def to_python(self, value, state): if not value: return if value.get('password'): try: value['password'] = get_crypt_password(value['password']) except UnicodeEncodeError: e_dict = {'password': _('Invalid characters in password')} raise formencode.Invalid('', value, state, error_dict=e_dict) if value.get('password_confirmation'): try: value['password_confirmation'] = \ get_crypt_password(value['password_confirmation']) except UnicodeEncodeError: e_dict = { 'password_confirmation': _('Invalid characters in password') } raise formencode.Invalid('', value, state, error_dict=e_dict) if value.get('new_password'): try: value['new_password'] = \ get_crypt_password(value['new_password']) except UnicodeEncodeError: e_dict = {'new_password': _('Invalid characters in password')} raise formencode.Invalid('', value, state, error_dict=e_dict) return value
def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task from rhodecode.lib import auth user_email = data['email'] try: try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password(8, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) user.api_key = auth.generate_api_key(user.username) Session().add(user) Session().commit() log.info('change password for %s' % user_email) if new_passwd is None: raise Exception('unable to generate new password') except Exception: log.error(traceback.format_exc()) Session().rollback() run_task(tasks.send_email, user_email, _('Your new password'), _('Your new RhodeCode password:%s') % (new_passwd)) log.info('send new password mail to %s' % user_email) except Exception: log.error('Failed to update user password') log.error(traceback.format_exc()) return True
def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task from rhodecode.lib import auth user_email = data['email'] try: try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password( 8, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) user.api_key = auth.generate_api_key(user.username) Session().add(user) Session().commit() log.info('change password for %s' % user_email) if new_passwd is None: raise Exception('unable to generate new password') except Exception: log.error(traceback.format_exc()) Session().rollback() run_task(tasks.send_email, user_email, _('Your new password'), _('Your new RhodeCode password:%s') % (new_passwd)) log.info('send new password mail to %s' % user_email) except Exception: log.error('Failed to update user password') log.error(traceback.format_exc()) return True
def reset_user_password(user_email): try: log = reset_user_password.get_logger() except: log = logging.getLogger(__name__) from rhodecode.lib import auth from rhodecode.model.db import User try: try: sa = get_session() user = sa.query(User).filter(User.email == user_email).scalar() new_passwd = auth.PasswordGenerator().gen_password(8, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) user.api_key = auth.generate_api_key(user.username) sa.add(user) sa.commit() log.info("change password for %s", user_email) if new_passwd is None: raise Exception("unable to generate new password") except: log.error(traceback.format_exc()) sa.rollback() run_task(send_email, user_email, "Your new RhodeCode password", "Your new RhodeCode password:%s" % (new_passwd)) log.info("send new password mail to %s", user_email) except: log.error("Failed to update user password") log.error(traceback.format_exc()) return True
def create_ldap(self, username, password, user_dn, attrs, cur_user=None): """ Checks if user is in database, if not creates this user marked as ldap user :param username: :param password: :param user_dn: :param attrs: :param cur_user: """ if not cur_user: cur_user = getattr(get_current_rhodecode_user(), 'username', None) from rhodecode.lib.auth import get_crypt_password log.debug('Checking for such ldap account in RhodeCode database') if self.get_by_username(username, case_insensitive=True) is None: # autogenerate email for container account without one generate_email = lambda usr: '******' % usr password = get_crypt_password(password) firstname = attrs['name'] lastname = attrs['lastname'] active = attrs.get('active', True) email = attrs['email'] or generate_email(username) from rhodecode.lib.hooks import log_create_user, check_allowed_create_user user_data = { 'username': username, 'password': password, 'email': email, 'firstname': firstname, 'lastname': lastname, 'active': attrs.get('active', True), 'admin': False } # raises UserCreationError if it's not allowed check_allowed_create_user(user_data, cur_user) try: new_user = User() username = username.lower() # add ldap account always lowercase new_user.username = username new_user.password = password new_user.api_key = generate_api_key(username) new_user.email = email new_user.active = active new_user.ldap_dn = safe_unicode(user_dn) new_user.name = firstname new_user.lastname = lastname self.sa.add(new_user) log_create_user(new_user.get_dict(), cur_user) return new_user except (DatabaseError, ): log.error(traceback.format_exc()) self.sa.rollback() raise log.debug('this %s user exists skipping creation of ldap account', username) return None
def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task from rhodecode.lib import auth user_email = data['email'] pre_db = True try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password( 8, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) user.api_key = auth.generate_api_key(user.username) Session().add(user) Session().commit() log.info('change password for %s' % user_email) if new_passwd is None: raise Exception('unable to generate new password') pre_db = False run_task(tasks.send_email, user_email, _('Your new password'), _('Your new RhodeCode password:%s') % (new_passwd, )) log.info('send new password mail to %s' % user_email) except Exception: log.error('Failed to update user password') log.error(traceback.format_exc()) if pre_db: # we rollback only if local db stuff fails. If it goes into # run_task, we're pass rollback state this wouldn't work then Session().rollback() return True
def create_ldap(self, username, password, user_dn, attrs): """ Checks if user is in database, if not creates this user marked as ldap user :param username: :param password: :param user_dn: :param attrs: """ from rhodecode.lib.auth import get_crypt_password log.debug('Checking for such ldap account in RhodeCode database') if self.get_by_username(username, case_insensitive=True) is None: try: new_user = User() # add ldap account always lowercase new_user.username = username.lower() new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.email = attrs['email'] new_user.active = True new_user.ldap_dn = safe_unicode(user_dn) new_user.name = attrs['name'] new_user.lastname = attrs['lastname'] self.sa.add(new_user) self.sa.commit() return True except (DatabaseError,): log.error(traceback.format_exc()) self.sa.rollback() raise log.debug('this %s user exists skipping creation of ldap account', username) return False
def create_test_user(force=True): print 'creating test user' sa = get_session() user = sa.query(User).filter(User.username == USER).scalar() if force and user is not None: print 'removing current user' for repo in sa.query(Repository).filter(Repository.user == user).all(): sa.delete(repo) sa.delete(user) sa.commit() if user is None or force: print 'creating new one' new_usr = User() new_usr.username = USER new_usr.password = get_crypt_password(PASS) new_usr.email = '*****@*****.**' new_usr.name = 'test' new_usr.lastname = 'lasttestname' new_usr.active = True new_usr.admin = True sa.add(new_usr) sa.commit() print 'done'
def reset_user_password(user_email): from rhodecode.lib import auth log = get_logger(reset_user_password) DBS = get_session() try: try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password(8, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) user.api_key = auth.generate_api_key(user.username) DBS.add(user) DBS.commit() log.info('change password for %s' % user_email) if new_passwd is None: raise Exception('unable to generate new password') except: log.error(traceback.format_exc()) DBS.rollback() run_task(send_email, user_email, 'Your new password', 'Your new RhodeCode password:%s' % (new_passwd)) log.info('send new password mail to %s' % user_email) except: log.error('Failed to update user password') log.error(traceback.format_exc()) return True
def create_or_update(self, username, password, email, firstname='', lastname='', active=True, admin=False, ldap_dn=None): """ Creates a new instance if not found, or updates current one :param username: :param password: :param email: :param active: :param firstname: :param lastname: :param active: :param admin: :param ldap_dn: """ from rhodecode.lib.auth import get_crypt_password log.debug('Checking for %s account in RhodeCode database' % username) user = User.get_by_username(username, case_insensitive=True) if user is None: log.debug('creating new user %s' % username) new_user = User() edit = False else: log.debug('updating user %s' % username) new_user = user edit = True try: new_user.username = username new_user.admin = admin # set password only if creating an user or password is changed if not edit or user.password != password: new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.email = email new_user.active = active new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None new_user.name = firstname new_user.lastname = lastname self.sa.add(new_user) return new_user except (DatabaseError, ): log.error(traceback.format_exc()) raise
def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task from rhodecode.model.notification import EmailNotificationModel from rhodecode.lib import auth user_email = data['email'] pre_db = True try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password( 12, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) # also force this user to reset his password ! user.update_userdata(force_password_change=True) Session().add(user) Session().commit() log.info('change password for %s', user_email) if new_passwd is None: raise Exception('unable to generate new password') pre_db = False email_kwargs = { 'new_password': new_passwd, 'user': user, 'email': user_email, 'date': datetime.datetime.now() } (subject, headers, email_body, email_body_plaintext) = EmailNotificationModel().render_email( EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION, **email_kwargs) recipients = [user_email] action_logger_generic( 'sent new password to user: {} with email: {}'.format( user, user_email), namespace='security.password_reset') run_task(tasks.send_email, recipients, subject, email_body_plaintext, email_body) except Exception: log.error('Failed to update user password') log.error(traceback.format_exc()) if pre_db: # we rollback only if local db stuff fails. If it goes into # run_task, we're pass rollback state this wouldn't work then Session().rollback() return True
def create_or_update( self, username, password, email, firstname="", lastname="", active=True, admin=False, ldap_dn=None ): """ Creates a new instance if not found, or updates current one :param username: :param password: :param email: :param active: :param firstname: :param lastname: :param active: :param admin: :param ldap_dn: """ from rhodecode.lib.auth import get_crypt_password log.debug("Checking for %s account in RhodeCode database" % username) user = User.get_by_username(username, case_insensitive=True) if user is None: log.debug("creating new user %s" % username) new_user = User() edit = False else: log.debug("updating user %s" % username) new_user = user edit = True try: new_user.username = username new_user.admin = admin # set password only if creating an user or password is changed if not edit or user.password != password: new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.email = email new_user.active = active new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None new_user.name = firstname new_user.lastname = lastname self.sa.add(new_user) return new_user except (DatabaseError,): log.error(traceback.format_exc()) raise
def create(self, form_data): from rhodecode.lib.auth import get_crypt_password try: new_user = User() for k, v in form_data.items(): if k == 'password': v = get_crypt_password(v) if k == 'firstname': k = 'name' setattr(new_user, k, v) new_user.api_key = generate_api_key(form_data['username']) self.sa.add(new_user) return new_user except: log.error(traceback.format_exc()) raise
def create(self, form_data): from rhodecode.lib.auth import get_crypt_password try: new_user = User() for k, v in form_data.items(): if k == 'password': v = get_crypt_password(v) if k == 'firstname': k = 'name' setattr(new_user, k, v) new_user.api_key = generate_api_key(form_data['username']) self.sa.add(new_user) return new_user except Exception: log.error(traceback.format_exc()) raise
def create(cls, form_data): from rhodecode.lib.auth import get_crypt_password try: new_user = cls() for k, v in form_data.items(): if k == "password": v = get_crypt_password(v) setattr(new_user, k, v) new_user.api_key = generate_api_key(form_data["username"]) Session.add(new_user) Session.commit() return new_user except: log.error(traceback.format_exc()) Session.rollback() raise
def create_default_user(self): log.info('creating default user') #create default user for handling default permissions. def_user = User() def_user.username = '******' def_user.password = get_crypt_password(str(uuid.uuid1())[:8]) def_user.api_key = generate_api_key('default') def_user.name = 'Anonymous' def_user.lastname = 'User' def_user.email = '*****@*****.**' def_user.admin = False def_user.active = False try: self.sa.add(def_user) self.sa.commit() except: self.sa.rollback() raise
def create_user(self, username, password, email='', admin=False): log.info('creating administrator user %s', username) new_user = User() new_user.username = username new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.name = 'RhodeCode' new_user.lastname = 'Admin' new_user.email = email new_user.admin = admin new_user.active = True try: self.sa.add(new_user) self.sa.commit() except: self.sa.rollback() raise
def create(cls, form_data): from rhodecode.lib.auth import get_crypt_password try: new_user = cls() for k, v in form_data.items(): if k == 'password': v = get_crypt_password(v) setattr(new_user, k, v) new_user.api_key = generate_auth_token(form_data['username']) Session.add(new_user) Session.commit() return new_user except: log.error(traceback.format_exc()) Session.rollback() raise
def update_user(self, user, **kwargs): from rhodecode.lib.auth import get_crypt_password try: user = self._get_user(user) if user.username == "default": raise DefaultUserException(_("You can't Edit this user since it's" " crucial for entire application")) for k, v in kwargs.items(): if k == "password" and v: v = get_crypt_password(v) user.api_key = generate_api_key(user.username) setattr(user, k, v) self.sa.add(user) return user except Exception: log.error(traceback.format_exc()) raise
def update_user(self, user, **kwargs): from rhodecode.lib.auth import get_crypt_password try: user = self._get_user(user) if user.username == 'default': raise DefaultUserException( _("You can't Edit this user since it's" " crucial for entire application")) for k, v in kwargs.items(): if k == 'password' and v: v = get_crypt_password(v) user.api_key = generate_api_key(user.username) setattr(user, k, v) self.sa.add(user) return user except Exception: log.error(traceback.format_exc()) raise
def update(self, user_id, form_data): from rhodecode.lib.auth import get_crypt_password try: user = self.get(user_id, cache=False) if user.username == 'default': raise DefaultUserException( _("You can't Edit this user since it's" " crucial for entire application")) for k, v in form_data.items(): if k == 'new_password' and v: user.password = get_crypt_password(v) user.api_key = generate_api_key(user.username) else: if k == 'firstname': k = 'name' setattr(user, k, v) self.sa.add(user) except: log.error(traceback.format_exc()) raise
def create_ldap(self, username, password, user_dn, attrs): """ Checks if user is in database, if not creates this user marked as ldap user :param username: :param password: :param user_dn: :param attrs: """ from rhodecode.lib.auth import get_crypt_password log.debug('Checking for such ldap account in RhodeCode database') if self.get_by_username(username, case_insensitive=True) is None: # autogenerate email for ldap account without one generate_email = lambda usr: '******' % usr try: new_user = User() username = username.lower() # add ldap account always lowercase new_user.username = username new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.email = attrs['email'] or generate_email(username) new_user.active = attrs.get('active', True) new_user.ldap_dn = safe_unicode(user_dn) new_user.name = attrs['name'] new_user.lastname = attrs['lastname'] self.sa.add(new_user) return new_user except (DatabaseError, ): log.error(traceback.format_exc()) self.sa.rollback() raise log.debug('this %s user exists skipping creation of ldap account', username) return None
def create_ldap(self, username, password, user_dn, attrs): """ Checks if user is in database, if not creates this user marked as ldap user :param username: :param password: :param user_dn: :param attrs: """ from rhodecode.lib.auth import get_crypt_password log.debug("Checking for such ldap account in RhodeCode database") if self.get_by_username(username, case_insensitive=True) is None: # autogenerate email for ldap account without one generate_email = lambda usr: "******" % usr try: new_user = User() username = username.lower() # add ldap account always lowercase new_user.username = username new_user.password = get_crypt_password(password) new_user.api_key = generate_api_key(username) new_user.email = attrs["email"] or generate_email(username) new_user.active = attrs.get("active", True) new_user.ldap_dn = safe_unicode(user_dn) new_user.name = attrs["name"] new_user.lastname = attrs["lastname"] self.sa.add(new_user) return new_user except (DatabaseError,): log.error(traceback.format_exc()) self.sa.rollback() raise log.debug("this %s user exists skipping creation of ldap account", username) return None
def create(self, form_data, cur_user=None): if not cur_user: cur_user = getattr(get_current_rhodecode_user(), "username", None) from rhodecode.lib.hooks import log_create_user, check_allowed_create_user _fd = form_data user_data = { "username": _fd["username"], "password": _fd["password"], "email": _fd["email"], "firstname": _fd["firstname"], "lastname": _fd["lastname"], "active": _fd["active"], "admin": False, } # raises UserCreationError if it's not allowed check_allowed_create_user(user_data, cur_user) from rhodecode.lib.auth import get_crypt_password try: new_user = User() for k, v in form_data.items(): if k == "password": v = get_crypt_password(v) if k == "firstname": k = "name" setattr(new_user, k, v) new_user.api_key = generate_api_key(form_data["username"]) self.sa.add(new_user) log_create_user(new_user.get_dict(), cur_user) return new_user except Exception: log.error(traceback.format_exc()) raise
def update(self, user_id, form_data, skip_attrs=[]): from rhodecode.lib.auth import get_crypt_password try: user = self.get(user_id, cache=False) if user.username == 'default': raise DefaultUserException( _("You can't Edit this user since it's" " crucial for entire application")) for k, v in form_data.items(): if k in skip_attrs: continue if k == 'new_password' and v: user.password = get_crypt_password(v) user.api_key = generate_api_key(user.username) else: if k == 'firstname': k = 'name' setattr(user, k, v) self.sa.add(user) except Exception: log.error(traceback.format_exc()) raise
def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task from rhodecode.lib import auth user_email = data["email"] pre_db = True try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password(8, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) user.api_key = auth.generate_api_key(user.username) Session().add(user) Session().commit() log.info("change password for %s" % user_email) if new_passwd is None: raise Exception("unable to generate new password") pre_db = False run_task( tasks.send_email, user_email, _("Your new password"), _("Your new RhodeCode password:%s") % (new_passwd,), ) log.info("send new password mail to %s" % user_email) except Exception: log.error("Failed to update user password") log.error(traceback.format_exc()) if pre_db: # we rollback only if local db stuff fails. If it goes into # run_task, we're pass rollback state this wouldn't work then Session().rollback() return True
def create(self, form_data, cur_user=None): if not cur_user: cur_user = getattr(get_current_rhodecode_user(), 'username', None) from rhodecode.lib.hooks import log_create_user, check_allowed_create_user _fd = form_data user_data = { 'username': _fd['username'], 'password': _fd['password'], 'email': _fd['email'], 'firstname': _fd['firstname'], 'lastname': _fd['lastname'], 'active': _fd['active'], 'admin': False } # raises UserCreationError if it's not allowed check_allowed_create_user(user_data, cur_user) from rhodecode.lib.auth import get_crypt_password try: new_user = User() for k, v in form_data.items(): if k == 'password': v = get_crypt_password(v) if k == 'firstname': k = 'name' setattr(new_user, k, v) new_user.api_key = generate_api_key(form_data['username']) self.sa.add(new_user) log_create_user(new_user.get_dict(), cur_user) return new_user except Exception: log.error(traceback.format_exc()) raise
def create_ldap(self, username, password, user_dn, attrs, cur_user=None): """ Checks if user is in database, if not creates this user marked as ldap user :param username: :param password: :param user_dn: :param attrs: :param cur_user: """ if not cur_user: cur_user = getattr(get_current_rhodecode_user(), "username", None) from rhodecode.lib.auth import get_crypt_password log.debug("Checking for such ldap account in RhodeCode database") if self.get_by_username(username, case_insensitive=True) is None: # autogenerate email for container account without one generate_email = lambda usr: "******" % usr password = get_crypt_password(password) firstname = attrs["name"] lastname = attrs["lastname"] active = attrs.get("active", True) email = attrs["email"] or generate_email(username) from rhodecode.lib.hooks import log_create_user, check_allowed_create_user user_data = { "username": username, "password": password, "email": email, "firstname": firstname, "lastname": lastname, "active": attrs.get("active", True), "admin": False, } # raises UserCreationError if it's not allowed check_allowed_create_user(user_data, cur_user) try: new_user = User() username = username.lower() # add ldap account always lowercase new_user.username = username new_user.password = password new_user.api_key = generate_api_key(username) new_user.email = email new_user.active = active new_user.ldap_dn = safe_unicode(user_dn) new_user.name = firstname new_user.lastname = lastname self.sa.add(new_user) log_create_user(new_user.get_dict(), cur_user) return new_user except (DatabaseError,): log.error(traceback.format_exc()) self.sa.rollback() raise log.debug("this %s user exists skipping creation of ldap account", username) return None
def test_get_crypt_password_accepts_unicode(password): result = auth.get_crypt_password(password.value) assert result == password.hashed
def create_or_update( self, username, password, email, firstname='', lastname='', active=True, admin=False, extern_type=None, extern_name=None, cur_user=None, plugin=None, force_password_change=False, allow_to_create_user=True, create_repo_group=False, updating_user_id=None, language=None, strict_creation_check=True): """ Creates a new instance if not found, or updates current one :param username: :param password: :param email: :param firstname: :param lastname: :param active: :param admin: :param extern_type: :param extern_name: :param cur_user: :param plugin: optional plugin this method was called from :param force_password_change: toggles new or existing user flag for password change :param allow_to_create_user: Defines if the method can actually create new users :param create_repo_group: Defines if the method should also create an repo group with user name, and owner :param updating_user_id: if we set it up this is the user we want to update this allows to editing username. :param language: language of user from interface. :returns: new User object with injected `is_new_user` attribute. """ if not cur_user: cur_user = getattr(get_current_rhodecode_user(), 'username', None) from rhodecode.lib.auth import ( get_crypt_password, check_password, generate_auth_token) from rhodecode.lib.hooks_base import ( log_create_user, check_allowed_create_user) def _password_change(new_user, password): # empty password if not new_user.password: return False # password check is only needed for RhodeCode internal auth calls # in case it's a plugin we don't care if not plugin: # first check if we gave crypted password back, and if it matches # it's not password change if new_user.password == password: return False password_match = check_password(password, new_user.password) if not password_match: return True return False user_data = { 'username': username, 'password': password, 'email': email, 'firstname': firstname, 'lastname': lastname, 'active': active, 'admin': admin } if updating_user_id: log.debug('Checking for existing account in RhodeCode ' 'database with user_id `%s` ' % (updating_user_id,)) user = User.get(updating_user_id) else: log.debug('Checking for existing account in RhodeCode ' 'database with username `%s` ' % (username,)) user = User.get_by_username(username, case_insensitive=True) if user is None: # we check internal flag if this method is actually allowed to # create new user if not allow_to_create_user: msg = ('Method wants to create new user, but it is not ' 'allowed to do so') log.warning(msg) raise NotAllowedToCreateUserError(msg) log.debug('Creating new user %s', username) # only if we create user that is active new_active_user = active if new_active_user and strict_creation_check: # raises UserCreationError if it's not allowed for any reason to # create new active user, this also executes pre-create hooks check_allowed_create_user(user_data, cur_user, strict_check=True) self.send_event(UserPreCreate(user_data)) new_user = User() edit = False else: log.debug('updating user %s', username) self.send_event(UserPreUpdate(user, user_data)) new_user = user edit = True # we're not allowed to edit default user if user.username == User.DEFAULT_USER: raise DefaultUserException( _("You can't edit this user (`%(username)s`) since it's " "crucial for entire application") % {'username': user.username}) # inject special attribute that will tell us if User is new or old new_user.is_new_user = not edit # for users that didn's specify auth type, we use RhodeCode built in from rhodecode.authentication.plugins import auth_rhodecode extern_name = extern_name or auth_rhodecode.RhodeCodeAuthPlugin.name extern_type = extern_type or auth_rhodecode.RhodeCodeAuthPlugin.name try: new_user.username = username new_user.admin = admin new_user.email = email new_user.active = active new_user.extern_name = safe_unicode(extern_name) new_user.extern_type = safe_unicode(extern_type) new_user.name = firstname new_user.lastname = lastname if not edit: new_user.api_key = generate_auth_token(username) # set password only if creating an user or password is changed if not edit or _password_change(new_user, password): reason = 'new password' if edit else 'new user' log.debug('Updating password reason=>%s', reason) new_user.password = get_crypt_password(password) if password else None if force_password_change: new_user.update_userdata(force_password_change=True) if language: new_user.update_userdata(language=language) self.sa.add(new_user) if not edit and create_repo_group: # create new group same as username, and make this user an owner desc = RepoGroupModel.PERSONAL_GROUP_DESC % {'username': username} RepoGroupModel().create(group_name=username, group_description=desc, owner=username, commit_early=False) if not edit: # add the RSS token AuthTokenModel().create(username, description='Generated feed token', role=AuthTokenModel.cls.ROLE_FEED) log_create_user(created_by=cur_user, **new_user.get_dict()) return new_user except (DatabaseError,): log.error(traceback.format_exc()) raise
def create_or_update( self, username, password, email, firstname="", lastname="", active=True, admin=False, ldap_dn=None, cur_user=None, ): """ Creates a new instance if not found, or updates current one :param username: :param password: :param email: :param active: :param firstname: :param lastname: :param active: :param admin: :param ldap_dn: :param cur_user: """ if not cur_user: cur_user = getattr(get_current_rhodecode_user(), "username", None) from rhodecode.lib.auth import get_crypt_password from rhodecode.lib.hooks import log_create_user, check_allowed_create_user user_data = { "username": username, "password": password, "email": email, "firstname": firstname, "lastname": lastname, "active": active, "admin": admin, } # raises UserCreationError if it's not allowed check_allowed_create_user(user_data, cur_user) log.debug("Checking for %s account in RhodeCode database" % username) user = User.get_by_username(username, case_insensitive=True) if user is None: log.debug("creating new user %s" % username) new_user = User() edit = False else: log.debug("updating user %s" % username) new_user = user edit = True try: new_user.username = username new_user.admin = admin # set password only if creating an user or password is changed if not edit or user.password != password: new_user.password = get_crypt_password(password) if password else None new_user.api_key = generate_api_key(username) new_user.email = email new_user.active = active new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None new_user.name = firstname new_user.lastname = lastname self.sa.add(new_user) if not edit: log_create_user(new_user.get_dict(), cur_user) return new_user except (DatabaseError,): log.error(traceback.format_exc()) raise
def create_or_update(self, username, password, email, firstname='', lastname='', active=True, admin=False, ldap_dn=None, cur_user=None): """ Creates a new instance if not found, or updates current one :param username: :param password: :param email: :param active: :param firstname: :param lastname: :param active: :param admin: :param ldap_dn: :param cur_user: """ if not cur_user: cur_user = getattr(get_current_rhodecode_user(), 'username', None) from rhodecode.lib.auth import get_crypt_password from rhodecode.lib.hooks import log_create_user, check_allowed_create_user user_data = { 'username': username, 'password': password, 'email': email, 'firstname': firstname, 'lastname': lastname, 'active': active, 'admin': admin } # raises UserCreationError if it's not allowed check_allowed_create_user(user_data, cur_user) log.debug('Checking for %s account in RhodeCode database' % username) user = User.get_by_username(username, case_insensitive=True) if user is None: log.debug('creating new user %s' % username) new_user = User() edit = False else: log.debug('updating user %s' % username) new_user = user edit = True try: new_user.username = username new_user.admin = admin # set password only if creating an user or password is changed if not edit or user.password != password: new_user.password = get_crypt_password( password) if password else None new_user.api_key = generate_api_key(username) new_user.email = email new_user.active = active new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None new_user.name = firstname new_user.lastname = lastname self.sa.add(new_user) if not edit: log_create_user(new_user.get_dict(), cur_user) return new_user except (DatabaseError, ): log.error(traceback.format_exc()) raise