Show More
| @@ -12,14 +12,14 b' from pylons_app.lib import auth' | |||||
| 12 | from pylons_app.model.forms import LoginForm |
|
12 | from pylons_app.model.forms import LoginForm | |
| 13 | import formencode |
|
13 | import formencode | |
| 14 | import formencode.htmlfill as htmlfill |
|
14 | import formencode.htmlfill as htmlfill | |
|
|
15 | from pylons_app.lib.auth import authenticate | |||
| 15 | log = logging.getLogger(__name__) |
|
16 | log = logging.getLogger(__name__) | |
| 16 |
|
17 | |||
| 17 | class AdminController(BaseController): |
|
18 | class AdminController(BaseController): | |
| 18 |
|
19 | |||
| 19 |
|
||||
| 20 | def __before__(self): |
|
20 | def __before__(self): | |
| 21 | c.staticurl = g.statics |
|
21 | c.staticurl = g.statics | |
| 22 | c.admin_user = session.get('admin_user') |
|
22 | c.admin_user = session.get('admin_user', False) | |
| 23 | c.admin_username = session.get('admin_username') |
|
23 | c.admin_username = session.get('admin_username') | |
| 24 |
|
24 | |||
| 25 | def index(self): |
|
25 | def index(self): | |
| @@ -6,6 +6,8 b' from pylons_app.lib import auth' | |||||
| 6 | from pylons_app.lib.base import BaseController, render |
|
6 | from pylons_app.lib.base import BaseController, render | |
| 7 | from pylons_app.model import meta |
|
7 | from pylons_app.model import meta | |
| 8 | from pylons_app.model.db import Users, UserLogs |
|
8 | from pylons_app.model.db import Users, UserLogs | |
|
|
9 | from pylons_app.lib.auth import authenticate | |||
|
|
10 | ||||
| 9 | log = logging.getLogger(__name__) |
|
11 | log = logging.getLogger(__name__) | |
| 10 |
|
12 | |||
| 11 | class ReposController(BaseController): |
|
13 | class ReposController(BaseController): | |
| @@ -13,6 +15,8 b' class ReposController(BaseController):' | |||||
| 13 | # To properly map this controller, ensure your config/routing.py |
|
15 | # To properly map this controller, ensure your config/routing.py | |
| 14 | # file has a resource setup: |
|
16 | # file has a resource setup: | |
| 15 | # map.resource('repo', 'repos') |
|
17 | # map.resource('repo', 'repos') | |
|
|
18 | ||||
|
|
19 | @authenticate | |||
| 16 | def __before__(self): |
|
20 | def __before__(self): | |
| 17 | c.staticurl = g.statics |
|
21 | c.staticurl = g.statics | |
| 18 | c.admin_user = session.get('admin_user') |
|
22 | c.admin_user = session.get('admin_user') | |
| @@ -7,7 +7,9 b' from pylons_app.lib.base import BaseCont' | |||||
| 7 | from formencode import htmlfill |
|
7 | from formencode import htmlfill | |
| 8 | from pylons_app.model import meta |
|
8 | from pylons_app.model import meta | |
| 9 | from pylons_app.model.db import Users, UserLogs |
|
9 | from pylons_app.model.db import Users, UserLogs | |
|
|
10 | from pylons_app.lib.auth import authenticate | |||
| 10 | import crypt |
|
11 | import crypt | |
|
|
12 | ||||
| 11 | log = logging.getLogger(__name__) |
|
13 | log = logging.getLogger(__name__) | |
| 12 |
|
14 | |||
| 13 | class UsersController(BaseController): |
|
15 | class UsersController(BaseController): | |
| @@ -16,6 +18,7 b' class UsersController(BaseController):' | |||||
| 16 | # file has a resource setup: |
|
18 | # file has a resource setup: | |
| 17 | # map.resource('user', 'users') |
|
19 | # map.resource('user', 'users') | |
| 18 |
|
20 | |||
|
|
21 | @authenticate | |||
| 19 | def __before__(self): |
|
22 | def __before__(self): | |
| 20 | c.staticurl = g.statics |
|
23 | c.staticurl = g.statics | |
| 21 | c.admin_user = session.get('admin_user') |
|
24 | c.admin_user = session.get('admin_user') | |
| @@ -4,7 +4,9 b' import logging' | |||||
| 4 | from os.path import dirname as dn |
|
4 | from os.path import dirname as dn | |
| 5 | from datetime import datetime |
|
5 | from datetime import datetime | |
| 6 | import crypt |
|
6 | import crypt | |
| 7 |
|
7 | from pylons import session, url | ||
|
|
8 | from pylons.controllers.util import abort, redirect | |||
|
|
9 | from decorator import decorator | |||
| 8 | log = logging.getLogger(__name__) |
|
10 | log = logging.getLogger(__name__) | |
| 9 | ROOT = dn(dn(dn(os.path.realpath(__file__)))) |
|
11 | ROOT = dn(dn(dn(os.path.realpath(__file__)))) | |
| 10 |
|
12 | |||
| @@ -60,9 +62,9 b' def authfunc(environ, username, password' | |||||
| 60 | cmd += "|" + qry |
|
62 | cmd += "|" + qry | |
| 61 |
|
63 | |||
| 62 | try: |
|
64 | try: | |
| 63 |
cur.execute( |
|
65 | cur.execute("""INSERT INTO | |
| 64 | user_logs |
|
66 | user_logs | |
| 65 |
VALUES(?,?,?,?) |
|
67 | VALUES(?,?,?,?)""", | |
| 66 | (None, data[0], cmd, datetime.now())) |
|
68 | (None, data[0], cmd, datetime.now())) | |
| 67 | conn.commit() |
|
69 | conn.commit() | |
| 68 | except Exception as e: |
|
70 | except Exception as e: | |
| @@ -75,27 +77,34 b' def authfunc(environ, username, password' | |||||
| 75 |
|
77 | |||
| 76 | return False |
|
78 | return False | |
| 77 |
|
79 | |||
|
|
80 | ||||
|
|
81 | @decorator | |||
|
|
82 | def authenticate(fn, *args, **kwargs): | |||
|
|
83 | if not session.get('admin_user', False): | |||
|
|
84 | redirect(url('admin_home'), 301) | |||
|
|
85 | return fn(*args, **kwargs) | |||
|
|
86 | ||||
| 78 | def create_user_table(): |
|
87 | def create_user_table(): | |
| 79 | ''' |
|
88 | """ | |
| 80 | Create a auth database |
|
89 | Create a auth database | |
| 81 | ''' |
|
90 | """ | |
| 82 | conn, cur = get_sqlite_conn_cur() |
|
91 | conn, cur = get_sqlite_conn_cur() | |
| 83 | try: |
|
92 | try: | |
| 84 | log.info('creating table %s', 'users') |
|
93 | log.info('creating table %s', 'users') | |
| 85 |
cur.execute( |
|
94 | cur.execute("""DROP TABLE IF EXISTS users """) | |
| 86 |
cur.execute( |
|
95 | cur.execute("""CREATE TABLE users | |
| 87 | (user_id INTEGER PRIMARY KEY AUTOINCREMENT, |
|
96 | (user_id INTEGER PRIMARY KEY AUTOINCREMENT, | |
| 88 | username TEXT, |
|
97 | username TEXT, | |
| 89 | password TEXT, |
|
98 | password TEXT, | |
| 90 | active INTEGER, |
|
99 | active INTEGER, | |
| 91 |
admin INTEGER) |
|
100 | admin INTEGER)""") | |
| 92 | log.info('creating table %s', 'user_logs') |
|
101 | log.info('creating table %s', 'user_logs') | |
| 93 |
cur.execute( |
|
102 | cur.execute("""DROP TABLE IF EXISTS user_logs """) | |
| 94 |
cur.execute( |
|
103 | cur.execute("""CREATE TABLE user_logs | |
| 95 | (id INTEGER PRIMARY KEY AUTOINCREMENT, |
|
104 | (id INTEGER PRIMARY KEY AUTOINCREMENT, | |
| 96 | user_id INTEGER, |
|
105 | user_id INTEGER, | |
| 97 | last_action TEXT, |
|
106 | last_action TEXT, | |
| 98 |
last_action_date DATETIME) |
|
107 | last_action_date DATETIME)""") | |
| 99 | conn.commit() |
|
108 | conn.commit() | |
| 100 | except: |
|
109 | except: | |
| 101 | conn.rollback() |
|
110 | conn.rollback() | |
| @@ -108,7 +117,7 b' def create_user(username, password, admi' | |||||
| 108 | password_crypt = crypt.crypt(password, '6a') |
|
117 | password_crypt = crypt.crypt(password, '6a') | |
| 109 | log.info('creating user %s', username) |
|
118 | log.info('creating user %s', username) | |
| 110 | try: |
|
119 | try: | |
| 111 |
cur.execute( |
|
120 | cur.execute("""INSERT INTO users values (?,?,?,?,?) """, | |
| 112 | (None, username, password_crypt, 1, admin)) |
|
121 | (None, username, password_crypt, 1, admin)) | |
| 113 | conn.commit() |
|
122 | conn.commit() | |
| 114 | except: |
|
123 | except: | |
General Comments 0
You need to be logged in to leave comments.
Login now