From d6cd091ba0f0e3afd5c50b66d102bec2963ac94c Mon Sep 17 00:00:00 2001 From: Jakub Kadlčík Date: Feb 06 2017 20:17:28 +0000 Subject: [PATCH 1/6] [frontend] add boolean proxy column to user table --- diff --git a/frontend/coprs_frontend/alembic/schema/versions/38ea34def9a_add_proxy_column_to_user_table.py b/frontend/coprs_frontend/alembic/schema/versions/38ea34def9a_add_proxy_column_to_user_table.py new file mode 100644 index 0000000..edb6362 --- /dev/null +++ b/frontend/coprs_frontend/alembic/schema/versions/38ea34def9a_add_proxy_column_to_user_table.py @@ -0,0 +1,26 @@ +"""Add proxy column to user table + +Revision ID: 38ea34def9a +Revises: 4af9d157c4ea +Create Date: 2017-02-06 17:56:10.187111 + +""" + +# revision identifiers, used by Alembic. +revision = '38ea34def9a' +down_revision = '4af9d157c4ea' + +from alembic import op +import sqlalchemy as sa + + +def upgrade(): + ### commands auto generated by Alembic - please adjust! ### + op.add_column('user', sa.Column('proxy', sa.Boolean(), nullable=True)) + ### end Alembic commands ### + + +def downgrade(): + ### commands auto generated by Alembic - please adjust! ### + op.drop_column('user', 'proxy') + ### end Alembic commands ### diff --git a/frontend/coprs_frontend/coprs/models.py b/frontend/coprs_frontend/coprs/models.py index eb77c0a..3862bae 100644 --- a/frontend/coprs_frontend/coprs/models.py +++ b/frontend/coprs_frontend/coprs/models.py @@ -51,6 +51,9 @@ class User(db.Model, helpers.Serializer): # is this user admin of the system? admin = db.Column(db.Boolean, default=False) + # can this user behave as someone else? + proxy = db.Column(db.Boolean, default=False) + # stuff for the cli interface api_login = db.Column(db.String(40), nullable=False, default="abc") api_token = db.Column(db.String(40), nullable=False, default="abc") From 6dd9203fea44a19fd9d809cb39e322345c5a2a91 Mon Sep 17 00:00:00 2001 From: Jakub Kadlčík Date: Feb 06 2017 20:17:33 +0000 Subject: [PATCH 2/6] [frontend] rewrite broken add_debug_user command --- diff --git a/frontend/coprs_frontend/manage.py b/frontend/coprs_frontend/manage.py index 1fede08..df5514a 100755 --- a/frontend/coprs_frontend/manage.py +++ b/frontend/coprs_frontend/manage.py @@ -293,25 +293,18 @@ class AddDebugUserCommand(Command): """ def run(self, name, mail, **kwargs): - user = User(username=name, mail=mail) + user = models.User.query.filter(models.User.username == name).first() + if user: + print("User named {0} already exists.".format(name)) + return - if kwargs["admin"]: - user.admin = True - if kwargs["no_admin"]: - user.admin = False - if kwargs["proven"]: - user.proven = True - if kwargs["no_proven"]: - user.proven = False - # - # if kwargs["api_token"]: - # user.api_token = kwargs["api_token"] - # user.api_token_expiration = datetime.date(2030, 1, 1) - # if kwargs["api_login"]: - # user.api_token = kwargs["api_login"] - # - - db.session.add(create_user_wrapper(user, mail)) + user = create_user_wrapper(name, mail) + if kwargs["api_token"]: + user.api_token = kwargs["api_token"] + if kwargs["api_login"]: + user.api_token = kwargs["api_login"] + + db.session.add(user) db.session.commit() option_list = ( @@ -319,20 +312,6 @@ class AddDebugUserCommand(Command): Option("mail"), Option("--api_token", default=None, required=False), Option("--api_login", default=None, required=False), - Group( - Option("--admin", - action="store_true"), - Option("--no-admin", - action="store_true"), - exclusive=True - ), - Group( - Option("--proven", - action="store_true"), - Option("--no-proven", - action="store_true"), - exclusive=True - ), ) From 8b873db252f3193d26972b39f8a8c7ef291ef9f4 Mon Sep 17 00:00:00 2001 From: Jakub Kadlčík Date: Feb 06 2017 20:17:34 +0000 Subject: [PATCH 3/6] [frontend] allow setting proxy/no-proxy when altering user --- diff --git a/frontend/coprs_frontend/manage.py b/frontend/coprs_frontend/manage.py index df5514a..aeb600e 100755 --- a/frontend/coprs_frontend/manage.py +++ b/frontend/coprs_frontend/manage.py @@ -332,6 +332,10 @@ class AlterUserCommand(Command): user.proven = True if kwargs["no_proven"]: user.proven = False + if kwargs["proxy"]: + user.proxy = True + if kwargs["no_proxy"]: + user.proxy = False db.session.add(user) db.session.commit() @@ -351,6 +355,13 @@ class AlterUserCommand(Command): Option("--no-proven", action="store_true"), exclusive=True + ), + Group( + Option("--proxy", + action="store_true"), + Option("--no-proxy", + action="store_true"), + exclusive=True ) ) From 8b2651aaf993bd9d1f6e3d803d688f71573702a5 Mon Sep 17 00:00:00 2001 From: Jakub Kadlčík Date: Feb 06 2017 20:17:34 +0000 Subject: [PATCH 4/6] [frontend][cli] proxyuser feature (RhBug: 1381574) --- diff --git a/frontend/coprs_frontend/coprs/views/misc.py b/frontend/coprs_frontend/coprs/views/misc.py index 6ab15e6..47ff915 100644 --- a/frontend/coprs_frontend/coprs/views/misc.py +++ b/frontend/coprs_frontend/coprs/views/misc.py @@ -268,6 +268,9 @@ def api_login_required(f): if (user and user.api_token == token and user.api_token_expiration >= datetime.date.today()): + if user.proxy and "username" in flask.request.form: + user = UsersLogic.get(flask.request.form["username"]).first() + token_auth = True flask.g.user = user if not token_auth: diff --git a/python/copr/client/client.py b/python/copr/client/client.py index adb741d..d982721 100644 --- a/python/copr/client/client.py +++ b/python/copr/client/client.py @@ -190,6 +190,7 @@ class CoprClient(UnicodeMixin): kwargs["auth"] = (self.login, self.token) if data is not None: kwargs["data"] = data + kwargs["data"]["username"] = username if headers is not None: kwargs["headers"] = headers if params is not None: From 88a6070cd860c6f345df2e5ee3183eebe4fc1df2 Mon Sep 17 00:00:00 2001 From: Jakub Kadlčík Date: Feb 06 2017 23:24:27 +0000 Subject: [PATCH 5/6] [python] fix setting username on multipart data --- diff --git a/python/copr/client/client.py b/python/copr/client/client.py index d982721..e61aa06 100644 --- a/python/copr/client/client.py +++ b/python/copr/client/client.py @@ -189,8 +189,9 @@ class CoprClient(UnicodeMixin): if not skip_auth: kwargs["auth"] = (self.login, self.token) if data is not None: + if type(data) != MultipartEncoderMonitor: + data["username"] = username kwargs["data"] = data - kwargs["data"]["username"] = username if headers is not None: kwargs["headers"] = headers if params is not None: @@ -547,6 +548,7 @@ class CoprClient(UnicodeMixin): background=False, progress_callback=None, multipart=False): if not username: username = self.username + data["username"] = username url = "{0}/coprs/{1}/{2}/{3}/".format( self.api_url, username, projectname, api_endpoint From 0cb0bea6c84f371a55306e9a10d0a9e24a8e296a Mon Sep 17 00:00:00 2001 From: Jakub Kadlčík Date: Feb 09 2017 22:37:28 +0000 Subject: [PATCH 6/6] [frontend] rename add_debug_user command to add_user --- diff --git a/frontend/coprs_frontend/manage.py b/frontend/coprs_frontend/manage.py index aeb600e..f5dd09f 100755 --- a/frontend/coprs_frontend/manage.py +++ b/frontend/coprs_frontend/manage.py @@ -285,11 +285,11 @@ class DisplayChrootsCommand(Command): ) -class AddDebugUserCommand(Command): +class AddUserCommand(Command): """ - Adds user for debug/testing purpose. - You shouldn't use this on production instance + You should not use regularly as that user will not be related to FAS account. + This should be used only for testing or adding special accounts e.g. proxy user. """ def run(self, name, mail, **kwargs): @@ -445,7 +445,7 @@ manager.add_command("alter_chroot", AlterChrootCommand()) manager.add_command("display_chroots", DisplayChrootsCommand()) manager.add_command("drop_chroot", DropChrootCommand()) manager.add_command("alter_user", AlterUserCommand()) -manager.add_command("add_debug_user", AddDebugUserCommand()) +manager.add_command("add_user", AddUserCommand()) manager.add_command("fail_build", FailBuildCommand()) manager.add_command("update_indexes", UpdateIndexesCommand()) manager.add_command("update_indexes_quick", UpdateIndexesQuickCommand())