Show More
@@ -1,133 +1,135 b'' | |||
|
1 | 1 | ################################################################################ |
|
2 | 2 | ################################################################################ |
|
3 | 3 | # pylons_app - Pylons environment configuration # |
|
4 | 4 | # # |
|
5 | 5 | # The %(here)s variable will be replaced with the parent directory of this file# |
|
6 | 6 | ################################################################################ |
|
7 | 7 | |
|
8 | 8 | [DEFAULT] |
|
9 | 9 | debug = true |
|
10 | 10 | ############################################ |
|
11 | 11 | ## Uncomment and replace with the address ## |
|
12 | 12 | ## which should receive any error reports ## |
|
13 | 13 | ############################################ |
|
14 | 14 | #email_to = admin@localhost |
|
15 | 15 | #smtp_server = mail.server.com |
|
16 | 16 | #error_email_from = paste_error@localhost |
|
17 | 17 | #smtp_username = |
|
18 | 18 | #smtp_password = |
|
19 | 19 | #error_message = 'mercurial crash !' |
|
20 | 20 | |
|
21 | 21 | [server:main] |
|
22 | 22 | ##nr of threads to spawn |
|
23 | 23 | threadpool_workers = 5 |
|
24 | 24 | |
|
25 | 25 | ##max request before |
|
26 | 26 | threadpool_max_requests = 2 |
|
27 | 27 | |
|
28 | 28 | ##option to use threads of process |
|
29 | 29 | use_threadpool = true |
|
30 | 30 | |
|
31 | 31 | use = egg:Paste#http |
|
32 | 32 | host = 127.0.0.1 |
|
33 | 33 | port = 5000 |
|
34 | 34 | |
|
35 | 35 | [app:main] |
|
36 | 36 | use = egg:pylons_app |
|
37 | 37 | full_stack = true |
|
38 | 38 | static_files = true |
|
39 | 39 | lang=en |
|
40 | 40 | cache_dir = %(here)s/data |
|
41 | 41 | |
|
42 | 42 | #################################### |
|
43 | 43 | ### BEAKER CACHE #### |
|
44 | 44 | #################################### |
|
45 | 45 | beaker.cache.data_dir=/%(here)s/data/cache/data |
|
46 | 46 | beaker.cache.lock_dir=/%(here)s/data/cache/lock |
|
47 | beaker.cache.regions=short_term,long_term | |
|
47 | beaker.cache.regions=super_short_term,short_term,long_term | |
|
48 | 48 | beaker.cache.long_term.type=memory |
|
49 | 49 | beaker.cache.long_term.expire=36000 |
|
50 | 50 | beaker.cache.short_term.type=memory |
|
51 | 51 | beaker.cache.short_term.expire=60 |
|
52 | beaker.cache.super_short_term.type=memory | |
|
53 | beaker.cache.super_short_term.expire=10 | |
|
52 | 54 | |
|
53 | 55 | ################################################################################ |
|
54 | 56 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## |
|
55 | 57 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## |
|
56 | 58 | ## execute malicious code after an exception is raised. ## |
|
57 | 59 | ################################################################################ |
|
58 | 60 | #set debug = false |
|
59 | 61 | |
|
60 | 62 | ################################## |
|
61 | 63 | ### LOGVIEW CONFIG ### |
|
62 | 64 | ################################## |
|
63 | 65 | logview.sqlalchemy = #faa |
|
64 | 66 | logview.pylons.templating = #bfb |
|
65 | 67 | logview.pylons.util = #eee |
|
66 | 68 | |
|
67 | 69 | ######################################################### |
|
68 | 70 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### |
|
69 | 71 | ######################################################### |
|
70 | 72 | sqlalchemy.db1.url = sqlite:///%(here)s/hg_app.db |
|
71 | 73 | #sqlalchemy.db1.echo = False |
|
72 | 74 | #sqlalchemy.db1.pool_recycle = 3600 |
|
73 | 75 | sqlalchemy.convert_unicode = true |
|
74 | 76 | |
|
75 | 77 | ################################ |
|
76 | 78 | ### LOGGING CONFIGURATION #### |
|
77 | 79 | ################################ |
|
78 | 80 | [loggers] |
|
79 | 81 | keys = root, routes, pylons_app, sqlalchemy |
|
80 | 82 | |
|
81 | 83 | [handlers] |
|
82 | 84 | keys = console |
|
83 | 85 | |
|
84 | 86 | [formatters] |
|
85 | 87 | keys = generic,color_formatter |
|
86 | 88 | |
|
87 | 89 | ############# |
|
88 | 90 | ## LOGGERS ## |
|
89 | 91 | ############# |
|
90 | 92 | [logger_root] |
|
91 | 93 | level = NOTSET |
|
92 | 94 | handlers = console |
|
93 | 95 | |
|
94 | 96 | [logger_routes] |
|
95 | 97 | level = DEBUG |
|
96 | 98 | handlers = console |
|
97 | 99 | qualname = routes.middleware |
|
98 | 100 | # "level = DEBUG" logs the route matched and routing variables. |
|
99 | 101 | |
|
100 | 102 | [logger_pylons_app] |
|
101 | 103 | level = DEBUG |
|
102 | 104 | handlers = console |
|
103 | 105 | qualname = pylons_app |
|
104 | 106 | propagate = 0 |
|
105 | 107 | |
|
106 | 108 | [logger_sqlalchemy] |
|
107 | 109 | level = ERROR |
|
108 | 110 | handlers = console |
|
109 | 111 | qualname = sqlalchemy.engine |
|
110 | 112 | propagate = 0 |
|
111 | 113 | |
|
112 | 114 | ############## |
|
113 | 115 | ## HANDLERS ## |
|
114 | 116 | ############## |
|
115 | 117 | |
|
116 | 118 | [handler_console] |
|
117 | 119 | class = StreamHandler |
|
118 | 120 | args = (sys.stderr,) |
|
119 | 121 | level = NOTSET |
|
120 | 122 | formatter = color_formatter |
|
121 | 123 | |
|
122 | 124 | ################ |
|
123 | 125 | ## FORMATTERS ## |
|
124 | 126 | ################ |
|
125 | 127 | |
|
126 | 128 | [formatter_generic] |
|
127 | 129 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
128 | 130 | datefmt = %Y-%m-%d %H:%M:%S |
|
129 | 131 | |
|
130 | 132 | [formatter_color_formatter] |
|
131 | 133 | class=pylons_app.lib.colored_formatter.ColorFormatter |
|
132 | 134 | format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
133 | 135 | datefmt = %Y-%m-%d %H:%M:%S No newline at end of file |
@@ -1,134 +1,135 b'' | |||
|
1 | 1 | ################################################################################ |
|
2 | 2 | ################################################################################ |
|
3 | 3 | # pylons_app - Pylons environment configuration # |
|
4 | 4 | # # |
|
5 | 5 | # The %(here)s variable will be replaced with the parent directory of this file# |
|
6 | 6 | ################################################################################ |
|
7 | 7 | |
|
8 | 8 | [DEFAULT] |
|
9 | 9 | debug = true |
|
10 | 10 | ############################################ |
|
11 | 11 | ## Uncomment and replace with the address ## |
|
12 | 12 | ## which should receive any error reports ## |
|
13 | 13 | ############################################ |
|
14 | 14 | #email_to = admin@localhost |
|
15 | 15 | #smtp_server = mail.server.com |
|
16 | 16 | #error_email_from = paste_error@localhost |
|
17 | 17 | #smtp_username = |
|
18 | 18 | #smtp_password = |
|
19 | 19 | #error_message = 'mercurial crash !' |
|
20 | 20 | |
|
21 | 21 | [server:main] |
|
22 | 22 | ##nr of threads to spawn |
|
23 | 23 | threadpool_workers = 5 |
|
24 | 24 | |
|
25 | 25 | ##max request before |
|
26 | 26 | threadpool_max_requests = 2 |
|
27 | 27 | |
|
28 | 28 | ##option to use threads of process |
|
29 | 29 | use_threadpool = true |
|
30 | 30 | |
|
31 | 31 | use = egg:Paste#http |
|
32 | 32 | host = 127.0.0.1 |
|
33 | 33 | port = 8001 |
|
34 | 34 | |
|
35 | 35 | [app:main] |
|
36 | 36 | use = egg:pylons_app |
|
37 | 37 | full_stack = true |
|
38 | 38 | static_files = false |
|
39 | 39 | lang=en |
|
40 | 40 | cache_dir = %(here)s/data |
|
41 | 41 | |
|
42 | ||
|
43 | 42 | #################################### |
|
44 | 43 | ### BEAKER CACHE #### |
|
45 | 44 | #################################### |
|
46 | 45 | beaker.cache.data_dir=/%(here)s/data/cache/data |
|
47 | 46 | beaker.cache.lock_dir=/%(here)s/data/cache/lock |
|
48 | beaker.cache.regions=short_term,long_term | |
|
47 | beaker.cache.regions=super_short_term,short_term,long_term | |
|
49 | 48 | beaker.cache.long_term.type=memory |
|
50 | 49 | beaker.cache.long_term.expire=36000 |
|
51 | 50 | beaker.cache.short_term.type=memory |
|
52 | 51 | beaker.cache.short_term.expire=60 |
|
52 | beaker.cache.super_short_term.type=memory | |
|
53 | beaker.cache.super_short_term.expire=10 | |
|
53 | 54 | |
|
54 | 55 | ################################################################################ |
|
55 | 56 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## |
|
56 | 57 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## |
|
57 | 58 | ## execute malicious code after an exception is raised. ## |
|
58 | 59 | ################################################################################ |
|
59 | 60 | set debug = false |
|
60 | 61 | |
|
61 | 62 | ################################## |
|
62 | 63 | ### LOGVIEW CONFIG ### |
|
63 | 64 | ################################## |
|
64 | 65 | logview.sqlalchemy = #faa |
|
65 | 66 | logview.pylons.templating = #bfb |
|
66 | 67 | logview.pylons.util = #eee |
|
67 | 68 | |
|
68 | 69 | ######################################################### |
|
69 | 70 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### |
|
70 | 71 | ######################################################### |
|
71 | 72 | sqlalchemy.db1.url = sqlite:///%(here)s/hg_app.db |
|
72 | 73 | #sqlalchemy.db1.echo = False |
|
73 | 74 | #sqlalchemy.db1.pool_recycle = 3600 |
|
74 | 75 | sqlalchemy.convert_unicode = true |
|
75 | 76 | |
|
76 | 77 | ################################ |
|
77 | 78 | ### LOGGING CONFIGURATION #### |
|
78 | 79 | ################################ |
|
79 | 80 | [loggers] |
|
80 | 81 | keys = root, routes, pylons_app, sqlalchemy |
|
81 | 82 | |
|
82 | 83 | [handlers] |
|
83 | 84 | keys = console |
|
84 | 85 | |
|
85 | 86 | [formatters] |
|
86 | 87 | keys = generic,color_formatter |
|
87 | 88 | |
|
88 | 89 | ############# |
|
89 | 90 | ## LOGGERS ## |
|
90 | 91 | ############# |
|
91 | 92 | [logger_root] |
|
92 | 93 | level = INFO |
|
93 | 94 | handlers = console |
|
94 | 95 | |
|
95 | 96 | [logger_routes] |
|
96 | 97 | level = INFO |
|
97 | 98 | handlers = console |
|
98 | 99 | qualname = routes.middleware |
|
99 | 100 | # "level = DEBUG" logs the route matched and routing variables. |
|
100 | 101 | |
|
101 | 102 | [logger_pylons_app] |
|
102 | 103 | level = DEBUG |
|
103 | 104 | handlers = console |
|
104 | 105 | qualname = pylons_app |
|
105 | 106 | propagate = 0 |
|
106 | 107 | |
|
107 | 108 | [logger_sqlalchemy] |
|
108 | 109 | level = ERROR |
|
109 | 110 | handlers = console |
|
110 | 111 | qualname = sqlalchemy.engine |
|
111 | 112 | propagate = 0 |
|
112 | 113 | |
|
113 | 114 | ############## |
|
114 | 115 | ## HANDLERS ## |
|
115 | 116 | ############## |
|
116 | 117 | |
|
117 | 118 | [handler_console] |
|
118 | 119 | class = StreamHandler |
|
119 | 120 | args = (sys.stderr,) |
|
120 | 121 | level = NOTSET |
|
121 | 122 | formatter = color_formatter |
|
122 | 123 | |
|
123 | 124 | ################ |
|
124 | 125 | ## FORMATTERS ## |
|
125 | 126 | ################ |
|
126 | 127 | |
|
127 | 128 | [formatter_generic] |
|
128 | 129 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
129 | 130 | datefmt = %Y-%m-%d %H:%M:%S |
|
130 | 131 | |
|
131 | 132 | [formatter_color_formatter] |
|
132 | 133 | class=pylons_app.lib.colored_formatter.ColorFormatter |
|
133 | 134 | format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
134 | 135 | datefmt = %Y-%m-%d %H:%M:%S No newline at end of file |
@@ -1,399 +1,405 b'' | |||
|
1 | 1 | #!/usr/bin/env python |
|
2 | 2 | # encoding: utf-8 |
|
3 | 3 | # authentication and permission libraries |
|
4 | 4 | # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> |
|
5 | 5 | |
|
6 | 6 | # This program is free software; you can redistribute it and/or |
|
7 | 7 | # modify it under the terms of the GNU General Public License |
|
8 | 8 | # as published by the Free Software Foundation; version 2 |
|
9 | 9 | # of the License or (at your opinion) any later version of the license. |
|
10 | 10 | # |
|
11 | 11 | # This program is distributed in the hope that it will be useful, |
|
12 | 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13 | 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14 | 14 | # GNU General Public License for more details. |
|
15 | 15 | # |
|
16 | 16 | # You should have received a copy of the GNU General Public License |
|
17 | 17 | # along with this program; if not, write to the Free Software |
|
18 | 18 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
19 | 19 | # MA 02110-1301, USA. |
|
20 | 20 | """ |
|
21 | 21 | Created on April 4, 2010 |
|
22 | 22 | |
|
23 | 23 | @author: marcink |
|
24 | 24 | """ |
|
25 | ||
|
25 | from beaker.cache import cache_region | |
|
26 | 26 | from functools import wraps |
|
27 | from pylons import session, url, request | |
|
27 | from pylons import config, session, url, request | |
|
28 | 28 | from pylons.controllers.util import abort, redirect |
|
29 | from pylons_app.lib.utils import get_repo_slug | |
|
29 | 30 | from pylons_app.model import meta |
|
30 | 31 | from pylons_app.model.db import User, Repo2Perm, Repository, Permission |
|
31 | from pylons_app.lib.utils import get_repo_slug | |
|
32 | 32 | from sqlalchemy.exc import OperationalError |
|
33 | 33 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
34 | 34 | import crypt |
|
35 | 35 | import logging |
|
36 | from pylons import config | |
|
36 | ||
|
37 | 37 | log = logging.getLogger(__name__) |
|
38 | 38 | |
|
39 | 39 | def get_crypt_password(password): |
|
40 | 40 | """ |
|
41 | 41 | Cryptographic function used for password hashing |
|
42 | 42 | @param password: password to hash |
|
43 | 43 | """ |
|
44 | 44 | return crypt.crypt(password, '6a') |
|
45 | 45 | |
|
46 | ||
|
47 | @cache_region('super_short_term', 'cached_user') | |
|
48 | def get_user_cached(username): | |
|
49 | sa = meta.Session | |
|
50 | user = sa.query(User).filter(User.username == username).one() | |
|
51 | return user | |
|
52 | ||
|
46 | 53 | def authfunc(environ, username, password): |
|
47 | sa = meta.Session | |
|
48 | 54 | password_crypt = get_crypt_password(password) |
|
49 | 55 | try: |
|
50 | user = sa.query(User).filter(User.username == username).one() | |
|
56 | user = get_user_cached(username) | |
|
51 | 57 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
52 | 58 | log.error(e) |
|
53 | 59 | user = None |
|
54 | 60 | |
|
55 | 61 | if user: |
|
56 | 62 | if user.active: |
|
57 | 63 | if user.username == username and user.password == password_crypt: |
|
58 | 64 | log.info('user %s authenticated correctly', username) |
|
59 | 65 | return True |
|
60 | 66 | else: |
|
61 | 67 | log.error('user %s is disabled', username) |
|
62 | 68 | |
|
63 | 69 | return False |
|
64 | 70 | |
|
65 | 71 | class AuthUser(object): |
|
66 | 72 | """ |
|
67 | 73 | A simple object that handles a mercurial username for authentication |
|
68 | 74 | """ |
|
69 | 75 | def __init__(self): |
|
70 | 76 | self.username = 'None' |
|
71 | 77 | self.user_id = None |
|
72 | 78 | self.is_authenticated = False |
|
73 | 79 | self.is_admin = False |
|
74 | 80 | self.permissions = {} |
|
75 | 81 | |
|
76 | 82 | |
|
77 | 83 | def set_available_permissions(config): |
|
78 | 84 | """ |
|
79 | 85 | This function will propagate pylons globals with all available defined |
|
80 | 86 | permission given in db. We don't wannt to check each time from db for new |
|
81 | 87 | permissions since adding a new permission also requires application restart |
|
82 | 88 | ie. to decorate new views with the newly created permission |
|
83 | 89 | @param config: |
|
84 | 90 | """ |
|
85 | 91 | log.info('getting information about all available permissions') |
|
86 | 92 | sa = meta.Session |
|
87 | 93 | all_perms = sa.query(Permission).all() |
|
88 | 94 | config['available_permissions'] = [x.permission_name for x in all_perms] |
|
89 | 95 | |
|
90 | 96 | def set_base_path(config): |
|
91 | 97 | config['base_path'] = config['pylons.app_globals'].base_path |
|
92 | 98 | |
|
93 | 99 | def fill_perms(user): |
|
94 | 100 | sa = meta.Session |
|
95 | 101 | user.permissions['repositories'] = {} |
|
96 | 102 | |
|
97 | 103 | #first fetch default permissions |
|
98 | 104 | default_perms = sa.query(Repo2Perm, Repository, Permission)\ |
|
99 | 105 | .join((Repository, Repo2Perm.repository == Repository.repo_name))\ |
|
100 | 106 | .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\ |
|
101 | 107 | .filter(Repo2Perm.user_id == sa.query(User).filter(User.username == |
|
102 | 108 | 'default').one().user_id).all() |
|
103 | 109 | |
|
104 | 110 | if user.is_admin: |
|
105 | 111 | user.permissions['global'] = set(['hg.admin']) |
|
106 | 112 | #admin have all rights full |
|
107 | 113 | for perm in default_perms: |
|
108 | 114 | p = 'repository.admin' |
|
109 | 115 | user.permissions['repositories'][perm.Repo2Perm.repository] = p |
|
110 | 116 | |
|
111 | 117 | else: |
|
112 | 118 | user.permissions['global'] = set() |
|
113 | 119 | for perm in default_perms: |
|
114 | 120 | if perm.Repository.private: |
|
115 | 121 | #disable defaults for private repos, |
|
116 | 122 | p = 'repository.none' |
|
117 | 123 | elif perm.Repository.user_id == user.user_id: |
|
118 | 124 | #set admin if owner |
|
119 | 125 | p = 'repository.admin' |
|
120 | 126 | else: |
|
121 | 127 | p = perm.Permission.permission_name |
|
122 | 128 | |
|
123 | 129 | user.permissions['repositories'][perm.Repo2Perm.repository] = p |
|
124 | 130 | |
|
125 | 131 | |
|
126 | 132 | user_perms = sa.query(Repo2Perm, Permission, Repository)\ |
|
127 | 133 | .join((Repository, Repo2Perm.repository == Repository.repo_name))\ |
|
128 | 134 | .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\ |
|
129 | 135 | .filter(Repo2Perm.user_id == user.user_id).all() |
|
130 | 136 | #overwrite userpermissions with defaults |
|
131 | 137 | for perm in user_perms: |
|
132 | 138 | #set write if owner |
|
133 | 139 | if perm.Repository.user_id == user.user_id: |
|
134 | 140 | p = 'repository.write' |
|
135 | 141 | else: |
|
136 | 142 | p = perm.Permission.permission_name |
|
137 | 143 | user.permissions['repositories'][perm.Repo2Perm.repository] = p |
|
138 | 144 | return user |
|
139 | 145 | |
|
140 | 146 | def get_user(session): |
|
141 | 147 | """ |
|
142 | 148 | Gets user from session, and wraps permissions into user |
|
143 | 149 | @param session: |
|
144 | 150 | """ |
|
145 | 151 | user = session.get('hg_app_user', AuthUser()) |
|
146 | 152 | |
|
147 | 153 | if user.is_authenticated: |
|
148 | 154 | user = fill_perms(user) |
|
149 | 155 | |
|
150 | 156 | session['hg_app_user'] = user |
|
151 | 157 | session.save() |
|
152 | 158 | return user |
|
153 | 159 | |
|
154 | 160 | #=============================================================================== |
|
155 | 161 | # CHECK DECORATORS |
|
156 | 162 | #=============================================================================== |
|
157 | 163 | class LoginRequired(object): |
|
158 | 164 | """ |
|
159 | 165 | Must be logged in to execute this function else redirect to login page |
|
160 | 166 | """ |
|
161 | 167 | |
|
162 | 168 | def __call__(self, func): |
|
163 | 169 | @wraps(func) |
|
164 | 170 | def _wrapper(*fargs, **fkwargs): |
|
165 | 171 | user = session.get('hg_app_user', AuthUser()) |
|
166 | 172 | log.debug('Checking login required for user:%s', user.username) |
|
167 | 173 | if user.is_authenticated: |
|
168 | 174 | log.debug('user %s is authenticated', user.username) |
|
169 | 175 | func(*fargs) |
|
170 | 176 | else: |
|
171 | 177 | log.warn('user %s not authenticated', user.username) |
|
172 | 178 | log.debug('redirecting to login page') |
|
173 | 179 | return redirect(url('login_home')) |
|
174 | 180 | |
|
175 | 181 | return _wrapper |
|
176 | 182 | |
|
177 | 183 | class PermsDecorator(object): |
|
178 | 184 | """ |
|
179 | 185 | Base class for decorators |
|
180 | 186 | """ |
|
181 | 187 | |
|
182 | 188 | def __init__(self, *required_perms): |
|
183 | 189 | available_perms = config['available_permissions'] |
|
184 | 190 | for perm in required_perms: |
|
185 | 191 | if perm not in available_perms: |
|
186 | 192 | raise Exception("'%s' permission is not defined" % perm) |
|
187 | 193 | self.required_perms = set(required_perms) |
|
188 | 194 | self.user_perms = None |
|
189 | 195 | |
|
190 | 196 | def __call__(self, func): |
|
191 | 197 | @wraps(func) |
|
192 | 198 | def _wrapper(*fargs, **fkwargs): |
|
193 | 199 | self.user_perms = session.get('hg_app_user', AuthUser()).permissions |
|
194 | 200 | log.debug('checking %s permissions %s for %s', |
|
195 | 201 | self.__class__.__name__, self.required_perms, func.__name__) |
|
196 | 202 | |
|
197 | 203 | if self.check_permissions(): |
|
198 | 204 | log.debug('Permission granted for %s', func.__name__) |
|
199 | 205 | return func(*fargs) |
|
200 | 206 | |
|
201 | 207 | else: |
|
202 | 208 | log.warning('Permission denied for %s', func.__name__) |
|
203 | 209 | #redirect with forbidden ret code |
|
204 | 210 | return abort(403) |
|
205 | 211 | return _wrapper |
|
206 | 212 | |
|
207 | 213 | |
|
208 | 214 | def check_permissions(self): |
|
209 | 215 | """ |
|
210 | 216 | Dummy function for overriding |
|
211 | 217 | """ |
|
212 | 218 | raise Exception('You have to write this function in child class') |
|
213 | 219 | |
|
214 | 220 | class HasPermissionAllDecorator(PermsDecorator): |
|
215 | 221 | """ |
|
216 | 222 | Checks for access permission for all given predicates. All of them have to |
|
217 | 223 | be meet in order to fulfill the request |
|
218 | 224 | """ |
|
219 | 225 | |
|
220 | 226 | def check_permissions(self): |
|
221 | 227 | if self.required_perms.issubset(self.user_perms.get('global')): |
|
222 | 228 | return True |
|
223 | 229 | return False |
|
224 | 230 | |
|
225 | 231 | |
|
226 | 232 | class HasPermissionAnyDecorator(PermsDecorator): |
|
227 | 233 | """ |
|
228 | 234 | Checks for access permission for any of given predicates. In order to |
|
229 | 235 | fulfill the request any of predicates must be meet |
|
230 | 236 | """ |
|
231 | 237 | |
|
232 | 238 | def check_permissions(self): |
|
233 | 239 | if self.required_perms.intersection(self.user_perms.get('global')): |
|
234 | 240 | return True |
|
235 | 241 | return False |
|
236 | 242 | |
|
237 | 243 | class HasRepoPermissionAllDecorator(PermsDecorator): |
|
238 | 244 | """ |
|
239 | 245 | Checks for access permission for all given predicates for specific |
|
240 | 246 | repository. All of them have to be meet in order to fulfill the request |
|
241 | 247 | """ |
|
242 | 248 | |
|
243 | 249 | def check_permissions(self): |
|
244 | 250 | repo_name = get_repo_slug(request) |
|
245 | 251 | try: |
|
246 | 252 | user_perms = set([self.user_perms['repositories'][repo_name]]) |
|
247 | 253 | except KeyError: |
|
248 | 254 | return False |
|
249 | 255 | if self.required_perms.issubset(user_perms): |
|
250 | 256 | return True |
|
251 | 257 | return False |
|
252 | 258 | |
|
253 | 259 | |
|
254 | 260 | class HasRepoPermissionAnyDecorator(PermsDecorator): |
|
255 | 261 | """ |
|
256 | 262 | Checks for access permission for any of given predicates for specific |
|
257 | 263 | repository. In order to fulfill the request any of predicates must be meet |
|
258 | 264 | """ |
|
259 | 265 | |
|
260 | 266 | def check_permissions(self): |
|
261 | 267 | repo_name = get_repo_slug(request) |
|
262 | 268 | |
|
263 | 269 | try: |
|
264 | 270 | user_perms = set([self.user_perms['repositories'][repo_name]]) |
|
265 | 271 | except KeyError: |
|
266 | 272 | return False |
|
267 | 273 | if self.required_perms.intersection(user_perms): |
|
268 | 274 | return True |
|
269 | 275 | return False |
|
270 | 276 | #=============================================================================== |
|
271 | 277 | # CHECK FUNCTIONS |
|
272 | 278 | #=============================================================================== |
|
273 | 279 | |
|
274 | 280 | class PermsFunction(object): |
|
275 | 281 | """ |
|
276 | 282 | Base function for other check functions |
|
277 | 283 | """ |
|
278 | 284 | |
|
279 | 285 | def __init__(self, *perms): |
|
280 | 286 | available_perms = config['available_permissions'] |
|
281 | 287 | |
|
282 | 288 | for perm in perms: |
|
283 | 289 | if perm not in available_perms: |
|
284 | 290 | raise Exception("'%s' permission in not defined" % perm) |
|
285 | 291 | self.required_perms = set(perms) |
|
286 | 292 | self.user_perms = None |
|
287 | 293 | self.granted_for = '' |
|
288 | 294 | self.repo_name = None |
|
289 | 295 | |
|
290 | 296 | def __call__(self, check_Location=''): |
|
291 | 297 | user = session.get('hg_app_user', False) |
|
292 | 298 | if not user: |
|
293 | 299 | return False |
|
294 | 300 | self.user_perms = user.permissions |
|
295 | 301 | self.granted_for = user.username |
|
296 | 302 | log.debug('checking %s %s', self.__class__.__name__, self.required_perms) |
|
297 | 303 | |
|
298 | 304 | if self.check_permissions(): |
|
299 | 305 | log.debug('Permission granted for %s @%s', self.granted_for, |
|
300 | 306 | check_Location) |
|
301 | 307 | return True |
|
302 | 308 | |
|
303 | 309 | else: |
|
304 | 310 | log.warning('Permission denied for %s @%s', self.granted_for, |
|
305 | 311 | check_Location) |
|
306 | 312 | return False |
|
307 | 313 | |
|
308 | 314 | def check_permissions(self): |
|
309 | 315 | """ |
|
310 | 316 | Dummy function for overriding |
|
311 | 317 | """ |
|
312 | 318 | raise Exception('You have to write this function in child class') |
|
313 | 319 | |
|
314 | 320 | class HasPermissionAll(PermsFunction): |
|
315 | 321 | def check_permissions(self): |
|
316 | 322 | if self.required_perms.issubset(self.user_perms.get('global')): |
|
317 | 323 | return True |
|
318 | 324 | return False |
|
319 | 325 | |
|
320 | 326 | class HasPermissionAny(PermsFunction): |
|
321 | 327 | def check_permissions(self): |
|
322 | 328 | if self.required_perms.intersection(self.user_perms.get('global')): |
|
323 | 329 | return True |
|
324 | 330 | return False |
|
325 | 331 | |
|
326 | 332 | class HasRepoPermissionAll(PermsFunction): |
|
327 | 333 | |
|
328 | 334 | def __call__(self, repo_name=None, check_Location=''): |
|
329 | 335 | self.repo_name = repo_name |
|
330 | 336 | return super(HasRepoPermissionAll, self).__call__(check_Location) |
|
331 | 337 | |
|
332 | 338 | def check_permissions(self): |
|
333 | 339 | if not self.repo_name: |
|
334 | 340 | self.repo_name = get_repo_slug(request) |
|
335 | 341 | |
|
336 | 342 | try: |
|
337 | 343 | self.user_perms = set([self.user_perms['repositories']\ |
|
338 | 344 | [self.repo_name]]) |
|
339 | 345 | except KeyError: |
|
340 | 346 | return False |
|
341 | 347 | self.granted_for = self.repo_name |
|
342 | 348 | if self.required_perms.issubset(self.user_perms): |
|
343 | 349 | return True |
|
344 | 350 | return False |
|
345 | 351 | |
|
346 | 352 | class HasRepoPermissionAny(PermsFunction): |
|
347 | 353 | |
|
348 | 354 | |
|
349 | 355 | def __call__(self, repo_name=None, check_Location=''): |
|
350 | 356 | self.repo_name = repo_name |
|
351 | 357 | return super(HasRepoPermissionAny, self).__call__(check_Location) |
|
352 | 358 | |
|
353 | 359 | def check_permissions(self): |
|
354 | 360 | if not self.repo_name: |
|
355 | 361 | self.repo_name = get_repo_slug(request) |
|
356 | 362 | |
|
357 | 363 | try: |
|
358 | 364 | self.user_perms = set([self.user_perms['repositories']\ |
|
359 | 365 | [self.repo_name]]) |
|
360 | 366 | except KeyError: |
|
361 | 367 | return False |
|
362 | 368 | self.granted_for = self.repo_name |
|
363 | 369 | if self.required_perms.intersection(self.user_perms): |
|
364 | 370 | return True |
|
365 | 371 | return False |
|
366 | 372 | |
|
367 | 373 | #=============================================================================== |
|
368 | 374 | # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH |
|
369 | 375 | #=============================================================================== |
|
370 | 376 | |
|
371 | 377 | class HasPermissionAnyMiddleware(object): |
|
372 | 378 | def __init__(self, *perms): |
|
373 | 379 | self.required_perms = set(perms) |
|
374 | 380 | |
|
375 | 381 | def __call__(self, user, repo_name): |
|
376 | 382 | usr = AuthUser() |
|
377 | 383 | usr.user_id = user.user_id |
|
378 | 384 | usr.username = user.username |
|
379 | 385 | usr.is_admin = user.admin |
|
380 | 386 | |
|
381 | 387 | try: |
|
382 | 388 | self.user_perms = set([fill_perms(usr)\ |
|
383 | 389 | .permissions['repositories'][repo_name]]) |
|
384 | 390 | except: |
|
385 | 391 | self.user_perms = set() |
|
386 | 392 | self.granted_for = '' |
|
387 | 393 | self.username = user.username |
|
388 | 394 | self.repo_name = repo_name |
|
389 | 395 | return self.check_permissions() |
|
390 | 396 | |
|
391 | 397 | def check_permissions(self): |
|
392 | 398 | log.debug('checking mercurial protocol ' |
|
393 | 399 | 'permissions for user:%s repository:%s', |
|
394 | 400 | self.username, self.repo_name) |
|
395 | 401 | if self.required_perms.intersection(self.user_perms): |
|
396 | 402 | log.debug('permission granted') |
|
397 | 403 | return True |
|
398 | 404 | log.debug('permission denied') |
|
399 | 405 | return False |
@@ -1,226 +1,231 b'' | |||
|
1 | 1 | #!/usr/bin/env python |
|
2 | 2 | # encoding: utf-8 |
|
3 | 3 | # middleware to handle mercurial api calls |
|
4 | 4 | # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> |
|
5 | 5 | |
|
6 | 6 | # This program is free software; you can redistribute it and/or |
|
7 | 7 | # modify it under the terms of the GNU General Public License |
|
8 | 8 | # as published by the Free Software Foundation; version 2 |
|
9 | 9 | # of the License or (at your opinion) any later version of the license. |
|
10 | 10 | # |
|
11 | 11 | # This program is distributed in the hope that it will be useful, |
|
12 | 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13 | 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14 | 14 | # GNU General Public License for more details. |
|
15 | 15 | # |
|
16 | 16 | # You should have received a copy of the GNU General Public License |
|
17 | 17 | # along with this program; if not, write to the Free Software |
|
18 | 18 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
19 | 19 | # MA 02110-1301, USA. |
|
20 | 20 | |
|
21 | 21 | """ |
|
22 | 22 | Created on 2010-04-28 |
|
23 | 23 | |
|
24 | 24 | @author: marcink |
|
25 | 25 | SimpleHG middleware for handling mercurial protocol request (push/clone etc.) |
|
26 | 26 | It's implemented with basic auth function |
|
27 | 27 | """ |
|
28 | 28 | from datetime import datetime |
|
29 | 29 | from itertools import chain |
|
30 | from mercurial.error import RepoError | |
|
30 | 31 | from mercurial.hgweb import hgweb |
|
31 | 32 | from mercurial.hgweb.request import wsgiapplication |
|
32 | from mercurial.error import RepoError | |
|
33 | 33 | from paste.auth.basic import AuthBasicAuthenticator |
|
34 | 34 | from paste.httpheaders import REMOTE_USER, AUTH_TYPE |
|
35 | from pylons_app.lib.auth import authfunc, HasPermissionAnyMiddleware | |
|
35 | from pylons_app.lib.auth import authfunc, HasPermissionAnyMiddleware, \ | |
|
36 | get_user_cached | |
|
36 | 37 | from pylons_app.lib.utils import is_mercurial, make_ui, invalidate_cache, \ |
|
37 | 38 | check_repo_fast |
|
38 | 39 | from pylons_app.model import meta |
|
39 | 40 | from pylons_app.model.db import UserLog, User |
|
40 | import pylons_app.lib.helpers as h | |
|
41 | 41 | from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError |
|
42 | 42 | import logging |
|
43 | 43 | import os |
|
44 | import pylons_app.lib.helpers as h | |
|
44 | 45 | import traceback |
|
46 | ||
|
45 | 47 | log = logging.getLogger(__name__) |
|
46 | 48 | |
|
47 | 49 | class SimpleHg(object): |
|
48 | 50 | |
|
49 | 51 | def __init__(self, application, config): |
|
50 | 52 | self.application = application |
|
51 | 53 | self.config = config |
|
52 | 54 | #authenticate this mercurial request using |
|
53 | 55 | realm = self.config['hg_app_auth_realm'] |
|
54 | 56 | self.authenticate = AuthBasicAuthenticator(realm, authfunc) |
|
55 | 57 | |
|
56 | 58 | def __call__(self, environ, start_response): |
|
57 | 59 | if not is_mercurial(environ): |
|
58 | 60 | return self.application(environ, start_response) |
|
59 | else: | |
|
61 | ||
|
60 | 62 |
|
|
61 | 63 |
|
|
62 | 64 |
|
|
63 | 65 |
|
|
64 | 66 |
|
|
65 | 67 |
|
|
66 | 68 |
|
|
67 | 69 |
|
|
68 | 70 |
|
|
69 | 71 |
|
|
70 | 72 |
|
|
71 | 73 |
|
|
72 | 74 |
|
|
73 | 75 |
|
|
74 | 76 |
|
|
75 | 77 |
|
|
76 | 78 |
|
|
77 | 79 |
|
|
78 | 80 |
|
|
79 | 81 |
|
|
80 | 82 |
|
|
81 | 83 |
|
|
82 | 84 |
|
|
83 | 85 |
|
|
84 | 86 |
|
|
85 | sa = meta.Session | |
|
86 | user = sa.query(User)\ | |
|
87 | .filter(User.username == username).one() | |
|
87 | user = self.__get_user(username) | |
|
88 | 88 |
|
|
89 | 89 |
|
|
90 | 90 |
|
|
91 | 91 |
|
|
92 | 92 |
|
|
93 | 93 |
|
|
94 | 94 |
|
|
95 | 95 |
|
|
96 | 96 |
|
|
97 | 97 |
|
|
98 | 98 |
|
|
99 | 99 |
|
|
100 | 100 |
|
|
101 | 101 |
|
|
102 | 102 |
|
|
103 | 103 |
|
|
104 | 104 |
|
|
105 | 105 |
|
|
106 | 106 |
|
|
107 | 107 |
|
|
108 | 108 |
|
|
109 | 109 |
|
|
110 | 110 |
|
|
111 | 111 |
|
|
112 | 112 |
|
|
113 | 113 |
|
|
114 | 114 |
|
|
115 | 115 |
|
|
116 | 116 |
|
|
117 | 117 | |
|
118 | 118 |
|
|
119 | 119 |
|
|
120 | 120 |
|
|
121 | 121 |
|
|
122 | 122 |
|
|
123 | 123 |
|
|
124 | 124 |
|
|
125 | 125 |
|
|
126 | 126 |
|
|
127 | 127 |
|
|
128 | 128 |
|
|
129 | 129 |
|
|
130 | 130 |
|
|
131 | 131 |
|
|
132 | 132 |
|
|
133 | 133 |
|
|
134 | 134 |
|
|
135 | 135 |
|
|
136 | 136 |
|
|
137 | 137 |
|
|
138 | 138 |
|
|
139 | 139 | |
|
140 | 140 | |
|
141 | 141 | def msg_wrapper(self, app, environ, start_response, messages=[]): |
|
142 | 142 | """ |
|
143 | 143 | Wrapper for custom messages that come out of mercurial respond messages |
|
144 | 144 | is a list of messages that the user will see at the end of response |
|
145 | 145 | from merurial protocol actions that involves remote answers |
|
146 | 146 | @param app: |
|
147 | 147 | @param environ: |
|
148 | 148 | @param start_response: |
|
149 | 149 | """ |
|
150 | 150 | def custom_messages(msg_list): |
|
151 | 151 | for msg in msg_list: |
|
152 | 152 | yield msg + '\n' |
|
153 | 153 | org_response = app(environ, start_response) |
|
154 | 154 | return chain(org_response, custom_messages(messages)) |
|
155 | 155 | |
|
156 | 156 | def __make_app(self): |
|
157 | 157 | hgserve = hgweb(str(self.repo_path), baseui=self.baseui) |
|
158 | 158 | return self.__load_web_settings(hgserve) |
|
159 | 159 | |
|
160 | 160 | def __get_environ_user(self, environ): |
|
161 | 161 | return environ.get('REMOTE_USER') |
|
162 | 162 | |
|
163 | def __get_user(self, username): | |
|
164 | return get_user_cached(username) | |
|
165 | ||
|
166 | ||
|
167 | ||
|
163 | 168 | def __get_size(self, repo_path, content_size): |
|
164 | 169 | size = int(content_size) |
|
165 | 170 | for path, dirs, files in os.walk(repo_path): |
|
166 | 171 | if path.find('.hg') == -1: |
|
167 | 172 | for f in files: |
|
168 | 173 | size += os.path.getsize(os.path.join(path, f)) |
|
169 | 174 | return size |
|
170 | 175 | return h.format_byte_size(size) |
|
171 | 176 | |
|
172 | 177 | def __get_action(self, environ): |
|
173 | 178 | """ |
|
174 | 179 | Maps mercurial request commands into a pull or push command. |
|
175 | 180 | @param environ: |
|
176 | 181 | """ |
|
177 | 182 | mapping = {'changegroup': 'pull', |
|
178 | 183 | 'changegroupsubset': 'pull', |
|
179 | 184 | 'stream_out': 'pull', |
|
180 | 185 | 'listkeys': 'pull', |
|
181 | 186 | 'unbundle': 'push', |
|
182 | 187 | 'pushkey': 'push', } |
|
183 | 188 | |
|
184 | 189 | for qry in environ['QUERY_STRING'].split('&'): |
|
185 | 190 | if qry.startswith('cmd'): |
|
186 | 191 | cmd = qry.split('=')[-1] |
|
187 | 192 | if mapping.has_key(cmd): |
|
188 | 193 | return mapping[cmd] |
|
189 | 194 | |
|
190 | 195 | def __log_user_action(self, user, action, repo, ipaddr): |
|
191 | 196 | sa = meta.Session |
|
192 | 197 | try: |
|
193 | 198 | user_log = UserLog() |
|
194 | 199 | user_log.user_id = user.user_id |
|
195 | 200 | user_log.action = action |
|
196 | 201 | user_log.repository = repo.replace('/', '') |
|
197 | 202 | user_log.action_date = datetime.now() |
|
198 | 203 | user_log.user_ip = ipaddr |
|
199 | 204 | sa.add(user_log) |
|
200 | 205 | sa.commit() |
|
201 | 206 | log.info('Adding user %s, action %s on %s', |
|
202 | 207 | user.username, action, repo) |
|
203 | 208 | except Exception as e: |
|
204 | 209 | sa.rollback() |
|
205 | 210 | log.error('could not log user action:%s', str(e)) |
|
206 | 211 | |
|
207 | 212 | def __invalidate_cache(self, repo_name): |
|
208 | 213 | """we know that some change was made to repositories and we should |
|
209 | 214 | invalidate the cache to see the changes right away but only for |
|
210 | 215 | push requests""" |
|
211 | 216 | invalidate_cache('cached_repo_list') |
|
212 | 217 | invalidate_cache('full_changelog', repo_name) |
|
213 | 218 | |
|
214 | 219 | |
|
215 | 220 | def __load_web_settings(self, hgserve): |
|
216 | 221 | #set the global ui for hgserve |
|
217 | 222 | hgserve.repo.ui = self.baseui |
|
218 | 223 | |
|
219 | 224 | hgrc = os.path.join(self.repo_path, '.hg', 'hgrc') |
|
220 | 225 | repoui = make_ui('file', hgrc, False) |
|
221 | 226 | |
|
222 | 227 | if repoui: |
|
223 | 228 | #set the repository based config |
|
224 | 229 | hgserve.repo.ui = repoui |
|
225 | 230 | |
|
226 | 231 | return hgserve |
@@ -1,189 +1,194 b'' | |||
|
1 | 1 | #!/usr/bin/env python |
|
2 | 2 | # encoding: utf-8 |
|
3 | 3 | # Utilities for hg app |
|
4 | 4 | # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> |
|
5 | 5 | # This program is free software; you can redistribute it and/or |
|
6 | 6 | # modify it under the terms of the GNU General Public License |
|
7 | 7 | # as published by the Free Software Foundation; version 2 |
|
8 | 8 | # of the License or (at your opinion) any later version of the license. |
|
9 | 9 | # |
|
10 | 10 | # This program is distributed in the hope that it will be useful, |
|
11 | 11 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
12 | 12 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
13 | 13 | # GNU General Public License for more details. |
|
14 | 14 | # |
|
15 | 15 | # You should have received a copy of the GNU General Public License |
|
16 | 16 | # along with this program; if not, write to the Free Software |
|
17 | 17 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
18 | 18 | # MA 02110-1301, USA. |
|
19 | from beaker.cache import cache_region | |
|
19 | 20 | |
|
20 | 21 | """ |
|
21 | 22 | Created on April 18, 2010 |
|
22 | 23 | Utilities for hg app |
|
23 | 24 | @author: marcink |
|
24 | 25 | """ |
|
25 | 26 | |
|
26 | 27 | import os |
|
27 | 28 | import logging |
|
28 | 29 | from mercurial import ui, config, hg |
|
29 | 30 | from mercurial.error import RepoError |
|
30 | 31 | from pylons_app.model.db import Repository, User, HgAppUi |
|
31 | 32 | log = logging.getLogger(__name__) |
|
32 | 33 | |
|
33 | 34 | |
|
34 | 35 | def get_repo_slug(request): |
|
35 | 36 | return request.environ['pylons.routes_dict'].get('repo_name') |
|
36 | 37 | |
|
37 | 38 | def is_mercurial(environ): |
|
38 | 39 | """ |
|
39 | 40 | Returns True if request's target is mercurial server - header |
|
40 | 41 | ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``. |
|
41 | 42 | """ |
|
42 | 43 | http_accept = environ.get('HTTP_ACCEPT') |
|
43 | 44 | if http_accept and http_accept.startswith('application/mercurial'): |
|
44 | 45 | return True |
|
45 | 46 | return False |
|
46 | 47 | |
|
47 | 48 | def check_repo_dir(paths): |
|
48 | 49 | repos_path = paths[0][1].split('/') |
|
49 | 50 | if repos_path[-1] in ['*', '**']: |
|
50 | 51 | repos_path = repos_path[:-1] |
|
51 | 52 | if repos_path[0] != '/': |
|
52 | 53 | repos_path[0] = '/' |
|
53 | 54 | if not os.path.isdir(os.path.join(*repos_path)): |
|
54 | 55 | raise Exception('Not a valid repository in %s' % paths[0][1]) |
|
55 | 56 | |
|
56 | 57 | def check_repo_fast(repo_name, base_path): |
|
57 | 58 | if os.path.isdir(os.path.join(base_path, repo_name)):return False |
|
58 | 59 | return True |
|
59 | 60 | |
|
60 | 61 | def check_repo(repo_name, base_path, verify=True): |
|
61 | 62 | |
|
62 | 63 | repo_path = os.path.join(base_path, repo_name) |
|
63 | 64 | |
|
64 | 65 | try: |
|
65 | 66 | if not check_repo_fast(repo_name, base_path): |
|
66 | 67 | return False |
|
67 | 68 | r = hg.repository(ui.ui(), repo_path) |
|
68 | 69 | if verify: |
|
69 | 70 | hg.verify(r) |
|
70 | 71 | #here we hnow that repo exists it was verified |
|
71 | 72 | log.info('%s repo is already created', repo_name) |
|
72 | 73 | return False |
|
73 | 74 | except RepoError: |
|
74 | 75 | #it means that there is no valid repo there... |
|
75 | 76 | log.info('%s repo is free for creation', repo_name) |
|
76 | 77 | return True |
|
77 | 78 | |
|
79 | ||
|
80 | @cache_region('super_short_term', 'cached_hg_ui') | |
|
81 | def get_hg_ui_cached(): | |
|
82 | from pylons_app.model.meta import Session | |
|
83 | sa = Session() | |
|
84 | return sa.query(HgAppUi).all() | |
|
85 | ||
|
78 | 86 | def make_ui(read_from='file', path=None, checkpaths=True): |
|
79 | 87 | """ |
|
80 | 88 | A function that will read python rc files or database |
|
81 | 89 | and make an mercurial ui object from read options |
|
82 | 90 | |
|
83 | 91 | @param path: path to mercurial config file |
|
84 | 92 | @param checkpaths: check the path |
|
85 | 93 | @param read_from: read from 'file' or 'db' |
|
86 | 94 | """ |
|
87 | 95 | #propagated from mercurial documentation |
|
88 | 96 | sections = ['alias', 'auth', |
|
89 | 97 | 'decode/encode', 'defaults', |
|
90 | 98 | 'diff', 'email', |
|
91 | 99 | 'extensions', 'format', |
|
92 | 100 | 'merge-patterns', 'merge-tools', |
|
93 | 101 | 'hooks', 'http_proxy', |
|
94 | 102 | 'smtp', 'patch', |
|
95 | 103 | 'paths', 'profiling', |
|
96 | 104 | 'server', 'trusted', |
|
97 | 105 | 'ui', 'web', ] |
|
98 | 106 | baseui = ui.ui() |
|
99 | 107 | |
|
100 | 108 | |
|
101 | 109 | if read_from == 'file': |
|
102 | 110 | if not os.path.isfile(path): |
|
103 | 111 | log.warning('Unable to read config file %s' % path) |
|
104 | 112 | return False |
|
105 | 113 | |
|
106 | 114 | cfg = config.config() |
|
107 | 115 | cfg.read(path) |
|
108 | 116 | for section in sections: |
|
109 | 117 | for k, v in cfg.items(section): |
|
110 | 118 | baseui.setconfig(section, k, v) |
|
111 | 119 | if checkpaths:check_repo_dir(cfg.items('paths')) |
|
112 | 120 | |
|
113 | 121 | |
|
114 | 122 | elif read_from == 'db': |
|
115 | from pylons_app.model.meta import Session | |
|
116 | sa = Session() | |
|
117 | ||
|
118 | hg_ui = sa.query(HgAppUi).all() | |
|
123 | hg_ui = get_hg_ui_cached() | |
|
119 | 124 | for ui_ in hg_ui: |
|
120 | 125 | baseui.setconfig(ui_.ui_section, ui_.ui_key, ui_.ui_value) |
|
121 | 126 | |
|
122 | 127 | |
|
123 | 128 | return baseui |
|
124 | 129 | |
|
125 | 130 | |
|
126 | 131 | def set_hg_app_config(config): |
|
127 | 132 | config['hg_app_auth_realm'] = 'realm' |
|
128 | 133 | config['hg_app_name'] = 'app name' |
|
129 | 134 | |
|
130 | 135 | def invalidate_cache(name, *args): |
|
131 | 136 | """Invalidates given name cache""" |
|
132 | 137 | |
|
133 | 138 | from beaker.cache import region_invalidate |
|
134 | 139 | log.info('INVALIDATING CACHE FOR %s', name) |
|
135 | 140 | |
|
136 | 141 | """propagate our arguments to make sure invalidation works. First |
|
137 | 142 | argument has to be the name of cached func name give to cache decorator |
|
138 | 143 | without that the invalidation would not work""" |
|
139 | 144 | tmp = [name] |
|
140 | 145 | tmp.extend(args) |
|
141 | 146 | args = tuple(tmp) |
|
142 | 147 | |
|
143 | 148 | if name == 'cached_repo_list': |
|
144 | 149 | from pylons_app.model.hg_model import _get_repos_cached |
|
145 | 150 | region_invalidate(_get_repos_cached, None, *args) |
|
146 | 151 | |
|
147 | 152 | if name == 'full_changelog': |
|
148 | 153 | from pylons_app.model.hg_model import _full_changelog_cached |
|
149 | 154 | region_invalidate(_full_changelog_cached, None, *args) |
|
150 | 155 | |
|
151 | 156 | from vcs.backends.base import BaseChangeset |
|
152 | 157 | from vcs.utils.lazy import LazyProperty |
|
153 | 158 | class EmptyChangeset(BaseChangeset): |
|
154 | 159 | |
|
155 | 160 | revision = -1 |
|
156 | 161 | message = '' |
|
157 | 162 | |
|
158 | 163 | @LazyProperty |
|
159 | 164 | def raw_id(self): |
|
160 | 165 | """ |
|
161 | 166 | Returns raw string identifing this changeset, useful for web |
|
162 | 167 | representation. |
|
163 | 168 | """ |
|
164 | 169 | return '0' * 12 |
|
165 | 170 | |
|
166 | 171 | |
|
167 | 172 | def repo2db_mapper(initial_repo_list): |
|
168 | 173 | """ |
|
169 | 174 | maps all found repositories into db |
|
170 | 175 | """ |
|
171 | 176 | from pylons_app.model.meta import Session |
|
172 | 177 | from pylons_app.model.repo_model import RepoModel |
|
173 | 178 | |
|
174 | 179 | sa = Session() |
|
175 | 180 | user = sa.query(User).filter(User.admin == True).first() |
|
176 | 181 | |
|
177 | 182 | rm = RepoModel() |
|
178 | 183 | |
|
179 | 184 | for name, repo in initial_repo_list.items(): |
|
180 | 185 | if not sa.query(Repository).get(name): |
|
181 | 186 | log.info('repository %s not found creating default', name) |
|
182 | 187 | |
|
183 | 188 | form_data = { |
|
184 | 189 | 'repo_name':name, |
|
185 | 190 | 'description':repo.description if repo.description != 'unknown' else \ |
|
186 | 191 | 'auto description for %s' % name, |
|
187 | 192 | 'private':False |
|
188 | 193 | } |
|
189 | 194 | rm.create(form_data, user, just_db=True) |
General Comments 0
You need to be logged in to leave comments.
Login now