@@ -171,107 +171,108 @@ INPUT::
"locked" : "<bool true|false>"
}
OUTPUT::
id : <id_given_in_input>
result : "User `<username>` set lock state for repo `<reponame>` to `true|false`"
error : null
show_ip
-------
Shows IP address as seen from RhodeCode server, together with all
defined IP addresses for given user.
This command can be executed only using api_key belonging to user with admin
rights.
INPUT::
id : <id_for_response>
api_key : "<api_key>"
method : "show_ip"
args : {
"userid" : "<user_id or username>",
result : {
"ip_addr_server": <ip_from_clien>",
"user_ips": [
{
"ip_addr": "<ip_with_mask>",
"ip_range": ["<start_ip>", "<end_ip>"],
},
...
]
get_user
--------
Get's an user by username or user_id, Returns empty result if user is not found.
If userid param is skipped it is set to id of user who is calling this method.
rights, or regular users which cannot specify userid parameter.
method : "get_user"
"userid" : "<username or user_id>"
"userid" : "<username or user_id Optional(=apiuser)>"
result: None if user does not exist or
"user_id" : "<user_id>",
"username" : "<username>",
"firstname": "<firstname>",
"lastname" : "<lastname>",
"email" : "<email>",
"emails": "<list_of_all_additional_emails>",
"ip_addresses": "<list_of_ip_addresses_for_user>",
"active" : "<bool>",
"admin" : "<bool>",
"ldap_dn" : "<ldap_dn>",
"last_login": "<last_login>",
"permissions": {
"global": ["hg.create.repository",
"repository.read",
"hg.register.manual_activate"],
"repositories": {"repo1": "repository.none"},
"repositories_groups": {"Group1": "group.read"}
error: null
get_users
---------
Lists all existing users. This command can be executed only using api_key
belonging to user with admin rights.
method : "get_users"
args : { }
result: [
@@ -306,104 +307,104 @@ INPUT::
method : "create_user"
"email" : "<useremail>",
"password" : "<password>",
"firstname" : "<firstname> = Optional(None)",
"lastname" : "<lastname> = Optional(None)",
"active" : "<bool> = Optional(True)",
"admin" : "<bool> = Optional(False)",
"ldap_dn" : "<ldap_dn> = Optional(None)"
result: {
"msg" : "created new user `<username>`",
"user": {
update_user
-----------
updates given user if such user exists. This command can
be executed only using api_key belonging to user with admin rights.
method : "update_user"
"username" : "<username> = Optional",
"email" : "<useremail> = Optional",
"password" : "<password> = Optional",
"firstname" : "<firstname> = Optional",
"lastname" : "<lastname> = Optional",
"active" : "<bool> = Optional",
"admin" : "<bool> = Optional",
"ldap_dn" : "<ldap_dn> = Optional"
"username" : "<username> = Optional(None)",
"email" : "<useremail> = Optional(None)",
"password" : "<password> = Optional(None)",
"active" : "<bool> = Optional(None)",
"admin" : "<bool> = Optional(None)",
"msg" : "updated user ID:<userid> <username>",
delete_user
deletes givenuser if such user exists. This command can
method : "delete_user"
"msg" : "deleted user ID:<userid> <username>",
"user": null
@@ -177,142 +177,149 @@ class ApiController(JSONRPCController):
except Exception:
log.error(traceback.format_exc())
raise JSONRPCError(
'Unable to pull changes from `%s`' % repo.repo_name
)
@HasPermissionAllDecorator('hg.admin')
def rescan_repos(self, apiuser, remove_obsolete=Optional(False)):
"""
Dispatch rescan repositories action. If remove_obsolete is set
than also delete repos that are in database but not in the filesystem.
aka "clean zombies"
:param apiuser:
:param remove_obsolete:
try:
rm_obsolete = Optional.extract(remove_obsolete)
added, removed = repo2db_mapper(ScmModel().repo_scan(),
remove_obsolete=rm_obsolete)
return {'added': added, 'removed': removed}
'Error occurred during rescan repositories action'
def lock(self, apiuser, repoid, locked, userid=Optional(OAttr('apiuser'))):
Set locking state on particular repository by given user, if
this command is runned by non-admin account userid is set to user
who is calling this method
:param repoid:
:param userid:
:param locked:
repo = get_repo_or_error(repoid)
if HasPermissionAnyApi('hg.admin')(user=apiuser):
pass
elif HasRepoPermissionAnyApi('repository.admin',
'repository.write')(user=apiuser,
repo_name=repo.repo_name):
#make sure normal user does not pass userid, he is not allowed to do that
if not isinstance(userid, Optional):
'Only RhodeCode admin can specify `userid` params'
'Only RhodeCode admin can specify `userid` param'
else:
return abort(403)
if isinstance(userid, Optional):
userid = apiuser.user_id
user = get_user_or_error(userid)
locked = bool(locked)
if locked:
Repository.lock(repo, user.user_id)
Repository.unlock(repo)
return ('User `%s` set lock state for repo `%s` to `%s`'
% (user.username, repo.repo_name, locked))
'Error occurred locking repository `%s`' % repo.repo_name
def show_ip(self, apiuser, userid):
defined IP addresses for given user
ips = UserIpMap.query().filter(UserIpMap.user == user).all()
return dict(
ip_addr_server=self.ip_addr,
user_ips=ips
def get_user(self, apiuser, userid):
def get_user(self, apiuser, userid=Optional(OAttr('apiuser'))):
""""
Get a user by username
Get a user by username, or userid, if userid is given
data = user.get_api_data()
data['permissions'] = AuthUser(user_id=user.user_id).permissions
return data
def get_users(self, apiuser):
Get all users
result = []
for user in UserModel().get_all():
result.append(user.get_api_data())
return result
def create_user(self, apiuser, username, email, password,
firstname=Optional(None), lastname=Optional(None),
active=Optional(True), admin=Optional(False),
ldap_dn=Optional(None)):
Create new user
:param username:
:param email:
:param password:
:param firstname:
:param lastname:
:param active:
:param admin:
:param ldap_dn:
if UserModel().get_by_username(username):
raise JSONRPCError("user `%s` already exist" % username)
if UserModel().get_by_email(email, case_insensitive=True):
raise JSONRPCError("email `%s` already exist" % email)
if Optional.extract(ldap_dn):
# generate temporary password if ldap_dn
password = PasswordGenerator().gen_password(length=8)
Status change: