Mercurial > kallithea
comparison rhodecode/lib/auth.py @ 2634:4b17216f2110 beta
Deprecated validation of operating system, we just care if it's windows, let approve all other
systems.
- help to supports cases like cygwin etc
- fixed typo in auth decorator
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Fri, 20 Jul 2012 12:05:32 +0200 |
parents | 9225597688f4 |
children | d2d35cf2b351 |
comparison
equal
deleted
inserted
replaced
2633:bc272fd65e57 | 2634:4b17216f2110 |
---|---|
33 | 33 |
34 from pylons import config, url, request | 34 from pylons import config, url, request |
35 from pylons.controllers.util import abort, redirect | 35 from pylons.controllers.util import abort, redirect |
36 from pylons.i18n.translation import _ | 36 from pylons.i18n.translation import _ |
37 | 37 |
38 from rhodecode import __platform__, PLATFORM_WIN, PLATFORM_OTHERS | 38 from rhodecode import __platform__, is_windows, is_unix |
39 from rhodecode.model.meta import Session | 39 from rhodecode.model.meta import Session |
40 | 40 |
41 from rhodecode.lib.utils2 import str2bool, safe_unicode | 41 from rhodecode.lib.utils2 import str2bool, safe_unicode |
42 from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError | 42 from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError |
43 from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug | 43 from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug |
90 Cryptographic function used for password hashing based on pybcrypt | 90 Cryptographic function used for password hashing based on pybcrypt |
91 or pycrypto in windows | 91 or pycrypto in windows |
92 | 92 |
93 :param password: password to hash | 93 :param password: password to hash |
94 """ | 94 """ |
95 if __platform__ in PLATFORM_WIN: | 95 if is_windows: |
96 from hashlib import sha256 | 96 from hashlib import sha256 |
97 return sha256(str_).hexdigest() | 97 return sha256(str_).hexdigest() |
98 elif __platform__ in PLATFORM_OTHERS: | 98 elif is_unix: |
99 import bcrypt | 99 import bcrypt |
100 return bcrypt.hashpw(str_, bcrypt.gensalt(10)) | 100 return bcrypt.hashpw(str_, bcrypt.gensalt(10)) |
101 else: | 101 else: |
102 raise Exception('Unknown or unsupported platform %s' \ | 102 raise Exception('Unknown or unsupported platform %s' \ |
103 % __platform__) | 103 % __platform__) |
110 | 110 |
111 :param password: password | 111 :param password: password |
112 :param hashed: password in hashed form | 112 :param hashed: password in hashed form |
113 """ | 113 """ |
114 | 114 |
115 if __platform__ in PLATFORM_WIN: | 115 if is_windows: |
116 from hashlib import sha256 | 116 from hashlib import sha256 |
117 return sha256(password).hexdigest() == hashed | 117 return sha256(password).hexdigest() == hashed |
118 elif __platform__ in PLATFORM_OTHERS: | 118 elif is_unix: |
119 import bcrypt | 119 import bcrypt |
120 return bcrypt.hashpw(password, hashed) == hashed | 120 return bcrypt.hashpw(password, hashed) == hashed |
121 else: | 121 else: |
122 raise Exception('Unknown or unsupported platform %s' \ | 122 raise Exception('Unknown or unsupported platform %s' \ |
123 % __platform__) | 123 % __platform__) |
233 # database | 233 # database |
234 if user_model.create_ldap(username, _password, user_dn, | 234 if user_model.create_ldap(username, _password, user_dn, |
235 user_attrs): | 235 user_attrs): |
236 log.info('created new ldap user %s' % username) | 236 log.info('created new ldap user %s' % username) |
237 | 237 |
238 Session.commit() | 238 Session().commit() |
239 return True | 239 return True |
240 except (LdapUsernameError, LdapPasswordError,): | 240 except (LdapUsernameError, LdapPasswordError,): |
241 pass | 241 pass |
242 except (Exception,): | 242 except (Exception,): |
243 log.error(traceback.format_exc()) | 243 log.error(traceback.format_exc()) |
260 | 260 |
261 if not user.active: | 261 if not user.active: |
262 return None | 262 return None |
263 | 263 |
264 user.update_lastlogin() | 264 user.update_lastlogin() |
265 Session.commit() | 265 Session().commit() |
266 | 266 |
267 log.debug('User %s is now logged in by container authentication', | 267 log.debug('User %s is now logged in by container authentication', |
268 user.username) | 268 user.username) |
269 return user | 269 return user |
270 | 270 |
766 | 766 |
767 | 767 |
768 class HasReposGroupPermissionAll(PermsFunction): | 768 class HasReposGroupPermissionAll(PermsFunction): |
769 def __call__(self, group_name=None, check_Location=''): | 769 def __call__(self, group_name=None, check_Location=''): |
770 self.group_name = group_name | 770 self.group_name = group_name |
771 return super(HasReposGroupPermissionAny, self).__call__(check_Location) | 771 return super(HasReposGroupPermissionAll, self).__call__(check_Location) |
772 | 772 |
773 def check_permissions(self): | 773 def check_permissions(self): |
774 try: | 774 try: |
775 self._user_perms = set( | 775 self._user_perms = set( |
776 [self.user_perms['repositories_groups'][self.group_name]] | 776 [self.user_perms['repositories_groups'][self.group_name]] |