# HG changeset patch
# User Søren Løvborg
# Date 1435343765 -7200
# Node ID 4a2a66bf93c5e864bd7b241c451c059ae10e4a9c
# Parent ac5d236a995aed95fb28692b1b863cc746b86647
AuthUser: Drop ip_addr field
None of the AuthUser consumers actually need to get the IP address from
the AuthUser object, so it's just redundant.
Also, AuthUser represents a user session, and should not be used as a
generic user + IP address data structure.
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/controllers/admin/my_account.py
--- a/kallithea/controllers/admin/my_account.py Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/controllers/admin/my_account.py Fri Jun 26 20:36:05 2015 +0200
@@ -98,8 +98,8 @@
# url('my_account')
c.active = 'profile'
self.__load_data()
- c.perm_user = AuthUser(user_id=self.authuser.user_id,
- ip_addr=self.ip_addr)
+ c.perm_user = AuthUser(user_id=self.authuser.user_id)
+ c.ip_addr = self.ip_addr
c.extern_type = c.user.extern_type
c.extern_name = c.user.extern_name
@@ -193,8 +193,8 @@
def my_account_perms(self):
c.active = 'perms'
self.__load_data()
- c.perm_user = AuthUser(user_id=self.authuser.user_id,
- ip_addr=self.ip_addr)
+ c.perm_user = AuthUser(user_id=self.authuser.user_id)
+ c.ip_addr = self.ip_addr
return render('admin/my_account/my_account.html')
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/controllers/admin/users.py
--- a/kallithea/controllers/admin/users.py Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/controllers/admin/users.py Fri Jun 26 20:36:05 2015 +0200
@@ -168,7 +168,8 @@
c.user = user_model.get(id)
c.extern_type = c.user.extern_type
c.extern_name = c.user.extern_name
- c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
+ c.perm_user = AuthUser(user_id=id)
+ c.ip_addr = self.ip_addr
_form = UserForm(edit=True, old_data={'user_id': id,
'email': c.user.email})()
form_result = {}
@@ -248,7 +249,8 @@
c.active = 'profile'
c.extern_type = c.user.extern_type
c.extern_name = c.user.extern_name
- c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
+ c.perm_user = AuthUser(user_id=id)
+ c.ip_addr = self.ip_addr
defaults = c.user.get_dict()
return htmlfill.render(
@@ -260,7 +262,8 @@
def edit_advanced(self, id):
c.user = self._get_user_or_raise_if_default(id)
c.active = 'advanced'
- c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
+ c.perm_user = AuthUser(user_id=id)
+ c.ip_addr = self.ip_addr
umodel = UserModel()
defaults = c.user.get_dict()
@@ -331,7 +334,8 @@
def edit_perms(self, id):
c.user = self._get_user_or_raise_if_default(id)
c.active = 'perms'
- c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
+ c.perm_user = AuthUser(user_id=id)
+ c.ip_addr = self.ip_addr
umodel = UserModel()
defaults = c.user.get_dict()
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/controllers/api/__init__.py
--- a/kallithea/controllers/api/__init__.py Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/controllers/api/__init__.py Fri Jun 26 20:36:05 2015 +0200
@@ -159,8 +159,8 @@
message='Invalid API key')
#check if we are allowed to use this IP
- auth_u = AuthUser(u.user_id, self._req_api_key, ip_addr=ip_addr)
- if not auth_u.ip_allowed:
+ auth_u = AuthUser(u.user_id, self._req_api_key)
+ if not auth_u.is_ip_allowed(ip_addr):
return jsonrpc_error(retid=self._req_id,
message='request from IP:%s not allowed' % (ip_addr,))
else:
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/controllers/login.py
--- a/kallithea/controllers/login.py Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/controllers/login.py Fri Jun 26 20:36:05 2015 +0200
@@ -109,7 +109,7 @@
c.came_from = url('home')
not_default = self.authuser.username != User.DEFAULT_USER
- ip_allowed = self.authuser.ip_allowed
+ ip_allowed = self.authuser.is_ip_allowed(self.ip_addr)
# redirect if already logged in
if self.authuser.is_authenticated and not_default and ip_allowed:
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/lib/auth.py
--- a/kallithea/lib/auth.py Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/lib/auth.py Fri Jun 26 20:36:05 2015 +0200
@@ -468,14 +468,13 @@
anonymous access is enabled and if so, it returns default user as logged in
"""
- def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
+ def __init__(self, user_id=None, api_key=None, username=None):
self.user_id = user_id
self._api_key = api_key
self.api_key = None
self.username = username
- self.ip_addr = ip_addr
self.name = ''
self.lastname = ''
self.email = ''
@@ -596,17 +595,13 @@
return [x[0] for x in self.permissions['user_groups'].iteritems()
if x[1] == 'usergroup.admin']
- @property
- def ip_allowed(self):
+ def is_ip_allowed(self, ip_addr):
"""
- Checks if ip_addr used in constructor is allowed from defined list of
- allowed ip_addresses for user
-
- :returns: boolean, True if ip is in allowed ip range
+ Determine if `ip_addr` is on the list of allowed IP addresses
+ for this user.
"""
- # check IP
inherit = self.inherit_default_permissions
- return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
+ return AuthUser.check_ip_allowed(self.user_id, ip_addr,
inherit_from_default=inherit)
@classmethod
@@ -622,8 +617,8 @@
return False
def __repr__(self):
- return ""\
- % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
+ return ""\
+ % (self.user_id, self.username, self.is_authenticated)
def set_authenticated(self, authenticated=True):
if self.user_id != self.anonymous_user.user_id:
@@ -729,14 +724,14 @@
return decorator(self.__wrapper, func)
def __wrapper(self, func, *fargs, **fkwargs):
- cls = fargs[0]
- user = cls.authuser
- loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
+ controller = fargs[0]
+ user = controller.authuser
+ loc = "%s:%s" % (controller.__class__.__name__, func.__name__)
log.debug('Checking access for user %s @ %s' % (user, loc))
# check if our IP is allowed
- if not user.ip_allowed:
- return redirect_to_login(_('IP %s not allowed' % (user.ip_addr)))
+ if not user.is_ip_allowed(controller.ip_addr):
+ return redirect_to_login(_('IP %s not allowed') % controller.ip_addr)
# check if we used an API key and it's a valid one
api_key = request.GET.get('api_key')
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/lib/base.py
--- a/kallithea/lib/base.py Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/lib/base.py Fri Jun 26 20:36:05 2015 +0200
@@ -342,7 +342,7 @@
self.scm_model = ScmModel(self.sa)
@staticmethod
- def _determine_auth_user(ip_addr, api_key, session_authuser):
+ def _determine_auth_user(api_key, session_authuser):
"""
Create an `AuthUser` object given the IP address of the request, the
API key (if any), and the authuser from the session.
@@ -350,13 +350,13 @@
if api_key:
# when using API_KEY we are sure user exists.
- auth_user = AuthUser(api_key=api_key, ip_addr=ip_addr)
+ auth_user = AuthUser(api_key=api_key)
authenticated = False
else:
cookie_store = CookieStoreWrapper(session_authuser)
user_id = cookie_store.get('user_id')
try:
- auth_user = AuthUser(user_id=user_id, ip_addr=ip_addr)
+ auth_user = AuthUser(user_id=user_id)
except UserCreationError as e:
# container auth or other auth functions that create users on
# the fly can throw UserCreationError to signal issues with
@@ -364,7 +364,7 @@
# exception object.
from kallithea.lib import helpers as h
h.flash(e, 'error')
- auth_user = AuthUser(ip_addr=ip_addr)
+ auth_user = AuthUser()
authenticated = cookie_store.get('is_authenticated')
@@ -386,7 +386,6 @@
#set globals for auth user
self.authuser = c.authuser = request.user = self._determine_auth_user(
- self.ip_addr,
request.GET.get('api_key'),
session.get('authuser'),
)
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/templates/admin/my_account/my_account_profile.html
--- a/kallithea/templates/admin/my_account/my_account_profile.html Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/templates/admin/my_account/my_account_profile.html Fri Jun 26 20:36:05 2015 +0200
@@ -13,7 +13,7 @@
%else:
${_('Avatars are disabled')}
${c.user.email or _('Missing email, please update your user email address.')}
- [${_('Current IP')}: ${c.perm_user.ip_addr or "?"}]
+ [${_('Current IP')}: ${c.ip_addr}]
%endif
diff -r ac5d236a995a -r 4a2a66bf93c5 kallithea/templates/admin/users/user_edit_profile.html
--- a/kallithea/templates/admin/users/user_edit_profile.html Mon Jun 22 14:56:01 2015 +0200
+++ b/kallithea/templates/admin/users/user_edit_profile.html Fri Jun 26 20:36:05 2015 +0200
@@ -12,7 +12,7 @@
${c.user.email or _('Missing email, please update this user email address.')}
##show current ip just if we show ourself
%if c.authuser.username == c.user.username:
- [${_('Current IP')}: ${c.perm_user.ip_addr or "?"}]
+ [${_('Current IP')}: ${c.ip_addr}]
%endif
%endif