Mercurial > kallithea

comparison rhodecode/lib/auth.py @ 1950:4ae17f819ee8 beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
#344 optional firstname lastname on user creation - on display fallback to username if both empty
author Marcin Kuzminski <marcin@python-works.com>
date Fri, 27 Jan 2012 04:46:00 +0200
parents 89efedac4e6c
children a76e9bacbedc
comparison
equal deleted inserted replaced
1949:0471cbe8b4a7 1950:4ae17f819ee8
126 return RhodeCodeCrypto.hash_string(password) 126 return RhodeCodeCrypto.hash_string(password)
127 127
128 128
129 def check_password(password, hashed): 129 def check_password(password, hashed):
130 return RhodeCodeCrypto.hash_check(password, hashed) 130 return RhodeCodeCrypto.hash_check(password, hashed)
131
131 132
132 def generate_api_key(str_, salt=None): 133 def generate_api_key(str_, salt=None):
133 """ 134 """
134 Generates API KEY from given string 135 Generates API KEY from given string
135 136
235 except (Exception,): 236 except (Exception,):
236 log.error(traceback.format_exc()) 237 log.error(traceback.format_exc())
237 pass 238 pass
238 return False 239 return False
239 240
241
240 def login_container_auth(username): 242 def login_container_auth(username):
241 user = User.get_by_username(username) 243 user = User.get_by_username(username)
242 if user is None: 244 if user is None:
243 user_attrs = { 245 user_attrs = {
244 'name': username, 246 'name': username,
258 260
259 log.debug('User %s is now logged in by container authentication', 261 log.debug('User %s is now logged in by container authentication',
260 user.username) 262 user.username)
261 return user 263 return user
262 264
265
263 def get_container_username(environ, config): 266 def get_container_username(environ, config):
264 username = None 267 username = None
265 268
266 if str2bool(config.get('container_auth_enabled', False)): 269 if str2bool(config.get('container_auth_enabled', False)):
267 from paste.httpheaders import REMOTE_USER 270 from paste.httpheaders import REMOTE_USER
275 username = username.partition('@')[0] 278 username = username.partition('@')[0]
276 username = username.rpartition('\\')[2] 279 username = username.rpartition('\\')[2]
277 log.debug('Received username %s from container', username) 280 log.debug('Received username %s from container', username)
278 281
279 return username 282 return username
283
280 284
281 class AuthUser(object): 285 class AuthUser(object):
282 """ 286 """
283 A simple object that handles all attributes of user in RhodeCode 287 A simple object that handles all attributes of user in RhodeCode
284 288
300 self.is_authenticated = False 304 self.is_authenticated = False
301 self.admin = False 305 self.admin = False
302 self.permissions = {} 306 self.permissions = {}
303 self._api_key = api_key 307 self._api_key = api_key
304 self.propagate_data() 308 self.propagate_data()
309 self._instance = None
305 310
306 def propagate_data(self): 311 def propagate_data(self):
307 user_model = UserModel() 312 user_model = UserModel()
308 self.anonymous_user = User.get_by_username('default', cache=True) 313 self.anonymous_user = User.get_by_username('default', cache=True)
309 is_user_loaded = False 314 is_user_loaded = False
348 353
349 @property 354 @property
350 def is_admin(self): 355 def is_admin(self):
351 return self.admin 356 return self.admin
352 357
353 @property
354 def full_contact(self):
355 return '%s %s <%s>' % (self.name, self.lastname, self.email)
356
357 def __repr__(self): 358 def __repr__(self):
358 return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username, 359 return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username,
359 self.is_authenticated) 360 self.is_authenticated)
360 361
361 def set_authenticated(self, authenticated=True): 362 def set_authenticated(self, authenticated=True):
362 if self.user_id != self.anonymous_user.user_id: 363 if self.user_id != self.anonymous_user.user_id:
363 self.is_authenticated = authenticated 364 self.is_authenticated = authenticated
364 365
365 def get_cookie_store(self): 366 def get_cookie_store(self):
366 return {'username':self.username, 367 return {'username': self.username,
367 'user_id': self.user_id, 368 'user_id': self.user_id,
368 'is_authenticated':self.is_authenticated} 369 'is_authenticated': self.is_authenticated}
369 370
370 @classmethod 371 @classmethod
371 def from_cookie_store(cls, cookie_store): 372 def from_cookie_store(cls, cookie_store):
372 user_id = cookie_store.get('user_id') 373 user_id = cookie_store.get('user_id')
373 username = cookie_store.get('username') 374 username = cookie_store.get('username')
374 api_key = cookie_store.get('api_key') 375 api_key = cookie_store.get('api_key')
375 return AuthUser(user_id, api_key, username) 376 return AuthUser(user_id, api_key, username)
376 377
378
377 def set_available_permissions(config): 379 def set_available_permissions(config):
378 """ 380 """
379 This function will propagate pylons globals with all available defined 381 This function will propagate pylons globals with all available defined
380 permission given in db. We don't want to check each time from db for new 382 permission given in db. We don't want to check each time from db for new
381 permissions since adding a new permission also requires application restart 383 permissions since adding a new permission also requires application restart
386 """ 388 """
387 log.info('getting information about all available permissions') 389 log.info('getting information about all available permissions')
388 try: 390 try:
389 sa = meta.Session 391 sa = meta.Session
390 all_perms = sa.query(Permission).all() 392 all_perms = sa.query(Permission).all()
391 except: 393 except Exception:
392 pass 394 pass
393 finally: 395 finally:
394 meta.Session.remove() 396 meta.Session.remove()
395 397
396 config['available_permissions'] = [x.permission_name for x in all_perms] 398 config['available_permissions'] = [x.permission_name for x in all_perms]