##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

auth: refactor to introduce @LoginRequired(allow_default_user=True) and deprecate @NotAnonymous()...
Mads Kiilerich -
r7019:aa25ef34 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -120,7 +120,7 b' def _journal_filter(user_log, search_ter'
120
120
121 class AdminController(BaseController):
121 class AdminController(BaseController):
122
122
123 @LoginRequired()
123 @LoginRequired(allow_default_user=True)
124 def _before(self, *args, **kwargs):
124 def _before(self, *args, **kwargs):
125 super(AdminController, self)._before(*args, **kwargs)
125 super(AdminController, self)._before(*args, **kwargs)
126
126
Show file before | Show file after | Hide comments
@@ -41,7 +41,7 b' from kallithea.model.meta import Session'
41 from kallithea.model.db import Gist, User
41 from kallithea.model.db import Gist, User
42 from kallithea.lib import helpers as h
42 from kallithea.lib import helpers as h
43 from kallithea.lib.base import BaseController, render, jsonify
43 from kallithea.lib.base import BaseController, render, jsonify
44 from kallithea.lib.auth import LoginRequired, NotAnonymous
44 from kallithea.lib.auth import LoginRequired
45 from kallithea.lib.utils2 import safe_int, safe_unicode, time_to_datetime
45 from kallithea.lib.utils2 import safe_int, safe_unicode, time_to_datetime
46 from kallithea.lib.page import Page
46 from kallithea.lib.page import Page
47 from sqlalchemy.sql.expression import or_
47 from sqlalchemy.sql.expression import or_
@@ -65,7 +65,7 b' class GistsController(BaseController):'
65 c.lifetime_values.append(extra_values)
65 c.lifetime_values.append(extra_values)
66 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
66 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
67
67
68 @LoginRequired()
68 @LoginRequired(allow_default_user=True)
69 def index(self):
69 def index(self):
70 not_default_user = not request.authuser.is_default_user
70 not_default_user = not request.authuser.is_default_user
71 c.show_private = request.GET.get('private') and not_default_user
71 c.show_private = request.GET.get('private') and not_default_user
@@ -100,7 +100,6 b' class GistsController(BaseController):'
100 return render('admin/gists/index.html')
100 return render('admin/gists/index.html')
101
101
102 @LoginRequired()
102 @LoginRequired()
103 @NotAnonymous()
104 def create(self):
103 def create(self):
105 self.__load_defaults()
104 self.__load_defaults()
106 gist_form = GistForm([x[0] for x in c.lifetime_values])()
105 gist_form = GistForm([x[0] for x in c.lifetime_values])()
@@ -143,13 +142,11 b' class GistsController(BaseController):'
143 raise HTTPFound(location=url('gist', gist_id=new_gist_id))
142 raise HTTPFound(location=url('gist', gist_id=new_gist_id))
144
143
145 @LoginRequired()
144 @LoginRequired()
146 @NotAnonymous()
147 def new(self, format='html'):
145 def new(self, format='html'):
148 self.__load_defaults()
146 self.__load_defaults()
149 return render('admin/gists/new.html')
147 return render('admin/gists/new.html')
150
148
151 @LoginRequired()
149 @LoginRequired()
152 @NotAnonymous()
153 def delete(self, gist_id):
150 def delete(self, gist_id):
154 gist = GistModel().get_gist(gist_id)
151 gist = GistModel().get_gist(gist_id)
155 owner = gist.owner_id == request.authuser.user_id
152 owner = gist.owner_id == request.authuser.user_id
@@ -162,7 +159,7 b' class GistsController(BaseController):'
162
159
163 raise HTTPFound(location=url('gists'))
160 raise HTTPFound(location=url('gists'))
164
161
165 @LoginRequired()
162 @LoginRequired(allow_default_user=True)
166 def show(self, gist_id, revision='tip', format='html', f_path=None):
163 def show(self, gist_id, revision='tip', format='html', f_path=None):
167 c.gist = Gist.get_or_404(gist_id)
164 c.gist = Gist.get_or_404(gist_id)
168
165
@@ -183,7 +180,6 b' class GistsController(BaseController):'
183 return render('admin/gists/show.html')
180 return render('admin/gists/show.html')
184
181
185 @LoginRequired()
182 @LoginRequired()
186 @NotAnonymous()
187 def edit(self, gist_id, format='html'):
183 def edit(self, gist_id, format='html'):
188 c.gist = Gist.get_or_404(gist_id)
184 c.gist = Gist.get_or_404(gist_id)
189
185
@@ -242,7 +238,6 b' class GistsController(BaseController):'
242 return rendered
238 return rendered
243
239
244 @LoginRequired()
240 @LoginRequired()
245 @NotAnonymous()
246 @jsonify
241 @jsonify
247 def check_revision(self, gist_id):
242 def check_revision(self, gist_id):
248 c.gist = Gist.get_or_404(gist_id)
243 c.gist = Gist.get_or_404(gist_id)
Show file before | Show file after | Hide comments
@@ -38,7 +38,7 b' from webob.exc import HTTPFound'
38 from kallithea.config.routing import url
38 from kallithea.config.routing import url
39 from kallithea.lib import helpers as h
39 from kallithea.lib import helpers as h
40 from kallithea.lib import auth_modules
40 from kallithea.lib import auth_modules
41 from kallithea.lib.auth import LoginRequired, NotAnonymous, AuthUser
41 from kallithea.lib.auth import LoginRequired, AuthUser
42 from kallithea.lib.base import BaseController, render
42 from kallithea.lib.base import BaseController, render
43 from kallithea.lib.utils2 import generate_api_key, safe_int
43 from kallithea.lib.utils2 import generate_api_key, safe_int
44 from kallithea.model.db import Repository, UserEmailMap, User, UserFollowing
44 from kallithea.model.db import Repository, UserEmailMap, User, UserFollowing
@@ -59,7 +59,6 b' class MyAccountController(BaseController'
59 # path_prefix='/admin', name_prefix='admin_')
59 # path_prefix='/admin', name_prefix='admin_')
60
60
61 @LoginRequired()
61 @LoginRequired()
62 @NotAnonymous()
63 def _before(self, *args, **kwargs):
62 def _before(self, *args, **kwargs):
64 super(MyAccountController, self)._before(*args, **kwargs)
63 super(MyAccountController, self)._before(*args, **kwargs)
65
64
Show file before | Show file after | Hide comments
@@ -35,7 +35,7 b' from webob.exc import HTTPBadRequest, HT'
35 from kallithea.model.db import Notification
35 from kallithea.model.db import Notification
36 from kallithea.model.notification import NotificationModel
36 from kallithea.model.notification import NotificationModel
37 from kallithea.model.meta import Session
37 from kallithea.model.meta import Session
38 from kallithea.lib.auth import LoginRequired, NotAnonymous
38 from kallithea.lib.auth import LoginRequired
39 from kallithea.lib.base import BaseController, render
39 from kallithea.lib.base import BaseController, render
40 from kallithea.lib import helpers as h
40 from kallithea.lib import helpers as h
41 from kallithea.lib.page import Page
41 from kallithea.lib.page import Page
@@ -53,7 +53,6 b' class NotificationsController(BaseContro'
53 # path_prefix='/_admin', name_prefix='_admin_')
53 # path_prefix='/_admin', name_prefix='_admin_')
54
54
55 @LoginRequired()
55 @LoginRequired()
56 @NotAnonymous()
57 def _before(self, *args, **kwargs):
56 def _before(self, *args, **kwargs):
58 super(NotificationsController, self)._before(*args, **kwargs)
57 super(NotificationsController, self)._before(*args, **kwargs)
59
58
Show file before | Show file after | Hide comments
@@ -58,7 +58,7 b' log = logging.getLogger(__name__)'
58
58
59 class RepoGroupsController(BaseController):
59 class RepoGroupsController(BaseController):
60
60
61 @LoginRequired()
61 @LoginRequired(allow_default_user=True)
62 def _before(self, *args, **kwargs):
62 def _before(self, *args, **kwargs):
63 super(RepoGroupsController, self)._before(*args, **kwargs)
63 super(RepoGroupsController, self)._before(*args, **kwargs)
64
64
Show file before | Show file after | Hide comments
@@ -60,7 +60,7 b' class ReposController(BaseRepoController'
60 # file has a resource setup:
60 # file has a resource setup:
61 # map.resource('repo', 'repos')
61 # map.resource('repo', 'repos')
62
62
63 @LoginRequired()
63 @LoginRequired(allow_default_user=True)
64 def _before(self, *args, **kwargs):
64 def _before(self, *args, **kwargs):
65 super(ReposController, self)._before(*args, **kwargs)
65 super(ReposController, self)._before(*args, **kwargs)
66
66
@@ -169,7 +169,6 b' class ReposController(BaseRepoController'
169 force_defaults=False)
169 force_defaults=False)
170
170
171 @LoginRequired()
171 @LoginRequired()
172 @NotAnonymous()
173 def repo_creating(self, repo_name):
172 def repo_creating(self, repo_name):
174 c.repo = repo_name
173 c.repo = repo_name
175 c.task_id = request.GET.get('task_id')
174 c.task_id = request.GET.get('task_id')
@@ -178,7 +177,6 b' class ReposController(BaseRepoController'
178 return render('admin/repos/repo_creating.html')
177 return render('admin/repos/repo_creating.html')
179
178
180 @LoginRequired()
179 @LoginRequired()
181 @NotAnonymous()
182 @jsonify
180 @jsonify
183 def repo_check(self, repo_name):
181 def repo_check(self, repo_name):
184 c.repo = repo_name
182 c.repo = repo_name
Show file before | Show file after | Hide comments
@@ -59,7 +59,7 b' class SettingsController(BaseController)'
59 # map.resource('setting', 'settings', controller='admin/settings',
59 # map.resource('setting', 'settings', controller='admin/settings',
60 # path_prefix='/admin', name_prefix='admin_')
60 # path_prefix='/admin', name_prefix='admin_')
61
61
62 @LoginRequired()
62 @LoginRequired(allow_default_user=True)
63 def _before(self, *args, **kwargs):
63 def _before(self, *args, **kwargs):
64 super(SettingsController, self)._before(*args, **kwargs)
64 super(SettingsController, self)._before(*args, **kwargs)
65
65
Show file before | Show file after | Hide comments
@@ -63,7 +63,7 b' log = logging.getLogger(__name__)'
63 class UserGroupsController(BaseController):
63 class UserGroupsController(BaseController):
64 """REST Controller styled on the Atom Publishing Protocol"""
64 """REST Controller styled on the Atom Publishing Protocol"""
65
65
66 @LoginRequired()
66 @LoginRequired(allow_default_user=True)
67 def _before(self, *args, **kwargs):
67 def _before(self, *args, **kwargs):
68 super(UserGroupsController, self)._before(*args, **kwargs)
68 super(UserGroupsController, self)._before(*args, **kwargs)
69 c.available_permissions = config['available_permissions']
69 c.available_permissions = config['available_permissions']
Show file before | Show file after | Hide comments
@@ -37,8 +37,7 b' from kallithea.lib.vcs.exceptions import'
37 ChangesetDoesNotExistError, EmptyRepositoryError
37 ChangesetDoesNotExistError, EmptyRepositoryError
38
38
39 import kallithea.lib.helpers as h
39 import kallithea.lib.helpers as h
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
41 NotAnonymous
42 from kallithea.lib.base import BaseRepoController, render, jsonify
41 from kallithea.lib.base import BaseRepoController, render, jsonify
43 from kallithea.lib.utils import action_logger
42 from kallithea.lib.utils import action_logger
44 from kallithea.lib.compat import OrderedDict
43 from kallithea.lib.compat import OrderedDict
@@ -348,7 +347,6 b' class ChangesetController(BaseRepoContro'
348 return self._index(revision, method='download')
347 return self._index(revision, method='download')
349
348
350 @LoginRequired()
349 @LoginRequired()
351 @NotAnonymous()
352 @HasRepoPermissionLevelDecorator('read')
350 @HasRepoPermissionLevelDecorator('read')
353 @jsonify
351 @jsonify
354 def comment(self, repo_name, revision):
352 def comment(self, repo_name, revision):
@@ -399,7 +397,6 b' class ChangesetController(BaseRepoContro'
399 return data
397 return data
400
398
401 @LoginRequired()
399 @LoginRequired()
402 @NotAnonymous()
403 @HasRepoPermissionLevelDecorator('read')
400 @HasRepoPermissionLevelDecorator('read')
404 @jsonify
401 @jsonify
405 def delete_comment(self, repo_name, comment_id):
402 def delete_comment(self, repo_name, comment_id):
Show file before | Show file after | Hide comments
@@ -38,7 +38,7 b' import kallithea.lib.helpers as h'
38
38
39 from kallithea.config.routing import url
39 from kallithea.config.routing import url
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
41 NotAnonymous, HasRepoPermissionLevel, HasPermissionAnyDecorator, HasPermissionAny
41 HasRepoPermissionLevel, HasPermissionAnyDecorator, HasPermissionAny
42 from kallithea.lib.base import BaseRepoController, render
42 from kallithea.lib.base import BaseRepoController, render
43 from kallithea.lib.page import Page
43 from kallithea.lib.page import Page
44 from kallithea.lib.utils2 import safe_int
44 from kallithea.lib.utils2 import safe_int
@@ -123,7 +123,6 b' class ForksController(BaseRepoController'
123 return render('/forks/forks.html')
123 return render('/forks/forks.html')
124
124
125 @LoginRequired()
125 @LoginRequired()
126 @NotAnonymous()
127 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
126 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
128 @HasRepoPermissionLevelDecorator('read')
127 @HasRepoPermissionLevelDecorator('read')
129 def fork(self, repo_name):
128 def fork(self, repo_name):
@@ -141,7 +140,6 b' class ForksController(BaseRepoController'
141 force_defaults=False)
140 force_defaults=False)
142
141
143 @LoginRequired()
142 @LoginRequired()
144 @NotAnonymous()
145 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
143 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
146 @HasRepoPermissionLevelDecorator('read')
144 @HasRepoPermissionLevelDecorator('read')
147 def fork_create(self, repo_name):
145 def fork_create(self, repo_name):
Show file before | Show file after | Hide comments
@@ -50,7 +50,7 b' class HomeController(BaseController):'
50 def about(self):
50 def about(self):
51 return render('/about.html')
51 return render('/about.html')
52
52
53 @LoginRequired()
53 @LoginRequired(allow_default_user=True)
54 def index(self):
54 def index(self):
55 c.group = None
55 c.group = None
56
56
@@ -63,7 +63,7 b' class HomeController(BaseController):'
63
63
64 return render('/index.html')
64 return render('/index.html')
65
65
66 @LoginRequired()
66 @LoginRequired(allow_default_user=True)
67 @jsonify
67 @jsonify
68 def repo_switcher_data(self):
68 def repo_switcher_data(self):
69 # wrapper for conditional cache
69 # wrapper for conditional cache
@@ -145,7 +145,7 b' class HomeController(BaseController):'
145 }
145 }
146 return data
146 return data
147
147
148 @LoginRequired()
148 @LoginRequired(allow_default_user=True)
149 @jsonify
149 @jsonify
150 def users_and_groups_data(self):
150 def users_and_groups_data(self):
151 """
151 """
Show file before | Show file after | Hide comments
@@ -46,7 +46,7 b' from kallithea.model.db import UserLog, '
46 from kallithea.model.meta import Session
46 from kallithea.model.meta import Session
47 from kallithea.model.repo import RepoModel
47 from kallithea.model.repo import RepoModel
48 import kallithea.lib.helpers as h
48 import kallithea.lib.helpers as h
49 from kallithea.lib.auth import LoginRequired, NotAnonymous
49 from kallithea.lib.auth import LoginRequired
50 from kallithea.lib.base import BaseController, render
50 from kallithea.lib.base import BaseController, render
51 from kallithea.lib.page import Page
51 from kallithea.lib.page import Page
52 from kallithea.lib.utils2 import safe_int, AttributeDict
52 from kallithea.lib.utils2 import safe_int, AttributeDict
@@ -191,7 +191,6 b' class JournalController(BaseController):'
191 return feed.writeString('utf-8')
191 return feed.writeString('utf-8')
192
192
193 @LoginRequired()
193 @LoginRequired()
194 @NotAnonymous()
195 def index(self):
194 def index(self):
196 # Return a rendered template
195 # Return a rendered template
197 p = safe_int(request.GET.get('page'), 1)
196 p = safe_int(request.GET.get('page'), 1)
@@ -223,7 +222,6 b' class JournalController(BaseController):'
223 return render('journal/journal.html')
222 return render('journal/journal.html')
224
223
225 @LoginRequired(api_access=True)
224 @LoginRequired(api_access=True)
226 @NotAnonymous()
227 def journal_atom(self):
225 def journal_atom(self):
228 """
226 """
229 Produce an atom-1.0 feed via feedgenerator module
227 Produce an atom-1.0 feed via feedgenerator module
@@ -235,7 +233,6 b' class JournalController(BaseController):'
235 return self._atom_feed(following, public=False)
233 return self._atom_feed(following, public=False)
236
234
237 @LoginRequired(api_access=True)
235 @LoginRequired(api_access=True)
238 @NotAnonymous()
239 def journal_rss(self):
236 def journal_rss(self):
240 """
237 """
241 Produce an rss feed via feedgenerator module
238 Produce an rss feed via feedgenerator module
@@ -247,7 +244,6 b' class JournalController(BaseController):'
247 return self._rss_feed(following, public=False)
244 return self._rss_feed(following, public=False)
248
245
249 @LoginRequired()
246 @LoginRequired()
250 @NotAnonymous()
251 def toggle_following(self):
247 def toggle_following(self):
252 user_id = request.POST.get('follows_user_id')
248 user_id = request.POST.get('follows_user_id')
253 if user_id:
249 if user_id:
@@ -273,7 +269,7 b' class JournalController(BaseController):'
273
269
274 raise HTTPBadRequest()
270 raise HTTPBadRequest()
275
271
276 @LoginRequired()
272 @LoginRequired(allow_default_user=True)
277 def public_journal(self):
273 def public_journal(self):
278 # Return a rendered template
274 # Return a rendered template
279 p = safe_int(request.GET.get('page'), 1)
275 p = safe_int(request.GET.get('page'), 1)
@@ -294,7 +290,7 b' class JournalController(BaseController):'
294
290
295 return render('journal/public_journal.html')
291 return render('journal/public_journal.html')
296
292
297 @LoginRequired(api_access=True)
293 @LoginRequired(api_access=True, allow_default_user=True)
298 def public_journal_atom(self):
294 def public_journal_atom(self):
299 """
295 """
300 Produce an atom-1.0 feed via feedgenerator module
296 Produce an atom-1.0 feed via feedgenerator module
@@ -306,7 +302,7 b' class JournalController(BaseController):'
306
302
307 return self._atom_feed(c.following)
303 return self._atom_feed(c.following)
308
304
309 @LoginRequired(api_access=True)
305 @LoginRequired(api_access=True, allow_default_user=True)
310 def public_journal_rss(self):
306 def public_journal_rss(self):
311 """
307 """
312 Produce an rss2 feed via feedgenerator module
308 Produce an rss2 feed via feedgenerator module
Show file before | Show file after | Hide comments
@@ -36,8 +36,7 b' from webob.exc import HTTPFound, HTTPNot'
36 from kallithea.config.routing import url
36 from kallithea.config.routing import url
37 from kallithea.lib import helpers as h
37 from kallithea.lib import helpers as h
38 from kallithea.lib import diffs
38 from kallithea.lib import diffs
39 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
39 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
40 NotAnonymous
41 from kallithea.lib.base import BaseRepoController, render, jsonify
40 from kallithea.lib.base import BaseRepoController, render, jsonify
42 from kallithea.lib.page import Page
41 from kallithea.lib.page import Page
43 from kallithea.lib.utils import action_logger
42 from kallithea.lib.utils import action_logger
@@ -218,7 +217,6 b' class PullrequestsController(BaseRepoCon'
218 return render('/pullrequests/pullrequest_show_all.html')
217 return render('/pullrequests/pullrequest_show_all.html')
219
218
220 @LoginRequired()
219 @LoginRequired()
221 @NotAnonymous()
222 def show_my(self):
220 def show_my(self):
223 c.closed = request.GET.get('closed') or ''
221 c.closed = request.GET.get('closed') or ''
224
222
@@ -244,7 +242,6 b' class PullrequestsController(BaseRepoCon'
244 return render('/pullrequests/pullrequest_show_my.html')
242 return render('/pullrequests/pullrequest_show_my.html')
245
243
246 @LoginRequired()
244 @LoginRequired()
247 @NotAnonymous()
248 @HasRepoPermissionLevelDecorator('read')
245 @HasRepoPermissionLevelDecorator('read')
249 def index(self):
246 def index(self):
250 org_repo = c.db_repo
247 org_repo = c.db_repo
@@ -300,7 +297,6 b' class PullrequestsController(BaseRepoCon'
300 return render('/pullrequests/pullrequest.html')
297 return render('/pullrequests/pullrequest.html')
301
298
302 @LoginRequired()
299 @LoginRequired()
303 @NotAnonymous()
304 @HasRepoPermissionLevelDecorator('read')
300 @HasRepoPermissionLevelDecorator('read')
305 @jsonify
301 @jsonify
306 def repo_info(self, repo_name):
302 def repo_info(self, repo_name):
@@ -313,7 +309,6 b' class PullrequestsController(BaseRepoCon'
313 }
309 }
314
310
315 @LoginRequired()
311 @LoginRequired()
316 @NotAnonymous()
317 @HasRepoPermissionLevelDecorator('read')
312 @HasRepoPermissionLevelDecorator('read')
318 def create(self, repo_name):
313 def create(self, repo_name):
319 repo = c.db_repo
314 repo = c.db_repo
@@ -383,7 +378,6 b' class PullrequestsController(BaseRepoCon'
383
378
384 # pullrequest_post for PR editing
379 # pullrequest_post for PR editing
385 @LoginRequired()
380 @LoginRequired()
386 @NotAnonymous()
387 @HasRepoPermissionLevelDecorator('read')
381 @HasRepoPermissionLevelDecorator('read')
388 def post(self, repo_name, pull_request_id):
382 def post(self, repo_name, pull_request_id):
389 pull_request = PullRequest.get_or_404(pull_request_id)
383 pull_request = PullRequest.get_or_404(pull_request_id)
@@ -440,7 +434,6 b' class PullrequestsController(BaseRepoCon'
440 raise HTTPFound(location=pull_request.url())
434 raise HTTPFound(location=pull_request.url())
441
435
442 @LoginRequired()
436 @LoginRequired()
443 @NotAnonymous()
444 @HasRepoPermissionLevelDecorator('read')
437 @HasRepoPermissionLevelDecorator('read')
445 @jsonify
438 @jsonify
446 def delete(self, repo_name, pull_request_id):
439 def delete(self, repo_name, pull_request_id):
@@ -633,7 +626,6 b' class PullrequestsController(BaseRepoCon'
633 return render('/pullrequests/pullrequest_show.html')
626 return render('/pullrequests/pullrequest_show.html')
634
627
635 @LoginRequired()
628 @LoginRequired()
636 @NotAnonymous()
637 @HasRepoPermissionLevelDecorator('read')
629 @HasRepoPermissionLevelDecorator('read')
638 @jsonify
630 @jsonify
639 def comment(self, repo_name, pull_request_id):
631 def comment(self, repo_name, pull_request_id):
@@ -718,7 +710,6 b' class PullrequestsController(BaseRepoCon'
718 return data
710 return data
719
711
720 @LoginRequired()
712 @LoginRequired()
721 @NotAnonymous()
722 @HasRepoPermissionLevelDecorator('read')
713 @HasRepoPermissionLevelDecorator('read')
723 @jsonify
714 @jsonify
724 def delete_comment(self, repo_name, comment_id):
715 def delete_comment(self, repo_name, comment_id):
Show file before | Show file after | Hide comments
@@ -49,7 +49,7 b' log = logging.getLogger(__name__)'
49
49
50 class SearchController(BaseRepoController):
50 class SearchController(BaseRepoController):
51
51
52 @LoginRequired()
52 @LoginRequired(allow_default_user=True)
53 def index(self, repo_name=None):
53 def index(self, repo_name=None):
54 c.repo_name = repo_name
54 c.repo_name = repo_name
55 c.formated_results = []
55 c.formated_results = []
Show file before | Show file after | Hide comments
@@ -43,8 +43,7 b' from kallithea.lib.vcs.exceptions import'
43 from kallithea.config.conf import ALL_READMES, ALL_EXTS, LANGUAGES_EXTENSIONS_MAP
43 from kallithea.config.conf import ALL_READMES, ALL_EXTS, LANGUAGES_EXTENSIONS_MAP
44 from kallithea.model.db import Statistics, CacheInvalidation, User
44 from kallithea.model.db import Statistics, CacheInvalidation, User
45 from kallithea.lib.utils2 import safe_int, safe_str
45 from kallithea.lib.utils2 import safe_int, safe_str
46 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
46 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
47 NotAnonymous
48 from kallithea.lib.base import BaseRepoController, render, jsonify
47 from kallithea.lib.base import BaseRepoController, render, jsonify
49 from kallithea.lib.vcs.backends.base import EmptyChangeset
48 from kallithea.lib.vcs.backends.base import EmptyChangeset
50 from kallithea.lib.markup_renderer import MarkupRenderer
49 from kallithea.lib.markup_renderer import MarkupRenderer
@@ -162,7 +161,6 b' class SummaryController(BaseRepoControll'
162 return render('summary/summary.html')
161 return render('summary/summary.html')
163
162
164 @LoginRequired()
163 @LoginRequired()
165 @NotAnonymous()
166 @HasRepoPermissionLevelDecorator('read')
164 @HasRepoPermissionLevelDecorator('read')
167 @jsonify
165 @jsonify
168 def repo_size(self, repo_name):
166 def repo_size(self, repo_name):
Show file before | Show file after | Hide comments
@@ -752,16 +752,20 b' def _redirect_to_login(message=None):'
752
752
753 # Use as decorator
753 # Use as decorator
754 class LoginRequired(object):
754 class LoginRequired(object):
755 """Client must be logged in as a valid User (but the "default" user,
755 """Client must be logged in as a valid User, or we'll redirect to the login
756 if enabled, is considered valid), or we'll redirect to the login page.
756 page.
757
758 If the "default" user is enabled and allow_default_user is true, that is
759 considered valid too.
757
760
758 Also checks that IP address is allowed, and if using API key instead
761 Also checks that IP address is allowed, and if using API key instead
759 of regular cookie authentication, checks that API key access is allowed
762 of regular cookie authentication, checks that API key access is allowed
760 (based on `api_access` parameter and the API view whitelist).
763 (based on `api_access` parameter and the API view whitelist).
761 """
764 """
762
765
763 def __init__(self, api_access=False):
766 def __init__(self, api_access=False, allow_default_user=False):
764 self.api_access = api_access
767 self.api_access = api_access
768 self.allow_default_user = allow_default_user
765
769
766 def __call__(self, func):
770 def __call__(self, func):
767 return decorator(self.__wrapper, func)
771 return decorator(self.__wrapper, func)
@@ -801,9 +805,14 b' class LoginRequired(object):'
801 raise HTTPForbidden()
805 raise HTTPForbidden()
802
806
803 # regular user authentication
807 # regular user authentication
804 if user.is_authenticated or user.is_default_user:
808 if user.is_authenticated:
805 log.info('user %s authenticated with regular auth @ %s', user, loc)
809 log.info('user %s authenticated with regular auth @ %s', user, loc)
806 return func(*fargs, **fkwargs)
810 return func(*fargs, **fkwargs)
811 elif user.is_default_user:
812 if self.allow_default_user:
813 log.info('default user @ %s', loc)
814 return func(*fargs, **fkwargs)
815 log.info('default user is not accepted here @ %s', loc)
807 else:
816 else:
808 log.warning('user %s NOT authenticated with regular auth @ %s', user, loc)
817 log.warning('user %s NOT authenticated with regular auth @ %s', user, loc)
809 raise _redirect_to_login()
818 raise _redirect_to_login()
General Comments 0
You need to be logged in to leave comments. Login now