upstream/kallithea Files · rhodecode/model/user.py

fixed key error on unknown archival

marcink - - Load All Authors

File last commit:

r902:07a6e8c6 beta


                r950:343c28c3

beta

Download file

             user.py
        
                    223 lines
            
             | 7.6 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / model / user.py
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
      # -*- coding: utf-8 -*-

      """

          package.rhodecode.model.user

        marcink
    
docs updates

              r811
            
          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
          users model for RhodeCode

        marcink
    
docs updates

              r811
            
        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
          :created_on: Apr 9, 2010

          :author: marcink

        marcink
    
fixed copyright year to 2011

              r902
            
          :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>    

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
          :license: GPLv3, see COPYING for more details.

      """

        marcink
    
Code refactoring,models renames...

              r629
            
      # This program is free software; you can redistribute it and/or

      # modify it under the terms of the GNU General Public License

      # as published by the Free Software Foundation; version 2

      # of the License or (at your opinion) any later version of the license.

      # 

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      # 

      # You should have received a copy of the GNU General Public License

      # along with this program; if not, write to the Free Software

      # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

      # MA  02110-1301, USA.

        marcink
    
fixed security issue when saving ldap user saved plaintext password

              r750
            
        marcink
    
Code refactoring,models renames...

              r629
            
      import logging

      import traceback

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
      from pylons.i18n.translation import _

      from rhodecode.model import BaseModel

      from rhodecode.model.caching_query import FromCache

      from rhodecode.model.db import User

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
      from rhodecode.lib.exceptions import DefaultUserException, UserOwnsReposException

        marcink
    
fixed #72 show warning on removal when user still is owner of existing repositories...

              r713
            
        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
      from sqlalchemy.exc import DatabaseError

      log = logging.getLogger(__name__)

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
fixed Example celery config to ampq,...

              r752
            
      class UserModel(BaseModel):

        marcink
    
Code refactoring,models renames...

              r629
            
          def get(self, user_id, cache=False):

              user = self.sa.query(User)

              if cache:

                  user = user.options(FromCache("sql_cache_short",

                                                "get_user_%s" % user_id))

              return user.get(user_id)

        marcink
    
#78, fixed more reliable case insensitive searches

              r742
            
          def get_by_username(self, username, cache=False, case_insensitive=False):

        marcink
    
fixed security issue when saving ldap user saved plaintext password

              r750
            
        marcink
    
#78, fixed more reliable case insensitive searches

              r742
            
              if case_insensitive:

                  user = self.sa.query(User).filter(User.username.ilike(username))

              else:

                  user = self.sa.query(User)\

                      .filter(User.username == username)

        marcink
    
Code refactoring,models renames...

              r629
            
              if cache:

                  user = user.options(FromCache("sql_cache_short",

                                                "get_user_%s" % username))

              return user.scalar()

          def create(self, form_data):

              try:

                  new_user = User()

                  for k, v in form_data.items():

                      setattr(new_user, k, v)

                  self.sa.add(new_user)

                  self.sa.commit()

              except:

                  log.error(traceback.format_exc())

                  self.sa.rollback()

                  raise

        marcink
    
implements #60, ldap configuration and authentication....

              r705
            
          def create_ldap(self, username, password):

              """

              Checks if user is in database, if not creates this user marked

              as ldap user

              :param username:

              :param password:

              """

        marcink
    
fixed security issue when saving ldap user saved plaintext password

              r750
            
              from rhodecode.lib.auth import get_crypt_password

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
              log.debug('Checking for such ldap account in RhodeCode database')

              if self.get_by_username(username, case_insensitive=True) is None:

        marcink
    
implements #60, ldap configuration and authentication....

              r705
            
                  try:

                      new_user = User()

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
                      new_user.username = username.lower()#add ldap account always lowercase

        marcink
    
fixed security issue when saving ldap user saved plaintext password

              r750
            
                      new_user.password = get_crypt_password(password)

        marcink
    
implements #60, ldap configuration and authentication....

              r705
            
                      new_user.email = '%s@ldap.server' % username

                      new_user.active = True

                      new_user.is_ldap = True

                      new_user.name = '%s@ldap' % username

                      new_user.lastname = ''

                      self.sa.add(new_user)

                      self.sa.commit()

                      return True

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
                  except (DatabaseError,):

        marcink
    
implements #60, ldap configuration and authentication....

              r705
            
                      log.error(traceback.format_exc())

                      self.sa.rollback()

                      raise

        marcink
    
ldap auth rewrite, moved split authfunc into two functions,...

              r761
            
              log.debug('this %s user exists skipping creation of ldap account',

                        username)

        marcink
    
implements #60, ldap configuration and authentication....

              r705
            
              return False

        marcink
    
Code refactoring,models renames...

              r629
            
          def create_registration(self, form_data):

        marcink
    
fixes #59, notifications for user registrations + some changes to mailer

              r689
            
              from rhodecode.lib.celerylib import tasks, run_task

        marcink
    
Code refactoring,models renames...

              r629
            
              try:

                  new_user = User()

                  for k, v in form_data.items():

                      if k != 'admin':

                          setattr(new_user, k, v)

                  self.sa.add(new_user)

                  self.sa.commit()

        marcink
    
fixes #59, notifications for user registrations + some changes to mailer

              r689
            
                  body = ('New user registration\n'

                          'username: %s\n'

                          'email: %s\n')

                  body = body % (form_data['username'], form_data['email'])

                  run_task(tasks.send_email, None,

                           _('[RhodeCode] New User registration'),

                           body)

        marcink
    
Code refactoring,models renames...

              r629
            
              except:

                  log.error(traceback.format_exc())

                  self.sa.rollback()

                  raise

          def update(self, user_id, form_data):

              try:

                  new_user = self.get(user_id, cache=False)

                  if new_user.username == 'default':

                      raise DefaultUserException(

                                      _("You can't Edit this user since it's"

                                        " crucial for entire application"))

        marcink
    
fixed #72 show warning on removal when user still is owner of existing repositories...

              r713
            
        marcink
    
Code refactoring,models renames...

              r629
            
                  for k, v in form_data.items():

                      if k == 'new_password' and v != '':

                          new_user.password = v

                      else:

                          setattr(new_user, k, v)

                  self.sa.add(new_user)

                  self.sa.commit()

              except:

                  log.error(traceback.format_exc())

                  self.sa.rollback()

                  raise

          def update_my_account(self, user_id, form_data):

              try:

                  new_user = self.get(user_id, cache=False)

                  if new_user.username == 'default':

                      raise DefaultUserException(

                                      _("You can't Edit this user since it's"

                                        " crucial for entire application"))

                  for k, v in form_data.items():

                      if k == 'new_password' and v != '':

                          new_user.password = v

                      else:

                          if k not in ['admin', 'active']:

                              setattr(new_user, k, v)

                  self.sa.add(new_user)

                  self.sa.commit()

              except:

                  log.error(traceback.format_exc())

                  self.sa.rollback()

                  raise

          def delete(self, user_id):

              try:

                  user = self.get(user_id, cache=False)

                  if user.username == 'default':

                      raise DefaultUserException(

                                      _("You can't remove this user since it's"

                                        " crucial for entire application"))

        marcink
    
fixed #72 show warning on removal when user still is owner of existing repositories...

              r713
            
                  if user.repositories:

                      raise UserOwnsReposException(_('This user still owns %s '

                                                     'repositories and cannot be '

                                                     'removed. Switch owners or '

                                                     'remove those repositories') \

                                                     % user.repositories)

        marcink
    
Code refactoring,models renames...

              r629
            
                  self.sa.delete(user)

                  self.sa.commit()

              except:

                  log.error(traceback.format_exc())

                  self.sa.rollback()

                  raise

          def reset_password(self, data):

              from rhodecode.lib.celerylib import tasks, run_task

              run_task(tasks.reset_user_password, data['email'])

        marcink
    
#49 Enabled anonymous access for web interface controllable from permissions pannel

              r673
            
          def fill_data(self, user):

              """

              Fills user data with those from database and log out user if not 

              present in database

              :param user:

              """

        marcink
    
fixed anonymous access bug.

              r686
            
              if not hasattr(user, 'user_id') or user.user_id is None:

                  raise Exception('passed in user has to have the user_id attribute')

        marcink
    
#49 Enabled anonymous access for web interface controllable from permissions pannel

              r673
            
              log.debug('filling auth user data')

              try:

                  dbuser = self.get(user.user_id)

                  user.username = dbuser.username

                  user.is_admin = dbuser.admin

                  user.name = dbuser.name

                  user.lastname = dbuser.lastname

                  user.email = dbuser.email

              except:

                  log.error(traceback.format_exc())

                  user.is_authenticated = False

              return user

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	# -- coding: utf-8 --
		"""
		package.rhodecode.model.user
marcink docs updates	r811	~~~~~~~~~~~~~~~~~~~~~~~~~~~~
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761
		users model for RhodeCode
marcink docs updates	r811
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	:created_on: Apr 9, 2010
		:author: marcink
marcink fixed copyright year to 2011	r902	:copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	:license: GPLv3, see COPYING for more details.
		"""
marcink Code refactoring,models renames...	r629	# This program is free software; you can redistribute it and/or
		# modify it under the terms of the GNU General Public License
		# as published by the Free Software Foundation; version 2
		# of the License or (at your opinion) any later version of the license.
		#
		# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
		#
		# You should have received a copy of the GNU General Public License
		# along with this program; if not, write to the Free Software
		# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
		# MA 02110-1301, USA.
marcink fixed security issue when saving ldap user saved plaintext password	r750
marcink Code refactoring,models renames...	r629	import logging
		import traceback

marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	from pylons.i18n.translation import _

		from rhodecode.model import BaseModel
		from rhodecode.model.caching_query import FromCache
		from rhodecode.model.db import User
marcink Code refactoring,models renames...	r629
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	from rhodecode.lib.exceptions import DefaultUserException, UserOwnsReposException
marcink fixed #72 show warning on removal when user still is owner of existing repositories...	r713
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	from sqlalchemy.exc import DatabaseError

		log = logging.getLogger(__name__)
marcink Code refactoring,models renames...	r629
marcink fixed Example celery config to ampq,...	r752	class UserModel(BaseModel):
marcink Code refactoring,models renames...	r629
		def get(self, user_id, cache=False):
		user = self.sa.query(User)
		if cache:
		user = user.options(FromCache("sql_cache_short",
		"get_user_%s" % user_id))
		return user.get(user_id)


marcink #78, fixed more reliable case insensitive searches	r742	def get_by_username(self, username, cache=False, case_insensitive=False):
marcink fixed security issue when saving ldap user saved plaintext password	r750
marcink #78, fixed more reliable case insensitive searches	r742	if case_insensitive:
		user = self.sa.query(User).filter(User.username.ilike(username))
		else:
		user = self.sa.query(User)\
		.filter(User.username == username)
marcink Code refactoring,models renames...	r629	if cache:
		user = user.options(FromCache("sql_cache_short",
		"get_user_%s" % username))
		return user.scalar()

		def create(self, form_data):
		try:
		new_user = User()
		for k, v in form_data.items():
		setattr(new_user, k, v)

		self.sa.add(new_user)
		self.sa.commit()
		except:
		log.error(traceback.format_exc())
		self.sa.rollback()
		raise

marcink implements #60, ldap configuration and authentication....	r705	def create_ldap(self, username, password):
		"""
		Checks if user is in database, if not creates this user marked
		as ldap user
		:param username:
		:param password:
		"""
marcink fixed security issue when saving ldap user saved plaintext password	r750	from rhodecode.lib.auth import get_crypt_password
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	log.debug('Checking for such ldap account in RhodeCode database')
		if self.get_by_username(username, case_insensitive=True) is None:
marcink implements #60, ldap configuration and authentication....	r705	try:
		new_user = User()
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	new_user.username = username.lower()#add ldap account always lowercase
marcink fixed security issue when saving ldap user saved plaintext password	r750	new_user.password = get_crypt_password(password)
marcink implements #60, ldap configuration and authentication....	r705	new_user.email = '%s@ldap.server' % username
		new_user.active = True
		new_user.is_ldap = True
		new_user.name = '%s@ldap' % username
		new_user.lastname = ''


		self.sa.add(new_user)
		self.sa.commit()
		return True
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	except (DatabaseError,):
marcink implements #60, ldap configuration and authentication....	r705	log.error(traceback.format_exc())
		self.sa.rollback()
		raise
marcink ldap auth rewrite, moved split authfunc into two functions,...	r761	log.debug('this %s user exists skipping creation of ldap account',
		username)
marcink implements #60, ldap configuration and authentication....	r705	return False

marcink Code refactoring,models renames...	r629	def create_registration(self, form_data):
marcink fixes #59, notifications for user registrations + some changes to mailer	r689	from rhodecode.lib.celerylib import tasks, run_task
marcink Code refactoring,models renames...	r629	try:
		new_user = User()
		for k, v in form_data.items():
		if k != 'admin':
		setattr(new_user, k, v)

		self.sa.add(new_user)
		self.sa.commit()
marcink fixes #59, notifications for user registrations + some changes to mailer	r689	body = ('New user registration\n'
		'username: %s\n'
		'email: %s\n')
		body = body % (form_data['username'], form_data['email'])

		run_task(tasks.send_email, None,
		_('[RhodeCode] New User registration'),
		body)
marcink Code refactoring,models renames...	r629	except:
		log.error(traceback.format_exc())
		self.sa.rollback()
		raise

		def update(self, user_id, form_data):
		try:
		new_user = self.get(user_id, cache=False)
		if new_user.username == 'default':
		raise DefaultUserException(
		_("You can't Edit this user since it's"
		" crucial for entire application"))
marcink fixed #72 show warning on removal when user still is owner of existing repositories...	r713
marcink Code refactoring,models renames...	r629	for k, v in form_data.items():
		if k == 'new_password' and v != '':
		new_user.password = v
		else:
		setattr(new_user, k, v)

		self.sa.add(new_user)
		self.sa.commit()
		except:
		log.error(traceback.format_exc())
		self.sa.rollback()
		raise

		def update_my_account(self, user_id, form_data):
		try:
		new_user = self.get(user_id, cache=False)
		if new_user.username == 'default':
		raise DefaultUserException(
		_("You can't Edit this user since it's"
		" crucial for entire application"))
		for k, v in form_data.items():
		if k == 'new_password' and v != '':
		new_user.password = v
		else:
		if k not in ['admin', 'active']:
		setattr(new_user, k, v)

		self.sa.add(new_user)
		self.sa.commit()
		except:
		log.error(traceback.format_exc())
		self.sa.rollback()
		raise

		def delete(self, user_id):
		try:
		user = self.get(user_id, cache=False)
		if user.username == 'default':
		raise DefaultUserException(
		_("You can't remove this user since it's"
		" crucial for entire application"))
marcink fixed #72 show warning on removal when user still is owner of existing repositories...	r713	if user.repositories:
		raise UserOwnsReposException(_('This user still owns %s '
		'repositories and cannot be '
		'removed. Switch owners or '
		'remove those repositories') \
		% user.repositories)
marcink Code refactoring,models renames...	r629	self.sa.delete(user)
		self.sa.commit()
		except:
		log.error(traceback.format_exc())
		self.sa.rollback()
		raise

		def reset_password(self, data):
		from rhodecode.lib.celerylib import tasks, run_task
		run_task(tasks.reset_user_password, data['email'])
marcink #49 Enabled anonymous access for web interface controllable from permissions pannel	r673

		def fill_data(self, user):
		"""
		Fills user data with those from database and log out user if not
		present in database
		:param user:
		"""
marcink fixed anonymous access bug.	r686
		if not hasattr(user, 'user_id') or user.user_id is None:
		raise Exception('passed in user has to have the user_id attribute')


marcink #49 Enabled anonymous access for web interface controllable from permissions pannel	r673	log.debug('filling auth user data')
		try:
		dbuser = self.get(user.user_id)
		user.username = dbuser.username
		user.is_admin = dbuser.admin
		user.name = dbuser.name
		user.lastname = dbuser.lastname
		user.email = dbuser.email
		except:
		log.error(traceback.format_exc())
		user.is_authenticated = False

		return user