##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

My account pages shouldn't be accessible by anonymous users
marcink -
r2626:4abce2c1 beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,443 +1,447
1 1 # -*- coding: utf-8 -*-
2 2 """
3 3 rhodecode.controllers.admin.settings
4 4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5 5
6 6 settings controller for rhodecode admin
7 7
8 8 :created_on: Jul 14, 2010
9 9 :author: marcink
10 10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
11 11 :license: GPLv3, see COPYING for more details.
12 12 """
13 13 # This program is free software: you can redistribute it and/or modify
14 14 # it under the terms of the GNU General Public License as published by
15 15 # the Free Software Foundation, either version 3 of the License, or
16 16 # (at your option) any later version.
17 17 #
18 18 # This program is distributed in the hope that it will be useful,
19 19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
20 20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 21 # GNU General Public License for more details.
22 22 #
23 23 # You should have received a copy of the GNU General Public License
24 24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
25 25
26 26 import logging
27 27 import traceback
28 28 import formencode
29 29 import pkg_resources
30 30 import platform
31 31
32 32 from sqlalchemy import func
33 33 from formencode import htmlfill
34 34 from pylons import request, session, tmpl_context as c, url, config
35 35 from pylons.controllers.util import abort, redirect
36 36 from pylons.i18n.translation import _
37 37
38 38 from rhodecode.lib import helpers as h
39 39 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
40 40 HasPermissionAnyDecorator, NotAnonymous
41 41 from rhodecode.lib.base import BaseController, render
42 42 from rhodecode.lib.celerylib import tasks, run_task
43 43 from rhodecode.lib.utils import repo2db_mapper, invalidate_cache, \
44 44 set_rhodecode_config, repo_name_slug
45 45 from rhodecode.model.db import RhodeCodeUi, Repository, RepoGroup, \
46 46 RhodeCodeSetting, PullRequest, PullRequestReviewers
47 47 from rhodecode.model.forms import UserForm, ApplicationSettingsForm, \
48 48 ApplicationUiSettingsForm
49 49 from rhodecode.model.scm import ScmModel
50 50 from rhodecode.model.user import UserModel
51 51 from rhodecode.model.db import User
52 52 from rhodecode.model.notification import EmailNotificationModel
53 53 from rhodecode.model.meta import Session
54 54 from pylons.decorators import jsonify
55 55 from rhodecode.model.pull_request import PullRequestModel
56 56
57 57 log = logging.getLogger(__name__)
58 58
59 59
60 60 class SettingsController(BaseController):
61 61 """REST Controller styled on the Atom Publishing Protocol"""
62 62 # To properly map this controller, ensure your config/routing.py
63 63 # file has a resource setup:
64 64 # map.resource('setting', 'settings', controller='admin/settings',
65 65 # path_prefix='/admin', name_prefix='admin_')
66 66
67 67 @LoginRequired()
68 68 def __before__(self):
69 69 c.admin_user = session.get('admin_user')
70 70 c.admin_username = session.get('admin_username')
71 71 c.modules = sorted([(p.project_name, p.version)
72 72 for p in pkg_resources.working_set],
73 73 key=lambda k: k[0].lower())
74 74 c.py_version = platform.python_version()
75 75 c.platform = platform.platform()
76 76 super(SettingsController, self).__before__()
77 77
78 78 @HasPermissionAllDecorator('hg.admin')
79 79 def index(self, format='html'):
80 80 """GET /admin/settings: All items in the collection"""
81 81 # url('admin_settings')
82 82
83 83 defaults = RhodeCodeSetting.get_app_settings()
84 84 defaults.update(self.get_hg_ui_settings())
85 85
86 86 return htmlfill.render(
87 87 render('admin/settings/settings.html'),
88 88 defaults=defaults,
89 89 encoding="UTF-8",
90 90 force_defaults=False
91 91 )
92 92
93 93 @HasPermissionAllDecorator('hg.admin')
94 94 def create(self):
95 95 """POST /admin/settings: Create a new item"""
96 96 # url('admin_settings')
97 97
98 98 @HasPermissionAllDecorator('hg.admin')
99 99 def new(self, format='html'):
100 100 """GET /admin/settings/new: Form to create a new item"""
101 101 # url('admin_new_setting')
102 102
103 103 @HasPermissionAllDecorator('hg.admin')
104 104 def update(self, setting_id):
105 105 """PUT /admin/settings/setting_id: Update an existing item"""
106 106 # Forms posted to this method should contain a hidden field:
107 107 # <input type="hidden" name="_method" value="PUT" />
108 108 # Or using helpers:
109 109 # h.form(url('admin_setting', setting_id=ID),
110 110 # method='put')
111 111 # url('admin_setting', setting_id=ID)
112 112 if setting_id == 'mapping':
113 113 rm_obsolete = request.POST.get('destroy', False)
114 114 log.debug('Rescanning directories with destroy=%s' % rm_obsolete)
115 115 initial = ScmModel().repo_scan()
116 116 log.debug('invalidating all repositories')
117 117 for repo_name in initial.keys():
118 118 invalidate_cache('get_repo_cached_%s' % repo_name)
119 119
120 120 added, removed = repo2db_mapper(initial, rm_obsolete)
121 121
122 122 h.flash(_('Repositories successfully'
123 123 ' rescanned added: %s,removed: %s') % (added, removed),
124 124 category='success')
125 125
126 126 if setting_id == 'whoosh':
127 127 repo_location = self.get_hg_ui_settings()['paths_root_path']
128 128 full_index = request.POST.get('full_index', False)
129 129 run_task(tasks.whoosh_index, repo_location, full_index)
130 130
131 131 h.flash(_('Whoosh reindex task scheduled'), category='success')
132 132 if setting_id == 'global':
133 133
134 134 application_form = ApplicationSettingsForm()()
135 135 try:
136 136 form_result = application_form.to_python(dict(request.POST))
137 137
138 138 try:
139 139 hgsettings1 = RhodeCodeSetting.get_by_name('title')
140 140 hgsettings1.app_settings_value = \
141 141 form_result['rhodecode_title']
142 142
143 143 hgsettings2 = RhodeCodeSetting.get_by_name('realm')
144 144 hgsettings2.app_settings_value = \
145 145 form_result['rhodecode_realm']
146 146
147 147 hgsettings3 = RhodeCodeSetting.get_by_name('ga_code')
148 148 hgsettings3.app_settings_value = \
149 149 form_result['rhodecode_ga_code']
150 150
151 151 self.sa.add(hgsettings1)
152 152 self.sa.add(hgsettings2)
153 153 self.sa.add(hgsettings3)
154 154 self.sa.commit()
155 155 set_rhodecode_config(config)
156 156 h.flash(_('Updated application settings'),
157 157 category='success')
158 158
159 159 except Exception:
160 160 log.error(traceback.format_exc())
161 161 h.flash(_('error occurred during updating '
162 162 'application settings'),
163 163 category='error')
164 164
165 165 self.sa.rollback()
166 166
167 167 except formencode.Invalid, errors:
168 168 return htmlfill.render(
169 169 render('admin/settings/settings.html'),
170 170 defaults=errors.value,
171 171 errors=errors.error_dict or {},
172 172 prefix_error=False,
173 173 encoding="UTF-8")
174 174
175 175 if setting_id == 'mercurial':
176 176 application_form = ApplicationUiSettingsForm()()
177 177 try:
178 178 form_result = application_form.to_python(dict(request.POST))
179 179 # fix namespaces for hooks
180 180 _f = lambda s: s.replace('.', '_')
181 181 try:
182 182
183 183 hgsettings1 = self.sa.query(RhodeCodeUi)\
184 184 .filter(RhodeCodeUi.ui_key == 'push_ssl').one()
185 185 hgsettings1.ui_value = form_result['web_push_ssl']
186 186
187 187 hgsettings2 = self.sa.query(RhodeCodeUi)\
188 188 .filter(RhodeCodeUi.ui_key == '/').one()
189 189 hgsettings2.ui_value = form_result['paths_root_path']
190 190
191 191 #HOOKS
192 192 hgsettings3 = self.sa.query(RhodeCodeUi)\
193 193 .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_UPDATE)\
194 194 .one()
195 195 hgsettings3.ui_active = bool(form_result[_f('hooks_%s' %
196 196 RhodeCodeUi.HOOK_UPDATE)])
197 197
198 198 hgsettings4 = self.sa.query(RhodeCodeUi)\
199 199 .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_REPO_SIZE)\
200 200 .one()
201 201 hgsettings4.ui_active = bool(form_result[_f('hooks_%s' %
202 202 RhodeCodeUi.HOOK_REPO_SIZE)])
203 203
204 204 hgsettings5 = self.sa.query(RhodeCodeUi)\
205 205 .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_PUSH)\
206 206 .one()
207 207 hgsettings5.ui_active = bool(form_result[_f('hooks_%s' %
208 208 RhodeCodeUi.HOOK_PUSH)])
209 209
210 210 hgsettings6 = self.sa.query(RhodeCodeUi)\
211 211 .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_PULL)\
212 212 .one()
213 213 hgsettings6.ui_active = bool(form_result[_f('hooks_%s' %
214 214 RhodeCodeUi.HOOK_PULL)])
215 215
216 216 self.sa.add(hgsettings1)
217 217 self.sa.add(hgsettings2)
218 218 self.sa.add(hgsettings3)
219 219 self.sa.add(hgsettings4)
220 220 self.sa.add(hgsettings5)
221 221 self.sa.add(hgsettings6)
222 222 self.sa.commit()
223 223
224 224 h.flash(_('Updated mercurial settings'),
225 225 category='success')
226 226
227 227 except:
228 228 log.error(traceback.format_exc())
229 229 h.flash(_('error occurred during updating '
230 230 'application settings'), category='error')
231 231
232 232 self.sa.rollback()
233 233
234 234 except formencode.Invalid, errors:
235 235 return htmlfill.render(
236 236 render('admin/settings/settings.html'),
237 237 defaults=errors.value,
238 238 errors=errors.error_dict or {},
239 239 prefix_error=False,
240 240 encoding="UTF-8")
241 241
242 242 if setting_id == 'hooks':
243 243 ui_key = request.POST.get('new_hook_ui_key')
244 244 ui_value = request.POST.get('new_hook_ui_value')
245 245 try:
246 246
247 247 if ui_value and ui_key:
248 248 RhodeCodeUi.create_or_update_hook(ui_key, ui_value)
249 249 h.flash(_('Added new hook'),
250 250 category='success')
251 251
252 252 # check for edits
253 253 update = False
254 254 _d = request.POST.dict_of_lists()
255 255 for k, v in zip(_d.get('hook_ui_key', []),
256 256 _d.get('hook_ui_value_new', [])):
257 257 RhodeCodeUi.create_or_update_hook(k, v)
258 258 update = True
259 259
260 260 if update:
261 261 h.flash(_('Updated hooks'), category='success')
262 262 self.sa.commit()
263 263 except:
264 264 log.error(traceback.format_exc())
265 265 h.flash(_('error occurred during hook creation'),
266 266 category='error')
267 267
268 268 return redirect(url('admin_edit_setting', setting_id='hooks'))
269 269
270 270 if setting_id == 'email':
271 271 test_email = request.POST.get('test_email')
272 272 test_email_subj = 'RhodeCode TestEmail'
273 273 test_email_body = 'RhodeCode Email test'
274 274
275 275 test_email_html_body = EmailNotificationModel()\
276 276 .get_email_tmpl(EmailNotificationModel.TYPE_DEFAULT,
277 277 body=test_email_body)
278 278
279 279 recipients = [test_email] if [test_email] else None
280 280
281 281 run_task(tasks.send_email, recipients, test_email_subj,
282 282 test_email_body, test_email_html_body)
283 283
284 284 h.flash(_('Email task created'), category='success')
285 285 return redirect(url('admin_settings'))
286 286
287 287 @HasPermissionAllDecorator('hg.admin')
288 288 def delete(self, setting_id):
289 289 """DELETE /admin/settings/setting_id: Delete an existing item"""
290 290 # Forms posted to this method should contain a hidden field:
291 291 # <input type="hidden" name="_method" value="DELETE" />
292 292 # Or using helpers:
293 293 # h.form(url('admin_setting', setting_id=ID),
294 294 # method='delete')
295 295 # url('admin_setting', setting_id=ID)
296 296 if setting_id == 'hooks':
297 297 hook_id = request.POST.get('hook_id')
298 298 RhodeCodeUi.delete(hook_id)
299 299 self.sa.commit()
300 300
301 301 @HasPermissionAllDecorator('hg.admin')
302 302 def show(self, setting_id, format='html'):
303 303 """
304 304 GET /admin/settings/setting_id: Show a specific item"""
305 305 # url('admin_setting', setting_id=ID)
306 306
307 307 @HasPermissionAllDecorator('hg.admin')
308 308 def edit(self, setting_id, format='html'):
309 309 """
310 310 GET /admin/settings/setting_id/edit: Form to
311 311 edit an existing item"""
312 312 # url('admin_edit_setting', setting_id=ID)
313 313
314 314 c.hooks = RhodeCodeUi.get_builtin_hooks()
315 315 c.custom_hooks = RhodeCodeUi.get_custom_hooks()
316 316
317 317 return htmlfill.render(
318 318 render('admin/settings/hooks.html'),
319 319 defaults={},
320 320 encoding="UTF-8",
321 321 force_defaults=False
322 322 )
323 323
324 324 @NotAnonymous()
325 325 def my_account(self):
326 326 """
327 327 GET /_admin/my_account Displays info about my account
328 328 """
329 329 # url('admin_settings_my_account')
330 330
331 331 c.user = User.get(self.rhodecode_user.user_id)
332 332 all_repos = self.sa.query(Repository)\
333 333 .filter(Repository.user_id == c.user.user_id)\
334 334 .order_by(func.lower(Repository.repo_name)).all()
335 335
336 336 c.user_repos = ScmModel().get_repos(all_repos)
337 337
338 338 if c.user.username == 'default':
339 339 h.flash(_("You can't edit this user since it's"
340 340 " crucial for entire application"), category='warning')
341 341 return redirect(url('users'))
342 342
343 343 defaults = c.user.get_dict()
344 344
345 345 c.form = htmlfill.render(
346 346 render('admin/users/user_edit_my_account_form.html'),
347 347 defaults=defaults,
348 348 encoding="UTF-8",
349 349 force_defaults=False
350 350 )
351 351 return render('admin/users/user_edit_my_account.html')
352 352
353 @NotAnonymous()
353 354 def my_account_update(self):
354 355 """PUT /_admin/my_account_update: Update an existing item"""
355 356 # Forms posted to this method should contain a hidden field:
356 357 # <input type="hidden" name="_method" value="PUT" />
357 358 # Or using helpers:
358 359 # h.form(url('admin_settings_my_account_update'),
359 360 # method='put')
360 361 # url('admin_settings_my_account_update', id=ID)
361 362 uid = self.rhodecode_user.user_id
362 363 email = self.rhodecode_user.email
363 364 _form = UserForm(edit=True,
364 365 old_data={'user_id': uid, 'email': email})()
365 366 form_result = {}
366 367 try:
367 368 form_result = _form.to_python(dict(request.POST))
368 369 UserModel().update_my_account(uid, form_result)
369 370 h.flash(_('Your account was updated successfully'),
370 371 category='success')
371 372 Session.commit()
372 373 except formencode.Invalid, errors:
373 374 c.user = User.get(self.rhodecode_user.user_id)
374 375
375 376 c.form = htmlfill.render(
376 377 render('admin/users/user_edit_my_account_form.html'),
377 378 defaults=errors.value,
378 379 errors=errors.error_dict or {},
379 380 prefix_error=False,
380 381 encoding="UTF-8")
381 382 return render('admin/users/user_edit_my_account.html')
382 383 except Exception:
383 384 log.error(traceback.format_exc())
384 385 h.flash(_('error occurred during update of user %s') \
385 386 % form_result.get('username'), category='error')
386 387
387 388 return redirect(url('my_account'))
388
389
390 @NotAnonymous()
389 391 def my_account_my_repos(self):
390 392 all_repos = self.sa.query(Repository)\
391 393 .filter(Repository.user_id == self.rhodecode_user.user_id)\
392 394 .order_by(func.lower(Repository.repo_name))\
393 395 .all()
394 396 c.user_repos = ScmModel().get_repos(all_repos)
395 397 return render('admin/users/user_edit_my_account_repos.html')
396 398
399 @NotAnonymous()
397 400 def my_account_my_pullrequests(self):
398 401 c.my_pull_requests = PullRequest.query()\
399 402 .filter(PullRequest.user_id==
400 403 self.rhodecode_user.user_id)\
401 404 .all()
402 405 c.participate_in_pull_requests = \
403 406 [x.pull_request for x in PullRequestReviewers.query()\
404 407 .filter(PullRequestReviewers.user_id==
405 408 self.rhodecode_user.user_id)\
406 409 .all()]
407 410 return render('admin/users/user_edit_my_account_pullrequests.html')
408 411
409 412 @NotAnonymous()
410 413 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
411 414 def create_repository(self):
412 415 """GET /_admin/create_repository: Form to create a new item"""
413 416
414 417 c.repo_groups = RepoGroup.groups_choices()
415 418 c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
416 419 choices, c.landing_revs = ScmModel().get_repo_landing_revs()
417 420
418 421 new_repo = request.GET.get('repo', '')
419 422 c.new_repo = repo_name_slug(new_repo)
420 423
421 424 return render('admin/repos/repo_add_create_repository.html')
422 425
426 @NotAnonymous()
423 427 def get_hg_ui_settings(self):
424 428 ret = self.sa.query(RhodeCodeUi).all()
425 429
426 430 if not ret:
427 431 raise Exception('Could not get application ui settings !')
428 432 settings = {}
429 433 for each in ret:
430 434 k = each.ui_key
431 435 v = each.ui_value
432 436 if k == '/':
433 437 k = 'root_path'
434 438
435 439 if k.find('.') != -1:
436 440 k = k.replace('.', '_')
437 441
438 442 if each.ui_section == 'hooks':
439 443 v = each.ui_active
440 444
441 445 settings[each.ui_section + '_' + k] = v
442 446
443 447 return settings
General Comments 0
You need to be logged in to leave comments. Login now