##// END OF EJS Templates
auth-tokens: add scope and show consitent token UI for my account and admin.
marcink -
r1480:a9c54e36 default
parent child Browse files
Show More
@@ -53,7 +53,8 b' class AuthTokenModel(BaseModel):'
53 new_auth_token.user_id = user.user_id
53 new_auth_token.user_id = user.user_id
54 new_auth_token.description = description
54 new_auth_token.description = description
55 new_auth_token.role = role
55 new_auth_token.role = role
56 new_auth_token.expires = time.time() + (lifetime * 60) if lifetime != -1 else -1
56 new_auth_token.expires = time.time() + (lifetime * 60) \
57 if lifetime != -1 else -1
57 Session().add(new_auth_token)
58 Session().add(new_auth_token)
58
59
59 return new_auth_token
60 return new_auth_token
@@ -974,6 +974,17 b' class UserApiKeys(Base, BaseModel):'
974 def role_humanized(self):
974 def role_humanized(self):
975 return self._get_role_name(self.role)
975 return self._get_role_name(self.role)
976
976
977 def _get_scope(self):
978 if self.repo:
979 return repr(self.repo)
980 if self.repo_group:
981 return repr(self.repo_group) + ' (recursive)'
982 return 'global'
983
984 @property
985 def scope_humanized(self):
986 return self._get_scope()
987
977
988
978 class UserEmailMap(Base, BaseModel):
989 class UserEmailMap(Base, BaseModel):
979 __tablename__ = 'user_email_map'
990 __tablename__ = 'user_email_map'
@@ -1038,6 +1049,7 b' class UserIpMap(Base, BaseModel):'
1038 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1049 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1039 self.user_id, self.ip_addr)
1050 self.user_id, self.ip_addr)
1040
1051
1052
1041 class UserLog(Base, BaseModel):
1053 class UserLog(Base, BaseModel):
1042 __tablename__ = 'user_logs'
1054 __tablename__ = 'user_logs'
1043 __table_args__ = (
1055 __table_args__ = (
@@ -4,25 +4,40 b''
4 </div>
4 </div>
5 <div class="panel-body">
5 <div class="panel-body">
6 <p>
6 <p>
7 ${_('Each token can have a role. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations.')}
7 ${_('Each token can have a role. Token with a role can be used only in given context, '
8 'e.g. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations only.')}
9 ${_('Additionally scope for VCS type token can narrow the use to chosen repository.')}
8 </p>
10 </p>
9 <table class="rctable auth_tokens">
11 <table class="rctable auth_tokens">
10 %if c.user_auth_tokens:
12 %if c.user_auth_tokens:
13 <tr>
14 <th>${_('Token')}</th>
15 <th>${_('Scope')}</th>
16 <th>${_('Description')}</th>
17 <th>${_('Role')}</th>
18 <th>${_('Expiration')}</th>
19 <th>${_('Action')}</th>
20 </tr>
11 %for auth_token in c.user_auth_tokens:
21 %for auth_token in c.user_auth_tokens:
12 <tr class="${'expired' if auth_token.expired else ''}">
22 <tr class="${'expired' if auth_token.expired else ''}">
13 <td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${auth_token.api_key}</code></div></td>
23 <td class="truncate-wrap td-authtoken">
24 <div class="user_auth_tokens truncate autoexpand">
25 <code>${auth_token.api_key}</code>
26 </div>
27 </td>
28 <td class="td">${auth_token.scope_humanized}</td>
14 <td class="td-wrap">${auth_token.description}</td>
29 <td class="td-wrap">${auth_token.description}</td>
15 <td class="td-tags">
30 <td class="td-tags">
16 <span class="tag disabled">${auth_token.role_humanized}</span>
31 <span class="tag disabled">${auth_token.role_humanized}</span>
17 </td>
32 </td>
18 <td class="td-exp">
33 <td class="td-exp">
19 %if auth_token.expires == -1:
34 %if auth_token.expires == -1:
20 ${_('expires')}: ${_('never')}
35 ${_('never')}
21 %else:
36 %else:
22 %if auth_token.expired:
37 %if auth_token.expired:
23 ${_('expired')}: ${h.age_component(h.time_to_utcdatetime(auth_token.expires))}
38 <span style="text-decoration: line-through">${h.age_component(h.time_to_utcdatetime(auth_token.expires))}</span>
24 %else:
39 %else:
25 ${_('expires')}: ${h.age_component(h.time_to_utcdatetime(auth_token.expires))}
40 ${h.age_component(h.time_to_utcdatetime(auth_token.expires))}
26 %endif
41 %endif
27 %endif
42 %endif
28 </td>
43 </td>
@@ -4,23 +4,37 b''
4 </div>
4 </div>
5 <div class="panel-body">
5 <div class="panel-body">
6 <div class="apikeys_wrap">
6 <div class="apikeys_wrap">
7 <p>
8 ${_('Each token can have a role. Token with a role can be used only in given context, '
9 'e.g. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations only.')}
10 ${_('Additionally scope for VCS type token can narrow the use to chosen repository.')}
11 </p>
7 <table class="rctable auth_tokens">
12 <table class="rctable auth_tokens">
13 <tr>
14 <th>${_('Token')}</th>
15 <th>${_('Scope')}</th>
16 <th>${_('Description')}</th>
17 <th>${_('Role')}</th>
18 <th>${_('Expiration')}</th>
19 <th>${_('Action')}</th>
20 </tr>
8 %if c.user_auth_tokens:
21 %if c.user_auth_tokens:
9 %for auth_token in c.user_auth_tokens:
22 %for auth_token in c.user_auth_tokens:
10 <tr class="${'expired' if auth_token.expired else ''}">
23 <tr class="${'expired' if auth_token.expired else ''}">
11 <td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${auth_token.api_key}</code></div></td>
24 <td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${auth_token.api_key}</code></div></td>
25 <td class="td">${auth_token.scope_humanized}</td>
12 <td class="td-wrap">${auth_token.description}</td>
26 <td class="td-wrap">${auth_token.description}</td>
13 <td class="td-tags">
27 <td class="td-tags">
14 <span class="tag">${auth_token.role_humanized}</span>
28 <span class="tag">${auth_token.role_humanized}</span>
15 </td>
29 </td>
16 <td class="td-exp">
30 <td class="td-exp">
17 %if auth_token.expires == -1:
31 %if auth_token.expires == -1:
18 ${_('expires')}: ${_('never')}
32 ${_('never')}
19 %else:
33 %else:
20 %if auth_token.expired:
34 %if auth_token.expired:
21 ${_('expired')}: ${h.age_component(h.time_to_utcdatetime(auth_token.expires))}
35 <span style="text-decoration: line-through">${h.age_component(h.time_to_utcdatetime(auth_token.expires))}</span>
22 %else:
36 %else:
23 ${_('expires')}: ${h.age_component(h.time_to_utcdatetime(auth_token.expires))}
37 ${h.age_component(h.time_to_utcdatetime(auth_token.expires))}
24 %endif
38 %endif
25 %endif
39 %endif
26 </td>
40 </td>
@@ -48,7 +62,7 b''
48 <div class="fields">
62 <div class="fields">
49 <div class="field">
63 <div class="field">
50 <div class="label">
64 <div class="label">
51 <label for="new_email">${_('New auth token')}:</label>
65 <label for="new_email">${_('New authentication token')}:</label>
52 </div>
66 </div>
53 <div class="input">
67 <div class="input">
54 ${h.text('description', class_='medium', placeholder=_('Description'))}
68 ${h.text('description', class_='medium', placeholder=_('Description'))}
General Comments 0
You need to be logged in to leave comments. Login now