Show More
| @@ -31,6 +31,7 b' from pyramid.response import Response' | |||
|
|
31 | 31 | from rhodecode import events |
|
|
32 | 32 | from rhodecode.apps._base import BaseAppView, DataGridAppView, UserAppView |
|
|
33 | 33 | from rhodecode.apps.ssh_support import SshKeyFileChangeEvent |
|
|
34 | from rhodecode.authentication.base import get_authn_registry, RhodeCodeExternalAuthPlugin | |
|
|
34 | 35 | from rhodecode.authentication.plugins import auth_rhodecode |
|
|
35 | 36 | from rhodecode.events import trigger |
|
|
36 | 37 | from rhodecode.model.db import true |
| @@ -249,7 +250,32 b' class UsersView(UserAppView):' | |||
|
|
249 | 250 | in there as well. |
|
|
250 | 251 | """ |
|
|
251 | 252 | |
|
|
253 | def get_auth_plugins(self): | |
|
|
254 | valid_plugins = [] | |
|
|
255 | authn_registry = get_authn_registry(self.request.registry) | |
|
|
256 | for plugin in authn_registry.get_plugins_for_authentication(): | |
|
|
257 | if isinstance(plugin, RhodeCodeExternalAuthPlugin): | |
|
|
258 | valid_plugins.append(plugin) | |
|
|
259 | elif plugin.name == 'rhodecode': | |
|
|
260 | valid_plugins.append(plugin) | |
|
|
261 | ||
|
|
262 | # extend our choices if user has set a bound plugin which isn't enabled at the | |
|
|
263 | # moment | |
|
|
264 | extern_type = self.db_user.extern_type | |
|
|
265 | if extern_type not in [x.uid for x in valid_plugins]: | |
|
|
266 | try: | |
|
|
267 | plugin = authn_registry.get_plugin_by_uid(extern_type) | |
|
|
268 | if plugin: | |
|
|
269 | valid_plugins.append(plugin) | |
|
|
270 | ||
|
|
271 | except Exception: | |
|
|
272 | log.exception( | |
|
|
273 | 'Could not extend user plugins with `{}`'.format(extern_type)) | |
|
|
274 | return valid_plugins | |
|
|
275 | ||
|
|
252 | 276 | def load_default_context(self): |
|
|
277 | req = self.request | |
|
|
278 | ||
|
|
253 | 279 | c = self._get_local_tmpl_context() |
|
|
254 | 280 | c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS |
|
|
255 | 281 | c.allowed_languages = [ |
| @@ -263,7 +289,10 b' class UsersView(UserAppView):' | |||
|
|
263 | 289 | ('ru', 'Russian (ru)'), |
|
|
264 | 290 | ('zh', 'Chinese (zh)'), |
|
|
265 | 291 | ] |
|
|
266 | req = self.request | |
|
|
292 | ||
|
|
293 | c.allowed_extern_types = [ | |
|
|
294 | (x.uid, x.get_display_name()) for x in self.get_auth_plugins() | |
|
|
295 | ] | |
|
|
267 | 296 | |
|
|
268 | 297 | c.available_permissions = req.registry.settings['available_permissions'] |
|
|
269 | 298 | PermissionModel().set_global_permission_choices( |
| @@ -297,7 +326,7 b' class UsersView(UserAppView):' | |||
|
|
297 | 326 | old_values = c.user.get_api_data() |
|
|
298 | 327 | try: |
|
|
299 | 328 | form_result = _form.to_python(dict(self.request.POST)) |
|
|
300 |
skip_attrs = [' |
|
|
|
329 | skip_attrs = ['extern_name'] | |
|
|
301 | 330 | # TODO: plugin should define if username can be updated |
|
|
302 | 331 | if c.extern_type != "rhodecode": |
|
|
303 | 332 | # forbid updating username for external accounts |
| @@ -76,6 +76,7 b' class HeadersSettingsSchema(AuthnPluginS' | |||
|
|
76 | 76 | |
|
|
77 | 77 | class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin): |
|
|
78 | 78 | uid = 'headers' |
|
|
79 | ||
|
|
79 | 80 | def includeme(self, config): |
|
|
80 | 81 | config.add_authn_plugin(self) |
|
|
81 | 82 | config.add_authn_resource(self.get_id(), HeadersAuthnResource(self)) |
| @@ -58,6 +58,11 b' class AuthenticationPluginRegistry(objec' | |||
|
|
58 | 58 | def get_plugin(self, plugin_id): |
|
|
59 | 59 | return self._plugins.get(plugin_id, None) |
|
|
60 | 60 | |
|
|
61 | def get_plugin_by_uid(self, plugin_uid): | |
|
|
62 | for plugin in self._plugins.values(): | |
|
|
63 | if plugin.uid == plugin_uid: | |
|
|
64 | return plugin | |
|
|
65 | ||
|
|
61 | 66 | def get_plugins_for_authentication(self): |
|
|
62 | 67 | """ |
|
|
63 | 68 | Returns a list of plugins which should be consulted when authenticating |
| @@ -12,10 +12,8 b'' | |||
|
|
12 | 12 | %if c.extern_type != 'rhodecode': |
|
|
13 | 13 | <% readonly = "readonly" %> |
|
|
14 | 14 | <% disabled = " disabled" %> |
|
|
15 | <div class="infoform"> | |
|
|
16 | <div class="fields"> | |
|
|
17 | <p>${_('This user was created from external source (%s). Editing some of the settings is limited.' % c.extern_type)}</p> | |
|
|
18 | </div> | |
|
|
15 | <div class="alert-warning" style="margin:0px 0px 20px 0px; padding: 10px"> | |
|
|
16 | <strong>${_('This user was created from external source (%s). Editing some of the settings is limited.' % c.extern_type)}</strong> | |
|
|
19 | 17 | </div> |
|
|
20 | 18 | %endif |
|
|
21 | 19 | <div class="form"> |
| @@ -105,9 +103,8 b'' | |||
|
|
105 | 103 | ${_('Authentication type')}: |
|
|
106 | 104 | </div> |
|
|
107 | 105 | <div class="input"> |
|
|
108 | <p>${c.extern_type}</p> | |
|
|
109 | ${h.hidden('extern_type', readonly="readonly")} | |
|
|
110 | <p class="help-block">${_('User was created using an external source. He is bound to authentication using this method.')}</p> | |
|
|
106 | ${h.select('extern_type', c.extern_type, c.allowed_extern_types)} | |
|
|
107 | <p class="help-block">${_('When user was created using an external source. He is bound to authentication using this method.')}</p> | |
|
|
111 | 108 | </div> |
|
|
112 | 109 | </div> |
|
|
113 | 110 | <div class="field"> |
General Comments 0
You need to be logged in to leave comments.
Login now