def index(self): def _branchtags(localrepo): bt = {} bt_closed = {} for bn, heads in localrepo.branchmap().iteritems(): tip = heads[-1] if 'close' not in localrepo.changelog.read(tip)[5]: bt[bn] = tip else: bt_closed[bn] = tip return bt, bt_closed bt, bt_closed = _branchtags(c.rhodecode_repo._repo) cs_g = c.rhodecode_repo.get_changeset _branches = [(safe_unicode(n), cs_g(binascii.hexlify(h)),) for n, h in bt.items()] _closed_branches = [(safe_unicode(n), cs_g(binascii.hexlify(h)),) for n, h in bt_closed.items()] c.repo_branches = OrderedDict(sorted(_branches, key=lambda ctx: ctx[0], reverse=False)) c.repo_closed_branches = OrderedDict(sorted(_closed_branches, key=lambda ctx: ctx[0], reverse=False)) return render('branches/branches.html')
def add_doc(self, writer, path, repo, repo_name): """Adding doc to writer this function itself fetches data from the instance of vcs backend""" node = self.get_node(repo, path) #we just index the content of chosen files, and skip binary files if node.extension in INDEX_EXTENSIONS and not node.is_binary: u_content = node.content if not isinstance(u_content, unicode): log.warning(' >> %s Could not get this content as unicode ' 'replacing with empty content', path) u_content = u'' else: log.debug(' >> %s [WITH CONTENT]' % path) else: log.debug(' >> %s' % path) #just index file name without it's content u_content = u'' writer.add_document(owner=unicode(repo.contact), repository=safe_unicode(repo_name), path=safe_unicode(path), content=u_content, modtime=self.get_node_mtime(node), extension=node.extension)
def create_ldap(self, username, password, user_dn, attrs): """ Checks if user is in database, if not creates this user marked as ldap user :param username: :param password: :param user_dn: :param attrs: """ from rhodecode.lib.auth import get_crypt_password log.debug('Checking for such ldap account in RhodeCode database') if self.get_by_username(username, case_insensitive=True) is None: try: new_user = User() # add ldap account always lowercase new_user.username = username.lower() new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.email = attrs['email'] new_user.active = True new_user.ldap_dn = safe_unicode(user_dn) new_user.name = attrs['name'] new_user.lastname = attrs['lastname'] self.sa.add(new_user) self.sa.commit() return True except (DatabaseError,): log.error(traceback.format_exc()) self.sa.rollback() raise log.debug('this %s user exists skipping creation of ldap account', username) return False
def app_settings_value(self, val): """ Setter that will always make sure we use unicode in app_settings_value :param val: """ self._app_settings_value = safe_unicode(val)
def __changes(self, cs): changes = [] a = [safe_unicode(n.path) for n in cs.added] if a: changes.append("\nA " + "\nA ".join(a)) m = [safe_unicode(n.path) for n in cs.changed] if m: changes.append("\nM " + "\nM ".join(m)) d = [safe_unicode(n.path) for n in cs.removed] if d: changes.append("\nD " + "\nD ".join(d)) changes.append("</pre>") return "".join(changes)
def __call__(self, repo_name, rev, paths): if isinstance(paths, str): paths = safe_unicode(paths) url_l = [link_to(repo_name, url('files_home', repo_name=repo_name, revision=rev, f_path=''))] paths_l = paths.split('/') for cnt, p in enumerate(paths_l): if p != '': url_l.append(link_to(p, url('files_home', repo_name=repo_name, revision=rev, f_path='/'.join(paths_l[:cnt + 1])))) return literal('/'.join(url_l))
def changed_tooltip(nodes): """ Generates a html string for changed nodes in changeset page. It limits the output to 30 entries :param nodes: LazyNodesGenerator """ if nodes: pref = ': <br/> ' suf = '' if len(nodes) > 30: suf = '<br/>' + _(' and %s more') % (len(nodes) - 30) return literal(pref + '<br/> '.join([safe_unicode(x.path) for x in nodes[:30]]) + suf) else: return ': ' + _('No Files')
def authenticate(username, password): """Authentication function used for access control, firstly checks for db authentication then if ldap is enabled for ldap authentication, also creates ldap user if not in database :param username: username :param password: password """ user_model = UserModel() user = User.get_by_username(username) log.debug('Authenticating user using RhodeCode account') if user is not None and not user.ldap_dn: if user.active: if user.username == 'default' and user.active: log.info('user %s authenticated correctly as anonymous user', username) return True elif user.username == username and check_password(password, user.password): log.info('user %s authenticated correctly', username) return True else: log.warning('user %s is disabled', username) else: log.debug('Regular authentication failed') user_obj = User.get_by_username(username, case_insensitive=True) if user_obj is not None and not user_obj.ldap_dn: log.debug('this user already exists as non ldap') return False ldap_settings = RhodeCodeSettings.get_ldap_settings() #====================================================================== # FALLBACK TO LDAP AUTH IF ENABLE #====================================================================== if str2bool(ldap_settings.get('ldap_active')): log.debug("Authenticating user using ldap") kwargs = { 'server': ldap_settings.get('ldap_host', ''), 'base_dn': ldap_settings.get('ldap_base_dn', ''), 'port': ldap_settings.get('ldap_port'), 'bind_dn': ldap_settings.get('ldap_dn_user'), 'bind_pass': ldap_settings.get('ldap_dn_pass'), 'tls_kind': ldap_settings.get('ldap_tls_kind'), 'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'), 'ldap_filter': ldap_settings.get('ldap_filter'), 'search_scope': ldap_settings.get('ldap_search_scope'), 'attr_login': ldap_settings.get('ldap_attr_login'), 'ldap_version': 3, } log.debug('Checking for ldap authentication') try: aldap = AuthLdap(**kwargs) (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password) log.debug('Got ldap DN response %s', user_dn) get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\ .get(k), [''])[0] user_attrs = { 'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')), 'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')), 'email': get_ldap_attr('ldap_attr_email'), } if user_model.create_ldap(username, password, user_dn, user_attrs): log.info('created new ldap user %s', username) return True except (LdapUsernameError, LdapPasswordError,): pass except (Exception,): log.error(traceback.format_exc()) pass return False
def authenticate(username, password): """Authentication function used for access control, firstly checks for db authentication then if ldap is enabled for ldap authentication, also creates ldap user if not in database :param username: username :param password: password """ user_model = UserModel() user = user_model.get_by_username(username, cache=False) log.debug("Authenticating user using RhodeCode account") if user is not None and not user.ldap_dn: if user.active: if user.username == "default" and user.active: log.info("user %s authenticated correctly as anonymous user", username) return True elif user.username == username and check_password(password, user.password): log.info("user %s authenticated correctly", username) return True else: log.warning("user %s is disabled", username) else: log.debug("Regular authentication failed") user_obj = user_model.get_by_username(username, cache=False, case_insensitive=True) if user_obj is not None and not user_obj.ldap_dn: log.debug("this user already exists as non ldap") return False ldap_settings = RhodeCodeSettings.get_ldap_settings() # ====================================================================== # FALLBACK TO LDAP AUTH IF ENABLE # ====================================================================== if str2bool(ldap_settings.get("ldap_active")): log.debug("Authenticating user using ldap") kwargs = { "server": ldap_settings.get("ldap_host", ""), "base_dn": ldap_settings.get("ldap_base_dn", ""), "port": ldap_settings.get("ldap_port"), "bind_dn": ldap_settings.get("ldap_dn_user"), "bind_pass": ldap_settings.get("ldap_dn_pass"), "tls_kind": ldap_settings.get("ldap_tls_kind"), "tls_reqcert": ldap_settings.get("ldap_tls_reqcert"), "ldap_filter": ldap_settings.get("ldap_filter"), "search_scope": ldap_settings.get("ldap_search_scope"), "attr_login": ldap_settings.get("ldap_attr_login"), "ldap_version": 3, } log.debug("Checking for ldap authentication") try: aldap = AuthLdap(**kwargs) (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password) log.debug("Got ldap DN response %s", user_dn) get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings.get(k), [""])[0] user_attrs = { "name": safe_unicode(get_ldap_attr("ldap_attr_firstname")), "lastname": safe_unicode(get_ldap_attr("ldap_attr_lastname")), "email": get_ldap_attr("ldap_attr_email"), } if user_model.create_ldap(username, password, user_dn, user_attrs): log.info("created new ldap user %s", username) return True except (LdapUsernameError, LdapPasswordError): pass except (Exception,): log.error(traceback.format_exc()) pass return False
def create(self, form_data, cur_user, just_db=False, fork=False): try: if fork: repo_name = form_data['fork_name'] org_name = form_data['repo_name'] org_full_name = org_name else: org_name = repo_name = form_data['repo_name'] repo_name_full = form_data['repo_name_full'] new_repo = Repository() new_repo.enable_statistics = False for k, v in form_data.items(): if k == 'repo_name': if fork: v = repo_name else: v = repo_name_full if k == 'repo_group': k = 'group_id' if k == 'description': v = safe_unicode(v) or repo_name setattr(new_repo, k, v) if fork: parent_repo = self.sa.query(Repository)\ .filter(Repository.repo_name == org_full_name).one() new_repo.fork = parent_repo new_repo.user_id = cur_user.user_id self.sa.add(new_repo) #create default permission repo_to_perm = RepoToPerm() default = 'repository.read' for p in User.get_by_username('default').user_perms: if p.permission.permission_name.startswith('repository.'): default = p.permission.permission_name break default_perm = 'repository.none' if form_data['private'] else default repo_to_perm.permission_id = self.sa.query(Permission)\ .filter(Permission.permission_name == default_perm)\ .one().permission_id repo_to_perm.repository = new_repo repo_to_perm.user_id = User.get_by_username('default').user_id self.sa.add(repo_to_perm) if not just_db: self.__create_repo(repo_name, form_data['repo_type'], form_data['repo_group'], form_data['clone_uri']) self.sa.commit() #now automatically start following this repository as owner from rhodecode.model.scm import ScmModel ScmModel(self.sa).toggle_following_repo(new_repo.repo_id, cur_user.user_id) return new_repo except: log.error(traceback.format_exc()) self.sa.rollback() raise