kallithea: rhodecode/model/permission.py annotate

annotate rhodecode/model/permission.py @ 1345:3bce31f026b8 beta

#47 implemented Adding of new repo_groups+forms+validators. Fixed sorting of repo groups by main names in multiple locations. Removed some unneeded calls to self.sa for exchange to .query() methods. Added new db unique key for Group

author	Marcin Kuzminski <marcin@python-works.com>
date	Mon, 23 May 2011 02:22:00 +0200
parents	aa7e45ad0cea
children	bf263968da47 2c0d35e336b5

rev	line source
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	1 # -- coding: utf-8 --
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	2 """
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	3 rhodecode.model.permission
bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	4 ~~~~~~~~~~~~~~~~~~~~~~~~~~
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	5
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	6 permissions model for RhodeCode
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	7
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	8 :created_on: Aug 20, 2010
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	9 :author: marcink
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	10 :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	11 :license: GPLv3, see COPYING for more details.
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	12 """
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	13 # This program is free software: you can redistribute it and/or modify
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	14 # it under the terms of the GNU General Public License as published by
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	15 # the Free Software Foundation, either version 3 of the License, or
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	16 # (at your option) any later version.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	17 #
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	18 # This program is distributed in the hope that it will be useful,
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	21 # GNU General Public License for more details.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	22 #
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	23 # You should have received a copy of the GNU General Public License
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	25
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	26 import logging
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	27 import traceback
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	28
a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	29 from sqlalchemy.exc import DatabaseError
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	30
752 89b9037d68b7 fixed Example celery config to ampq, Marcin Kuzminski <marcin@python-works.com> parents: 751 diff changeset	31 from rhodecode.model import BaseModel
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 418 diff changeset	32 from rhodecode.model.db import User, Permission, UserToPerm, RepoToPerm
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	33 from rhodecode.model.caching_query import FromCache
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	34
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	35 log = logging.getLogger(__name__)
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	36
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	37
752 89b9037d68b7 fixed Example celery config to ampq, Marcin Kuzminski <marcin@python-works.com> parents: 751 diff changeset	38 class PermissionModel(BaseModel):
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	39 """Permissions model for RhodeCode
bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	40 """
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	41
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	42 def get_permission(self, permission_id, cache=False):
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	43 """Get's permissions by id
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	44
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	45 :param permission_id: id of permission to get from database
bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	46 :param cache: use Cache for this query
bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	47 """
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	48 perm = self.sa.query(Permission)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	49 if cache:
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	50 perm = perm.options(FromCache("sql_cache_short",
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	51 "get_permission_%s" % permission_id))
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	52 return perm.get(permission_id)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	53
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	54 def get_permission_by_name(self, name, cache=False):
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	55 """Get's permissions by given name
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	56
811 bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	57 :param name: name to fetch
bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	58 :param cache: Use cache for this query
bb35ad076e2f docs updates Marcin Kuzminski <marcin@python-works.com> parents: 759 diff changeset	59 """
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	60 perm = self.sa.query(Permission)\
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	61 .filter(Permission.permission_name == name)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	62 if cache:
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	63 perm = perm.options(FromCache("sql_cache_short",
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	64 "get_permission_%s" % name))
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	65 return perm.scalar()
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	66
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	67 def update(self, form_result):
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	68 perm_user = self.sa.query(User)\
1271 aa7e45ad0cea Fixed permissions for users groups, group can have create repo permission now. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	69 .filter(User.username ==
aa7e45ad0cea Fixed permissions for users groups, group can have create repo permission now. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	70 form_result['perm_user_name']).scalar()
aa7e45ad0cea Fixed permissions for users groups, group can have create repo permission now. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	71 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==
aa7e45ad0cea Fixed permissions for users groups, group can have create repo permission now. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	72 perm_user).all()
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	73 if len(u2p) != 3:
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	74 raise Exception('Defined: %s should be 3 permissions for default'
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	75 ' user. This should not happen please verify'
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	76 ' your database' % len(u2p))
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	77
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	78 try:
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	79 #stage 1 change defaults
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	80 for p in u2p:
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	81 if p.permission.permission_name.startswith('repository.'):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	82 p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	83 form_result['default_perm'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	84 self.sa.add(p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	85
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	86 if p.permission.permission_name.startswith('hg.register.'):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	87 p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	88 form_result['default_register'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	89 self.sa.add(p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	90
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	91 if p.permission.permission_name.startswith('hg.create.'):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	92 p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	93 form_result['default_create'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	94 self.sa.add(p)
751 ff881ec6a140 bugfix default permissions settings did not read overwrite setting Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	95
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	96 #stage 2 update all default permissions for repos if checked
751 ff881ec6a140 bugfix default permissions settings did not read overwrite setting Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	97 if form_result['overwrite_default'] == True:
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	98 for r2p in self.sa.query(RepoToPerm)\
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	99 .filter(RepoToPerm.user == perm_user).all():
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	100 r2p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	101 form_result['default_perm'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	102 self.sa.add(r2p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	103
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	104 #stage 3 set anonymous access
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	105 if perm_user.username == 'default':
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	106 perm_user.active = bool(form_result['anonymous'])
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	107 self.sa.add(perm_user)
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	108
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	109 self.sa.commit()
759 a7f50911a945 Models code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	110 except (DatabaseError,):
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	111 log.error(traceback.format_exc())
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	112 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	113 raise

Mercurial > kallithea

annotate rhodecode/model/permission.py @ 1345:3bce31f026b8 beta