u/pc/rhodecode-enterprise-ce-fork-pc Commit - r1479:7da2c024

auth-tokens: remove showing builtin tokens

marcink -

r1479:7da2c024 default

parent child

rhodecode/controllers/admin/my_account.py

0 +4 -11

@@ -408,17 +408,10 b' class MyAccountController(BaseController'
408		408
409	@auth.CSRFRequired()	409	@auth.CSRFRequired()
410	def my_account_auth_tokens_delete(self):	410	def my_account_auth_tokens_delete(self):
411	auth_token = request.POST.get('del_auth_token')	411	del_auth_token = request.POST.get('del_auth_token')
412	user_id = c.rhodecode_user.user_id	412
413	if ~~request~~.~~POST~~.~~get~~('del_auth_token~~_builtin'~~):	413	if del_auth_token:
414	user = User.get(user_id)	414	AuthTokenModel().delete(del_auth_token, c.rhodecode_user.user_id)
415	if user:
416	user.api_key = generate_auth_token(user.username)
417	Session().add(user)
418	Session().commit()
419	h.flash(_("Auth token successfully reset"), category='success')
420	elif auth_token:
421	AuthTokenModel().delete(auth_token, c.rhodecode_user.user_id)
422	Session().commit()	415	Session().commit()
423	h.flash(_("Auth token successfully deleted"), category='success')	416	h.flash(_("Auth token successfully deleted"), category='success')
424		417

rhodecode/controllers/admin/users.py

0 +3 -10

@@ -507,16 +507,9 b' class UsersController(BaseController):'
507	h.flash(_("You can't edit this user"), category='warning')	507	h.flash(_("You can't edit this user"), category='warning')
508	return redirect(url('users'))	508	return redirect(url('users'))
509		509
510	auth_token = request.POST.get('del_auth_token')	510	del_auth_token = request.POST.get('del_auth_token')
511	if ~~request~~.~~POST~~.~~get~~('del_auth_token~~_builtin'~~):	511	if del_auth_token:
512	~~user~~ = ~~User~~.~~get~~(c.user.user_id)	512	AuthTokenModel().delete(del_auth_token, c.user.user_id)
513	if user:
514	user.api_key = generate_auth_token(user.username)
515	Session().add(user)
516	Session().commit()
517	h.flash(_("Auth token successfully reset"), category='success')
518	elif auth_token:
519	AuthTokenModel().delete(auth_token, c.user.user_id)
520	Session().commit()	513	Session().commit()
521	h.flash(_("Auth token successfully deleted"), category='success')	514	h.flash(_("Auth token successfully deleted"), category='success')
522		515

rhodecode/lib/dbmigrate/schema/db_4_7_0_0.py

0 0 -7

                     return False
                 @property
-                def builtin_token_roles(self):
-                    roles = [
-                        UserApiKeys.ROLE_API, UserApiKeys.ROLE_FEED, UserApiKeys.ROLE_HTTP
-                    return map(UserApiKeys._get_role_name, roles)
-                @property
                 def ip_addresses(self):
                     ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                     return [x.ip_addr for x in ret]

rhodecode/model/db.py

0 0 -7

                     return False
                 @property
-                def builtin_token_roles(self):
-                    roles = [
-                        UserApiKeys.ROLE_API, UserApiKeys.ROLE_FEED, UserApiKeys.ROLE_HTTP
-                    return map(UserApiKeys._get_role_name, roles)
-                @property
                 def ip_addresses(self):
                     ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                     return [x.ip_addr for x in ret]

rhodecode/templates/admin/my_account/my_account_auth_tokens.mako

0 0 -26

@@ -4,35 +4,9 b''
4	</div>	4	</div>
5	<div class="panel-body">	5	<div class="panel-body">
6	<p>	6	<p>
7	${_('Built-in tokens can be used to authenticate with all possible options.')}<br/>
8	${_('Each token can have a role. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations.')}	7	${_('Each token can have a role. VCS tokens can be used together with the authtoken auth plugin for git/hg/svn operations.')}
9	</p>	8	</p>
10	<table class="rctable auth_tokens">	9	<table class="rctable auth_tokens">
11	<tr>
12	<td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${c.user.api_key}</code></div></td>
13	<td class="td-tags">
14	<span class="tag disabled">${_('Built-in')}</span>
15	</td>
16	<td class="td-tags">
17	% for token in c.user.builtin_token_roles:
18	<span class="tag disabled">
19	${token}
20	</span>
21	% endfor
22	</td>
23	<td class="td-exp">${_('expires')}: ${_('never')}</td>
24	<td class="td-action">
25	${h.secure_form(url('my_account_auth_tokens'),method='delete')}
26	${h.hidden('del_auth_token',c.user.api_key)}
27	${h.hidden('del_auth_token_builtin',1)}
28	<button class="btn-link btn-danger" type="submit"
29	onclick="return confirm('${_('Confirm to reset this auth token: %s') % c.user.api_key}');">
30	<i class="icon-refresh"></i>
31	${_('Reset')}
32	</button>
33	${h.end_form()}
34	</td>
35	</tr>
36	%if c.user_auth_tokens:	10	%if c.user_auth_tokens:
37	%for auth_token in c.user_auth_tokens:	11	%for auth_token in c.user_auth_tokens:
38	<tr class="${'expired' if auth_token.expired else ''}">	12	<tr class="${'expired' if auth_token.expired else ''}">

rhodecode/templates/admin/users/user_edit_auth_tokens.mako

0 0 -24

@@ -5,30 +5,6 b''
5	<div class="panel-body">	5	<div class="panel-body">
6	<div class="apikeys_wrap">	6	<div class="apikeys_wrap">
7	<table class="rctable auth_tokens">	7	<table class="rctable auth_tokens">
8	<tr>
9	<td class="truncate-wrap td-authtoken"><div class="user_auth_tokens truncate autoexpand"><code>${c.user.api_key}</code></div></td>
10	<td class="td-tags">
11	<span class="tag disabled">${_('Built-in')}</span>
12	</td>
13	<td class="td-tags">
14	% for token in c.user.builtin_token_roles:
15	<span class="tag disabled">
16	${token}
17	</span>
18	% endfor
19	</td>
20	<td class="td-exp">${_('expires')}: ${_('never')}</td>
21	<td class="td-action">
22	${h.secure_form(url('edit_user_auth_tokens', user_id=c.user.user_id),method='delete')}
23	${h.hidden('del_auth_token',c.user.api_key)}
24	${h.hidden('del_auth_token_builtin',1)}
25	<button class="btn btn-link btn-danger" type="submit"
26	onclick="return confirm('${_('Confirm to reset this auth token: %s') % c.user.api_key}');">
27	${_('Reset')}
28	</button>
29	${h.end_form()}
30	</td>
31	</tr>
32	%if c.user_auth_tokens:	8	%if c.user_auth_tokens:
33	%for auth_token in c.user_auth_tokens:	9	%for auth_token in c.user_auth_tokens:
34	<tr class="${'expired' if auth_token.expired else ''}">	10	<tr class="${'expired' if auth_token.expired else ''}">

rhodecode/tests/functional/test_admin_my_account.py

0 0 -16

@@ -312,22 +312,6 b' class TestMyAccountController(TestContro'
312	keys = user.extra_auth_tokens	312	keys = user.extra_auth_tokens
313	assert 1 == len(keys)	313	assert 1 == len(keys)
314		314
315	def test_my_account_reset_main_auth_token(self):
316	usr = self.log_user('test_regular2', 'test12')
317	user = User.get(usr['user_id'])
318	api_key = user.api_key
319	response = self.app.get(url('my_account_auth_tokens'))
320	response.mustcontain(api_key)
321	response.mustcontain('expires: never')
322
323	response = self.app.post(
324	url('my_account_auth_tokens'),
325	{'_method': 'delete', 'del_auth_token_builtin': api_key,
326	'csrf_token': self.csrf_token})
327	assert_session_flash(response, 'Auth token successfully reset')
328	response = response.follow()
329	response.mustcontain(no=[api_key])
330
331	def test_valid_change_password(self, user_util):	315	def test_valid_change_password(self, user_util):
332	new_password = 'my_new_valid_password'	316	new_password = 'my_new_valid_password'
333	user = user_util.create_user(password=self.test_user_1_password)	317	user = user_util.create_user(password=self.test_user_1_password)

rhodecode/tests/functional/test_admin_users.py

0 0 -17

@@ -625,20 +625,3 b' class TestAdminUsersController(TestContr'
625	assert_session_flash(response, 'Auth token successfully deleted')	625	assert_session_flash(response, 'Auth token successfully deleted')
626	keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()	626	keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
627	assert 0 == len(keys)	627	assert 0 == len(keys)
628
629	def test_reset_main_auth_token(self):
630	self.log_user()
631	user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
632	user_id = user.user_id
633	api_key = user.api_key
634	response = self.app.get(url('edit_user_auth_tokens', user_id=user_id))
635	response.mustcontain(api_key)
636	response.mustcontain('expires: never')
637
638	response = self.app.post(
639	url('edit_user_auth_tokens', user_id=user_id),
640	{'_method': 'delete', 'del_auth_token_builtin': api_key,
641	'csrf_token': self.csrf_token})
642	assert_session_flash(response, 'Auth token successfully reset')
643	response = response.follow()
644	response.mustcontain(no=[api_key])

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages