Mercurial > kallithea
comparison rhodecode/lib/auth.py @ 629:7e536d1af60d beta
Code refactoring,models renames
cleaned up sqlalchemy sessions,
added cache support to most queries in models
fixed test.ini file
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 21 Oct 2010 01:38:14 +0200 |
parents | 79457e03ef68 |
children | dd532af216d9 |
comparison
equal
deleted
inserted
replaced
628:dd06bdf974c8 | 629:7e536d1af60d |
---|---|
20 """ | 20 """ |
21 Created on April 4, 2010 | 21 Created on April 4, 2010 |
22 | 22 |
23 @author: marcink | 23 @author: marcink |
24 """ | 24 """ |
25 from beaker.cache import cache_region | |
26 from pylons import config, session, url, request | 25 from pylons import config, session, url, request |
27 from pylons.controllers.util import abort, redirect | 26 from pylons.controllers.util import abort, redirect |
28 from rhodecode.lib.utils import get_repo_slug | 27 from rhodecode.lib.utils import get_repo_slug |
29 from rhodecode.model import meta | 28 from rhodecode.model import meta |
30 from rhodecode.model.caching_query import FromCache | 29 from rhodecode.model.caching_query import FromCache |
31 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \ | 30 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \ |
32 UserToPerm | 31 UserToPerm |
33 from sqlalchemy.exc import OperationalError | |
34 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound | |
35 import bcrypt | 32 import bcrypt |
36 from decorator import decorator | 33 from decorator import decorator |
37 import logging | 34 import logging |
38 import random | 35 import random |
39 | 36 |
72 return bcrypt.hashpw(password, bcrypt.gensalt(10)) | 69 return bcrypt.hashpw(password, bcrypt.gensalt(10)) |
73 | 70 |
74 def check_password(password, hashed): | 71 def check_password(password, hashed): |
75 return bcrypt.hashpw(password, hashed) == hashed | 72 return bcrypt.hashpw(password, hashed) == hashed |
76 | 73 |
77 @cache_region('super_short_term', 'cached_user') | |
78 def get_user_cached(username): | |
79 sa = meta.Session | |
80 try: | |
81 user = sa.query(User).filter(User.username == username).one() | |
82 finally: | |
83 meta.Session.remove() | |
84 return user | |
85 | |
86 def authfunc(environ, username, password): | 74 def authfunc(environ, username, password): |
87 try: | 75 from rhodecode.model.user import UserModel |
88 user = get_user_cached(username) | 76 user = UserModel().get_by_username(username, cache=False) |
89 except (NoResultFound, MultipleResultsFound, OperationalError), e: | 77 |
90 log.error(e) | |
91 user = None | |
92 | |
93 if user: | 78 if user: |
94 if user.active: | 79 if user.active: |
95 if user.username == username and check_password(password, user.password): | 80 if user.username == username and check_password(password, user.password): |
96 log.info('user %s authenticated correctly', username) | 81 log.info('user %s authenticated correctly', username) |
97 return True | 82 return True |
123 ie. to decorate new views with the newly created permission | 108 ie. to decorate new views with the newly created permission |
124 :param config: | 109 :param config: |
125 """ | 110 """ |
126 log.info('getting information about all available permissions') | 111 log.info('getting information about all available permissions') |
127 try: | 112 try: |
128 sa = meta.Session | 113 sa = meta.Session() |
129 all_perms = sa.query(Permission).all() | 114 all_perms = sa.query(Permission).all() |
115 except: | |
116 pass | |
130 finally: | 117 finally: |
131 meta.Session.remove() | 118 meta.Session.remove() |
132 | 119 |
133 config['available_permissions'] = [x.permission_name for x in all_perms] | 120 config['available_permissions'] = [x.permission_name for x in all_perms] |
134 | 121 |
139 """ | 126 """ |
140 Fills user data with those from database and log out user if not present | 127 Fills user data with those from database and log out user if not present |
141 in database | 128 in database |
142 :param user: | 129 :param user: |
143 """ | 130 """ |
144 sa = meta.Session | 131 sa = meta.Session() |
145 dbuser = sa.query(User).options(FromCache('sql_cache_short', | 132 try: |
146 'getuser_%s' % user.user_id))\ | 133 dbuser = sa.query(User)\ |
134 .options(FromCache('sql_cache_short', 'getuser_%s' % user.user_id))\ | |
147 .get(user.user_id) | 135 .get(user.user_id) |
136 except: | |
137 pass | |
138 finally: | |
139 meta.Session.remove() | |
140 | |
148 if dbuser: | 141 if dbuser: |
149 user.username = dbuser.username | 142 user.username = dbuser.username |
150 user.is_admin = dbuser.admin | 143 user.is_admin = dbuser.admin |
151 user.name = dbuser.name | 144 user.name = dbuser.name |
152 user.lastname = dbuser.lastname | 145 user.lastname = dbuser.lastname |
153 user.email = dbuser.email | 146 user.email = dbuser.email |
154 else: | 147 else: |
155 user.is_authenticated = False | 148 user.is_authenticated = False |
156 meta.Session.remove() | 149 |
150 | |
157 return user | 151 return user |
158 | 152 |
159 def fill_perms(user): | 153 def fill_perms(user): |
160 """ | 154 """ |
161 Fills user permission attribute with permissions taken from database | 155 Fills user permission attribute with permissions taken from database |
162 :param user: | 156 :param user: |
163 """ | 157 """ |
164 | 158 |
165 sa = meta.Session | 159 sa = meta.Session() |
166 user.permissions['repositories'] = {} | 160 user.permissions['repositories'] = {} |
167 user.permissions['global'] = set() | 161 user.permissions['global'] = set() |
168 | 162 |
169 #=========================================================================== | 163 #=========================================================================== |
170 # fetch default permissions | 164 # fetch default permissions |
171 #=========================================================================== | 165 #=========================================================================== |
172 default_user = sa.query(User)\ | 166 default_user = sa.query(User)\ |
173 .options(FromCache('sql_cache_short','getuser_%s' % 'default'))\ | 167 .options(FromCache('sql_cache_short', 'getuser_%s' % 'default'))\ |
174 .filter(User.username == 'default').scalar() | 168 .filter(User.username == 'default').scalar() |
175 | 169 |
176 default_perms = sa.query(RepoToPerm, Repository, Permission)\ | 170 default_perms = sa.query(RepoToPerm, Repository, Permission)\ |
177 .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\ | 171 .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\ |
178 .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\ | 172 .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\ |