rhodecode-enterprise-ce Commit - r2042:e367c94a

ssh-keys: added admin panel for managing globally all SSH Keys....

marcink -

r2042:e367c94a default

parent child

rhodecode/templates/admin/permissions/permissions_ssh_keys.mako

0 created 644 +91 0

@@ -0,0 +1,91 b''
	1
	2	<div class="panel panel-default">
	3	<div class="panel-heading">
	4	<h3 class="panel-title">${_('SSH Keys')} - <span id="ssh_keys_count"></span></h3>
	5
	6	${h.secure_form(h.route_path('admin_permissions_ssh_keys_update'), method='POST', request=request)}
	7	<button class="btn btn-link pull-right" type="submit">${_('Update SSH keys file')}</button>
	8	${h.end_form()}
	9	</div>
	10	<div class="panel-body">
	11	<input class="q_filter_box" id="q_filter" size="15" type="text" name="filter" placeholder="${_('quick filter...')}" value=""/>
	12
	13	<div id="repos_list_wrap">
	14	<table id="ssh_keys_table" class="display"></table>
	15	</div>
	16	</div>
	17	</div>
	18
	19
	20	<script type="text/javascript">
	21
	22	$(document).ready(function() {
	23	var $sshKeyListTable = $('#ssh_keys_table');
	24
	25	var getDatatableCount = function(){
	26	var table = $sshKeyListTable.dataTable();
	27	var page = table.api().page.info();
	28	var active = page.recordsDisplay;
	29	var total = page.recordsTotal;
	30
	31	var _text = _gettext("{0} out of {1} ssh keys").format(active, total);
	32	$('#ssh_keys_count').text(_text);
	33	};
	34
	35	// user list
	36	$sshKeyListTable.DataTable({
	37	processing: true,
	38	serverSide: true,
	39	ajax: "${h.route_path('admin_permissions_ssh_keys_data')}",
	40	dom: 'rtp',
	41	pageLength: ${c.visual.admin_grid_items},
	42	order: [[ 0, "asc" ]],
	43	columns: [
	44	{ data: {"_": "username",
	45	"sort": "username"}, title: "${_('Username')}", className: "td-user" },
	46	{ data: {"_": "fingerprint",
	47	"sort": "fingerprint"}, title: "${_('Fingerprint')}", className: "td-type" },
	48	{ data: {"_": "description",
	49	"sort": "description"}, title: "${_('Description')}", className: "td-type" },
	50	{ data: {"_": "created_on",
	51	"sort": "created_on"}, title: "${_('Created on')}", className: "td-time" },
	52	{ data: {"_": "action",
	53	"sort": "action"}, title: "${_('Action')}", className: "td-action", orderable: false }
	54	],
	55	language: {
	56	paginate: DEFAULT_GRID_PAGINATION,
	57	sProcessing: _gettext('loading...'),
	58	emptyTable: _gettext("No ssh keys available yet.")
	59	},
	60
	61	"createdRow": function ( row, data, index ) {
	62	if (!data['active_raw']){
	63	$(row).addClass('closed')
	64	}
	65	}
	66	});
	67
	68	$sshKeyListTable.on('xhr.dt', function(e, settings, json, xhr){
	69	$sshKeyListTable.css('opacity', 1);
	70	});
	71
	72	$sshKeyListTable.on('preXhr.dt', function(e, settings, data){
	73	$sshKeyListTable.css('opacity', 0.3);
	74	});
	75
	76	// refresh counters on draw
	77	$sshKeyListTable.on('draw.dt', function(){
	78	getDatatableCount();
	79	});
	80
	81	// filter
	82	$('#q_filter').on('keyup',
	83	$.debounce(250, function() {
	84	$sshKeyListTable.DataTable().search(
	85	$('#q_filter').val()
	86	).draw();
	87	})
	88	);
	89
	90	});
	91	</script>

rhodecode/apps/admin/__init__.py

0 +10 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             from rhodecode.apps.admin.navigation import NavigationRegistry
             from rhodecode.config.routing import ADMIN_PREFIX
             from rhodecode.lib.utils2 import str2bool
             def admin_routes(config):
                 """
                 Admin prefixed routes
                 """
                 config.add_route(
                     name='admin_audit_logs',
                     pattern='/audit_logs')
                 config.add_route(
                     name='pull_requests_global_0',  # backward compat
                     pattern='/pull_requests/{pull_request_id:\d+}')
                 config.add_route(
                     name='pull_requests_global_1',  # backward compat
                     pattern='/pull-requests/{pull_request_id:\d+}')
                 config.add_route(
                     name='pull_requests_global',
                     pattern='/pull-request/{pull_request_id:\d+}')
                 config.add_route(
                     name='admin_settings_open_source',
                     pattern='/settings/open_source')
                 config.add_route(
                     name='admin_settings_vcs_svn_generate_cfg',
                     pattern='/settings/vcs/svn_generate_cfg')
                 config.add_route(
                     name='admin_settings_system',
                     pattern='/settings/system')
                 config.add_route(
                     name='admin_settings_system_update',
                     pattern='/settings/system/updates')
                 config.add_route(
                     name='admin_settings_sessions',
                     pattern='/settings/sessions')
                 config.add_route(
                     name='admin_settings_sessions_cleanup',
                     pattern='/settings/sessions/cleanup')
                 config.add_route(
                     name='admin_settings_process_management',
                     pattern='/settings/process_management')
                 config.add_route(
                     name='admin_settings_process_management_signal',
                     pattern='/settings/process_management/signal')
                 # global permissions
                 config.add_route(
                     name='admin_permissions_application',
                     pattern='/permissions/application')
                 config.add_route(
                     name='admin_permissions_application_update',
                     pattern='/permissions/application/update')
                 config.add_route(
                     name='admin_permissions_global',
                     pattern='/permissions/global')
                 config.add_route(
                     name='admin_permissions_global_update',
                     pattern='/permissions/global/update')
                 config.add_route(
                     name='admin_permissions_object',
                     pattern='/permissions/object')
                 config.add_route(
                     name='admin_permissions_object_update',
                     pattern='/permissions/object/update')
                 config.add_route(
                     name='admin_permissions_ips',
                     pattern='/permissions/ips')
                 config.add_route(
                     name='admin_permissions_overview',
                     pattern='/permissions/overview')
                 config.add_route(
                     name='admin_permissions_auth_token_access',
                     pattern='/permissions/auth_token_access')
+                config.add_route(
+                    name='admin_permissions_ssh_keys',
+                    pattern='/permissions/ssh_keys')
+                config.add_route(
+                    name='admin_permissions_ssh_keys_data',
+                    pattern='/permissions/ssh_keys/data')
+                config.add_route(
+                    name='admin_permissions_ssh_keys_update',
+                    pattern='/permissions/ssh_keys/update')
                 # users admin
                 config.add_route(
                     name='users',
                     pattern='/users')
                 config.add_route(
                     name='users_data',
                     pattern='/users_data')
                 # user auth tokens
                 config.add_route(
                     name='edit_user_auth_tokens',
                     pattern='/users/{user_id:\d+}/edit/auth_tokens')
                 config.add_route(
                     name='edit_user_auth_tokens_add',
                     pattern='/users/{user_id:\d+}/edit/auth_tokens/new')
                 config.add_route(
                     name='edit_user_auth_tokens_delete',
                     pattern='/users/{user_id:\d+}/edit/auth_tokens/delete')
                 # user ssh keys
                 config.add_route(
                     name='edit_user_ssh_keys',
                     pattern='/users/{user_id:\d+}/edit/ssh_keys')
                 config.add_route(
                     name='edit_user_ssh_keys_generate_keypair',
                     pattern='/users/{user_id:\d+}/edit/ssh_keys/generate')
                 config.add_route(
                     name='edit_user_ssh_keys_add',
                     pattern='/users/{user_id:\d+}/edit/ssh_keys/new')
                 config.add_route(
                     name='edit_user_ssh_keys_delete',
                     pattern='/users/{user_id:\d+}/edit/ssh_keys/delete')
                 # user emails
                 config.add_route(
                     name='edit_user_emails',
                     pattern='/users/{user_id:\d+}/edit/emails')
                 config.add_route(
                     name='edit_user_emails_add',
                     pattern='/users/{user_id:\d+}/edit/emails/new')
                 config.add_route(
                     name='edit_user_emails_delete',
                     pattern='/users/{user_id:\d+}/edit/emails/delete')
                 # user IPs
                 config.add_route(
                     name='edit_user_ips',
                     pattern='/users/{user_id:\d+}/edit/ips')
                 config.add_route(
                     name='edit_user_ips_add',
                     pattern='/users/{user_id:\d+}/edit/ips/new')
                 config.add_route(
                     name='edit_user_ips_delete',
                     pattern='/users/{user_id:\d+}/edit/ips/delete')
                 # user perms
                 config.add_route(
                     name='edit_user_perms_summary',
                     pattern='/users/{user_id:\d+}/edit/permissions_summary')
                 config.add_route(
                     name='edit_user_perms_summary_json',
                     pattern='/users/{user_id:\d+}/edit/permissions_summary/json')
                 # user groups management
                 config.add_route(
                     name='edit_user_groups_management',
                     pattern='/users/{user_id:\d+}/edit/groups_management')
                 config.add_route(
                     name='edit_user_groups_management_updates',
                     pattern='/users/{user_id:\d+}/edit/edit_user_groups_management/updates')
                 # user audit logs
                 config.add_route(
                     name='edit_user_audit_logs',
                     pattern='/users/{user_id:\d+}/edit/audit')
                 # user groups admin
                 config.add_route(
                     name='user_groups',
                     pattern='/user_groups')
                 config.add_route(
                     name='user_groups_data',
                     pattern='/user_groups_data')
                 config.add_route(
                     name='user_group_members_data',
                     pattern='/user_groups/{user_group_id:\d+}/members')
                 # user groups perms
                 config.add_route(
                     name='edit_user_group_perms_summary',
                     pattern='/user_groups/{user_group_id:\d+}/edit/permissions_summary')
                 config.add_route(
                     name='edit_user_group_perms_summary_json',
                     pattern='/user_groups/{user_group_id:\d+}/edit/permissions_summary/json')
                 # repos admin
                 config.add_route(
                     name='repos',
                     pattern='/repos')
                 config.add_route(
                     name='repo_new',
                     pattern='/repos/new')
                 config.add_route(
                     name='repo_create',
                     pattern='/repos/create')
             def includeme(config):
                 settings = config.get_settings()
                 # Create admin navigation registry and add it to the pyramid registry.
                 labs_active = str2bool(settings.get('labs_settings_active', False))
                 navigation_registry = NavigationRegistry(labs_active=labs_active)
                 config.registry.registerUtility(navigation_registry)
                 # main admin routes
                 config.add_route(name='admin_home', pattern=ADMIN_PREFIX)
                 config.include(admin_routes, route_prefix=ADMIN_PREFIX)
                 # Scan module for configuration decorators.
                 config.scan('.views', ignore='.tests')

rhodecode/apps/admin/tests/test_admin_permissions.py

0 +37 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.model.db import User, UserIpMap
+            from rhodecode.model.meta import Session
             from rhodecode.model.permission import PermissionModel
+            from rhodecode.model.ssh_key import SshKeyModel
             from rhodecode.tests import (
                 TestController, clear_all_caches, assert_session_flash)
             def route_path(name, params=None, **kwargs):
                 import urllib
                 from rhodecode.apps._base import ADMIN_PREFIX
                 base_url = {
                     'edit_user_ips':
                         ADMIN_PREFIX + '/users/{user_id}/edit/ips',
                     'edit_user_ips_add':
                         ADMIN_PREFIX + '/users/{user_id}/edit/ips/new',
                     'edit_user_ips_delete':
                         ADMIN_PREFIX + '/users/{user_id}/edit/ips/delete',
                     'admin_permissions_application':
                         ADMIN_PREFIX + '/permissions/application',
                     'admin_permissions_application_update':
                         ADMIN_PREFIX + '/permissions/application/update',
                     'admin_permissions_global':
                         ADMIN_PREFIX + '/permissions/global',
                     'admin_permissions_global_update':
                         ADMIN_PREFIX + '/permissions/global/update',
                     'admin_permissions_object':
                         ADMIN_PREFIX + '/permissions/object',
                     'admin_permissions_object_update':
                         ADMIN_PREFIX + '/permissions/object/update',
                     'admin_permissions_ips':
                         ADMIN_PREFIX + '/permissions/ips',
                     'admin_permissions_overview':
-                        ADMIN_PREFIX + '/permissions/overview'
+                        ADMIN_PREFIX + '/permissions/overview',
+                    'admin_permissions_ssh_keys':
+                        ADMIN_PREFIX + '/permissions/ssh_keys',
+                    'admin_permissions_ssh_keys_data':
+                        ADMIN_PREFIX + '/permissions/ssh_keys/data',
+                    'admin_permissions_ssh_keys_update':
+                        ADMIN_PREFIX + '/permissions/ssh_keys/update'
                 }[name].format(**kwargs)
                 if params:
                     base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
                 return base_url
             class TestAdminPermissionsController(TestController):
                 @pytest.fixture(scope='class', autouse=True)
                 def prepare(self, request):
                     # cleanup and reset to default permissions after
                     @request.addfinalizer
                     def cleanup():
                         PermissionModel().create_default_user_permissions(
                             User.get_default_user(), force=True)
                 def test_index_application(self):
                     self.log_user()
                     self.app.get(route_path('admin_permissions_application'))
                 @pytest.mark.parametrize(
                     'anonymous, default_register, default_register_message, default_password_reset,'
                     'default_extern_activate, expect_error, expect_form_error', [
                         (True, 'hg.register.none', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual',
                          False, False),
                         (True, 'hg.register.manual_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.auto',
                          False, False),
                         (True, 'hg.register.auto_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual',
                          False, False),
                         (True, 'hg.register.auto_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual',
                          False, False),
                         (True, 'hg.register.XXX', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual',
                          False, True),
                         (True, '', '', 'hg.password_reset.enabled', '', True, False),
                     ])
                 def test_update_application_permissions(
                         self, anonymous, default_register, default_register_message, default_password_reset,
                         default_extern_activate, expect_error, expect_form_error):
                     self.log_user()
                     # TODO: anonymous access set here to False, breaks some other tests
                     params = {
                         'csrf_token': self.csrf_token,
                         'anonymous': anonymous,
                         'default_register': default_register,
                         'default_register_message': default_register_message,
                         'default_password_reset': default_password_reset,
                         'default_extern_activate': default_extern_activate,
                     }
                     response = self.app.post(route_path('admin_permissions_application_update'),
                                              params=params)
                     if expect_form_error:
                         assert response.status_int == 200
                         response.mustcontain('Value must be one of')
                     else:
                         if expect_error:
                             msg = 'Error occurred during update of permissions'
                         else:
                             msg = 'Application permissions updated successfully'
                         assert_session_flash(response, msg)
                 def test_index_object(self):
                     self.log_user()
                     self.app.get(route_path('admin_permissions_object'))
                 @pytest.mark.parametrize(
                     'repo, repo_group, user_group, expect_error, expect_form_error', [
                         ('repository.none', 'group.none', 'usergroup.none', False, False),
                         ('repository.read', 'group.read', 'usergroup.read', False, False),
                         ('repository.write', 'group.write', 'usergroup.write',
                          False, False),
                         ('repository.admin', 'group.admin', 'usergroup.admin',
                          False, False),
                         ('repository.XXX', 'group.admin', 'usergroup.admin', False, True),
                         ('', '', '', True, False),
                     ])
                 def test_update_object_permissions(self, repo, repo_group, user_group,
                                                    expect_error, expect_form_error):
                     self.log_user()
                     params = {
                         'csrf_token': self.csrf_token,
                         'default_repo_perm': repo,
                         'overwrite_default_repo': False,
                         'default_group_perm': repo_group,
                         'overwrite_default_group': False,
                         'default_user_group_perm': user_group,
                         'overwrite_default_user_group': False,
                     }
                     response = self.app.post(route_path('admin_permissions_object_update'),
                                              params=params)
                     if expect_form_error:
                         assert response.status_int == 200
                         response.mustcontain('Value must be one of')
                     else:
                         if expect_error:
                             msg = 'Error occurred during update of permissions'
                         else:
                             msg = 'Object permissions updated successfully'
                         assert_session_flash(response, msg)
                 def test_index_global(self):
                     self.log_user()
                     self.app.get(route_path('admin_permissions_global'))
                 @pytest.mark.parametrize(
                     'repo_create, repo_create_write, user_group_create, repo_group_create,'
                     'fork_create, inherit_default_permissions, expect_error,'
                     'expect_form_error', [
                         ('hg.create.none', 'hg.create.write_on_repogroup.false',
                          'hg.usergroup.create.false', 'hg.repogroup.create.false',
                          'hg.fork.none', 'hg.inherit_default_perms.false', False, False),
                         ('hg.create.repository', 'hg.create.write_on_repogroup.true',
                          'hg.usergroup.create.true', 'hg.repogroup.create.true',
                          'hg.fork.repository', 'hg.inherit_default_perms.false',
                          False, False),
                         ('hg.create.XXX', 'hg.create.write_on_repogroup.true',
                          'hg.usergroup.create.true', 'hg.repogroup.create.true',
                          'hg.fork.repository', 'hg.inherit_default_perms.false',
                          False, True),
                         ('', '', '', '', '', '', True, False),
                     ])
                 def test_update_global_permissions(
                         self, repo_create, repo_create_write, user_group_create,
                         repo_group_create, fork_create, inherit_default_permissions,
                         expect_error, expect_form_error):
                     self.log_user()
                     params = {
                         'csrf_token': self.csrf_token,
                         'default_repo_create': repo_create,
                         'default_repo_create_on_write': repo_create_write,
                         'default_user_group_create': user_group_create,
                         'default_repo_group_create': repo_group_create,
                         'default_fork_create': fork_create,
                         'default_inherit_default_permissions': inherit_default_permissions
                     }
                     response = self.app.post(route_path('admin_permissions_global_update'),
                                              params=params)
                     if expect_form_error:
                         assert response.status_int == 200
                         response.mustcontain('Value must be one of')
                     else:
                         if expect_error:
                             msg = 'Error occurred during update of permissions'
                         else:
                             msg = 'Global permissions updated successfully'
                         assert_session_flash(response, msg)
                 def test_index_ips(self):
                     self.log_user()
                     response = self.app.get(route_path('admin_permissions_ips'))
                     # TODO: Test response...
                     response.mustcontain('All IP addresses are allowed')
                 def test_add_delete_ips(self):
                     self.log_user()
                     clear_all_caches()
                     # ADD
                     default_user_id = User.get_default_user().user_id
                     self.app.post(
                         route_path('edit_user_ips_add', user_id=default_user_id),
                         params={'new_ip': '127.0.0.0/24', 'csrf_token': self.csrf_token})
                     response = self.app.get(route_path('admin_permissions_ips'))
                     response.mustcontain('127.0.0.0/24')
                     response.mustcontain('127.0.0.0 - 127.0.0.255')
                     # DELETE
                     default_user_id = User.get_default_user().user_id
                     del_ip_id = UserIpMap.query().filter(UserIpMap.user_id ==
                                                          default_user_id).first().ip_id
                     response = self.app.post(
                         route_path('edit_user_ips_delete', user_id=default_user_id),
                         params={'del_ip_id': del_ip_id, 'csrf_token': self.csrf_token})
                     assert_session_flash(response, 'Removed ip address from user whitelist')
                     clear_all_caches()
                     response = self.app.get(route_path('admin_permissions_ips'))
                     response.mustcontain('All IP addresses are allowed')
                     response.mustcontain(no=['127.0.0.0/24'])
                     response.mustcontain(no=['127.0.0.0 - 127.0.0.255'])
                 def test_index_overview(self):
                     self.log_user()
                     self.app.get(route_path('admin_permissions_overview'))
+                def test_ssh_keys(self):
+                    self.log_user()
+                    self.app.get(route_path('admin_permissions_ssh_keys'), status=200)
+                def test_ssh_keys_data(self, user_util, xhr_header):
+                    self.log_user()
+                    response = self.app.get(route_path('admin_permissions_ssh_keys_data'),
+                                            extra_environ=xhr_header)
+                    assert response.json == {u'data': [], u'draw': None,
+                                             u'recordsFiltered': 0, u'recordsTotal': 0}
+                    dummy_user = user_util.create_user()
+                    SshKeyModel().create(dummy_user, 'ab:cd:ef', 'KEYKEY', 'test_key')
+                    Session().commit()
+                    response = self.app.get(route_path('admin_permissions_ssh_keys_data'),
+                                            extra_environ=xhr_header)
+                    assert response.json['data'][0]['fingerprint'] == 'ab:cd:ef'
+                def test_ssh_keys_update(self):
+                    self.log_user()
+                    response = self.app.post(
+                        route_path('admin_permissions_ssh_keys_update'),
+                        dict(csrf_token=self.csrf_token), status=302)
+                    assert_session_flash(
+                        response, 'SSH key support is disabled in .ini file')

rhodecode/apps/admin/views/permissions.py

0 +110 -4

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import re
             import logging
             import formencode
+            import datetime
             from pyramid.interfaces import IRoutesMapper
             from pyramid.view import view_config
             from pyramid.httpexceptions import HTTPFound
             from pyramid.renderers import render
             from pyramid.response import Response
-            from rhodecode.apps._base import BaseAppView
+            from rhodecode.apps._base import BaseAppView, DataGridAppView
+            from rhodecode.apps.ssh_support import SshKeyFileChangeEvent
+            from rhodecode.events import trigger
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
-            from rhodecode.lib.utils2 import aslist
+            from rhodecode.lib.utils2 import aslist, safe_unicode
-            from rhodecode.model.db import User, UserIpMap
+            from rhodecode.model.db import or_, joinedload, coalesce, User, UserIpMap, UserSshKeys
             from rhodecode.model.forms import (
                 ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm)
             from rhodecode.model.meta import Session
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.settings import SettingsModel
             log = logging.getLogger(__name__)
-            class AdminPermissionsView(BaseAppView):
+            class AdminPermissionsView(BaseAppView, DataGridAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._register_global_c(c)
                     PermissionModel().set_global_permission_choices(
                         c, gettext_translator=self.request.translate)
                     return c
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_application', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_application(self):
                     c = self.load_default_context()
                     c.active = 'application'
                     c.user = User.get_default_user(refresh=True)
                     app_settings = SettingsModel().get_all_settings()
                     defaults = {
                         'anonymous': c.user.active,
                         'default_register_message': app_settings.get(
                             'rhodecode_register_message')
                     }
                     defaults.update(c.user.get_default_perms())
                     data = render('rhodecode:templates/admin/permissions/permissions.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_application_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_application_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'application'
                     _form = ApplicationPermissionsForm(
                         [x[0] for x in c.register_choices],
                         [x[0] for x in c.password_reset_choices],
                         [x[0] for x in c.extern_activate_choices])()
                     try:
                         form_result = _form.to_python(dict(self.request.POST))
                         form_result.update({'perm_user_name': User.DEFAULT_USER})
                         PermissionModel().update_application_permissions(form_result)
                         settings = [
                             ('register_message', 'default_register_message'),
                         ]
                         for setting, form_key in settings:
                             sett = SettingsModel().create_or_update_setting(
                                 setting, form_result[form_key])
                             Session().add(sett)
                         Session().commit()
                         h.flash(_('Application permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         data = render(
                             'rhodecode:templates/admin/permissions/permissions.mako',
                             self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception during update of permissions")
                         h.flash(_('Error occurred during update of permissions'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_permissions_application'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_object', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_objects(self):
                     c = self.load_default_context()
                     c.active = 'objects'
                     c.user = User.get_default_user(refresh=True)
                     defaults = {}
                     defaults.update(c.user.get_default_perms())
                     data = render(
                         'rhodecode:templates/admin/permissions/permissions.mako',
                         self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_object_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_objects_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'objects'
                     _form = ObjectPermissionsForm(
                         [x[0] for x in c.repo_perms_choices],
                         [x[0] for x in c.group_perms_choices],
                         [x[0] for x in c.user_group_perms_choices])()
                     try:
                         form_result = _form.to_python(dict(self.request.POST))
                         form_result.update({'perm_user_name': User.DEFAULT_USER})
                         PermissionModel().update_object_permissions(form_result)
                         Session().commit()
                         h.flash(_('Object permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         data = render(
                             'rhodecode:templates/admin/permissions/permissions.mako',
                             self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception during update of permissions")
                         h.flash(_('Error occurred during update of permissions'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_permissions_object'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_global', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_global(self):
                     c = self.load_default_context()
                     c.active = 'global'
                     c.user = User.get_default_user(refresh=True)
                     defaults = {}
                     defaults.update(c.user.get_default_perms())
                     data = render(
                         'rhodecode:templates/admin/permissions/permissions.mako',
                         self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='admin_permissions_global_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_global_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'global'
                     _form = UserPermissionsForm(
                         [x[0] for x in c.repo_create_choices],
                         [x[0] for x in c.repo_create_on_write_choices],
                         [x[0] for x in c.repo_group_create_choices],
                         [x[0] for x in c.user_group_create_choices],
                         [x[0] for x in c.fork_choices],
                         [x[0] for x in c.inherit_default_permission_choices])()
                     try:
                         form_result = _form.to_python(dict(self.request.POST))
                         form_result.update({'perm_user_name': User.DEFAULT_USER})
                         PermissionModel().update_user_permissions(form_result)
                         Session().commit()
                         h.flash(_('Global permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         data = render(
                             'rhodecode:templates/admin/permissions/permissions.mako',
                             self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     except Exception:
                         log.exception("Exception during update of permissions")
                         h.flash(_('Error occurred during update of permissions'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_permissions_global'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_ips', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_ips(self):
                     c = self.load_default_context()
                     c.active = 'ips'
                     c.user = User.get_default_user(refresh=True)
                     c.user_ip_map = (
                         UserIpMap.query().filter(UserIpMap.user == c.user).all())
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_overview', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def permissions_overview(self):
                     c = self.load_default_context()
                     c.active = 'perms'
                     c.user = User.get_default_user(refresh=True)
                     c.perm_user = c.user.AuthUser()
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='admin_permissions_auth_token_access', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 def auth_token_access(self):
                     from rhodecode import CONFIG
                     c = self.load_default_context()
                     c.active = 'auth_token_access'
                     c.user = User.get_default_user(refresh=True)
                     c.perm_user = c.user.AuthUser()
                     mapper = self.request.registry.queryUtility(IRoutesMapper)
                     c.view_data = []
                     _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)')
                     introspector = self.request.registry.introspector
                     view_intr = {}
                     for view_data in introspector.get_category('views'):
                         intr = view_data['introspectable']
                         if 'route_name' in intr and intr['attr']:
                             view_intr[intr['route_name']] = '{}:{}'.format(
                                 str(intr['derived_callable'].func_name), intr['attr']
                             )
                     c.whitelist_key = 'api_access_controllers_whitelist'
                     c.whitelist_file = CONFIG.get('__file__')
                     whitelist_views = aslist(
                         CONFIG.get(c.whitelist_key), sep=',')
                     for route_info in mapper.get_routes():
                         if not route_info.name.startswith('__'):
                             routepath = route_info.pattern
                             def replace(matchobj):
                                 if matchobj.group(1):
                                     return "{%s}" % matchobj.group(1).split(':')[0]
                                 else:
                                     return "{%s}" % matchobj.group(2)
                             routepath = _argument_prog.sub(replace, routepath)
                             if not routepath.startswith('/'):
                                 routepath = '/' + routepath
                             view_fqn = view_intr.get(route_info.name, 'NOT AVAILABLE')
                             active = view_fqn in whitelist_views
                             c.view_data.append((route_info.name, view_fqn, routepath, active))
                     c.whitelist_views = whitelist_views
                     return self._get_template_context(c)
+                @LoginRequired()
+                @HasPermissionAllDecorator('hg.admin')
+                @view_config(
+                    route_name='admin_permissions_ssh_keys', request_method='GET',
+                    renderer='rhodecode:templates/admin/permissions/permissions.mako')
+                def ssh_keys(self):
+                    c = self.load_default_context()
+                    c.active = 'ssh_keys'
+                    return self._get_template_context(c)
+                @LoginRequired()
+                @HasPermissionAllDecorator('hg.admin')
+                @view_config(
+                    route_name='admin_permissions_ssh_keys_data', request_method='GET',
+                    renderer='json_ext', xhr=True)
+                def ssh_keys_data(self):
+                    _ = self.request.translate
+                    column_map = {
+                        'fingerprint': 'ssh_key_fingerprint',
+                        'username': User.username
+                    }
+                    draw, start, limit = self._extract_chunk(self.request)
+                    search_q, order_by, order_dir = self._extract_ordering(
+                        self.request, column_map=column_map)
+                    ssh_keys_data_total_count = UserSshKeys.query()\
+                        .count()
+                    # json generate
+                    base_q = UserSshKeys.query().join(UserSshKeys.user)
+                    if search_q:
+                        like_expression = u'%{}%'.format(safe_unicode(search_q))
+                        base_q = base_q.filter(or_(
+                            User.username.ilike(like_expression),
+                            UserSshKeys.ssh_key_fingerprint.ilike(like_expression),
+                        ))
+                    users_data_total_filtered_count = base_q.count()
+                    sort_col = self._get_order_col(order_by, UserSshKeys)
+                    if sort_col:
+                        if order_dir == 'asc':
+                            # handle null values properly to order by NULL last
+                            if order_by in ['created_on']:
+                                sort_col = coalesce(sort_col, datetime.date.max)
+                            sort_col = sort_col.asc()
+                        else:
+                            # handle null values properly to order by NULL last
+                            if order_by in ['created_on']:
+                                sort_col = coalesce(sort_col, datetime.date.min)
+                            sort_col = sort_col.desc()
+                    base_q = base_q.order_by(sort_col)
+                    base_q = base_q.offset(start).limit(limit)
+                    ssh_keys = base_q.all()
+                    ssh_keys_data = []
+                    for ssh_key in ssh_keys:
+                        ssh_keys_data.append({
+                            "username": h.gravatar_with_user(self.request, ssh_key.user.username),
+                            "fingerprint": ssh_key.ssh_key_fingerprint,
+                            "description": ssh_key.description,
+                            "created_on": h.format_date(ssh_key.created_on),
+                            "action": h.link_to(
+                                _('Edit'), h.route_path('edit_user_ssh_keys',
+                                                        user_id=ssh_key.user.user_id))
+                        })
+                    data = ({
+                        'draw': draw,
+                        'data': ssh_keys_data,
+                        'recordsTotal': ssh_keys_data_total_count,
+                        'recordsFiltered': users_data_total_filtered_count,
+                    })
+                    return data
+                @LoginRequired()
+                @HasPermissionAllDecorator('hg.admin')
+                @CSRFRequired()
+                @view_config(
+                    route_name='admin_permissions_ssh_keys_update', request_method='POST',
+                    renderer='rhodecode:templates/admin/permissions/permissions.mako')
+                def ssh_keys_update(self):
+                    _ = self.request.translate
+                    self.load_default_context()
+                    ssh_enabled = self.request.registry.settings.get(
+                        'ssh.generate_authorized_keyfile')
+                    key_file = self.request.registry.settings.get(
+                        'ssh.authorized_keys_file_path')
+                    if ssh_enabled:
+                        trigger(SshKeyFileChangeEvent(), self.request.registry)
+                        h.flash(_('Updated SSH keys file: {}').format(key_file),
+                                category='success')
+                    else:
+                        h.flash(_('SSH key support is disabled in .ini file'),
+                                category='warning')
+                    raise HTTPFound(h.route_path('admin_permissions_ssh_keys'))

rhodecode/public/js/rhodecode/routes.js

0 +3 0

             /******************************************************************************
              *                                                                            *
              *                      DO NOT CHANGE THIS FILE MANUALLY                      *
              *                                                                            *
              *                                                                            *
              *        This file is automatically generated when the app starts up with    *
              *                         generate_js_files = true                           *
              *                                                                            *
              *  To add a route here pass jsroute=True to the route definition in the app  *
              *                                                                            *
              ******************************************************************************/
             function registerRCRoutes() {
                 // routes registration
                 pyroutes.register('edit_user', '/_admin/users/%(user_id)s/edit', ['user_id']);
                 pyroutes.register('favicon', '/favicon.ico', []);
                 pyroutes.register('robots', '/robots.txt', []);
                 pyroutes.register('auth_home', '/_admin/auth*traverse', []);
                 pyroutes.register('global_integrations_new', '/_admin/integrations/new', []);
                 pyroutes.register('global_integrations_home', '/_admin/integrations', []);
                 pyroutes.register('global_integrations_list', '/_admin/integrations/%(integration)s', ['integration']);
                 pyroutes.register('global_integrations_create', '/_admin/integrations/%(integration)s/new', ['integration']);
                 pyroutes.register('global_integrations_edit', '/_admin/integrations/%(integration)s/%(integration_id)s', ['integration', 'integration_id']);
                 pyroutes.register('repo_group_integrations_home', '/%(repo_group_name)s/settings/integrations', ['repo_group_name']);
                 pyroutes.register('repo_group_integrations_new', '/%(repo_group_name)s/settings/integrations/new', ['repo_group_name']);
                 pyroutes.register('repo_group_integrations_list', '/%(repo_group_name)s/settings/integrations/%(integration)s', ['repo_group_name', 'integration']);
                 pyroutes.register('repo_group_integrations_create', '/%(repo_group_name)s/settings/integrations/%(integration)s/new', ['repo_group_name', 'integration']);
                 pyroutes.register('repo_group_integrations_edit', '/%(repo_group_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_group_name', 'integration', 'integration_id']);
                 pyroutes.register('repo_integrations_home', '/%(repo_name)s/settings/integrations', ['repo_name']);
                 pyroutes.register('repo_integrations_new', '/%(repo_name)s/settings/integrations/new', ['repo_name']);
                 pyroutes.register('repo_integrations_list', '/%(repo_name)s/settings/integrations/%(integration)s', ['repo_name', 'integration']);
                 pyroutes.register('repo_integrations_create', '/%(repo_name)s/settings/integrations/%(integration)s/new', ['repo_name', 'integration']);
                 pyroutes.register('repo_integrations_edit', '/%(repo_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_name', 'integration', 'integration_id']);
                 pyroutes.register('ops_ping', '/_admin/ops/ping', []);
                 pyroutes.register('ops_error_test', '/_admin/ops/error', []);
                 pyroutes.register('ops_redirect_test', '/_admin/ops/redirect', []);
                 pyroutes.register('admin_home', '/_admin', []);
                 pyroutes.register('admin_audit_logs', '/_admin/audit_logs', []);
                 pyroutes.register('pull_requests_global_0', '/_admin/pull_requests/%(pull_request_id)s', ['pull_request_id']);
                 pyroutes.register('pull_requests_global_1', '/_admin/pull-requests/%(pull_request_id)s', ['pull_request_id']);
                 pyroutes.register('pull_requests_global', '/_admin/pull-request/%(pull_request_id)s', ['pull_request_id']);
                 pyroutes.register('admin_settings_open_source', '/_admin/settings/open_source', []);
                 pyroutes.register('admin_settings_vcs_svn_generate_cfg', '/_admin/settings/vcs/svn_generate_cfg', []);
                 pyroutes.register('admin_settings_system', '/_admin/settings/system', []);
                 pyroutes.register('admin_settings_system_update', '/_admin/settings/system/updates', []);
                 pyroutes.register('admin_settings_sessions', '/_admin/settings/sessions', []);
                 pyroutes.register('admin_settings_sessions_cleanup', '/_admin/settings/sessions/cleanup', []);
                 pyroutes.register('admin_settings_process_management', '/_admin/settings/process_management', []);
                 pyroutes.register('admin_settings_process_management_signal', '/_admin/settings/process_management/signal', []);
                 pyroutes.register('admin_permissions_application', '/_admin/permissions/application', []);
                 pyroutes.register('admin_permissions_application_update', '/_admin/permissions/application/update', []);
                 pyroutes.register('admin_permissions_global', '/_admin/permissions/global', []);
                 pyroutes.register('admin_permissions_global_update', '/_admin/permissions/global/update', []);
                 pyroutes.register('admin_permissions_object', '/_admin/permissions/object', []);
                 pyroutes.register('admin_permissions_object_update', '/_admin/permissions/object/update', []);
                 pyroutes.register('admin_permissions_ips', '/_admin/permissions/ips', []);
                 pyroutes.register('admin_permissions_overview', '/_admin/permissions/overview', []);
                 pyroutes.register('admin_permissions_auth_token_access', '/_admin/permissions/auth_token_access', []);
+                pyroutes.register('admin_permissions_ssh_keys', '/_admin/permissions/ssh_keys', []);
+                pyroutes.register('admin_permissions_ssh_keys_data', '/_admin/permissions/ssh_keys/data', []);
+                pyroutes.register('admin_permissions_ssh_keys_update', '/_admin/permissions/ssh_keys/update', []);
                 pyroutes.register('users', '/_admin/users', []);
                 pyroutes.register('users_data', '/_admin/users_data', []);
                 pyroutes.register('edit_user_auth_tokens', '/_admin/users/%(user_id)s/edit/auth_tokens', ['user_id']);
                 pyroutes.register('edit_user_auth_tokens_add', '/_admin/users/%(user_id)s/edit/auth_tokens/new', ['user_id']);
                 pyroutes.register('edit_user_auth_tokens_delete', '/_admin/users/%(user_id)s/edit/auth_tokens/delete', ['user_id']);
                 pyroutes.register('edit_user_ssh_keys', '/_admin/users/%(user_id)s/edit/ssh_keys', ['user_id']);
                 pyroutes.register('edit_user_ssh_keys_generate_keypair', '/_admin/users/%(user_id)s/edit/ssh_keys/generate', ['user_id']);
                 pyroutes.register('edit_user_ssh_keys_add', '/_admin/users/%(user_id)s/edit/ssh_keys/new', ['user_id']);
                 pyroutes.register('edit_user_ssh_keys_delete', '/_admin/users/%(user_id)s/edit/ssh_keys/delete', ['user_id']);
                 pyroutes.register('edit_user_emails', '/_admin/users/%(user_id)s/edit/emails', ['user_id']);
                 pyroutes.register('edit_user_emails_add', '/_admin/users/%(user_id)s/edit/emails/new', ['user_id']);
                 pyroutes.register('edit_user_emails_delete', '/_admin/users/%(user_id)s/edit/emails/delete', ['user_id']);
                 pyroutes.register('edit_user_ips', '/_admin/users/%(user_id)s/edit/ips', ['user_id']);
                 pyroutes.register('edit_user_ips_add', '/_admin/users/%(user_id)s/edit/ips/new', ['user_id']);
                 pyroutes.register('edit_user_ips_delete', '/_admin/users/%(user_id)s/edit/ips/delete', ['user_id']);
                 pyroutes.register('edit_user_perms_summary', '/_admin/users/%(user_id)s/edit/permissions_summary', ['user_id']);
                 pyroutes.register('edit_user_perms_summary_json', '/_admin/users/%(user_id)s/edit/permissions_summary/json', ['user_id']);
                 pyroutes.register('edit_user_groups_management', '/_admin/users/%(user_id)s/edit/groups_management', ['user_id']);
                 pyroutes.register('edit_user_groups_management_updates', '/_admin/users/%(user_id)s/edit/edit_user_groups_management/updates', ['user_id']);
                 pyroutes.register('edit_user_audit_logs', '/_admin/users/%(user_id)s/edit/audit', ['user_id']);
                 pyroutes.register('user_groups', '/_admin/user_groups', []);
                 pyroutes.register('user_groups_data', '/_admin/user_groups_data', []);
                 pyroutes.register('user_group_members_data', '/_admin/user_groups/%(user_group_id)s/members', ['user_group_id']);
                 pyroutes.register('edit_user_group_perms_summary', '/_admin/user_groups/%(user_group_id)s/edit/permissions_summary', ['user_group_id']);
                 pyroutes.register('edit_user_group_perms_summary_json', '/_admin/user_groups/%(user_group_id)s/edit/permissions_summary/json', ['user_group_id']);
                 pyroutes.register('repos', '/_admin/repos', []);
                 pyroutes.register('repo_new', '/_admin/repos/new', []);
                 pyroutes.register('repo_create', '/_admin/repos/create', []);
                 pyroutes.register('channelstream_connect', '/_admin/channelstream/connect', []);
                 pyroutes.register('channelstream_subscribe', '/_admin/channelstream/subscribe', []);
                 pyroutes.register('channelstream_proxy', '/_channelstream', []);
                 pyroutes.register('login', '/_admin/login', []);
                 pyroutes.register('logout', '/_admin/logout', []);
                 pyroutes.register('register', '/_admin/register', []);
                 pyroutes.register('reset_password', '/_admin/password_reset', []);
                 pyroutes.register('reset_password_confirmation', '/_admin/password_reset_confirmation', []);
                 pyroutes.register('home', '/', []);
                 pyroutes.register('user_autocomplete_data', '/_users', []);
                 pyroutes.register('user_group_autocomplete_data', '/_user_groups', []);
                 pyroutes.register('repo_list_data', '/_repos', []);
                 pyroutes.register('goto_switcher_data', '/_goto_data', []);
                 pyroutes.register('journal', '/_admin/journal', []);
                 pyroutes.register('journal_rss', '/_admin/journal/rss', []);
                 pyroutes.register('journal_atom', '/_admin/journal/atom', []);
                 pyroutes.register('journal_public', '/_admin/public_journal', []);
                 pyroutes.register('journal_public_atom', '/_admin/public_journal/atom', []);
                 pyroutes.register('journal_public_atom_old', '/_admin/public_journal_atom', []);
                 pyroutes.register('journal_public_rss', '/_admin/public_journal/rss', []);
                 pyroutes.register('journal_public_rss_old', '/_admin/public_journal_rss', []);
                 pyroutes.register('toggle_following', '/_admin/toggle_following', []);
                 pyroutes.register('repo_creating', '/%(repo_name)s/repo_creating', ['repo_name']);
                 pyroutes.register('repo_creating_check', '/%(repo_name)s/repo_creating_check', ['repo_name']);
                 pyroutes.register('repo_summary_explicit', '/%(repo_name)s/summary', ['repo_name']);
                 pyroutes.register('repo_summary_commits', '/%(repo_name)s/summary-commits', ['repo_name']);
                 pyroutes.register('repo_commit', '/%(repo_name)s/changeset/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_children', '/%(repo_name)s/changeset_children/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_parents', '/%(repo_name)s/changeset_parents/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_raw', '/%(repo_name)s/changeset-diff/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_patch', '/%(repo_name)s/changeset-patch/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_download', '/%(repo_name)s/changeset-download/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_data', '/%(repo_name)s/changeset-data/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_comment_create', '/%(repo_name)s/changeset/%(commit_id)s/comment/create', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_comment_preview', '/%(repo_name)s/changeset/%(commit_id)s/comment/preview', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_commit_comment_delete', '/%(repo_name)s/changeset/%(commit_id)s/comment/%(comment_id)s/delete', ['repo_name', 'commit_id', 'comment_id']);
                 pyroutes.register('repo_commit_raw_deprecated', '/%(repo_name)s/raw-changeset/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_archivefile', '/%(repo_name)s/archive/%(fname)s', ['repo_name', 'fname']);
                 pyroutes.register('repo_files_diff', '/%(repo_name)s/diff/%(f_path)s', ['repo_name', 'f_path']);
                 pyroutes.register('repo_files_diff_2way_redirect', '/%(repo_name)s/diff-2way/%(f_path)s', ['repo_name', 'f_path']);
                 pyroutes.register('repo_files', '/%(repo_name)s/files/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files:default_path', '/%(repo_name)s/files/%(commit_id)s/', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_files:default_commit', '/%(repo_name)s/files', ['repo_name']);
                 pyroutes.register('repo_files:rendered', '/%(repo_name)s/render/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files:annotated', '/%(repo_name)s/annotate/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files:annotated_previous', '/%(repo_name)s/annotate-previous/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_nodetree_full', '/%(repo_name)s/nodetree_full/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_nodetree_full:default_path', '/%(repo_name)s/nodetree_full/%(commit_id)s/', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_files_nodelist', '/%(repo_name)s/nodelist/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_file_raw', '/%(repo_name)s/raw/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_file_download', '/%(repo_name)s/download/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_file_download:legacy', '/%(repo_name)s/rawfile/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_file_history', '/%(repo_name)s/history/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_file_authors', '/%(repo_name)s/authors/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files_remove_file', '/%(repo_name)s/remove_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files_delete_file', '/%(repo_name)s/delete_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files_edit_file', '/%(repo_name)s/edit_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files_update_file', '/%(repo_name)s/update_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files_add_file', '/%(repo_name)s/add_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_files_create_file', '/%(repo_name)s/create_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_refs_data', '/%(repo_name)s/refs-data', ['repo_name']);
                 pyroutes.register('repo_refs_changelog_data', '/%(repo_name)s/refs-data-changelog', ['repo_name']);
                 pyroutes.register('repo_stats', '/%(repo_name)s/repo_stats/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_changelog', '/%(repo_name)s/changelog', ['repo_name']);
                 pyroutes.register('repo_changelog_file', '/%(repo_name)s/changelog/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('repo_changelog_elements', '/%(repo_name)s/changelog_elements', ['repo_name']);
                 pyroutes.register('repo_compare_select', '/%(repo_name)s/compare', ['repo_name']);
                 pyroutes.register('repo_compare', '/%(repo_name)s/compare/%(source_ref_type)s@%(source_ref)s...%(target_ref_type)s@%(target_ref)s', ['repo_name', 'source_ref_type', 'source_ref', 'target_ref_type', 'target_ref']);
                 pyroutes.register('tags_home', '/%(repo_name)s/tags', ['repo_name']);
                 pyroutes.register('branches_home', '/%(repo_name)s/branches', ['repo_name']);
                 pyroutes.register('bookmarks_home', '/%(repo_name)s/bookmarks', ['repo_name']);
                 pyroutes.register('repo_fork_new', '/%(repo_name)s/fork', ['repo_name']);
                 pyroutes.register('repo_fork_create', '/%(repo_name)s/fork/create', ['repo_name']);
                 pyroutes.register('repo_forks_show_all', '/%(repo_name)s/forks', ['repo_name']);
                 pyroutes.register('repo_forks_data', '/%(repo_name)s/forks/data', ['repo_name']);
                 pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_show_all', '/%(repo_name)s/pull-request', ['repo_name']);
                 pyroutes.register('pullrequest_show_all_data', '/%(repo_name)s/pull-request-data', ['repo_name']);
                 pyroutes.register('pullrequest_repo_refs', '/%(repo_name)s/pull-request/refs/%(target_repo_name)s', ['repo_name', 'target_repo_name']);
                 pyroutes.register('pullrequest_repo_destinations', '/%(repo_name)s/pull-request/repo-destinations', ['repo_name']);
                 pyroutes.register('pullrequest_new', '/%(repo_name)s/pull-request/new', ['repo_name']);
                 pyroutes.register('pullrequest_create', '/%(repo_name)s/pull-request/create', ['repo_name']);
                 pyroutes.register('pullrequest_update', '/%(repo_name)s/pull-request/%(pull_request_id)s/update', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_merge', '/%(repo_name)s/pull-request/%(pull_request_id)s/merge', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_delete', '/%(repo_name)s/pull-request/%(pull_request_id)s/delete', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_comment_create', '/%(repo_name)s/pull-request/%(pull_request_id)s/comment', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_comment_delete', '/%(repo_name)s/pull-request/%(pull_request_id)s/comment/%(comment_id)s/delete', ['repo_name', 'pull_request_id', 'comment_id']);
                 pyroutes.register('edit_repo', '/%(repo_name)s/settings', ['repo_name']);
                 pyroutes.register('edit_repo_advanced', '/%(repo_name)s/settings/advanced', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_delete', '/%(repo_name)s/settings/advanced/delete', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_locking', '/%(repo_name)s/settings/advanced/locking', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_journal', '/%(repo_name)s/settings/advanced/journal', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_fork', '/%(repo_name)s/settings/advanced/fork', ['repo_name']);
                 pyroutes.register('edit_repo_caches', '/%(repo_name)s/settings/caches', ['repo_name']);
                 pyroutes.register('edit_repo_perms', '/%(repo_name)s/settings/permissions', ['repo_name']);
                 pyroutes.register('edit_repo_maintenance', '/%(repo_name)s/settings/maintenance', ['repo_name']);
                 pyroutes.register('edit_repo_maintenance_execute', '/%(repo_name)s/settings/maintenance/execute', ['repo_name']);
                 pyroutes.register('edit_repo_fields', '/%(repo_name)s/settings/fields', ['repo_name']);
                 pyroutes.register('edit_repo_fields_create', '/%(repo_name)s/settings/fields/create', ['repo_name']);
                 pyroutes.register('edit_repo_fields_delete', '/%(repo_name)s/settings/fields/%(field_id)s/delete', ['repo_name', 'field_id']);
                 pyroutes.register('repo_edit_toggle_locking', '/%(repo_name)s/settings/toggle_locking', ['repo_name']);
                 pyroutes.register('edit_repo_remote', '/%(repo_name)s/settings/remote', ['repo_name']);
                 pyroutes.register('edit_repo_remote_pull', '/%(repo_name)s/settings/remote/pull', ['repo_name']);
                 pyroutes.register('edit_repo_statistics', '/%(repo_name)s/settings/statistics', ['repo_name']);
                 pyroutes.register('edit_repo_statistics_reset', '/%(repo_name)s/settings/statistics/update', ['repo_name']);
                 pyroutes.register('edit_repo_issuetracker', '/%(repo_name)s/settings/issue_trackers', ['repo_name']);
                 pyroutes.register('edit_repo_issuetracker_test', '/%(repo_name)s/settings/issue_trackers/test', ['repo_name']);
                 pyroutes.register('edit_repo_issuetracker_delete', '/%(repo_name)s/settings/issue_trackers/delete', ['repo_name']);
                 pyroutes.register('edit_repo_issuetracker_update', '/%(repo_name)s/settings/issue_trackers/update', ['repo_name']);
                 pyroutes.register('edit_repo_vcs', '/%(repo_name)s/settings/vcs', ['repo_name']);
                 pyroutes.register('edit_repo_vcs_update', '/%(repo_name)s/settings/vcs/update', ['repo_name']);
                 pyroutes.register('edit_repo_vcs_svn_pattern_delete', '/%(repo_name)s/settings/vcs/svn_pattern/delete', ['repo_name']);
                 pyroutes.register('repo_reviewers', '/%(repo_name)s/settings/review/rules', ['repo_name']);
                 pyroutes.register('repo_default_reviewers_data', '/%(repo_name)s/settings/review/default-reviewers', ['repo_name']);
                 pyroutes.register('edit_repo_strip', '/%(repo_name)s/settings/strip', ['repo_name']);
                 pyroutes.register('strip_check', '/%(repo_name)s/settings/strip_check', ['repo_name']);
                 pyroutes.register('strip_execute', '/%(repo_name)s/settings/strip_execute', ['repo_name']);
                 pyroutes.register('rss_feed_home', '/%(repo_name)s/feed/rss', ['repo_name']);
                 pyroutes.register('atom_feed_home', '/%(repo_name)s/feed/atom', ['repo_name']);
                 pyroutes.register('repo_summary', '/%(repo_name)s', ['repo_name']);
                 pyroutes.register('repo_summary_slash', '/%(repo_name)s/', ['repo_name']);
                 pyroutes.register('repo_group_home', '/%(repo_group_name)s', ['repo_group_name']);
                 pyroutes.register('repo_group_home_slash', '/%(repo_group_name)s/', ['repo_group_name']);
                 pyroutes.register('search', '/_admin/search', []);
                 pyroutes.register('search_repo', '/%(repo_name)s/search', ['repo_name']);
                 pyroutes.register('user_profile', '/_profiles/%(username)s', ['username']);
                 pyroutes.register('my_account_profile', '/_admin/my_account/profile', []);
                 pyroutes.register('my_account_edit', '/_admin/my_account/edit', []);
                 pyroutes.register('my_account_update', '/_admin/my_account/update', []);
                 pyroutes.register('my_account_password', '/_admin/my_account/password', []);
                 pyroutes.register('my_account_password_update', '/_admin/my_account/password/update', []);
                 pyroutes.register('my_account_auth_tokens', '/_admin/my_account/auth_tokens', []);
                 pyroutes.register('my_account_auth_tokens_add', '/_admin/my_account/auth_tokens/new', []);
                 pyroutes.register('my_account_auth_tokens_delete', '/_admin/my_account/auth_tokens/delete', []);
                 pyroutes.register('my_account_emails', '/_admin/my_account/emails', []);
                 pyroutes.register('my_account_emails_add', '/_admin/my_account/emails/new', []);
                 pyroutes.register('my_account_emails_delete', '/_admin/my_account/emails/delete', []);
                 pyroutes.register('my_account_repos', '/_admin/my_account/repos', []);
                 pyroutes.register('my_account_watched', '/_admin/my_account/watched', []);
                 pyroutes.register('my_account_perms', '/_admin/my_account/perms', []);
                 pyroutes.register('my_account_notifications', '/_admin/my_account/notifications', []);
                 pyroutes.register('my_account_notifications_toggle_visibility', '/_admin/my_account/toggle_visibility', []);
                 pyroutes.register('my_account_pullrequests', '/_admin/my_account/pull_requests', []);
                 pyroutes.register('my_account_pullrequests_data', '/_admin/my_account/pull_requests/data', []);
                 pyroutes.register('notifications_show_all', '/_admin/notifications', []);
                 pyroutes.register('notifications_mark_all_read', '/_admin/notifications/mark_all_read', []);
                 pyroutes.register('notifications_show', '/_admin/notifications/%(notification_id)s', ['notification_id']);
                 pyroutes.register('notifications_update', '/_admin/notifications/%(notification_id)s/update', ['notification_id']);
                 pyroutes.register('notifications_delete', '/_admin/notifications/%(notification_id)s/delete', ['notification_id']);
                 pyroutes.register('my_account_notifications_test_channelstream', '/_admin/my_account/test_channelstream', []);
                 pyroutes.register('gists_show', '/_admin/gists', []);
                 pyroutes.register('gists_new', '/_admin/gists/new', []);
                 pyroutes.register('gists_create', '/_admin/gists/create', []);
                 pyroutes.register('gist_show', '/_admin/gists/%(gist_id)s', ['gist_id']);
                 pyroutes.register('gist_delete', '/_admin/gists/%(gist_id)s/delete', ['gist_id']);
                 pyroutes.register('gist_edit', '/_admin/gists/%(gist_id)s/edit', ['gist_id']);
                 pyroutes.register('gist_edit_check_revision', '/_admin/gists/%(gist_id)s/edit/check_revision', ['gist_id']);
                 pyroutes.register('gist_update', '/_admin/gists/%(gist_id)s/update', ['gist_id']);
                 pyroutes.register('gist_show_rev', '/_admin/gists/%(gist_id)s/%(revision)s', ['gist_id', 'revision']);
                 pyroutes.register('gist_show_formatted', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s', ['gist_id', 'revision', 'format']);
                 pyroutes.register('gist_show_formatted_path', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s/%(f_path)s', ['gist_id', 'revision', 'format', 'f_path']);
                 pyroutes.register('debug_style_home', '/_admin/debug_style', []);
                 pyroutes.register('debug_style_template', '/_admin/debug_style/t/%(t_path)s', ['t_path']);
                 pyroutes.register('apiv2', '/_admin/api', []);
             }

rhodecode/templates/admin/permissions/permissions.mako

0 +3 0

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.mako"/>
             <%def name="title()">
                 ${_('Permissions Administration')}
                 %if c.rhodecode_name:
                     &middot; ${h.branding(c.rhodecode_name)}
                 %endif
             </%def>
             <%def name="breadcrumbs_links()">
                 ${h.link_to(_('Admin'),h.route_path('admin_home'))}
                 &raquo;
                 ${_('Permissions')}
             </%def>
             <%def name="menu_bar_nav()">
                 ${self.menu_items(active='admin')}
             </%def>
             <%def name="main()">
             <div class="box">
               <div class="title">
                   ${self.breadcrumbs()}
               </div>
               <div class="sidebar-col-wrapper scw-small">
                 ##main
                 <div class="sidebar">
                     <ul class="nav nav-pills nav-stacked">
                       <li class="${'active' if c.active=='application' else ''}">
                         <a href="${h.route_path('admin_permissions_application')}">${_('Application')}</a>
                       </li>
                       <li class="${'active' if c.active=='global' else ''}">
                         <a href="${h.route_path('admin_permissions_global')}">${_('Global')}</a>
                       </li>
                       <li class="${'active' if c.active=='objects' else ''}">
                         <a href="${h.route_path('admin_permissions_object')}">${_('Object')}</a>
                       </li>
                       <li class="${'active' if c.active=='ips' else ''}">
                         <a href="${h.route_path('admin_permissions_ips')}">${_('IP Whitelist')}</a>
                       </li>
                       <li class="${'active' if c.active=='auth_token_access' else ''}">
                         <a href="${h.route_path('admin_permissions_auth_token_access')}">${_('AuthToken Access')}</a>
                       </li>
+                      <li class="${'active' if c.active=='ssh_keys' else ''}">
+                        <a href="${h.route_path('admin_permissions_ssh_keys')}">${_('SSH Keys')}</a>
+                      </li>
                       <li class="${'active' if c.active=='perms' else ''}">
                         <a href="${h.route_path('admin_permissions_overview')}">${_('Overview')}</a>
                       </li>
                     </ul>
                 </div>
                 <div class="main-content-full-width">
                     <%include file="/admin/permissions/permissions_${c.active}.mako"/>
                 </div>
               </div>
             </div>
             </%def>

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages