kallithea: rhodecode/model/permission.py annotate

annotate rhodecode/model/permission.py @ 4147:1c8f818787b3 rhodecode-2.2.5-gpl

old style: show the full link box on summary page - no overlap or truncation

author	Mads Kiilerich <madski@unity3d.com>
date	Wed, 02 Jul 2014 19:03:23 -0400
parents	ffd45b185016
children	7e5f8c12a3fc

rev	line source
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	1 # -- coding: utf-8 --
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	2 # This program is free software: you can redistribute it and/or modify
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	3 # it under the terms of the GNU General Public License as published by
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	4 # the Free Software Foundation, either version 3 of the License, or
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	5 # (at your option) any later version.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	6 #
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	7 # This program is distributed in the hope that it will be useful,
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	10 # GNU General Public License for more details.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	11 #
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	12 # You should have received a copy of the GNU General Public License
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	14 """
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	15 rhodecode.model.permission
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	16 ~~~~~~~~~~~~~~~~~~~~~~~~~~
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	17
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	18 permissions model for RhodeCode
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	19
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	20 :created_on: Aug 20, 2010
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	21 :author: marcink
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	22 :copyright: (c) 2013 RhodeCode GmbH.
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	23 :license: GPLv3, see LICENSE for more details.
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	24 """
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	25
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	26
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	27 import logging
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	28 import traceback
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	29
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	30 from sqlalchemy.exc import DatabaseError
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	31
752 89b9037d68b7 fixed Example celery config to ampq, Marcin Kuzminski <marcin@python-works.com> parents: 751 diff changeset	32 from rhodecode.model import BaseModel
2425 a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	33 from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm,\
3735 8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	34 UserRepoGroupToPerm, UserUserGroupToPerm
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	35 from rhodecode.lib.utils2 import str2bool
1669 f522f4d3bf93 moved caching query to libs Marcin Kuzminski <marcin@python-works.com> parents: 1633 diff changeset	36
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	37 log = logging.getLogger(__name__)
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	38
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	39
752 89b9037d68b7 fixed Example celery config to ampq, Marcin Kuzminski <marcin@python-works.com> parents: 751 diff changeset	40 class PermissionModel(BaseModel):
1716 7d1fc253549e notification to commit author + gardening Marcin Kuzminski <marcin@python-works.com> parents: 1669 diff changeset	41 """
7d1fc253549e notification to commit author + gardening Marcin Kuzminski <marcin@python-works.com> parents: 1669 diff changeset	42 Permissions model for RhodeCode
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	43 """
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	44
2522 17893d61792a Added associated classes into child models Marcin Kuzminski <marcin@python-works.com> parents: 2425 diff changeset	45 cls = Permission
17893d61792a Added associated classes into child models Marcin Kuzminski <marcin@python-works.com> parents: 2425 diff changeset	46
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	47 def create_permissions(self):
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	48 """
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	49 Create permissions for whole system
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	50 """
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	51 for p in Permission.PERMS:
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	52 if not Permission.get_by_key(p[0]):
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	53 new_perm = Permission()
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	54 new_perm.permission_name = p[0]
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	55 new_perm.permission_longname = p[0] #translation err with p[1]
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	56 self.sa.add(new_perm)
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	57
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	58 def create_default_permissions(self, user, force=False):
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	59 """
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	60 Creates only missing default permissions for user, if force is set it
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	61 resets the default permissions for that user
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	62
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	63 :param user:
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	64 """
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	65 user = self._get_user(user)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	66
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	67 def _make_perm(perm):
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	68 new_perm = UserToPerm()
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	69 new_perm.user = user
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	70 new_perm.permission = Permission.get_by_key(perm)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	71 return new_perm
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	72
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	73 def _get_group(perm_name):
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	74 return '.'.join(perm_name.split('.')[:1])
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	75
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	76 perms = UserToPerm.query().filter(UserToPerm.user == user).all()
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	77 defined_perms_groups = map(_get_group,
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	78 (x.permission.permission_name for x in perms))
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	79 log.debug('GOT ALREADY DEFINED:%s' % perms)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	80 DEFAULT_PERMS = Permission.DEFAULT_USER_PERMISSIONS
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	81
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	82 if force:
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	83 for perm in perms:
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	84 self.sa.delete(perm)
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	85 self.sa.commit()
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	86 defined_perms_groups = []
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	87 # for every default permission that needs to be created, we check if
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	88 # it's group is already defined, if it's not we create default perm
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	89 for perm_name in DEFAULT_PERMS:
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	90 gr = _get_group(perm_name)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	91 if gr not in defined_perms_groups:
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	92 log.debug('GR:%s not found, creating permission %s'
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	93 % (gr, perm_name))
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	94 new_perm = _make_perm(perm_name)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	95 self.sa.add(new_perm)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	96
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	97 def update(self, form_result):
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	98 perm_user = User.get_by_username(username=form_result['perm_user_name'])
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	99
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	100 try:
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	101 # stage 1 set anonymous access
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	102 if perm_user.username == User.DEFAULT_USER:
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	103 perm_user.active = str2bool(form_result['anonymous'])
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	104 self.sa.add(perm_user)
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	105
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	106 # stage 2 reset defaults and set them from form data
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	107 def _make_new(usr, perm_name):
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	108 log.debug('Creating new permission:%s' % (perm_name))
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	109 new = UserToPerm()
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	110 new.user = usr
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	111 new.permission = Permission.get_by_key(perm_name)
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	112 return new
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	113 # clear current entries, to make this function idempotent
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	114 # it will fix even if we define more permissions or permissions
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	115 # are somehow missing
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	116 u2p = self.sa.query(UserToPerm)\
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	117 .filter(UserToPerm.user == perm_user)\
af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	118 .all()
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	119 for p in u2p:
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	120 self.sa.delete(p)
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	121 #create fresh set of permissions
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	122 for def_perm_key in ['default_repo_perm',
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	123 'default_group_perm',
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	124 'default_user_group_perm',
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	125 'default_repo_create',
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	126 'create_on_write', # special case for create repos on write access to group
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	127 #'default_repo_group_create', #not implemented yet
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3733 diff changeset	128 'default_user_group_create',
4116 ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	129 'default_fork',
ffd45b185016 Imported some of the GPLv3'd changes from RhodeCode v2.2.5. Bradley M. Kuhn <bkuhn@sfconservancy.org> parents: 3960 diff changeset	130 'default_register',
3786 222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3735 diff changeset	131 'default_extern_activate']:
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	132 p = _make_new(perm_user, form_result[def_perm_key])
e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	133 self.sa.add(p)
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2522 diff changeset	134
3733 af049a957506 fixed default permissions population during upgrades Marcin Kuzminski <marcin@python-works.com> parents: 3730 diff changeset	135 #stage 3 update all default permissions for repos if checked
3888 7aa0ff5b4e09 simplified boolean expressions Marcin Kuzminski <marcin@python-works.com> parents: 3786 diff changeset	136 if form_result['overwrite_default_repo']:
3052 d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2798 diff changeset	137 _def_name = form_result['default_repo_perm'].split('repository.')[-1]
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	138 _def = Permission.get_by_key('repository.' + _def_name)
2425 a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	139 # repos
1633 2c0d35e336b5 refactoring of models names for repoGroup permissions Marcin Kuzminski <marcin@python-works.com> parents: 1271 diff changeset	140 for r2p in self.sa.query(UserRepoToPerm)\
2425 a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	141 .filter(UserRepoToPerm.user == perm_user)\
a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	142 .all():
3220 9e76876a0690 Global permission update with "overwrite existing settings" shouldn't override private repositories. Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	143
9e76876a0690 Global permission update with "overwrite existing settings" shouldn't override private repositories. Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	144 #don't reset PRIVATE repositories
3625 260a7a01b054 follow Python conventions for boolean values Mads Kiilerich <madski@unity3d.com> parents: 3220 diff changeset	145 if not r2p.repository.private:
3220 9e76876a0690 Global permission update with "overwrite existing settings" shouldn't override private repositories. Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	146 r2p.permission = _def
9e76876a0690 Global permission update with "overwrite existing settings" shouldn't override private repositories. Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	147 self.sa.add(r2p)
3052 d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2798 diff changeset	148
3888 7aa0ff5b4e09 simplified boolean expressions Marcin Kuzminski <marcin@python-works.com> parents: 3786 diff changeset	149 if form_result['overwrite_default_group']:
3052 d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2798 diff changeset	150 _def_name = form_result['default_group_perm'].split('group.')[-1]
2425 a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	151 # groups
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	152 _def = Permission.get_by_key('group.' + _def_name)
2425 a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	153 for g2p in self.sa.query(UserRepoGroupToPerm)\
a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	154 .filter(UserRepoGroupToPerm.user == perm_user)\
a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	155 .all():
a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	156 g2p.permission = _def
a970b6e7c5a2 Update permissions from admin permissions menu, also overwrites defaults Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	157 self.sa.add(g2p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	158
3888 7aa0ff5b4e09 simplified boolean expressions Marcin Kuzminski <marcin@python-works.com> parents: 3786 diff changeset	159 if form_result['overwrite_default_user_group']:
3735 8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	160 _def_name = form_result['default_user_group_perm'].split('usergroup.')[-1]
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	161 # groups
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	162 _def = Permission.get_by_key('usergroup.' + _def_name)
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	163 for g2p in self.sa.query(UserUserGroupToPerm)\
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	164 .filter(UserUserGroupToPerm.user == perm_user)\
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	165 .all():
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	166 g2p.permission = _def
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	167 self.sa.add(g2p)
8a40028eaf73 fixed overwrite default user group permission flag Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	168
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	169 self.sa.commit()
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	170 except (DatabaseError,):
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	171 log.error(traceback.format_exc())
3730 e42e1d4e1c47 make the permission update function idempotent Marcin Kuzminski <marcin@python-works.com> parents: 3625 diff changeset	172 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	173 raise

Mercurial > kallithea

annotate rhodecode/model/permission.py @ 4147:1c8f818787b3 rhodecode-2.2.5-gpl