runner: can now add several users to .htpasswd

efad6d9c · Nicolas Wavrant · 4cb5acdf · efad6d9c · efad6d9c · efad6d9c
Commit efad6d9c authored Feb 10, 2014 by Nicolas Wavrant
4 changed files
--- a/slapos/runner/static/js/scripts/account.js
+++ b/slapos/runner/static/js/scripts/account.js
@@ -95,4 +95,42 @@ $(document).ready(function () {
        });
        return false;
    });
+    $("#add_user").click(function () {
+        if ($("input#new_username").val() === "" || !$("input#new_username").val().match(/^[\w\d\._\-]+$/)) {
+            $("#error").Popup("Invalid user name. Please check it!", {type: 'alert', duration: 3000});
+            return false;
+        }
+        if (!$("input#new_rcode").val().match(/^[\w\d]+$/)) {
+            $("#error").Popup("Please enter your password recovery code.", {type: 'alert', duration: 3000});
+            return false;
+        }
+        if (send) {
+            return false;
+        }
+        send = true;
+        $.ajax({
+            type: "POST",
+            url: $SCRIPT_ROOT + '/addUser',
+            data: {
+                username: $("input#new_username").val(),
+                password: $("input#new_password").val(),
+  		rcode: $("input#new_rcode").val(),
+            },
+            success: function (data) {
+                if (data.code === 1) {
+                    $("#error").Popup(data.result, {type: 'info', duration: 5000});
+                } else if (data.code === 0) {
+                    $("#error").Popup(data.result, {type: 'error', duration: 5000});
+		} else {
+                    $("#error").Popup(data.result, {type: 'alert', duration: 5000});
+                }
+                send = false;
+                $("input#new_username").val('');
+                $("input#new_password").val('');
+  		$("input#new_rcode").val('');
+            },
+            error: function () { send = false; }
+        });
+        return false;
+    });
 });
--- a/slapos/runner/templates/account.html
+++ b/slapos/runner/templates/account.html
@@ -13,8 +13,8 @@
    <li><a href="#tab1" class="active">Your personal information</a></li>
    {% if params %}
    <li><a href="#tab2">Build & Run configuration</a></li>
+    <li><a href="#tab3">Add user</a></li>
    {% endif %}
-    <!--<li><a href="#tab3">Configurations</a></li>-->
  </ul><!-- //Tab buttons -->
  <div class="tabDetails">
    <div id="tab1" class="tabContents">
@@ -73,9 +73,27 @@
        </div>
      </form>
    </div>
+    <div id="tab3" class="tabContents">
+      <form class="slapgrid">
+        <div class='form'>
+          <label for="username">New user name :</label>
+          <input type='text' name='username' id='new_username'/>
+          <div class='clear'></div>
+          <label for="password">New password :</label>
+          <input type='password' name='password' id='new_password'/>
+          <div class='clear'></div>
+          <label for="new_rcode">Password Recovery code:</label>
+          <input type='password' name='new_rcode' id='new_rcode' value=''/>
+          <span class="information"><a href="#" id="information" rel="tooltip">help ?</a></span>
+          <div class='clear'></div>
+          <br/>
+          <label></label>
+          <input type="submit" name="add_user" id="add_user" value="Add new user" class="button"/>
+          <div class='clear'></div>
+        </div>
+      </form>
+    </div>
    {% endif %}
-    <!--<div id="tab3" class="tabContents">
-    </div>-->
 </div>
 </div>
 {% if username %}<div id="file_info" class="file_info">leave passwords blank to preserve your current password...

--- a/slapos/runner/utils.py
+++ b/slapos/runner/utils.py
@@ -112,6 +112,16 @@ def saveSession(config, account):
    return str(e)
+def createNewUser(config, name, passwd):
+  htpasswdfile = os.path.join(config['etc_dir'], '.htpasswd')
+  if os.path.exists(htpasswdfile):
+    htpasswd = HtpasswdFile(htpasswdfile)
+    htpasswd.update(name, passwd)
+    htpasswd.save()
+    return True
+  return False
 def getCurrentSoftwareReleaseProfile(config):
  """
  Returns used Software Release profile as a string.

--- a/slapos/runner/views.py
+++ b/slapos/runner/views.py
@@ -13,7 +13,8 @@ from flask import (Flask, request, redirect, url_for, render_template,
                   g, flash, jsonify, session, abort, send_file)
 from slapos.runner.process import killRunningProcess
-from slapos.runner.utils import (checkSoftwareFolder, configNewSR, getProfilePath,
+from slapos.runner.utils import (checkSoftwareFolder, configNewSR,
+                                 createNewUser, getProfilePath,
                                 listFolder, getBuildAndRunParams,
                                 getProjectTitle, getSession,
                                 getSlapStatus, getSvcStatus,
@@ -599,6 +600,18 @@ def configAccount():
  else:
    return jsonify(code=1, result="")
+def addUser():
+  code = request.form['rcode'].strip()
+  recovery_code = open(os.path.join(app.config['etc_dir'], ".rcode"),
+                      "r").read().strip()
+  if code != recovery_code:
+    return jsonify(code=0, result="Your password recovery code is not valid!")
+  if createNewUser(app.config, request.form['username'],
+                   request.form['password']):
+    return jsonify(code=1, result="New user succesfully saved")
+  else:
+    return jsonify(code=0, result="Problem while creating new user")
 #Global File Manager
 def fileBrowser():
@@ -769,3 +782,4 @@ app.add_url_rule("/fileBrowser", 'fileBrowser', fileBrowser,
 app.add_url_rule("/editFile", 'editFile', editFile, methods=['GET'])
 app.add_url_rule('/shell', 'shell', shell)
 app.add_url_rule('/isSRReady', 'isSRReady', isSRReady)
+app.add_url_rule('/addUser', 'addUser', addUser, methods=['POST'])