##// END OF EJS Templates
vcs: Minimal change to expose the shadow repository...
vcs: Minimal change to expose the shadow repository Based on my original research, this was the "minimal" starting point. It shows that three concepts are needed for the "repo_name": * From the security standpoint we think of the shadow repository having the same ACL as the target repository of the pull request. This is because the pull request itself is considered to be a part of the target repository. Out of this thought, the variable "acl_repo_name" is used whenever we want to check permissions or when we need the database configuration of the repository. An alternative name would have been "db_repo_name", but the usage for ACL checking is the most important one. * From the web interaction perspective, we need the URL which was originally used to get to the repository. This is because based on this base URL commands can be identified. Especially for Git this is important, so that the commands are correctly recognized. Since the URL is in the focus, this is called "url_repo_name". * Finally we have to deal with the repository on the file system. This is what the VCS layer deal with normally, so this name is called "vcs_repo_name". The original repository interaction is a special case where all three names are the same. When interacting with a pull request, these three names are typically all different. This change is minimal in a sense that it just makes the interaction with a shadow repository barely work, without checking any special constraints yet. This was the starting point for further work on this topic.

File last commit:

r506:4c6b9282 default
r887:175782be default
Show More
journal.py
306 lines | 11.2 KiB | text/x-python | PythonLexer
project: added all source files and assets
r1 # -*- coding: utf-8 -*-
# Copyright (C) 2010-2016 RhodeCode GmbH
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
"""
Journal / user event log controller for rhodecode
"""
import logging
from itertools import groupby
from sqlalchemy import or_
from sqlalchemy.orm import joinedload
from webhelpers.feedgenerator import Atom1Feed, Rss201rev2Feed
from webob.exc import HTTPBadRequest
from pylons import request, tmpl_context as c, response, url
from pylons.i18n.translation import _
from rhodecode.controllers.admin.admin import _journal_filter
from rhodecode.model.db import UserLog, UserFollowing, User
from rhodecode.model.meta import Session
import rhodecode.lib.helpers as h
from rhodecode.lib.helpers import Page
from rhodecode.lib.auth import LoginRequired, NotAnonymous, CSRFRequired
from rhodecode.lib.base import BaseController, render
from rhodecode.lib.utils2 import safe_int, AttributeDict
log = logging.getLogger(__name__)
class JournalController(BaseController):
def __before__(self):
super(JournalController, self).__before__()
self.language = 'en-us'
self.ttl = "5"
self.feed_nr = 20
c.search_term = request.GET.get('filter')
def _get_daily_aggregate(self, journal):
groups = []
for k, g in groupby(journal, lambda x: x.action_as_day):
user_group = []
#groupby username if it's a present value, else fallback to journal username
for _, g2 in groupby(list(g), lambda x: x.user.username if x.user else x.username):
l = list(g2)
user_group.append((l[0].user, l))
groups.append((k, user_group,))
return groups
def _get_journal_data(self, following_repos):
repo_ids = [x.follows_repository.repo_id for x in following_repos
if x.follows_repository is not None]
user_ids = [x.follows_user.user_id for x in following_repos
if x.follows_user is not None]
filtering_criterion = None
if repo_ids and user_ids:
filtering_criterion = or_(UserLog.repository_id.in_(repo_ids),
UserLog.user_id.in_(user_ids))
if repo_ids and not user_ids:
filtering_criterion = UserLog.repository_id.in_(repo_ids)
if not repo_ids and user_ids:
filtering_criterion = UserLog.user_id.in_(user_ids)
if filtering_criterion is not None:
journal = self.sa.query(UserLog)\
.options(joinedload(UserLog.user))\
.options(joinedload(UserLog.repository))
#filter
try:
journal = _journal_filter(journal, c.search_term)
except Exception:
# we want this to crash for now
raise
journal = journal.filter(filtering_criterion)\
.order_by(UserLog.action_date.desc())
else:
journal = []
return journal
def _atom_feed(self, repos, public=True):
journal = self._get_journal_data(repos)
if public:
_link = url('public_journal_atom', qualified=True)
_desc = '%s %s %s' % (c.rhodecode_name, _('public journal'),
'atom feed')
else:
_link = url('journal_atom', qualified=True)
_desc = '%s %s %s' % (c.rhodecode_name, _('journal'), 'atom feed')
feed = Atom1Feed(title=_desc,
link=_link,
description=_desc,
language=self.language,
ttl=self.ttl)
for entry in journal[:self.feed_nr]:
user = entry.user
if user is None:
#fix deleted users
user = AttributeDict({'short_contact': entry.username,
'email': '',
'full_contact': ''})
action, action_extra, ico = h.action_parser(entry, feed=True)
title = "%s - %s %s" % (user.short_contact, action(),
entry.repository.repo_name)
desc = action_extra()
_url = None
if entry.repository is not None:
_url = url('changelog_home',
repo_name=entry.repository.repo_name,
qualified=True)
feed.add_item(title=title,
pubdate=entry.action_date,
link=_url or url('', qualified=True),
author_email=user.email,
author_name=user.full_contact,
description=desc)
response.content_type = feed.mime_type
return feed.writeString('utf-8')
def _rss_feed(self, repos, public=True):
journal = self._get_journal_data(repos)
if public:
_link = url('public_journal_atom', qualified=True)
_desc = '%s %s %s' % (c.rhodecode_name, _('public journal'),
'rss feed')
else:
_link = url('journal_atom', qualified=True)
_desc = '%s %s %s' % (c.rhodecode_name, _('journal'), 'rss feed')
feed = Rss201rev2Feed(title=_desc,
link=_link,
description=_desc,
language=self.language,
ttl=self.ttl)
for entry in journal[:self.feed_nr]:
user = entry.user
if user is None:
#fix deleted users
user = AttributeDict({'short_contact': entry.username,
'email': '',
'full_contact': ''})
action, action_extra, ico = h.action_parser(entry, feed=True)
title = "%s - %s %s" % (user.short_contact, action(),
entry.repository.repo_name)
desc = action_extra()
_url = None
if entry.repository is not None:
_url = url('changelog_home',
repo_name=entry.repository.repo_name,
qualified=True)
feed.add_item(title=title,
pubdate=entry.action_date,
link=_url or url('', qualified=True),
author_email=user.email,
author_name=user.full_contact,
description=desc)
response.content_type = feed.mime_type
return feed.writeString('utf-8')
@LoginRequired()
@NotAnonymous()
def index(self):
# Return a rendered template
p = safe_int(request.GET.get('page', 1), 1)
c.user = User.get(c.rhodecode_user.user_id)
following = self.sa.query(UserFollowing)\
.filter(UserFollowing.user_id == c.rhodecode_user.user_id)\
.options(joinedload(UserFollowing.follows_repository))\
.all()
journal = self._get_journal_data(following)
def url_generator(**kw):
return url.current(filter=c.search_term, **kw)
c.journal_pager = Page(journal, page=p, items_per_page=20, url=url_generator)
c.journal_day_aggreagate = self._get_daily_aggregate(c.journal_pager)
c.journal_data = render('journal/journal_data.html')
if request.is_xhr:
return c.journal_data
return render('journal/journal.html')
@LoginRequired(auth_token_access=True)
@NotAnonymous()
def journal_atom(self):
"""
Produce an atom-1.0 feed via feedgenerator module
"""
following = self.sa.query(UserFollowing)\
.filter(UserFollowing.user_id == c.rhodecode_user.user_id)\
.options(joinedload(UserFollowing.follows_repository))\
.all()
return self._atom_feed(following, public=False)
@LoginRequired(auth_token_access=True)
@NotAnonymous()
def journal_rss(self):
"""
Produce an rss feed via feedgenerator module
"""
following = self.sa.query(UserFollowing)\
.filter(UserFollowing.user_id == c.rhodecode_user.user_id)\
.options(joinedload(UserFollowing.follows_repository))\
.all()
return self._rss_feed(following, public=False)
@CSRFRequired()
@LoginRequired()
@NotAnonymous()
def toggle_following(self):
user_id = request.POST.get('follows_user_id')
if user_id:
try:
self.scm_model.toggle_following_user(
user_id, c.rhodecode_user.user_id)
db: always use Session() for compatibility, Using Session is actually the...
r506 Session().commit()
project: added all source files and assets
r1 return 'ok'
except Exception:
raise HTTPBadRequest()
repo_id = request.POST.get('follows_repo_id')
if repo_id:
try:
self.scm_model.toggle_following_repo(
repo_id, c.rhodecode_user.user_id)
db: always use Session() for compatibility, Using Session is actually the...
r506 Session().commit()
project: added all source files and assets
r1 return 'ok'
except Exception:
raise HTTPBadRequest()
@LoginRequired()
def public_journal(self):
# Return a rendered template
p = safe_int(request.GET.get('page', 1), 1)
c.following = self.sa.query(UserFollowing)\
.filter(UserFollowing.user_id == c.rhodecode_user.user_id)\
.options(joinedload(UserFollowing.follows_repository))\
.all()
journal = self._get_journal_data(c.following)
c.journal_pager = Page(journal, page=p, items_per_page=20)
c.journal_day_aggreagate = self._get_daily_aggregate(c.journal_pager)
c.journal_data = render('journal/journal_data.html')
if request.is_xhr:
return c.journal_data
return render('journal/public_journal.html')
@LoginRequired(auth_token_access=True)
def public_journal_atom(self):
"""
Produce an atom-1.0 feed via feedgenerator module
"""
c.following = self.sa.query(UserFollowing)\
.filter(UserFollowing.user_id == c.rhodecode_user.user_id)\
.options(joinedload(UserFollowing.follows_repository))\
.all()
return self._atom_feed(c.following)
@LoginRequired(auth_token_access=True)
def public_journal_rss(self):
"""
Produce an rss2 feed via feedgenerator module
"""
c.following = self.sa.query(UserFollowing)\
.filter(UserFollowing.user_id == c.rhodecode_user.user_id)\
.options(joinedload(UserFollowing.follows_repository))\
.all()
return self._rss_feed(c.following)