diff --git a/rhodecode/api/__init__.py b/rhodecode/api/__init__.py --- a/rhodecode/api/__init__.py +++ b/rhodecode/api/__init__.py @@ -132,7 +132,7 @@ def exception_view(exc, request): log.debug('json-rpc error rpc_id:%s "%s"', rpc_id, fault_message) elif isinstance(exc, JSONRPCValidationError): colander_exc = exc.colander_exception - #TODO: think maybe of nicer way to serialize errors ? + # TODO(marcink): think maybe of nicer way to serialize errors ? fault_message = colander_exc.asdict() log.debug('json-rpc error rpc_id:%s "%s"', rpc_id, fault_message) elif isinstance(exc, JSONRPCForbidden): @@ -240,7 +240,7 @@ def request_view(request): message=('Missing non optional `%s` arg in JSON DATA' % arg) ) - # sanitze extra passed arguments + # sanitize extra passed arguments for k in request.rpc_params.keys()[:]: if k not in func_kwargs: del request.rpc_params[k] @@ -269,9 +269,10 @@ def setup_request(request): We need to raise JSONRPCError here if we want to return some errors back to user. """ + log.debug('Executing setup request: %r', request) request.rpc_ip_addr = get_ip_addr(request.environ) - # TODO: marcink, deprecate GET at some point + # TODO(marcink): deprecate GET at some point if request.method not in ['POST', 'GET']: log.debug('unsupported request method "%s"', request.method) raise JSONRPCError( @@ -308,6 +309,8 @@ def setup_request(request): if not api_key: raise KeyError('api_key or auth_token') + # TODO(marcink): support passing in token in request header + request.rpc_api_key = api_key request.rpc_id = json_body['id'] request.rpc_method = json_body['method'] @@ -485,8 +488,7 @@ def includeme(config): config.registry.jsonrpc_methods = OrderedDict() # match filter by given method only - config.add_view_predicate( - 'jsonrpc_method', MethodPredicate) + config.add_view_predicate('jsonrpc_method', MethodPredicate) config.add_renderer(DEFAULT_RENDERER, ExtJsonRenderer( serializer=json.dumps, indent=4)) diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py --- a/rhodecode/lib/auth.py +++ b/rhodecode/lib/auth.py @@ -846,7 +846,7 @@ class AuthUser(object): Fills in user data and propagates values to this instance. Maps fetched user attributes to this class instance attributes """ - + log.debug('starting data propagation for new potential AuthUser') user_model = UserModel() anon_user = self.anonymous_user = User.get_default_user(cache=True) is_user_loaded = False diff --git a/rhodecode/lib/base.py b/rhodecode/lib/base.py --- a/rhodecode/lib/base.py +++ b/rhodecode/lib/base.py @@ -393,7 +393,8 @@ def get_auth_user(environ): request.GET.get('api_key', '')) if _auth_token: - # when using API_KEY we are sure user exists. + # when using API_KEY we assume user exists, and + # doesn't need auth based on cookies. auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr) authenticated = False else: @@ -412,8 +413,7 @@ def get_auth_user(environ): if password_changed(auth_user, session): session.invalidate() - cookie_store = CookieStoreWrapper( - session.get('rhodecode_user')) + cookie_store = CookieStoreWrapper(session.get('rhodecode_user')) auth_user = AuthUser(ip_addr=ip_addr) authenticated = cookie_store.get('is_authenticated') diff --git a/rhodecode/tweens.py b/rhodecode/tweens.py --- a/rhodecode/tweens.py +++ b/rhodecode/tweens.py @@ -52,9 +52,11 @@ def pylons_compatibility_tween_factory(h request.environ, request.registry.settings.get('vcs.backends')) if vcs_handler: + # save detected VCS type for later re-use request.environ[VCS_TYPE_KEY] = vcs_handler.SCM return handler(request) + # mark that we didn't detect an VCS, and we can skip detection later on request.environ[VCS_TYPE_KEY] = VCS_TYPE_SKIP # Setup pylons globals.