Mercurial > kallithea
changeset 2479:9225597688f4 beta
Added validation into user email map
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 18 Jun 2012 21:25:49 +0200 |
parents | 8eab81115660 |
children | cb9e73b29a87 |
files | rhodecode/controllers/admin/users.py rhodecode/lib/auth.py rhodecode/model/forms.py rhodecode/model/user.py rhodecode/model/validators.py |
diffstat | 5 files changed, 29 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/controllers/admin/users.py Mon Jun 18 00:41:10 2012 +0200 +++ b/rhodecode/controllers/admin/users.py Mon Jun 18 21:25:49 2012 +0200 @@ -125,12 +125,15 @@ h.flash(_('User updated successfully'), category='success') Session.commit() except formencode.Invalid, errors: + c.user_email_map = UserEmailMap.query()\ + .filter(UserEmailMap.user == c.user).all() + defaults = errors.value e = errors.error_dict or {} perm = Permission.get_by_key('hg.create.repository') - e.update({'create_repo_perm': user_model.has_perm(id, perm)}) + defaults.update({'create_repo_perm': user_model.has_perm(id, perm)}) return htmlfill.render( render('admin/users/user_edit.html'), - defaults=errors.value, + defaults=defaults, errors=e, prefix_error=False, encoding="UTF-8") @@ -231,6 +234,9 @@ user_model.add_extra_email(id, email) Session.commit() h.flash(_("Added email %s to user" % email), category='success') + except formencode.Invalid, error: + msg = error.error_dict['email'] + h.flash(msg, category='error') except Exception: log.error(traceback.format_exc()) h.flash(_('An error occurred during email saving'),
--- a/rhodecode/lib/auth.py Mon Jun 18 00:41:10 2012 +0200 +++ b/rhodecode/lib/auth.py Mon Jun 18 21:25:49 2012 +0200 @@ -38,11 +38,6 @@ from rhodecode import __platform__, PLATFORM_WIN, PLATFORM_OTHERS from rhodecode.model.meta import Session -if __platform__ in PLATFORM_WIN: - from hashlib import sha256 -if __platform__ in PLATFORM_OTHERS: - import bcrypt - from rhodecode.lib.utils2 import str2bool, safe_unicode from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug @@ -98,8 +93,10 @@ :param password: password to hash """ if __platform__ in PLATFORM_WIN: + from hashlib import sha256 return sha256(str_).hexdigest() elif __platform__ in PLATFORM_OTHERS: + import bcrypt return bcrypt.hashpw(str_, bcrypt.gensalt(10)) else: raise Exception('Unknown or unsupported platform %s' \ @@ -116,8 +113,10 @@ """ if __platform__ in PLATFORM_WIN: + from hashlib import sha256 return sha256(password).hexdigest() == hashed elif __platform__ in PLATFORM_OTHERS: + import bcrypt return bcrypt.hashpw(password, hashed) == hashed else: raise Exception('Unknown or unsupported platform %s' \
--- a/rhodecode/model/forms.py Mon Jun 18 00:41:10 2012 +0200 +++ b/rhodecode/model/forms.py Mon Jun 18 21:25:49 2012 +0200 @@ -299,3 +299,10 @@ ldap_attr_email = v.UnicodeString(strip=True,) return _LdapSettingsForm + + +def UserExtraEmailForm(): + class _UserExtraEmailForm(formencode.Schema): + email = All(v.UniqSystemEmail(), v.Email) + + return _UserExtraEmailForm \ No newline at end of file
--- a/rhodecode/model/user.py Mon Jun 18 00:41:10 2012 +0200 +++ b/rhodecode/model/user.py Mon Jun 18 21:25:49 2012 +0200 @@ -29,9 +29,11 @@ from pylons import url from pylons.i18n.translation import _ +from sqlalchemy.exc import DatabaseError +from sqlalchemy.orm import joinedload + from rhodecode.lib.utils2 import safe_unicode, generate_api_key from rhodecode.lib.caching_query import FromCache - from rhodecode.model import BaseModel from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember, \ @@ -40,9 +42,6 @@ from rhodecode.lib.exceptions import DefaultUserException, \ UserOwnsReposException -from sqlalchemy.exc import DatabaseError - -from sqlalchemy.orm import joinedload log = logging.getLogger(__name__) @@ -593,10 +592,14 @@ :param user: :param email: """ + from rhodecode.model import forms + form = forms.UserExtraEmailForm()() + data = form.to_python(dict(email=email)) user = self._get_user(user) + obj = UserEmailMap() obj.user = user - obj.email = email + obj.email = data['email'] self.sa.add(obj) return obj
--- a/rhodecode/model/validators.py Mon Jun 18 00:41:10 2012 +0200 +++ b/rhodecode/model/validators.py Mon Jun 18 21:25:49 2012 +0200 @@ -14,7 +14,6 @@ from rhodecode.lib.utils import repo_name_slug from rhodecode.model.db import RepoGroup, Repository, UsersGroup, User -from rhodecode.lib.auth import authenticate from rhodecode.lib.exceptions import LdapImportError from rhodecode.config.routing import ADMIN_PREFIX # silence warnings and pylint @@ -241,6 +240,8 @@ } def validate_python(self, value, state): + from rhodecode.lib.auth import authenticate + password = value['password'] username = value['username']