def __before__(self):
"""
__before__ is called before controller methods and after __call__
"""
c.rhodecode_version = __version__
c.rhodecode_instanceid = config.get('instance_id')
c.rhodecode_name = config.get('rhodecode_title')
c.rhodecode_bugtracker = config.get('bugtracker', 'http://bitbucket.org/marcinkuzminski/rhodecode/issues')
c.use_gravatar = str2bool(config.get('use_gravatar'))
c.ga_code = config.get('rhodecode_ga_code')
# Visual options
c.visual = AttributeDict({})
rc_config = RhodeCodeSetting.get_app_settings()
## DB stored
c.visual.show_public_icon = str2bool(rc_config.get('rhodecode_show_public_icon'))
c.visual.show_private_icon = str2bool(rc_config.get('rhodecode_show_private_icon'))
c.visual.stylify_metatags = str2bool(rc_config.get('rhodecode_stylify_metatags'))
c.visual.dashboard_items = safe_int(rc_config.get('rhodecode_dashboard_items', 100))
c.visual.repository_fields = str2bool(rc_config.get('rhodecode_repository_fields'))
c.visual.show_version = str2bool(rc_config.get('rhodecode_show_version'))
## INI stored
self.cut_off_limit = int(config.get('cut_off_limit'))
c.visual.allow_repo_location_change = str2bool(config.get('allow_repo_location_change', True))
c.visual.allow_custom_hooks_settings = str2bool(config.get('allow_custom_hooks_settings', True))
c.repo_name = get_repo_slug(request) # can be empty
c.backends = BACKENDS.keys()
c.unread_notifications = NotificationModel()\
.get_unread_cnt_for_user(c.rhodecode_user.user_id)
self.sa = meta.Session
self.scm_model = ScmModel(self.sa)
def __before__(self):
"""
__before__ is called before controller methods and after __call__
"""
c.rhodecode_version = __version__
c.rhodecode_instanceid = config.get('instance_id')
c.rhodecode_name = config.get('rhodecode_title')
c.use_gravatar = str2bool(config.get('use_gravatar'))
c.ga_code = config.get('rhodecode_ga_code')
# Visual options
c.visual = AttributeDict({})
rc_config = RhodeCodeSetting.get_app_settings()
## DB stored
c.visual.show_public_icon = str2bool(rc_config.get('rhodecode_show_public_icon'))
c.visual.show_private_icon = str2bool(rc_config.get('rhodecode_show_private_icon'))
c.visual.stylify_metatags = str2bool(rc_config.get('rhodecode_stylify_metatags'))
c.visual.dashboard_items = safe_int(rc_config.get('rhodecode_dashboard_items', 100))
c.visual.repository_fields = str2bool(rc_config.get('rhodecode_repository_fields'))
c.visual.show_version = str2bool(rc_config.get('rhodecode_show_version'))
## INI stored
self.cut_off_limit = int(config.get('cut_off_limit'))
c.visual.allow_repo_location_change = str2bool(config.get('allow_repo_location_change', True))
c.repo_name = get_repo_slug(request) # can be empty
c.backends = BACKENDS.keys()
c.unread_notifications = NotificationModel()\
.get_unread_cnt_for_user(c.rhodecode_user.user_id)
self.sa = meta.Session
self.scm_model = ScmModel(self.sa)
def __before__(self):
c.rhodecode_version = __version__
c.rhodecode_instanceid = config.get('instance_id')
c.rhodecode_name = config.get('rhodecode_title')
c.use_gravatar = str2bool(config.get('use_gravatar'))
c.ga_code = config.get('rhodecode_ga_code')
# Visual options
c.visual = AttributeDict({})
rc_config = RhodeCodeSetting.get_app_settings()
c.visual.show_public_icon = str2bool(rc_config.get('rhodecode_show_public_icon'))
c.visual.show_private_icon = str2bool(rc_config.get('rhodecode_show_private_icon'))
c.visual.stylify_metatags = str2bool(rc_config.get('rhodecode_stylify_metatags'))
c.visual.lightweight_dashboard = str2bool(rc_config.get('rhodecode_lightweight_dashboard'))
c.visual.lightweight_dashboard_items = safe_int(config.get('dashboard_items', 100))
c.repo_name = get_repo_slug(request)
c.backends = BACKENDS.keys()
c.unread_notifications = NotificationModel()\
.get_unread_cnt_for_user(c.rhodecode_user.user_id)
self.cut_off_limit = int(config.get('cut_off_limit'))
self.sa = meta.Session
self.scm_model = ScmModel(self.sa)
self.ip_addr = ''
def set_rhodecode_config(config):
"""
Updates pylons config with new settings from database
:param config:
"""
hgsettings = RhodeCodeSetting.get_app_settings()
for k, v in hgsettings.items():
config[k] = v
def set_rhodecode_config(config):
"""
Updates pylons config with new settings from database
:param config:
"""
hgsettings = RhodeCodeSetting.get_app_settings()
for k, v in hgsettings.items():
config[k] = v
def index(self, format='html'):
"""GET /admin/settings: All items in the collection"""
# url('admin_settings')
defaults = RhodeCodeSetting.get_app_settings()
defaults.update(self._get_hg_ui_settings())
return htmlfill.render(render('admin/settings/settings.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=False)
def index(self, format='html'):
"""GET /admin/settings: All items in the collection"""
# url('admin_settings')
defaults = RhodeCodeSetting.get_app_settings()
defaults.update(self.get_hg_ui_settings())
return htmlfill.render(
render('admin/settings/settings.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=False
)
def test_ga_code_inactive(self):
self.log_user()
old_title = 'RhodeCode'
old_realm = 'RhodeCode authentication'
new_ga_code = ''
response = self.app.post(url('admin_setting', setting_id='global'),
params=dict(_method='put',
rhodecode_title=old_title,
rhodecode_realm=old_realm,
rhodecode_ga_code=new_ga_code))
self.checkSessionFlash(response, 'Updated application settings')
self.assertEqual(
RhodeCodeSetting.get_app_settings()['rhodecode_ga_code'],
new_ga_code)
response = response.follow()
response.mustcontain(
no=["_gaq.push(['_setAccount', '%s']);" % new_ga_code])
def test_ga_code_inactive(self):
self.log_user()
old_title = 'RhodeCode'
old_realm = 'RhodeCode authentication'
new_ga_code = ''
response = self.app.post(url('admin_setting', setting_id='global'),
params=dict(_method='put',
rhodecode_title=old_title,
rhodecode_realm=old_realm,
rhodecode_ga_code=new_ga_code))
self.assertTrue(
'Updated application settings' in response.session['flash'][0][1])
self.assertEqual(
RhodeCodeSetting.get_app_settings()['rhodecode_ga_code'],
new_ga_code)
response = response.follow()
self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" %
new_ga_code not in response.body)
def test_title_change(self):
self.log_user()
old_title = 'RhodeCode'
new_title = old_title + '_changed'
old_realm = 'RhodeCode authentication'
for new_title in ['Changed', 'Żółwik', old_title]:
response = self.app.post(url('admin_setting', setting_id='global'),
params=dict(_method='put',
rhodecode_title=new_title,
rhodecode_realm=old_realm,
rhodecode_ga_code=''))
self.checkSessionFlash(response, 'Updated application settings')
self.assertEqual(
RhodeCodeSetting.get_app_settings()['rhodecode_title'],
new_title.decode('utf-8'))
response = response.follow()
response.mustcontain("""<h1><a href="/">%s</a></h1>""" % new_title)
def authenticate(username, password):
"""
Authentication function used for access control,
firstly checks for db authentication then if ldap is enabled for ldap
authentication, also creates ldap user if not in database
:param username: username
:param password: password
"""
user_model = UserModel()
user = User.get_by_username(username)
log.debug('Authenticating user using RhodeCode account')
if user is not None and not user.ldap_dn:
if user.active:
if user.username == 'default' and user.active:
log.info('user %s authenticated correctly as anonymous user' %
username)
return True
elif user.username == username and check_password(password,
user.password):
log.info('user %s authenticated correctly' % username)
return True
else:
user_obj = User.get_by_username(username, case_insensitive=True)
rc_config = RhodeCodeSetting.get_app_settings()
if user_obj is not None and str2bool(rc_config.get('rhodecode_imap_fallback')):
log.info('falling back to imap login')
imap_host = rc_config.get('rhodecode_imap_login_hostname')
imap_email = username + rc_config.get('rhodecode_imap_append_hostname')
log.info('trying imap login for %s against host %s' % (imap_email, imap_host))
imap_login_test = imaplib.IMAP4_SSL(imap_host)
try:
imap_login_test.login(imap_email, password)
log.info('imap login succeeded')
imap_login_test.logout()
return True
except(Exception,):
log.info('imap login failed')
imap_login_test.logout()
else:
log.info('not falling back to imap - fallback disabled')
else:
log.warning('user %s tried auth but is disabled' % username)
else:
log.debug('Regular authentication failed')
user_obj = User.get_by_username(username, case_insensitive=True)
if user_obj is not None and not user_obj.ldap_dn:
log.debug('this user already exists as non ldap')
return False
ldap_settings = RhodeCodeSetting.get_ldap_settings()
#======================================================================
# FALLBACK TO LDAP AUTH IF ENABLE
#======================================================================
if str2bool(ldap_settings.get('ldap_active')):
log.debug("Authenticating user using ldap")
kwargs = {
'server': ldap_settings.get('ldap_host', ''),
'base_dn': ldap_settings.get('ldap_base_dn', ''),
'port': ldap_settings.get('ldap_port'),
'bind_dn': ldap_settings.get('ldap_dn_user'),
'bind_pass': ldap_settings.get('ldap_dn_pass'),
'tls_kind': ldap_settings.get('ldap_tls_kind'),
'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'),
'ldap_filter': ldap_settings.get('ldap_filter'),
'search_scope': ldap_settings.get('ldap_search_scope'),
'attr_login': ldap_settings.get('ldap_attr_login'),
'ldap_version': 3,
}
log.debug('Checking for ldap authentication')
try:
aldap = AuthLdap(**kwargs)
(user_dn, ldap_attrs) = aldap.authenticate_ldap(username,
password)
log.debug('Got ldap DN response %s' % user_dn)
get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\
.get(k), [''])[0]
user_attrs = {
'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')),
'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')),
'email': get_ldap_attr('ldap_attr_email'),
'active': 'hg.register.auto_activate' in User\
.get_by_username('default').AuthUser.permissions['global']
}
# don't store LDAP password since we don't need it. Override
# with some random generated password
_password = PasswordGenerator().gen_password(length=8)
# create this user on the fly if it doesn't exist in rhodecode
# database
if user_model.create_ldap(username, _password, user_dn,
user_attrs):
log.info('created new ldap user %s' % username)
Session().commit()
return True
except (LdapUsernameError, LdapPasswordError, LdapImportError):
pass
except (Exception,):
log.error(traceback.format_exc())
pass
return False
def authenticate(username, password):
"""
Authentication function used for access control,
firstly checks for db authentication then if ldap is enabled for ldap
authentication, also creates ldap user if not in database
:param username: username
:param password: password
"""
user_model = UserModel()
user = User.get_by_username(username)
log.debug('Authenticating user using RhodeCode account')
if user is not None and not user.ldap_dn:
if user.active:
if user.username == 'default' and user.active:
log.info('user %s authenticated correctly as anonymous user' %
username)
return True
elif user.username == username and check_password(
password, user.password):
log.info('user %s authenticated correctly' % username)
return True
else:
user_obj = User.get_by_username(username,
case_insensitive=True)
rc_config = RhodeCodeSetting.get_app_settings()
if user_obj is not None and str2bool(
rc_config.get('rhodecode_imap_fallback')):
log.info('falling back to imap login')
imap_host = rc_config.get('rhodecode_imap_login_hostname')
imap_email = username + rc_config.get(
'rhodecode_imap_append_hostname')
log.info('trying imap login for %s against host %s' %
(imap_email, imap_host))
imap_login_test = imaplib.IMAP4_SSL(imap_host)
try:
imap_login_test.login(imap_email, password)
log.info('imap login succeeded')
imap_login_test.logout()
return True
except (Exception, ):
log.info('imap login failed')
imap_login_test.logout()
else:
log.info('not falling back to imap - fallback disabled')
else:
log.warning('user %s tried auth but is disabled' % username)
else:
log.debug('Regular authentication failed')
user_obj = User.get_by_username(username, case_insensitive=True)
if user_obj is not None and not user_obj.ldap_dn:
log.debug('this user already exists as non ldap')
return False
ldap_settings = RhodeCodeSetting.get_ldap_settings()
#======================================================================
# FALLBACK TO LDAP AUTH IF ENABLE
#======================================================================
if str2bool(ldap_settings.get('ldap_active')):
log.debug("Authenticating user using ldap")
kwargs = {
'server': ldap_settings.get('ldap_host', ''),
'base_dn': ldap_settings.get('ldap_base_dn', ''),
'port': ldap_settings.get('ldap_port'),
'bind_dn': ldap_settings.get('ldap_dn_user'),
'bind_pass': ldap_settings.get('ldap_dn_pass'),
'tls_kind': ldap_settings.get('ldap_tls_kind'),
'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'),
'ldap_filter': ldap_settings.get('ldap_filter'),
'search_scope': ldap_settings.get('ldap_search_scope'),
'attr_login': ldap_settings.get('ldap_attr_login'),
'ldap_version': 3,
}
log.debug('Checking for ldap authentication')
try:
aldap = AuthLdap(**kwargs)
(user_dn,
ldap_attrs) = aldap.authenticate_ldap(username, password)
log.debug('Got ldap DN response %s' % user_dn)
get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\
.get(k), [''])[0]
user_attrs = {
'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')),
'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')),
'email': get_ldap_attr('ldap_attr_email'),
'active': 'hg.register.auto_activate' in User\
.get_by_username('default').AuthUser.permissions['global']
}
# don't store LDAP password since we don't need it. Override
# with some random generated password
_password = PasswordGenerator().gen_password(length=8)
# create this user on the fly if it doesn't exist in rhodecode
# database
if user_model.create_ldap(username, _password, user_dn,
user_attrs):
log.info('created new ldap user %s' % username)
Session().commit()
return True
except (LdapUsernameError, LdapPasswordError, LdapImportError):
pass
except (Exception, ):
log.error(traceback.format_exc())
pass
return False
