Diff of /Allura/allura/controllers/auth.py [f44b06] .. [349351]

  Switch to unified view

a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
1 
import logging, string, os
1 
import logging, string, os
2 
from urllib import urlencode
2 
from urllib import urlencode
3 
from pprint import pformat
3 
from pprint import pformat
4 

  4
  





  
  

  5
  
import bson






  5
  
from tg import expose, session, flash, redirect, validate, config


  6
  
from tg import expose, session, flash, redirect, validate, config






  6
  
from tg.decorators import with_trailing_slash, without_trailing_slash


  7
  
from tg.decorators import with_trailing_slash, without_trailing_slash






  7
  
from pylons import c, g, request, response


  8
  
from pylons import c, g, request, response






  8
  

  9
  





  9
  
from allura import model as M


  10
  
from allura import model as M






  10
  
from allura.lib.oid_helper import verify_oid, process_oid


  11
  
from allura.lib.oid_helper import verify_oid, process_oid






  11
  
from allura.lib.security import require_authenticated, has_artifact_access


  12
  
from allura.lib.security import require_authenticated, has_artifact_access






  12
  
from allura.lib import helpers as h


  13
  
from allura.lib import helpers as h






  13
  
from allura.lib import plugin


  14
  
from allura.lib import plugin






  14
  
from allura.lib.widgets import SubscriptionForm


  15
  
from allura.lib.widgets import SubscriptionForm, OAuthApplicationForm, OAuthRevocationForm






  15
  
from allura.lib import exceptions as exc


  16
  
from allura.lib import exceptions as exc






  16
  
from allura.controllers import BaseController


  17
  
from allura.controllers import BaseController






  17
  

  18
  





  18
  
log = logging.getLogger(__name__)


  19
  
log = logging.getLogger(__name__)






  19
  

  20
  





  
  
...

  
  
...





  31
  
    ('ClaimID', 'http://openid.claimid.com/${username}/'),


  32
  
    ('ClaimID', 'http://openid.claimid.com/${username}/'),






  32
  
    ('AOL', 'http://openid.aol.com/${username}/') ]


  33
  
    ('AOL', 'http://openid.aol.com/${username}/') ]






  33
  

  34
  





  34
  
class F(object):


  35
  
class F(object):






  35
  
    subscription_form=SubscriptionForm()


  36
  
    subscription_form=SubscriptionForm()






  
  

  37
  
    oauth_application_form = OAuthApplicationForm(action='register')






  
  

  38
  
    oauth_revocation_form = OAuthRevocationForm(action='revoke_oauth')






  36
  

  39
  





  37
  
class AuthController(BaseController):


  40
  
class AuthController(BaseController):






  38
  

  41
  





  39
  
    def __init__(self):


  42
  
    def __init__(self):






  40
  
        self.prefs = PreferencesController()


  43
  
        self.prefs = PreferencesController()






  
  

  44
  
        self.oauth = OAuth()






  41
  

  45
  





  42
  
    @expose('jinja:login.html')


  46
  
    @expose('jinja:login.html')






  43
  
    @with_trailing_slash


  47
  
    @with_trailing_slash






  44
  
    def index(self, *args, **kwargs):


  48
  
    def index(self, *args, **kwargs):






  45
  
        orig_request = request.environ.get('pylons.original_request', None)


  49
  
        orig_request = request.environ.get('pylons.original_request', None)






  
  
...

  
  
...





  251
  
    @with_trailing_slash


  255
  
    @with_trailing_slash






  252
  
    @expose('jinja:user_preferences.html')


  256
  
    @expose('jinja:user_preferences.html')






  253
  
    def index(self, **kw):


  257
  
    def index(self, **kw):






  254
  
        require_authenticated()


  258
  
        require_authenticated()






  255
  
        c.form = F.subscription_form


  259
  
        c.form = F.subscription_form






  
  

  260
  
        c.revoke_access = F.oauth_revocation_form






  256
  
        subscriptions = []


  261
  
        subscriptions = []






  257
  
        for mb in M.Mailbox.query.find(dict(user_id=c.user._id)):


  262
  
        for mb in M.Mailbox.query.find(dict(user_id=c.user._id)):






  258
  
            try:


  263
  
            try:






  259
  
                with h.push_context(mb.project_id):


  264
  
                with h.push_context(mb.project_id):






  260
  
                    if mb.app_config:


  265
  
                    if mb.app_config:






  
  
...

  
  
...





  271
  
                                frequency=mb.frequency.unit,


  276
  
                                frequency=mb.frequency.unit,






  272
  
                                artifact=mb.artifact_index_id))


  277
  
                                artifact=mb.artifact_index_id))






  273
  
            except exc.NoSuchProjectError:


  278
  
            except exc.NoSuchProjectError:






  274
  
                mb.delete() # project went away


  279
  
                mb.delete() # project went away






  275
  
        api_token = M.ApiToken.query.get(user_id=c.user._id)


  280
  
        api_token = M.ApiToken.query.get(user_id=c.user._id)






  276
  
        return dict(subscriptions=subscriptions, api_token=api_token)


  281
  
        return dict(






  
  

  282
  
            subscriptions=subscriptions,






  
  

  283
  
            api_token=api_token,






  
  

  284
  
            authorized_applications=M.OAuthAccessToken.for_user(c.user))






  277
  

  285
  





  278
  
    @h.vardec


  286
  
    @h.vardec






  279
  
    @expose()


  287
  
    @expose()






  280
  
    def update(self,


  288
  
    def update(self,






  281
  
               display_name=None,


  289
  
               display_name=None,






  
  
...

  
  
...





  336
  
    def del_api_token(self):


  344
  
    def del_api_token(self):






  337
  
        tok = M.ApiToken.query.get(user_id=c.user._id)


  345
  
        tok = M.ApiToken.query.get(user_id=c.user._id)






  338
  
        if tok is None: return


  346
  
        if tok is None: return






  339
  
        tok.delete()


  347
  
        tok.delete()






  340
  
        redirect(request.referer)


  348
  
        redirect(request.referer)






  
  

  349
  





  
  

  350
  
    @expose()






  
  

  351
  
    def revoke_oauth(self, _id=None):






  
  

  352
  
        tok = M.OAuthAccessToken.query.get(_id=bson.ObjectId(_id))






  
  

  353
  
        if tok is None:






  
  

  354
  
            flash('Invalid app ID', 'error')






  
  

  355
  
            redirect('.')






  
  

  356
  
        if tok.user_id != c.user._id:






  
  

  357
  
            flash('Invalid app ID', 'error')






  
  

  358
  
            redirect('.')






  
  

  359
  
        tok.delete()






  
  

  360
  
        flash('Application access revoked')






  
  

  361
  
        redirect('.')






  
  

  362
  





  
  

  363
  
class OAuth(BaseController):






  
  

  364
  





  
  

  365
  
    @expose('jinja:oauth_applications.html')






  
  

  366
  
    def index(self, **kw):






  
  

  367
  
        c.form = F.oauth_application_form






  
  

  368
  
        return dict(apps=M.OAuthConsumerToken.for_user(c.user))






  
  

  369
  





  
  

  370
  
    @expose()






  
  

  371
  
    @validate(F.oauth_application_form, error_handler=index)






  
  

  372
  
    def register(self, application_name=None, application_description=None, **kw):






  
  

  373
  
        M.OAuthConsumerToken(name=application_name, description=application_description)






  
  

  374
  
        flash('Application registered')






  
  

  375
  
        redirect('.')






  
  

  376
  





  
  

  377
  
    @expose()






  
  

  378
  
    def delete(self, id=None):






  
  

  379
  
        app = M.OAuthConsumerToken.query.get(_id=bson.ObjectId(id))






  
  

  380
  
        if app is None:






  
  

  381
  
            flash('Invalid app ID', 'error')






  
  

  382
  
            redirect('.')






  
  

  383
  
        if app.user_id != c.user._id:






  
  

  384
  
            flash('Invalid app ID', 'error')






  
  

  385
  
            redirect('.')






  
  

  386
  
        app.delete()






  
  

  387
  
        flash('Application deleted')






  
  

  388
  
        redirect('.')