##// END OF EJS Templates
#56 fixed found bugs, implemented adding of new group + forms+validators...
#56 fixed found bugs, implemented adding of new group + forms+validators fixed db schema naming

File last commit:

r956:83d35d71 beta
r959:fff21c9b beta
Show More
user.py
223 lines | 7.6 KiB | text/x-python | PythonLexer
ldap auth rewrite, moved split authfunc into two functions,...
r761 # -*- coding: utf-8 -*-
"""
started working on issue #56
r956 rhodecode.model.user
~~~~~~~~~~~~~~~~~~~~
ldap auth rewrite, moved split authfunc into two functions,...
r761
users model for RhodeCode
docs updates
r811
ldap auth rewrite, moved split authfunc into two functions,...
r761 :created_on: Apr 9, 2010
:author: marcink
fixed copyright year to 2011
r902 :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
ldap auth rewrite, moved split authfunc into two functions,...
r761 :license: GPLv3, see COPYING for more details.
"""
Code refactoring,models renames...
r629 # This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; version 2
# of the License or (at your opinion) any later version of the license.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1301, USA.
fixed security issue when saving ldap user saved plaintext password
r750
Code refactoring,models renames...
r629 import logging
import traceback
ldap auth rewrite, moved split authfunc into two functions,...
r761 from pylons.i18n.translation import _
from rhodecode.model import BaseModel
from rhodecode.model.caching_query import FromCache
from rhodecode.model.db import User
Code refactoring,models renames...
r629
ldap auth rewrite, moved split authfunc into two functions,...
r761 from rhodecode.lib.exceptions import DefaultUserException, UserOwnsReposException
fixed #72 show warning on removal when user still is owner of existing repositories...
r713
ldap auth rewrite, moved split authfunc into two functions,...
r761 from sqlalchemy.exc import DatabaseError
log = logging.getLogger(__name__)
Code refactoring,models renames...
r629
fixed Example celery config to ampq,...
r752 class UserModel(BaseModel):
Code refactoring,models renames...
r629
def get(self, user_id, cache=False):
user = self.sa.query(User)
if cache:
user = user.options(FromCache("sql_cache_short",
"get_user_%s" % user_id))
return user.get(user_id)
#78, fixed more reliable case insensitive searches
r742 def get_by_username(self, username, cache=False, case_insensitive=False):
fixed security issue when saving ldap user saved plaintext password
r750
#78, fixed more reliable case insensitive searches
r742 if case_insensitive:
user = self.sa.query(User).filter(User.username.ilike(username))
else:
user = self.sa.query(User)\
.filter(User.username == username)
Code refactoring,models renames...
r629 if cache:
user = user.options(FromCache("sql_cache_short",
"get_user_%s" % username))
return user.scalar()
def create(self, form_data):
try:
new_user = User()
for k, v in form_data.items():
setattr(new_user, k, v)
self.sa.add(new_user)
self.sa.commit()
except:
log.error(traceback.format_exc())
self.sa.rollback()
raise
implements #60, ldap configuration and authentication....
r705 def create_ldap(self, username, password):
"""
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
"""
fixed security issue when saving ldap user saved plaintext password
r750 from rhodecode.lib.auth import get_crypt_password
ldap auth rewrite, moved split authfunc into two functions,...
r761 log.debug('Checking for such ldap account in RhodeCode database')
if self.get_by_username(username, case_insensitive=True) is None:
implements #60, ldap configuration and authentication....
r705 try:
new_user = User()
ldap auth rewrite, moved split authfunc into two functions,...
r761 new_user.username = username.lower()#add ldap account always lowercase
fixed security issue when saving ldap user saved plaintext password
r750 new_user.password = get_crypt_password(password)
implements #60, ldap configuration and authentication....
r705 new_user.email = '%s@ldap.server' % username
new_user.active = True
new_user.is_ldap = True
new_user.name = '%s@ldap' % username
new_user.lastname = ''
self.sa.add(new_user)
self.sa.commit()
return True
ldap auth rewrite, moved split authfunc into two functions,...
r761 except (DatabaseError,):
implements #60, ldap configuration and authentication....
r705 log.error(traceback.format_exc())
self.sa.rollback()
raise
ldap auth rewrite, moved split authfunc into two functions,...
r761 log.debug('this %s user exists skipping creation of ldap account',
username)
implements #60, ldap configuration and authentication....
r705 return False
Code refactoring,models renames...
r629 def create_registration(self, form_data):
fixes #59, notifications for user registrations + some changes to mailer
r689 from rhodecode.lib.celerylib import tasks, run_task
Code refactoring,models renames...
r629 try:
new_user = User()
for k, v in form_data.items():
if k != 'admin':
setattr(new_user, k, v)
self.sa.add(new_user)
self.sa.commit()
fixes #59, notifications for user registrations + some changes to mailer
r689 body = ('New user registration\n'
'username: %s\n'
'email: %s\n')
body = body % (form_data['username'], form_data['email'])
run_task(tasks.send_email, None,
_('[RhodeCode] New User registration'),
body)
Code refactoring,models renames...
r629 except:
log.error(traceback.format_exc())
self.sa.rollback()
raise
def update(self, user_id, form_data):
try:
new_user = self.get(user_id, cache=False)
if new_user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
fixed #72 show warning on removal when user still is owner of existing repositories...
r713
Code refactoring,models renames...
r629 for k, v in form_data.items():
if k == 'new_password' and v != '':
new_user.password = v
else:
setattr(new_user, k, v)
self.sa.add(new_user)
self.sa.commit()
except:
log.error(traceback.format_exc())
self.sa.rollback()
raise
def update_my_account(self, user_id, form_data):
try:
new_user = self.get(user_id, cache=False)
if new_user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
for k, v in form_data.items():
if k == 'new_password' and v != '':
new_user.password = v
else:
if k not in ['admin', 'active']:
setattr(new_user, k, v)
self.sa.add(new_user)
self.sa.commit()
except:
log.error(traceback.format_exc())
self.sa.rollback()
raise
def delete(self, user_id):
try:
user = self.get(user_id, cache=False)
if user.username == 'default':
raise DefaultUserException(
_("You can't remove this user since it's"
" crucial for entire application"))
fixed #72 show warning on removal when user still is owner of existing repositories...
r713 if user.repositories:
raise UserOwnsReposException(_('This user still owns %s '
'repositories and cannot be '
'removed. Switch owners or '
'remove those repositories') \
% user.repositories)
Code refactoring,models renames...
r629 self.sa.delete(user)
self.sa.commit()
except:
log.error(traceback.format_exc())
self.sa.rollback()
raise
def reset_password(self, data):
from rhodecode.lib.celerylib import tasks, run_task
run_task(tasks.reset_user_password, data['email'])
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
def fill_data(self, user):
"""
Fills user data with those from database and log out user if not
present in database
:param user:
"""
fixed anonymous access bug.
r686
if not hasattr(user, 'user_id') or user.user_id is None:
raise Exception('passed in user has to have the user_id attribute')
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 log.debug('filling auth user data')
try:
dbuser = self.get(user.user_id)
user.username = dbuser.username
user.is_admin = dbuser.admin
user.name = dbuser.name
user.lastname = dbuser.lastname
user.email = dbuser.email
except:
log.error(traceback.format_exc())
user.is_authenticated = False
return user