Show More
@@ -120,7 +120,7 b' def _journal_filter(user_log, search_ter' | |||||
120 |
|
120 | |||
121 | class AdminController(BaseController): |
|
121 | class AdminController(BaseController): | |
122 |
|
122 | |||
123 | @LoginRequired() |
|
123 | @LoginRequired(allow_default_user=True) | |
124 | def _before(self, *args, **kwargs): |
|
124 | def _before(self, *args, **kwargs): | |
125 | super(AdminController, self)._before(*args, **kwargs) |
|
125 | super(AdminController, self)._before(*args, **kwargs) | |
126 |
|
126 |
@@ -41,7 +41,7 b' from kallithea.model.meta import Session' | |||||
41 | from kallithea.model.db import Gist, User |
|
41 | from kallithea.model.db import Gist, User | |
42 | from kallithea.lib import helpers as h |
|
42 | from kallithea.lib import helpers as h | |
43 | from kallithea.lib.base import BaseController, render, jsonify |
|
43 | from kallithea.lib.base import BaseController, render, jsonify | |
44 |
from kallithea.lib.auth import LoginRequired |
|
44 | from kallithea.lib.auth import LoginRequired | |
45 | from kallithea.lib.utils2 import safe_int, safe_unicode, time_to_datetime |
|
45 | from kallithea.lib.utils2 import safe_int, safe_unicode, time_to_datetime | |
46 | from kallithea.lib.page import Page |
|
46 | from kallithea.lib.page import Page | |
47 | from sqlalchemy.sql.expression import or_ |
|
47 | from sqlalchemy.sql.expression import or_ | |
@@ -65,7 +65,7 b' class GistsController(BaseController):' | |||||
65 | c.lifetime_values.append(extra_values) |
|
65 | c.lifetime_values.append(extra_values) | |
66 | c.lifetime_options = [(c.lifetime_values, _("Lifetime"))] |
|
66 | c.lifetime_options = [(c.lifetime_values, _("Lifetime"))] | |
67 |
|
67 | |||
68 | @LoginRequired() |
|
68 | @LoginRequired(allow_default_user=True) | |
69 | def index(self): |
|
69 | def index(self): | |
70 | not_default_user = not request.authuser.is_default_user |
|
70 | not_default_user = not request.authuser.is_default_user | |
71 | c.show_private = request.GET.get('private') and not_default_user |
|
71 | c.show_private = request.GET.get('private') and not_default_user | |
@@ -100,7 +100,6 b' class GistsController(BaseController):' | |||||
100 | return render('admin/gists/index.html') |
|
100 | return render('admin/gists/index.html') | |
101 |
|
101 | |||
102 | @LoginRequired() |
|
102 | @LoginRequired() | |
103 | @NotAnonymous() |
|
|||
104 | def create(self): |
|
103 | def create(self): | |
105 | self.__load_defaults() |
|
104 | self.__load_defaults() | |
106 | gist_form = GistForm([x[0] for x in c.lifetime_values])() |
|
105 | gist_form = GistForm([x[0] for x in c.lifetime_values])() | |
@@ -143,13 +142,11 b' class GistsController(BaseController):' | |||||
143 | raise HTTPFound(location=url('gist', gist_id=new_gist_id)) |
|
142 | raise HTTPFound(location=url('gist', gist_id=new_gist_id)) | |
144 |
|
143 | |||
145 | @LoginRequired() |
|
144 | @LoginRequired() | |
146 | @NotAnonymous() |
|
|||
147 | def new(self, format='html'): |
|
145 | def new(self, format='html'): | |
148 | self.__load_defaults() |
|
146 | self.__load_defaults() | |
149 | return render('admin/gists/new.html') |
|
147 | return render('admin/gists/new.html') | |
150 |
|
148 | |||
151 | @LoginRequired() |
|
149 | @LoginRequired() | |
152 | @NotAnonymous() |
|
|||
153 | def delete(self, gist_id): |
|
150 | def delete(self, gist_id): | |
154 | gist = GistModel().get_gist(gist_id) |
|
151 | gist = GistModel().get_gist(gist_id) | |
155 | owner = gist.owner_id == request.authuser.user_id |
|
152 | owner = gist.owner_id == request.authuser.user_id | |
@@ -162,7 +159,7 b' class GistsController(BaseController):' | |||||
162 |
|
159 | |||
163 | raise HTTPFound(location=url('gists')) |
|
160 | raise HTTPFound(location=url('gists')) | |
164 |
|
161 | |||
165 | @LoginRequired() |
|
162 | @LoginRequired(allow_default_user=True) | |
166 | def show(self, gist_id, revision='tip', format='html', f_path=None): |
|
163 | def show(self, gist_id, revision='tip', format='html', f_path=None): | |
167 | c.gist = Gist.get_or_404(gist_id) |
|
164 | c.gist = Gist.get_or_404(gist_id) | |
168 |
|
165 | |||
@@ -183,7 +180,6 b' class GistsController(BaseController):' | |||||
183 | return render('admin/gists/show.html') |
|
180 | return render('admin/gists/show.html') | |
184 |
|
181 | |||
185 | @LoginRequired() |
|
182 | @LoginRequired() | |
186 | @NotAnonymous() |
|
|||
187 | def edit(self, gist_id, format='html'): |
|
183 | def edit(self, gist_id, format='html'): | |
188 | c.gist = Gist.get_or_404(gist_id) |
|
184 | c.gist = Gist.get_or_404(gist_id) | |
189 |
|
185 | |||
@@ -242,7 +238,6 b' class GistsController(BaseController):' | |||||
242 | return rendered |
|
238 | return rendered | |
243 |
|
239 | |||
244 | @LoginRequired() |
|
240 | @LoginRequired() | |
245 | @NotAnonymous() |
|
|||
246 | @jsonify |
|
241 | @jsonify | |
247 | def check_revision(self, gist_id): |
|
242 | def check_revision(self, gist_id): | |
248 | c.gist = Gist.get_or_404(gist_id) |
|
243 | c.gist = Gist.get_or_404(gist_id) |
@@ -38,7 +38,7 b' from webob.exc import HTTPFound' | |||||
38 | from kallithea.config.routing import url |
|
38 | from kallithea.config.routing import url | |
39 | from kallithea.lib import helpers as h |
|
39 | from kallithea.lib import helpers as h | |
40 | from kallithea.lib import auth_modules |
|
40 | from kallithea.lib import auth_modules | |
41 |
from kallithea.lib.auth import LoginRequired, |
|
41 | from kallithea.lib.auth import LoginRequired, AuthUser | |
42 | from kallithea.lib.base import BaseController, render |
|
42 | from kallithea.lib.base import BaseController, render | |
43 | from kallithea.lib.utils2 import generate_api_key, safe_int |
|
43 | from kallithea.lib.utils2 import generate_api_key, safe_int | |
44 | from kallithea.model.db import Repository, UserEmailMap, User, UserFollowing |
|
44 | from kallithea.model.db import Repository, UserEmailMap, User, UserFollowing | |
@@ -59,7 +59,6 b' class MyAccountController(BaseController' | |||||
59 | # path_prefix='/admin', name_prefix='admin_') |
|
59 | # path_prefix='/admin', name_prefix='admin_') | |
60 |
|
60 | |||
61 | @LoginRequired() |
|
61 | @LoginRequired() | |
62 | @NotAnonymous() |
|
|||
63 | def _before(self, *args, **kwargs): |
|
62 | def _before(self, *args, **kwargs): | |
64 | super(MyAccountController, self)._before(*args, **kwargs) |
|
63 | super(MyAccountController, self)._before(*args, **kwargs) | |
65 |
|
64 |
@@ -35,7 +35,7 b' from webob.exc import HTTPBadRequest, HT' | |||||
35 | from kallithea.model.db import Notification |
|
35 | from kallithea.model.db import Notification | |
36 | from kallithea.model.notification import NotificationModel |
|
36 | from kallithea.model.notification import NotificationModel | |
37 | from kallithea.model.meta import Session |
|
37 | from kallithea.model.meta import Session | |
38 |
from kallithea.lib.auth import LoginRequired |
|
38 | from kallithea.lib.auth import LoginRequired | |
39 | from kallithea.lib.base import BaseController, render |
|
39 | from kallithea.lib.base import BaseController, render | |
40 | from kallithea.lib import helpers as h |
|
40 | from kallithea.lib import helpers as h | |
41 | from kallithea.lib.page import Page |
|
41 | from kallithea.lib.page import Page | |
@@ -53,7 +53,6 b' class NotificationsController(BaseContro' | |||||
53 | # path_prefix='/_admin', name_prefix='_admin_') |
|
53 | # path_prefix='/_admin', name_prefix='_admin_') | |
54 |
|
54 | |||
55 | @LoginRequired() |
|
55 | @LoginRequired() | |
56 | @NotAnonymous() |
|
|||
57 | def _before(self, *args, **kwargs): |
|
56 | def _before(self, *args, **kwargs): | |
58 | super(NotificationsController, self)._before(*args, **kwargs) |
|
57 | super(NotificationsController, self)._before(*args, **kwargs) | |
59 |
|
58 |
@@ -58,7 +58,7 b' log = logging.getLogger(__name__)' | |||||
58 |
|
58 | |||
59 | class RepoGroupsController(BaseController): |
|
59 | class RepoGroupsController(BaseController): | |
60 |
|
60 | |||
61 | @LoginRequired() |
|
61 | @LoginRequired(allow_default_user=True) | |
62 | def _before(self, *args, **kwargs): |
|
62 | def _before(self, *args, **kwargs): | |
63 | super(RepoGroupsController, self)._before(*args, **kwargs) |
|
63 | super(RepoGroupsController, self)._before(*args, **kwargs) | |
64 |
|
64 |
@@ -60,7 +60,7 b' class ReposController(BaseRepoController' | |||||
60 | # file has a resource setup: |
|
60 | # file has a resource setup: | |
61 | # map.resource('repo', 'repos') |
|
61 | # map.resource('repo', 'repos') | |
62 |
|
62 | |||
63 | @LoginRequired() |
|
63 | @LoginRequired(allow_default_user=True) | |
64 | def _before(self, *args, **kwargs): |
|
64 | def _before(self, *args, **kwargs): | |
65 | super(ReposController, self)._before(*args, **kwargs) |
|
65 | super(ReposController, self)._before(*args, **kwargs) | |
66 |
|
66 | |||
@@ -169,7 +169,6 b' class ReposController(BaseRepoController' | |||||
169 | force_defaults=False) |
|
169 | force_defaults=False) | |
170 |
|
170 | |||
171 | @LoginRequired() |
|
171 | @LoginRequired() | |
172 | @NotAnonymous() |
|
|||
173 | def repo_creating(self, repo_name): |
|
172 | def repo_creating(self, repo_name): | |
174 | c.repo = repo_name |
|
173 | c.repo = repo_name | |
175 | c.task_id = request.GET.get('task_id') |
|
174 | c.task_id = request.GET.get('task_id') | |
@@ -178,7 +177,6 b' class ReposController(BaseRepoController' | |||||
178 | return render('admin/repos/repo_creating.html') |
|
177 | return render('admin/repos/repo_creating.html') | |
179 |
|
178 | |||
180 | @LoginRequired() |
|
179 | @LoginRequired() | |
181 | @NotAnonymous() |
|
|||
182 | @jsonify |
|
180 | @jsonify | |
183 | def repo_check(self, repo_name): |
|
181 | def repo_check(self, repo_name): | |
184 | c.repo = repo_name |
|
182 | c.repo = repo_name |
@@ -59,7 +59,7 b' class SettingsController(BaseController)' | |||||
59 | # map.resource('setting', 'settings', controller='admin/settings', |
|
59 | # map.resource('setting', 'settings', controller='admin/settings', | |
60 | # path_prefix='/admin', name_prefix='admin_') |
|
60 | # path_prefix='/admin', name_prefix='admin_') | |
61 |
|
61 | |||
62 | @LoginRequired() |
|
62 | @LoginRequired(allow_default_user=True) | |
63 | def _before(self, *args, **kwargs): |
|
63 | def _before(self, *args, **kwargs): | |
64 | super(SettingsController, self)._before(*args, **kwargs) |
|
64 | super(SettingsController, self)._before(*args, **kwargs) | |
65 |
|
65 |
@@ -63,7 +63,7 b' log = logging.getLogger(__name__)' | |||||
63 | class UserGroupsController(BaseController): |
|
63 | class UserGroupsController(BaseController): | |
64 | """REST Controller styled on the Atom Publishing Protocol""" |
|
64 | """REST Controller styled on the Atom Publishing Protocol""" | |
65 |
|
65 | |||
66 | @LoginRequired() |
|
66 | @LoginRequired(allow_default_user=True) | |
67 | def _before(self, *args, **kwargs): |
|
67 | def _before(self, *args, **kwargs): | |
68 | super(UserGroupsController, self)._before(*args, **kwargs) |
|
68 | super(UserGroupsController, self)._before(*args, **kwargs) | |
69 | c.available_permissions = config['available_permissions'] |
|
69 | c.available_permissions = config['available_permissions'] |
@@ -37,8 +37,7 b' from kallithea.lib.vcs.exceptions import' | |||||
37 | ChangesetDoesNotExistError, EmptyRepositoryError |
|
37 | ChangesetDoesNotExistError, EmptyRepositoryError | |
38 |
|
38 | |||
39 | import kallithea.lib.helpers as h |
|
39 | import kallithea.lib.helpers as h | |
40 |
from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator |
|
40 | from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator | |
41 | NotAnonymous |
|
|||
42 | from kallithea.lib.base import BaseRepoController, render, jsonify |
|
41 | from kallithea.lib.base import BaseRepoController, render, jsonify | |
43 | from kallithea.lib.utils import action_logger |
|
42 | from kallithea.lib.utils import action_logger | |
44 | from kallithea.lib.compat import OrderedDict |
|
43 | from kallithea.lib.compat import OrderedDict | |
@@ -348,7 +347,6 b' class ChangesetController(BaseRepoContro' | |||||
348 | return self._index(revision, method='download') |
|
347 | return self._index(revision, method='download') | |
349 |
|
348 | |||
350 | @LoginRequired() |
|
349 | @LoginRequired() | |
351 | @NotAnonymous() |
|
|||
352 | @HasRepoPermissionLevelDecorator('read') |
|
350 | @HasRepoPermissionLevelDecorator('read') | |
353 | @jsonify |
|
351 | @jsonify | |
354 | def comment(self, repo_name, revision): |
|
352 | def comment(self, repo_name, revision): | |
@@ -399,7 +397,6 b' class ChangesetController(BaseRepoContro' | |||||
399 | return data |
|
397 | return data | |
400 |
|
398 | |||
401 | @LoginRequired() |
|
399 | @LoginRequired() | |
402 | @NotAnonymous() |
|
|||
403 | @HasRepoPermissionLevelDecorator('read') |
|
400 | @HasRepoPermissionLevelDecorator('read') | |
404 | @jsonify |
|
401 | @jsonify | |
405 | def delete_comment(self, repo_name, comment_id): |
|
402 | def delete_comment(self, repo_name, comment_id): |
@@ -38,7 +38,7 b' import kallithea.lib.helpers as h' | |||||
38 |
|
38 | |||
39 | from kallithea.config.routing import url |
|
39 | from kallithea.config.routing import url | |
40 | from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \ |
|
40 | from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \ | |
41 |
|
|
41 | HasRepoPermissionLevel, HasPermissionAnyDecorator, HasPermissionAny | |
42 | from kallithea.lib.base import BaseRepoController, render |
|
42 | from kallithea.lib.base import BaseRepoController, render | |
43 | from kallithea.lib.page import Page |
|
43 | from kallithea.lib.page import Page | |
44 | from kallithea.lib.utils2 import safe_int |
|
44 | from kallithea.lib.utils2 import safe_int | |
@@ -123,7 +123,6 b' class ForksController(BaseRepoController' | |||||
123 | return render('/forks/forks.html') |
|
123 | return render('/forks/forks.html') | |
124 |
|
124 | |||
125 | @LoginRequired() |
|
125 | @LoginRequired() | |
126 | @NotAnonymous() |
|
|||
127 | @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository') |
|
126 | @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository') | |
128 | @HasRepoPermissionLevelDecorator('read') |
|
127 | @HasRepoPermissionLevelDecorator('read') | |
129 | def fork(self, repo_name): |
|
128 | def fork(self, repo_name): | |
@@ -141,7 +140,6 b' class ForksController(BaseRepoController' | |||||
141 | force_defaults=False) |
|
140 | force_defaults=False) | |
142 |
|
141 | |||
143 | @LoginRequired() |
|
142 | @LoginRequired() | |
144 | @NotAnonymous() |
|
|||
145 | @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository') |
|
143 | @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository') | |
146 | @HasRepoPermissionLevelDecorator('read') |
|
144 | @HasRepoPermissionLevelDecorator('read') | |
147 | def fork_create(self, repo_name): |
|
145 | def fork_create(self, repo_name): |
@@ -50,7 +50,7 b' class HomeController(BaseController):' | |||||
50 | def about(self): |
|
50 | def about(self): | |
51 | return render('/about.html') |
|
51 | return render('/about.html') | |
52 |
|
52 | |||
53 | @LoginRequired() |
|
53 | @LoginRequired(allow_default_user=True) | |
54 | def index(self): |
|
54 | def index(self): | |
55 | c.group = None |
|
55 | c.group = None | |
56 |
|
56 | |||
@@ -63,7 +63,7 b' class HomeController(BaseController):' | |||||
63 |
|
63 | |||
64 | return render('/index.html') |
|
64 | return render('/index.html') | |
65 |
|
65 | |||
66 | @LoginRequired() |
|
66 | @LoginRequired(allow_default_user=True) | |
67 | @jsonify |
|
67 | @jsonify | |
68 | def repo_switcher_data(self): |
|
68 | def repo_switcher_data(self): | |
69 | # wrapper for conditional cache |
|
69 | # wrapper for conditional cache | |
@@ -145,7 +145,7 b' class HomeController(BaseController):' | |||||
145 | } |
|
145 | } | |
146 | return data |
|
146 | return data | |
147 |
|
147 | |||
148 | @LoginRequired() |
|
148 | @LoginRequired(allow_default_user=True) | |
149 | @jsonify |
|
149 | @jsonify | |
150 | def users_and_groups_data(self): |
|
150 | def users_and_groups_data(self): | |
151 | """ |
|
151 | """ |
@@ -46,7 +46,7 b' from kallithea.model.db import UserLog, ' | |||||
46 | from kallithea.model.meta import Session |
|
46 | from kallithea.model.meta import Session | |
47 | from kallithea.model.repo import RepoModel |
|
47 | from kallithea.model.repo import RepoModel | |
48 | import kallithea.lib.helpers as h |
|
48 | import kallithea.lib.helpers as h | |
49 |
from kallithea.lib.auth import LoginRequired |
|
49 | from kallithea.lib.auth import LoginRequired | |
50 | from kallithea.lib.base import BaseController, render |
|
50 | from kallithea.lib.base import BaseController, render | |
51 | from kallithea.lib.page import Page |
|
51 | from kallithea.lib.page import Page | |
52 | from kallithea.lib.utils2 import safe_int, AttributeDict |
|
52 | from kallithea.lib.utils2 import safe_int, AttributeDict | |
@@ -191,7 +191,6 b' class JournalController(BaseController):' | |||||
191 | return feed.writeString('utf-8') |
|
191 | return feed.writeString('utf-8') | |
192 |
|
192 | |||
193 | @LoginRequired() |
|
193 | @LoginRequired() | |
194 | @NotAnonymous() |
|
|||
195 | def index(self): |
|
194 | def index(self): | |
196 | # Return a rendered template |
|
195 | # Return a rendered template | |
197 | p = safe_int(request.GET.get('page'), 1) |
|
196 | p = safe_int(request.GET.get('page'), 1) | |
@@ -223,7 +222,6 b' class JournalController(BaseController):' | |||||
223 | return render('journal/journal.html') |
|
222 | return render('journal/journal.html') | |
224 |
|
223 | |||
225 | @LoginRequired(api_access=True) |
|
224 | @LoginRequired(api_access=True) | |
226 | @NotAnonymous() |
|
|||
227 | def journal_atom(self): |
|
225 | def journal_atom(self): | |
228 | """ |
|
226 | """ | |
229 | Produce an atom-1.0 feed via feedgenerator module |
|
227 | Produce an atom-1.0 feed via feedgenerator module | |
@@ -235,7 +233,6 b' class JournalController(BaseController):' | |||||
235 | return self._atom_feed(following, public=False) |
|
233 | return self._atom_feed(following, public=False) | |
236 |
|
234 | |||
237 | @LoginRequired(api_access=True) |
|
235 | @LoginRequired(api_access=True) | |
238 | @NotAnonymous() |
|
|||
239 | def journal_rss(self): |
|
236 | def journal_rss(self): | |
240 | """ |
|
237 | """ | |
241 | Produce an rss feed via feedgenerator module |
|
238 | Produce an rss feed via feedgenerator module | |
@@ -247,7 +244,6 b' class JournalController(BaseController):' | |||||
247 | return self._rss_feed(following, public=False) |
|
244 | return self._rss_feed(following, public=False) | |
248 |
|
245 | |||
249 | @LoginRequired() |
|
246 | @LoginRequired() | |
250 | @NotAnonymous() |
|
|||
251 | def toggle_following(self): |
|
247 | def toggle_following(self): | |
252 | user_id = request.POST.get('follows_user_id') |
|
248 | user_id = request.POST.get('follows_user_id') | |
253 | if user_id: |
|
249 | if user_id: | |
@@ -273,7 +269,7 b' class JournalController(BaseController):' | |||||
273 |
|
269 | |||
274 | raise HTTPBadRequest() |
|
270 | raise HTTPBadRequest() | |
275 |
|
271 | |||
276 | @LoginRequired() |
|
272 | @LoginRequired(allow_default_user=True) | |
277 | def public_journal(self): |
|
273 | def public_journal(self): | |
278 | # Return a rendered template |
|
274 | # Return a rendered template | |
279 | p = safe_int(request.GET.get('page'), 1) |
|
275 | p = safe_int(request.GET.get('page'), 1) | |
@@ -294,7 +290,7 b' class JournalController(BaseController):' | |||||
294 |
|
290 | |||
295 | return render('journal/public_journal.html') |
|
291 | return render('journal/public_journal.html') | |
296 |
|
292 | |||
297 | @LoginRequired(api_access=True) |
|
293 | @LoginRequired(api_access=True, allow_default_user=True) | |
298 | def public_journal_atom(self): |
|
294 | def public_journal_atom(self): | |
299 | """ |
|
295 | """ | |
300 | Produce an atom-1.0 feed via feedgenerator module |
|
296 | Produce an atom-1.0 feed via feedgenerator module | |
@@ -306,7 +302,7 b' class JournalController(BaseController):' | |||||
306 |
|
302 | |||
307 | return self._atom_feed(c.following) |
|
303 | return self._atom_feed(c.following) | |
308 |
|
304 | |||
309 | @LoginRequired(api_access=True) |
|
305 | @LoginRequired(api_access=True, allow_default_user=True) | |
310 | def public_journal_rss(self): |
|
306 | def public_journal_rss(self): | |
311 | """ |
|
307 | """ | |
312 | Produce an rss2 feed via feedgenerator module |
|
308 | Produce an rss2 feed via feedgenerator module |
@@ -36,8 +36,7 b' from webob.exc import HTTPFound, HTTPNot' | |||||
36 | from kallithea.config.routing import url |
|
36 | from kallithea.config.routing import url | |
37 | from kallithea.lib import helpers as h |
|
37 | from kallithea.lib import helpers as h | |
38 | from kallithea.lib import diffs |
|
38 | from kallithea.lib import diffs | |
39 |
from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator |
|
39 | from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator | |
40 | NotAnonymous |
|
|||
41 | from kallithea.lib.base import BaseRepoController, render, jsonify |
|
40 | from kallithea.lib.base import BaseRepoController, render, jsonify | |
42 | from kallithea.lib.page import Page |
|
41 | from kallithea.lib.page import Page | |
43 | from kallithea.lib.utils import action_logger |
|
42 | from kallithea.lib.utils import action_logger | |
@@ -218,7 +217,6 b' class PullrequestsController(BaseRepoCon' | |||||
218 | return render('/pullrequests/pullrequest_show_all.html') |
|
217 | return render('/pullrequests/pullrequest_show_all.html') | |
219 |
|
218 | |||
220 | @LoginRequired() |
|
219 | @LoginRequired() | |
221 | @NotAnonymous() |
|
|||
222 | def show_my(self): |
|
220 | def show_my(self): | |
223 | c.closed = request.GET.get('closed') or '' |
|
221 | c.closed = request.GET.get('closed') or '' | |
224 |
|
222 | |||
@@ -244,7 +242,6 b' class PullrequestsController(BaseRepoCon' | |||||
244 | return render('/pullrequests/pullrequest_show_my.html') |
|
242 | return render('/pullrequests/pullrequest_show_my.html') | |
245 |
|
243 | |||
246 | @LoginRequired() |
|
244 | @LoginRequired() | |
247 | @NotAnonymous() |
|
|||
248 | @HasRepoPermissionLevelDecorator('read') |
|
245 | @HasRepoPermissionLevelDecorator('read') | |
249 | def index(self): |
|
246 | def index(self): | |
250 | org_repo = c.db_repo |
|
247 | org_repo = c.db_repo | |
@@ -300,7 +297,6 b' class PullrequestsController(BaseRepoCon' | |||||
300 | return render('/pullrequests/pullrequest.html') |
|
297 | return render('/pullrequests/pullrequest.html') | |
301 |
|
298 | |||
302 | @LoginRequired() |
|
299 | @LoginRequired() | |
303 | @NotAnonymous() |
|
|||
304 | @HasRepoPermissionLevelDecorator('read') |
|
300 | @HasRepoPermissionLevelDecorator('read') | |
305 | @jsonify |
|
301 | @jsonify | |
306 | def repo_info(self, repo_name): |
|
302 | def repo_info(self, repo_name): | |
@@ -313,7 +309,6 b' class PullrequestsController(BaseRepoCon' | |||||
313 | } |
|
309 | } | |
314 |
|
310 | |||
315 | @LoginRequired() |
|
311 | @LoginRequired() | |
316 | @NotAnonymous() |
|
|||
317 | @HasRepoPermissionLevelDecorator('read') |
|
312 | @HasRepoPermissionLevelDecorator('read') | |
318 | def create(self, repo_name): |
|
313 | def create(self, repo_name): | |
319 | repo = c.db_repo |
|
314 | repo = c.db_repo | |
@@ -383,7 +378,6 b' class PullrequestsController(BaseRepoCon' | |||||
383 |
|
378 | |||
384 | # pullrequest_post for PR editing |
|
379 | # pullrequest_post for PR editing | |
385 | @LoginRequired() |
|
380 | @LoginRequired() | |
386 | @NotAnonymous() |
|
|||
387 | @HasRepoPermissionLevelDecorator('read') |
|
381 | @HasRepoPermissionLevelDecorator('read') | |
388 | def post(self, repo_name, pull_request_id): |
|
382 | def post(self, repo_name, pull_request_id): | |
389 | pull_request = PullRequest.get_or_404(pull_request_id) |
|
383 | pull_request = PullRequest.get_or_404(pull_request_id) | |
@@ -440,7 +434,6 b' class PullrequestsController(BaseRepoCon' | |||||
440 | raise HTTPFound(location=pull_request.url()) |
|
434 | raise HTTPFound(location=pull_request.url()) | |
441 |
|
435 | |||
442 | @LoginRequired() |
|
436 | @LoginRequired() | |
443 | @NotAnonymous() |
|
|||
444 | @HasRepoPermissionLevelDecorator('read') |
|
437 | @HasRepoPermissionLevelDecorator('read') | |
445 | @jsonify |
|
438 | @jsonify | |
446 | def delete(self, repo_name, pull_request_id): |
|
439 | def delete(self, repo_name, pull_request_id): | |
@@ -633,7 +626,6 b' class PullrequestsController(BaseRepoCon' | |||||
633 | return render('/pullrequests/pullrequest_show.html') |
|
626 | return render('/pullrequests/pullrequest_show.html') | |
634 |
|
627 | |||
635 | @LoginRequired() |
|
628 | @LoginRequired() | |
636 | @NotAnonymous() |
|
|||
637 | @HasRepoPermissionLevelDecorator('read') |
|
629 | @HasRepoPermissionLevelDecorator('read') | |
638 | @jsonify |
|
630 | @jsonify | |
639 | def comment(self, repo_name, pull_request_id): |
|
631 | def comment(self, repo_name, pull_request_id): | |
@@ -718,7 +710,6 b' class PullrequestsController(BaseRepoCon' | |||||
718 | return data |
|
710 | return data | |
719 |
|
711 | |||
720 | @LoginRequired() |
|
712 | @LoginRequired() | |
721 | @NotAnonymous() |
|
|||
722 | @HasRepoPermissionLevelDecorator('read') |
|
713 | @HasRepoPermissionLevelDecorator('read') | |
723 | @jsonify |
|
714 | @jsonify | |
724 | def delete_comment(self, repo_name, comment_id): |
|
715 | def delete_comment(self, repo_name, comment_id): |
@@ -49,7 +49,7 b' log = logging.getLogger(__name__)' | |||||
49 |
|
49 | |||
50 | class SearchController(BaseRepoController): |
|
50 | class SearchController(BaseRepoController): | |
51 |
|
51 | |||
52 | @LoginRequired() |
|
52 | @LoginRequired(allow_default_user=True) | |
53 | def index(self, repo_name=None): |
|
53 | def index(self, repo_name=None): | |
54 | c.repo_name = repo_name |
|
54 | c.repo_name = repo_name | |
55 | c.formated_results = [] |
|
55 | c.formated_results = [] |
@@ -43,8 +43,7 b' from kallithea.lib.vcs.exceptions import' | |||||
43 | from kallithea.config.conf import ALL_READMES, ALL_EXTS, LANGUAGES_EXTENSIONS_MAP |
|
43 | from kallithea.config.conf import ALL_READMES, ALL_EXTS, LANGUAGES_EXTENSIONS_MAP | |
44 | from kallithea.model.db import Statistics, CacheInvalidation, User |
|
44 | from kallithea.model.db import Statistics, CacheInvalidation, User | |
45 | from kallithea.lib.utils2 import safe_int, safe_str |
|
45 | from kallithea.lib.utils2 import safe_int, safe_str | |
46 |
from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator |
|
46 | from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator | |
47 | NotAnonymous |
|
|||
48 | from kallithea.lib.base import BaseRepoController, render, jsonify |
|
47 | from kallithea.lib.base import BaseRepoController, render, jsonify | |
49 | from kallithea.lib.vcs.backends.base import EmptyChangeset |
|
48 | from kallithea.lib.vcs.backends.base import EmptyChangeset | |
50 | from kallithea.lib.markup_renderer import MarkupRenderer |
|
49 | from kallithea.lib.markup_renderer import MarkupRenderer | |
@@ -162,7 +161,6 b' class SummaryController(BaseRepoControll' | |||||
162 | return render('summary/summary.html') |
|
161 | return render('summary/summary.html') | |
163 |
|
162 | |||
164 | @LoginRequired() |
|
163 | @LoginRequired() | |
165 | @NotAnonymous() |
|
|||
166 | @HasRepoPermissionLevelDecorator('read') |
|
164 | @HasRepoPermissionLevelDecorator('read') | |
167 | @jsonify |
|
165 | @jsonify | |
168 | def repo_size(self, repo_name): |
|
166 | def repo_size(self, repo_name): |
@@ -752,16 +752,20 b' def _redirect_to_login(message=None):' | |||||
752 |
|
752 | |||
753 | # Use as decorator |
|
753 | # Use as decorator | |
754 | class LoginRequired(object): |
|
754 | class LoginRequired(object): | |
755 |
"""Client must be logged in as a valid User |
|
755 | """Client must be logged in as a valid User, or we'll redirect to the login | |
756 | if enabled, is considered valid), or we'll redirect to the login page. |
|
756 | page. | |
|
757 | ||||
|
758 | If the "default" user is enabled and allow_default_user is true, that is | |||
|
759 | considered valid too. | |||
757 |
|
760 | |||
758 | Also checks that IP address is allowed, and if using API key instead |
|
761 | Also checks that IP address is allowed, and if using API key instead | |
759 | of regular cookie authentication, checks that API key access is allowed |
|
762 | of regular cookie authentication, checks that API key access is allowed | |
760 | (based on `api_access` parameter and the API view whitelist). |
|
763 | (based on `api_access` parameter and the API view whitelist). | |
761 | """ |
|
764 | """ | |
762 |
|
765 | |||
763 | def __init__(self, api_access=False): |
|
766 | def __init__(self, api_access=False, allow_default_user=False): | |
764 | self.api_access = api_access |
|
767 | self.api_access = api_access | |
|
768 | self.allow_default_user = allow_default_user | |||
765 |
|
769 | |||
766 | def __call__(self, func): |
|
770 | def __call__(self, func): | |
767 | return decorator(self.__wrapper, func) |
|
771 | return decorator(self.__wrapper, func) | |
@@ -801,9 +805,14 b' class LoginRequired(object):' | |||||
801 | raise HTTPForbidden() |
|
805 | raise HTTPForbidden() | |
802 |
|
806 | |||
803 | # regular user authentication |
|
807 | # regular user authentication | |
804 |
if user.is_authenticated |
|
808 | if user.is_authenticated: | |
805 | log.info('user %s authenticated with regular auth @ %s', user, loc) |
|
809 | log.info('user %s authenticated with regular auth @ %s', user, loc) | |
806 | return func(*fargs, **fkwargs) |
|
810 | return func(*fargs, **fkwargs) | |
|
811 | elif user.is_default_user: | |||
|
812 | if self.allow_default_user: | |||
|
813 | log.info('default user @ %s', loc) | |||
|
814 | return func(*fargs, **fkwargs) | |||
|
815 | log.info('default user is not accepted here @ %s', loc) | |||
807 | else: |
|
816 | else: | |
808 | log.warning('user %s NOT authenticated with regular auth @ %s', user, loc) |
|
817 | log.warning('user %s NOT authenticated with regular auth @ %s', user, loc) | |
809 |
|
|
818 | raise _redirect_to_login() |
General Comments 0
You need to be logged in to leave comments.
Login now