def index(self):
def _branchtags(localrepo):
bt = {}
bt_closed = {}
for bn, heads in localrepo.branchmap().iteritems():
tip = heads[-1]
if 'close' not in localrepo.changelog.read(tip)[5]:
bt[bn] = tip
else:
bt_closed[bn] = tip
return bt, bt_closed
bt, bt_closed = _branchtags(c.rhodecode_repo._repo)
cs_g = c.rhodecode_repo.get_changeset
_branches = [(safe_unicode(n), cs_g(binascii.hexlify(h)),) for n, h in
bt.items()]
_closed_branches = [(safe_unicode(n), cs_g(binascii.hexlify(h)),) for n, h in
bt_closed.items()]
c.repo_branches = OrderedDict(sorted(_branches,
key=lambda ctx: ctx[0],
reverse=False))
c.repo_closed_branches = OrderedDict(sorted(_closed_branches,
key=lambda ctx: ctx[0],
reverse=False))
return render('branches/branches.html')
def add_doc(self, writer, path, repo, repo_name):
"""Adding doc to writer this function itself fetches data from
the instance of vcs backend"""
node = self.get_node(repo, path)
#we just index the content of chosen files, and skip binary files
if node.extension in INDEX_EXTENSIONS and not node.is_binary:
u_content = node.content
if not isinstance(u_content, unicode):
log.warning(' >> %s Could not get this content as unicode '
'replacing with empty content', path)
u_content = u''
else:
log.debug(' >> %s [WITH CONTENT]' % path)
else:
log.debug(' >> %s' % path)
#just index file name without it's content
u_content = u''
writer.add_document(owner=unicode(repo.contact),
repository=safe_unicode(repo_name),
path=safe_unicode(path),
content=u_content,
modtime=self.get_node_mtime(node),
extension=node.extension)
def create_ldap(self, username, password, user_dn, attrs):
"""
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
:param user_dn:
:param attrs:
"""
from rhodecode.lib.auth import get_crypt_password
log.debug('Checking for such ldap account in RhodeCode database')
if self.get_by_username(username, case_insensitive=True) is None:
try:
new_user = User()
# add ldap account always lowercase
new_user.username = username.lower()
new_user.password = get_crypt_password(password)
new_user.api_key = generate_api_key(username)
new_user.email = attrs['email']
new_user.active = True
new_user.ldap_dn = safe_unicode(user_dn)
new_user.name = attrs['name']
new_user.lastname = attrs['lastname']
self.sa.add(new_user)
self.sa.commit()
return True
except (DatabaseError,):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug('this %s user exists skipping creation of ldap account',
username)
return False
def app_settings_value(self, val):
"""
Setter that will always make sure we use unicode in app_settings_value
:param val:
"""
self._app_settings_value = safe_unicode(val)
def __changes(self, cs):
changes = []
a = [safe_unicode(n.path) for n in cs.added]
if a:
changes.append("\nA " + "\nA ".join(a))
m = [safe_unicode(n.path) for n in cs.changed]
if m:
changes.append("\nM " + "\nM ".join(m))
d = [safe_unicode(n.path) for n in cs.removed]
if d:
changes.append("\nD " + "\nD ".join(d))
changes.append("</pre>")
return "".join(changes)
def __call__(self, repo_name, rev, paths):
if isinstance(paths, str):
paths = safe_unicode(paths)
url_l = [link_to(repo_name, url('files_home',
repo_name=repo_name,
revision=rev, f_path=''))]
paths_l = paths.split('/')
for cnt, p in enumerate(paths_l):
if p != '':
url_l.append(link_to(p, url('files_home',
repo_name=repo_name,
revision=rev,
f_path='/'.join(paths_l[:cnt + 1]))))
return literal('/'.join(url_l))
def changed_tooltip(nodes):
"""
Generates a html string for changed nodes in changeset page.
It limits the output to 30 entries
:param nodes: LazyNodesGenerator
"""
if nodes:
pref = ': <br/> '
suf = ''
if len(nodes) > 30:
suf = '<br/>' + _(' and %s more') % (len(nodes) - 30)
return literal(pref + '<br/> '.join([safe_unicode(x.path)
for x in nodes[:30]]) + suf)
else:
return ': ' + _('No Files')
def authenticate(username, password):
"""Authentication function used for access control,
firstly checks for db authentication then if ldap is enabled for ldap
authentication, also creates ldap user if not in database
:param username: username
:param password: password
"""
user_model = UserModel()
user = User.get_by_username(username)
log.debug('Authenticating user using RhodeCode account')
if user is not None and not user.ldap_dn:
if user.active:
if user.username == 'default' and user.active:
log.info('user %s authenticated correctly as anonymous user',
username)
return True
elif user.username == username and check_password(password,
user.password):
log.info('user %s authenticated correctly', username)
return True
else:
log.warning('user %s is disabled', username)
else:
log.debug('Regular authentication failed')
user_obj = User.get_by_username(username, case_insensitive=True)
if user_obj is not None and not user_obj.ldap_dn:
log.debug('this user already exists as non ldap')
return False
ldap_settings = RhodeCodeSettings.get_ldap_settings()
#======================================================================
# FALLBACK TO LDAP AUTH IF ENABLE
#======================================================================
if str2bool(ldap_settings.get('ldap_active')):
log.debug("Authenticating user using ldap")
kwargs = {
'server': ldap_settings.get('ldap_host', ''),
'base_dn': ldap_settings.get('ldap_base_dn', ''),
'port': ldap_settings.get('ldap_port'),
'bind_dn': ldap_settings.get('ldap_dn_user'),
'bind_pass': ldap_settings.get('ldap_dn_pass'),
'tls_kind': ldap_settings.get('ldap_tls_kind'),
'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'),
'ldap_filter': ldap_settings.get('ldap_filter'),
'search_scope': ldap_settings.get('ldap_search_scope'),
'attr_login': ldap_settings.get('ldap_attr_login'),
'ldap_version': 3,
}
log.debug('Checking for ldap authentication')
try:
aldap = AuthLdap(**kwargs)
(user_dn, ldap_attrs) = aldap.authenticate_ldap(username,
password)
log.debug('Got ldap DN response %s', user_dn)
get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\
.get(k), [''])[0]
user_attrs = {
'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')),
'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')),
'email': get_ldap_attr('ldap_attr_email'),
}
if user_model.create_ldap(username, password, user_dn,
user_attrs):
log.info('created new ldap user %s', username)
return True
except (LdapUsernameError, LdapPasswordError,):
pass
except (Exception,):
log.error(traceback.format_exc())
pass
return False
def authenticate(username, password):
"""Authentication function used for access control,
firstly checks for db authentication then if ldap is enabled for ldap
authentication, also creates ldap user if not in database
:param username: username
:param password: password
"""
user_model = UserModel()
user = user_model.get_by_username(username, cache=False)
log.debug("Authenticating user using RhodeCode account")
if user is not None and not user.ldap_dn:
if user.active:
if user.username == "default" and user.active:
log.info("user %s authenticated correctly as anonymous user", username)
return True
elif user.username == username and check_password(password, user.password):
log.info("user %s authenticated correctly", username)
return True
else:
log.warning("user %s is disabled", username)
else:
log.debug("Regular authentication failed")
user_obj = user_model.get_by_username(username, cache=False, case_insensitive=True)
if user_obj is not None and not user_obj.ldap_dn:
log.debug("this user already exists as non ldap")
return False
ldap_settings = RhodeCodeSettings.get_ldap_settings()
# ======================================================================
# FALLBACK TO LDAP AUTH IF ENABLE
# ======================================================================
if str2bool(ldap_settings.get("ldap_active")):
log.debug("Authenticating user using ldap")
kwargs = {
"server": ldap_settings.get("ldap_host", ""),
"base_dn": ldap_settings.get("ldap_base_dn", ""),
"port": ldap_settings.get("ldap_port"),
"bind_dn": ldap_settings.get("ldap_dn_user"),
"bind_pass": ldap_settings.get("ldap_dn_pass"),
"tls_kind": ldap_settings.get("ldap_tls_kind"),
"tls_reqcert": ldap_settings.get("ldap_tls_reqcert"),
"ldap_filter": ldap_settings.get("ldap_filter"),
"search_scope": ldap_settings.get("ldap_search_scope"),
"attr_login": ldap_settings.get("ldap_attr_login"),
"ldap_version": 3,
}
log.debug("Checking for ldap authentication")
try:
aldap = AuthLdap(**kwargs)
(user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password)
log.debug("Got ldap DN response %s", user_dn)
get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings.get(k), [""])[0]
user_attrs = {
"name": safe_unicode(get_ldap_attr("ldap_attr_firstname")),
"lastname": safe_unicode(get_ldap_attr("ldap_attr_lastname")),
"email": get_ldap_attr("ldap_attr_email"),
}
if user_model.create_ldap(username, password, user_dn, user_attrs):
log.info("created new ldap user %s", username)
return True
except (LdapUsernameError, LdapPasswordError):
pass
except (Exception,):
log.error(traceback.format_exc())
pass
return False
def create(self, form_data, cur_user, just_db=False, fork=False):
try:
if fork:
repo_name = form_data['fork_name']
org_name = form_data['repo_name']
org_full_name = org_name
else:
org_name = repo_name = form_data['repo_name']
repo_name_full = form_data['repo_name_full']
new_repo = Repository()
new_repo.enable_statistics = False
for k, v in form_data.items():
if k == 'repo_name':
if fork:
v = repo_name
else:
v = repo_name_full
if k == 'repo_group':
k = 'group_id'
if k == 'description':
v = safe_unicode(v) or repo_name
setattr(new_repo, k, v)
if fork:
parent_repo = self.sa.query(Repository)\
.filter(Repository.repo_name == org_full_name).one()
new_repo.fork = parent_repo
new_repo.user_id = cur_user.user_id
self.sa.add(new_repo)
#create default permission
repo_to_perm = RepoToPerm()
default = 'repository.read'
for p in User.get_by_username('default').user_perms:
if p.permission.permission_name.startswith('repository.'):
default = p.permission.permission_name
break
default_perm = 'repository.none' if form_data['private'] else default
repo_to_perm.permission_id = self.sa.query(Permission)\
.filter(Permission.permission_name == default_perm)\
.one().permission_id
repo_to_perm.repository = new_repo
repo_to_perm.user_id = User.get_by_username('default').user_id
self.sa.add(repo_to_perm)
if not just_db:
self.__create_repo(repo_name, form_data['repo_type'],
form_data['repo_group'],
form_data['clone_uri'])
self.sa.commit()
#now automatically start following this repository as owner
from rhodecode.model.scm import ScmModel
ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
cur_user.user_id)
return new_repo
except:
log.error(traceback.format_exc())
self.sa.rollback()
raise
