Builders are now being authenticated using Kerberos.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/templates/builders/detail.html \
src/templates/builders/edit.html \
src/templates/builders/list.html \
- src/templates/builders/new.html \
- src/templates/builders/pass.html
+ src/templates/builders/new.html
templates_buildersdir = $(templatesdir)/builders
builder = self._get_builder("INSERT INTO builders(name) \
VALUES(%s) RETURNING *", name)
- # Generate a new passphrase.
- passphrase = builder.regenerate_passphrase()
-
# Log what we have done.
if log:
builder.log("created", user=user)
# The Builder object and the passphrase are returned.
- return builder, passphrase
+ return builder
def get_by_id(self, builder_id):
return self._get_builder("SELECT * FROM builders WHERE id = %s", builder_id)
self.db.execute("INSERT INTO builders_history(builder_id, action, user_id, time) \
VALUES(%s, %s, %s, NOW())", self.id, action, user_id)
- def regenerate_passphrase(self):
- """
- Generates a new random passphrase and stores it as a salted hash
- to the database.
-
- The new passphrase is returned to be sent to the user (once).
- """
- # Generate a random string with 40 chars.
- passphrase = misc.generate_random_string(length=40)
-
- # Create salted hash.
- passphrase_hash = generate_password_hash(passphrase)
-
- # Store the hash in the database.
- self._set_attribute("passphrase", passphrase_hash)
-
- # Return the clear-text passphrase.
- return passphrase
-
- def validate_passphrase(self, passphrase):
- """
- Compare the given passphrase with the one stored in the database.
- """
- return check_password_hash(passphrase, self.data.passphrase)
-
# Description
def set_description(self, description):
def hostname(self):
return self.name
- @property
- def passphrase(self):
- return self.data.passphrase
-
@property
def pakfire_version(self):
return self.data.pakfire_version or ""
CREATE TABLE public.builders (
id integer NOT NULL,
name text NOT NULL,
- passphrase text,
description text,
enabled boolean DEFAULT false NOT NULL,
deleted boolean DEFAULT false NOT NULL,
+++ /dev/null
-{% extends "../base.html" %}
-
-{% block body %}
- <div class="row">
- <div class="col-12 col-sm-12 col-md-12 col-lg-12 col-xl-12">
- <nav aria-label="breadcrumb" role="navigation">
- <ol class="breadcrumb">
- <li class="breadcrumb-item"><a href="/">{{ _("Home") }}</a></li>
- <li class="breadcrumb-item"><a href="/builders">{{ _("Builders") }}</a></li>
- <li class="breadcrumb-item"><a href="/builders/{{ builder.name }}">{{ builder.name }}</a></li>
- <li class="breadcrumb-item active">
- <a href="/builders/{{ builder.name }}/edit">{{ _("Manage") }}</a>
- </li>
- </ol>
- </nav>
- </div>
- </div>
-
- <div class="row">
- <div class="col-12 col-sm-12 col-md-12 col-lg-12 col-xl-12">
- <h2 style="word-wrap: break-word;">
- {{ _("Builder") }}: {{ builder.name }}
- </h2>
- </div>
- </div>
-
- <div class="row">
- <div class="col-12 col-sm-12 col-md-12 col-lg-12 col-xl-12">
- <p>
- {% if action == "new" %}
- {{ _("The new host") }} <strong> {{ builder.name }} </strong> {{ _("has been successfully created.") }}
- {% elif action == "update" %}
- {{ _("The passphrase for") }} <strong> {{ builder.name }}</strong> {{ _("has been regenerated.") }}
- {% end %}
- <br>
- {{ _("For authorization to the Pakfire Master Server there is a passphrase required which must be configured to the host.") }}
- </p>
-
- <p>
- {{ _("This passphrase is:") }} <strong>{{ passphrase }}</strong>
- </p>
- </div>
- </div>
-
- <div class="row justify-content-end">
- <div class="col-12 col-sm-12 col-md-3 col-lg-2 col-xl-2">
- <a class="btn btn-primary btn-block" href="/builders/{{ builder.name }}">{{ _("Next") }}</a>
- </div>
- </div>
-{% end block %}
(r"/builders/new", builders.BuilderNewHandler),
(r"/builders/([A-Za-z0-9\-\.]+)/delete", builders.BuilderDeleteHandler),
(r"/builders/([A-Za-z0-9\-\.]+)/edit", builders.BuilderEditHandler),
- (r"/builders/([A-Za-z0-9\-\.]+)/renew", builders.BuilderRenewPassphraseHandler),
(r"/builders/([A-Za-z0-9\-\.]+)", builders.BuilderDetailHandler),
# Distributions
name = self.get_argument("name")
- # Create a new builder.
- builder, passphrase = \
- self.backend.builders.create(name, user=self.current_user)
+ # Create a new builder
+ with self.db.transaction():
+ builder = self.backend.builders.create(name, user=self.current_user)
- self.render("builders/pass.html", action="new", builder=builder,
- passphrase=passphrase)
+ self.redirect("/builders/%s" % builder.hostname)
class BuilderEditHandler(base.BaseHandler):
self.redirect("/builders/%s" % builder.hostname)
-class BuilderRenewPassphraseHandler(base.BaseHandler):
- @tornado.web.authenticated
- def get(self, name):
- builder = self.backend.builders.get_by_name(name)
-
- passphrase = builder.regenerate_passphrase()
-
- self.render("builders/pass.html", action="update", builder=builder,
- passphrase=passphrase)
-
-
class BuilderDeleteHandler(base.BaseHandler):
@tornado.web.authenticated
def get(self, name):
if not self.current_user.has_perm("builders"):
raise tornado.web.HTTPError(403)
- confirmed = self.get_argument("confirmed", None)
+ confirmed = self.get_argument("confirmed", None)
if confirmed:
with self.db.transaction():
builder.deleted = True