = []
                     for gist in gists:
                         data.append({
                             'created_on': _render('gist_created', gist.created_on),
                             'created_on_raw': gist.created_on,
                             'type': _render('gist_type', gist.gist_type),
                             'access_id': _render('gist_access_id', gist.gist_access_id, gist.owner.full_contact),
                             'author': _render('gist_author', gist.owner.full_contact, gist.created_on, gist.gist_expires),
                             'author_raw': h.escape(gist.owner.full_contact),
                             'expires': _render('gist_expires', gist.gist_expires),
                             'description': _render('gist_description', gist.gist_description)
                         })
                     c.data = json.dumps(data)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @NotAnonymous()
                 @view_config(
                     route_name='gists_new', request_method='GET',
                     renderer='rhodecode:templates/admin/gists/new.mako')
                 def gist_new(self):
                     c = self.load_default_context()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @NotAnonymous()
                 @CSRFRequired()
                 @view_config(
                     route_name='gists_create', request_method='POST',
                     renderer='rhodecode:templates/admin/gists/new.mako')
                 def gist_create(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     data = dict(self.request.POST)
                     data['filename'] = data.get('filename') or Gist.DEFAULT_FILENAME
                     data['nodes'] = [{
                         'filename': data['filename'],
                         'content': data.get('content'),
                         'mimetype': data.get('mimetype')  # None is autodetect
                     }]
                     data['gist_type'] = (
                         Gist.GIST_PUBLIC if data.get('public') else Gist.GIST_PRIVATE)
                     data['gist_acl_level'] = (
                         data.get('gist_acl_level') or Gist.ACL_LEVEL_PRIVATE)
                     schema = gist_schema.GistSchema().bind(
                         lifetime_options=[x[0] for x in c.lifetime_values])
                     try:
                         schema_data = schema.deserialize(data)
                         # convert to safer format with just KEYs so we sure no duplicates
                         schema_data['nodes'] = gist_schema.sequence_to_nodes(
                             schema_data['nodes'])
                         gist = GistModel().create(
                             gist_id=schema_data['gistid'],  # custom access id not real ID
                             description=schema_data['description'],
                             owner=self._rhodecode_user.user_id,
                             gist_mapping=schema_data['nodes'],
                             gist_type=schema_data['gist_type'],
                             lifetime=schema_data['lifetime'],
                             gist_acl_level=schema_data['gist_acl_level']
                         )
                         Session().commit()
                         new_gist_id = gist.gist_access_id
                     except validation_schema.Invalid as errors:
                         defaults = data
                         errors = errors.asdict()
                         if 'nodes.0.content' in errors:
                             errors['content'] = errors['nodes.0.content']
                             del errors['nodes.0.content']
                         if 'nodes.0.filename' in errors:
                             errors['filename'] = errors['nodes.0.filename']
                             del errors['nodes.0.filename']
                         data = render('rhodecode:templates/admin/gists/new.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors,
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception while trying to create a gist")
                         h.flash(_('Error occurred during gist creation'), category='error')
                         raise HTTPFound(h.route_url('gists_new'))
                     raise HTTPFound(h.route_url('gist_show', gist_id=new_gist_id))
                 @LoginRequired()
                 @NotAnonymous()
                 @CSRFRequired()
                 @view_config(
                     route_name='gist_delete', request_method='POST')
                 def gist_delete(self):
                     _ = self.request.translate
                     gist_id = self.request.matchdict['gist_id']
                     c = self.load_default_context()
                     c.gist = Gist.get_or_404(gist_id)
                     owner = c.gist.gist_owner == self._rhodecode_user.user_id
                     if not (h.HasPermissionAny('hg.admin')() or owner):
                         log.warning('Deletion of Gist was forbidden '
                                     'by unauthorized user: `%s`', self._rhodecode_user)
                         raise HTTPNotFound()
                     GistModel().delete(c.gist)
                     Session().commit()
                     h.flash(_('Deleted gist %s') % c.gist.gist_access_id, category='success')
                     raise HTTPFound(h.route_url('gists_show'))
                 def _get_gist(self, gist_id):
                     gist = Gist.get_or_404(gist_id)
                     # Check if this gist is expired
                     if gist.gist_expires != -1:
                         if time.time() > gist.gist_expires:
                             log.error(
                                 'Gist expired at %s', time_to_datetime(gist.gist_expires))
                             raise HTTPNotFound()
                     # check if this gist requires a login
                     is_default_user = self._rhodecode_user.username == User.DEFAULT_USER
                     if gist.acl_level == Gist.ACL_LEVEL_PRIVATE and is_default_user:
                         log.error("Anonymous user %s tried to access protected gist `%s`",
                                   self._rhodecode_user, gist_id)
                         raise HTTPNotFound()
                     return gist
                 @LoginRequired()
                 @view_config(
                     route_name='gist_show', request_method='GET',
                     renderer='rhodecode:templates/admin/gists/show.mako')
                 @view_config(
                     route_name='gist_show_rev', request_method='GET',
                     renderer='rhodecode:templates/admin/gists/show.mako')
                 @view_config(
                     route_name='gist_show_formatted', request_method='GET',
                     renderer=None)
                 @view_config(
                     route_name='gist_show_formatted_path', request_method='GET',
                     renderer=None)
                 def gist_show(self):
                     gist_id = self.request.matchdict['gist_id']
                     # TODO(marcink): expose those via matching dict
                     revision = self.request.matchdict.get('revision', 'tip')
                     f_path = self.request.matchdict.get('f_path', None)
                     return_format = self.request.matchdict.get('format')
                     c = self.load_default_context()
                     c.gist = self._get_gist(gist_id)
                     c.render = not self.request.GET.get('no-render', False)
                     try:
                         c.file_last_commit, c.files = GistModel().get_gist_files(
                             gist_id, revision=revision)
                     except VCSError:
                         log.exception("Exception in gist show")
                         raise HTTPNotFound()
                     if return_format == 'raw':
                         content = '\n\n'.join([f.content for f in c.files
                                                if (f_path is None or f.path == f_path)])
                         response = Response(content)
                         response.content_type = 'text/plain'
                         return response
                     return self._get_template_context(c)
                 @LoginRequired()
                 @NotAnonymous()
                 @view_config(
                     route_name='gist_edit', request_method='GET',
                     renderer='rhodecode:templates/admin/gists/edit.mako')
                 def gist_edit(self):
                     _ = self.request.translate
                     gist_id = self.request.matchdict['gist_id']
                     c = self.load_default_context()
                     c.gist = self._get_gist(gist_id)
                     owner = c.gist.gist_owner == self._rhodecode_user.user_id
                     if not (h.HasPermissionAny('hg.admin')() or owner):
                         raise HTTPNotFound()
                     try:
                         c.file_last_commit, c.files = GistModel().get_gist_files(gist_id)
                     except VCSError:
                         log.exception("Exception in gist edit")
                         raise HTTPNotFound()
                     if c.gist.gist_expires == -1:
                         expiry = _('never')
                     else:
                         # this cannot use timeago, since it's used in select2 as a value
                         expiry = h.age(h.time_to_datetime(c.gist.gist_expires))
                     c.lifetime_values.append(
                         (0, _('%(expiry)s - current value') % {'expiry': _(expiry)})
                     )
                     return self._get_template_context(c)
                 @LoginRequired()
                 @NotAnonymous()
                 @CSRFRequired()
                 @view_config(
                     route_name='gist_update', request_method='POST',
                     renderer='rhodecode:templates/admin/gists/edit.mako')
                 def gist_update(self):
                     _ = self.request.translate
                     gist_id = self.request.matchdict['gist_id']
                     c = self.load_default_context()
                     c.gist = self._get_gist(gist_id)
                     owner = c.gist.gist_owner == self._rhodecode_user.user_id
                     if not (h.HasPermissionAny('hg.admin')() or owner):
                         raise HTTPNotFound()
                     data = peppercorn.parse(self.request.POST.items())
                     schema = gist_schema.GistSchema()
                     schema = schema.bind(
                         # '0' is special value to leave lifetime untouched
                         lifetime_options=[x[0] for x in c.lifetime_values] + [0],
                     )
                     try:
                         schema_data = schema.deserialize(data)
                         # convert to safer format with just KEYs so we sure no duplicates
                         schema_data['nodes'] = gist_schema.sequence_to_nodes(
                             schema_data['nodes'])
                         GistModel().update(
                             gist=c.gist,
                             description=schema_data['description'],
                             owner=c.gist.owner,
                             gist_mapping=schema_data['nodes'],
                             lifetime=schema_data['lifetime'],
                             gist_acl_level=schema_data['gist_acl_level']
                         )
                         Session().commit()
                         h.flash(_('Successfully updated gist content'), category='success')
                     except NodeNotChangedError:
                         # raised if nothing was changed in repo itself. We anyway then
                         # store only DB stuff for gist
                         Session().commit()
                         h.flash(_('Successfully updated gist data'), category='success')
                     except validation_schema.Invalid as errors:
                         errors = h.escape(errors.asdict())
                         h.flash(_('Error occurred during update of gist {}: {}').format(
                             gist_id, errors), category='error')
                     except Exception:
                         log.exception("Exception in gist edit")
                         h.flash(_('Error occurred during update of gist %s') % gist_id,
                                 category='error')
                     raise HTTPFound(h.route_url('gist_show', gist_id=gist_id))
                 @LoginRequired()
                 @NotAnonymous()
                 @view_config(
                     route_name='gist_edit_check_revision', request_method='GET',
                     renderer='json_ext')
                 def gist_edit_check_revision(self):
                     _ = self.request.translate
                     gist_id = self.request.matchdict['gist_id']
                     c = self.load_default_context()
                     c.gist = self._get_gist(gist_id)
                     last_rev = c.gist.scm_instance().get_commit()
                     success = True
                     revision = self.request.GET.get('revision')
                     if revision != last_rev.raw_id:
                         log.error('Last revision %s is different then submitted %s'
                                   % (revision, last_rev))
                         # our gist has newer version than we
                         success = False
                     return {'success': success}

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages