Mercurial > kallithea
annotate rhodecode/model/permission_model.py @ 690:4685f3eafd35 beta
Fixed sumamry page description bug
Some internal changes into repository building.
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Sun, 14 Nov 2010 22:18:51 +0100 |
parents | dd532af216d9 |
children |
rev | line source |
---|---|
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
1 #!/usr/bin/env python |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
2 # encoding: utf-8 |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
3 # Model for permissions |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
5 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
6 # This program is free software; you can redistribute it and/or |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
7 # modify it under the terms of the GNU General Public License |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
8 # as published by the Free Software Foundation; version 2 |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
9 # of the License or (at your opinion) any later version of the license. |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
10 # |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
14 # GNU General Public License for more details. |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
15 # |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU General Public License |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
17 # along with this program; if not, write to the Free Software |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
19 # MA 02110-1301, USA. |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
20 """ |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
21 Created on Aug 20, 2010 |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
22 Model for permissions |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
23 @author: marcink |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
24 """ |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
25 |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
26 from rhodecode.model.db import User, Permission, UserToPerm, RepoToPerm |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
27 from rhodecode.model.caching_query import FromCache |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
28 from rhodecode.model.meta import Session |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
29 import logging |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
30 import traceback |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
31 log = logging.getLogger(__name__) |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
32 |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
33 |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
34 class PermissionModel(object): |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
35 |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
36 def __init__(self, sa=None): |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
37 if not sa: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
38 self.sa = Session() |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
39 else: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
40 self.sa = sa |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
41 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
42 def get_permission(self, permission_id, cache=False): |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
43 perm = self.sa.query(Permission) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
44 if cache: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
45 perm = perm.options(FromCache("sql_cache_short", |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
46 "get_permission_%s" % permission_id)) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
47 return perm.get(permission_id) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
48 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
49 def get_permission_by_name(self, name, cache=False): |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
50 perm = self.sa.query(Permission)\ |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
51 .filter(Permission.permission_name == name) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
52 if cache: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
53 perm = perm.options(FromCache("sql_cache_short", |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
54 "get_permission_%s" % name)) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
55 return perm.scalar() |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
56 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
57 def update(self, form_result): |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
58 perm_user = self.sa.query(User)\ |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
59 .filter(User.username == form_result['perm_user_name']).scalar() |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
60 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all() |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
61 if len(u2p) != 3: |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
62 raise Exception('Defined: %s should be 3 permissions for default' |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
63 ' user. This should not happen please verify' |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
64 ' your database' % len(u2p)) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
65 |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
66 try: |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
67 #stage 1 change defaults |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
68 for p in u2p: |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
69 if p.permission.permission_name.startswith('repository.'): |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
70 p.permission = self.get_permission_by_name( |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
71 form_result['default_perm']) |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
72 self.sa.add(p) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
73 |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
74 if p.permission.permission_name.startswith('hg.register.'): |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
75 p.permission = self.get_permission_by_name( |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
76 form_result['default_register']) |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
77 self.sa.add(p) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
78 |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
79 if p.permission.permission_name.startswith('hg.create.'): |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
80 p.permission = self.get_permission_by_name( |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
81 form_result['default_create']) |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
82 self.sa.add(p) |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
83 #stage 2 update all default permissions for repos if checked |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
84 if form_result['overwrite_default'] == 'true': |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
85 for r2p in self.sa.query(RepoToPerm)\ |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
86 .filter(RepoToPerm.user == perm_user).all(): |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
87 r2p.permission = self.get_permission_by_name( |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
88 form_result['default_perm']) |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
89 self.sa.add(r2p) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
90 |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
91 #stage 3 set anonymous access |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
92 if perm_user.username == 'default': |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
93 perm_user.active = bool(form_result['anonymous']) |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
94 self.sa.add(perm_user) |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
95 |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
96 |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
97 self.sa.commit() |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
98 except: |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
99 log.error(traceback.format_exc()) |
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
100 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
101 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
102 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
103 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
104 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
105 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
106 |