Add access token table and manage ui.

2025-11-08 22:45:51 +01:00 · 2015-01-28 14:44:45 +09:00
parent 20217058fe
commit d6946b93c3
8 changed files with 180 additions and 2 deletions
--- a/src/main/scala/app/AccountController.scala
+++ b/src/main/scala/app/AccountController.scala
@@ -18,10 +18,12 @@ import model.GroupMember
 class AccountController extends AccountControllerBase
  with AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
  with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
+  with AccessTokenService

 trait AccountControllerBase extends AccountManagementControllerBase {
  self: AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
-    with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator =>
+    with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
+    with AccessTokenService =>

  case class AccountNewForm(userName: String, password: String, fullName: String, mailAddress: String,
                            url: Option[String], fileId: Option[String])
@@ -31,6 +33,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {

  case class SshKeyForm(title: String, publicKey: String)

+  case class PersonalTokenForm(note: String)
+
  val newForm = mapping(
    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName))),
    "password"    -> trim(label("Password"     , text(required, maxlength(20)))),
@@ -54,6 +58,10 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    "publicKey" -> trim(label("Key"  , text(required, validPublicKey)))
  )(SshKeyForm.apply)

+  val personalTokenForm = mapping(
+    "note"     -> trim(label("Token", text(required, maxlength(100))))
+  )(PersonalTokenForm.apply)
+
  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String)
  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)

@@ -206,6 +214,40 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    redirect(s"/${userName}/_ssh")
  })

+  get("/:userName/_application")(oneselfOnly {
+    val userName = params("userName")
+    getAccountByUserName(userName).map { x =>
+      var tokens = getAccessTokens(x.userName)
+      val generatedToken = flash.get("generatedToken") match {
+        case Some((tokenId:Int, token:String)) => {
+          val gt = tokens.find(_.accessTokenId == tokenId)
+          gt.map{ t =>
+            tokens = tokens.filterNot(_ == t)
+            (t, token)
+          }
+        }
+        case _ => None
+      }
+      account.html.application(x, tokens, generatedToken)
+    } getOrElse NotFound
+  })
+
+  post("/:userName/_personalToken", personalTokenForm)(oneselfOnly { form =>
+    val userName = params("userName")
+    getAccountByUserName(userName).map { x =>
+      val (tokenId, token) = generateAccessToken(userName, form.note)
+      flash += "generatedToken" -> (tokenId, token)
+    }
+    redirect(s"/${userName}/_application")
+  })
+
+  get("/:userName/_personalToken/delete/:id")(oneselfOnly {
+    val userName = params("userName")
+    val tokenId = params("id").toInt
+    deleteAccessToken(userName, tokenId)
+    redirect(s"/${userName}/_application")
+  })
+
  get("/register"){
    if(context.settings.allowAccountRegistration){
      if(context.loginAccount.isDefined){
--- a/src/main/scala/model/AccessToken.scala
+++ b/src/main/scala/model/AccessToken.scala
@@ -0,0 +1,20 @@
+package model
+
+trait AccessTokenComponent { self: Profile =>
+  import profile.simple._
+  lazy val AccessTokens = TableQuery[AccessTokens]
+
+  class AccessTokens(tag: Tag) extends Table[AccessToken](tag, "ACCESS_TOKEN") {
+    val accessTokenId = column[Int]("ACCESS_TOKEN_ID", O AutoInc)
+    val userName = column[String]("USER_NAME")
+    val tokenHash = column[String]("TOKEN_HASH")
+    val note = column[String]("NOTE")
+    def * = (accessTokenId, userName, tokenHash, note) <> (AccessToken.tupled, AccessToken.unapply)
+  }
+}
+case class AccessToken(
+  accessTokenId: Int = 0,
+  userName: String,
+  tokenHash: String,
+  note: String
+)
--- a/src/main/scala/model/Profile.scala
+++ b/src/main/scala/model/Profile.scala
@@ -19,7 +19,8 @@ trait Profile {
 object Profile extends {
  val profile = slick.driver.H2Driver

-} with AccountComponent
+} with AccessTokenComponent
+  with AccountComponent
  with ActivityComponent
  with CollaboratorComponent
  with CommitCommentComponent
--- a/src/main/scala/service/AccesTokenService.scala
+++ b/src/main/scala/service/AccesTokenService.scala
@@ -0,0 +1,43 @@
+package service
+
+import model.Profile._
+import profile.simple._
+import model.AccessToken
+import util.StringUtil
+import scala.util.Random
+
+trait AccessTokenService {
+
+  def makeAccessTokenString: String = {
+    val bytes = new Array[Byte](20)
+    Random.nextBytes(bytes)
+    bytes.map("%02x".format(_)).mkString
+  }
+
+  def tokenToHash(token: String): String = StringUtil.sha1(token)
+
+  /**
+   * @retuen (TokenId, Token)
+   */
+  def generateAccessToken(userName: String, note: String)(implicit s: Session): (Int, String) = {
+    var token: String = null
+    var hash: String = null
+    do{
+      token = makeAccessTokenString
+      hash = tokenToHash(token)
+    }while(AccessTokens.filter(_.tokenHash === hash.bind).exists.run)
+    val newToken = AccessToken(
+        userName = userName,
+        note = note,
+        tokenHash = hash)
+    val tokenId = (AccessTokens returning AccessTokens.map(_.accessTokenId)) += newToken
+    (tokenId, token)
+  }
+
+  def getAccessTokens(userName: String)(implicit s: Session): List[AccessToken] =
+    AccessTokens.filter(_.userName === userName.bind).sortBy(_.accessTokenId.desc).list
+
+  def deleteAccessToken(userName: String, accessTokenId: Int)(implicit s: Session): Unit =
+    AccessTokens filter (t => t.userName === userName.bind && t.accessTokenId === accessTokenId) delete
+
+}
--- a/src/main/scala/servlet/InitializeListener.scala
+++ b/src/main/scala/servlet/InitializeListener.scala
@@ -19,6 +19,7 @@ object AutoUpdate {
   * The history of versions. A head of this sequence is the current BitBucket version.
   */
  val versions = Seq(
+    new Version(2, 9),
    new Version(2, 8),
    new Version(2, 7) {
      override def update(conn: Connection, cl: ClassLoader): Unit = {