Mercurial > p > roundup > code

view roundup/actions.py @ 7211:506c86823abb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add config argument to more password.Password invocations. The work done to allow password_pbkdf2_default_rounds to be overridden for testing requires that calls to password.Password include a config argument. This was needed because using the real value more than quadrupled testing runtime. However there are still a few places where config was not being set when Password was called. I think this fixes all of the ones that are called from a function that have access to a db.config object. The remaining ones all call Password(encrypted=x). This results in Password.unpack() being called. If x is not a propertly formatted password string ("{scheme}...", it calls encodePassword. It then should end up raising the ConfigNotSet exception. This is probably what we want as it means the shape of "x" is not correct. I don't understand why Password.unpack() attempts to encrypt the value of encrypted if it doesn't match the right form. According to codecov, this encryption branch is being used, so somewhere x is of the wrong form. Hmmm....
author John Rouillard <rouilj@ieee.org>
date Sat, 04 Mar 2023 00:17:26 -0500
parents 4c9acc580769
children 1287b0c3d261
line wrap: on
line source

#
# Copyright (C) 2009 Stefan Seefeld
# All rights reserved.
# For license terms see the file COPYING.txt.
# Actions used in REST and XMLRPC APIs
#

from roundup.exceptions import Unauthorised
from roundup import hyperdb


class Action:
    def __init__(self, db, translator):
        self.db = db
        self.translator = translator

    def handle(self, *args):
        """Action handler procedure"""
        raise NotImplementedError

    def execute(self, *args):
        """Execute the action specified by this object."""

        self.permission(*args)
        return self.handle(*args)

    def permission(self, *args):
        """Check whether the user has permission to execute this action.

        If not, raise Unauthorised."""

        pass

    def gettext(self, msgid):
        """Return the localized translation of msgid"""
        return self.translator.gettext(msgid)

    _ = gettext


class PermCheck(Action):
    def permission(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)
        perm = self.db.security.hasPermission

        if not perm('Retire', self.db.getuid(), classname=classname,
                    itemid=itemid):
            raise Unauthorised(self._('You do not have permission to retire '
                                      'or restore the %(classname)s class.')
                               % locals())


class Retire(PermCheck):

    def handle(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)

        # make sure we don't try to retire admin or anonymous
        if (classname == 'user' and
            self.db.user.get(itemid, 'username') in ('admin', 'anonymous')):

            raise ValueError(self._(
                'You may not retire the admin or anonymous user'))

        # do the retire
        self.db.getclass(classname).retire(itemid)
        self.db.commit()


class Restore(PermCheck):

    def handle(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)

        # do the restore
        self.db.getclass(classname).restore(itemid)
        self.db.commit()
Roundup Issue Tracker: http://roundup-tracker.org/