u/ewong/rhodecode-enterprise-ce-fork Commit - r890:ed7b68ec

1

# -*- coding: utf-8 -*-

1

# -*- coding: utf-8 -*-

2

3

4

#

4

#

5

# This program is free software: you can redistribute it and/or modify

5

# This program is free software: you can redistribute it and/or modify

6

# it under the terms of the GNU Affero General Public License, version 3

6

# it under the terms of the GNU Affero General Public License, version 3

7

# (only), as published by the Free Software Foundation.

7

# (only), as published by the Free Software Foundation.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU Affero General Public License

14

# You should have received a copy of the GNU Affero General Public License

15

# along with this program. If not, see <http://www.gnu.org/licenses/>.

15

# along with this program. If not, see <http://www.gnu.org/licenses/>.

16

#

16

#

17

# This program is dual-licensed. If you wish to learn more about the

17

# This program is dual-licensed. If you wish to learn more about the

18

# RhodeCode Enterprise Edition, including its added features, Support services,

18

# RhodeCode Enterprise Edition, including its added features, Support services,

19

# and proprietary license terms, please see https://rhodecode.com/licenses/

19

# and proprietary license terms, please see https://rhodecode.com/licenses/

20

21

"""

21

"""

22

SimpleVCS middleware for handling protocol request (push/clone etc.)

22

SimpleVCS middleware for handling protocol request (push/clone etc.)

23

It's implemented with basic auth function

23

It's implemented with basic auth function

24

"""

24

"""

25

26

import os

26

import os

27

import logging

27

import logging

28

import importlib

28

import importlib

29

import re

29

import re

30

from functools import wraps

30

from functools import wraps

31

32

from paste.httpheaders import REMOTE_USER, AUTH_TYPE

32

from paste.httpheaders import REMOTE_USER, AUTH_TYPE

33

from webob.exc import (

33

from webob.exc import (

34

HTTPNotFound, HTTPForbidden, HTTPNotAcceptable, HTTPInternalServerError)

34

HTTPNotFound, HTTPForbidden, HTTPNotAcceptable, HTTPInternalServerError)

35

36

import rhodecode

36

import rhodecode

37

from rhodecode.authentication.base import authenticate, VCS_TYPE

37

from rhodecode.authentication.base import authenticate, VCS_TYPE

38

from rhodecode.lib.auth import AuthUser, HasPermissionAnyMiddleware

38

from rhodecode.lib.auth import AuthUser, HasPermissionAnyMiddleware

39

from rhodecode.lib.base import BasicAuth, get_ip_addr, vcs_operation_context

39

from rhodecode.lib.base import BasicAuth, get_ip_addr, vcs_operation_context

40

from rhodecode.lib.exceptions import (

40

from rhodecode.lib.exceptions import (

41

HTTPLockedRC, HTTPRequirementError, UserCreationError,

41

HTTPLockedRC, HTTPRequirementError, UserCreationError,

42

NotAllowedToCreateUserError)

42

NotAllowedToCreateUserError)

43

from rhodecode.lib.hooks_daemon import prepare_callback_daemon

43

from rhodecode.lib.hooks_daemon import prepare_callback_daemon

44

from rhodecode.lib.middleware import appenlight

44

from rhodecode.lib.middleware import appenlight

45

from rhodecode.lib.middleware.utils import scm_app

45

from rhodecode.lib.middleware.utils import scm_app

46

from rhodecode.lib.utils import (

46

from rhodecode.lib.utils import (

47

is_valid_repo, get_rhodecode_realm, get_rhodecode_base_path)

47

is_valid_repo, get_rhodecode_realm, get_rhodecode_base_path)

48

from rhodecode.lib.utils2 import safe_str, fix_PATH, str2bool

48

from rhodecode.lib.utils2 import safe_str, fix_PATH, str2bool

49

from rhodecode.lib.vcs.conf import settings as vcs_settings

49

from rhodecode.lib.vcs.conf import settings as vcs_settings

50

from rhodecode.lib.vcs.backends import base

50

from rhodecode.lib.vcs.backends import base

51

from rhodecode.model import meta

51

from rhodecode.model import meta

52

from rhodecode.model.db import User, Repository

52

from rhodecode.model.db import User, Repository

53

from rhodecode.model.scm import ScmModel

53

from rhodecode.model.scm import ScmModel

54

55

56

log = logging.getLogger(__name__)

56

log = logging.getLogger(__name__)

57

58

59

def initialize_generator(factory):

59

def initialize_generator(factory):

60

"""

60

"""

61

Initializes the returned generator by draining its first element.

61

Initializes the returned generator by draining its first element.

62

63

This can be used to give a generator an initializer, which is the code

63

This can be used to give a generator an initializer, which is the code

64

up to the first yield statement. This decorator enforces that the first

64

up to the first yield statement. This decorator enforces that the first

65

produced element has the value ``"__init__"`` to make its special

65

produced element has the value ``"__init__"`` to make its special

66

purpose very explicit in the using code.

66

purpose very explicit in the using code.

67

"""

67

"""

68

69

@wraps(factory)

69

@wraps(factory)

70

def wrapper(*args, **kwargs):

70

def wrapper(*args, **kwargs):

71

gen = factory(*args, **kwargs)

71

gen = factory(*args, **kwargs)

72

try:

72

try:

73

init = gen.next()

73

init = gen.next()

74

except StopIteration:

74

except StopIteration:

75

raise ValueError('Generator must yield at least one element.')

75

raise ValueError('Generator must yield at least one element.')

76

if init != "__init__":

76

if init != "__init__":

77

raise ValueError('First yielded element must be "__init__".')

77

raise ValueError('First yielded element must be "__init__".')

78

return gen

78

return gen

79

return wrapper

79

return wrapper

80

81

82

class SimpleVCS(object):

82

class SimpleVCS(object):

83

"""Common functionality for SCM HTTP handlers."""

83

"""Common functionality for SCM HTTP handlers."""

84

85

SCM = 'unknown'

85

SCM = 'unknown'

86

87

acl_repo_name = None

87

acl_repo_name = None

88

url_repo_name = None

88

url_repo_name = None

89

vcs_repo_name = None

89

vcs_repo_name = None

90

91

def __init__(self, application, config, registry):

91

def __init__(self, application, config, registry):

92

self.registry = registry

92

self.registry = registry

93

self.application = application

93

self.application = application

94

self.config = config

94

self.config = config

95

# re-populated by specialized middleware

95

# re-populated by specialized middleware

96

self.repo_vcs_config = base.Config()

96

self.repo_vcs_config = base.Config()

97

98

# base path of repo locations

98

# base path of repo locations

99

self.basepath = get_rhodecode_base_path()

99

self.basepath = get_rhodecode_base_path()

100

# authenticate this VCS request using authfunc

100

# authenticate this VCS request using authfunc

101

auth_ret_code_detection = \

101

auth_ret_code_detection = \

102

str2bool(self.config.get('auth_ret_code_detection', False))

102

str2bool(self.config.get('auth_ret_code_detection', False))

103

self.authenticate = BasicAuth(

103

self.authenticate = BasicAuth(

104

'', authenticate, registry, config.get('auth_ret_code'),

104

'', authenticate, registry, config.get('auth_ret_code'),

105

auth_ret_code_detection)

105

auth_ret_code_detection)

106

self.ip_addr = '0.0.0.0'

106

self.ip_addr = '0.0.0.0'

107

108

def set_repo_names(self, environ):

108

def set_repo_names(self, environ):

109

"""

109

"""

110

This will populate the attributes acl_repo_name, url_repo_name and

110

This will populate the attributes acl_repo_name, url_repo_name and

111

vcs_repo_name on the current instance.

111

vcs_repo_name on the current instance.

112

"""

112

"""

113

# TODO: martinb: Move to class or module scope.

113

# TODO: martinb: Move to class or module scope.

114

pr_regex = re.compile(

114

pr_regex = re.compile(

115

'(?P<base_name>(?:[\w-]+)(?:/[\w-]+)*)/'

115

'(?P<base_name>(?:[\w-]+)(?:/[\w-]+)*)/'

116

'(?P<repo_name>[\w-]+)'

116

'(?P<repo_name>[\w-]+)'

117

'/pull-request/(?P<pr_id>\d+)/repository')

117

'/pull-request/(?P<pr_id>\d+)/repository')

118

119

self.url_repo_name = self._get_repository_name(environ)

119

self.url_repo_name = self._get_repository_name(environ)

120

match = pr_regex.match(self.url_repo_name)

120

match = pr_regex.match(self.url_repo_name)

121

122

if match:

122

if match:

123

match_dict = match.groupdict()

123

match_dict = match.groupdict()

124

self.acl_repo_name = '{base_name}/{repo_name}'.format(**match_dict)

124

self.acl_repo_name = '{base_name}/{repo_name}'.format(**match_dict)

125

self.vcs_repo_name = '{base_name}/.__shadow_{repo_name}_pr-{pr_id}'.format(

125

self.vcs_repo_name = '{base_name}/.__shadow_{repo_name}_pr-{pr_id}'.format(

126

**match_dict)

126

**match_dict)

127

self.pr_id = match_dict.~~get~~('pr_id')

127

self.pr_id = match_dict['pr_id']

128

else:

128

else:

129

self.acl_repo_name = self.url_repo_name

129

self.acl_repo_name = self.url_repo_name

130

self.vcs_repo_name = self.url_repo_name

130

self.vcs_repo_name = self.url_repo_name

131

self.pr_id = None

131

self.pr_id = None

132

133

@property

133

@property

134

def repo_name(self):

134

def repo_name(self):

135

# TODO: johbo: Remove, switch to correct repo name attribute

135

# TODO: johbo: Remove, switch to correct repo name attribute

136

return self.acl_repo_name

136

return self.acl_repo_name

137

138

@property

138

@property

139

def scm_app(self):

139

def scm_app(self):

140

custom_implementation = self.config.get('vcs.scm_app_implementation')

140

custom_implementation = self.config.get('vcs.scm_app_implementation')

141

if custom_implementation and custom_implementation != 'pyro4':

141

if custom_implementation and custom_implementation != 'pyro4':

142

log.info(

142

log.info(

143

"Using custom implementation of scm_app: %s",

143

"Using custom implementation of scm_app: %s",

144

custom_implementation)

144

custom_implementation)

145

scm_app_impl = importlib.import_module(custom_implementation)

145

scm_app_impl = importlib.import_module(custom_implementation)

146

else:

146

else:

147

scm_app_impl = scm_app

147

scm_app_impl = scm_app

148

return scm_app_impl

148

return scm_app_impl

149

150

def _get_by_id(self, repo_name):

150

def _get_by_id(self, repo_name):

151

"""

151

"""

152

Gets a special pattern _<ID> from clone url and tries to replace it

152

Gets a special pattern _<ID> from clone url and tries to replace it

153

with a repository_name for support of _<ID> non changeable urls

153

with a repository_name for support of _<ID> non changeable urls

154

"""

154

"""

155

156

data = repo_name.split('/')

156

data = repo_name.split('/')

157

if len(data) >= 2:

157

if len(data) >= 2:

158

from rhodecode.model.repo import RepoModel

158

from rhodecode.model.repo import RepoModel

159

by_id_match = RepoModel().get_repo_by_id(repo_name)

159

by_id_match = RepoModel().get_repo_by_id(repo_name)

160

if by_id_match:

160

if by_id_match:

161

data[1] = by_id_match.repo_name

161

data[1] = by_id_match.repo_name

162

163

return safe_str('/'.join(data))

163

return safe_str('/'.join(data))

164

165

def _invalidate_cache(self, repo_name):

165

def _invalidate_cache(self, repo_name):

166

"""

166

"""

167

Set's cache for this repository for invalidation on next access

167

Set's cache for this repository for invalidation on next access

168

169

:param repo_name: full repo name, also a cache key

169

:param repo_name: full repo name, also a cache key

170

"""

170

"""

171

ScmModel().mark_for_invalidation(repo_name)

171

ScmModel().mark_for_invalidation(repo_name)

172

173

def is_valid_and_existing_repo(self, repo_name, base_path, scm_type):

173

def is_valid_and_existing_repo(self, repo_name, base_path, scm_type):

174

db_repo = Repository.get_by_repo_name(repo_name)

174

db_repo = Repository.get_by_repo_name(repo_name)

175

if not db_repo:

175

if not db_repo:

176

log.debug('Repository `%s` not found inside the database.',

176

log.debug('Repository `%s` not found inside the database.',

177

repo_name)

177

repo_name)

178

return False

178

return False

179

180

if db_repo.repo_type != scm_type:

180

if db_repo.repo_type != scm_type:

181

log.warning(

181

log.warning(

182

'Repository `%s` have incorrect scm_type, expected %s got %s',

182

'Repository `%s` have incorrect scm_type, expected %s got %s',

183

repo_name, db_repo.repo_type, scm_type)

183

repo_name, db_repo.repo_type, scm_type)

184

return False

184

return False

185

186

return is_valid_repo(repo_name, base_path, expect_scm=scm_type)

186

return is_valid_repo(repo_name, base_path, expect_scm=scm_type)

187

188

def valid_and_active_user(self, user):

188

def valid_and_active_user(self, user):

189

"""

189

"""

190

Checks if that user is not empty, and if it's actually object it checks

190

Checks if that user is not empty, and if it's actually object it checks

191

if he's active.

191

if he's active.

192

193

:param user: user object or None

193

:param user: user object or None

194

:return: boolean

194

:return: boolean

195

"""

195

"""

196

if user is None:

196

if user is None:

197

return False

197

return False

198

199

elif user.active:

199

elif user.active:

200

return True

200

return True

201

202

return False

202

return False

203

204

def _check_permission(self, action, user, repo_name, ip_addr=None):

204

def _check_permission(self, action, user, repo_name, ip_addr=None):

205

"""

205

"""

206

Checks permissions using action (push/pull) user and repository

206

Checks permissions using action (push/pull) user and repository

207

name

207

name

208

209

:param action: push or pull action

209

:param action: push or pull action

210

:param user: user instance

210

:param user: user instance

211

:param repo_name: repository name

211

:param repo_name: repository name

212

"""

212

"""

213

# check IP

213

# check IP

214

inherit = user.inherit_default_permissions

214

inherit = user.inherit_default_permissions

215

ip_allowed = AuthUser.check_ip_allowed(user.user_id, ip_addr,

215

ip_allowed = AuthUser.check_ip_allowed(user.user_id, ip_addr,

216

inherit_from_default=inherit)

216

inherit_from_default=inherit)

217

if ip_allowed:

217

if ip_allowed:

218

log.info('Access for IP:%s allowed', ip_addr)

218

log.info('Access for IP:%s allowed', ip_addr)

219

else:

219

else:

220

return False

220

return False

221

222

if action == 'push':

222

if action == 'push':

223

if not HasPermissionAnyMiddleware('repository.write',

223

if not HasPermissionAnyMiddleware('repository.write',

224

'repository.admin')(user,

224

'repository.admin')(user,

225

repo_name):

225

repo_name):

226

return False

226

return False

227

228

else:

228

else:

229

# any other action need at least read permission

229

# any other action need at least read permission

230

if not HasPermissionAnyMiddleware('repository.read',

230

if not HasPermissionAnyMiddleware('repository.read',

231

'repository.write',

231

'repository.write',

232

'repository.admin')(user,

232

'repository.admin')(user,

233

repo_name):

233

repo_name):

234

return False

234

return False

235

236

return True

236

return True

237

238

def _check_ssl(self, environ, start_response):

238

def _check_ssl(self, environ, start_response):

239

"""

239

"""

240

Checks the SSL check flag and returns False if SSL is not present

240

Checks the SSL check flag and returns False if SSL is not present

241

and required True otherwise

241

and required True otherwise

242

"""

242

"""

243

org_proto = environ['wsgi._org_proto']

243

org_proto = environ['wsgi._org_proto']

244

# check if we have SSL required ! if not it's a bad request !

244

# check if we have SSL required ! if not it's a bad request !

245

require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl'))

245

require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl'))

246

if require_ssl and org_proto == 'http':

246

if require_ssl and org_proto == 'http':

247

log.debug('proto is %s and SSL is required BAD REQUEST !',

247

log.debug('proto is %s and SSL is required BAD REQUEST !',

248

org_proto)

248

org_proto)

249

return False

249

return False

250

return True

250

return True

251

252

def __call__(self, environ, start_response):

252

def __call__(self, environ, start_response):

253

try:

253

try:

254

return self._handle_request(environ, start_response)

254

return self._handle_request(environ, start_response)

255

except Exception:

255

except Exception:

256

log.exception("Exception while handling request")

256

log.exception("Exception while handling request")

257

appenlight.track_exception(environ)

257

appenlight.track_exception(environ)

258

return HTTPInternalServerError()(environ, start_response)

258

return HTTPInternalServerError()(environ, start_response)

259

finally:

259

finally:

260

meta.Session.remove()

260

meta.Session.remove()

261

262

def _handle_request(self, environ, start_response):

262

def _handle_request(self, environ, start_response):

263

264

if not self._check_ssl(environ, start_response):

264

if not self._check_ssl(environ, start_response):

265

reason = ('SSL required, while RhodeCode was unable '

265

reason = ('SSL required, while RhodeCode was unable '

266

'to detect this as SSL request')

266

'to detect this as SSL request')

267

log.debug('User not allowed to proceed, %s', reason)

267

log.debug('User not allowed to proceed, %s', reason)

268

return HTTPNotAcceptable(reason)(environ, start_response)

268

return HTTPNotAcceptable(reason)(environ, start_response)

269

270

if not self.repo_name:

270

if not self.repo_name:

271

log.warning('Repository name is empty: %s', self.repo_name)

271

log.warning('Repository name is empty: %s', self.repo_name)

272

# failed to get repo name, we fail now

272

# failed to get repo name, we fail now

273

return HTTPNotFound()(environ, start_response)

273

return HTTPNotFound()(environ, start_response)

274

log.debug('Extracted repo name is %s', self.repo_name)

274

log.debug('Extracted repo name is %s', self.repo_name)

275

276

ip_addr = get_ip_addr(environ)

276

ip_addr = get_ip_addr(environ)

277

username = None

277

username = None

278

279

# skip passing error to error controller

279

# skip passing error to error controller

280

environ['pylons.status_code_redirect'] = True

280

environ['pylons.status_code_redirect'] = True

281

282

# ======================================================================

282

# ======================================================================

283

# GET ACTION PULL or PUSH

283

# GET ACTION PULL or PUSH

284

# ======================================================================

284

# ======================================================================

285

action = self._get_action(environ)

285

action = self._get_action(environ)

286

287

# ======================================================================

287

# ======================================================================

288

# CHECK ANONYMOUS PERMISSION

288

# CHECK ANONYMOUS PERMISSION

289

# ======================================================================

289

# ======================================================================

290

if action in ['pull', 'push']:

290

if action in ['pull', 'push']:

291

anonymous_user = User.get_default_user()

291

anonymous_user = User.get_default_user()

292

username = anonymous_user.username

292

username = anonymous_user.username

293

if anonymous_user.active:

293

if anonymous_user.active:

294

# ONLY check permissions if the user is activated

294

# ONLY check permissions if the user is activated

295

anonymous_perm = self._check_permission(

295

anonymous_perm = self._check_permission(

296

action, anonymous_user, self.repo_name, ip_addr)

296

action, anonymous_user, self.repo_name, ip_addr)

297

else:

297

else:

298

anonymous_perm = False

298

anonymous_perm = False

299

300

if not anonymous_user.active or not anonymous_perm:

300

if not anonymous_user.active or not anonymous_perm:

301

if not anonymous_user.active:

301

if not anonymous_user.active:

302

log.debug('Anonymous access is disabled, running '

302

log.debug('Anonymous access is disabled, running '

303

'authentication')

303

'authentication')

304

305

if not anonymous_perm:

305

if not anonymous_perm:

306

log.debug('Not enough credentials to access this '

306

log.debug('Not enough credentials to access this '

307

'repository as anonymous user')

307

'repository as anonymous user')

308

309

username = None

309

username = None

310

# ==============================================================

310

# ==============================================================

311

# DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE

311

# DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE

312

# NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS

312

# NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS

313

# ==============================================================

313

# ==============================================================

314

315

# try to auth based on environ, container auth methods

315

# try to auth based on environ, container auth methods

316

log.debug('Running PRE-AUTH for container based authentication')

316

log.debug('Running PRE-AUTH for container based authentication')

317

pre_auth = authenticate(

317

pre_auth = authenticate(

318

'', '', environ, VCS_TYPE, registry=self.registry)

318

'', '', environ, VCS_TYPE, registry=self.registry)

319

if pre_auth and pre_auth.get('username'):

319

if pre_auth and pre_auth.get('username'):

320

username = pre_auth['username']

320

username = pre_auth['username']

321

log.debug('PRE-AUTH got %s as username', username)

321

log.debug('PRE-AUTH got %s as username', username)

322

323

# If not authenticated by the container, running basic auth

323

# If not authenticated by the container, running basic auth

324

if not username:

324

if not username:

325

self.authenticate.realm = get_rhodecode_realm()

325

self.authenticate.realm = get_rhodecode_realm()

326

327

try:

327

try:

328

result = self.authenticate(environ)

328

result = self.authenticate(environ)

329

except (UserCreationError, NotAllowedToCreateUserError) as e:

329

except (UserCreationError, NotAllowedToCreateUserError) as e:

330

log.error(e)

330

log.error(e)

331

reason = safe_str(e)

331

reason = safe_str(e)

332

return HTTPNotAcceptable(reason)(environ, start_response)

332

return HTTPNotAcceptable(reason)(environ, start_response)

333

334

if isinstance(result, str):

334

if isinstance(result, str):

335

AUTH_TYPE.update(environ, 'basic')

335

AUTH_TYPE.update(environ, 'basic')

336

REMOTE_USER.update(environ, result)

336

REMOTE_USER.update(environ, result)

337

username = result

337

username = result

338

else:

338

else:

339

return result.wsgi_application(environ, start_response)

339

return result.wsgi_application(environ, start_response)

340

341

# ==============================================================

341

# ==============================================================

342

# CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME

342

# CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME

343

# ==============================================================

343

# ==============================================================

344

user = User.get_by_username(username)

344

user = User.get_by_username(username)

345

if not self.valid_and_active_user(user):

345

if not self.valid_and_active_user(user):

346

return HTTPForbidden()(environ, start_response)

346

return HTTPForbidden()(environ, start_response)

347

username = user.username

347

username = user.username

348

user.update_lastactivity()

348

user.update_lastactivity()

349

meta.Session().commit()

349

meta.Session().commit()

350

351

# check user attributes for password change flag

351

# check user attributes for password change flag

352

user_obj = user

352

user_obj = user

353

if user_obj and user_obj.username != User.DEFAULT_USER and \

353

if user_obj and user_obj.username != User.DEFAULT_USER and \

354

user_obj.user_data.get('force_password_change'):

354

user_obj.user_data.get('force_password_change'):

355

reason = 'password change required'

355

reason = 'password change required'

356

log.debug('User not allowed to authenticate, %s', reason)

356

log.debug('User not allowed to authenticate, %s', reason)

357

return HTTPNotAcceptable(reason)(environ, start_response)

357

return HTTPNotAcceptable(reason)(environ, start_response)

358

359

# check permissions for this repository

359

# check permissions for this repository

360

perm = self._check_permission(

360

perm = self._check_permission(

361

action, user, self.repo_name, ip_addr)

361

action, user, self.repo_name, ip_addr)

362

if not perm:

362

if not perm:

363

return HTTPForbidden()(environ, start_response)

363

return HTTPForbidden()(environ, start_response)

364

365

# extras are injected into UI object and later available

365

# extras are injected into UI object and later available

366

# in hooks executed by rhodecode

366

# in hooks executed by rhodecode

367

check_locking = _should_check_locking(environ.get('QUERY_STRING'))

367

check_locking = _should_check_locking(environ.get('QUERY_STRING'))

368

extras = vcs_operation_context(

368

extras = vcs_operation_context(

369

environ, repo_name=self.repo_name, username=username,

369

environ, repo_name=self.repo_name, username=username,

370

action=action, scm=self.SCM,

370

action=action, scm=self.SCM,

371

check_locking=check_locking)

371

check_locking=check_locking)

372

373

# ======================================================================

373

# ======================================================================

374

# REQUEST HANDLING

374

# REQUEST HANDLING

375

# ======================================================================

375

# ======================================================================

376

str_repo_name = safe_str(self.repo_name)

376

str_repo_name = safe_str(self.repo_name)

377

repo_path = os.path.join(

377

repo_path = os.path.join(

378

safe_str(self.basepath), safe_str(self.vcs_repo_name))

378

safe_str(self.basepath), safe_str(self.vcs_repo_name))

379

log.debug('Repository path is %s', repo_path)

379

log.debug('Repository path is %s', repo_path)

380

381

fix_PATH()

381

fix_PATH()

382

383

log.info(

383

log.info(

384

'%s action on %s repo "%s" by "%s" from %s',

384

'%s action on %s repo "%s" by "%s" from %s',

385

action, self.SCM, str_repo_name, safe_str(username), ip_addr)

385

action, self.SCM, str_repo_name, safe_str(username), ip_addr)

386

387

return self._generate_vcs_response(

387

return self._generate_vcs_response(

388

environ, start_response, repo_path, self.url_repo_name, extras, action)

388

environ, start_response, repo_path, self.url_repo_name, extras, action)

389

390

@initialize_generator

390

@initialize_generator

391

def _generate_vcs_response(

391

def _generate_vcs_response(

392

self, environ, start_response, repo_path, repo_name, extras,

392

self, environ, start_response, repo_path, repo_name, extras,

393

action):

393

action):

394

"""

394

"""

395

Returns a generator for the response content.

395

Returns a generator for the response content.

396

397

This method is implemented as a generator, so that it can trigger

397

This method is implemented as a generator, so that it can trigger

398

the cache validation after all content sent back to the client. It

398

the cache validation after all content sent back to the client. It

399

also handles the locking exceptions which will be triggered when

399

also handles the locking exceptions which will be triggered when

400

the first chunk is produced by the underlying WSGI application.

400

the first chunk is produced by the underlying WSGI application.

401

"""

401

"""

402

callback_daemon, extras = self._prepare_callback_daemon(extras)

402

callback_daemon, extras = self._prepare_callback_daemon(extras)

403

config = self._create_config(extras, self.acl_repo_name)

403

config = self._create_config(extras, self.acl_repo_name)

404

log.debug('HOOKS extras is %s', extras)

404

log.debug('HOOKS extras is %s', extras)

405

app = self._create_wsgi_app(repo_path, repo_name, config)

405

app = self._create_wsgi_app(repo_path, repo_name, config)

406

407

try:

407

try:

408

with callback_daemon:

408

with callback_daemon:

409

try:

409

try:

410

response = app(environ, start_response)

410

response = app(environ, start_response)

411

finally:

411

finally:

412

# This statement works together with the decorator

412

# This statement works together with the decorator

413

# "initialize_generator" above. The decorator ensures that

413

# "initialize_generator" above. The decorator ensures that

414

# we hit the first yield statement before the generator is

414

# we hit the first yield statement before the generator is

415

# returned back to the WSGI server. This is needed to

415

# returned back to the WSGI server. This is needed to

416

# ensure that the call to "app" above triggers the

416

# ensure that the call to "app" above triggers the

417

# needed callback to "start_response" before the

417

# needed callback to "start_response" before the

418

# generator is actually used.

418

# generator is actually used.

419

yield "__init__"

419

yield "__init__"

420

421

for chunk in response:

421

for chunk in response:

422

yield chunk

422

yield chunk

423

except Exception as exc:

423

except Exception as exc:

424

# TODO: johbo: Improve "translating" back the exception.

424

# TODO: johbo: Improve "translating" back the exception.

425

if getattr(exc, '_vcs_kind', None) == 'repo_locked':

425

if getattr(exc, '_vcs_kind', None) == 'repo_locked':

426

exc = HTTPLockedRC(*exc.args)

426

exc = HTTPLockedRC(*exc.args)

427

_code = rhodecode.CONFIG.get('lock_ret_code')

427

_code = rhodecode.CONFIG.get('lock_ret_code')

428

log.debug('Repository LOCKED ret code %s!', (_code,))

428

log.debug('Repository LOCKED ret code %s!', (_code,))

429

elif getattr(exc, '_vcs_kind', None) == 'requirement':

429

elif getattr(exc, '_vcs_kind', None) == 'requirement':

430

log.debug(

430

log.debug(

431

'Repository requires features unknown to this Mercurial')

431

'Repository requires features unknown to this Mercurial')

432

exc = HTTPRequirementError(*exc.args)

432

exc = HTTPRequirementError(*exc.args)

433

else:

433

else:

434

raise

434

raise

435

436

for chunk in exc(environ, start_response):

436

for chunk in exc(environ, start_response):

437

yield chunk

437

yield chunk

438

finally:

438

finally:

439

# invalidate cache on push

439

# invalidate cache on push

440

try:

440

try:

441

if action == 'push':

441

if action == 'push':

442

self._invalidate_cache(repo_name)

442

self._invalidate_cache(repo_name)

443

finally:

443

finally:

444

meta.Session.remove()

444

meta.Session.remove()

445

446

def _get_repository_name(self, environ):

446

def _get_repository_name(self, environ):

447

"""Get repository name out of the environmnent

447

"""Get repository name out of the environmnent

448

449

:param environ: WSGI environment

449

:param environ: WSGI environment

450

"""

450

"""

451

raise NotImplementedError()

451

raise NotImplementedError()

452

453

def _get_action(self, environ):

453

def _get_action(self, environ):

454

"""Map request commands into a pull or push command.

454

"""Map request commands into a pull or push command.

455

456

:param environ: WSGI environment

456

:param environ: WSGI environment

457

"""

457

"""

458

raise NotImplementedError()

458

raise NotImplementedError()

459

460

def _create_wsgi_app(self, repo_path, repo_name, config):

460

def _create_wsgi_app(self, repo_path, repo_name, config):

461

"""Return the WSGI app that will finally handle the request."""

461

"""Return the WSGI app that will finally handle the request."""

462

raise NotImplementedError()

462

raise NotImplementedError()

463

464

def _create_config(self, extras, repo_name):

464

def _create_config(self, extras, repo_name):

465

"""Create a Pyro safe config representation."""

465

"""Create a Pyro safe config representation."""

466

raise NotImplementedError()

466

raise NotImplementedError()

467

468

def _prepare_callback_daemon(self, extras):

468

def _prepare_callback_daemon(self, extras):

469

return prepare_callback_daemon(

469

return prepare_callback_daemon(

470

extras, protocol=vcs_settings.HOOKS_PROTOCOL,

470

extras, protocol=vcs_settings.HOOKS_PROTOCOL,

471

use_direct_calls=vcs_settings.HOOKS_DIRECT_CALLS)

471

use_direct_calls=vcs_settings.HOOKS_DIRECT_CALLS)

472

473

474

def _should_check_locking(query_string):

474

def _should_check_locking(query_string):

475

# this is kind of hacky, but due to how mercurial handles client-server

475

# this is kind of hacky, but due to how mercurial handles client-server

476

# server see all operation on commit; bookmarks, phases and

476

# server see all operation on commit; bookmarks, phases and

477

# obsolescence marker in different transaction, we don't want to check

477

# obsolescence marker in different transaction, we don't want to check

478

# locking on those

478

# locking on those

479

return query_string not in ['cmd=listkeys']

479

return query_string not in ['cmd=listkeys']

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # -*- coding: utf-8 -*-
             # Copyright (C) 2014-2016  RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             SimpleVCS middleware for handling protocol request (push/clone etc.)
             It's implemented with basic auth function
             """
             import os
             import logging
             import importlib
             import re
             from functools import wraps
             from paste.httpheaders import REMOTE_USER, AUTH_TYPE
             from webob.exc import (
                 HTTPNotFound, HTTPForbidden, HTTPNotAcceptable, HTTPInternalServerError)
             import rhodecode
             from rhodecode.authentication.base import authenticate, VCS_TYPE
             from rhodecode.lib.auth import AuthUser, HasPermissionAnyMiddleware
             from rhodecode.lib.base import BasicAuth, get_ip_addr, vcs_operation_context
             from rhodecode.lib.exceptions import (
                 HTTPLockedRC, HTTPRequirementError, UserCreationError,
                 NotAllowedToCreateUserError)
             from rhodecode.lib.hooks_daemon import prepare_callback_daemon
             from rhodecode.lib.middleware import appenlight
             from rhodecode.lib.middleware.utils import scm_app
             from rhodecode.lib.utils import (
                 is_valid_repo, get_rhodecode_realm, get_rhodecode_base_path)
             from rhodecode.lib.utils2 import safe_str, fix_PATH, str2bool
             from rhodecode.lib.vcs.conf import settings as vcs_settings
             from rhodecode.lib.vcs.backends import base
             from rhodecode.model import meta
             from rhodecode.model.db import User, Repository
             from rhodecode.model.scm import ScmModel
             log = logging.getLogger(__name__)
             def initialize_generator(factory):
                 """
                 Initializes the returned generator by draining its first element.
                 This can be used to give a generator an initializer, which is the code
                 up to the first yield statement. This decorator enforces that the first
                 produced element has the value ``"__init__"`` to make its special
                 purpose very explicit in the using code.
                 """
                 @wraps(factory)
                 def wrapper(*args, **kwargs):
                     gen = factory(*args, **kwargs)
                     try:
                         init = gen.next()
                     except StopIteration:
                         raise ValueError('Generator must yield at least one element.')
                     if init != "__init__":
                         raise ValueError('First yielded element must be "__init__".')
                     return gen
                 return wrapper
             class SimpleVCS(object):
                 """Common functionality for SCM HTTP handlers."""
                 SCM = 'unknown'
                 acl_repo_name = None
                 url_repo_name = None
                 vcs_repo_name = None
                 def __init__(self, application, config, registry):
                     self.registry = registry
                     self.application = application
                     self.config = config
                     # re-populated by specialized middleware
                     self.repo_vcs_config = base.Config()
                     # base path of repo locations
                     self.basepath = get_rhodecode_base_path()
                     # authenticate this VCS request using authfunc
                     auth_ret_code_detection = \
                         str2bool(self.config.get('auth_ret_code_detection', False))
                     self.authenticate = BasicAuth(
                         '', authenticate, registry, config.get('auth_ret_code'),
                         auth_ret_code_detection)
                     self.ip_addr = '0.0.0.0'
                 def set_repo_names(self, environ):
                     """
                     This will populate the attributes acl_repo_name, url_repo_name and
                     vcs_repo_name on the current instance.
                     """
                     # TODO: martinb: Move to class or module scope.
                     pr_regex = re.compile(
                         '(?P<base_name>(?:[\w-]+)(?:/[\w-]+)*)/'
                         '(?P<repo_name>[\w-]+)'
                         '/pull-request/(?P<pr_id>\d+)/repository')
                     self.url_repo_name = self._get_repository_name(environ)
                     match = pr_regex.match(self.url_repo_name)
                     if match:
                         match_dict = match.groupdict()
                         self.acl_repo_name = '{base_name}/{repo_name}'.format(**match_dict)
                         self.vcs_repo_name = '{base_name}/.__shadow_{repo_name}_pr-{pr_id}'.format(
                             **match_dict)
-                        self.pr_id = match_dict.get('pr_id')
+                        self.pr_id = match_dict['pr_id']
                     else:
                         self.acl_repo_name = self.url_repo_name
                         self.vcs_repo_name = self.url_repo_name
                         self.pr_id = None
                 @property
                 def repo_name(self):
                     # TODO: johbo: Remove, switch to correct repo name attribute
                     return self.acl_repo_name
                 @property
                 def scm_app(self):
                     custom_implementation = self.config.get('vcs.scm_app_implementation')
                     if custom_implementation and custom_implementation != 'pyro4':
                         log.info(
                             "Using custom implementation of scm_app: %s",
                             custom_implementation)
                         scm_app_impl = importlib.import_module(custom_implementation)
                     else:
                         scm_app_impl = scm_app
                     return scm_app_impl
                 def _get_by_id(self, repo_name):
                     """
                     Gets a special pattern _<ID> from clone url and tries to replace it
                     with a repository_name for support of _<ID> non changeable urls
                     """
                     data = repo_name.split('/')
                     if len(data) >= 2:
                         from rhodecode.model.repo import RepoModel
                         by_id_match = RepoModel().get_repo_by_id(repo_name)
                         if by_id_match:
                             data[1] = by_id_match.repo_name
                     return safe_str('/'.join(data))
                 def _invalidate_cache(self, repo_name):
                     """
                     Set's cache for this repository for invalidation on next access
                     :param repo_name: full repo name, also a cache key
                     """
                     ScmModel().mark_for_invalidation(repo_name)
                 def is_valid_and_existing_repo(self, repo_name, base_path, scm_type):
                     db_repo = Repository.get_by_repo_name(repo_name)
                     if not db_repo:
                         log.debug('Repository `%s` not found inside the database.',
                                   repo_name)
                         return False
                     if db_repo.repo_type != scm_type:
                         log.warning(
                             'Repository `%s` have incorrect scm_type, expected %s got %s',
                             repo_name, db_repo.repo_type, scm_type)
                         return False
                     return is_valid_repo(repo_name, base_path, expect_scm=scm_type)
                 def valid_and_active_user(self, user):
                     """
                     Checks if that user is not empty, and if it's actually object it checks
                     if he's active.
                     :param user: user object or None
                     :return: boolean
                     """
                     if user is None:
                         return False
                     elif user.active:
                         return True
                     return False
                 def _check_permission(self, action, user, repo_name, ip_addr=None):
                     """
                     Checks permissions using action (push/pull) user and repository
                     name
                     :param action: push or pull action
                     :param user: user instance
                     :param repo_name: repository name
                     """
                     # check IP
                     inherit = user.inherit_default_permissions
                     ip_allowed = AuthUser.check_ip_allowed(user.user_id, ip_addr,
                                                            inherit_from_default=inherit)
                     if ip_allowed:
                         log.info('Access for IP:%s allowed', ip_addr)
                     else:
                         return False
                     if action == 'push':
                         if not HasPermissionAnyMiddleware('repository.write',
                                                           'repository.admin')(user,
                                                                               repo_name):
                             return False
                     else:
                         # any other action need at least read permission
                         if not HasPermissionAnyMiddleware('repository.read',
                                                           'repository.write',
                                                           'repository.admin')(user,
                                                                               repo_name):
                             return False
                     return True
                 def _check_ssl(self, environ, start_response):
                     """
                     Checks the SSL check flag and returns False if SSL is not present
                     and required True otherwise
                     """
                     org_proto = environ['wsgi._org_proto']
                     # check if we have SSL required  ! if not it's a bad request !
                     require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl'))
                     if require_ssl and org_proto == 'http':
                         log.debug('proto is %s and SSL is required BAD REQUEST !',
                                   org_proto)
                         return False
                     return True
                 def __call__(self, environ, start_response):
                     try:
                         return self._handle_request(environ, start_response)
                     except Exception:
                         log.exception("Exception while handling request")
                         appenlight.track_exception(environ)
                         return HTTPInternalServerError()(environ, start_response)
                     finally:
                         meta.Session.remove()
                 def _handle_request(self, environ, start_response):
                     if not self._check_ssl(environ, start_response):
                         reason = ('SSL required, while RhodeCode was unable '
                                   'to detect this as SSL request')
                         log.debug('User not allowed to proceed, %s', reason)
                         return HTTPNotAcceptable(reason)(environ, start_response)
                     if not self.repo_name:
                         log.warning('Repository name is empty: %s', self.repo_name)
                         # failed to get repo name, we fail now
                         return HTTPNotFound()(environ, start_response)
                     log.debug('Extracted repo name is %s', self.repo_name)
                     ip_addr = get_ip_addr(environ)
                     username = None
                     # skip passing error to error controller
                     environ['pylons.status_code_redirect'] = True
                     # ======================================================================
                     # GET ACTION PULL or PUSH
                     # ======================================================================
                     action = self._get_action(environ)
                     # ======================================================================
                     # CHECK ANONYMOUS PERMISSION
                     # ======================================================================
                     if action in ['pull', 'push']:
                         anonymous_user = User.get_default_user()
                         username = anonymous_user.username
                         if anonymous_user.active:
                             # ONLY check permissions if the user is activated
                             anonymous_perm = self._check_permission(
                                 action, anonymous_user, self.repo_name, ip_addr)
                         else:
                             anonymous_perm = False
                         if not anonymous_user.active or not anonymous_perm:
                             if not anonymous_user.active:
                                 log.debug('Anonymous access is disabled, running '
                                           'authentication')
                             if not anonymous_perm:
                                 log.debug('Not enough credentials to access this '
                                           'repository as anonymous user')
                             username = None
                             # ==============================================================
                             # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                             # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                             # ==============================================================
                             # try to auth based on environ, container auth methods
                             log.debug('Running PRE-AUTH for container based authentication')
                             pre_auth = authenticate(
                                 '', '', environ, VCS_TYPE, registry=self.registry)
                             if pre_auth and pre_auth.get('username'):
                                 username = pre_auth['username']
                             log.debug('PRE-AUTH got %s as username', username)
                             # If not authenticated by the container, running basic auth
                             if not username:
                                 self.authenticate.realm = get_rhodecode_realm()
                                 try:
                                     result = self.authenticate(environ)
                                 except (UserCreationError, NotAllowedToCreateUserError) as e:
                                     log.error(e)
                                     reason = safe_str(e)
                                     return HTTPNotAcceptable(reason)(environ, start_response)
                                 if isinstance(result, str):
                                     AUTH_TYPE.update(environ, 'basic')
                                     REMOTE_USER.update(environ, result)
                                     username = result
                                 else:
                                     return result.wsgi_application(environ, start_response)
                             # ==============================================================
                             # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
                             # ==============================================================
                             user = User.get_by_username(username)
                             if not self.valid_and_active_user(user):
                                 return HTTPForbidden()(environ, start_response)
                             username = user.username
                             user.update_lastactivity()
                             meta.Session().commit()
                             # check user attributes for password change flag
                             user_obj = user
                             if user_obj and user_obj.username != User.DEFAULT_USER and \
                                     user_obj.user_data.get('force_password_change'):
                                 reason = 'password change required'
                                 log.debug('User not allowed to authenticate, %s', reason)
                                 return HTTPNotAcceptable(reason)(environ, start_response)
                             # check permissions for this repository
                             perm = self._check_permission(
                                 action, user, self.repo_name, ip_addr)
                             if not perm:
                                 return HTTPForbidden()(environ, start_response)
                     # extras are injected into UI object and later available
                     # in hooks executed by rhodecode
                     check_locking = _should_check_locking(environ.get('QUERY_STRING'))
                     extras = vcs_operation_context(
                         environ, repo_name=self.repo_name, username=username,
                         action=action, scm=self.SCM,
                         check_locking=check_locking)
                     # ======================================================================
                     # REQUEST HANDLING
                     # ======================================================================
                     str_repo_name = safe_str(self.repo_name)
                     repo_path = os.path.join(
                         safe_str(self.basepath), safe_str(self.vcs_repo_name))
                     log.debug('Repository path is %s', repo_path)
                     fix_PATH()
                     log.info(
                         '%s action on %s repo "%s" by "%s" from %s',
                         action, self.SCM, str_repo_name, safe_str(username), ip_addr)
                     return self._generate_vcs_response(
                         environ, start_response, repo_path, self.url_repo_name, extras, action)
                 @initialize_generator
                 def _generate_vcs_response(
                         self, environ, start_response, repo_path, repo_name, extras,
                         action):
                     """
                     Returns a generator for the response content.
                     This method is implemented as a generator, so that it can trigger
                     the cache validation after all content sent back to the client. It
                     also handles the locking exceptions which will be triggered when
                     the first chunk is produced by the underlying WSGI application.
                     """
                     callback_daemon, extras = self._prepare_callback_daemon(extras)
                     config = self._create_config(extras, self.acl_repo_name)
                     log.debug('HOOKS extras is %s', extras)
                     app = self._create_wsgi_app(repo_path, repo_name, config)
                     try:
                         with callback_daemon:
                             try:
                                 response = app(environ, start_response)
                             finally:
                                 # This statement works together with the decorator
                                 # "initialize_generator" above. The decorator ensures that
                                 # we hit the first yield statement before the generator is
                                 # returned back to the WSGI server. This is needed to
                                 # ensure that the call to "app" above triggers the
                                 # needed callback to "start_response" before the
                                 # generator is actually used.
                                 yield "__init__"
                             for chunk in response:
                                 yield chunk
                     except Exception as exc:
                         # TODO: johbo: Improve "translating" back the exception.
                         if getattr(exc, '_vcs_kind', None) == 'repo_locked':
                             exc = HTTPLockedRC(*exc.args)
                             _code = rhodecode.CONFIG.get('lock_ret_code')
                             log.debug('Repository LOCKED ret code %s!', (_code,))
                         elif getattr(exc, '_vcs_kind', None) == 'requirement':
                             log.debug(
                                 'Repository requires features unknown to this Mercurial')
                             exc = HTTPRequirementError(*exc.args)
                         else:
                             raise
                         for chunk in exc(environ, start_response):
                             yield chunk
                     finally:
                         # invalidate cache on push
                         try:
                             if action == 'push':
                                 self._invalidate_cache(repo_name)
                         finally:
                             meta.Session.remove()
                 def _get_repository_name(self, environ):
                     """Get repository name out of the environmnent
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _get_action(self, environ):
                     """Map request commands into a pull or push command.
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _create_wsgi_app(self, repo_path, repo_name, config):
                     """Return the WSGI app that will finally handle the request."""
                     raise NotImplementedError()
                 def _create_config(self, extras, repo_name):
                     """Create a Pyro safe config representation."""
                     raise NotImplementedError()
                 def _prepare_callback_daemon(self, extras):
                     return prepare_callback_daemon(
                         extras, protocol=vcs_settings.HOOKS_PROTOCOL,
                         use_direct_calls=vcs_settings.HOOKS_DIRECT_CALLS)
             def _should_check_locking(query_string):
                 # this is kind of hacky, but due to how mercurial handles client-server
                 # server see all operation on commit; bookmarks, phases and
                 # obsolescence marker in different transaction, we don't want to check
                 # locking on those
                 return query_string not in ['cmd=listkeys']