Mercurial > kallithea
annotate rhodecode/model/permission.py @ 4147:1c8f818787b3 rhodecode-2.2.5-gpl
old style: show the full link box on summary page - no overlap or truncation
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Wed, 02 Jul 2014 19:03:23 -0400 |
parents | ffd45b185016 |
children | 7e5f8c12a3fc |
rev | line source |
---|---|
759
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
1 # -*- coding: utf-8 -*- |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
2 # This program is free software: you can redistribute it and/or modify |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
3 # it under the terms of the GNU General Public License as published by |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
4 # the Free Software Foundation, either version 3 of the License, or |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
5 # (at your option) any later version. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
6 # |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
7 # This program is distributed in the hope that it will be useful, |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
10 # GNU General Public License for more details. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
11 # |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
12 # You should have received a copy of the GNU General Public License |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
14 """ |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
15 rhodecode.model.permission |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
16 ~~~~~~~~~~~~~~~~~~~~~~~~~~ |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
17 |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
18 permissions model for RhodeCode |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
19 |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
20 :created_on: Aug 20, 2010 |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
21 :author: marcink |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
22 :copyright: (c) 2013 RhodeCode GmbH. |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
23 :license: GPLv3, see LICENSE for more details. |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
24 """ |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
25 |
759
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
26 |
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
27 import logging |
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
28 import traceback |
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
29 |
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
30 from sqlalchemy.exc import DatabaseError |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
31 |
752
89b9037d68b7
fixed Example celery config to ampq,
Marcin Kuzminski <marcin@python-works.com>
parents:
751
diff
changeset
|
32 from rhodecode.model import BaseModel |
2425
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
33 from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm,\ |
3735
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
34 UserRepoGroupToPerm, UserUserGroupToPerm |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
35 from rhodecode.lib.utils2 import str2bool |
1669
f522f4d3bf93
moved caching query to libs
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
36 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
37 log = logging.getLogger(__name__) |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
38 |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
39 |
752
89b9037d68b7
fixed Example celery config to ampq,
Marcin Kuzminski <marcin@python-works.com>
parents:
751
diff
changeset
|
40 class PermissionModel(BaseModel): |
1716
7d1fc253549e
notification to commit author + gardening
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
41 """ |
7d1fc253549e
notification to commit author + gardening
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
42 Permissions model for RhodeCode |
811 | 43 """ |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
44 |
2522
17893d61792a
Added associated classes into child models
Marcin Kuzminski <marcin@python-works.com>
parents:
2425
diff
changeset
|
45 cls = Permission |
17893d61792a
Added associated classes into child models
Marcin Kuzminski <marcin@python-works.com>
parents:
2425
diff
changeset
|
46 |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
47 def create_permissions(self): |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
48 """ |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
49 Create permissions for whole system |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
50 """ |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
51 for p in Permission.PERMS: |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
52 if not Permission.get_by_key(p[0]): |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
53 new_perm = Permission() |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
54 new_perm.permission_name = p[0] |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
55 new_perm.permission_longname = p[0] #translation err with p[1] |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
56 self.sa.add(new_perm) |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
57 |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
58 def create_default_permissions(self, user, force=False): |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
59 """ |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
60 Creates only missing default permissions for user, if force is set it |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
61 resets the default permissions for that user |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
62 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
63 :param user: |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
64 """ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
65 user = self._get_user(user) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
66 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
67 def _make_perm(perm): |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
68 new_perm = UserToPerm() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
69 new_perm.user = user |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
70 new_perm.permission = Permission.get_by_key(perm) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
71 return new_perm |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
72 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
73 def _get_group(perm_name): |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
74 return '.'.join(perm_name.split('.')[:1]) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
75 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
76 perms = UserToPerm.query().filter(UserToPerm.user == user).all() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
77 defined_perms_groups = map(_get_group, |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
78 (x.permission.permission_name for x in perms)) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
79 log.debug('GOT ALREADY DEFINED:%s' % perms) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
80 DEFAULT_PERMS = Permission.DEFAULT_USER_PERMISSIONS |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
81 |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
82 if force: |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
83 for perm in perms: |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
84 self.sa.delete(perm) |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
85 self.sa.commit() |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
86 defined_perms_groups = [] |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
87 # for every default permission that needs to be created, we check if |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
88 # it's group is already defined, if it's not we create default perm |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
89 for perm_name in DEFAULT_PERMS: |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
90 gr = _get_group(perm_name) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
91 if gr not in defined_perms_groups: |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
92 log.debug('GR:%s not found, creating permission %s' |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
93 % (gr, perm_name)) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
94 new_perm = _make_perm(perm_name) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
95 self.sa.add(new_perm) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
96 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
97 def update(self, form_result): |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
98 perm_user = User.get_by_username(username=form_result['perm_user_name']) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
99 |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
100 try: |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
101 # stage 1 set anonymous access |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
102 if perm_user.username == User.DEFAULT_USER: |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
103 perm_user.active = str2bool(form_result['anonymous']) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
104 self.sa.add(perm_user) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
105 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
106 # stage 2 reset defaults and set them from form data |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
107 def _make_new(usr, perm_name): |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
108 log.debug('Creating new permission:%s' % (perm_name)) |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
109 new = UserToPerm() |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
110 new.user = usr |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
111 new.permission = Permission.get_by_key(perm_name) |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
112 return new |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
113 # clear current entries, to make this function idempotent |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
114 # it will fix even if we define more permissions or permissions |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
115 # are somehow missing |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
116 u2p = self.sa.query(UserToPerm)\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
117 .filter(UserToPerm.user == perm_user)\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
118 .all() |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
119 for p in u2p: |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
120 self.sa.delete(p) |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
121 #create fresh set of permissions |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
122 for def_perm_key in ['default_repo_perm', |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
123 'default_group_perm', |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
124 'default_user_group_perm', |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
125 'default_repo_create', |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
126 'create_on_write', # special case for create repos on write access to group |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
127 #'default_repo_group_create', #not implemented yet |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3733
diff
changeset
|
128 'default_user_group_create', |
4116
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
129 'default_fork', |
ffd45b185016
Imported some of the GPLv3'd changes from RhodeCode v2.2.5.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
130 'default_register', |
3786
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3735
diff
changeset
|
131 'default_extern_activate']: |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
132 p = _make_new(perm_user, form_result[def_perm_key]) |
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
133 self.sa.add(p) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2522
diff
changeset
|
134 |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3730
diff
changeset
|
135 #stage 3 update all default permissions for repos if checked |
3888
7aa0ff5b4e09
simplified boolean expressions
Marcin Kuzminski <marcin@python-works.com>
parents:
3786
diff
changeset
|
136 if form_result['overwrite_default_repo']: |
3052
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2798
diff
changeset
|
137 _def_name = form_result['default_repo_perm'].split('repository.')[-1] |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
138 _def = Permission.get_by_key('repository.' + _def_name) |
2425
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
139 # repos |
1633
2c0d35e336b5
refactoring of models names for repoGroup permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
1271
diff
changeset
|
140 for r2p in self.sa.query(UserRepoToPerm)\ |
2425
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
141 .filter(UserRepoToPerm.user == perm_user)\ |
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
142 .all(): |
3220
9e76876a0690
Global permission update with "overwrite existing settings" shouldn't override private repositories.
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
143 |
9e76876a0690
Global permission update with "overwrite existing settings" shouldn't override private repositories.
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
144 #don't reset PRIVATE repositories |
3625
260a7a01b054
follow Python conventions for boolean values
Mads Kiilerich <madski@unity3d.com>
parents:
3220
diff
changeset
|
145 if not r2p.repository.private: |
3220
9e76876a0690
Global permission update with "overwrite existing settings" shouldn't override private repositories.
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
146 r2p.permission = _def |
9e76876a0690
Global permission update with "overwrite existing settings" shouldn't override private repositories.
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
147 self.sa.add(r2p) |
3052
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2798
diff
changeset
|
148 |
3888
7aa0ff5b4e09
simplified boolean expressions
Marcin Kuzminski <marcin@python-works.com>
parents:
3786
diff
changeset
|
149 if form_result['overwrite_default_group']: |
3052
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2798
diff
changeset
|
150 _def_name = form_result['default_group_perm'].split('group.')[-1] |
2425
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
151 # groups |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
152 _def = Permission.get_by_key('group.' + _def_name) |
2425
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
153 for g2p in self.sa.query(UserRepoGroupToPerm)\ |
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
154 .filter(UserRepoGroupToPerm.user == perm_user)\ |
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
155 .all(): |
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
156 g2p.permission = _def |
a970b6e7c5a2
Update permissions from admin permissions menu, also overwrites defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
157 self.sa.add(g2p) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
158 |
3888
7aa0ff5b4e09
simplified boolean expressions
Marcin Kuzminski <marcin@python-works.com>
parents:
3786
diff
changeset
|
159 if form_result['overwrite_default_user_group']: |
3735
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
160 _def_name = form_result['default_user_group_perm'].split('usergroup.')[-1] |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
161 # groups |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
162 _def = Permission.get_by_key('usergroup.' + _def_name) |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
163 for g2p in self.sa.query(UserUserGroupToPerm)\ |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
164 .filter(UserUserGroupToPerm.user == perm_user)\ |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
165 .all(): |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
166 g2p.permission = _def |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
167 self.sa.add(g2p) |
8a40028eaf73
fixed overwrite default user group permission flag
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
168 |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
169 self.sa.commit() |
759
a7f50911a945
Models code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
170 except (DatabaseError,): |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
171 log.error(traceback.format_exc()) |
3730
e42e1d4e1c47
make the permission update function idempotent
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
172 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
173 raise |