##// END OF EJS Templates
docs: update instructions for shared exception store in cluster setup
docs: update instructions for shared exception store in cluster setup

File last commit:

r2954:5ef9c564 default
r3067:9b7d4cbb default
Show More
__init__.py
132 lines | 5.2 KiB | text/x-python | PythonLexer
project: added all source files and assets
r1 # -*- coding: utf-8 -*-
release: update copyright year to 2018
r2487 # Copyright (C) 2012-2018 RhodeCode GmbH
project: added all source files and assets
r1 #
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
cli: skip auth plugin search/registry in case of cli invocation for faster execution of those actions....
r2652 import os
project: added all source files and assets
r1 import logging
authn: Import legacy authentication modules and invoke their includeme.
r130 import importlib
project: added all source files and assets
r1
from pkg_resources import iter_entry_points
from pyramid.authentication import SessionAuthenticationPolicy
from rhodecode.authentication.registry import AuthenticationPluginRegistry
from rhodecode.authentication.routes import root_factory
from rhodecode.authentication.routes import AuthnRootResource
apps: switch import of ADMIN_PREFIX from routing into base app....
r2309 from rhodecode.apps._base import ADMIN_PREFIX
authn: Load legacy plugin ID's from DB and log them.
r129 from rhodecode.model.settings import SettingsModel
project: added all source files and assets
r1
authn: Store legacy plugins prefix in module variable.
r132
project: added all source files and assets
r1 log = logging.getLogger(__name__)
authn: Small refactoring of plugin discovery.
r135 # Plugin ID prefixes to distinct between normal and legacy plugins.
plugin_prefix = 'egg:'
authn: Store legacy plugins prefix in module variable.
r132 legacy_plugin_prefix = 'py:'
caches: enable cache TTL=30s for auth-plugins....
r2954 plugin_default_auth_ttl = 30
authn: Store legacy plugins prefix in module variable.
r132
project: added all source files and assets
r1
# TODO: Currently this is only used to discover the authentication plugins.
# Later on this may be used in a generic way to look up and include all kinds
# of supported enterprise plugins. Therefore this has to be moved and
# refactored to a real 'plugin look up' machinery.
# TODO: When refactoring this think about splitting it up into distinct
# discover, load and include phases.
def _discover_plugins(config, entry_point='enterprise.plugins1'):
for ep in iter_entry_points(entry_point):
authn: Remove doubled colon in plugin ID generation.
r138 plugin_id = '{}{}#{}'.format(
authn: Small refactoring of plugin discovery.
r135 plugin_prefix, ep.dist.project_name, ep.name)
project: added all source files and assets
r1 log.debug('Plugin discovered: "%s"', plugin_id)
authn: Small refactoring of plugin discovery.
r135 try:
module = ep.load()
plugin = module(plugin_id=plugin_id)
config.include(plugin.includeme)
except Exception as e:
log.exception(
'Exception while loading authentication plugin '
'"{}": {}'.format(plugin_id, e.message))
project: added all source files and assets
r1
authn: Small refactoring of plugin discovery.
r135
def _import_legacy_plugin(plugin_id):
module_name = plugin_id.split(legacy_plugin_prefix, 1)[-1]
module = importlib.import_module(module_name)
return module.plugin_factory(plugin_id=plugin_id)
project: added all source files and assets
r1
authn: Store legacy plugins prefix in module variable.
r132 def _discover_legacy_plugins(config, prefix=legacy_plugin_prefix):
authn: Add docstring to function that discovers legacy plugins.
r131 """
Function that imports the legacy plugins stored in the 'auth_plugins'
setting in database which are using the specified prefix. Normally 'py:' is
used for the legacy plugins.
"""
setup: catch and don't stop on any exception in fetching the legacy plugins.
r2649 try:
auth_plugins = SettingsModel().get_setting_by_name('auth_plugins')
enabled_plugins = auth_plugins.app_settings_value
legacy_plugins = [id_ for id_ in enabled_plugins if id_.startswith(prefix)]
except Exception:
legacy_plugins = []
authn: Load legacy plugin ID's from DB and log them.
r129
authn: Import legacy authentication modules and invoke their includeme.
r130 for plugin_id in legacy_plugins:
authn: Small refactoring of plugin discovery.
r135 log.debug('Legacy plugin discovered: "%s"', plugin_id)
authn: Import legacy authentication modules and invoke their includeme.
r130 try:
authn: Small refactoring of plugin discovery.
r135 plugin = _import_legacy_plugin(plugin_id)
authn: Import legacy authentication modules and invoke their includeme.
r130 config.include(plugin.includeme)
authn: Make the legacy plugin import more robust if something fails during import.
r134 except Exception as e:
authn: Small refactoring of plugin discovery.
r135 log.exception(
'Exception while loading legacy authentication plugin '
authn: Import legacy authentication modules and invoke their includeme.
r130 '"{}": {}'.format(plugin_id, e.message))
authn: Load legacy plugin ID's from DB and log them.
r129
project: added all source files and assets
r1 def includeme(config):
# Set authentication policy.
authn_policy = SessionAuthenticationPolicy()
config.set_authentication_policy(authn_policy)
# Create authentication plugin registry and add it to the pyramid registry.
authn: Add an INI option to set an authentication plugin fallback. #3953...
r52 authn_registry = AuthenticationPluginRegistry(config.get_settings())
project: added all source files and assets
r1 config.add_directive('add_authn_plugin', authn_registry.add_authn_plugin)
config.registry.registerUtility(authn_registry)
# Create authentication traversal root resource.
authn_root_resource = root_factory()
config.add_directive('add_authn_resource',
authn_root_resource.add_authn_resource)
# Add the authentication traversal route.
config.add_route('auth_home',
ADMIN_PREFIX + '/auth*traverse',
factory=root_factory)
# Add the authentication settings root views.
config.add_view('rhodecode.authentication.views.AuthSettingsView',
attr='index',
request_method='GET',
route_name='auth_home',
context=AuthnRootResource)
config.add_view('rhodecode.authentication.views.AuthSettingsView',
attr='auth_settings',
request_method='POST',
route_name='auth_home',
context=AuthnRootResource)
cli: skip auth plugin search/registry in case of cli invocation for faster execution of those actions....
r2652 for key in ['RC_CMD_SETUP_RC', 'RC_CMD_UPGRADE_DB', 'RC_CMD_SSH_WRAPPER']:
if os.environ.get(key):
# skip this heavy step below on certain CLI commands
return
project: added all source files and assets
r1 # Auto discover authentication plugins and include their configuration.
_discover_plugins(config)
authn: Load legacy plugin ID's from DB and log them.
r129 _discover_legacy_plugins(config)