class LoginHandler(base.KerberosAuthMixin, base.BaseHandler):
async def get(self, username=None, failed=False):
- current_user = await self.get_current_user()
- if current_user:
+ if self.current_user:
raise tornado.web.HTTPError(403, "Already logged in")
await self.render("login.html", username=username, failed=failed)
if session:
return session.user
- @property
- def current_user(self):
- raise NotImplementedError("We don't use this any more")
-
async def get_user_locale(self):
# Get the locale from the user settings
current_user = await self.get_current_user()
return JinjaTemplateLoader(env)
async def get_template_namespace(self):
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Fetch the locale
locale = await self.get_user_locale()
ns = {
"handler" : self,
- "current_user" : current_user,
+ "current_user" : self.current_user,
"hostname" : self.request.host,
"now" : datetime.datetime.now(),
if not self.request.method in ("GET", "HEAD", "OPTIONS"):
self.check_xsrf_cookie()
+ # Automatically log the user
+ self.current_user = await self.get_current_user()
+
# Prepare the request
result = self.prepare()
if result:
self.finish()
async def write_error(self, code, exc_info=None, **kwargs):
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Translate the HTTP status code
try:
message = http.client.responses[code]
# Collect more information about the exception if possible.
if exc_info:
- if current_user and isinstance(current_user, users.User):
- if current_user.is_admin():
+ if self.current_user and isinstance(self.current_user, users.User):
+ if self.current_user.is_admin():
tb += traceback.format_exception(*exc_info)
await self.render("errors/error.html",
)
if version is None:
- current_user = await self.get_current_user()
- if current_user and "expires_days" not in cookie_kwargs:
+ if self.current_user and "expires_days" not in cookie_kwargs:
cookie_kwargs["expires_days"] = 30
cookie_name = self.settings.get("xsrf_cookie_name", "_xsrf")
self.set_cookie(cookie_name, self._xsrf_token, **cookie_kwargs)
# Uploads
async def _get_upload(self, uuid):
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Fetch the upload
upload = await self.backend.uploads.get_by_uuid(uuid)
# Check permissions
- if upload and not upload.has_perm(current_user):
- raise tornado.web.HTTPError(403, "%s has no permissions for upload %s" % (current_user, upload))
+ if upload and not upload.has_perm(self.current_user):
+ raise tornado.web.HTTPError(403, "%s has no permissions for upload %s" % (self.current_user, upload))
return upload
return self.env.get_template(name=name)
-def authenticated(method):
- """
- This is our custom authentication wrapper which supports an
- asynchronous implementation of "get_current_user()".
- """
- @functools.wraps(method)
- async def wrapper(self, *args, **kwargs):
- current_user = await self.get_current_user()
-
- if not current_user:
- if self.request.method in ("GET", "HEAD"):
- url = self.get_login_url()
- if "?" not in url:
- if urllib.parse.urlsplit(url).scheme:
- # if login url is absolute, make next absolute too
- next_url = self.request.full_url()
- else:
- assert self.request.uri is not None
- next_url = self.request.uri
- url += "?" + urllib.parse.urlencode(dict(next=next_url))
- self.redirect(url)
- return None
-
- # Authentication has failed
- raise tornado.web.HTTPError(403)
-
- # Call the wrapped method
- result = method(self, *args, **kwargs)
-
- # Support coroutines
- if asyncio.iscoroutine(result):
- result = await result
-
- return result
-
- return wrapper
+# An alias for Tornado's authentication decorator
+authenticated = tornado.web.authenticated
def negotiate(method):
"""
"""
@functools.wraps(method)
async def wrapper(self, *args, **kwargs):
- current_user = await self.get_current_user()
-
- if not current_user:
+ if not self.current_user:
# Send the Negotiate header
self.add_header("WWW-Authenticate", "Negotiate")
"""
@authenticated
async def prepare(self):
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Fail if we don't have admin right
- if not current_user.is_admin():
+ if not self.current_user.is_admin():
raise tornado.web.HTTPError(403, "admin rights required")
async with await self.db.transaction():
builder = await self.backend.builders.create(
name = self.get_argument("name"),
- created_by = await self.get_current_user(),
+ created_by = self.current_user,
)
self.redirect("/builders/%s/edit" % builder.name)
if not builder:
raise tornado.web.HTTPError(404, "Builder not found")
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
await self.render("builders/edit.html", builder=builder)
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
async with await self.db.transaction():
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
await self.render("builders/delete.html", builder=builder)
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % hostname)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
# Delete the builder
async with await self.db.transaction():
- await builder.delete(deleted_by=current_user)
+ await builder.delete(deleted_by=self.current_user)
self.redirect("/builders")
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
# Builders must be in maintenance mode
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
# Builders must be in maintenance mode
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
# Builders must be in maintenance mode
if not builder:
raise tornado.web.HTTPError(404, "Builder not found: %s" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Check permissions
- if not builder.has_perm(current_user):
+ if not builder.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
# Builders must be in maintenance mode
@base.negotiate
async def post(self):
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Fetch the upload
upload = await self.get_argument_upload("upload")
if not upload:
raise tornado.web.HTTPError(404, "Could not find upload")
# Check permissions of the upload
- if not upload.has_perm(current_user):
+ if not upload.has_perm(self.current_user):
raise base.APIError(errno.ENOPERM, "No permission for using upload %s" % upload)
# Fetch the repository
try:
# Find the repository
- repo = self.current_user.get_repo(package.distro, repo_name)
+ repo = await self.current_user.get_repo(package.distro, repo_name)
if not repo:
raise base.APIError(errno.ENOENT, "Could not find repository")
# If anything goes wrong, we will try to delete the package again
except Exception as e:
- await package.delete(current_user)
+ await package.delete(self.current_user)
raise e
if not build:
raise tornado.web.HTTPError(404, "Package '%s' was not found" % name)
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Fetch all distributions
distros = {}
)
# Fetch scratch builds
- if current_user:
+ if self.current_user:
scratch_builds[distro] = tasks.create_task(
self.backend.builds.get(
- user=current_user, scratch=True, name=name, distro=distro),
+ user=self.current_user, scratch=True, name=name, distro=distro),
)
# Map all bugs
class CreateCustomHandler(BaseHandler):
@base.authenticated
async def get(self, user_slug):
- # Fetch current user
- current_user = await self.get_current_user()
-
- # Fetch user
user = await self.backend.users.get_by_name(user_slug)
if not user:
raise tornado.web.HTTPError(404, "Could not find user: %s" % user_slug)
# Check for permissions
- if not user.has_perm(current_user):
+ if not user.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
await self.render("repos/create-custom.html", user=user, distros=self.backend.distros)
@base.authenticated
async def post(self, user_slug):
- # Fetch current user
- current_user = await self.get_current_user()
-
- # Fetch user
user = await self.backend.users.get_by_name(user_slug)
if not user:
raise tornado.web.HTTPError(404, "Could not find user: %s" % user_slug)
# Check for permissions
- if not user.has_perm(current_user):
+ if not user.has_perm(self.current_user):
raise tornado.web.HTTPError(403)
# Create the repository
async def get(self):
uploads = []
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Send information about all uploads
- async for upload in current_user.get_uploads():
+ async for upload in self.current_user.get_uploads():
uploads.append({
"id" : "%s" % upload.uuid,
"filename" : upload.filename,
"""
Creates a new upload and returns its UUID
"""
- # Fetch the current user
- current_user = await self.get_current_user()
-
# Fetch the filename
filename = self.get_argument("filename")
upload = await self.backend.uploads.create(
filename = filename,
size = size,
- owner = current_user,
+ owner = self.current_user,
digest_algo = digest_algo,
digest = digest,
)
raise base.APIError(errno.ENOTSUP, "Unsupported digest %s" % digest_algo) from e
except users.QuotaExceededError as e:
- raise base.APIError(errno.EDQUOT, "Quota exceeded for %s" % current_user) from e
+ raise base.APIError(errno.EDQUOT, "Quota exceeded for %s" % self.current_user) from e
except ValueError as e:
raise base.APIError(errno.EINVAL, "%s" % e) from e
"""
Deletes an upload with a certain UUID
"""
- # Fetch the current user
- current_user = await self.get_current_user()
-
- # Fetch the upload
upload = await self.backend.uploads.get_by_uuid(uuid)
if not upload:
raise tornado.web.HTTPError(404, "Could not find upload %s" % uuid)
# Check for permissions
- if not upload.has_perm(current_user):
+ if not upload.has_perm(self.current_user):
raise tornado.web.HTTPError(403, "%s has no permission to delete %s" \
% (current_user, upload))
projects / pbs.git / commitdiff
