Mercurial > kallithea
annotate rhodecode/model/user.py @ 2467:4419551b2915 codereview
Switched forms to new validators
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Sun, 17 Jun 2012 21:37:07 +0200 |
parents | d3ac7491a5c8 |
children | 8eab81115660 |
rev | line source |
---|---|
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
1 # -*- coding: utf-8 -*- |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
2 """ |
956
83d35d716a02
started working on issue #56
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
3 rhodecode.model.user |
83d35d716a02
started working on issue #56
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~ |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
5 |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
6 users model for RhodeCode |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
7 |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
8 :created_on: Apr 9, 2010 |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
9 :author: marcink |
1824
89efedac4e6c
2012 copyrights
Marcin Kuzminski <marcin@python-works.com>
parents:
1818
diff
changeset
|
10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
11 :license: GPLv3, see COPYING for more details. |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
12 """ |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # This program is free software: you can redistribute it and/or modify |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
14 # it under the terms of the GNU General Public License as published by |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
15 # the Free Software Foundation, either version 3 of the License, or |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
16 # (at your option) any later version. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
17 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
18 # This program is distributed in the hope that it will be useful, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
21 # GNU General Public License for more details. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
22 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
23 # You should have received a copy of the GNU General Public License |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
25 |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
26 import logging |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
27 import traceback |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
28 |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
29 from pylons import url |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
30 from pylons.i18n.translation import _ |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
31 |
2109 | 32 from rhodecode.lib.utils2 import safe_unicode, generate_api_key |
1669
f522f4d3bf93
moved caching query to libs
Marcin Kuzminski <marcin@python-works.com>
parents:
1634
diff
changeset
|
33 from rhodecode.lib.caching_query import FromCache |
f522f4d3bf93
moved caching query to libs
Marcin Kuzminski <marcin@python-works.com>
parents:
1634
diff
changeset
|
34 |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
35 from rhodecode.model import BaseModel |
1633
2c0d35e336b5
refactoring of models names for repoGroup permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
1628
diff
changeset
|
36 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
37 UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember, \ |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
38 Notification, RepoGroup, UserRepoGroupToPerm, UsersGroupRepoGroupToPerm, \ |
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
39 UserEmailMap |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
40 from rhodecode.lib.exceptions import DefaultUserException, \ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
41 UserOwnsReposException |
713
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
42 |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
43 from sqlalchemy.exc import DatabaseError |
2109 | 44 |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
45 from sqlalchemy.orm import joinedload |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
46 |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
47 log = logging.getLogger(__name__) |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
48 |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
49 |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
50 PERM_WEIGHTS = { |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
51 'repository.none': 0, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
52 'repository.read': 1, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
53 'repository.write': 3, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
54 'repository.admin': 4, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
55 'group.none': 0, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
56 'group.read': 1, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
57 'group.write': 3, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
58 'group.admin': 4, |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
59 } |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
60 |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
61 |
752
89b9037d68b7
fixed Example celery config to ampq,
Marcin Kuzminski <marcin@python-works.com>
parents:
750
diff
changeset
|
62 class UserModel(BaseModel): |
1716
7d1fc253549e
notification to commit author + gardening
Marcin Kuzminski <marcin@python-works.com>
parents:
1713
diff
changeset
|
63 |
1594 | 64 def get(self, user_id, cache=False): |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
65 user = self.sa.query(User) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
66 if cache: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
67 user = user.options(FromCache("sql_cache_short", |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
68 "get_user_%s" % user_id)) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
69 return user.get(user_id) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
70 |
2009 | 71 def get_user(self, user): |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
72 return self._get_user(user) |
2009 | 73 |
1594 | 74 def get_by_username(self, username, cache=False, case_insensitive=False): |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
75 |
742
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
76 if case_insensitive: |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
77 user = self.sa.query(User).filter(User.username.ilike(username)) |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
78 else: |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
79 user = self.sa.query(User)\ |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
80 .filter(User.username == username) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
81 if cache: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
82 user = user.options(FromCache("sql_cache_short", |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
83 "get_user_%s" % username)) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
84 return user.scalar() |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
85 |
1594 | 86 def get_by_api_key(self, api_key, cache=False): |
1693
60249224be04
fix for api key lookup, reuse same function in user model
Marcin Kuzminski <marcin@python-works.com>
parents:
1690
diff
changeset
|
87 return User.get_by_api_key(api_key, cache) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
88 |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
89 def create(self, form_data): |
2467
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
90 from rhodecode.lib.auth import get_crypt_password |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
91 try: |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
92 new_user = User() |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
93 for k, v in form_data.items(): |
2467
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
94 if k == 'password': |
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
95 v = get_crypt_password(v) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
96 setattr(new_user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
97 |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
98 new_user.api_key = generate_api_key(form_data['username']) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
99 self.sa.add(new_user) |
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
1417
diff
changeset
|
100 return new_user |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
101 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
102 log.error(traceback.format_exc()) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
103 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
104 |
1728
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
105 def create_or_update(self, username, password, email, name, lastname, |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
106 active=True, admin=False, ldap_dn=None): |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
107 """ |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
108 Creates a new instance if not found, or updates current one |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1758
diff
changeset
|
109 |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
110 :param username: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
111 :param password: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
112 :param email: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
113 :param active: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
114 :param name: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
115 :param lastname: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
116 :param active: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
117 :param admin: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
118 :param ldap_dn: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
119 """ |
1728
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
120 |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
121 from rhodecode.lib.auth import get_crypt_password |
1728
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
122 |
1976 | 123 log.debug('Checking for %s account in RhodeCode database' % username) |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
124 user = User.get_by_username(username, case_insensitive=True) |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
125 if user is None: |
1976 | 126 log.debug('creating new user %s' % username) |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
127 new_user = User() |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
128 else: |
1976 | 129 log.debug('updating user %s' % username) |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
130 new_user = user |
1728
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
131 |
1634
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
132 try: |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
133 new_user.username = username |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
134 new_user.admin = admin |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
135 new_user.password = get_crypt_password(password) |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
136 new_user.api_key = generate_api_key(username) |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
137 new_user.email = email |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
138 new_user.active = active |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
139 new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
140 new_user.name = name |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
141 new_user.lastname = lastname |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
142 self.sa.add(new_user) |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
143 return new_user |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
144 except (DatabaseError,): |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
145 log.error(traceback.format_exc()) |
1d904d972c47
User usermodel instead of db model to manage accounts
Marcin Kuzminski <marcin@python-works.com>
parents:
1633
diff
changeset
|
146 raise |
1728
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
147 |
1621
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
148 def create_for_container_auth(self, username, attrs): |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
149 """ |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
150 Creates the given user if it's not already in the database |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1758
diff
changeset
|
151 |
1621
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
152 :param username: |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
153 :param attrs: |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
154 """ |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
155 if self.get_by_username(username, case_insensitive=True) is None: |
1690
6944b1249f28
fixed issues with not unique emails when using ldap or container auth.
Marcin Kuzminski <marcin@python-works.com>
parents:
1689
diff
changeset
|
156 |
6944b1249f28
fixed issues with not unique emails when using ldap or container auth.
Marcin Kuzminski <marcin@python-works.com>
parents:
1689
diff
changeset
|
157 # autogenerate email for container account without one |
6944b1249f28
fixed issues with not unique emails when using ldap or container auth.
Marcin Kuzminski <marcin@python-works.com>
parents:
1689
diff
changeset
|
158 generate_email = lambda usr: '%s@container_auth.account' % usr |
6944b1249f28
fixed issues with not unique emails when using ldap or container auth.
Marcin Kuzminski <marcin@python-works.com>
parents:
1689
diff
changeset
|
159 |
1621
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
160 try: |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
161 new_user = User() |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
162 new_user.username = username |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
163 new_user.password = None |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
164 new_user.api_key = generate_api_key(username) |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
165 new_user.email = attrs['email'] |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
166 new_user.active = attrs.get('active', True) |
1690
6944b1249f28
fixed issues with not unique emails when using ldap or container auth.
Marcin Kuzminski <marcin@python-works.com>
parents:
1689
diff
changeset
|
167 new_user.name = attrs['name'] or generate_email(username) |
1621
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
168 new_user.lastname = attrs['lastname'] |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
169 |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
170 self.sa.add(new_user) |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
171 return new_user |
1621
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
172 except (DatabaseError,): |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
173 log.error(traceback.format_exc()) |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
174 self.sa.rollback() |
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
175 raise |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
176 log.debug('User %s already exists. Skipping creation of account' |
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
177 ' for container auth.', username) |
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
178 return None |
1621
cbc2b1913cdf
Added basic automatic user creation for container auth
Liad Shani <liadff@gmail.com>
parents:
1618
diff
changeset
|
179 |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
180 def create_ldap(self, username, password, user_dn, attrs): |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
181 """ |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
182 Checks if user is in database, if not creates this user marked |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
183 as ldap user |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1758
diff
changeset
|
184 |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
185 :param username: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
186 :param password: |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
187 :param user_dn: |
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
188 :param attrs: |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
189 """ |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
190 from rhodecode.lib.auth import get_crypt_password |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
191 log.debug('Checking for such ldap account in RhodeCode database') |
1594 | 192 if self.get_by_username(username, case_insensitive=True) is None: |
1689
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
193 |
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
194 # autogenerate email for ldap account without one |
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
195 generate_email = lambda usr: '%s@ldap.account' % usr |
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
196 |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
197 try: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
198 new_user = User() |
1689
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
199 username = username.lower() |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
200 # add ldap account always lowercase |
1689
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
201 new_user.username = username |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
202 new_user.password = get_crypt_password(password) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
203 new_user.api_key = generate_api_key(username) |
1689
cc302c98bb8e
fix fo empty email passed in attributes of ldap account.
Marcin Kuzminski <marcin@python-works.com>
parents:
1669
diff
changeset
|
204 new_user.email = attrs['email'] or generate_email(username) |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
205 new_user.active = attrs.get('active', True) |
1516
582686d76cb6
fixes #256 fixes non ascii chars problems in base_dn on LDAP user creation
Marcin Kuzminski <marcin@python-works.com>
parents:
1417
diff
changeset
|
206 new_user.ldap_dn = safe_unicode(user_dn) |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
207 new_user.name = attrs['name'] |
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
208 new_user.lastname = attrs['lastname'] |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
209 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
210 self.sa.add(new_user) |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
211 return new_user |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
212 except (DatabaseError,): |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
213 log.error(traceback.format_exc()) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
214 self.sa.rollback() |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
215 raise |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
216 log.debug('this %s user exists skipping creation of ldap account', |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
217 username) |
1628
de71a4bde097
Some code cleanups and fixes
Marcin Kuzminski <marcin@python-works.com>
parents:
1626
diff
changeset
|
218 return None |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
219 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
220 def create_registration(self, form_data): |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
221 from rhodecode.model.notification import NotificationModel |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
222 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
223 try: |
2248
72542dc597be
fixed issue with empty APIKEYS on registration #438
Marcin Kuzminski <marcin@python-works.com>
parents:
2186
diff
changeset
|
224 form_data['admin'] = False |
72542dc597be
fixed issue with empty APIKEYS on registration #438
Marcin Kuzminski <marcin@python-works.com>
parents:
2186
diff
changeset
|
225 new_user = self.create(form_data) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
226 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
227 self.sa.add(new_user) |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
228 self.sa.flush() |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
229 |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
230 # notification to admins |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
231 subject = _('new user registration') |
689
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
232 body = ('New user registration\n' |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
233 '---------------------\n' |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
234 '- Username: %s\n' |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
235 '- Full Name: %s\n' |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
236 '- Email: %s\n') |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
237 body = body % (new_user.username, new_user.full_name, |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
238 new_user.email) |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
239 edit_url = url('edit_user', id=new_user.user_id, qualified=True) |
1950
4ae17f819ee8
#344 optional firstname lastname on user creation
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
240 kw = {'registered_user_url': edit_url} |
1731
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
241 NotificationModel().create(created_by=new_user, subject=subject, |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
242 body=body, recipients=None, |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
243 type_=Notification.TYPE_REGISTRATION, |
31e6eb2fb4b2
implements #222 registration feedback
Marcin Kuzminski <marcin@python-works.com>
parents:
1729
diff
changeset
|
244 email_kwargs=kw) |
689
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
245 |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
246 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
247 log.error(traceback.format_exc()) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
248 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
249 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
250 def update(self, user_id, form_data): |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
251 try: |
1594 | 252 user = self.get(user_id, cache=False) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
253 if user.username == 'default': |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
254 raise DefaultUserException( |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
255 _("You can't Edit this user since it's" |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
256 " crucial for entire application")) |
713
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
257 |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
258 for k, v in form_data.items(): |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
259 if k == 'new_password' and v != '': |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
260 user.password = v |
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
261 user.api_key = generate_api_key(user.username) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
262 else: |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
263 setattr(user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
264 |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
265 self.sa.add(user) |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
266 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
267 log.error(traceback.format_exc()) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
268 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
269 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
270 def update_my_account(self, user_id, form_data): |
2467
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
271 from rhodecode.lib.auth import get_crypt_password |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
272 try: |
1594 | 273 user = self.get(user_id, cache=False) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
274 if user.username == 'default': |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
275 raise DefaultUserException( |
2467
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
276 _("You can't Edit this user since it's" |
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
277 " crucial for entire application") |
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
278 ) |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
279 for k, v in form_data.items(): |
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
280 if k == 'new_password' and v != '': |
2467
4419551b2915
Switched forms to new validators
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
281 user.password = get_crypt_password(v) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
282 user.api_key = generate_api_key(user.username) |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
283 else: |
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
284 if k not in ['admin', 'active']: |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
285 setattr(user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
286 |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
287 self.sa.add(user) |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
288 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
289 log.error(traceback.format_exc()) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
290 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
291 |
1758
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
292 def delete(self, user): |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
293 user = self._get_user(user) |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1758
diff
changeset
|
294 |
265
0e5455fda8fd
Implemented basic repository managment. Implemented repo2db mappings, model, helpers updates and code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
295 try: |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
296 if user.username == 'default': |
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
297 raise DefaultUserException( |
2153
fa637dc3e029
Improved message about deleting user who owns repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
2150
diff
changeset
|
298 _(u"You can't remove this user since it's" |
2124
273ce1a99c3f
fixed #397 Private repository groups shows up before login
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
299 " crucial for entire application") |
273ce1a99c3f
fixed #397 Private repository groups shows up before login
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
300 ) |
713
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
301 if user.repositories: |
2153
fa637dc3e029
Improved message about deleting user who owns repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
2150
diff
changeset
|
302 repos = [x.repo_name for x in user.repositories] |
2124
273ce1a99c3f
fixed #397 Private repository groups shows up before login
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
303 raise UserOwnsReposException( |
2153
fa637dc3e029
Improved message about deleting user who owns repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
2150
diff
changeset
|
304 _(u'user "%s" still owns %s repositories and cannot be ' |
fa637dc3e029
Improved message about deleting user who owns repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
2150
diff
changeset
|
305 'removed. Switch owners or remove those repositories. %s') |
fa637dc3e029
Improved message about deleting user who owns repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
2150
diff
changeset
|
306 % (user.username, len(repos), ', '.join(repos)) |
2124
273ce1a99c3f
fixed #397 Private repository groups shows up before login
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
307 ) |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
308 self.sa.delete(user) |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
309 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
310 log.error(traceback.format_exc()) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
311 raise |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
312 |
1417
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
313 def reset_password_link(self, data): |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
314 from rhodecode.lib.celerylib import tasks, run_task |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
315 run_task(tasks.send_password_link, data['email']) |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
316 |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
317 def reset_password(self, data): |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
318 from rhodecode.lib.celerylib import tasks, run_task |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
319 run_task(tasks.reset_user_password, data['email']) |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
320 |
1594 | 321 def fill_data(self, auth_user, user_id=None, api_key=None): |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
322 """ |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
323 Fetches auth_user by user_id,or api_key if present. |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
324 Fills auth_user attributes with those taken from database. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
325 Additionally set's is_authenitated if lookup fails |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
326 present in database |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
327 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
328 :param auth_user: instance of user to set attributes |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
329 :param user_id: user id to fetch by |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
330 :param api_key: api key to fetch by |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
331 """ |
1120
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
332 if user_id is None and api_key is None: |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
333 raise Exception('You need to pass user_id or api_key') |
686
ff6a8196ebfe
fixed anonymous access bug.
Marcin Kuzminski <marcin@python-works.com>
parents:
673
diff
changeset
|
334 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
335 try: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
336 if api_key: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
337 dbuser = self.get_by_api_key(api_key) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
338 else: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
339 dbuser = self.get(user_id) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
340 |
1618
9353189b7675
Added automatic logout of deactivated/deleted users
Liad Shani <liadff@gmail.com>
parents:
1594
diff
changeset
|
341 if dbuser is not None and dbuser.active: |
1976 | 342 log.debug('filling %s data' % dbuser) |
1120
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
343 for k, v in dbuser.get_dict().items(): |
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
344 setattr(auth_user, k, v) |
1618
9353189b7675
Added automatic logout of deactivated/deleted users
Liad Shani <liadff@gmail.com>
parents:
1594
diff
changeset
|
345 else: |
9353189b7675
Added automatic logout of deactivated/deleted users
Liad Shani <liadff@gmail.com>
parents:
1594
diff
changeset
|
346 return False |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
347 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
348 except: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
349 log.error(traceback.format_exc()) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
350 auth_user.is_authenticated = False |
1618
9353189b7675
Added automatic logout of deactivated/deleted users
Liad Shani <liadff@gmail.com>
parents:
1594
diff
changeset
|
351 return False |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
352 |
1618
9353189b7675
Added automatic logout of deactivated/deleted users
Liad Shani <liadff@gmail.com>
parents:
1594
diff
changeset
|
353 return True |
686
ff6a8196ebfe
fixed anonymous access bug.
Marcin Kuzminski <marcin@python-works.com>
parents:
673
diff
changeset
|
354 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
355 def fill_perms(self, user): |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
356 """ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
357 Fills user permission attribute with permissions taken from database |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
358 works for permissions given for repositories, and for permissions that |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
359 are granted to groups |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
360 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
361 :param user: user instance to fill his perms |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
362 """ |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
363 RK = 'repositories' |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
364 GK = 'repositories_groups' |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
365 GLOBAL = 'global' |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
366 user.permissions[RK] = {} |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
367 user.permissions[GK] = {} |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
368 user.permissions[GLOBAL] = set() |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
369 |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
370 #====================================================================== |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
371 # fetch default permissions |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
372 #====================================================================== |
1728
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
373 default_user = User.get_by_username('default', cache=True) |
07e56179633e
- fixes celery sqlalchemy session issues for async forking
Marcin Kuzminski <marcin@python-works.com>
parents:
1716
diff
changeset
|
374 default_user_id = default_user.user_id |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
375 |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
376 default_repo_perms = Permission.get_default_perms(default_user_id) |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
377 default_repo_groups_perms = Permission.get_default_group_perms(default_user_id) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
378 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
379 if user.is_admin: |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
380 #================================================================== |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
381 # admin user have all default rights for repositories |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
382 # and groups set to admin |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
383 #================================================================== |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
384 user.permissions[GLOBAL].add('hg.admin') |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
385 |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
386 # repositories |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
387 for perm in default_repo_perms: |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
388 r_k = perm.UserRepoToPerm.repository.repo_name |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
389 p = 'repository.admin' |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
390 user.permissions[RK][r_k] = p |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
391 |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
392 # repositories groups |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
393 for perm in default_repo_groups_perms: |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
394 rg_k = perm.UserRepoGroupToPerm.group.group_name |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
395 p = 'group.admin' |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
396 user.permissions[GK][rg_k] = p |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
397 return user |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
398 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
399 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
400 # set default permissions first for repositories and groups |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
401 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
402 uid = user.user_id |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
403 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
404 # default global permissions |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
405 default_global_perms = self.sa.query(UserToPerm)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
406 .filter(UserToPerm.user_id == default_user_id) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
407 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
408 for perm in default_global_perms: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
409 user.permissions[GLOBAL].add(perm.permission.permission_name) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
410 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
411 # defaults for repositories, taken from default user |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
412 for perm in default_repo_perms: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
413 r_k = perm.UserRepoToPerm.repository.repo_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
414 if perm.Repository.private and not (perm.Repository.user_id == uid): |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
415 # disable defaults for private repos, |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
416 p = 'repository.none' |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
417 elif perm.Repository.user_id == uid: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
418 # set admin if owner |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
419 p = 'repository.admin' |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
420 else: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
421 p = perm.Permission.permission_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
422 |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
423 user.permissions[RK][r_k] = p |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
424 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
425 # defaults for repositories groups taken from default user permission |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
426 # on given group |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
427 for perm in default_repo_groups_perms: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
428 rg_k = perm.UserRepoGroupToPerm.group.group_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
429 p = perm.Permission.permission_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
430 user.permissions[GK][rg_k] = p |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
431 |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
432 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
433 # overwrite defaults with user permissions if any found |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
434 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
435 |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
436 # user global permissions |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
437 user_perms = self.sa.query(UserToPerm)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
438 .options(joinedload(UserToPerm.permission))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
439 .filter(UserToPerm.user_id == uid).all() |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
440 |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
441 for perm in user_perms: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
442 user.permissions[GLOBAL].add(perm.permission.permission_name) |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
443 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
444 # user explicit permissions for repositories |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
445 user_repo_perms = \ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
446 self.sa.query(UserRepoToPerm, Permission, Repository)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
447 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
448 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
449 .filter(UserRepoToPerm.user_id == uid)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
450 .all() |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
451 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
452 for perm in user_repo_perms: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
453 # set admin if owner |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
454 r_k = perm.UserRepoToPerm.repository.repo_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
455 if perm.Repository.user_id == uid: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
456 p = 'repository.admin' |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
457 else: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
458 p = perm.Permission.permission_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
459 user.permissions[RK][r_k] = p |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
460 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
461 # USER GROUP |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
462 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
463 # check if user is part of user groups for this repository and |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
464 # fill in (or replace with higher) permissions |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
465 #================================================================== |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
466 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
467 # users group global |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
468 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
469 .options(joinedload(UsersGroupToPerm.permission))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
470 .join((UsersGroupMember, UsersGroupToPerm.users_group_id == |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
471 UsersGroupMember.users_group_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
472 .filter(UsersGroupMember.user_id == uid).all() |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
473 |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
474 for perm in user_perms_from_users_groups: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
475 user.permissions[GLOBAL].add(perm.permission.permission_name) |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
476 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
477 # users group for repositories permissions |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
478 user_repo_perms_from_users_groups = \ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
479 self.sa.query(UsersGroupRepoToPerm, Permission, Repository,)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
480 .join((Repository, UsersGroupRepoToPerm.repository_id == Repository.repo_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
481 .join((Permission, UsersGroupRepoToPerm.permission_id == Permission.permission_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
482 .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id == UsersGroupMember.users_group_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
483 .filter(UsersGroupMember.user_id == uid)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
484 .all() |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
485 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
486 for perm in user_repo_perms_from_users_groups: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
487 r_k = perm.UsersGroupRepoToPerm.repository.repo_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
488 p = perm.Permission.permission_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
489 cur_perm = user.permissions[RK][r_k] |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
490 # overwrite permission only if it's greater than permission |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
491 # given from other sources |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
492 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
493 user.permissions[RK][r_k] = p |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
494 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
495 # REPO GROUP |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
496 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
497 # get access for this user for repos group and override defaults |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
498 #================================================================== |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
499 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
500 # user explicit permissions for repository |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
501 user_repo_groups_perms = \ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
502 self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
503 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
504 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
505 .filter(UserRepoGroupToPerm.user_id == uid)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
506 .all() |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
507 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
508 for perm in user_repo_groups_perms: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
509 rg_k = perm.UserRepoGroupToPerm.group.group_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
510 p = perm.Permission.permission_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
511 cur_perm = user.permissions[GK][rg_k] |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
512 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
513 user.permissions[GK][rg_k] = p |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
514 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
515 # REPO GROUP + USER GROUP |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
516 #================================================================== |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
517 # check if user is part of user groups for this repo group and |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
518 # fill in (or replace with higher) permissions |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
519 #================================================================== |
2129
43481c3d70ca
#399 added inheritance of permissions for users group on repos groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2124
diff
changeset
|
520 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
521 # users group for repositories permissions |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
522 user_repo_group_perms_from_users_groups = \ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
523 self.sa.query(UsersGroupRepoGroupToPerm, Permission, RepoGroup)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
524 .join((RepoGroup, UsersGroupRepoGroupToPerm.group_id == RepoGroup.group_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
525 .join((Permission, UsersGroupRepoGroupToPerm.permission_id == Permission.permission_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
526 .join((UsersGroupMember, UsersGroupRepoGroupToPerm.users_group_id == UsersGroupMember.users_group_id))\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
527 .filter(UsersGroupMember.user_id == uid)\ |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
528 .all() |
2129
43481c3d70ca
#399 added inheritance of permissions for users group on repos groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2124
diff
changeset
|
529 |
2186
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
530 for perm in user_repo_group_perms_from_users_groups: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
531 g_k = perm.UsersGroupRepoGroupToPerm.group.group_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
532 p = perm.Permission.permission_name |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
533 cur_perm = user.permissions[GK][g_k] |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
534 # overwrite permission only if it's greater than permission |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
535 # given from other sources |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
536 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: |
7b52c2351231
permission comments + out identation for better readability
Marcin Kuzminski <marcin@python-works.com>
parents:
2153
diff
changeset
|
537 user.permissions[GK][g_k] = p |
2129
43481c3d70ca
#399 added inheritance of permissions for users group on repos groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2124
diff
changeset
|
538 |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
539 return user |
1594 | 540 |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
541 def has_perm(self, user, perm): |
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
542 if not isinstance(perm, Permission): |
1758
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
543 raise Exception('perm needs to be an instance of Permission class ' |
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
544 'got %s instead' % type(perm)) |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
545 |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
546 user = self._get_user(user) |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
547 |
1758
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
548 return UserToPerm.query().filter(UserToPerm.user == user)\ |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
549 .filter(UserToPerm.permission == perm).scalar() is not None |
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
550 |
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
551 def grant_perm(self, user, perm): |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
552 """ |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
553 Grant user global permissions |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
554 |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
555 :param user: |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
556 :param perm: |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
557 """ |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
558 user = self._get_user(user) |
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
559 perm = self._get_perm(perm) |
2078
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
560 # if this permission is already granted skip it |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
561 _perm = UserToPerm.query()\ |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
562 .filter(UserToPerm.user == user)\ |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
563 .filter(UserToPerm.permission == perm)\ |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
564 .scalar() |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
565 if _perm: |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
566 return |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
567 new = UserToPerm() |
1758
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
568 new.user = user |
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
569 new.permission = perm |
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
570 self.sa.add(new) |
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
571 |
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
572 def revoke_perm(self, user, perm): |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
573 """ |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
574 Revoke users global permissions |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1758
diff
changeset
|
575 |
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
576 :param user: |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
577 :param perm: |
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1976
diff
changeset
|
578 """ |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
579 user = self._get_user(user) |
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
580 perm = self._get_perm(perm) |
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1758
diff
changeset
|
581 |
2078
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
582 obj = UserToPerm.query()\ |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
583 .filter(UserToPerm.user == user)\ |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
584 .filter(UserToPerm.permission == perm)\ |
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
2009
diff
changeset
|
585 .scalar() |
1758
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
586 if obj: |
a87aa385f21c
fixed repo_create permission by adding missing commit statements
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
587 self.sa.delete(obj) |
2330
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
588 |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
589 def add_extra_email(self, user, email): |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
590 """ |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
591 Adds email address to UserEmailMap |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
592 |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
593 :param user: |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
594 :param email: |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
595 """ |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
596 user = self._get_user(user) |
2330
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
597 obj = UserEmailMap() |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
598 obj.user = user |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
599 obj.email = email |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
600 self.sa.add(obj) |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
601 return obj |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
602 |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
603 def delete_extra_email(self, user, email_id): |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
604 """ |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
605 Removes email address from UserEmailMap |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
606 |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
607 :param user: |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
608 :param email_id: |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
609 """ |
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2330
diff
changeset
|
610 user = self._get_user(user) |
2330
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
611 obj = UserEmailMap.query().get(email_id) |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
612 if obj: |
b0fef8a77568
Added simple UI for admin to manage emails map
Marcin Kuzminski <marcin@python-works.com>
parents:
2278
diff
changeset
|
613 self.sa.delete(obj) |