Show More
@@ -183,20 +183,20 b' def request_view(request):' | |||||
183 | # search not expired tokens only |
|
183 | # search not expired tokens only | |
184 |
|
184 | |||
185 | try: |
|
185 | try: | |
186 | u = User.get_by_auth_token(request.rpc_api_key) |
|
186 | api_user = User.get_by_auth_token(request.rpc_api_key) | |
187 |
|
187 | |||
188 | if u is None: |
|
188 | if api_user is None: | |
189 | return jsonrpc_error( |
|
189 | return jsonrpc_error( | |
190 | request, retid=request.rpc_id, message='Invalid API KEY') |
|
190 | request, retid=request.rpc_id, message='Invalid API KEY') | |
191 |
|
191 | |||
192 | if not u.active: |
|
192 | if not api_user.active: | |
193 | return jsonrpc_error( |
|
193 | return jsonrpc_error( | |
194 | request, retid=request.rpc_id, |
|
194 | request, retid=request.rpc_id, | |
195 | message='Request from this user not allowed') |
|
195 | message='Request from this user not allowed') | |
196 |
|
196 | |||
197 | # check if we are allowed to use this IP |
|
197 | # check if we are allowed to use this IP | |
198 | auth_u = AuthUser( |
|
198 | auth_u = AuthUser( | |
199 | u.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) |
|
199 | api_user.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) | |
200 | if not auth_u.ip_allowed: |
|
200 | if not auth_u.ip_allowed: | |
201 | return jsonrpc_error( |
|
201 | return jsonrpc_error( | |
202 | request, retid=request.rpc_id, |
|
202 | request, retid=request.rpc_id, | |
@@ -205,11 +205,14 b' def request_view(request):' | |||||
205 | else: |
|
205 | else: | |
206 | log.info('Access for IP:%s allowed' % (request.rpc_ip_addr,)) |
|
206 | log.info('Access for IP:%s allowed' % (request.rpc_ip_addr,)) | |
207 |
|
207 | |||
|
208 | # register our auth-user | |||
|
209 | request.rpc_user = auth_u | |||
|
210 | ||||
208 | # now check if token is valid for API |
|
211 | # now check if token is valid for API | |
209 | role = UserApiKeys.ROLE_API |
|
212 | role = UserApiKeys.ROLE_API | |
210 | extra_auth_tokens = [ |
|
213 | extra_auth_tokens = [ | |
211 | x.api_key for x in User.extra_valid_auth_tokens(u, role=role)] |
|
214 | x.api_key for x in User.extra_valid_auth_tokens(api_user, role=role)] | |
212 | active_tokens = [u.api_key] + extra_auth_tokens |
|
215 | active_tokens = [api_user.api_key] + extra_auth_tokens | |
213 |
|
216 | |||
214 | log.debug('Checking if API key has proper role') |
|
217 | log.debug('Checking if API key has proper role') | |
215 | if request.rpc_api_key not in active_tokens: |
|
218 | if request.rpc_api_key not in active_tokens: |
@@ -38,15 +38,30 b' class RhodecodeEvent(object):' | |||||
38 | self.utc_timestamp = datetime.utcnow() |
|
38 | self.utc_timestamp = datetime.utcnow() | |
39 |
|
39 | |||
40 | @property |
|
40 | @property | |
|
41 | def auth_user(self): | |||
|
42 | if not self.request: | |||
|
43 | return | |||
|
44 | ||||
|
45 | user = getattr(self.request, 'user', None) | |||
|
46 | if user: | |||
|
47 | return user | |||
|
48 | ||||
|
49 | api_user = getattr(self.request, 'rpc_user', None) | |||
|
50 | if api_user: | |||
|
51 | return api_user | |||
|
52 | ||||
|
53 | @property | |||
41 | def actor(self): |
|
54 | def actor(self): | |
42 | if self.request: |
|
55 | auth_user = self.auth_user | |
43 | return self.request.user.get_instance() |
|
56 | if auth_user: | |
|
57 | return auth_user.get_instance() | |||
44 | return SYSTEM_USER |
|
58 | return SYSTEM_USER | |
45 |
|
59 | |||
46 | @property |
|
60 | @property | |
47 | def actor_ip(self): |
|
61 | def actor_ip(self): | |
48 | if self.request: |
|
62 | auth_user = self.auth_user | |
49 | return self.request.user.ip_addr |
|
63 | if auth_user: | |
|
64 | return auth_user.ip_addr | |||
50 | return '<no ip available>' |
|
65 | return '<no ip available>' | |
51 |
|
66 | |||
52 | @property |
|
67 | @property |
General Comments 0
You need to be logged in to leave comments.
Login now