Changeset - 88e0d0c0c208
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Mads Kiilerich (mads) - 6 years ago 2019-12-27 02:02:20
mads@kiilerich.com
Grafted from: 8988db0d94a5
validator: fix ASCII password check to verify if it can be *encoded* in ascii

In Python 2, unicode strings have a .decode method (which really doesn't make
sense). Python 3 has more strict typing by design, and unicode strings don't
have a .decode method.

A Unicode string "is ASCII" if it can be encoded as ASCII. The check should
thus *encode* to ASCII - not decode.
1 file changed with 1 insertions and 1 deletions:
kallithea/model/validators.py
1
1
0 comments (0 inline, 0 general)
kallithea/model/validators.py
Show inline comments
 
@@ -142,193 +142,193 @@ def ValidUserGroup(edit=False, old_data=
 
                raise formencode.Invalid(msg, value, state,
 
                    error_dict=dict(users_group_name=msg)
 
                )
 
            # check if group is unique
 
            old_ugname = None
 
            if edit:
 
                old_id = old_data.get('users_group_id')
 
                old_ugname = UserGroup.get(old_id).users_group_name
 

			




	
	
	
		
 
            if old_ugname != value or not edit:

			




	
	
	
		
 
                is_existing_group = UserGroup.get_by_group_name(value,

			




	
	
	
		
 
                                                        case_insensitive=True)

			




	
	
	
		
 
                if is_existing_group:

			




	
	
	
		
 
                    msg = self.message('group_exist', state, usergroup=value)

			




	
	
	
		
 
                    raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                        error_dict=dict(users_group_name=msg)

			




	
	
	
		
 
                    )

			




	
	
	
		
 

			




	
	
	
		
 
            if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:

			




	
	
	
		
 
                msg = self.message('invalid_usergroup_name', state)

			




	
	
	
		
 
                raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                    error_dict=dict(users_group_name=msg)

			




	
	
	
		
 
                )

			




	
	
	
		
 

			




	
	
	
		
 
    return _validator

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def ValidRepoGroup(edit=False, old_data=None):

			




	
	
	
		
 
    old_data = old_data or {}

			




	
	
	
		
 

			




	
	
	
		
 
    class _validator(formencode.validators.FancyValidator):

			




	
	
	
		
 
        messages = {

			




	
	
	
		
 
            'parent_group_id': _('Cannot assign this group as parent'),

			




	
	
	
		
 
            'group_exists': _('Group "%(group_name)s" already exists'),

			




	
	
	
		
 
            'repo_exists':

			




	
	
	
		
 
                _('Repository with name "%(group_name)s" already exists')

			




	
	
	
		
 
        }

			




	
	
	
		
 

			




	
	
	
		
 
        def _validate_python(self, value, state):

			




	
	
	
		
 
            # TODO WRITE VALIDATIONS

			




	
	
	
		
 
            group_name = value.get('group_name')

			




	
	
	
		
 
            parent_group_id = value.get('parent_group_id')

			




	
	
	
		
 

			




	
	
	
		
 
            # slugify repo group just in case :)

			




	
	
	
		
 
            slug = repo_name_slug(group_name)

			




	
	
	
		
 

			




	
	
	
		
 
            # check for parent of self

			




	
	
	
		
 
            parent_of_self = lambda: (

			




	
	
	
		
 
                old_data['group_id'] == parent_group_id

			




	
	
	
		
 
                if parent_group_id else False

			




	
	
	
		
 
            )

			




	
	
	
		
 
            if edit and parent_of_self():

			




	
	
	
		
 
                msg = self.message('parent_group_id', state)

			




	
	
	
		
 
                raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                    error_dict=dict(parent_group_id=msg)

			




	
	
	
		
 
                )

			




	
	
	
		
 

			




	
	
	
		
 
            old_gname = None

			




	
	
	
		
 
            if edit:

			




	
	
	
		
 
                old_gname = RepoGroup.get(old_data.get('group_id')).group_name

			




	
	
	
		
 

			




	
	
	
		
 
            if old_gname != group_name or not edit:

			




	
	
	
		
 

			




	
	
	
		
 
                # check group

			




	
	
	
		
 
                gr = RepoGroup.query() \

			




	
	
	
		
 
                      .filter(func.lower(RepoGroup.group_name) == func.lower(slug)) \

			




	
	
	
		
 
                      .filter(RepoGroup.parent_group_id == parent_group_id) \

			




	
	
	
		
 
                      .scalar()

			




	
	
	
		
 
                if gr is not None:

			




	
	
	
		
 
                    msg = self.message('group_exists', state, group_name=slug)

			




	
	
	
		
 
                    raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                            error_dict=dict(group_name=msg)

			




	
	
	
		
 
                    )

			




	
	
	
		
 

			




	
	
	
		
 
                # check for same repo

			




	
	
	
		
 
                repo = Repository.query() \

			




	
	
	
		
 
                      .filter(func.lower(Repository.repo_name) == func.lower(slug)) \

			




	
	
	
		
 
                      .scalar()

			




	
	
	
		
 
                if repo is not None:

			




	
	
	
		
 
                    msg = self.message('repo_exists', state, group_name=slug)

			




	
	
	
		
 
                    raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                            error_dict=dict(group_name=msg)

			




	
	
	
		
 
                    )

			




	
	
	
		
 

			




	
	
	
		
 
    return _validator

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def ValidPassword():

			




	
	
	
		
 
    class _validator(formencode.validators.FancyValidator):

			




	
	
	
		
 
        messages = {

			




	
	
	
		
 
            'invalid_password':

			




	
	
	
		
 
                _('Invalid characters (non-ascii) in password')

			




	
	
	
		
 
        }

			




	
	
	
		
 

			




	
	
	
		
 
        def _validate_python(self, value, state):

			




	
	
	
		
 
            try:

			




	
	
	
		
 
                (value or '').decode('ascii')

			




	
	
	
		
 
                (value or '').encode('ascii')

			




	
	
	
		
 
            except UnicodeError:

			




	
	
	
		
 
                msg = self.message('invalid_password', state)

			




	
	
	
		
 
                raise formencode.Invalid(msg, value, state,)

			




	
	
	
		
 
    return _validator

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def ValidOldPassword(username):

			




	
	
	
		
 
    class _validator(formencode.validators.FancyValidator):

			




	
	
	
		
 
        messages = {

			




	
	
	
		
 
            'invalid_password': _('Invalid old password')

			




	
	
	
		
 
        }

			




	
	
	
		
 

			




	
	
	
		
 
        def _validate_python(self, value, state):

			




	
	
	
		
 
            from kallithea.lib import auth_modules

			




	
	
	
		
 
            if auth_modules.authenticate(username, value, '') is None:

			




	
	
	
		
 
                msg = self.message('invalid_password', state)

			




	
	
	
		
 
                raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                    error_dict=dict(current_password=msg)

			




	
	
	
		
 
                )

			




	
	
	
		
 
    return _validator

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def ValidPasswordsMatch(password_field, password_confirmation_field):

			




	
	
	
		
 
    class _validator(formencode.validators.FancyValidator):

			




	
	
	
		
 
        messages = {

			




	
	
	
		
 
            'password_mismatch': _('Passwords do not match'),

			




	
	
	
		
 
        }

			




	
	
	
		
 

			




	
	
	
		
 
        def _validate_python(self, value, state):

			




	
	
	
		
 
            if value.get(password_field) != value[password_confirmation_field]:

			




	
	
	
		
 
                msg = self.message('password_mismatch', state)

			




	
	
	
		
 
                raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                     error_dict={password_field: msg, password_confirmation_field: msg}

			




	
	
	
		
 
                )

			




	
	
	
		
 
    return _validator

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def ValidAuth():

			




	
	
	
		
 
    class _validator(formencode.validators.FancyValidator):

			




	
	
	
		
 
        messages = {

			




	
	
	
		
 
            'invalid_auth': _(u'Invalid username or password'),

			




	
	
	
		
 
        }

			




	
	
	
		
 

			




	
	
	
		
 
        def _validate_python(self, value, state):

			




	
	
	
		
 
            from kallithea.lib import auth_modules

			




	
	
	
		
 

			




	
	
	
		
 
            password = value['password']

			




	
	
	
		
 
            username = value['username']

			




	
	
	
		
 

			




	
	
	
		
 
            # authenticate returns unused dict but has called

			




	
	
	
		
 
            # plugin._authenticate which has create_or_update'ed the username user in db

			




	
	
	
		
 
            if auth_modules.authenticate(username, password) is None:

			




	
	
	
		
 
                user = User.get_by_username_or_email(username)

			




	
	
	
		
 
                if user and not user.active:

			




	
	
	
		
 
                    log.warning('user %s is disabled', username)

			




	
	
	
		
 
                    msg = self.message('invalid_auth', state)

			




	
	
	
		
 
                    raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                        error_dict=dict(username=' ', password=msg)

			




	
	
	
		
 
                    )

			




	
	
	
		
 
                else:

			




	
	
	
		
 
                    log.warning('user %s failed to authenticate', username)

			




	
	
	
		
 
                    msg = self.message('invalid_auth', state)

			




	
	
	
		
 
                    raise formencode.Invalid(msg, value, state,

			




	
	
	
		
 
                        error_dict=dict(username=' ', password=msg)

			




	
	
	
		
 
                    )

			




	
	
	
		
 
    return _validator

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def ValidRepoName(edit=False, old_data=None):

			




	
	
	
		
 
    old_data = old_data or {}

			




	
	
	
		
 

			




	
	
	
		
 
    class _validator(formencode.validators.FancyValidator):

			




	
	
	
		
 
        messages = {

			




	
	
	
		
 
            'invalid_repo_name':

			




	
	
	
		
 
                _('Repository name %(repo)s is not allowed'),

			




	
	
	
		
 
            'repository_exists':

			




	
	
	
		
 
                _('Repository named %(repo)s already exists'),

			




	
	
	
		
 
            'repository_in_group_exists': _('Repository "%(repo)s" already '

			




	
	
	
		
 
                                            'exists in group "%(group)s"'),

			




	
	
	
		
 
            'same_group_exists': _('Repository group with name "%(repo)s" '

			




	
	
	
		
 
                                   'already exists')

			




	
	
	
		
 
        }

			




	
	
	
		
 

			




	
	
	
		
 
        def _convert_to_python(self, value, state):

			




	
	
	
		
 
            repo_name = repo_name_slug(value.get('repo_name', ''))

			




	
	
	
		
 
            repo_group = value.get('repo_group')

			




	
	
	
		
 
            if repo_group:

			




	
	
	
		
 
                gr = RepoGroup.get(repo_group)

			




	
	
	
		
 
                group_path = gr.full_path

			




	
	
	
		
 
                group_name = gr.group_name

			




	
	
	
		
 
                # value needs to be aware of group name in order to check

			




	
	
	
		
 
                # db key This is an actual just the name to store in the

			




	
	
	
		
 
                # database

			




	
	
	
		
 
                repo_name_full = group_path + RepoGroup.url_sep() + repo_name

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                group_name = group_path = ''

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: clio-17724
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.
            – Support