##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal...
marcink -
r1120:a8d75961 beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -39,7 +39,7 b' log = logging.getLogger(__name__)'
39
39
40 class FeedController(BaseRepoController):
40 class FeedController(BaseRepoController):
41
41
42 @LoginRequired()
42 @LoginRequired(api_access=True)
43 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
43 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
44 'repository.admin')
44 'repository.admin')
45 def __before__(self):
45 def __before__(self):
Show file before | Show file after | Hide comments
@@ -46,7 +46,7 b' log = logging.getLogger(__name__)'
46 class JournalController(BaseController):
46 class JournalController(BaseController):
47
47
48
48
49 @LoginRequired()
49
50 def __before__(self):
50 def __before__(self):
51 super(JournalController, self).__before__()
51 super(JournalController, self).__before__()
52 c.rhodecode_user = self.rhodecode_user
52 c.rhodecode_user = self.rhodecode_user
@@ -55,6 +55,7 b' class JournalController(BaseController):'
55 self.ttl = "5"
55 self.ttl = "5"
56 self.feed_nr = 20
56 self.feed_nr = 20
57
57
58 @LoginRequired()
58 @NotAnonymous()
59 @NotAnonymous()
59 def index(self):
60 def index(self):
60 # Return a rendered template
61 # Return a rendered template
@@ -117,6 +118,7 b' class JournalController(BaseController):'
117
118
118 return journal
119 return journal
119
120
121 @LoginRequired()
120 @NotAnonymous()
122 @NotAnonymous()
121 def toggle_following(self):
123 def toggle_following(self):
122 cur_token = request.POST.get('auth_token')
124 cur_token = request.POST.get('auth_token')
@@ -147,7 +149,7 b' class JournalController(BaseController):'
147
149
148
150
149
151
150
152 @LoginRequired()
151 def public_journal(self):
153 def public_journal(self):
152 # Return a rendered template
154 # Return a rendered template
153 p = int(request.params.get('page', 1))
155 p = int(request.params.get('page', 1))
@@ -169,7 +171,7 b' class JournalController(BaseController):'
169 return render('journal/public_journal.html')
171 return render('journal/public_journal.html')
170
172
171
173
172
174 @LoginRequired(api_access=True)
173 def public_journal_atom(self):
175 def public_journal_atom(self):
174 """
176 """
175 Produce an atom-1.0 feed via feedgenerator module
177 Produce an atom-1.0 feed via feedgenerator module
@@ -203,6 +205,7 b' class JournalController(BaseController):'
203 response.content_type = feed.mime_type
205 response.content_type = feed.mime_type
204 return feed.writeString('utf-8')
206 return feed.writeString('utf-8')
205
207
208 @LoginRequired(api_access=True)
206 def public_journal_rss(self):
209 def public_journal_rss(self):
207 """
210 """
208 Produce an rss2 feed via feedgenerator module
211 Produce an rss2 feed via feedgenerator module
Show file before | Show file after | Hide comments
@@ -230,7 +230,7 b' class AuthUser(object):'
230 def __init__(self, user_id=None, api_key=None):
230 def __init__(self, user_id=None, api_key=None):
231
231
232 self.user_id = user_id
232 self.user_id = user_id
233 self.api_key = api_key
233 self.api_key = None
234
234
235 self.username = 'None'
235 self.username = 'None'
236 self.name = ''
236 self.name = ''
@@ -239,19 +239,19 b' class AuthUser(object):'
239 self.is_authenticated = False
239 self.is_authenticated = False
240 self.admin = False
240 self.admin = False
241 self.permissions = {}
241 self.permissions = {}
242 self._api_key = api_key
242 self.propagate_data()
243 self.propagate_data()
243
244
244
245
245 def propagate_data(self):
246 def propagate_data(self):
246 user_model = UserModel()
247 user_model = UserModel()
247 if self.api_key:
248 self.anonymous_user = user_model.get_by_username('default', cache=True)
249 if self._api_key:
248 #try go get user by api key
250 #try go get user by api key
249 log.debug('Auth User lookup by API KEY %s', self.api_key)
251 log.debug('Auth User lookup by API KEY %s', self._api_key)
250 user_model.fill_data(self, api_key=self.api_key)
252 user_model.fill_data(self, api_key=self._api_key)
251 else:
253 else:
252 log.debug('Auth User lookup by USER ID %s', self.user_id)
254 log.debug('Auth User lookup by USER ID %s', self.user_id)
253 self.anonymous_user = user_model.get_by_username('default', cache=True)
254
255 if self.user_id is not None and self.user_id != self.anonymous_user.user_id:
255 if self.user_id is not None and self.user_id != self.anonymous_user.user_id:
256 user_model.fill_data(self, user_id=self.user_id)
256 user_model.fill_data(self, user_id=self.user_id)
257 else:
257 else:
Show file before | Show file after | Hide comments
@@ -230,7 +230,7 b' class UserModel(BaseModel):'
230 :param user_id: user id to fetch by
230 :param user_id: user id to fetch by
231 :param api_key: api key to fetch by
231 :param api_key: api key to fetch by
232 """
232 """
233 if not user_id and not not api_key:
233 if user_id is None and api_key is None:
234 raise Exception('You need to pass user_id or api_key')
234 raise Exception('You need to pass user_id or api_key')
235
235
236 try:
236 try:
@@ -239,9 +239,10 b' class UserModel(BaseModel):'
239 else:
239 else:
240 dbuser = self.get(user_id)
240 dbuser = self.get(user_id)
241
241
242 log.debug('filling %s data', dbuser)
242 if dbuser is not None:
243 for k, v in dbuser.get_dict().items():
243 log.debug('filling %s data', dbuser)
244 setattr(auth_user, k, v)
244 for k, v in dbuser.get_dict().items():
245 setattr(auth_user, k, v)
245
246
246 except:
247 except:
247 log.error(traceback.format_exc())
248 log.error(traceback.format_exc())
General Comments 0
You need to be logged in to leave comments. Login now