##// END OF EJS Templates
fixed #72 show warning on removal when user still is owner of existing repositories...
marcink -
r713:1bb0fcde beta
parent child Browse files
Show More
@@ -27,12 +27,13 b' from formencode import htmlfill'
27 from pylons import request, session, tmpl_context as c, url
27 from pylons import request, session, tmpl_context as c, url
28 from pylons.controllers.util import abort, redirect
28 from pylons.controllers.util import abort, redirect
29 from pylons.i18n.translation import _
29 from pylons.i18n.translation import _
30 from rhodecode.lib.exceptions import *
30 from rhodecode.lib import helpers as h
31 from rhodecode.lib import helpers as h
31 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
32 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
32 from rhodecode.lib.base import BaseController, render
33 from rhodecode.lib.base import BaseController, render
33 from rhodecode.model.db import User, UserLog
34 from rhodecode.model.db import User
34 from rhodecode.model.forms import UserForm
35 from rhodecode.model.forms import UserForm
35 from rhodecode.model.user import UserModel, DefaultUserException
36 from rhodecode.model.user import UserModel
36 import formencode
37 import formencode
37 import logging
38 import logging
38 import traceback
39 import traceback
@@ -135,7 +136,7 b' class UsersController(BaseController):'
135 try:
136 try:
136 user_model.delete(id)
137 user_model.delete(id)
137 h.flash(_('sucessfully deleted user'), category='success')
138 h.flash(_('sucessfully deleted user'), category='success')
138 except DefaultUserException, e:
139 except (UserOwnsReposException, DefaultUserException), e:
139 h.flash(str(e), category='warning')
140 h.flash(str(e), category='warning')
140 except Exception:
141 except Exception:
141 h.flash(_('An error occured during deletion of user'),
142 h.flash(_('An error occured during deletion of user'),
@@ -24,8 +24,9 b' Created on April 4, 2010'
24 """
24 """
25 from pylons import config, session, url, request
25 from pylons import config, session, url, request
26 from pylons.controllers.util import abort, redirect
26 from pylons.controllers.util import abort, redirect
27 from rhodecode.lib.exceptions import *
27 from rhodecode.lib.utils import get_repo_slug
28 from rhodecode.lib.utils import get_repo_slug
28 from rhodecode.lib.auth_ldap import AuthLdap, UsernameError, PasswordError
29 from rhodecode.lib.auth_ldap import AuthLdap
29 from rhodecode.model import meta
30 from rhodecode.model import meta
30 from rhodecode.model.user import UserModel
31 from rhodecode.model.user import UserModel
31 from rhodecode.model.caching_query import FromCache
32 from rhodecode.model.caching_query import FromCache
@@ -129,7 +130,7 b' def authfunc(environ, username, password'
129 log.info('created new ldap user')
130 log.info('created new ldap user')
130
131
131 return authenticated
132 return authenticated
132 except (UsernameError, PasswordError):
133 except (LdapUsernameError, LdapPasswordError):
133 return False
134 return False
134 except:
135 except:
135 log.error(traceback.format_exc())
136 log.error(traceback.format_exc())
@@ -1,17 +1,29 b''
1 #==============================================================================
1 #!/usr/bin/env python
2 # LDAP
2 # encoding: utf-8
3 #Name = Just a description for the auth modes page
3 # ldap authentication lib
4 #Host = DepartmentName.OrganizationName.local/ IP
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
5 #Port = 389 default for ldap
5 #
6 #LDAPS = no set True if You need to use ldaps
6 # This program is free software; you can redistribute it and/or
7 #Account = DepartmentName\UserName (or UserName@MyDomain depending on AD server)
7 # modify it under the terms of the GNU General Public License
8 #Password = <password>
8 # as published by the Free Software Foundation; version 2
9 #Base DN = DC=DepartmentName,DC=OrganizationName,DC=local
9 # of the License or (at your opinion) any later version of the license.
10 #
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
15 #
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
19 # MA 02110-1301, USA.
20 """
21 Created on Nov 17, 2010
10
22
11 #==============================================================================
23 @author: marcink
24 """
12
25
13 from rhodecode.lib.exceptions import LdapImportError, UsernameError, \
26 from rhodecode.lib.exceptions import *
14 PasswordError, ConnectionError
15 import logging
27 import logging
16
28
17 log = logging.getLogger(__name__)
29 log = logging.getLogger(__name__)
@@ -61,7 +73,7 b' class AuthLdap(object):'
61 dn = self.AUTH_DN % (uid, self.BASE_DN)
73 dn = self.AUTH_DN % (uid, self.BASE_DN)
62 log.debug("Authenticating %r at %s", dn, self.LDAP_SERVER)
74 log.debug("Authenticating %r at %s", dn, self.LDAP_SERVER)
63 if "," in username:
75 if "," in username:
64 raise UsernameError("invalid character in username: ,")
76 raise LdapUsernameError("invalid character in username: ,")
65 try:
77 try:
66 ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, '/etc/openldap/cacerts')
78 ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, '/etc/openldap/cacerts')
67 ldap.set_option(ldap.OPT_NETWORK_TIMEOUT, 10)
79 ldap.set_option(ldap.OPT_NETWORK_TIMEOUT, 10)
@@ -82,12 +94,12 b' class AuthLdap(object):'
82 raise ldap.NO_SUCH_OBJECT()
94 raise ldap.NO_SUCH_OBJECT()
83 except ldap.NO_SUCH_OBJECT, e:
95 except ldap.NO_SUCH_OBJECT, e:
84 log.debug("LDAP says no such user '%s' (%s)", uid, username)
96 log.debug("LDAP says no such user '%s' (%s)", uid, username)
85 raise UsernameError()
97 raise LdapUsernameError()
86 except ldap.INVALID_CREDENTIALS, e:
98 except ldap.INVALID_CREDENTIALS, e:
87 log.debug("LDAP rejected password for user '%s' (%s)", uid, username)
99 log.debug("LDAP rejected password for user '%s' (%s)", uid, username)
88 raise PasswordError()
100 raise LdapPasswordError()
89 except ldap.SERVER_DOWN, e:
101 except ldap.SERVER_DOWN, e:
90 raise ConnectionError("LDAP can't access authentication server")
102 raise LdapConnectionError("LDAP can't access authentication server")
91
103
92 return properties[0]
104 return properties[0]
93
105
@@ -23,7 +23,10 b' Custom Exceptions modules'
23 @author: marcink
23 @author: marcink
24 """
24 """
25
25
26 class UsernameError(Exception):pass
26 class LdapUsernameError(Exception):pass
27 class PasswordError(Exception):pass
27 class LdapPasswordError(Exception):pass
28 class ConnectionError(Exception):pass
28 class LdapConnectionError(Exception):pass
29 class LdapImportError(Exception):pass
29 class LdapImportError(Exception):pass
30
31 class DefaultUserException(Exception):pass
32 class UserOwnsReposException(Exception):pass
@@ -48,6 +48,8 b' class User(Base):'
48 user_log = relation('UserLog', cascade='all')
48 user_log = relation('UserLog', cascade='all')
49 user_perms = relation('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
49 user_perms = relation('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
50
50
51 repositories = relation('Repository')
52
51 @LazyProperty
53 @LazyProperty
52 def full_contact(self):
54 def full_contact(self):
53 return '%s %s <%s>' % (self.name, self.lastname, self.email)
55 return '%s %s <%s>' % (self.name, self.lastname, self.email)
@@ -27,12 +27,13 b' from pylons.i18n.translation import _'
27 from rhodecode.model.caching_query import FromCache
27 from rhodecode.model.caching_query import FromCache
28 from rhodecode.model.db import User
28 from rhodecode.model.db import User
29 from rhodecode.model.meta import Session
29 from rhodecode.model.meta import Session
30 from rhodecode.lib.exceptions import *
30 import logging
31 import logging
31 import traceback
32 import traceback
32
33
33 log = logging.getLogger(__name__)
34 log = logging.getLogger(__name__)
34
35
35 class DefaultUserException(Exception):pass
36
36
37
37 class UserModel(object):
38 class UserModel(object):
38
39
@@ -128,6 +129,7 b' class UserModel(object):'
128 raise DefaultUserException(
129 raise DefaultUserException(
129 _("You can't Edit this user since it's"
130 _("You can't Edit this user since it's"
130 " crucial for entire application"))
131 " crucial for entire application"))
132
131 for k, v in form_data.items():
133 for k, v in form_data.items():
132 if k == 'new_password' and v != '':
134 if k == 'new_password' and v != '':
133 new_user.password = v
135 new_user.password = v
@@ -169,6 +171,12 b' class UserModel(object):'
169 raise DefaultUserException(
171 raise DefaultUserException(
170 _("You can't remove this user since it's"
172 _("You can't remove this user since it's"
171 " crucial for entire application"))
173 " crucial for entire application"))
174 if user.repositories:
175 raise UserOwnsReposException(_('This user still owns %s '
176 'repositories and cannot be '
177 'removed. Switch owners or '
178 'remove those repositories') \
179 % user.repositories)
172 self.sa.delete(user)
180 self.sa.delete(user)
173 self.sa.commit()
181 self.sa.commit()
174 except:
182 except:
General Comments 0
You need to be logged in to leave comments. Login now