def ajaxhandler(self, req, path): success = False error = '' response = None username = '' if len(path) < 2: return XMLStatusResponse('', False, 'Invalid Path') action = path[0] groupname = path[1] if action == 'delete': return self.removeGroup(groupname) if 'removeMember' in req.post: return self.removeMember(req, groupname) if 'addMember' in req.post: return self.addMember(req, groupname) if 'listGroupUsers' in req.post: return self.listGroupUsers(req, group.Group(groupname)) return XMLStatusResponse('', False, 'Unknown command')
def saveNotifications(self, req, u): session_user = req.session['user'] notifications_str = req.post.get('saveNotifications').split('|') notifications = [] for n_str in notifications_str: try: type_repos, enabled = n_str.split(',', 1) vcstype, reposname = type_repos.split(':', 1) except ValueError: return XMLStatusResponse( 'saveNotifications', False, 'Badly formatted notifications, reload the page and try again' ) enabled = (enabled == "true") notifications.append({ 'name': reposname, 'vcs': vcstype, 'enabled': enabled }) try: asking_user = user.User(session_user['name']) u.set_notifications(notifications, asking_user) except UserPermissionError as e: return XMLStatusResponse('saveNotifications', False, str(e)) return XMLStatusResponse("saveNotifications", True, "Saved notifications for user " + u.name)
def addpermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') vcs_type = repos.vcs_type default_perm = '' if vcs_type == "git": if path != "/": default_perm = "w" else: default_perm = "r" if type == 'group': name = name.lower() try: group.Group(name) except UnknownGroupError as e: import re if re.findall('[^a-zA-Z0-9_-]', name): return XMLStatusResponse( 'addPermission', False, 'Invalid characters in groupname %s' % name) group.add(name) permissions.add(repos.name, repos.vcs_type, path, name, type, default_perm) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse('addPermission', True, ('User', 'Group')[type == 'group'] + ' %s added to path %s' % (name, path))
def sendPasswordMail(self, req, u): try: u.prepare_password_reset(req.remote_address) return XMLStatusResponse( 'sendPasswordMail', True, 'Send password reset email to user %s' % u.name) except Exception as e: return XMLStatusResponse('sendPasswordMail', False, "Could not send Reset password email of user %s: %s" % \ (u.name, e))
def ajaxhandler(self, req, path): username = '' if len(path) < 2: return XMLStatusResponse('', False, 'Invalid path') action = path[0] username = path[1] if action == 'delete': return self.removeUser(req, username) u = user.User(username) if 'fullname' in req.post and req.post.get('fullname').strip(): return self.setFullName(req, u) if 'email' in req.post and req.post.get('email').strip(): return self.setEmail(req, u) if 'password' in req.post and req.post.get('password').strip(): return self.setPassword(req, u) if 'sendPasswordMail' in req.post: return self.sendPasswordMail(req, u) if 'addToGroup' in req.post: return self.addToGroup(req, u) if 'removeFromGroup' in req.post: return self.removeFromGroup(req, u) if 'listUserGroups' in req.post: return self.listUserGroups(req, u) if 'listNotifications' in req.post: return self.listNotifications(req, u) if 'addSSHKey' in req.post: return self.addSSHKey(req, u) if 'removeSSHKey' in req.post: return self.removeSSHKey(req, u) if 'saveNotifications' in req.post: return self.saveNotifications(req, u) if 'listSSHKeys' in req.post: return self.listSSHKeys(req, u) if 'setIsAdmin' in req.post: return self.setIsAdmin(req, u) return XMLStatusResponse('', False, 'Unknown command')
def ajaxhandler(self, req, path): reposname = '' if len(path) < 3: return XMLStatusResponse('', False, 'Invalid path') action = path[0] vcs_type = path[1] reposname = path[2] repos = None try: repos = Repository(reposname, vcs_type) except (IndexError, DoesNotExistError): return XMLStatusResponse( '', False, 'Repository %s does not exist.' % reposname) if action == 'delete': return self.removeRepository(req, repos) if 'getSubdirs' in req.post: return self.getsubdirs(req, repos) if 'getPermissions' in req.post: return self.getpermissions(req, repos) if 'getPermissionPaths' in req.post: return self.getpermissionpaths(req, repos) if 'addPermission' in req.post: return self.addpermission(req, repos) if 'removePermission' in req.post: return self.removepermission(req, repos) if 'setPermission' in req.post: return self.setpermission(req, repos) if 'setCommitEmails' in req.post: return self.setCommitEmails(req, repos) if 'commitEmailsEnabled' in req.post: return self.commitEmailsEnabled(req, repos) if 'setTracCommitHook' in req.post: return self.setTracCommitHook(req, repos) if 'tracCommitHookEnabled' in req.post: return self.tracCommitHookEnabled(req, repos) if 'tracEnvCreate' in req.post: return self.tracEnvCreate(req, repos) return XMLStatusResponse('', False, 'Unknown command')
def setFullName(self, req, u): try: u.fullname = req.post.get('fullname') return XMLStatusResponse( 'setFullName', True, 'Changed name for user %s to %s' % (u.name, u.fullname)) except validators.InvalidFullname as e: return XMLStatusResponse('setFullName', False, str(e)) except Exception as e: return XMLStatusResponse( 'setFullName', False, 'Could not change name of user %s: %s' % (u.name, str(e)))
def removeGroup(self, groupname): try: g = group.Group(groupname) g.remove() except IOError: return XMLStatusResponse('removeGroup', False, 'File permisson denied') except UnknownGroupError: return XMLStatusResponse('removeGroup', False, 'Group %s does not exist' % groupname) return XMLStatusResponse('removeGroup', True, 'Group %s deleted' % g)
def setPassword(self, req, u): try: u.set_password(req.post.get('password')) except Exception as e: return XMLStatusResponse( 'setPassword', False, 'Could not change password of user %s: %s' % (u.name, e)) else: # User changed their password, we don't have to remind to # change the password anymore if 'change_password_hint' in req.session: del req.session['change_password_hint'] return XMLStatusResponse('setPassword', True, 'Changed password for user %s' % u.name)
def removeSSHKey(self, req, u): session_user = req.session['user'] if not session_user['is_admin'] and session_user['name'] != u.name: return XMLStatusResponse( 'addSSHKey', False, "You do not have permission to add SSH Keys for this user.") ssh_key_id = req.post.get("removeSSHKey") if not ssh_key_id: return XMLStatusResponse( 'removeSSHKey', False, "Something went wrong with passing the key id to the server.") u.remove_ssh_key(ssh_key_id) return XMLStatusResponse("removeSSHKey", True, "SSH Key successfully removed.")
def setEmail(self, req, u): try: u.email = req.post.get('email') return XMLStatusResponse( 'email', True, 'Changed email address for user %s to %s' % (u.name, u.email)) except validators.InvalidEmail: return XMLStatusResponse( 'email', False, 'Invalid characters in email-address. If you think this is an error, please report a bug' ) except Exception as e: return XMLStatusResponse( 'email', False, 'Could not change email of user %s: %s' % (u.name, str(e)))
def listGroupUsers(self, req, g): members = list(g.members()) asking_user = user.User(req.session['user']['name']) if asking_user.is_admin: nonmembers = [] usernames = user.list(asking_user) for username in usernames: if username not in members: nonmembers.append(username) return XMLTemplateResponse("ajax/groupmembers.xml", { "members": members, "nonmembers": nonmembers, "group": g.name }) if asking_user.name not in g.members(): return XMLStatusResponse( 'listGroupUsers', False, "You do not have permission to view this group.") return XMLTemplateResponse("ajax/groupmembers.xml", { "members": members, "nonmembers": [], "group": g.name })
def listUserGroups(self, req, u): member_of_names = list(u.member_of()) session_user = req.session['user'] if session_user['is_admin']: asking_user = user.User(session_user['name']) nonmember_of = [] groupnames = group.list(asking_user) for groupname in groupnames: if groupname not in member_of_names: nonmember_of.append(groupname) return XMLTemplateResponse( "ajax/usermemberof.xml", { "memberof": member_of_names, "nonmemberof": nonmember_of, "user": u.name }) if session_user['name'] != u.name: return XMLStatusResponse( 'listUserGroups', False, "You do not have permission to " "view this user.") return XMLTemplateResponse("ajax/usermemberof.xml", { "memberof": member_of_names, "nonmemberof": [], "user": u.name })
def removeUser(self, req, username): if username == req.session['user']['name']: return XMLStatusResponse('removeUser', False, 'You are not allowed to delete yourself') try: u = user.User(username) except UnknownUserError: return XMLStatusResponse('removeUser', False, "Could not find user '%s'" % username) try: u.remove() except Exception as e: return XMLStatusResponse( 'removeUser', False, 'User %s not deleted: %s' % (username, str(e))) return XMLStatusResponse('removeUser', True, 'User %s deleted' % username)
def setIsAdmin(self, req, u): is_admin = req.post.get('setIsAdmin') if u.name == req.session['user']['name']: return XMLStatusResponse( 'setIsAdmin', False, 'You are not allowed to change admin rights for yourself') try: u.is_admin = is_admin except Exception as e: return XMLStatusResponse( 'setIsAdmin', False, 'Could not change admin status for user %s: %s' % (u.name, str(e))) newstatus = {'false': 'revoked', 'true': 'granted'}[is_admin] return XMLStatusResponse( 'setIsAdmin', True, 'Admin rights for user %s %s' % (u.name, newstatus))
def removepermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') permissions.remove(repos.name, repos.vcs_type, path, name, type) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse('removePermission', True, ('User', 'Group')[type == 'group'] + ' %s removed from path %s' % (name, path))
def addMember(self, req, groupname): username = req.post.get('addMember') success = True try: group.Group(groupname).add_member(user.User(username)) except MemberExistsError: success = False msgs = { True: 'User %s added to group %s' % (username, groupname), False: 'User %s already in group %s' % (username, groupname) } return XMLStatusResponse('addMember', success, msgs[success])
def removeFromGroup(self, req, u): g = group.Group(req.post.get('removeFromGroup')) success = True try: g.remove_member(u) except: # XXX except what?! succes = False msgs = { True: 'User %s removed from group %s' % (u.name, g.name), False: 'User %s is not a member of %s' % (u.name, g.name) } return XMLStatusResponse('removeFromGroup', success, msgs[success])
def listNotifications(self, req, u): session_user = req.session['user'] if not session_user['is_admin'] and session_user['name'] != u.name: return XMLStatusResponse( 'listNotifications', False, "You do not have permission to " "view this user.") return XMLTemplateResponse( "ajax/usernotifications.xml", { "notifications": u.notifications(), "username": u.name, "session_user": session_user })
def addToGroup(self, req, u): g = group.Group(req.post.get('addToGroup')) success = True try: g.add_member(u) except MemberExistsError: success = False msgs = { True: 'User %s added to group %s' % (u.name, g.name), False: 'User %s already in group %s' % (u.name, g.name) } return XMLStatusResponse('addToGroup', success, msgs[success])
def addSSHKey(self, req, u): session_user = req.session['user'] if not session_user['is_admin'] and session_user['name'] != u.name: return XMLStatusResponse( 'addSSHKey', False, "You do not have permission to add SSH Keys for this user.") title = req.post.get("title", None) if not title: title = None # user.add_ssh_key will deduct the correct title ssh_key = req.post.get("ssh_key") if not ssh_key: return XMLStatusResponse("addSSHKey", False, "Please provide an SSH Key") try: u.add_ssh_key(ssh_key, title) return XMLStatusResponse("addSSHKey", True, "SSH Key successfully added.") except validators.InvalidSSHKey: return XMLStatusResponse( 'addSSHKey', False, '''Invalid SSH Key provided. Please see 'Need more information about SSH Keys?'. If you think this is an error, please report a bug.''' )
def listSSHKeys(self, req, u): session_user = req.session['user'] if not session_user['is_admin'] and session_user['name'] != u.name: return XMLStatusResponse( 'listSSHKeys', False, "You do not have permission to " "view this user.") ssh_keys = u.ssh_keys() return XMLTemplateResponse("ajax/usersshkeys.xml", { "ssh_keys": ssh_keys, "username": u.name, "session_user": session_user })
def setpermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') permission = req.post.get('permission') permissions.change(repos.name, repos.vcs_type, path, name, type, permission) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse( 'setPermission', True, 'Permission for %s %s changed to %s' % (('user', 'group')[type == 'group'], name, permission))
def removeMember(self, req, groupname): g = group.Group(groupname) username = req.post.get('removeMember') success = True try: g.remove_member(user.User(username)) except: success = False msgs = { True: 'User %s removed from group %s' % (username, groupname), False: 'User %s is not a member of group %s' % (username, groupname) } return XMLStatusResponse('removeMember', success, msgs[success])
def addpermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') vcs_type = repos.vcs_type default_perm = '' if vcs_type == "git": if path != "/": default_perm = "w" else: default_perm = "r" permissions.add(repos.name, repos.vcs_type, path, name, type, default_perm) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse('addPermission', True, ('User', 'Group')[type == 'group'] + ' %s added to path %s' % (name, path))
def removeRepository(self, req, repos): repos.remove() return XMLStatusResponse('removeRepository', True, 'Repository %s deleted' % repos.name)
def tracEnvCreate(self, req, repos): asking_user = user.User(req.session['user']['name']) trac.create(repos.vcs_type, repos.name, asking_user) return XMLStatusResponse( 'tracEnvCreate', True, 'Trac environment "%s" (%s) created.' % (repos.name, repos.vcs_type))
def dispatcher(request): # Add session information to request request.session = Session(request) # session expiry time is for cleanup purposes, not for security purposes future_expiry = int(time.time()) + 60 * 60 * 24 * 7 future_refresh = request.session.expires - 60 * 60 * 24 if time.time() >= future_refresh: request.session.expires = future_expiry path = request.path_info.strip('/').split('/') handlerName = 'handler' if path[0].lower() in classes: tupl = classes[path[0].lower()] cls = tupl[0](request, tupl[1]) if not hasattr(cls, handlerName): raise Exception("No handler %r found for view %r" % (handlerName, path[0].lower())) del path[0] handler = getattr(cls, handlerName) try: response = handler(request, path) if not issubclass(response.__class__, Response): raise Exception( "Handler %r should return a Response instance" % handler) except UnknownKeyError as e: env = options.env_path( ) # this should never trigger another UnknownKeyError summary = "It seems your installation is missing a configuration option (%s)" % str( e) details = """ You can add the missing config option by executing the following commandline: submin2-admin %s config set %s <value> Unfortunately, this error handling does not know the value you should set, but the name of the missing option should give you a hint to its value :)""" % \ (env, str(e)) if not request.is_ajax(): response = ErrorResponse(summary, request=request, details=details) else: details = summary + '\n\n' + details response = XMLStatusResponse('', False, details) except Exception as e: import traceback details = traceback.format_exc() if not request.is_ajax(): response = ErrorResponse(str(e), request=request, details=details) else: response = XMLStatusResponse('', False, str(e), details=details) else: response = HTTP404('/'.join(path)) response.setCookieHeaders(request.cookieHeaders()) return response