Show More
@@ -183,20 +183,20 b' def request_view(request):' | |||
|
183 | 183 | # search not expired tokens only |
|
184 | 184 | |
|
185 | 185 | try: |
|
186 | u = User.get_by_auth_token(request.rpc_api_key) | |
|
186 | api_user = User.get_by_auth_token(request.rpc_api_key) | |
|
187 | 187 | |
|
188 | if u is None: | |
|
188 | if api_user is None: | |
|
189 | 189 | return jsonrpc_error( |
|
190 | 190 | request, retid=request.rpc_id, message='Invalid API KEY') |
|
191 | 191 | |
|
192 | if not u.active: | |
|
192 | if not api_user.active: | |
|
193 | 193 | return jsonrpc_error( |
|
194 | 194 | request, retid=request.rpc_id, |
|
195 | 195 | message='Request from this user not allowed') |
|
196 | 196 | |
|
197 | 197 | # check if we are allowed to use this IP |
|
198 | 198 | auth_u = AuthUser( |
|
199 | u.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) | |
|
199 | api_user.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) | |
|
200 | 200 | if not auth_u.ip_allowed: |
|
201 | 201 | return jsonrpc_error( |
|
202 | 202 | request, retid=request.rpc_id, |
@@ -205,11 +205,14 b' def request_view(request):' | |||
|
205 | 205 | else: |
|
206 | 206 | log.info('Access for IP:%s allowed' % (request.rpc_ip_addr,)) |
|
207 | 207 | |
|
208 | # register our auth-user | |
|
209 | request.rpc_user = auth_u | |
|
210 | ||
|
208 | 211 | # now check if token is valid for API |
|
209 | 212 | role = UserApiKeys.ROLE_API |
|
210 | 213 | extra_auth_tokens = [ |
|
211 | x.api_key for x in User.extra_valid_auth_tokens(u, role=role)] | |
|
212 | active_tokens = [u.api_key] + extra_auth_tokens | |
|
214 | x.api_key for x in User.extra_valid_auth_tokens(api_user, role=role)] | |
|
215 | active_tokens = [api_user.api_key] + extra_auth_tokens | |
|
213 | 216 | |
|
214 | 217 | log.debug('Checking if API key has proper role') |
|
215 | 218 | if request.rpc_api_key not in active_tokens: |
@@ -38,15 +38,30 b' class RhodecodeEvent(object):' | |||
|
38 | 38 | self.utc_timestamp = datetime.utcnow() |
|
39 | 39 | |
|
40 | 40 | @property |
|
41 | def auth_user(self): | |
|
42 | if not self.request: | |
|
43 | return | |
|
44 | ||
|
45 | user = getattr(self.request, 'user', None) | |
|
46 | if user: | |
|
47 | return user | |
|
48 | ||
|
49 | api_user = getattr(self.request, 'rpc_user', None) | |
|
50 | if api_user: | |
|
51 | return api_user | |
|
52 | ||
|
53 | @property | |
|
41 | 54 | def actor(self): |
|
42 | if self.request: | |
|
43 | return self.request.user.get_instance() | |
|
55 | auth_user = self.auth_user | |
|
56 | if auth_user: | |
|
57 | return auth_user.get_instance() | |
|
44 | 58 | return SYSTEM_USER |
|
45 | 59 | |
|
46 | 60 | @property |
|
47 | 61 | def actor_ip(self): |
|
48 | if self.request: | |
|
49 | return self.request.user.ip_addr | |
|
62 | auth_user = self.auth_user | |
|
63 | if auth_user: | |
|
64 | return auth_user.ip_addr | |
|
50 | 65 | return '<no ip available>' |
|
51 | 66 | |
|
52 | 67 | @property |
General Comments 0
You need to be logged in to leave comments.
Login now