forked from douban/code
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathssh_app.py
More file actions
88 lines (71 loc) · 2.28 KB
/
ssh_app.py
File metadata and controls
88 lines (71 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# -*- coding: utf-8 -*-
try:
#from gevent.monkey import patch_all
#patch_all(subprocess=False, aggressive=False)
from gevent.monkey import get_original
from gevent.server import StreamServer
import select
select.poll = get_original('select', 'poll')
import subprocess
subprocess.Popen = get_original('subprocess', 'Popen')
except ImportError:
print 'You need install gevent manually! System shutdown.'
from binascii import hexlify
from maria import Maria
from maria.config import config
from vilya.libs.permdir import get_repo_root
from vilya.models.sshkey import SSHKey
from vilya.models.project import CodeDoubanProject as Project
from vilya.models.gist import Gist
config.project_root = get_repo_root()
config.log_file = None
config.host_key_path = './host.key'
app = Maria(config=config)
@app.get_environ
def get_environ_handler(user, path):
return {'CODE_REMOTE_USER': user}
@app.has_permission
def has_permission_handler(username, path, perm):
if not username or not path:
return False
if path.endswith('.git'):
path = path[:-4]
# gist
if path.startswith('gist/'):
gist_id = path.rpartition("/")[-1]
if username == Gist.get(gist_id).owner_id:
return True
return False
# project
project = Project.get_by_name(path)
if not project:
return False
if perm == 'read':
return True
if not project.can_push:
return False
if project.has_push_perm(username):
return True
return False
@app.get_user
def get_user_handler(username, key):
# ssh username
if username != 'git':
return None
# ssh key
if not key:
return None
fingerprint = hexlify(key.get_fingerprint())
fingerprint = ":".join([fingerprint[i:2+i] for i in range(0, len(fingerprint), 2)])
sshkey = SSHKey.get_by_fingerprint(fingerprint)
if not sshkey:
return 'guest'
return sshkey.user_id
if __name__ == '__main__':
import argparse
parser = argparse.ArgumentParser(description='code ssh daemon.')
parser.add_argument('--host', default='0.0.0.0', type=str)
parser.add_argument('--port', default=2200, type=int)
args = parser.parse_args()
server = StreamServer((args.host, args.port), app)
server.serve_forever()