Mercurial > kallithea
comparison rhodecode/lib/auth.py @ 2634:4b17216f2110 beta
Deprecated validation of operating system, we just care if it's windows, let approve all other
systems.
- help to supports cases like cygwin etc
- fixed typo in auth decorator
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Fri, 20 Jul 2012 12:05:32 +0200 |
| parents | 9225597688f4 |
| children | d2d35cf2b351 |
comparison
equal
deleted
inserted
replaced
| 2633:bc272fd65e57 | 2634:4b17216f2110 |
|---|---|
| 33 | 33 |
| 34 from pylons import config, url, request | 34 from pylons import config, url, request |
| 35 from pylons.controllers.util import abort, redirect | 35 from pylons.controllers.util import abort, redirect |
| 36 from pylons.i18n.translation import _ | 36 from pylons.i18n.translation import _ |
| 37 | 37 |
| 38 from rhodecode import __platform__, PLATFORM_WIN, PLATFORM_OTHERS | 38 from rhodecode import __platform__, is_windows, is_unix |
| 39 from rhodecode.model.meta import Session | 39 from rhodecode.model.meta import Session |
| 40 | 40 |
| 41 from rhodecode.lib.utils2 import str2bool, safe_unicode | 41 from rhodecode.lib.utils2 import str2bool, safe_unicode |
| 42 from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError | 42 from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError |
| 43 from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug | 43 from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug |
| 90 Cryptographic function used for password hashing based on pybcrypt | 90 Cryptographic function used for password hashing based on pybcrypt |
| 91 or pycrypto in windows | 91 or pycrypto in windows |
| 92 | 92 |
| 93 :param password: password to hash | 93 :param password: password to hash |
| 94 """ | 94 """ |
| 95 if __platform__ in PLATFORM_WIN: | 95 if is_windows: |
| 96 from hashlib import sha256 | 96 from hashlib import sha256 |
| 97 return sha256(str_).hexdigest() | 97 return sha256(str_).hexdigest() |
| 98 elif __platform__ in PLATFORM_OTHERS: | 98 elif is_unix: |
| 99 import bcrypt | 99 import bcrypt |
| 100 return bcrypt.hashpw(str_, bcrypt.gensalt(10)) | 100 return bcrypt.hashpw(str_, bcrypt.gensalt(10)) |
| 101 else: | 101 else: |
| 102 raise Exception('Unknown or unsupported platform %s' \ | 102 raise Exception('Unknown or unsupported platform %s' \ |
| 103 % __platform__) | 103 % __platform__) |
| 110 | 110 |
| 111 :param password: password | 111 :param password: password |
| 112 :param hashed: password in hashed form | 112 :param hashed: password in hashed form |
| 113 """ | 113 """ |
| 114 | 114 |
| 115 if __platform__ in PLATFORM_WIN: | 115 if is_windows: |
| 116 from hashlib import sha256 | 116 from hashlib import sha256 |
| 117 return sha256(password).hexdigest() == hashed | 117 return sha256(password).hexdigest() == hashed |
| 118 elif __platform__ in PLATFORM_OTHERS: | 118 elif is_unix: |
| 119 import bcrypt | 119 import bcrypt |
| 120 return bcrypt.hashpw(password, hashed) == hashed | 120 return bcrypt.hashpw(password, hashed) == hashed |
| 121 else: | 121 else: |
| 122 raise Exception('Unknown or unsupported platform %s' \ | 122 raise Exception('Unknown or unsupported platform %s' \ |
| 123 % __platform__) | 123 % __platform__) |
| 233 # database | 233 # database |
| 234 if user_model.create_ldap(username, _password, user_dn, | 234 if user_model.create_ldap(username, _password, user_dn, |
| 235 user_attrs): | 235 user_attrs): |
| 236 log.info('created new ldap user %s' % username) | 236 log.info('created new ldap user %s' % username) |
| 237 | 237 |
| 238 Session.commit() | 238 Session().commit() |
| 239 return True | 239 return True |
| 240 except (LdapUsernameError, LdapPasswordError,): | 240 except (LdapUsernameError, LdapPasswordError,): |
| 241 pass | 241 pass |
| 242 except (Exception,): | 242 except (Exception,): |
| 243 log.error(traceback.format_exc()) | 243 log.error(traceback.format_exc()) |
| 260 | 260 |
| 261 if not user.active: | 261 if not user.active: |
| 262 return None | 262 return None |
| 263 | 263 |
| 264 user.update_lastlogin() | 264 user.update_lastlogin() |
| 265 Session.commit() | 265 Session().commit() |
| 266 | 266 |
| 267 log.debug('User %s is now logged in by container authentication', | 267 log.debug('User %s is now logged in by container authentication', |
| 268 user.username) | 268 user.username) |
| 269 return user | 269 return user |
| 270 | 270 |
| 766 | 766 |
| 767 | 767 |
| 768 class HasReposGroupPermissionAll(PermsFunction): | 768 class HasReposGroupPermissionAll(PermsFunction): |
| 769 def __call__(self, group_name=None, check_Location=''): | 769 def __call__(self, group_name=None, check_Location=''): |
| 770 self.group_name = group_name | 770 self.group_name = group_name |
| 771 return super(HasReposGroupPermissionAny, self).__call__(check_Location) | 771 return super(HasReposGroupPermissionAll, self).__call__(check_Location) |
| 772 | 772 |
| 773 def check_permissions(self): | 773 def check_permissions(self): |
| 774 try: | 774 try: |
| 775 self._user_perms = set( | 775 self._user_perms = set( |
| 776 [self.user_perms['repositories_groups'][self.group_name]] | 776 [self.user_perms['repositories_groups'][self.group_name]] |