upstream/kallithea Commit - r5583:5a148717

700

# CHECK DECORATORS

700

# CHECK DECORATORS

701

#==============================================================================

701

#==============================================================================

702

703

def redirect_to_login(message=None):

703

def _redirect_to_login(message=None):

704

"""Return an exception that must be raised. It will redirect to the login

705

page which will redirect back to the current URL after authentication.

706

The optional message will be shown in a flash message."""

704

from kallithea.lib import helpers as h

707

from kallithea.lib import helpers as h

705

p = request.path_qs

706

if message:

708

if message:

707

h.flash(h.literal(message), category='warning')

709

h.flash(h.literal(message), category='warning')

710

p = request.path_qs

708

log.debug('Redirecting to login page, origin: %s', p)

711

log.debug('Redirecting to login page, origin: %s', p)

709

r~~ais~~e HTTPFound(location=url('login_home', came_from=p))

712

return HTTPFound(location=url('login_home', came_from=p))

710

713

711

714

712

class LoginRequired(object):

715

class LoginRequired(object):

731

log.debug('Checking access for user %s @ %s', user, loc)

734

log.debug('Checking access for user %s @ %s', user, loc)

732

735

733

if not AuthUser.check_ip_allowed(user, controller.ip_addr):

736

if not AuthUser.check_ip_allowed(user, controller.ip_addr):

734

re~~turn~~ redirect_to_login(_('IP %s not allowed') % controller.ip_addr)

737

raise _redirect_to_login(_('IP %s not allowed') % controller.ip_addr)

735

738

736

# check if we used an API key and it's a valid one

739

# check if we used an API key and it's a valid one

737

api_key = request.GET.get('api_key')

740

api_key = request.GET.get('api_key')

744

return func(*fargs, **fkwargs)

747

return func(*fargs, **fkwargs)

745

else:

748

else:

746

log.warning('API key ****%s is NOT valid', api_key[-4:])

749

log.warning('API key ****%s is NOT valid', api_key[-4:])

747

re~~turn~~ redirect_to_login(_('Invalid API key'))

750

raise _redirect_to_login(_('Invalid API key'))

748

else:

751

else:

749

# controller does not allow API access

752

# controller does not allow API access

750

log.warning('API access to %s is not allowed', loc)

753

log.warning('API access to %s is not allowed', loc)

790

return func(*fargs, **fkwargs)

793

return func(*fargs, **fkwargs)

791

else:

794

else:

792

log.warning('user %s NOT authenticated with regular auth @ %s', user, loc)

795

log.warning('user %s NOT authenticated with regular auth @ %s', user, loc)

793

re~~turn~~ redirect_to_login()

796

raise _redirect_to_login()

794

797

795

class NotAnonymous(object):

798

class NotAnonymous(object):

796

"""

799

"""

807

log.debug('Checking if user is not anonymous @%s', cls)

810

log.debug('Checking if user is not anonymous @%s', cls)

808

811

809

if self.user.is_default_user:

812

if self.user.is_default_user:

810

re~~turn~~ redirect_to_login(_('You need to be a registered user to '

813

raise _redirect_to_login(_('You need to be a registered user to '

811

'perform this action'))

814

'perform this action'))

812

else:

815

else:

813

return func(*fargs, **fkwargs)

816

return func(*fargs, **fkwargs)

814

817

837

else:

840

else:

838

log.debug('Permission denied for %s %s', cls, self.user)

841

log.debug('Permission denied for %s %s', cls, self.user)

839

if self.user.is_default_user:

842

if self.user.is_default_user:

840

re~~turn~~ redirect_to_login(_('You need to be signed in to view this page'))

843

raise _redirect_to_login(_('You need to be signed in to view this page'))

841

else:

844

else:

842

raise HTTPForbidden()

845

raise HTTPForbidden()

843

846

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # CHECK DECORATORS
             #==============================================================================
-            def redirect_to_login(message=None):
+            def _redirect_to_login(message=None):
+                """Return an exception that must be raised. It will redirect to the login
+                page which will redirect back to the current URL after authentication.
+                The optional message will be shown in a flash message."""
                 from kallithea.lib import helpers as h
-                p = request.path_qs
                 if message:
                     h.flash(h.literal(message), category='warning')
+                p = request.path_qs
                 log.debug('Redirecting to login page, origin: %s', p)
-                raise HTTPFound(location=url('login_home', came_from=p))
+                return HTTPFound(location=url('login_home', came_from=p))
             class LoginRequired(object):
                     log.debug('Checking access for user %s @ %s', user, loc)
                     if not AuthUser.check_ip_allowed(user, controller.ip_addr):
-                        return redirect_to_login(_('IP %s not allowed') % controller.ip_addr)
+                        raise _redirect_to_login(_('IP %s not allowed') % controller.ip_addr)
                     # check if we used an API key and it's a valid one
                     api_key = request.GET.get('api_key')
                                 return func(*fargs, **fkwargs)
                             else:
                                 log.warning('API key ****%s is NOT valid', api_key[-4:])
-                                return redirect_to_login(_('Invalid API key'))
+                                raise _redirect_to_login(_('Invalid API key'))
                         else:
                             # controller does not allow API access
                             log.warning('API access to %s is not allowed', loc)
                         return func(*fargs, **fkwargs)
                     else:
                         log.warning('user %s NOT authenticated with regular auth @ %s', user, loc)
-                        return redirect_to_login()
+                        raise _redirect_to_login()
             class NotAnonymous(object):
                 """
                     log.debug('Checking if user is not anonymous @%s', cls)
                     if self.user.is_default_user:
-                        return redirect_to_login(_('You need to be a registered user to '
+                        raise _redirect_to_login(_('You need to be a registered user to '
-                                'perform this action'))
+                                                   'perform this action'))
                     else:
                         return func(*fargs, **fkwargs)
                     else:
                         log.debug('Permission denied for %s %s', cls, self.user)
                         if self.user.is_default_user:
-                            return redirect_to_login(_('You need to be signed in to view this page'))
+                            raise _redirect_to_login(_('You need to be signed in to view this page'))
                         else:
                             raise HTTPForbidden()