u/ewong/rhodecode-enterprise-ce-fork Commit - r1479:7da2c024

auth-tokens: remove showing builtin tokens

marcink -

r1479:7da2c024 default

parent child

rhodecode/controllers/admin/my_account.py

0 +4 -11

                  @auth.CSRFRequired()
                  def my_account_auth_tokens_delete(self):
-                     auth_token = request.POST.get('del_auth_token')
-                     user_id = c.rhodecode_user.user_id
-                     if request.POST.get('del_auth_token_builtin'):
-                         user = User.get(user_id)
-                         if user:
-                             user.api_key = generate_auth_token(user.username)
-                             Session().add(user)
-                             Session().commit()
-                             h.flash(_("Auth token successfully reset"), category='success')
-                     elif auth_token:
-                         AuthTokenModel().delete(auth_token, c.rhodecode_user.user_id)
+                     del_auth_token = request.POST.get('del_auth_token')
+                     if del_auth_token:
+                         AuthTokenModel().delete(del_auth_token, c.rhodecode_user.user_id)
                          Session().commit()
                          h.flash(_("Auth token successfully deleted"), category='success')

rhodecode/controllers/admin/users.py

0 +3 -10

                          h.flash(_("You can't edit this user"), category='warning')
                          return redirect(url('users'))
-                     auth_token = request.POST.get('del_auth_token')
-                     if request.POST.get('del_auth_token_builtin'):
-                         user = User.get(c.user.user_id)
-                         if user:
-                             user.api_key = generate_auth_token(user.username)
-                             Session().add(user)
-                             Session().commit()
-                             h.flash(_("Auth token successfully reset"), category='success')
-                     elif auth_token:
-                         AuthTokenModel().delete(auth_token, c.user.user_id)
+                     del_auth_token = request.POST.get('del_auth_token')
+                     if del_auth_token:
+                         AuthTokenModel().delete(del_auth_token, c.user.user_id)
                          Session().commit()
                          h.flash(_("Auth token successfully deleted"), category='success')

rhodecode/lib/dbmigrate/schema/db_4_7_0_0.py

0 0 -7

                      return False
                  @property
-                 def builtin_token_roles(self):
-                     roles = [
-                         UserApiKeys.ROLE_API, UserApiKeys.ROLE_FEED, UserApiKeys.ROLE_HTTP
+                     ]
-                     return map(UserApiKeys._get_role_name, roles)
-                 @property
                  def ip_addresses(self):
                      ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                      return [x.ip_addr for x in ret]

rhodecode/model/db.py

0 0 -7

                      return False
                  @property
-                 def builtin_token_roles(self):
-                     roles = [
-                         UserApiKeys.ROLE_API, UserApiKeys.ROLE_FEED, UserApiKeys.ROLE_HTTP
+                     ]
-                     return map(UserApiKeys._get_role_name, roles)
-                 @property
                  def ip_addresses(self):
                      ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                      return [x.ip_addr for x in ret]

rhodecode/templates/admin/my_account/my_account_auth_tokens.mako

0 0 -26

                </div>
                <div class="panel-body">
                    <p>
-                      ${_('Built-in tokens can be used to authenticate with all possible options.')}<br/>
                       ${_('Each token can have a role. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations.')}
                    </p>
                    <table class="rctable auth_tokens">
-                     <tr>
-                         <td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${c.user.api_key}</code></div></td>
-                         <td class="td-tags">
-                             <span class="tag disabled">${_('Built-in')}</span>
-                         </td>
-                         <td class="td-tags">
-                             % for token in c.user.builtin_token_roles:
-                             <span class="tag disabled">
-                                 ${token}
-                             </span>
-                             % endfor
-                         </td>
-                         <td class="td-exp">${_('expires')}: ${_('never')}</td>
-                         <td class="td-action">
-                             ${h.secure_form(url('my_account_auth_tokens'),method='delete')}
-                                 ${h.hidden('del_auth_token',c.user.api_key)}
-                                 ${h.hidden('del_auth_token_builtin',1)}
-                                 <button class="btn-link btn-danger" type="submit"
-                                         onclick="return confirm('${_('Confirm to reset this auth token: %s') % c.user.api_key}');">
-                                     <i class="icon-refresh"></i>
-                                     ${_('Reset')}
-                                 </button>
-                             ${h.end_form()}
-                         </td>
-                     </tr>
                      %if c.user_auth_tokens:
                          %for auth_token in c.user_auth_tokens:
                            <tr class="${'expired' if auth_token.expired else ''}">

rhodecode/templates/admin/users/user_edit_auth_tokens.mako

0 0 -24

		@@ -5,30 +5,6 b''
5	5	<div class="panel-body">
6	6	<div class="apikeys_wrap">
7	7	<table class="rctable auth_tokens">
8		<tr>
9		<td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${c.user.api_key}</code></div></td>
10		<td class="td-tags">
11		<span class="tag disabled">${_('Built-in')}</span>
12		</td>
13		<td class="td-tags">
14		% for token in c.user.builtin_token_roles:
15		<span class="tag disabled">
16		${token}
17		</span>
18		% endfor
19		</td>
20		<td class="td-exp">${_('expires')}: ${_('never')}</td>
21		<td class="td-action">
22		${h.secure_form(url('edit_user_auth_tokens', user_id=c.user.user_id),method='delete')}
23		${h.hidden('del_auth_token',c.user.api_key)}
24		${h.hidden('del_auth_token_builtin',1)}
25		<button class="btn btn-link btn-danger" type="submit"
26		onclick="return confirm('${_('Confirm to reset this auth token: %s') % c.user.api_key}');">
27		${_('Reset')}
28		</button>
29		${h.end_form()}
30		</td>
31		</tr>
32	8	%if c.user_auth_tokens:
33	9	%for auth_token in c.user_auth_tokens:
34	10	<tr class="${'expired' if auth_token.expired else ''}">

rhodecode/tests/functional/test_admin_my_account.py

0 0 -16

                      keys = user.extra_auth_tokens
                      assert 1 == len(keys)
-                 def test_my_account_reset_main_auth_token(self):
-                     usr = self.log_user('test_regular2', 'test12')
-                     user = User.get(usr['user_id'])
-                     api_key = user.api_key
-                     response = self.app.get(url('my_account_auth_tokens'))
-                     response.mustcontain(api_key)
-                     response.mustcontain('expires: never')
-                     response = self.app.post(
-                         url('my_account_auth_tokens'),
-                         {'_method': 'delete', 'del_auth_token_builtin': api_key,
-                             'csrf_token': self.csrf_token})
-                     assert_session_flash(response, 'Auth token successfully reset')
-                     response = response.follow()
-                     response.mustcontain(no=[api_key])
                  def test_valid_change_password(self, user_util):
                      new_password = 'my_new_valid_password'
                      user = user_util.create_user(password=self.test_user_1_password)

rhodecode/tests/functional/test_admin_users.py

0 0 -17

		@@ -625,20 +625,3 b' class TestAdminUsersController(TestContr'
625	625	assert_session_flash(response, 'Auth token successfully deleted')
626	626	keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
627	627	assert 0 == len(keys)
628
629		def test_reset_main_auth_token(self):
630		self.log_user()
631		user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
632		user_id = user.user_id
633		api_key = user.api_key
634		response = self.app.get(url('edit_user_auth_tokens', user_id=user_id))
635		response.mustcontain(api_key)
636		response.mustcontain('expires: never')
637
638		response = self.app.post(
639		url('edit_user_auth_tokens', user_id=user_id),
640		{'_method': 'delete', 'del_auth_token_builtin': api_key,
641		'csrf_token': self.csrf_token})
642		assert_session_flash(response, 'Auth token successfully reset')
643		response = response.follow()
644		response.mustcontain(no=[api_key])

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages