Add support for custom authentication forms for hosting services.
Review Request #8149 — Created May 6, 2016 and submitted
Up until now, we made the assumption that every hosting service just
needed a username and a password (which was sometimes an API key). This
isn't always sufficient, though, and we've worked around this limitation
in the past by taking per-repository fields for additional
credential-related information, which really should have been part of
the account details.Now, hosting services can define an authentication form. This manages
fields for the hosting URL (if self-hosted), username/password, and
two-factor auth token. Subclasses can override the help text and labels
for these, override the fields completely, or create new fields.The form is responsible for all validation for authentication
information, the transformation of the fields into a set of credentials
for authorization, and the authorization flow itself. It's also
responsible for state like which of the fields are required or presented
to the user (allowing us to remove some of the hacks in JavaScript).The main repository configuration form now instantiates one of these
authentication forms for every hosting service. This means that for
every hosting service, the authentication fields are independent,
preventing errors from showing up in an auth form when moving between
hosting services, and preventing other such weird glitches we had with
sharing the auth form.There's one UI change to how accounts for self-hosted services work.
Previously, the hosting URL field would appear before the accounts
field. You'd type the URL to the service, and the list of accounts
would update to show only those from that service. Now, we show all
accounts across all URLs, each showing the hosting URL its mapped to as
part of the name). The hosting URL is then shown below that (only when
linking an account). This helps make it clear what accounts you have.The other major change is that re-authenticating now allows you to
change the username and hosting URL, if needed. Previously, this was not
allowed.All-in-all, this change helps move us to a model where RepositoryForm
doesn't have to do all the work, and we're able to better split up
responsibilities. Similar changes will follow for repository and bug
tracker configuration in the future.
Unit tests pass.
Manually tested the following conditions:
- Creating a new repository and account with no errors.
- Creating a new repository and account with auth field errors, and then
fixing them. - Creating a new repository and account with two-factor auth code required,
and then entering it. - Creating a new repository and account with self-hosted service.
- Creating a new repository with existing account.
- Creating a new repository with existing account requiring re-auth, and
providing new credentials (new username, new password, new hosting URL,
new two-factor auth code). - Creating a new repository without a hosting service.
- Creating a new repository with a hosting service using a custom auth
form (repeating the above tests). - Creating a new repository with bug tracker configurations (both with
new information and with using the selected hosting service's information). - Editing a repository (with all the above tests)
Description | From | Last Updated |
---|---|---|
Col: 80 E501 line too long (82 > 79 characters) |
reviewbot | |
local variable 'e' is assigned to but never used |
reviewbot | |
'forms' imported but unused |
reviewbot | |
redefinition of unused 'test_get_file_exists_with_mercurial' from line 1074 |
reviewbot | |
local variable 'account' is assigned to but never used |
reviewbot | |
Typo: password. |
brennie | |
Can we call it help_text? |
brennie | |
Probably should have import ugettext_lazy as _ in the code example so people know what _ is. |
brennie | |
If this is required, we really should have it not default to None. That way, it doesn't appear to be … |
brennie | |
Col: 80 E501 line too long (82 > 79 characters) |
reviewbot | |
The comma here is unnecessary. |
brennie | |
Can we use something else as id is a builtin? |
brennie | |
redefinition of unused 'test_get_file_exists_with_mercurial' from line 1073 |
reviewbot | |
Out of curiousity, why do we override full_clean instead of just clean? |
brennie | |
Col: 80 E501 line too long (82 > 79 characters) |
reviewbot | |
These don't need to be in the try |
brennie | |
Col: 80 E501 line too long (82 > 79 characters) |
reviewbot |
- Change Summary:
-
- Fixed some unused variables/imports.
- Added some code I forgot to
git add
.
- Diff:
-
Revision 2 (+1400 -343)
-
Tool: Pyflakes Processed Files: reviewboard/hostingsvcs/models.py reviewboard/scmtools/tests.py reviewboard/scmtools/admin.py reviewboard/scmtools/forms.py reviewboard/testing/hosting_services.py reviewboard/hostingsvcs/forms.py reviewboard/hostingsvcs/service.py reviewboard/hostingsvcs/tests.py Ignored Files: reviewboard/static/rb/js/admin/repositoryform.js reviewboard/templates/admin/scmtools/repository/change_form.html Tool: PEP8 Style Checker Processed Files: reviewboard/hostingsvcs/models.py reviewboard/scmtools/tests.py reviewboard/scmtools/admin.py reviewboard/scmtools/forms.py reviewboard/testing/hosting_services.py reviewboard/hostingsvcs/forms.py reviewboard/hostingsvcs/service.py reviewboard/hostingsvcs/tests.py Ignored Files: reviewboard/static/rb/js/admin/repositoryform.js reviewboard/templates/admin/scmtools/repository/change_form.html
-
-
- Change Summary:
-
- Renamed the
HostingService.id
variable toHostingService.hosting_service_id
. - Fixed a typo in some docs.
- Fleshed out some example code to include imports.
- Renamed the
- Diff:
-
Revision 3 (+1405 -343)
-
Tool: Pyflakes Processed Files: reviewboard/hostingsvcs/models.py reviewboard/scmtools/tests.py reviewboard/scmtools/admin.py reviewboard/scmtools/forms.py reviewboard/testing/hosting_services.py reviewboard/hostingsvcs/forms.py reviewboard/hostingsvcs/service.py reviewboard/hostingsvcs/tests.py Ignored Files: reviewboard/static/rb/js/admin/repositoryform.js reviewboard/templates/admin/scmtools/repository/change_form.html Tool: PEP8 Style Checker Processed Files: reviewboard/hostingsvcs/models.py reviewboard/scmtools/tests.py reviewboard/scmtools/admin.py reviewboard/scmtools/forms.py reviewboard/testing/hosting_services.py reviewboard/hostingsvcs/forms.py reviewboard/hostingsvcs/service.py reviewboard/hostingsvcs/tests.py Ignored Files: reviewboard/static/rb/js/admin/repositoryform.js reviewboard/templates/admin/scmtools/repository/change_form.html
-
-
Typo in description: "beforet"
Aside from what Barret saw, nothing jumps out at me, but it's a big change so it's hard to see how the pieces fit together.
- Description:
-
Up until now, we made the assumption that every hosting service just
needed a username and a password (which was sometimes an API key). This isn't always sufficient, though, and we've worked around this limitation in the past by taking per-repository fields for additional credential-related information, which really should have been part of the account details. Now, hosting services can define an authentication form. This manages
fields for the hosting URL (if self-hosted), username/password, and two-factor auth token. Subclasses can override the help text and labels for these, override the fields completely, or create new fields. The form is responsible for all validation for authentication
information, the transformation of the fields into a set of credentials for authorization, and the authorization flow itself. It's also responsible for state like which of the fields are required or presented to the user (allowing us to remove some of the hacks in JavaScript). The main repository configuration form now instantiates one of these
authentication forms for every hosting service. This means that for every hosting service, the authentication fields are independent, preventing errors from showing up in an auth form when moving between hosting services, and preventing other such weird glitches we had with sharing the auth form. There's one UI change to how accounts for self-hosted services work.
~ Previously, the hosting URL field would appear beforet the accounts ~ Previously, the hosting URL field would appear before the accounts field. You'd type the URL to the service, and the list of accounts would update to show only those from that service. Now, we show all accounts across all URLs, each showing the hosting URL its mapped to as part of the name). The hosting URL is then shown below that (only when linking an account). This helps make it clear what accounts you have. The other major change is that re-authenticating now allows you to
change the username and hosting URL, if needed. Previously, this was not allowed. All-in-all, this change helps move us to a model where RepositoryForm
doesn't have to do all the work, and we're able to better split up responsibilities. Similar changes will follow for repository and bug tracker configuration in the future.
-
Tool: Pyflakes Processed Files: reviewboard/hostingsvcs/models.py reviewboard/scmtools/tests.py reviewboard/scmtools/admin.py reviewboard/scmtools/forms.py reviewboard/testing/hosting_services.py reviewboard/hostingsvcs/forms.py reviewboard/hostingsvcs/service.py reviewboard/hostingsvcs/tests.py Ignored Files: reviewboard/static/rb/js/admin/repositoryform.js reviewboard/templates/admin/scmtools/repository/change_form.html Tool: PEP8 Style Checker Processed Files: reviewboard/hostingsvcs/models.py reviewboard/scmtools/tests.py reviewboard/scmtools/admin.py reviewboard/scmtools/forms.py reviewboard/testing/hosting_services.py reviewboard/hostingsvcs/forms.py reviewboard/hostingsvcs/service.py reviewboard/hostingsvcs/tests.py Ignored Files: reviewboard/static/rb/js/admin/repositoryform.js reviewboard/templates/admin/scmtools/repository/change_form.html
-