(allura) branch master updated: test attribute cleanup (was causing TestProjectModel.test_project to fail depending on test distribution/order)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 9eb2752e3 test attribute cleanup (was causing TestProjectModel.test_project to fail depending on test distribution/order) 9eb2752e3 is described below commit 9eb2752e3125172016741390f19bae3171aaf31f Author: Dave Brondsema AuthorDate: Mon Jan 22 13:20:06 2024 -0500 test attribute cleanup (was causing TestProjectModel.test_project to fail depending on test distribution/order) --- Allura/allura/tests/unit/test_app.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Allura/allura/tests/unit/test_app.py b/Allura/allura/tests/unit/test_app.py index e7d0fbd79..18b7eafec 100644 --- a/Allura/allura/tests/unit/test_app.py +++ b/Allura/allura/tests/unit/test_app.py @@ -19,6 +19,7 @@ from unittest import TestCase from allura.app import Application from allura import model +from allura.lib import helpers as h from allura.tests.unit import WithDatabase from allura.tests.unit.patches import fake_app_patch from allura.tests.unit.factories import create_project, create_app_config @@ -36,8 +37,8 @@ class TestApplication(TestCase): mount_point = '1.2+foo_bar' self.assertIsNone(app.validate_mount_point(mount_point)) -app.relaxed_mount_points = True -self.assertIsNotNone(app.validate_mount_point(mount_point)) +with h.push_config(app, relaxed_mount_points=True): +self.assertIsNotNone(app.validate_mount_point(mount_point)) def test_describe_permission(self): class DummyApp(Application):
(allura) branch db/unpin created (now 6e1009d8e)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/unpin in repository https://gitbox.apache.org/repos/asf/allura.git at 6e1009d8e unpin pastedeploy, upgrade it with latest pastescript which is now compatible This branch includes the following new commits: new 6e1009d8e unpin pastedeploy, upgrade it with latest pastescript which is now compatible The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
(allura) 01/01: unpin pastedeploy, upgrade it with latest pastescript which is now compatible
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/unpin in repository https://gitbox.apache.org/repos/asf/allura.git commit 6e1009d8e92f0d8cf5a48ae8163eb86fbd289ec0 Author: Dave Brondsema AuthorDate: Mon Jan 22 12:23:00 2024 -0500 unpin pastedeploy, upgrade it with latest pastescript which is now compatible --- requirements.in | 3 +-- requirements.txt | 8 +++- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/requirements.in b/requirements.in index a6302901b..4870618c7 100644 --- a/requirements.in +++ b/requirements.in @@ -6,7 +6,6 @@ colander cryptography decorator EasyWidgets -# https://github.com/carpedm20/emoji/issues/191 emoji faust-cchardet feedgenerator @@ -22,7 +21,7 @@ Ming oauthlib paginate Paste -PasteDeploy<3 +PasteDeploy PasteScript Pillow # profanity filter for feedback diff --git a/requirements.txt b/requirements.txt index cbe63a9e5..08e802bee 100644 --- a/requirements.txt +++ b/requirements.txt @@ -17,9 +17,7 @@ beautifulsoup4==4.12.2 # -r requirements.in # webtest bleach[css]==6.1.0 -# via -# bleach -# pypeline +# via pypeline certifi==2023.11.17 # via requests cffi==1.16.0 @@ -128,11 +126,11 @@ paste==3.7.1 # -r requirements.in # easywidgets # pastescript -pastedeploy==2.1.1 +pastedeploy==3.1.0 # via # -r requirements.in # pastescript -pastescript==3.3.0 +pastescript==3.4.0 # via -r requirements.in pillow==10.2.0 # via -r requirements.in
(allura) branch master updated: in password reset, also try lowercasing the email to see if that matches
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new a50d92165 in password reset, also try lowercasing the email to see if that matches a50d92165 is described below commit a50d9216587e28416b19cb26624ed6e8164c7c92 Author: Dave Brondsema AuthorDate: Mon Jan 22 12:16:51 2024 -0500 in password reset, also try lowercasing the email to see if that matches --- Allura/allura/controllers/auth.py | 5 + Allura/allura/tests/functional/test_auth.py | 19 +++ 2 files changed, 24 insertions(+) diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py index 1d11394f5..d74f48445 100644 --- a/Allura/allura/controllers/auth.py +++ b/Allura/allura/controllers/auth.py @@ -223,6 +223,11 @@ class AuthController(BaseController): redirect('/') user_record = M.User.by_email_address(email, only_confirmed=False) +if not user_record and email != email.lower(): +# try again lowercase +email = email.lower() +user_record = M.User.by_email_address(email, only_confirmed=False) + allow_non_primary_email_reset = asbool(config.get('auth.allow_non_primary_email_password_reset', True)) if not re.match(r"[^@]+@[^@]+\.[^@]+", email): diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py index b75eb91a8..10dbd380d 100644 --- a/Allura/allura/tests/functional/test_auth.py +++ b/Allura/allura/tests/functional/test_auth.py @@ -1764,6 +1764,25 @@ To update your password on %s, please visit the following URL: r = r.follow().follow() assert 'Log Out' in r, r + +@patch('allura.tasks.mail_tasks.sendsimplemail') +@patch('allura.lib.helpers.gen_message_id') +def test_capitalized_email_entered(self, gen_message_id, sendmail): +self.app.get('/').follow() # establish session +user = M.User.query.get(username='test-admin') +email = M.EmailAddress.find({'claimed_by_user_id': user._id}).first() +email.confirmed = True +ThreadLocalODMSession.flush_all() + +# request a reset +with td.audits('Password recovery link sent to: ' + email.email, user=True): +r = self.app.post('/auth/password_recovery_hash', {'email': email.email.capitalize(), # NOTE THIS + '_session_id': self.app.cookies['_session_id'], + }) +# confirm it worked +hash = user.get_tool_data('AuthPasswordReset', 'hash') +assert hash is not None + @patch('allura.tasks.mail_tasks.sendsimplemail') @patch('allura.lib.helpers.gen_message_id') def test_hash_expired(self, gen_message_id, sendmail):
(allura) branch db/ldap_ctxmgr updated: make ldap_conn() be a context manager, so unbind_s can be run automatically
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/ldap_ctxmgr in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/db/ldap_ctxmgr by this push: new 3f15d172d make ldap_conn() be a context manager, so unbind_s can be run automatically 3f15d172d is described below commit 3f15d172d9e04341408dd4de986abbe3908327c5 Author: Dave Brondsema AuthorDate: Mon Jan 22 12:09:01 2024 -0500 make ldap_conn() be a context manager, so unbind_s can be run automatically --- Allura/allura/lib/plugin.py | 62 + 1 file changed, 34 insertions(+), 28 deletions(-) diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py index 80c0525a2..47defa5db 100644 --- a/Allura/allura/lib/plugin.py +++ b/Allura/allura/lib/plugin.py @@ -25,6 +25,7 @@ import subprocess import string import crypt import random +from contextlib import contextmanager from urllib.request import urlopen from urllib.parse import urlparse from io import BytesIO @@ -628,17 +629,27 @@ class LocalAuthenticationProvider(AuthenticationProvider): d = self.user_registration_date(user) return d - -def ldap_conn(who=None, cred=None): +def ldap_conn_staysopen(who=None, cred=None): ''' -Init & bind a connection with the given creds, or the admin creds if not -specified. Remember to unbind the connection when done. +You must call .unbind_s() when done with this ''' con = ldap.initialize(config['auth.ldap.server']) con.simple_bind_s(who or config['auth.ldap.admin_dn'], cred or config['auth.ldap.admin_password']) return con +@contextmanager +def ldap_conn(who=None, cred=None): +''' +Init & bind a connection with the given creds, or the admin creds if not +specified. +''' +con = ldap_conn_staysopen(who, cred) +try: +yield con +finally: +con.unbind_s() + def ldap_user_dn(username): 'return a Distinguished Name for a given username' @@ -667,7 +678,6 @@ class LdapAuthenticationProvider(AuthenticationProvider): # full registration into LDAP uid = str(M.AuthGlobals.get_next_uid()).encode('utf-8') -con = ldap_conn() uname = user_doc['username'].encode('utf-8') display_name = user_doc['display_name'].encode('utf-8') ldif_u = modlist.addModlist(dict( @@ -681,12 +691,12 @@ class LdapAuthenticationProvider(AuthenticationProvider): loginShell=b'/bin/bash', gecos=uname, description=b'SCM user account')) -try: -con.add_s(ldap_user_dn(user_doc['username']), ldif_u) -except ldap.ALREADY_EXISTS: -log.exception('Trying to create existing user %s', uname) -raise -con.unbind_s() +with ldap_conn() as con: +try: +con.add_s(ldap_user_dn(user_doc['username']), ldif_u) +except ldap.ALREADY_EXISTS: +log.exception('Trying to create existing user %s', uname) +raise if asbool(config.get('auth.ldap.use_schroot', True)): argv = ('schroot -d / -c {} -u root /ldap-userconfig.py init {}'.format( @@ -742,11 +752,10 @@ class LdapAuthenticationProvider(AuthenticationProvider): else: ldap_ident = ldap_pass = None try: -con = ldap_conn(ldap_ident, ldap_pass) new_password = self._encode_password(new_password) -con.modify_s( -dn, [(ldap.MOD_REPLACE, 'userPassword', new_password)]) -con.unbind_s() +with ldap_conn(ldap_ident, ldap_pass) as con: +con.modify_s( +dn, [(ldap.MOD_REPLACE, 'userPassword', new_password)]) user.last_password_updated = datetime.utcnow() session(user).flush(user) except ldap.INVALID_CREDENTIALS: @@ -792,8 +801,8 @@ class LdapAuthenticationProvider(AuthenticationProvider): except ValueError: return False try: -con = ldap_conn(ldap_user, password) -con.unbind_s() +with ldap_conn(ldap_user, password): +pass return True except (ldap.INVALID_CREDENTIALS, ldap.UNWILLING_TO_PERFORM, ldap.NO_SUCH_OBJECT): log.debug(f'LdapAuth: could not authenticate {username}', exc_info=True) @@ -1740,13 +1749,11 @@ class LdapUserPreferencesProvider(UserPreferencesProvider): return LocalUserPreferencesProvider().get_pref(user, pref_name) def _get_pref(self, username, pref_name, multi=False): -con = ldap_conn() -try: -rs = con.search_s(ldap_user_dn(username), ldap.SCOPE_BASE) -except ldap.NO_SUCH_OBJECT: -rs = [] -else: -con.unbind_s() +with ldap_conn() as