##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

AuthUser: Drop ip_addr field...
Søren Løvborg -
r5211:4a2a66bf default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -98,8 +98,8 b' class MyAccountController(BaseController'
98 98 # url('my_account')
99 99 c.active = 'profile'
100 100 self.__load_data()
101 c.perm_user = AuthUser(user_id=self.authuser.user_id,
102 ip_addr=self.ip_addr)
101 c.perm_user = AuthUser(user_id=self.authuser.user_id)
102 c.ip_addr = self.ip_addr
103 103 c.extern_type = c.user.extern_type
104 104 c.extern_name = c.user.extern_name
105 105
@@ -193,8 +193,8 b' class MyAccountController(BaseController'
193 193 def my_account_perms(self):
194 194 c.active = 'perms'
195 195 self.__load_data()
196 c.perm_user = AuthUser(user_id=self.authuser.user_id,
197 ip_addr=self.ip_addr)
196 c.perm_user = AuthUser(user_id=self.authuser.user_id)
197 c.ip_addr = self.ip_addr
198 198
199 199 return render('admin/my_account/my_account.html')
200 200
Show file before | Show file after | Hide comments
@@ -168,7 +168,8 b' class UsersController(BaseController):'
168 168 c.user = user_model.get(id)
169 169 c.extern_type = c.user.extern_type
170 170 c.extern_name = c.user.extern_name
171 c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
171 c.perm_user = AuthUser(user_id=id)
172 c.ip_addr = self.ip_addr
172 173 _form = UserForm(edit=True, old_data={'user_id': id,
173 174 'email': c.user.email})()
174 175 form_result = {}
@@ -248,7 +249,8 b' class UsersController(BaseController):'
248 249 c.active = 'profile'
249 250 c.extern_type = c.user.extern_type
250 251 c.extern_name = c.user.extern_name
251 c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
252 c.perm_user = AuthUser(user_id=id)
253 c.ip_addr = self.ip_addr
252 254
253 255 defaults = c.user.get_dict()
254 256 return htmlfill.render(
@@ -260,7 +262,8 b' class UsersController(BaseController):'
260 262 def edit_advanced(self, id):
261 263 c.user = self._get_user_or_raise_if_default(id)
262 264 c.active = 'advanced'
263 c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
265 c.perm_user = AuthUser(user_id=id)
266 c.ip_addr = self.ip_addr
264 267
265 268 umodel = UserModel()
266 269 defaults = c.user.get_dict()
@@ -331,7 +334,8 b' class UsersController(BaseController):'
331 334 def edit_perms(self, id):
332 335 c.user = self._get_user_or_raise_if_default(id)
333 336 c.active = 'perms'
334 c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
337 c.perm_user = AuthUser(user_id=id)
338 c.ip_addr = self.ip_addr
335 339
336 340 umodel = UserModel()
337 341 defaults = c.user.get_dict()
Show file before | Show file after | Hide comments
@@ -159,8 +159,8 b' class JSONRPCController(WSGIController):'
159 159 message='Invalid API key')
160 160
161 161 #check if we are allowed to use this IP
162 auth_u = AuthUser(u.user_id, self._req_api_key, ip_addr=ip_addr)
163 if not auth_u.ip_allowed:
162 auth_u = AuthUser(u.user_id, self._req_api_key)
163 if not auth_u.is_ip_allowed(ip_addr):
164 164 return jsonrpc_error(retid=self._req_id,
165 165 message='request from IP:%s not allowed' % (ip_addr,))
166 166 else:
Show file before | Show file after | Hide comments
@@ -109,7 +109,7 b' class LoginController(BaseController):'
109 109 c.came_from = url('home')
110 110
111 111 not_default = self.authuser.username != User.DEFAULT_USER
112 ip_allowed = self.authuser.ip_allowed
112 ip_allowed = self.authuser.is_ip_allowed(self.ip_addr)
113 113
114 114 # redirect if already logged in
115 115 if self.authuser.is_authenticated and not_default and ip_allowed:
Show file before | Show file after | Hide comments
@@ -468,14 +468,13 b' class AuthUser(object):'
468 468 anonymous access is enabled and if so, it returns default user as logged in
469 469 """
470 470
471 def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
471 def __init__(self, user_id=None, api_key=None, username=None):
472 472
473 473 self.user_id = user_id
474 474 self._api_key = api_key
475 475
476 476 self.api_key = None
477 477 self.username = username
478 self.ip_addr = ip_addr
479 478 self.name = ''
480 479 self.lastname = ''
481 480 self.email = ''
@@ -596,17 +595,13 b' class AuthUser(object):'
596 595 return [x[0] for x in self.permissions['user_groups'].iteritems()
597 596 if x[1] == 'usergroup.admin']
598 597
599 @property
600 def ip_allowed(self):
598 def is_ip_allowed(self, ip_addr):
601 599 """
602 Checks if ip_addr used in constructor is allowed from defined list of
603 allowed ip_addresses for user
604
605 :returns: boolean, True if ip is in allowed ip range
600 Determine if `ip_addr` is on the list of allowed IP addresses
601 for this user.
606 602 """
607 # check IP
608 603 inherit = self.inherit_default_permissions
609 return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
604 return AuthUser.check_ip_allowed(self.user_id, ip_addr,
610 605 inherit_from_default=inherit)
611 606
612 607 @classmethod
@@ -622,8 +617,8 b' class AuthUser(object):'
622 617 return False
623 618
624 619 def __repr__(self):
625 return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
626 % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
620 return "<AuthUser('id:%s[%s] auth:%s')>"\
621 % (self.user_id, self.username, self.is_authenticated)
627 622
628 623 def set_authenticated(self, authenticated=True):
629 624 if self.user_id != self.anonymous_user.user_id:
@@ -729,14 +724,14 b' class LoginRequired(object):'
729 724 return decorator(self.__wrapper, func)
730 725
731 726 def __wrapper(self, func, *fargs, **fkwargs):
732 cls = fargs[0]
733 user = cls.authuser
734 loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
727 controller = fargs[0]
728 user = controller.authuser
729 loc = "%s:%s" % (controller.__class__.__name__, func.__name__)
735 730 log.debug('Checking access for user %s @ %s' % (user, loc))
736 731
737 732 # check if our IP is allowed
738 if not user.ip_allowed:
739 return redirect_to_login(_('IP %s not allowed' % (user.ip_addr)))
733 if not user.is_ip_allowed(controller.ip_addr):
734 return redirect_to_login(_('IP %s not allowed') % controller.ip_addr)
740 735
741 736 # check if we used an API key and it's a valid one
742 737 api_key = request.GET.get('api_key')
Show file before | Show file after | Hide comments
@@ -342,7 +342,7 b' class BaseController(WSGIController):'
342 342 self.scm_model = ScmModel(self.sa)
343 343
344 344 @staticmethod
345 def _determine_auth_user(ip_addr, api_key, session_authuser):
345 def _determine_auth_user(api_key, session_authuser):
346 346 """
347 347 Create an `AuthUser` object given the IP address of the request, the
348 348 API key (if any), and the authuser from the session.
@@ -350,13 +350,13 b' class BaseController(WSGIController):'
350 350
351 351 if api_key:
352 352 # when using API_KEY we are sure user exists.
353 auth_user = AuthUser(api_key=api_key, ip_addr=ip_addr)
353 auth_user = AuthUser(api_key=api_key)
354 354 authenticated = False
355 355 else:
356 356 cookie_store = CookieStoreWrapper(session_authuser)
357 357 user_id = cookie_store.get('user_id')
358 358 try:
359 auth_user = AuthUser(user_id=user_id, ip_addr=ip_addr)
359 auth_user = AuthUser(user_id=user_id)
360 360 except UserCreationError as e:
361 361 # container auth or other auth functions that create users on
362 362 # the fly can throw UserCreationError to signal issues with
@@ -364,7 +364,7 b' class BaseController(WSGIController):'
364 364 # exception object.
365 365 from kallithea.lib import helpers as h
366 366 h.flash(e, 'error')
367 auth_user = AuthUser(ip_addr=ip_addr)
367 auth_user = AuthUser()
368 368
369 369 authenticated = cookie_store.get('is_authenticated')
370 370
@@ -386,7 +386,6 b' class BaseController(WSGIController):'
386 386
387 387 #set globals for auth user
388 388 self.authuser = c.authuser = request.user = self._determine_auth_user(
389 self.ip_addr,
390 389 request.GET.get('api_key'),
391 390 session.get('authuser'),
392 391 )
Show file before | Show file after | Hide comments
@@ -13,7 +13,7 b''
13 13 %else:
14 14 <strong>${_('Avatars are disabled')}</strong>
15 15 <br/>${c.user.email or _('Missing email, please update your user email address.')}
16 [${_('Current IP')}: ${c.perm_user.ip_addr or "?"}]
16 [${_('Current IP')}: ${c.ip_addr}]
17 17 %endif
18 18 </p>
19 19 </div>
Show file before | Show file after | Hide comments
@@ -12,7 +12,7 b''
12 12 <br/>${c.user.email or _('Missing email, please update this user email address.')}
13 13 ##show current ip just if we show ourself
14 14 %if c.authuser.username == c.user.username:
15 [${_('Current IP')}: ${c.perm_user.ip_addr or "?"}]
15 [${_('Current IP')}: ${c.ip_addr}]
16 16 %endif
17 17 %endif
18 18 </div>
General Comments 0
You need to be logged in to leave comments. Login now