Show More
| @@ -1,84 +1,83 b'' | |||
|
|
1 | 1 | import logging |
|
|
2 | 2 | from datetime import datetime |
|
|
3 | 3 | import crypt |
|
|
4 | 4 | from pylons import session, url |
|
|
5 | 5 | from pylons.controllers.util import abort, redirect |
|
|
6 | 6 | from decorator import decorator |
|
|
7 | 7 | from sqlalchemy.exc import OperationalError |
|
|
8 | 8 | log = logging.getLogger(__name__) |
|
|
9 | 9 | from pylons_app.model import meta |
|
|
10 | 10 | from pylons_app.model.db import Users, UserLogs |
|
|
11 | 11 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
|
12 | 12 | |
|
|
13 | 13 | def get_crypt_password(password): |
|
|
14 | 14 | return crypt.crypt(password, '6a') |
|
|
15 | 15 | |
|
|
16 | 16 | def admin_auth(username, password): |
|
|
17 | 17 | sa = meta.Session |
|
|
18 | 18 | password_crypt = get_crypt_password(password) |
|
|
19 | 19 | |
|
|
20 | 20 | try: |
|
|
21 | 21 | user = sa.query(Users).filter(Users.username == username).one() |
|
|
22 | 22 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
|
23 | 23 | log.error(e) |
|
|
24 | 24 | user = None |
|
|
25 | 25 | |
|
|
26 | 26 | if user: |
|
|
27 | 27 | if user.active: |
|
|
28 | 28 | if user.username == username and user.password == password_crypt and user.admin: |
|
|
29 | 29 | log.info('user %s authenticated correctly', username) |
|
|
30 | 30 | return True |
|
|
31 | 31 | else: |
|
|
32 | 32 | log.error('user %s is disabled', username) |
|
|
33 | 33 | |
|
|
34 | 34 | return False |
|
|
35 | 35 | |
|
|
36 | 36 | def authfunc(environ, username, password): |
|
|
37 | 37 | sa = meta.Session |
|
|
38 | 38 | password_crypt = get_crypt_password(password) |
|
|
39 | ||
|
|
40 | 39 | try: |
|
|
41 | 40 | user = sa.query(Users).filter(Users.username == username).one() |
|
|
42 | 41 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
|
43 | 42 | log.error(e) |
|
|
44 | 43 | user = None |
|
|
45 | 44 | |
|
|
46 | 45 | if user: |
|
|
47 | 46 | if user.active: |
|
|
48 | 47 | if user.username == username and user.password == password_crypt: |
|
|
49 | 48 | log.info('user %s authenticated correctly', username) |
|
|
50 | 49 | if environ: |
|
|
51 | 50 | http_accept = environ.get('HTTP_ACCEPT') |
|
|
52 | 51 | |
|
|
53 | 52 | if http_accept.startswith('application/mercurial') or \ |
|
|
54 | 53 | environ['PATH_INFO'].find('raw-file') != -1: |
|
|
55 | 54 | repo = environ['PATH_INFO'] |
|
|
56 | 55 | for qry in environ['QUERY_STRING'].split('&'): |
|
|
57 | 56 | if qry.startswith('cmd'): |
|
|
58 | 57 | |
|
|
59 | 58 | try: |
|
|
60 | 59 | user_log = UserLogs() |
|
|
61 | 60 | user_log.user_id = user.user_id |
|
|
62 | 61 | user_log.action = qry |
|
|
63 | 62 | user_log.repository = repo |
|
|
64 | 63 | user_log.action_date = datetime.now() |
|
|
65 | 64 | sa.add(user_log) |
|
|
66 | 65 | sa.commit() |
|
|
67 | 66 | log.info('Adding user %s, action %s', username, qry) |
|
|
68 | 67 | except Exception as e: |
|
|
69 | 68 | sa.rollback() |
|
|
70 | 69 | log.error(e) |
|
|
71 | 70 | |
|
|
72 | 71 | return True |
|
|
73 | 72 | else: |
|
|
74 | 73 | log.error('user %s is disabled', username) |
|
|
75 | 74 | |
|
|
76 | 75 | return False |
|
|
77 | 76 | |
|
|
78 | 77 | |
|
|
79 | 78 | @decorator |
|
|
80 | 79 | def authenticate(fn, *args, **kwargs): |
|
|
81 | 80 | if not session.get('admin_user', False): |
|
|
82 | 81 | redirect(url('admin_home'), 301) |
|
|
83 | 82 | return fn(*args, **kwargs) |
|
|
84 | 83 | |
| @@ -1,8 +1,16 b'' | |||
|
|
1 | 1 | |
|
|
2 | 2 | def get_repo_slug(request): |
|
|
3 | 3 | path_info = request.environ.get('PATH_INFO') |
|
|
4 | uri_lst = path_info.split('/') | |
|
|
5 | print uri_lst | |
|
|
6 | print 'len', len(uri_lst) | |
|
|
4 | uri_lst = path_info.split('/') | |
|
|
7 | 5 | repo_name = uri_lst[1] |
|
|
8 | 6 | return repo_name |
|
|
7 | ||
|
|
8 | def is_mercurial(environ): | |
|
|
9 | """ | |
|
|
10 | Returns True if request's target is mercurial server - header | |
|
|
11 | ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``. | |
|
|
12 | """ | |
|
|
13 | http_accept = environ.get('HTTP_ACCEPT') | |
|
|
14 | if http_accept and http_accept.startswith('application/mercurial'): | |
|
|
15 | return True | |
|
|
16 | return False | |
General Comments 0
You need to be logged in to leave comments.
Login now