kallithea Changeset - 71ffa932799d

Changeset - 71ffa932799d

Parent rev.

Child rev.

[Not reviewed]

default

0 5 1

Marcin Kuzminski - 16 years ago 2010-04-07 00:51:55
marcin@python-blog.com

Added app basic auth.
Changed few deprecations for new pylons.
added sqlite logging for user actions.

6 files changed with 122 insertions and 16 deletions:

development.ini

production.ini

pylons_app/config/environment.py

pylons_app/config/middleware.py

pylons_app/controllers/hg.py

pylons_app/lib/auth.py

105

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

 ################################################################################
 ################################################################################
 # pylons_app - Pylons environment configuration                                #
 #                                                                              #
 # The %(here)s variable will be replaced with the parent directory of this file#
 ################################################################################
 [DEFAULT]
 debug = true
 ############################################
 ## Uncomment and replace with the address ##
 ## which should receive any error reports ##
 ############################################
 #email_to = marcin.kuzminski@etelko.pl
 #smtp_server = mail.etelko.pl
 #error_email_from = paste_error@localhost
 #smtp_username =
 #smtp_password =
 #error_message = 'mercurial crash !'
 [server:main]
 use = egg:Paste#http
 host = 127.0.0.1
 port = 5000
 [app:main]
 use = egg:pylons_app
 full_stack = true
 static_files = true
 lang=en
 cache_dir = %(here)s/data
 repos_name = etelko
 ################################################################################
 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 #set debug = false
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
 [loggers]
 keys = root, routes, pylons_app, sqlalchemy
 [handlers]
 keys = console
 [formatters]
 keys = generic
 #############
 ## LOGGERS ##
 #############
 [logger_root]
 level = NOTSET
 handlers = console
 [logger_routes]
 level = INFO
 handlers = console
 qualname = routes.middleware
 # "level = DEBUG" logs the route matched and routing variables.
 [logger_pylons_app]
 level = DEBUG
 handlers = console
 qualname = pylons_app
 [logger_sqlalchemy]
 level = DEBUG
 handlers = console
 qualname = sqlalchemy.engine
 ##############
 ## HANDLERS ##
 ##############
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = NOTSET
 formatter = generic
 ################
 ## FORMATTERS ##
 ################
 [formatter_generic]
 format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %H:%M:%S

production.ini

➞

Show inline comments

 ################################################################################
 ################################################################################
 # pylons_app - Pylons environment configuration                                #
 #                                                                              #
 # The %(here)s variable will be replaced with the parent directory of this file#
 ################################################################################
 [DEFAULT]
 debug = true
 ############################################
 ## Uncomment and replace with the address ##
 ## which should receive any error reports ##
 ############################################
 #email_to = marcin.kuzminski@etelko.pl
 #smtp_server = mail.etelko.pl
 #error_email_from = paste_error@localhost
 #smtp_username =
 #smtp_password =
 #error_message = 'mercurial crash !'
 [server:main]
 use = egg:Paste#http
 host = 127.0.0.1
 port = 8001
 [app:main]
 use = egg:pylons_app
 full_stack = true
 static_files = false
 lang=en
 cache_dir = %(here)s/data
 repos_name = etelko
 ################################################################################
 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 #set debug = false
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
 [loggers]
 keys = root, routes, pylons_app, sqlalchemy
 [handlers]
 keys = console
 [formatters]
 keys = generic
 #############
 ## LOGGERS ##
 #############
 [logger_root]
 level = INFO
 handlers = console
 [logger_routes]
 level = INFO
 handlers = console
 qualname = routes.middleware
 # "level = DEBUG" logs the route matched and routing variables.
 [logger_pylons_app]
 level = DEBUG
 handlers = console
 qualname = pylons_app
 [logger_sqlalchemy]
 level = DEBUG
 handlers = console
 qualname = sqlalchemy.engine
 ##############
 ## HANDLERS ##
 ##############
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = NOTSET
 formatter = generic
 ################
 ## FORMATTERS ##
 ################
 [formatter_generic]
 format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %H:%M:%S

pylons_app/config/environment.py

➞

Show inline comments

 """Pylons environment configuration"""
 import logging
 import os
 from mako.lookup import TemplateLookup
 from pylons.error import handle_mako_error
 from pylons import config
 import pylons_app.lib.app_globals as app_globals
 import pylons_app.lib.helpers
 from pylons_app.config.routing import make_map
 log = logging.getLogger(__name__)
 def load_environment(global_conf, app_conf):
     """Configure the Pylons environment via the ``pylons.config``
     object
     """
     # Pylons paths
     root = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
     paths = dict(root=root,
                  controllers=os.path.join(root, 'controllers'),
                  static_files=os.path.join(root, 'public'),
                  templates=[os.path.join(root, 'templates')])
     # Initialize config with the basic options
     config.init_app(global_conf, app_conf, package='pylons_app',
                     template_engine='mako', paths=paths)
     config['routes.map'] = make_map()
-    config['pylons.g'] = app_globals.Globals()
+    config['pylons.app_globals'] = app_globals.Globals()
     config['pylons.h'] = pylons_app.lib.helpers
     # Create the Mako TemplateLookup, with the default auto-escaping
-    config['pylons.g'].mako_lookup = TemplateLookup(
+    config['pylons.app_globals'].mako_lookup = TemplateLookup(
         directories=paths['templates'],
         error_handler=handle_mako_error,
         module_directory=os.path.join(app_conf['cache_dir'], 'templates'),
         output_encoding='utf-8',
         imports=['from webhelpers.html import escape'],
         default_filters=['escape'])
         input_encoding='utf-8', default_filters=['escape'],
         imports=['from webhelpers.html import escape'])
     # CONFIGURATION OPTIONS HERE (note: all config options will override
     # any Pylons config options)

pylons_app/config/middleware.py

➞

Show inline comments

 """Pylons middleware initialization"""
 from beaker.middleware import CacheMiddleware, SessionMiddleware
 from paste.cascade import Cascade
 from paste.registry import RegistryManager
 from paste.urlparser import StaticURLParser
 from paste.deploy.converters import asbool
 from pylons import config
 from pylons.middleware import ErrorHandler, StatusCodeRedirect
 from pylons.wsgiapp import PylonsApp
 from routes.middleware import RoutesMiddleware
+from paste.auth.basic import AuthBasicHandler
 from pylons_app.config.environment import load_environment
+from pylons_app.lib.auth import authfunc
 def make_app(global_conf, full_stack=True, **app_conf):
     """Create a Pylons WSGI application and return it
     ``global_conf``
         The inherited configuration for this application. Normally from
         the [DEFAULT] section of the Paste ini file.
     ``full_stack``
         Whether or not this application provides a full WSGI stack (by
         default, meaning it handles its own exceptions and errors).
         Disable full_stack when this application is "managed" by
         another WSGI middleware.
     ``app_conf``
         The application's local configuration. Normally specified in
         the [app:<name>] section of the Paste ini file (where <name>
         defaults to main).
     """
     # Configure the Pylons environment
     load_environment(global_conf, app_conf)
     # The Pylons WSGI app
     app = PylonsApp()
     # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares)
     # Routing/Session/Cache Middleware
     app = RoutesMiddleware(app, config['routes.map'])
     app = SessionMiddleware(app, config)
     app = CacheMiddleware(app, config)
     app = AuthBasicHandler(app, config['repos_name'] + ' mercurial repository', authfunc)
     if asbool(full_stack):
         # Handle Python exceptions
         app = ErrorHandler(app, global_conf, **config['pylons.errorware'])
         # Display error documents for 401, 403, 404 status codes (and
         # 500 when debug is disabled)
         if asbool(config['debug']):
             #don't handle 404, since mercurial does it for us.
             app = StatusCodeRedirect(app, [400, 401, 403, 500])
         else:
             app = StatusCodeRedirect(app, [400, 401, 403, 500])
     # Establish the Registry for this application
     app = RegistryManager(app)
     # Static files (If running in production, and Apache or another web
     # server is handling this static content, remove the following 3 lines)
     static_app = StaticURLParser(config['pylons.paths']['static_files'])
     app = Cascade([static_app, app])
     return app

pylons_app/controllers/hg.py

➞

Show inline comments

 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 import logging
 import os
 from pylons_app.lib.base import BaseController, render
 from pylons import c, g, session, request
+from pylons import tmpl_context as c, app_globals as g, session, request, config
 from pylons_app.lib import helpers as h
 from mako.template import Template
 from pprint import pprint
 import os
 from mercurial import ui, hg
 from mercurial.error import RepoError
 from ConfigParser import ConfigParser
 import encodings
 from pylons.controllers.util import abort
 log = logging.getLogger(__name__)
 class HgController(BaseController):
     def __before__(self):
-        c.repos_prefix = 'etelko'
+        c.repos_prefix = config['repos_name']
     def view(self, *args, **kwargs):
         response = g.hgapp(request.environ, self.start_response)
         http_accept = request.environ.get('HTTP_ACCEPT', False)
         if not http_accept:
             return abort(status_code=400, detail='no http accept in header')
         #for mercurial protocols and raw files we can't wrap into mako
         if http_accept.find("mercurial") != -1 or \
         request.environ['PATH_INFO'].find('raw-file') != -1:
                     return response
         try:
             tmpl = u''.join(response)
             template = Template(tmpl, lookup=request.environ['pylons.pylons']\
-                            .config['pylons.g'].mako_lookup)
+                            .config['pylons.app_globals'].mako_lookup)
         except (RuntimeError, UnicodeDecodeError):
             log.info('disabling unicode due to encoding error')
             response = g.hgapp(request.environ, self.start_response)
             tmpl = ''.join(response)
             template = Template(tmpl, lookup=request.environ['pylons.pylons']\
-                            .config['pylons.g'].mako_lookup, disable_unicode=True)
+                            .config['pylons.app_globals'].mako_lookup, disable_unicode=True)
         return template.render(g=g, c=c, session=session, h=h)
     def manage_hgrc(self):
         pass
     def hgrc(self, dirname):
         filename = os.path.join(dirname, '.hg', 'hgrc')
         return filename
     def add_repo(self, new_repo):
         c.staticurl = g.statics
         #extra check it can be add since it's the command
         if new_repo == 'add':
             c.msg = 'you basstard ! this repo is a command'
             c.new_repo = ''
             return render('add.html')
         new_repo = new_repo.replace(" ", "_")
         new_repo = new_repo.replace("-", "_")
         try:
             self._create_repo(new_repo)
             c.new_repo = new_repo
             c.msg = 'added repo'
         except Exception as e:
             c.new_repo = 'Exception when adding: %s' % new_repo
             c.msg = str(e)
         return render('add.html')
     def _check_repo(self, repo_name):
         p = os.path.dirname(os.path.dirname(os.path.dirname(__file__)))
         config_path = os.path.join(p, 'hgwebdir.config')
         cp = ConfigParser()
         cp.read(config_path)
         repos_path = cp.get('paths', '/').replace("**", '')
         if not repos_path:
             raise Exception('Could not read config !')
         self.repo_path = os.path.join(repos_path, repo_name)
         try:
             r = hg.repository(ui.ui(), self.repo_path)
             hg.verify(r)
             #here we hnow that repo exists it was verified
             log.info('%s repo is already created', repo_name)
             raise Exception('Repo exists')
         except RepoError:
             log.info('%s repo is free for creation', repo_name)
             #it means that there is no valid repo there...
             return True
     def _create_repo(self, repo_name):
         if repo_name in [None, '', 'add']:
             raise Exception('undefined repo_name of repo')
         if self._check_repo(repo_name):
             log.info('creating repo %s in %s', repo_name, self.repo_path)
             cmd = """mkdir %s && hg init %s""" \
                     % (self.repo_path, self.repo_path)
             os.popen(cmd)
 #def _make_app():
 #    #for single a repo
 #    #return hgweb("/path/to/repo", "Name")
 #    repos = "hgwebdir.config"
 #    return  hgwebdir(repos)
+#
 #    def view(self, environ, start_response):
 #        #the following is only needed when using hgwebdir
 #        app = _make_app()
 #        #return wsgi_app(environ, start_response)
 #        response = app(request.environ, self.start_response)
+#
 #        if environ['PATH_INFO'].find("static") != -1:
 #            return response
 #        else:
 #            #wrap the murcurial response in a mako template.
 #            template = Template("".join(response),
 #                                lookup = environ['pylons.pylons']\
 #                                .config['pylons.g'].mako_lookup)
+#
 #            return template.render(g = g, c = c, session = session, h = h)

pylons_app/lib/auth.py

➞

Show inline comments

@@ new file 100644 @@
 import sqlite3
 import os
 import logging
 from os.path import dirname as dn
 from datetime import datetime
 import crypt
 log = logging.getLogger(__name__)
 ROOT = dn(dn(dn(os.path.realpath(__file__))))
 def get_sqlite_cur_conn():
     conn = sqlite3.connect(os.path.join(ROOT, 'auth.sqlite'))
     cur = conn.cursor()
     return conn, cur
 def authfunc(environ, username, password):
     conn, cur = get_sqlite_cur_conn()
     password_crypt = crypt.crypt(password, '6a')
     cur.execute("SELECT * FROM users WHERE username=?", (username,))
     data = cur.fetchone()
     if data:
         if data[3]:
             if data[1] == username and data[2] == password_crypt:
                 log.info('user %s authenticated correctly', username)
                 http_accept = environ.get('HTTP_ACCEPT')
                 if http_accept.startswith('application/mercurial') or \
                     environ['PATH_INFO'].find('raw-file') != -1:
                     cmd = environ['PATH_INFO']
                     for qry in environ['QUERY_STRING'].split('&'):
                         if qry.startswith('cmd'):
                             cmd += "|" + qry
                             try:
                                 cur.execute('''INSERT INTO
                                                     user_logs
                                                VALUES(?,?,?,?)''',
                                                 (None, data[0], cmd, datetime.now()))
                                 conn.commit()
                             except Exception as e:
                                 conn.rollback()
                                 log.error(e)
                 return True
         else:
             log.error('user %s is disabled', username)
     return False
 def create_user_table():
     '''
     Create a auth database
     '''
     conn, cur = get_sqlite_cur_conn()
     try:
         log.info('creating table %s', 'users')
         cur.execute('''DROP TABLE IF EXISTS users ''')
         cur.execute('''CREATE TABLE users
                         (id INTEGER PRIMARY KEY AUTOINCREMENT,
                          username TEXT,
                          password TEXT,
                          active INTEGER)''')
         log.info('creating table %s', 'user_logs')
         cur.execute('''DROP TABLE IF EXISTS user_logs ''')
         cur.execute('''CREATE TABLE user_logs
                         (id INTEGER PRIMARY KEY AUTOINCREMENT,
                             user_id INTEGER,
                             last_action TEXT,
                             last_action_date DATETIME)''')
         conn.commit()
     except:
         conn.rollback()
         raise
     cur.close()
 def create_user(username, password):
     conn, cur = get_sqlite_cur_conn()
     password_crypt = crypt.crypt(password, '6a')
     cur_date = datetime.now()
     log.info('creating user %s', username)
     try:
         cur.execute('''INSERT INTO users values (?,?,?,?) ''',
                     (None, username, password_crypt, 1,))
         conn.commit()
     except:
         conn.rollback()
         raise
 if __name__ == "__main__":
     create_user_table()
     create_user('marcink', 'qweqwe')
     create_user('lukaszd', 'qweqwe')
     create_user('adriand', 'qweqwe')
     create_user('radek', 'qweqwe')
     create_user('skrzeka', 'qweqwe')
     create_user('bart', 'qweqwe')
     create_user('maho', 'qweqwe')
     create_user('michalg', 'qweqwe')
     #authfunc('', 'marcink', 'qweqwe')

0 comments (0 inline, 0 general)