Mercurial > kallithea
comparison rhodecode/lib/middleware/simplegit.py @ 655:aefc371a2531 beta
propagate changes for #48 into simplegit.
Removed obsolete print
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Fri, 05 Nov 2010 18:38:25 +0100 |
parents | 9dc1d92d82ed |
children | 070f32743632 |
comparison
equal
deleted
inserted
replaced
654:7f5976da192c | 655:aefc371a2531 |
---|---|
61 from dulwich.repo import Repo | 61 from dulwich.repo import Repo |
62 from dulwich.web import HTTPGitApplication | 62 from dulwich.web import HTTPGitApplication |
63 from paste.auth.basic import AuthBasicAuthenticator | 63 from paste.auth.basic import AuthBasicAuthenticator |
64 from paste.httpheaders import REMOTE_USER, AUTH_TYPE | 64 from paste.httpheaders import REMOTE_USER, AUTH_TYPE |
65 from rhodecode.lib.auth import authfunc, HasPermissionAnyMiddleware | 65 from rhodecode.lib.auth import authfunc, HasPermissionAnyMiddleware |
66 from rhodecode.lib.utils import action_logger, is_git, invalidate_cache, \ | 66 from rhodecode.lib.utils import is_git, invalidate_cache, check_repo_fast |
67 check_repo_fast | |
68 from rhodecode.model.user import UserModel | 67 from rhodecode.model.user import UserModel |
69 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError | 68 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError |
70 import logging | 69 import logging |
71 import os | 70 import os |
72 import traceback | 71 import traceback |
73 | 72 |
74 | |
75 log = logging.getLogger(__name__) | 73 log = logging.getLogger(__name__) |
76 | 74 |
77 class SimpleGit(object): | 75 class SimpleGit(object): |
78 | 76 |
79 def __init__(self, application, config): | 77 def __init__(self, application, config): |
80 self.application = application | 78 self.application = application |
81 self.config = config | 79 self.config = config |
82 #authenticate this git request using | 80 #authenticate this git request using |
83 self.authenticate = AuthBasicAuthenticator('', authfunc) | 81 self.authenticate = AuthBasicAuthenticator('', authfunc) |
84 | 82 self.ipaddr = '0.0.0.0' |
83 self.repository = None | |
84 self.username = None | |
85 self.action = None | |
86 | |
85 def __call__(self, environ, start_response): | 87 def __call__(self, environ, start_response): |
86 if not is_git(environ): | 88 if not is_git(environ): |
87 return self.application(environ, start_response) | 89 return self.application(environ, start_response) |
88 | 90 |
91 proxy_key = 'HTTP_X_REAL_IP' | |
92 def_key = 'REMOTE_ADDR' | |
93 self.ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0')) | |
94 | |
89 #=================================================================== | 95 #=================================================================== |
90 # AUTHENTICATE THIS GIT REQUEST | 96 # AUTHENTICATE THIS GIT REQUEST |
91 #=================================================================== | 97 #=================================================================== |
92 username = REMOTE_USER(environ) | 98 username = REMOTE_USER(environ) |
93 if not username: | 99 if not username: |
96 if isinstance(result, str): | 102 if isinstance(result, str): |
97 AUTH_TYPE.update(environ, 'basic') | 103 AUTH_TYPE.update(environ, 'basic') |
98 REMOTE_USER.update(environ, result) | 104 REMOTE_USER.update(environ, result) |
99 else: | 105 else: |
100 return result.wsgi_application(environ, start_response) | 106 return result.wsgi_application(environ, start_response) |
101 | 107 |
108 #======================================================================= | |
109 # GET REPOSITORY | |
110 #======================================================================= | |
102 try: | 111 try: |
103 self.repo_name = environ['PATH_INFO'].split('/')[1] | 112 repo_name = '/'.join(environ['PATH_INFO'].split('/')[1:]) |
104 if self.repo_name.endswith('/'): | 113 if repo_name.endswith('/'): |
105 self.repo_name = self.repo_name.rstrip('/') | 114 repo_name = repo_name.rstrip('/') |
115 self.repository = repo_name | |
106 except: | 116 except: |
107 log.error(traceback.format_exc()) | 117 log.error(traceback.format_exc()) |
108 return HTTPInternalServerError()(environ, start_response) | 118 return HTTPInternalServerError()(environ, start_response) |
109 | 119 |
110 #=================================================================== | 120 #=================================================================== |
111 # CHECK PERMISSIONS FOR THIS REQUEST | 121 # CHECK PERMISSIONS FOR THIS REQUEST |
112 #=================================================================== | 122 #=================================================================== |
113 action = self.__get_action(environ) | 123 self.action = self.__get_action(environ) |
114 if action: | 124 if self.action: |
115 username = self.__get_environ_user(environ) | 125 username = self.__get_environ_user(environ) |
116 try: | 126 try: |
117 user = self.__get_user(username) | 127 user = self.__get_user(username) |
128 self.username = user.username | |
118 except: | 129 except: |
119 log.error(traceback.format_exc()) | 130 log.error(traceback.format_exc()) |
120 return HTTPInternalServerError()(environ, start_response) | 131 return HTTPInternalServerError()(environ, start_response) |
121 | 132 |
122 #check permissions for this repository | 133 #check permissions for this repository |
123 if action == 'push': | 134 if self.action == 'push': |
124 if not HasPermissionAnyMiddleware('repository.write', | 135 if not HasPermissionAnyMiddleware('repository.write', |
125 'repository.admin')\ | 136 'repository.admin')\ |
126 (user, self.repo_name): | 137 (user, repo_name): |
127 return HTTPForbidden()(environ, start_response) | 138 return HTTPForbidden()(environ, start_response) |
128 | 139 |
129 else: | 140 else: |
130 #any other action need at least read permission | 141 #any other action need at least read permission |
131 if not HasPermissionAnyMiddleware('repository.read', | 142 if not HasPermissionAnyMiddleware('repository.read', |
132 'repository.write', | 143 'repository.write', |
133 'repository.admin')\ | 144 'repository.admin')\ |
134 (user, self.repo_name): | 145 (user, repo_name): |
135 return HTTPForbidden()(environ, start_response) | 146 return HTTPForbidden()(environ, start_response) |
136 | 147 |
137 #log action | 148 self.extras = {'ip':self.ipaddr, |
138 if action in ('push', 'pull', 'clone'): | 149 'username':self.username, |
139 proxy_key = 'HTTP_X_REAL_IP' | 150 'action':self.action, |
140 def_key = 'REMOTE_ADDR' | 151 'repository':self.repository} |
141 ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0')) | |
142 self.__log_user_action(user, action, self.repo_name, ipaddr) | |
143 | 152 |
144 #=================================================================== | 153 #=================================================================== |
145 # GIT REQUEST HANDLING | 154 # GIT REQUEST HANDLING |
146 #=================================================================== | 155 #=================================================================== |
147 self.basepath = self.config['base_path'] | 156 self.basepath = self.config['base_path'] |
154 except: | 163 except: |
155 log.error(traceback.format_exc()) | 164 log.error(traceback.format_exc()) |
156 return HTTPInternalServerError()(environ, start_response) | 165 return HTTPInternalServerError()(environ, start_response) |
157 | 166 |
158 #invalidate cache on push | 167 #invalidate cache on push |
159 if action == 'push': | 168 if self.action == 'push': |
160 self.__invalidate_cache(self.repo_name) | 169 self.__invalidate_cache(self.repo_name) |
161 messages = [] | 170 messages = [] |
162 messages.append('thank you for using rhodecode') | 171 messages.append('thank you for using rhodecode') |
163 return app(environ, start_response) | 172 return app(environ, start_response) |
164 else: | 173 else: |
191 | 200 |
192 return mapping.get(service_cmd, service_cmd if service_cmd else 'other') | 201 return mapping.get(service_cmd, service_cmd if service_cmd else 'other') |
193 else: | 202 else: |
194 return 'other' | 203 return 'other' |
195 | 204 |
196 def __log_user_action(self, user, action, repo, ipaddr): | |
197 action_logger(user, action, repo, ipaddr) | |
198 | |
199 def __invalidate_cache(self, repo_name): | 205 def __invalidate_cache(self, repo_name): |
200 """we know that some change was made to repositories and we should | 206 """we know that some change was made to repositories and we should |
201 invalidate the cache to see the changes right away but only for | 207 invalidate the cache to see the changes right away but only for |
202 push requests""" | 208 push requests""" |
203 invalidate_cache('cached_repo_list') | 209 invalidate_cache('cached_repo_list') |