Show More
@@ -89,7 +89,7 b' from rhodecode.lib.vcs.backends.base imp' | |||
|
89 | 89 | from rhodecode.lib.index.search_utils import get_matching_line_offsets |
|
90 | 90 | from rhodecode.config.conf import DATE_FORMAT, DATETIME_FORMAT |
|
91 | 91 | from rhodecode.model.changeset_status import ChangesetStatusModel |
|
92 | from rhodecode.model.db import Permission, User, Repository | |
|
92 | from rhodecode.model.db import Permission, User, Repository, UserApiKeys | |
|
93 | 93 | from rhodecode.model.repo_group import RepoGroupModel |
|
94 | 94 | from rhodecode.model.settings import IssueTrackerSettingsModel |
|
95 | 95 |
@@ -1133,14 +1133,16 b' class UserApiKeys(Base, BaseModel):' | |||
|
1133 | 1133 | |
|
1134 | 1134 | # ApiKey role |
|
1135 | 1135 | ROLE_ALL = 'token_role_all' |
|
1136 | ROLE_HTTP = 'token_role_http' | |
|
1137 | 1136 | ROLE_VCS = 'token_role_vcs' |
|
1138 | 1137 | ROLE_API = 'token_role_api' |
|
1138 | ROLE_HTTP = 'token_role_http' | |
|
1139 | 1139 | ROLE_FEED = 'token_role_feed' |
|
1140 | 1140 | ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download' |
|
1141 | # The last one is ignored in the list as we only | |
|
1142 | # use it for one action, and cannot be created by users | |
|
1141 | 1143 | ROLE_PASSWORD_RESET = 'token_password_reset' |
|
1142 | 1144 | |
|
1143 |
ROLES = [ROLE_ALL, |
|
|
1145 | ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD] | |
|
1144 | 1146 | |
|
1145 | 1147 | user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1146 | 1148 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) |
@@ -1205,6 +1207,22 b' class UserApiKeys(Base, BaseModel):' | |||
|
1205 | 1207 | cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'), |
|
1206 | 1208 | }.get(role, role) |
|
1207 | 1209 | |
|
1210 | @classmethod | |
|
1211 | def _get_role_description(cls, role): | |
|
1212 | return { | |
|
1213 | cls.ROLE_ALL: _('Token for all actions.'), | |
|
1214 | cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without ' | |
|
1215 | 'login using `api_access_controllers_whitelist` functionality.'), | |
|
1216 | cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. ' | |
|
1217 | 'Requires auth_token authentication plugin to be active. <br/>' | |
|
1218 | 'Such Token should be used then instead of a password to ' | |
|
1219 | 'interact with a repository, and additionally can be ' | |
|
1220 | 'limited to single repository using repo scope.'), | |
|
1221 | cls.ROLE_API: _('Token limited to api calls.'), | |
|
1222 | cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'), | |
|
1223 | cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'), | |
|
1224 | }.get(role, role) | |
|
1225 | ||
|
1208 | 1226 | @property |
|
1209 | 1227 | def role_humanized(self): |
|
1210 | 1228 | return self._get_role_name(self.role) |
@@ -11,9 +11,15 b'' | |||
|
11 | 11 | <div class="panel-body"> |
|
12 | 12 | <div class="apikeys_wrap"> |
|
13 | 13 | <p> |
|
14 | ${_('Authentication tokens can be used to interact with the API, or VCS-over-http. ' | |
|
15 | 'Each token can have a role. Token with a role can be used only in given context, ' | |
|
16 | 'e.g. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations only.')} | |
|
14 | ${_('Available roles')}: | |
|
15 | <ul> | |
|
16 | % for role in h.UserApiKeys.ROLES: | |
|
17 | <li> | |
|
18 | <span class="tag disabled">${h.UserApiKeys._get_role_name(role)}</span> | |
|
19 | <span>${h.UserApiKeys._get_role_description(role) |n}</span> | |
|
20 | </li> | |
|
21 | % endfor | |
|
22 | </ul> | |
|
17 | 23 | </p> |
|
18 | 24 | <table class="rctable auth_tokens"> |
|
19 | 25 | <tr> |
@@ -36,7 +42,7 b'' | |||
|
36 | 42 | </td> |
|
37 | 43 | <td class="td-wrap">${auth_token.description}</td> |
|
38 | 44 | <td class="td-tags"> |
|
39 | <span class="tag disabled">${auth_token.role_humanized}</span> | |
|
45 | <span class="tooltip tag disabled" title="${h.UserApiKeys._get_role_description(auth_token.role)}">${auth_token.role_humanized}</span> | |
|
40 | 46 | </td> |
|
41 | 47 | <td class="td">${auth_token.scope_humanized}</td> |
|
42 | 48 | <td class="td-exp"> |
@@ -16,9 +16,15 b'' | |||
|
16 | 16 | <div class="panel-body"> |
|
17 | 17 | <div class="apikeys_wrap"> |
|
18 | 18 | <p> |
|
19 | ${_('Authentication tokens can be used to interact with the API, or VCS-over-http. ' | |
|
20 | 'Each token can have a role. Token with a role can be used only in given context, ' | |
|
21 | 'e.g. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations only.')} | |
|
19 | ${_('Available roles')}: | |
|
20 | <ul> | |
|
21 | % for role in h.UserApiKeys.ROLES: | |
|
22 | <li> | |
|
23 | <span class="tag disabled">${h.UserApiKeys._get_role_name(role)}</span> | |
|
24 | <span>${h.UserApiKeys._get_role_description(role) |n}</span> | |
|
25 | </li> | |
|
26 | % endfor | |
|
27 | </ul> | |
|
22 | 28 | </p> |
|
23 | 29 | <table class="rctable auth_tokens"> |
|
24 | 30 | <tr> |
@@ -41,7 +47,7 b'' | |||
|
41 | 47 | </td> |
|
42 | 48 | <td class="td-wrap">${auth_token.description}</td> |
|
43 | 49 | <td class="td-tags"> |
|
44 | <span class="tag disabled">${auth_token.role_humanized}</span> | |
|
50 | <span class="tooltip tag disabled" title="${h.UserApiKeys._get_role_description(auth_token.role)}">${auth_token.role_humanized}</span> | |
|
45 | 51 | </td> |
|
46 | 52 | <td class="td">${auth_token.scope_humanized}</td> |
|
47 | 53 | <td class="td-exp"> |
General Comments 0
You need to be logged in to leave comments.
Login now