Mercurial > kallithea
changeset 1120:a8d759613d8f beta
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
and repositories feeds
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Wed, 09 Mar 2011 19:47:52 +0100 |
| parents | 143b37b7b4aa |
| children | f3f847712f87 |
| files | rhodecode/controllers/feed.py rhodecode/controllers/journal.py rhodecode/lib/auth.py rhodecode/model/user.py |
| diffstat | 4 files changed, 18 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/controllers/feed.py Wed Mar 09 19:29:12 2011 +0100 +++ b/rhodecode/controllers/feed.py Wed Mar 09 19:47:52 2011 +0100 @@ -39,7 +39,7 @@ class FeedController(BaseRepoController): - @LoginRequired() + @LoginRequired(api_access=True) @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', 'repository.admin') def __before__(self):
--- a/rhodecode/controllers/journal.py Wed Mar 09 19:29:12 2011 +0100 +++ b/rhodecode/controllers/journal.py Wed Mar 09 19:47:52 2011 +0100 @@ -46,7 +46,7 @@ class JournalController(BaseController): - @LoginRequired() + def __before__(self): super(JournalController, self).__before__() c.rhodecode_user = self.rhodecode_user @@ -55,6 +55,7 @@ self.ttl = "5" self.feed_nr = 20 + @LoginRequired() @NotAnonymous() def index(self): # Return a rendered template @@ -117,6 +118,7 @@ return journal + @LoginRequired() @NotAnonymous() def toggle_following(self): cur_token = request.POST.get('auth_token') @@ -147,7 +149,7 @@ - + @LoginRequired() def public_journal(self): # Return a rendered template p = int(request.params.get('page', 1)) @@ -169,7 +171,7 @@ return render('journal/public_journal.html') - + @LoginRequired(api_access=True) def public_journal_atom(self): """ Produce an atom-1.0 feed via feedgenerator module @@ -203,6 +205,7 @@ response.content_type = feed.mime_type return feed.writeString('utf-8') + @LoginRequired(api_access=True) def public_journal_rss(self): """ Produce an rss2 feed via feedgenerator module
--- a/rhodecode/lib/auth.py Wed Mar 09 19:29:12 2011 +0100 +++ b/rhodecode/lib/auth.py Wed Mar 09 19:47:52 2011 +0100 @@ -230,7 +230,7 @@ def __init__(self, user_id=None, api_key=None): self.user_id = user_id - self.api_key = api_key + self.api_key = None self.username = 'None' self.name = '' @@ -239,19 +239,19 @@ self.is_authenticated = False self.admin = False self.permissions = {} + self._api_key = api_key self.propagate_data() def propagate_data(self): user_model = UserModel() - if self.api_key: + self.anonymous_user = user_model.get_by_username('default', cache=True) + if self._api_key: #try go get user by api key - log.debug('Auth User lookup by API KEY %s', self.api_key) - user_model.fill_data(self, api_key=self.api_key) + log.debug('Auth User lookup by API KEY %s', self._api_key) + user_model.fill_data(self, api_key=self._api_key) else: log.debug('Auth User lookup by USER ID %s', self.user_id) - self.anonymous_user = user_model.get_by_username('default', cache=True) - if self.user_id is not None and self.user_id != self.anonymous_user.user_id: user_model.fill_data(self, user_id=self.user_id) else:
--- a/rhodecode/model/user.py Wed Mar 09 19:29:12 2011 +0100 +++ b/rhodecode/model/user.py Wed Mar 09 19:47:52 2011 +0100 @@ -230,7 +230,7 @@ :param user_id: user id to fetch by :param api_key: api key to fetch by """ - if not user_id and not not api_key: + if user_id is None and api_key is None: raise Exception('You need to pass user_id or api_key') try: @@ -239,9 +239,10 @@ else: dbuser = self.get(user_id) - log.debug('filling %s data', dbuser) - for k, v in dbuser.get_dict().items(): - setattr(auth_user, k, v) + if dbuser is not None: + log.debug('filling %s data', dbuser) + for k, v in dbuser.get_dict().items(): + setattr(auth_user, k, v) except: log.error(traceback.format_exc())