Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of ssh://git.fedorahosted.org/git/fedora-infrastructure

Browse source
This commit is contained in:
Michael McGrath 2008-03-11 18:00:26 -05:00
commit 674628e480
5 changed files with 64 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

2
fas/fas.cfg
View file

@ -53,7 +53,7 @@ mail.encoding = 'utf-8'
# If you have sqlite, here's a simple default to get you started
# in development
sqlalchemy.dburi="postgres://fedora:test@localhost/fas2"
sqlalchemy.echo=True
#sqlalchemy.echo=True
# if you are using a database or table type without transactions
# (MySQL default, for example), you should turn off transactions

34
fas/fas/templates/home.html
View file

@ -10,26 +10,24 @@
<?python from fas import auth ?>
<h2>Todo queue:</h2>
<py:for each="group in sorted(person.memberships)">
<dl>
<py:if test="auth.canSponsorGroup(person, group) and group.unapproved_roles">
<dd>
<ul class="queue">
<li py:for="role in group.unapproved_roles[:5]">
${Markup(_('&lt;strong&gt;%(user)s&lt;/strong&gt; requests approval to join &lt;a href="group/view/%(group)s"&gt;%(group)s&lt;/a&gt;.') % {'user': role.member.username, 'group': group.name, 'group': group.name})}
</li>
</ul>
</dd>
</py:if>
</dl>
<py:if test="auth.canSponsorGroup(person, group) and group.unapproved_roles">
<dd>
<ul class="queue">
<li py:for="role in group.unapproved_roles[:5]">
${Markup(_('&lt;strong&gt;%(user)s&lt;/strong&gt; requests approval to join &lt;a href="group/view/%(group)s"&gt;%(group)s&lt;/a&gt;.') % {'user': role.member.username, 'group': group.name, 'group': group.name})}
</li>
</ul>
</dd>
</py:if>
</py:for>
<ul class="queue">
<span py:if="cla == 'clicked'" class="approved">${_('Click-through CLA')} (<a href="${tg.url('/cla/')}">${_('GPG Sign it!')}</a>)</span>
<span py:if="not cla" class="unapproved">${_('Not Done')} (<a href="${tg.url('/cla/')}">${_('Sign it!')}</a>)</span>
<li py:if="cla == None">
${_('CLA Not Signed. To become a full Fedora Contributor please ')}<a href="${tg.url('/cla/')}">${_('sign the CLA')}</a>.
</li>
<li py:if="not person.ssh_key">You have not submitted an SSH key, some Fedora resources require an ssh key. Please submit yours by editing <a href="${tg.url('/user/edit')}">My Account</a></li>
<li py:if="cla == 'clicked'" class="approved">${_('Click-through CLA')} (<a href="${tg.url('/cla/')}">${_('GPG Sign it!')}</a>)</li>
<li py:if="not cla" class="unapproved">${_('CLA Not Signed. To become a full Fedora Contributor please ')}<a href="${tg.url('/cla/')}">${_('Sign the CLA')}</a>.</li>
<li py:if="not person.ssh_key">You have not submitted an SSH key, some Fedora resources require an SSH key. Please submit yours by editing <a href="${tg.url('/user/edit')}">My Account</a></li>
</ul>
<div>
<!-- TODO: Make this entire page more friendly -->
<a href="${tg.url('/user/gencert')}">Download a client-side certificate</a>
</div>
</body>
</html>

2
fas/fas/templates/master.html
View file

@ -62,7 +62,7 @@
<li><a href="${tg.url('/group/new')}">${_('New Group')}</a></li>
<li><a href="${tg.url('/user/list')}">${_('User List')}</a></li>
</div>
<li py:if="not tg.identity.anonymous"><a href="${tg.url('/group/list')}">${_('Group List')}</a></li>
<li py:if="not tg.identity.anonymous"><a href="${tg.url('/group/list/A*')}">${_('Group List')}</a></li>
<li py:if="not tg.identity.anonymous"><a href="${tg.url('/group/list/A*')}">${_('Apply For a new Group')}</a></li>
<li><a href="http://fedoraproject.org/wiki/FWN/LatestIssue">${_('News')}</a></li>
</ul>

36
fas/fas/templates/user/view.html
View file

@ -7,7 +7,11 @@
<title>${_('View Account')}</title>
</head>
<body>
<?python from fas import auth ?>
<?python
from fas import auth
from fas.model import People
viewer = People.by_username(tg.identity.user.username)
?>
<h2 class="account" py:if="personal">${_('Your Fedora Account')}</h2>
<h2 class="account" py:if="not personal">${_('%s\'s Fedora Account') % person.human_name}</h2>
<h3>${_('Account Details')} <a href="${tg.url('/user/edit/%s' % person.username)}" py:if="personal or admin">${_('(edit)')}</a></h3>
@ -22,8 +26,8 @@
<py:if test="personal"><dt>${_('Telephone Number:')}</dt><dd>${person.telephone}&nbsp;</dd></py:if>
<py:if test="personal"><dt>${_('Postal Address:')}</dt><dd>${person.postal_address}&nbsp;</dd></py:if>
<py:if test="personal"><dt>${_('Public SSH Key:')}</dt>
<dd py:if="person.ssh_key" title="${person.ssh_key}">${person.ssh_key[:20]}....&nbsp;</dd>
<dd py:if="not person.ssh_key">No ssh key provided&nbsp;</dd>
<dd py:if="person.ssh_key" title="${person.ssh_key}">${person.ssh_key[:20]}....&nbsp;</dd>
<dd py:if="not person.ssh_key">No ssh key provided&nbsp;</dd>
</py:if>
<dt>${_('Comments:')}</dt><dd>${person.comments}&nbsp;</dd>
<py:if test="personal"><dt>${_('Password:')}</dt><dd><span class="approved">${_('Valid')}</span> <a href="${tg.url('/user/changepass')}">(change)</a></dd></py:if>
@ -42,20 +46,20 @@
</div>
<h3 py:if="personal">${_('Your Roles')}</h3>
<h3 py:if="not personal">${_('%s\'s Roles') % person.human_name}</h3>
<!--mpm <ul class="roleslist">
<!--mpm <ul class="roleslist">
<li py:for="group in sorted(groups.keys())"><span class="team approved">${groupdata[group].fedoraGroupDesc} (${group})</span></li>
<li py:for="group in sorted(groupsPending.keys())"><span class="team unapproved">${groupdata[group].fedoraGroupDesc} (${group})</span></li>
</ul>
-->
-->
<!--
<ul class="actions" py:if="personal">
<li><a href="${tg.url('/group/list/A*')}">${_('(Join another project)')}</a></li>
<li><a href="/">${_('(Create a new project)')}</a></li>
</ul>
-->
<ul id="rolespanel" py:if="personal">
<ul id="rolespanel">
<py:for each="group in sorted(person.memberships)">
<li py:if="auth.canViewGroup(person, group)" class="role">
<li py:if="auth.canViewGroup(viewer, group)" class="role">
<h4>${group.display_name}</h4> (${group.group_type})
<dl>
<dt>${_('Status:')}</dt>
@ -63,6 +67,7 @@
<span class="approved" py:if="group in person.approved_memberships">${_('Approved')}</span>
<span class="unapproved" py:if="group in person.unapproved_memberships">${_('None')}</span>
</dd>
<py:if test="personal">
<dt>${_('Tools:')}</dt>
<dd>
<ul class="tools">
@ -73,14 +78,15 @@
</ul>
</dd>
<py:if test="auth.canSponsorGroup(person, group) and group.unapproved_roles">
<dt>${_('Queue:')}</dt>
<dd>
<ul class="queue">
<li py:for="role in group.unapproved_roles[:5]">
${Markup(_('&lt;strong&gt;%(user)s&lt;/strong&gt; requests approval to join &lt;strong&gt;%(group)s&lt;/strong&gt;.') % {'user': role.member.username, 'group': group.name})}
</li>
</ul>
</dd>
<dt>${_('Queue:')}</dt>
<dd>
<ul class="queue">
<li py:for="role in group.unapproved_roles[:5]">
${Markup(_('&lt;strong&gt;%(user)s&lt;/strong&gt; requests approval to join &lt;strong&gt;%(group)s&lt;/strong&gt;.') % {'user': role.member.username, 'group': group.name})}
</li>
</ul>
</dd>
</py:if>
</py:if>
</dl>
</li>

54
fas/fas/user.py
View file

@ -280,14 +280,12 @@ class User(controllers.Controller):
turbogears.redirect("/user/view/%s" % target.username)
return dict(target=target)
# TODO: Decide who is allowed to see this.
#@identity.require(turbogears.identity.in_group("accounts")) #TODO: Use auth.py
# TODO: This took about 55 seconds for me to load - might want to limit it to the right accounts (systems user, accounts group)
@identity.require(turbogears.identity.not_anonymous())
@expose(template="fas.templates.user.list", allow_json=True)
def list(self, search="a*"):
'''List users
'''
re_search = re.sub(r'\*', r'%', search).lower()
if self.jsonRequest():
people = []
@ -516,36 +514,34 @@ Please go to https://admin.fedoraproject.org/fas/ to change it.
username = turbogears.identity.current.user_name
person = People.by_username(username)
person.certificate_serial = person.certificate_serial + 1
if signedCLAPrivs(person):
person.certificate_serial = person.certificate_serial + 1
pkey = openssl_fas.createKeyPair(openssl_fas.TYPE_RSA, 1024);
pkey = openssl_fas.createKeyPair(openssl_fas.TYPE_RSA, 1024);
digest = config.get('openssl_digest')
expire = config.get('openssl_expire')
cafile = config.get('openssl_ca_file')
digest = config.get('openssl_digest')
expire = config.get('openssl_expire')
cafile = config.get('openssl_ca_file')
cakey = openssl_fas.retrieve_key_from_file(cafile)
cacert = openssl_fas.retrieve_cert_from_file(cafile)
cakey = openssl_fas.retrieve_key_from_file(cafile)
cacert = openssl_fas.retrieve_cert_from_file(cafile)
req = openssl_fas.createCertRequest(pkey, digest=digest,
C=config.get('openssl_c'),
ST=config.get('openssl_st'),
L=config.get('openssl_l'),
O=config.get('openssl_o'),
OU=config.get('openssl_ou'),
CN=person.username,
emailAddress=person.emails['primary'],
)
req = openssl_fas.createCertRequest(pkey, digest=digest,
C=config.get('openssl_c'),
ST=config.get('openssl_st'),
L=config.get('openssl_l'),
O=config.get('openssl_o'),
OU=config.get('openssl_ou'),
CN=person.username,
emailAddress=person.emails['primary'],
)
cert = openssl_fas.createCertificate(req, (cacert, cakey), person.certificate_serial, (0, expire), digest='md5')
certdump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
keydump = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
return dict(cert=certdump, key=keydump)
cert = openssl_fas.createCertificate(req, (cacert, cakey), person.certificate_serial, (0, expire), digest='md5')
certdump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
keydump = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
return dict(cert=certdump, key=keydump)
else:
turbogears.flash(_('Before generating a certificate, you must first sign the CLA.'))
turbogears.redirect('/cla/')
# Not sure where to take this yet.
@identity.require(turbogears.identity.not_anonymous())
@expose(format="json")
def search(self, username=None, groupname=None):
people = People.query.filter(People.username.like('%%%s%%' % username))
return dict(people=people)