You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by jo...@apache.org on 2014/03/20 19:46:34 UTC
[01/17] git commit: [#7051] Add tool _list paging test
Repository: incubator-allura
Updated Branches:
refs/heads/cj/6701 a3dc656d6 -> f970d43d4 (forced update)
[#7051] Add tool _list paging test
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/35eee909
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/35eee909
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/35eee909
Branch: refs/heads/cj/6701
Commit: 35eee909fa90d06efa34a39667db6345725bc177
Parents: 75393c3
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Tue Mar 18 15:55:35 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Tue Mar 18 16:31:07 2014 +0000
----------------------------------------------------------------------
Allura/allura/tests/functional/test_tool_list.py | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/35eee909/Allura/allura/tests/functional/test_tool_list.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_tool_list.py b/Allura/allura/tests/functional/test_tool_list.py
index 68416c6..08607cf 100644
--- a/Allura/allura/tests/functional/test_tool_list.py
+++ b/Allura/allura/tests/functional/test_tool_list.py
@@ -26,5 +26,19 @@ class TestToolListController(TestController):
def test_default(self):
"""Test that list page contains a link to all tools of that type."""
r = self.app.get('/p/test/_list/wiki')
- assert len(r.html.find('a', dict(href='/p/test/wiki/'))) == 1, r
- assert len(r.html.find('a', dict(href='/p/test/wiki2/'))) == 1, r
+ content = r.html.find('div', id='content_base')
+ assert content.find('a', dict(href='/p/test/wiki/')), r
+ assert content.find('a', dict(href='/p/test/wiki2/')), r
+
+ @td.with_wiki
+ @td.with_tool('test', 'Wiki', 'wiki2')
+ def test_paging(self):
+ """Test that list page handles paging correctly."""
+ r = self.app.get('/p/test/_list/wiki?limit=1&page=0')
+ content = r.html.find('div', id='content_base')
+ assert content.find('a', dict(href='/p/test/wiki/')), r
+ assert not content.find('a', dict(href='/p/test/wiki2/')), r
+ r = self.app.get('/p/test/_list/wiki?limit=1&page=1')
+ content = r.html.find('div', id='content_base')
+ assert not content.find('a', dict(href='/p/test/wiki/')), r
+ assert content.find('a', dict(href='/p/test/wiki2/')), r
[03/17] git commit: [#7051] Improve sitemap performance when many
tools installed
Posted by jo...@apache.org.
[#7051] Improve sitemap performance when many tools installed
- Add paging to admin tools screen and tool list screen.
- Include at most 10 tools of each type in a project sitemap.
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/e08764bf
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/e08764bf
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/e08764bf
Branch: refs/heads/cj/6701
Commit: e08764bf700c16372b169a7d0561d3037dca0bcb
Parents: ce89f95
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Wed Mar 12 20:29:15 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Tue Mar 18 16:31:07 2014 +0000
----------------------------------------------------------------------
Allura/allura/controllers/project.py | 16 ++++++++--
Allura/allura/ext/admin/admin_main.py | 11 +++++--
.../ext/admin/templates/project_tools.html | 1 +
Allura/allura/model/project.py | 33 +++++++++++++++++---
Allura/allura/templates/tool_list.html | 2 ++
5 files changed, 53 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/e08764bf/Allura/allura/controllers/project.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/project.py b/Allura/allura/controllers/project.py
index ea2e6d5..aedae62 100644
--- a/Allura/allura/controllers/project.py
+++ b/Allura/allura/controllers/project.py
@@ -315,11 +315,21 @@ class ToolListController(object):
"""Renders a list of all tools of a given type in the current project."""
@expose('jinja:allura:templates/tool_list.html')
- def _default(self, tool_name, *args, **kw):
+ def _default(self, tool_name, page=0, limit=200, **kw):
tool_name = tool_name.lower()
- entries = [e for e in c.project.sitemap()
+ entries = [e for e in c.project.sitemap(per_tool_limit=None)
if e.tool_name and e.tool_name.lower() == tool_name]
- return dict(entries=entries, type=g.entry_points['tool'][tool_name].tool_label if entries else None)
+ c.page_list = W.page_list
+ total_entries = len(entries)
+ limit, page = h.paging_sanitizer(limit, page, total_entries)
+ start = page * limit
+ return dict(
+ page=page,
+ limit=limit,
+ total_entries=total_entries,
+ entries=entries[start:start + limit],
+ type=g.entry_points['tool'][tool_name].tool_label if entries else None,
+ )
class ProjectController(FeedController):
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/e08764bf/Allura/allura/ext/admin/admin_main.py
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index e19572b..696f14d 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -261,15 +261,22 @@ class ProjectAdminController(BaseController):
@without_trailing_slash
@expose('jinja:allura.ext.admin:templates/project_tools.html')
- def tools(self, **kw):
+ def tools(self, page=0, limit=200, **kw):
c.markdown_editor = W.markdown_editor
c.label_edit = W.label_edit
c.mount_delete = W.mount_delete
c.admin_modal = W.admin_modal
c.install_modal = W.install_modal
+ c.page_list = W.page_list
mounts = c.project.ordered_mounts()
+ total_mounts = len(mounts)
+ limit, page = h.paging_sanitizer(limit, page, total_mounts)
+ start = page * limit
return dict(
- mounts=mounts,
+ page=page,
+ limit=limit,
+ total_mounts=total_mounts,
+ mounts=mounts[start:start + limit],
installable_tools=AdminApp.installable_tools_for(c.project),
roles=M.ProjectRole.query.find(
dict(project_id=c.project.root_project._id)).sort('_id').all(),
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/e08764bf/Allura/allura/ext/admin/templates/project_tools.html
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/templates/project_tools.html b/Allura/allura/ext/admin/templates/project_tools.html
index 56555d1..af777b0 100644
--- a/Allura/allura/ext/admin/templates/project_tools.html
+++ b/Allura/allura/ext/admin/templates/project_tools.html
@@ -142,6 +142,7 @@
{% endfor %}
</div>
</div>
+{{c.page_list.display(page=page, limit=limit, count=total_mounts)}}
<form id="mount_delete_form" style="display:none">
<div class="grid-13 warning_msg">Warning: This will destroy all data in this tool and is irreversible!</div>
<div class="grid-13"> </div>
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/e08764bf/Allura/allura/model/project.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/project.py b/Allura/allura/model/project.py
index 541ccbe..36112a0 100644
--- a/Allura/allura/model/project.py
+++ b/Allura/allura/model/project.py
@@ -56,6 +56,9 @@ from filesystem import File
log = logging.getLogger(__name__)
+# max sitemap entries per tool type
+SITEMAP_PER_TOOL_LIMIT = 10
+
class ProjectFile(File):
@@ -483,11 +486,18 @@ class Project(MappedClass, ActivityNode, ActivityObject):
result[award.granted_to_project_id].append(award)
return result
- def sitemap(self, excluded_tools=None):
+ def sitemap(self, excluded_tools=None, per_tool_limit=SITEMAP_PER_TOOL_LIMIT):
"""Return the project sitemap.
- :param list excluded_tools: tool names (AppConfig.tool_name) to
- exclude from sitemap
+ :param list excluded_tools:
+
+ Tool names (AppConfig.tool_name) to exclude from sitemap.
+
+ :param int per_tool_limit:
+
+ Max number of entries to include in the sitemap for a single tool
+ type. Use `None` to include all.
+
"""
from allura.app import SitemapEntry
entries = []
@@ -500,6 +510,9 @@ class Project(MappedClass, ActivityNode, ActivityObject):
delta_ordinal = i
max_ordinal = i
+ # Keep running count of entries per tool type
+ tool_counts = Counter({tool_name: 0 for tool_name in g.entry_points['tool']})
+
for sub in self.direct_subprojects:
ordinal = sub.ordinal + delta_ordinal
if ordinal > max_ordinal:
@@ -507,6 +520,15 @@ class Project(MappedClass, ActivityNode, ActivityObject):
entries.append({'ordinal': sub.ordinal + delta_ordinal,
'entry': SitemapEntry(sub.name, sub.url())})
for ac in self.app_configs + [a.config for a in new_tools]:
+ if per_tool_limit:
+ # We already have as many entries as we need for every tool type
+ if min(tool_counts.values()) >= per_tool_limit:
+ break
+
+ # We already have as many entries as we need for *this* tool type
+ if tool_counts.get(ac.tool_name, 0) >= per_tool_limit:
+ continue
+
if excluded_tools and ac.tool_name in excluded_tools:
continue
# Tool could've been uninstalled in the meantime
@@ -536,6 +558,7 @@ class Project(MappedClass, ActivityNode, ActivityObject):
if ordinal > max_ordinal:
max_ordinal = ordinal
entries.append({'ordinal': ordinal, 'entry': entry})
+ tool_counts.update({ac.tool_name: 1})
if self == self.neighborhood.neighborhood_project and h.has_access(self.neighborhood, 'admin'):
entries.append(
@@ -601,9 +624,9 @@ class Project(MappedClass, ActivityNode, ActivityObject):
# add tool url to list of urls that will match this nav
# entry
grouped_nav[tool_name].matching_urls.append(e.url)
- if len(grouped_nav[tool_name].children) < 10:
+ if len(grouped_nav[tool_name].children) < SITEMAP_PER_TOOL_LIMIT:
grouped_nav[tool_name].children.append(e)
- elif len(grouped_nav[tool_name].children) == 10:
+ elif len(grouped_nav[tool_name].children) == SITEMAP_PER_TOOL_LIMIT:
e.url = self.url() + '_list/' + tool_name
e.label = 'More...'
grouped_nav[tool_name].children.append(e)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/e08764bf/Allura/allura/templates/tool_list.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/tool_list.html b/Allura/allura/templates/tool_list.html
index 4dfe568..04ddcec 100644
--- a/Allura/allura/templates/tool_list.html
+++ b/Allura/allura/templates/tool_list.html
@@ -29,6 +29,7 @@
{% block header %}{{type}} tools{% endblock %}
{% block content %}
+{{c.page_list.display(page=page, limit=limit, count=total_entries)}}
<div>
<ul>
{% for e in entries %}
@@ -36,4 +37,5 @@
{% endfor %}
</ul>
</div>
+{{c.page_list.display(page=page, limit=limit, count=total_entries)}}
{% endblock %}
[14/17] git commit: [#6701] Don't send usernames and passwords in the
URI (ends up in logs)
Posted by jo...@apache.org.
[#6701] Don't send usernames and passwords in the URI (ends up in logs)
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/496090ad
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/496090ad
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/496090ad
Branch: refs/heads/cj/6701
Commit: 496090ad39002e3956decd6a2c6c02b295841669
Parents: bb8a81b
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Wed Mar 19 20:01:51 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/496090ad/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 390dca3..6575a6f 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -92,7 +92,7 @@ def check_repo_path(req):
def check_authentication(req):
auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
- r = requests.post(auth_url, allow_redirects=False, params={
+ r = requests.post(auth_url, allow_redirects=False, data={
'username': req.user,
'password': req.get_basic_auth_pw(),
'return_to': '/login_successful'})
[11/17] git commit: [#6701] Changed ApacheAccessHandler.py to use
Allura auth via requests
Posted by jo...@apache.org.
[#6701] Changed ApacheAccessHandler.py to use Allura auth via requests
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/c7fe0470
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/c7fe0470
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/c7fe0470
Branch: refs/heads/cj/6701
Commit: c7fe0470fa0f7bf61c1e42de8702842aa2eb3bbc
Parents: 6cffed9
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 20:35:26 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 34 ++++++++--------------------------
1 file changed, 8 insertions(+), 26 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/c7fe0470/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 5f2ffce..19c5207 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -20,8 +20,8 @@ Here is a quick example for your apache settings (assuming ProxyPass)
AuthType Basic
AuthName "Git Access"
AuthBasicAuthoritative off
- PythonOption ALLURA_PERM_URL http://127.0.0.1:8080/auth/repo_permissions
- PythonOption ALLURA_LDAP_BASE ou=people,dc=opensourceprojects,dc=eu
+ PythonOption ALLURA_PERM_URL https://127.0.0.1/auth/repo_permissions
+ PythonOption ALLURA_AUTH_URL https://127.0.0.1/auth/do_login
</Location>
"""
@@ -29,35 +29,14 @@ Here is a quick example for your apache settings (assuming ProxyPass)
from mod_python import apache
import os
-# because urllib is not for humans
import requests
import json
-import ldap
def log(req, message):
req.log_error("Allura Access: %s" % message, apache.APLOG_WARNING)
-def ldap_auth(req, username, password):
- """
- Return True if the user was authenticated via LDAP
- """
-
- l = ldap.initialize('ldap://127.0.0.1')
- l.protocol_version = ldap.VERSION3
- ldap_user = "uid=%s,%s" % (username, req.get_options().get('ALLURA_LDAP_BASE', 'ou=people,dc=example,dc=com'))
-
- try:
- l.simple_bind_s(ldap_user, password)
- except ldap.LDAPError as e:
- log(req, "Unable to authenticate user, %s %s" % (ldap_user, e))
- return False
- log(req, "LDAP user authenticated %s" % ldap_user)
-
- return True
-
-
# This came straight from accessfs.py
def mangle(path):
'''Convert paths from the form /SCM/neighborhood/project/a/b/c to
@@ -99,14 +78,17 @@ def check_repo_path(req):
def check_authentication(req):
- log(req, "USER: "+req.user)
- return ldap_auth(req, req.user, req.get_basic_auth_pw())
+ auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
+ r = requests.post(auth_url, allow_redirects=False, params={
+ 'username': req.user,
+ 'password': req.get_basic_auth_pw()})
+ return r.status_code == 302
def check_permissions(req):
req_path = str(req.parsed_uri[apache.URI_PATH])
req_query = str(req.parsed_uri[apache.URI_QUERY])
- perm_url = req.get_options().get('ALLURA_PERM_URL', 'http://127.0.0.1:8080/auth/repo_permissions')
+ perm_url = req.get_options().get('ALLURA_PERM_URL', 'https://127.0.0.1/auth/repo_permissions')
r = requests.get(perm_url, params={'username': req.user, 'repo_path': mangle(req_path)})
if r.status_code != 200:
log(req, "repo_permissions return error (%d)" % r.status_code)
[08/17] git commit: [#6701] Refactored permission handling
Posted by jo...@apache.org.
[#6701] Refactored permission handling
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/ca6dd597
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/ca6dd597
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/ca6dd597
Branch: refs/heads/cj/6701
Commit: ca6dd59747083738c54453bed685781ef01cf0a5
Parents: eb831c6
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 16:28:30 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:45 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 63 +++++++++++++++++--------------------
1 file changed, 28 insertions(+), 35 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/ca6dd597/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 99d05ef..0eeab63 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -28,7 +28,6 @@ Here is a quick example for your apache settings (assuming ProxyPass)
from mod_python import apache
-import re
import os
# because urllib is not for humans
import requests
@@ -70,6 +69,28 @@ def mangle(path):
return '/'.join(parts)
+def get_permission_name(req_path, req_query, req_method):
+ """
+ Determine whether the request is trying to read or write,
+ and return the name of the appropriate permission to check.
+ """
+ if req_path.startswith('/git/'):
+ if req_path.endswith('/git-receive-pack') or 'service=git-receive-pack' in req_query:
+ return 'allow_write'
+ else:
+ return 'allow_read'
+ elif req_path.startswith('/svn/'):
+ if req_method in ('MKACTIVITY', 'PROPPATCH', 'PUT', 'CHECKOUT', 'MKCOL',
+ 'MOVE', 'COPY', 'DELETE', 'LOCK', 'UNLOCK', 'MERGE', 'POST'):
+ return 'allow_write'
+ elif req_method in ("GET", "PROPFIND", "OPTIONS", "REPORT"):
+ return 'allow_read'
+ else:
+ return 'allow_write' # default to requiring write permission
+ elif req_path.startswith('/hg/'):
+ return 'allow_write' # TODO: Differentiate reads and write for Hg
+
+
def handler(req):
req.add_common_vars()
req_path = str(req.parsed_uri[apache.URI_PATH])
@@ -89,10 +110,10 @@ def handler(req):
if req_user:
log(req, "USER: "+req_user)
params['username'] = req_user
- if not ldap_auth(req, req.user, req_passwd):
+ if not ldap_auth(req, req_user, req_passwd):
return apache.HTTP_UNAUTHORIZED
#return apache.HTTP_FORBIDDEN
- log(req, "USER: "+req.user)
+ log(req, "USER: "+req_user)
else:
log(req, "USER: Anonymous")
@@ -108,43 +129,15 @@ def handler(req):
log(req, "error decoding JSON %s %s" % (r.headers['content-type'], ex))
return apache.HTTP_FORBIDDEN
- #
- # Distinguish READ and WRITE
- #
- # TODO: HG
- #
-
- authorized = False
- # GIT
- if re.match('^/git/.*', req_path):
- if re.match('.*/git-receive-pack', req_path) or re.match('service=git-receive-pack', req_query):
- # Write access
- log(req, "Request is GIT Auth Write")
- authorized = cred.get('allow_write', False)
- else:
- # Read access
- log(req, "Request is GIT Auth READ")
- authorized = cred.get('allow_read', False)
- # SVN
- if re.match('^/svn/.*', req_path):
- if req_method in ('MKACTIVITY', 'PROPPATCH', 'PUT', 'CHECKOUT', 'MKCOL',
- 'MOVE', 'COPY', 'DELETE', 'LOCK', 'UNLOCK', 'MERGE', 'POST'):
- # Write access
- log(req, "Request is SVN Auth WRITE")
- authorized = cred.get('allow_write', False)
- elif req_method in ("GET", "PROPFIND", "OPTIONS", "REPORT"):
- # Read access
- log(req, "Request is SVN Auth READ")
- authorized = cred.get('allow_read', False)
- else:
- log(req, "Request is SVN unknown %s" % req_method)
+ permission = get_permission_name(req_path, req_method)
+ authorized = cred.get(permission, False)
- log(req, "%s -> %s -> authorized:%s" % (r.url, cred, authorized))
+ log(req, "%s -> %s -> %s -> authorized:%s" % (r.url, cred, permission, authorized))
if authorized:
log(req, "Request ACCEPTED")
return apache.OK
- elif req.user:
+ elif req_user:
log(req, "Request FORBIDDEN")
return apache.HTTP_UNAUTHORIZED
#return apache.HTTP_FORBIDDEN
[04/17] git commit: [#7051] Add test for sitemap depth limiting
Posted by jo...@apache.org.
[#7051] Add test for sitemap depth limiting
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/186c3a3e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/186c3a3e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/186c3a3e
Branch: refs/heads/cj/6701
Commit: 186c3a3e1994c549758e2fb9a8dcc6d0ca6cd85b
Parents: 1d66eb3
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Tue Mar 18 16:29:05 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Tue Mar 18 16:31:08 2014 +0000
----------------------------------------------------------------------
Allura/allura/tests/functional/test_home.py | 14 ++++++++++++++
1 file changed, 14 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/186c3a3e/Allura/allura/tests/functional/test_home.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_home.py b/Allura/allura/tests/functional/test_home.py
index 54c34b7..3b790aa 100644
--- a/Allura/allura/tests/functional/test_home.py
+++ b/Allura/allura/tests/functional/test_home.py
@@ -58,6 +58,20 @@ class TestProjectHome(TestController):
assert {u'url': u'/p/test/wiki2/', u'name': u'wiki2', u'icon':
u'tool-wiki', 'tool_name': 'wiki'} in wikis, wikis
+ def test_sitemap_limit_per_tool(self):
+ """Test that sitemap is limited to max of 10 items per tool type."""
+ c.user = M.User.by_username('test-admin')
+ p = M.Project.query.get(shortname='test')
+ c.project = p
+ for i in range(11):
+ mnt = 'wiki' + str(i)
+ p.install_app('wiki', mnt, mnt, 10 + i)
+
+ response = self.app.get('/p/test/_nav.json')
+ menu = response.json['menu']
+ wikis = menu[-2]['children']
+ assert_equal(len(wikis), 10)
+
@td.with_wiki
def test_project_group_nav_more_than_ten(self):
for i in range(1, 15):
[07/17] git commit: [#7051] Admin tools paging fixes/improvements
Posted by jo...@apache.org.
[#7051] Admin tools paging fixes/improvements
- Stay on same page when changing grouping threshold
- Fix broken tool drag n drop sorting
- Redirect to last page when new tool installed
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/7fbafb6f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/7fbafb6f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/7fbafb6f
Branch: refs/heads/cj/6701
Commit: 7fbafb6fde6cc1033498aafb2205fce4af40ffbe
Parents: 3a265bd
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Wed Mar 19 19:56:43 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Wed Mar 19 19:56:43 2014 +0000
----------------------------------------------------------------------
Allura/allura/ext/admin/admin_main.py | 19 +++++++++++--------
.../ext/admin/templates/project_tools.html | 6 +++---
Allura/allura/public/nf/js/project_tools.js | 8 ++++++--
3 files changed, 20 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7fbafb6f/Allura/allura/ext/admin/admin_main.py
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index 696f14d..e889b29 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -261,7 +261,7 @@ class ProjectAdminController(BaseController):
@without_trailing_slash
@expose('jinja:allura.ext.admin:templates/project_tools.html')
- def tools(self, page=0, limit=200, **kw):
+ def tools(self, page=None, limit=200, **kw):
c.markdown_editor = W.markdown_editor
c.label_edit = W.label_edit
c.mount_delete = W.mount_delete
@@ -270,7 +270,7 @@ class ProjectAdminController(BaseController):
c.page_list = W.page_list
mounts = c.project.ordered_mounts()
total_mounts = len(mounts)
- limit, page = h.paging_sanitizer(limit, page, total_mounts)
+ limit, page = h.paging_sanitizer(limit, page or total_mounts / int(limit), total_mounts)
start = page * limit
return dict(
page=page,
@@ -284,7 +284,7 @@ class ProjectAdminController(BaseController):
@expose()
@require_post()
- def configure_tool_grouping(self, grouping_threshold='1', **kw):
+ def configure_tool_grouping(self, grouping_threshold='1', page=0, limit=200, **kw):
try:
grouping_threshold = int(grouping_threshold)
if grouping_threshold < 1:
@@ -293,7 +293,7 @@ class ProjectAdminController(BaseController):
'allura', grouping_threshold=grouping_threshold)
except ValueError:
flash('Invalid threshold', 'error')
- redirect('tools')
+ redirect('tools?limit=%s&page=%s' % (limit, page))
@expose()
@require_post()
@@ -679,20 +679,23 @@ class ProjectAdminController(BaseController):
h.log_action(log, 'install tool').info(
'install tool %s', mount_point,
meta=dict(tool_type=ep_name, mount_point=mount_point, mount_label=new['mount_label']))
- c.project.install_app(
+ return c.project.install_app(
ep_name, mount_point, mount_label=new['mount_label'], ordinal=new['ordinal'])
g.post_event('project_updated')
@h.vardec
@expose()
@require_post()
- def update_mounts(self, subproject=None, tool=None, new=None, **kw):
+ def update_mounts(self, subproject=None, tool=None, new=None, page=0, limit=200, **kw):
try:
- self._update_mounts(subproject, tool, new, **kw)
+ new_app = self._update_mounts(subproject, tool, new, **kw)
+ if new_app:
+ # force redir to last page of tools, where new app will be
+ page = ''
except forge_exc.ForgeError, exc:
flash('%s: %s' % (exc.__class__.__name__, exc.args[0]),
'error')
- redirect('tools')
+ redirect('tools?limit=%s&page=%s' % (limit, page))
@expose('jinja:allura.ext.admin:templates/export.html')
def export(self, tools=None):
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7fbafb6f/Allura/allura/ext/admin/templates/project_tools.html
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/templates/project_tools.html b/Allura/allura/ext/admin/templates/project_tools.html
index 60b4d89..a51f750 100644
--- a/Allura/allura/ext/admin/templates/project_tools.html
+++ b/Allura/allura/ext/admin/templates/project_tools.html
@@ -43,8 +43,8 @@
</a>
</span>
</div>
- <form method="post" action="update_mounts" id="install_form" style="display:none">
- <input type="hidden" name="new.ordinal" value="{{installable_tools|length + c.project.direct_subprojects|length}}"/>
+ <form method="post" action="update_mounts?limit={{limit}}&page={{page}}" id="install_form" style="display:none">
+ <input type="hidden" name="new.ordinal" value="{{total_mounts}}"/>
<input type="hidden" name="new.ep_name" class="new_ep_name">
<label class="grid-13">Label</label>
<div class="grid-13"><input type="text" name="new.mount_label" class="new_mount_label"></div>
@@ -162,7 +162,7 @@
<div><!--dummy-->
<h3 style="clear:left">Grouping</h3>
-<form method="POST" action="configure_tool_grouping" id="configure_grouping_form">
+<form method="POST" action="configure_tool_grouping?limit={{limit}}&page={{page}}" id="configure_grouping_form">
<label>Threshold for grouping tools by type:
<input name="grouping_threshold" value="{{c.project.get_tool_data('allura', 'grouping_threshold', 1)}}"/>
</label>
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7fbafb6f/Allura/allura/public/nf/js/project_tools.js
----------------------------------------------------------------------
diff --git a/Allura/allura/public/nf/js/project_tools.js b/Allura/allura/public/nf/js/project_tools.js
index b02554b..4e4ab46 100644
--- a/Allura/allura/public/nf/js/project_tools.js
+++ b/Allura/allura/public/nf/js/project_tools.js
@@ -96,18 +96,22 @@
var tools = 0;
var subs = 0;
var params = {'_session_id':$.cookie('_session_id')};
+ var action = $('#install_form').attr('action');
+ var limit = action.match(/limit=(\d+)/)[1];
+ var page = action.match(/page=(\d+)/)[1];
+ var first_tool_ordinal = parseInt(limit) * parseInt(page);
for (var i = 0, len = sortables.length; i < len; i++) {
var item = $(sortables[i]);
var mount_point = item.find('input.mount_point');
var shortname = item.find('input.shortname');
if (mount_point.length) {
params['tools-' + tools + '.mount_point'] = mount_point.val();
- params['tools-' + tools + '.ordinal'] = i;
+ params['tools-' + tools + '.ordinal'] = i + first_tool_ordinal;
tools++;
}
if (shortname.length) {
params['subs-' + subs + '.shortname'] = shortname.val();
- params['subs-' + subs + '.ordinal'] = i;
+ params['subs-' + subs + '.ordinal'] = i + first_tool_ordinal;
subs++;
}
}
[13/17] git commit: [#3815] Render return_to field on login form
Posted by jo...@apache.org.
[#3815] Render return_to field on login form
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/0bbf17d7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/0bbf17d7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/0bbf17d7
Branch: refs/heads/cj/6701
Commit: 0bbf17d749799fafe3df4de0c154d4bd34a99626
Parents: c7fe047
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 21:33:12 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
Allura/allura/lib/widgets/auth_widgets.py | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/0bbf17d7/Allura/allura/lib/widgets/auth_widgets.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/auth_widgets.py b/Allura/allura/lib/widgets/auth_widgets.py
index f97c976..034da45 100644
--- a/Allura/allura/lib/widgets/auth_widgets.py
+++ b/Allura/allura/lib/widgets/auth_widgets.py
@@ -37,7 +37,8 @@ class LoginForm(ForgeForm):
def fields(self):
fields = [
ew.TextField(name='username', label='Username'),
- ew.PasswordField(name='password', label='Password')
+ ew.PasswordField(name='password', label='Password'),
+ ew.HiddenField(name='return_to'),
]
if plugin.AuthenticationProvider.get(request).forgotten_password_process:
# only show link if auth provider has method of recovering password
@@ -45,9 +46,6 @@ class LoginForm(ForgeForm):
ew.HTMLField(name='link', text='<a href="forgotten_password">Forgot password?</a>'))
return fields
- class hidden_fields(ew_core.NameList):
- return_to = ew.HiddenField()
-
@validator
def validate(self, value, state=None):
try:
[17/17] git commit: [#6701] Must call get_basic_auth_pw before
req.user
Posted by jo...@apache.org.
[#6701] Must call get_basic_auth_pw before req.user
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/f970d43d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/f970d43d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/f970d43d
Branch: refs/heads/cj/6701
Commit: f970d43d4ad579ede476d97ea916c07d1a6d59ec
Parents: 496090a
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Wed Mar 19 20:20:42 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:45:32 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/f970d43d/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 6575a6f..69e1d62 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -91,10 +91,13 @@ def check_repo_path(req):
def check_authentication(req):
+ password = req.get_basic_auth_pw() # MUST be called before req.user
+ username = req.user
+ log(req, "checking auth for: %s" % username)
auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
r = requests.post(auth_url, allow_redirects=False, data={
- 'username': req.user,
- 'password': req.get_basic_auth_pw(),
+ 'username': username,
+ 'password': password,
'return_to': '/login_successful'})
return r.status_code == 302 and r.headers['location'].endswith('/login_successful')
[16/17] git commit: [#6701] Added support for virtualenv to
ApacheAccessHandler
Posted by jo...@apache.org.
[#6701] Added support for virtualenv to ApacheAccessHandler
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/4c90effb
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/4c90effb
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/4c90effb
Branch: refs/heads/cj/6701
Commit: 4c90effbd0bef38f62aa2aa2dae32dcb2fcd6e97
Parents: a71aa70
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 22:49:45 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/4c90effb/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 585c6b2..946898b 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -22,6 +22,7 @@ Here is a quick example for your apache settings (assuming ProxyPass)
AuthBasicAuthoritative off
PythonOption ALLURA_PERM_URL https://127.0.0.1/auth/repo_permissions
PythonOption ALLURA_AUTH_URL https://127.0.0.1/auth/do_login
+ PythonOption ALLURA_VIRTUALENV /var/local/env-allura
</Location>
"""
@@ -29,14 +30,26 @@ Here is a quick example for your apache settings (assuming ProxyPass)
from mod_python import apache
import os
-import requests
import json
+requests = None # will be imported on demand, to allow for virtualenv
+
+
def log(req, message):
req.log_error("Allura Access: %s" % message, apache.APLOG_WARNING)
+def load_requests_lib(req):
+ virtualenv_path = req.get_options().get('ALLURA_VIRTUALENV', None)
+ if virtualenv_path:
+ activate_this = '%s/bin/activate_this.py' % virtualenv_path
+ execfile(activate_this, {'__file__': activate_this})
+ global requests
+ import requests as requests_lib
+ requests = requests_lib
+
+
# This came straight from accessfs.py
def mangle(path):
'''Convert paths from the form /SCM/neighborhood/project/a/b/c to
@@ -109,6 +122,7 @@ def check_permissions(req):
def handler(req):
+ load_requests_lib(req)
req.add_common_vars()
if not check_repo_path(req):
[09/17] git commit: [#6701] Added access handler submitted by Rui
Ferreira
Posted by jo...@apache.org.
[#6701] Added access handler submitted by Rui Ferreira
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/eb831c65
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/eb831c65
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/eb831c65
Branch: refs/heads/cj/6701
Commit: eb831c658ca948ae5b64c1361d9dc2441ac29093
Parents: 7fbafb6
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 16:05:13 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:45 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 158 ++++++++++++++++++++++++++++++++++++
1 file changed, 158 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/eb831c65/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
new file mode 100644
index 0000000..99d05ef
--- /dev/null
+++ b/scripts/ApacheAccessHandler.py
@@ -0,0 +1,158 @@
+"""
+An Apache authorization handler for Allura
+
+* This needs python-requests in the modpython path
+* Check fuse/accessfs.py for more details on the path mangling
+ magic
+
+Here is a quick example for your apache settings (assuming ProxyPass)
+
+ SetEnv GIT_PROJECT_ROOT /opt/allura/scm/git
+ SetEnv GIT_HTTP_EXPORT_ALL
+ ProxyPass /git/ !
+ ScriptAlias /git/ /usr/lib/git-core/git-http-backend/
+
+ <Location "/git/">
+ AddHandler mod_python .py
+ PythonAccessHandler /path/to/ApacheAccessHandler.py
+ PythonDebug On
+
+ AuthType Basic
+ AuthName "Git Access"
+ AuthBasicAuthoritative off
+ PythonOption ALLURA_PERM_URL http://127.0.0.1:8080/auth/repo_permissions
+ PythonOption ALLURA_LDAP_BASE ou=people,dc=opensourceprojects,dc=eu
+ </Location>
+
+"""
+
+
+from mod_python import apache
+import re
+import os
+# because urllib is not for humans
+import requests
+import json
+import ldap
+
+
+def log(req, message):
+ req.log_error("Allura Access: %s" % message, apache.APLOG_WARNING)
+
+
+def ldap_auth(req, username, password):
+ """
+ Return True if the user was authenticated via LDAP
+ """
+
+ l = ldap.initialize('ldap://127.0.0.1')
+ l.protocol_version = ldap.VERSION3
+ ldap_user = "uid=%s,%s" % (username, req.get_options().get('ALLURA_LDAP_BASE', 'ou=people,dc=example,dc=com'))
+
+ try:
+ l.simple_bind_s(ldap_user, password)
+ except ldap.LDAPError as e:
+ log(req, "Unable to authenticate user, %s %s" % (ldap_user, e))
+ return False
+ log(req, "LDAP user authenticated %s" % ldap_user)
+
+ return True
+
+
+# This came straight from accessfs.py
+def mangle(path):
+ '''Convert paths from the form /SCM/neighborhood/project/a/b/c to
+ /SCM/project.neighborhood/a/b/c
+ '''
+ parts = [p for p in path.split(os.path.sep) if p]
+ scm, nbhd, proj, rest = parts[0], parts[1], parts[2], parts[3:]
+ parts = ['/SCM/%s.%s' % (proj, nbhd)] + rest
+ return '/'.join(parts)
+
+
+def handler(req):
+ req.add_common_vars()
+ req_path = str(req.parsed_uri[apache.URI_PATH])
+ req_query = str(req.parsed_uri[apache.URI_QUERY])
+
+ req_passwd = req.get_basic_auth_pw()
+ req_user = req.user
+ req_method = req.method
+
+ log(req, "PATH: %s QUERY: %s METHOD: %s" % (req_path, req_query, req_method))
+
+ try:
+ params = {'repo_path': mangle(req_path)}
+ except:
+ return apache.HTTP_NOT_FOUND
+
+ if req_user:
+ log(req, "USER: "+req_user)
+ params['username'] = req_user
+ if not ldap_auth(req, req.user, req_passwd):
+ return apache.HTTP_UNAUTHORIZED
+ #return apache.HTTP_FORBIDDEN
+ log(req, "USER: "+req.user)
+ else:
+ log(req, "USER: Anonymous")
+
+ url = req.get_options().get('ALLURA_PERM_URL', 'http://127.0.0.1:8080/auth/repo_permissions')
+ r = requests.get(url, params=params)
+ if r.status_code != 200:
+ log(req, "repo_permissions return error (%d)" % r.status_code)
+ return apache.HTTP_FORBIDDEN
+
+ try:
+ cred = json.loads(r.content)
+ except Exception as ex:
+ log(req, "error decoding JSON %s %s" % (r.headers['content-type'], ex))
+ return apache.HTTP_FORBIDDEN
+
+ #
+ # Distinguish READ and WRITE
+ #
+ # TODO: HG
+ #
+
+ authorized = False
+ # GIT
+ if re.match('^/git/.*', req_path):
+ if re.match('.*/git-receive-pack', req_path) or re.match('service=git-receive-pack', req_query):
+ # Write access
+ log(req, "Request is GIT Auth Write")
+ authorized = cred.get('allow_write', False)
+ else:
+ # Read access
+ log(req, "Request is GIT Auth READ")
+ authorized = cred.get('allow_read', False)
+ # SVN
+ if re.match('^/svn/.*', req_path):
+ if req_method in ('MKACTIVITY', 'PROPPATCH', 'PUT', 'CHECKOUT', 'MKCOL',
+ 'MOVE', 'COPY', 'DELETE', 'LOCK', 'UNLOCK', 'MERGE', 'POST'):
+ # Write access
+ log(req, "Request is SVN Auth WRITE")
+ authorized = cred.get('allow_write', False)
+ elif req_method in ("GET", "PROPFIND", "OPTIONS", "REPORT"):
+ # Read access
+ log(req, "Request is SVN Auth READ")
+ authorized = cred.get('allow_read', False)
+ else:
+ log(req, "Request is SVN unknown %s" % req_method)
+
+ log(req, "%s -> %s -> authorized:%s" % (r.url, cred, authorized))
+
+ if authorized:
+ log(req, "Request ACCEPTED")
+ return apache.OK
+ elif req.user:
+ log(req, "Request FORBIDDEN")
+ return apache.HTTP_UNAUTHORIZED
+ #return apache.HTTP_FORBIDDEN
+ else:
+ log(req, "Request UNAUTHORIZED")
+ return apache.HTTP_UNAUTHORIZED
+
+
+def accesshandler(req):
+ log(req, "AccessHandler")
+ return handler(req)
[02/17] git commit: [#7051] Add new sitemap options
Posted by jo...@apache.org.
[#7051] Add new sitemap options
So we can get a sitemap for only a specific tool type.
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/75393c37
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/75393c37
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/75393c37
Branch: refs/heads/cj/6701
Commit: 75393c37cd5f41b431699f2df2e83485b3475f5b
Parents: e08764b
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Wed Mar 12 22:28:33 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Tue Mar 18 16:31:07 2014 +0000
----------------------------------------------------------------------
Allura/allura/controllers/project.py | 6 +--
.../ext/admin/templates/project_tools.html | 7 ++-
Allura/allura/model/project.py | 53 +++++++++++++-------
3 files changed, 45 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/75393c37/Allura/allura/controllers/project.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/project.py b/Allura/allura/controllers/project.py
index aedae62..c22eb14 100644
--- a/Allura/allura/controllers/project.py
+++ b/Allura/allura/controllers/project.py
@@ -316,10 +316,10 @@ class ToolListController(object):
@expose('jinja:allura:templates/tool_list.html')
def _default(self, tool_name, page=0, limit=200, **kw):
- tool_name = tool_name.lower()
- entries = [e for e in c.project.sitemap(per_tool_limit=None)
- if e.tool_name and e.tool_name.lower() == tool_name]
c.page_list = W.page_list
+ tool_name = tool_name.lower()
+ entries = c.project.sitemap(included_tools=[tool_name],
+ tools_only=True, per_tool_limit=None)
total_entries = len(entries)
limit, page = h.paging_sanitizer(limit, page, total_entries)
start = page * limit
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/75393c37/Allura/allura/ext/admin/templates/project_tools.html
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/templates/project_tools.html b/Allura/allura/ext/admin/templates/project_tools.html
index af777b0..60b4d89 100644
--- a/Allura/allura/ext/admin/templates/project_tools.html
+++ b/Allura/allura/ext/admin/templates/project_tools.html
@@ -77,6 +77,9 @@
</form>
{{c.install_modal.display(content='<h1>Install <span id="install_tool_label">Tool</span></h1>')}}
+<div>
+ {{c.page_list.display(page=page, limit=limit, count=total_mounts)}}
+</div>
<h3>Installed tools</h3>
<p>
Sortable - define top menu order by moving tools with your mouse.
@@ -142,7 +145,9 @@
{% endfor %}
</div>
</div>
-{{c.page_list.display(page=page, limit=limit, count=total_mounts)}}
+<div style="clear:both">
+ {{c.page_list.display(page=page, limit=limit, count=total_mounts)}}
+</div>
<form id="mount_delete_form" style="display:none">
<div class="grid-13 warning_msg">Warning: This will destroy all data in this tool and is irreversible!</div>
<div class="grid-13"> </div>
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/75393c37/Allura/allura/model/project.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/project.py b/Allura/allura/model/project.py
index 36112a0..dd247de 100644
--- a/Allura/allura/model/project.py
+++ b/Allura/allura/model/project.py
@@ -486,16 +486,23 @@ class Project(MappedClass, ActivityNode, ActivityObject):
result[award.granted_to_project_id].append(award)
return result
- def sitemap(self, excluded_tools=None, per_tool_limit=SITEMAP_PER_TOOL_LIMIT):
- """Return the project sitemap.
+ def sitemap(self, excluded_tools=None, included_tools=None,
+ tools_only=False, per_tool_limit=SITEMAP_PER_TOOL_LIMIT):
+ """
+ Return the project sitemap.
:param list excluded_tools:
-
Tool names (AppConfig.tool_name) to exclude from sitemap.
- :param int per_tool_limit:
+ :param list included_tools:
+ Tool names (AppConfig.tool_name) to include. Use `None` to
+ include all tool types.
- Max number of entries to include in the sitemap for a single tool
+ :param bool tools_only:
+ Only include tools in the sitemap (exclude subprojects).
+
+ :param int per_tool_limit:
+ Max number of entries included in the sitemap for a single tool
type. Use `None` to include all.
"""
@@ -513,24 +520,30 @@ class Project(MappedClass, ActivityNode, ActivityObject):
# Keep running count of entries per tool type
tool_counts = Counter({tool_name: 0 for tool_name in g.entry_points['tool']})
- for sub in self.direct_subprojects:
- ordinal = sub.ordinal + delta_ordinal
- if ordinal > max_ordinal:
- max_ordinal = ordinal
- entries.append({'ordinal': sub.ordinal + delta_ordinal,
- 'entry': SitemapEntry(sub.name, sub.url())})
+ if not tools_only:
+ for sub in self.direct_subprojects:
+ ordinal = sub.ordinal + delta_ordinal
+ if ordinal > max_ordinal:
+ max_ordinal = ordinal
+ entries.append({'ordinal': sub.ordinal + delta_ordinal,
+ 'entry': SitemapEntry(sub.name, sub.url())})
+
for ac in self.app_configs + [a.config for a in new_tools]:
if per_tool_limit:
- # We already have as many entries as we need for every tool type
+ # We already have max entries for every tool type
if min(tool_counts.values()) >= per_tool_limit:
break
- # We already have as many entries as we need for *this* tool type
+ # We already have max entries for this tool type
if tool_counts.get(ac.tool_name, 0) >= per_tool_limit:
continue
if excluded_tools and ac.tool_name in excluded_tools:
continue
+
+ if included_tools and ac.tool_name not in included_tools:
+ continue
+
# Tool could've been uninstalled in the meantime
try:
App = ac.load()
@@ -560,10 +573,16 @@ class Project(MappedClass, ActivityNode, ActivityObject):
entries.append({'ordinal': ordinal, 'entry': entry})
tool_counts.update({ac.tool_name: 1})
- if self == self.neighborhood.neighborhood_project and h.has_access(self.neighborhood, 'admin'):
- entries.append(
- {'ordinal': max_ordinal + 1, 'entry': SitemapEntry('Moderate',
- "%s_moderate/" % self.neighborhood.url(), ui_icon="tool-admin")})
+ if (not tools_only and
+ self == self.neighborhood.neighborhood_project and
+ h.has_access(self.neighborhood, 'admin')):
+ entries.append({
+ 'ordinal': max_ordinal + 1,
+ 'entry': SitemapEntry(
+ 'Moderate',
+ "%s_moderate/" % self.neighborhood.url(),
+ ui_icon="tool-admin")
+ })
max_ordinal += 1
entries = sorted(entries, key=lambda e: e['ordinal'])
[15/17] git commit: [#6701] Improve reliability of auth check
Posted by jo...@apache.org.
[#6701] Improve reliability of auth check
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/a71aa702
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/a71aa702
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/a71aa702
Branch: refs/heads/cj/6701
Commit: a71aa702e39696a5d40eb6fb3ade7dc7739d7429
Parents: 0bbf17d
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 21:35:43 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/a71aa702/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 19c5207..585c6b2 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -81,8 +81,9 @@ def check_authentication(req):
auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
r = requests.post(auth_url, allow_redirects=False, params={
'username': req.user,
- 'password': req.get_basic_auth_pw()})
- return r.status_code == 302
+ 'password': req.get_basic_auth_pw(),
+ 'return_to': '/login_successful'})
+ return r.status_code == 302 and r.headers['location'].endswith('/login_successful')
def check_permissions(req):
[06/17] git commit: [#7051] Make sure More link still gets added
Posted by jo...@apache.org.
[#7051] Make sure More link still gets added
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/3a265bd6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/3a265bd6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/3a265bd6
Branch: refs/heads/cj/6701
Commit: 3a265bd63e47462e6f17e1713ec78a963afb16d1
Parents: 186c3a3
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Tue Mar 18 17:23:49 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Tue Mar 18 17:23:49 2014 +0000
----------------------------------------------------------------------
Allura/allura/model/project.py | 4 ++--
Allura/allura/tests/functional/test_home.py | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/3a265bd6/Allura/allura/model/project.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/project.py b/Allura/allura/model/project.py
index dd247de..1ee6683 100644
--- a/Allura/allura/model/project.py
+++ b/Allura/allura/model/project.py
@@ -643,9 +643,9 @@ class Project(MappedClass, ActivityNode, ActivityObject):
# add tool url to list of urls that will match this nav
# entry
grouped_nav[tool_name].matching_urls.append(e.url)
- if len(grouped_nav[tool_name].children) < SITEMAP_PER_TOOL_LIMIT:
+ if len(grouped_nav[tool_name].children) < SITEMAP_PER_TOOL_LIMIT - 1:
grouped_nav[tool_name].children.append(e)
- elif len(grouped_nav[tool_name].children) == SITEMAP_PER_TOOL_LIMIT:
+ elif len(grouped_nav[tool_name].children) == SITEMAP_PER_TOOL_LIMIT - 1:
e.url = self.url() + '_list/' + tool_name
e.label = 'More...'
grouped_nav[tool_name].children.append(e)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/3a265bd6/Allura/allura/tests/functional/test_home.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_home.py b/Allura/allura/tests/functional/test_home.py
index 3b790aa..8a8d087 100644
--- a/Allura/allura/tests/functional/test_home.py
+++ b/Allura/allura/tests/functional/test_home.py
@@ -83,7 +83,7 @@ class TestProjectHome(TestController):
c.app = p.install_app('wiki', tool_name, tool_name, i)
response = self.app.get('/p/test/_nav.json')
menu = response.json['menu']
- assert_equal(len(menu[0]['children']), 11)
+ assert_equal(len(menu[0]['children']), 10)
assert {u'url': u'/p/test/_list/wiki', u'name': u'More...',
u'icon': u'tool-wiki', 'tool_name': 'wiki'} in menu[0]['children']
[10/17] git commit: [#6701] Refactored auth check
Posted by jo...@apache.org.
[#6701] Refactored auth check
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/6cffed91
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/6cffed91
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/6cffed91
Branch: refs/heads/cj/6701
Commit: 6cffed916fb2a96ceda8c179411cc49a8281cf0f
Parents: ca6dd59
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 18:47:24 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:45 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 66 +++++++++++++++++--------------------
1 file changed, 30 insertions(+), 36 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/6cffed91/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 0eeab63..5f2ffce 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -64,6 +64,8 @@ def mangle(path):
/SCM/project.neighborhood/a/b/c
'''
parts = [p for p in path.split(os.path.sep) if p]
+ if len(parts) < 4:
+ return None
scm, nbhd, proj, rest = parts[0], parts[1], parts[2], parts[3:]
parts = ['/SCM/%s.%s' % (proj, nbhd)] + rest
return '/'.join(parts)
@@ -91,60 +93,52 @@ def get_permission_name(req_path, req_query, req_method):
return 'allow_write' # TODO: Differentiate reads and write for Hg
-def handler(req):
- req.add_common_vars()
- req_path = str(req.parsed_uri[apache.URI_PATH])
- req_query = str(req.parsed_uri[apache.URI_QUERY])
+def check_repo_path(req):
+ repo_path = mangle(str(req.parsed_uri[apache.URI_PATH]))
+ return repo_path is not None
- req_passwd = req.get_basic_auth_pw()
- req_user = req.user
- req_method = req.method
- log(req, "PATH: %s QUERY: %s METHOD: %s" % (req_path, req_query, req_method))
+def check_authentication(req):
+ log(req, "USER: "+req.user)
+ return ldap_auth(req, req.user, req.get_basic_auth_pw())
- try:
- params = {'repo_path': mangle(req_path)}
- except:
- return apache.HTTP_NOT_FOUND
- if req_user:
- log(req, "USER: "+req_user)
- params['username'] = req_user
- if not ldap_auth(req, req_user, req_passwd):
- return apache.HTTP_UNAUTHORIZED
- #return apache.HTTP_FORBIDDEN
- log(req, "USER: "+req_user)
- else:
- log(req, "USER: Anonymous")
-
- url = req.get_options().get('ALLURA_PERM_URL', 'http://127.0.0.1:8080/auth/repo_permissions')
- r = requests.get(url, params=params)
+def check_permissions(req):
+ req_path = str(req.parsed_uri[apache.URI_PATH])
+ req_query = str(req.parsed_uri[apache.URI_QUERY])
+ perm_url = req.get_options().get('ALLURA_PERM_URL', 'http://127.0.0.1:8080/auth/repo_permissions')
+ r = requests.get(perm_url, params={'username': req.user, 'repo_path': mangle(req_path)})
if r.status_code != 200:
log(req, "repo_permissions return error (%d)" % r.status_code)
- return apache.HTTP_FORBIDDEN
+ return False
try:
cred = json.loads(r.content)
except Exception as ex:
log(req, "error decoding JSON %s %s" % (r.headers['content-type'], ex))
- return apache.HTTP_FORBIDDEN
+ return False
- permission = get_permission_name(req_path, req_method)
+ permission = get_permission_name(req_path, req_query, req.method)
authorized = cred.get(permission, False)
log(req, "%s -> %s -> %s -> authorized:%s" % (r.url, cred, permission, authorized))
+ return authorized
- if authorized:
- log(req, "Request ACCEPTED")
- return apache.OK
- elif req_user:
- log(req, "Request FORBIDDEN")
- return apache.HTTP_UNAUTHORIZED
- #return apache.HTTP_FORBIDDEN
- else:
- log(req, "Request UNAUTHORIZED")
+
+def handler(req):
+ req.add_common_vars()
+
+ if not check_repo_path(req):
+ return apache.HTTP_NOT_FOUND
+
+ if req.user and not check_authentication(req):
return apache.HTTP_UNAUTHORIZED
+ if not check_permissions(req):
+ return apache.HTTP_FORBIDDEN
+
+ return apache.OK
+
def accesshandler(req):
log(req, "AccessHandler")
[12/17] git commit: [#6701] Return 401 Unauthorized instead of 403
Forbidden when anonymous access is denied to force client to prompt for auth
Posted by jo...@apache.org.
[#6701] Return 401 Unauthorized instead of 403 Forbidden when anonymous access is denied to force client to prompt for auth
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/bb8a81bc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/bb8a81bc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/bb8a81bc
Branch: refs/heads/cj/6701
Commit: bb8a81bc4d9796f3e05a789e9003f427a393f0a3
Parents: 4c90eff
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Wed Mar 19 15:11:50 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/bb8a81bc/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 946898b..390dca3 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -128,10 +128,14 @@ def handler(req):
if not check_repo_path(req):
return apache.HTTP_NOT_FOUND
- if req.user and not check_authentication(req):
+ authenticated = check_authentication(req)
+ if req.user and not authenticated:
return apache.HTTP_UNAUTHORIZED
- if not check_permissions(req):
+ authorized = check_permissions(req)
+ if not req.user and not authorized:
+ return apache.HTTP_UNAUTHORIZED
+ elif not authorized:
return apache.HTTP_FORBIDDEN
return apache.OK
[05/17] git commit: [#7051] Add test for paging of admin/tools
Posted by jo...@apache.org.
[#7051] Add test for paging of admin/tools
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/1d66eb3a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/1d66eb3a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/1d66eb3a
Branch: refs/heads/cj/6701
Commit: 1d66eb3a84b19d9f75e035d81bf134ed13fea6c5
Parents: 35eee90
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Tue Mar 18 16:14:43 2014 +0000
Committer: Tim Van Steenburgh <tv...@gmail.com>
Committed: Tue Mar 18 16:31:08 2014 +0000
----------------------------------------------------------------------
Allura/allura/tests/functional/test_admin.py | 8 ++++++++
1 file changed, 8 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/1d66eb3a/Allura/allura/tests/functional/test_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_admin.py b/Allura/allura/tests/functional/test_admin.py
index 156fd66..49246a8 100644
--- a/Allura/allura/tests/functional/test_admin.py
+++ b/Allura/allura/tests/functional/test_admin.py
@@ -319,6 +319,14 @@ class TestProjectAdmin(TestController):
# that we don't know about
assert len(set(expected_tools) - set(tool_strings)) == 0, tool_strings
+ def test_tool_paging(self):
+ r = self.app.get('/admin/tools')
+ assert_equals(2, len(r.html.findAll('ul', {'class': 'deck'})))
+ r = self.app.get('/admin/tools?limit=1&page=0')
+ assert_equals(1, len(r.html.findAll('ul', {'class': 'deck'})))
+ r = self.app.get('/admin/tools?limit=1&page=1')
+ assert_equals(1, len(r.html.findAll('ul', {'class': 'deck'})))
+
def test_tool_installation_limit(self):
with mock.patch.object(ForgeWikiApp, 'max_instances') as mi:
mi.__get__ = mock.Mock(return_value=1)