# HG changeset patch # User Marcin Kuzminski # Date 2017-07-25 14:27:08 # Node ID 9d49c7f1e2d3e1868331da50a74b030c49bdd66a # Parent fe95a76f599e65b19d31c32f8209f30cac7e2485 user: deprecated usage of api_keys. - additionally we don't load secrets as they are never used (and are expensive to fetch) - simplify fetching of details improves performance diff --git a/rhodecode/apps/admin/tests/test_admin_users.py b/rhodecode/apps/admin/tests/test_admin_users.py --- a/rhodecode/apps/admin/tests/test_admin_users.py +++ b/rhodecode/apps/admin/tests/test_admin_users.py @@ -135,7 +135,7 @@ class TestAdminUsersView(TestController) self.log_user() user = user_util.create_user() user_id = user.user_id - keys = user.extra_auth_tokens + keys = user.auth_tokens assert 2 == len(keys) response = self.app.post( diff --git a/rhodecode/apps/my_account/tests/test_my_account_auth_tokens.py b/rhodecode/apps/my_account/tests/test_my_account_auth_tokens.py --- a/rhodecode/apps/my_account/tests/test_my_account_auth_tokens.py +++ b/rhodecode/apps/my_account/tests/test_my_account_auth_tokens.py @@ -87,7 +87,7 @@ class TestMyAccountAuthTokens(TestContro self.log_user(user.username, 'qweqwe') user = User.get(user_id) - keys = user.extra_auth_tokens + keys = user.get_auth_tokens() assert 2 == len(keys) response = self.app.post( @@ -98,7 +98,7 @@ class TestMyAccountAuthTokens(TestContro response.follow() user = User.get(user_id) - keys = user.extra_auth_tokens + keys = user.get_auth_tokens() assert 3 == len(keys) response = self.app.post( @@ -107,5 +107,5 @@ class TestMyAccountAuthTokens(TestContro assert_session_flash(response, 'Auth token successfully deleted') user = User.get(user_id) - keys = user.extra_auth_tokens + keys = user.auth_tokens assert 2 == len(keys) diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py --- a/rhodecode/lib/auth.py +++ b/rhodecode/lib/auth.py @@ -865,7 +865,7 @@ class AuthUser(object): Fills in user data and propagates values to this instance. Maps fetched user attributes to this class instance attributes """ - log.debug('starting data propagation for new potential AuthUser') + log.debug('AuthUser: starting data propagation for new potential user') user_model = UserModel() anon_user = self.anonymous_user = User.get_default_user(cache=True) is_user_loaded = False @@ -904,7 +904,7 @@ class AuthUser(object): if not self.username: self.username = 'None' - log.debug('Auth User is now %s' % self) + log.debug('AuthUser: propagated user is now %s' % self) def get_perms(self, user, scope=None, explicit=True, algo='higherwin', cache=False): diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py --- a/rhodecode/model/db.py +++ b/rhodecode/model/db.py @@ -619,15 +619,15 @@ class User(Base, BaseModel): @property def emails(self): - other = UserEmailMap.query().filter(UserEmailMap.user==self).all() + other = UserEmailMap.query().filter(UserEmailMap.user == self).all() return [self.email] + [x.email for x in other] @property def auth_tokens(self): - return [x.api_key for x in self.extra_auth_tokens] - - @property - def extra_auth_tokens(self): + auth_tokens = self.get_auth_tokens() + return [x.api_key for x in auth_tokens] + + def get_auth_tokens(self): return UserApiKeys.query().filter(UserApiKeys.user == self).all() @property @@ -938,12 +938,11 @@ class User(Base, BaseModel): if details == 'basic': return data - api_key_length = 40 - api_key_replacement = '*' * api_key_length + auth_token_length = 40 + auth_token_replacement = '*' * auth_token_length extras = { - 'api_keys': [api_key_replacement], - 'auth_tokens': [api_key_replacement], + 'auth_tokens': [auth_token_replacement], 'active': user.active, 'admin': user.admin, 'extern_type': user.extern_type, @@ -956,8 +955,7 @@ class User(Base, BaseModel): data.update(extras) if include_secrets: - data['api_keys'] = user.auth_tokens - data['auth_tokens'] = user.extra_auth_tokens + data['auth_tokens'] = user.auth_tokens return data def __json__(self): diff --git a/rhodecode/model/user.py b/rhodecode/model/user.py --- a/rhodecode/model/user.py +++ b/rhodecode/model/user.py @@ -372,7 +372,10 @@ class UserModel(BaseModel): AuthTokenModel().create(username, description='Generated feed token', role=AuthTokenModel.cls.ROLE_FEED) - log_create_user(created_by=cur_user, **new_user.get_dict()) + kwargs = new_user.get_dict() + # backward compat, require api_keys present + kwargs['api_keys'] = kwargs['auth_tokens'] + log_create_user(created_by=cur_user, **kwargs) events.trigger(events.UserPostCreate(user_data)) return new_user except (DatabaseError,): @@ -675,17 +678,15 @@ class UserModel(BaseModel): return False log.debug('filling user:%s data', dbuser) + user_data = dbuser.get_dict() - # TODO: johbo: Think about this and find a clean solution - user_data = dbuser.get_dict() - user_data.update(dbuser.get_api_data(include_secrets=True)) user_data.update({ # set explicit the safe escaped values 'first_name': dbuser.first_name, 'last_name': dbuser.last_name, }) - for k, v in user_data.iteritems(): + for k, v in user_data.items(): # properties of auth user we dont update if k not in ['auth_tokens', 'permissions']: setattr(auth_user, k, v) diff --git a/rhodecode/tests/models/test_users.py b/rhodecode/tests/models/test_users.py --- a/rhodecode/tests/models/test_users.py +++ b/rhodecode/tests/models/test_users.py @@ -190,13 +190,13 @@ def test_get_api_data_replaces_secret_da api_key_length = 40 expected_replacement = '*' * api_key_length - for key in api_data['api_keys']: + for key in api_data['auth_tokens']: assert key == expected_replacement def test_get_api_data_includes_secret_data_if_activated(test_user): api_data = test_user.get_api_data(include_secrets=True) - assert api_data['api_keys'] == test_user.auth_tokens + assert api_data['auth_tokens'] == test_user.auth_tokens def test_add_perm(test_user):