Mercurial > kallithea
annotate rhodecode/model/users_group.py @ 3737:46b17730ca32 beta
implemented usergroup permissions checks.
- each user who has now explicit or inherited permissions can create usersgrous
- user is automatically an admin of that usergroup, and can manage it
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Wed, 10 Apr 2013 23:45:04 +0200 |
| parents | a8f520540ab0 |
| children | d9b89874edf9 |
| rev | line source |
|---|---|
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
1 # -*- coding: utf-8 -*- |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
2 """ |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
3 rhodecode.model.users_group |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
5 |
|
3410
5f1850e4712a
"Users groups" is grammatically incorrect English - rename to "user groups"
Mads Kiilerich <madski@unity3d.com>
parents:
2709
diff
changeset
|
6 user group model for RhodeCode |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
7 |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
8 :created_on: Oct 1, 2011 |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
9 :author: nvinot |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
10 :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr> |
|
1824
89efedac4e6c
2012 copyrights
Marcin Kuzminski <marcin@python-works.com>
parents:
1818
diff
changeset
|
11 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
12 :license: GPLv3, see COPYING for more details. |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
13 """ |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
14 # This program is free software: you can redistribute it and/or modify |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
15 # it under the terms of the GNU General Public License as published by |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
16 # the Free Software Foundation, either version 3 of the License, or |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
17 # (at your option) any later version. |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
18 # |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
19 # This program is distributed in the hope that it will be useful, |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
20 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
22 # GNU General Public License for more details. |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
23 # |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
24 # You should have received a copy of the GNU General Public License |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
25 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
26 |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
27 import logging |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
28 import traceback |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
29 |
| 1692 | 30 from rhodecode.model import BaseModel |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
31 from rhodecode.model.db import UserGroupMember, UserGroup,\ |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
32 UserGroupRepoToPerm, Permission, UserGroupToPerm, User, UserUserGroupToPerm |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
33 from rhodecode.lib.exceptions import UserGroupsAssignedException |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
34 |
| 1593 | 35 log = logging.getLogger(__name__) |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
36 |
|
1716
7d1fc253549e
notification to commit author + gardening
Marcin Kuzminski <marcin@python-works.com>
parents:
1713
diff
changeset
|
37 |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
38 class UserGroupModel(BaseModel): |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
39 |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
40 cls = UserGroup |
|
2524
9d4b80743a2a
New repo model create function
Marcin Kuzminski <marcin@python-works.com>
parents:
2522
diff
changeset
|
41 |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
42 def _get_user_group(self, users_group): |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
43 return self._get_instance(UserGroup, users_group, |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
44 callback=UserGroup.get_by_group_name) |
|
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
45 |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
46 def _create_default_perms(self, user_group): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
47 # create default permission |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
48 default_perm = 'usergroup.read' |
|
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
49 def_user = User.get_default_user() |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
50 for p in def_user.user_perms: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
51 if p.permission.permission_name.startswith('usergroup.'): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
52 default_perm = p.permission.permission_name |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
53 break |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
54 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
55 user_group_to_perm = UserUserGroupToPerm() |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
56 user_group_to_perm.permission = Permission.get_by_key(default_perm) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
57 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
58 user_group_to_perm.user_group = user_group |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
59 user_group_to_perm.user_id = def_user.user_id |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
60 return user_group_to_perm |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
61 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
62 def _update_permissions(self, user_group, perms_new=None, |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
63 perms_updates=None): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
64 if not perms_new: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
65 perms_new = [] |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
66 if not perms_updates: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
67 perms_updates = [] |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
68 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
69 # update permissions |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
70 for member, perm, member_type in perms_updates: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
71 if member_type == 'user': |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
72 # this updates existing one |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
73 self.grant_user_permission( |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
74 user_group=user_group, user=member, perm=perm |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
75 ) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
76 else: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
77 self.grant_users_group_permission( |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
78 user_group=user_group, group_name=member, perm=perm |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
79 ) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
80 # set new permissions |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
81 for member, perm, member_type in perms_new: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
82 if member_type == 'user': |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
83 self.grant_user_permission( |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
84 user_group=user_group, user=member, perm=perm |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
85 ) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
86 else: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
87 self.grant_users_group_permission( |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
88 user_group=user_group, group_name=member, perm=perm |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
89 ) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
90 |
|
1716
7d1fc253549e
notification to commit author + gardening
Marcin Kuzminski <marcin@python-works.com>
parents:
1713
diff
changeset
|
91 def get(self, users_group_id, cache=False): |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
92 return UserGroup.get(users_group_id) |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
93 |
|
2522
17893d61792a
Added associated classes into child models
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
94 def get_group(self, users_group): |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
95 return self._get_user_group(users_group) |
|
2522
17893d61792a
Added associated classes into child models
Marcin Kuzminski <marcin@python-works.com>
parents:
2432
diff
changeset
|
96 |
|
1716
7d1fc253549e
notification to commit author + gardening
Marcin Kuzminski <marcin@python-works.com>
parents:
1713
diff
changeset
|
97 def get_by_name(self, name, cache=False, case_insensitive=False): |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
98 return UserGroup.get_by_group_name(name, cache, case_insensitive) |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
99 |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
100 def create(self, name, owner, active=True): |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
101 try: |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
102 new_user_group = UserGroup() |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
103 new_user_group.user = self._get_user(owner) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
104 new_user_group.users_group_name = name |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
105 new_user_group.users_group_active = active |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
106 self.sa.add(new_user_group) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
107 perm_obj = self._create_default_perms(new_user_group) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
108 self.sa.add(perm_obj) |
|
3737
46b17730ca32
implemented usergroup permissions checks.
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
109 |
|
46b17730ca32
implemented usergroup permissions checks.
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
110 self.grant_user_permission(user_group=new_user_group, |
|
46b17730ca32
implemented usergroup permissions checks.
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
111 user=owner, perm='usergroup.admin') |
|
46b17730ca32
implemented usergroup permissions checks.
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
112 |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
113 return new_user_group |
|
3631
10b4e34841a4
Don't catch all exceptions
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
114 except Exception: |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
115 log.error(traceback.format_exc()) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
116 raise |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
117 |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
118 def update(self, users_group, form_data): |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
119 |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
120 try: |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
121 users_group = self._get_user_group(users_group) |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
122 |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
123 for k, v in form_data.items(): |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
124 if k == 'users_group_members': |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
125 users_group.members = [] |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
126 self.sa.flush() |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
127 members_list = [] |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
128 if v: |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
129 v = [v] if isinstance(v, basestring) else v |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
130 for u_id in set(v): |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
131 member = UserGroupMember(users_group.users_group_id, u_id) |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
132 members_list.append(member) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
133 setattr(users_group, 'members', members_list) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
134 setattr(users_group, k, v) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
135 |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
136 self.sa.add(users_group) |
|
3631
10b4e34841a4
Don't catch all exceptions
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
137 except Exception: |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
138 log.error(traceback.format_exc()) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
139 raise |
|
1713
54687aa00724
Tests updates, Session refactoring
Marcin Kuzminski <marcin@python-works.com>
parents:
1692
diff
changeset
|
140 |
|
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
141 def delete(self, users_group, force=False): |
|
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
142 """ |
|
3653
4c78a0855a17
Fix 'repos group' - it is 'repository group'
Mads Kiilerich <madski@unity3d.com>
parents:
3631
diff
changeset
|
143 Deletes repository group, unless force flag is used |
|
1982
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
144 raises exception if there are members in that group, else deletes |
|
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
145 group and users |
|
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
146 |
|
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
147 :param users_group: |
|
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
148 :param force: |
|
87f0800abc7b
#227 Initial version of repository groups permissions system
Marcin Kuzminski <marcin@python-works.com>
parents:
1932
diff
changeset
|
149 """ |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
150 try: |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
151 users_group = self._get_user_group(users_group) |
|
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
152 |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
153 # check if this group is not assigned to repo |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
154 assigned_groups = UserGroupRepoToPerm.query()\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
155 .filter(UserGroupRepoToPerm.users_group == users_group).all() |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
156 |
|
3625
260a7a01b054
follow Python conventions for boolean values
Mads Kiilerich <madski@unity3d.com>
parents:
3417
diff
changeset
|
157 if assigned_groups and not force: |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
158 raise UserGroupsAssignedException('RepoGroup assigned to %s' % |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
159 assigned_groups) |
|
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
160 |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
161 self.sa.delete(users_group) |
|
3631
10b4e34841a4
Don't catch all exceptions
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
162 except Exception: |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
163 log.error(traceback.format_exc()) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
164 raise |
|
1713
54687aa00724
Tests updates, Session refactoring
Marcin Kuzminski <marcin@python-works.com>
parents:
1692
diff
changeset
|
165 |
| 1593 | 166 def add_user_to_group(self, users_group, user): |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
167 users_group = self._get_user_group(users_group) |
|
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2078
diff
changeset
|
168 user = self._get_user(user) |
| 1989 | 169 |
|
1589
307ec693bdf2
[API] Create groups needed when creating repo
Nicolas VINOT <aeris@imirhil.fr>
parents:
1587
diff
changeset
|
170 for m in users_group.members: |
|
307ec693bdf2
[API] Create groups needed when creating repo
Nicolas VINOT <aeris@imirhil.fr>
parents:
1587
diff
changeset
|
171 u = m.user |
|
307ec693bdf2
[API] Create groups needed when creating repo
Nicolas VINOT <aeris@imirhil.fr>
parents:
1587
diff
changeset
|
172 if u.user_id == user.user_id: |
| 1989 | 173 return True |
|
1589
307ec693bdf2
[API] Create groups needed when creating repo
Nicolas VINOT <aeris@imirhil.fr>
parents:
1587
diff
changeset
|
174 |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
175 try: |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
176 users_group_member = UserGroupMember() |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
177 users_group_member.user = user |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
178 users_group_member.users_group = users_group |
|
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
179 |
| 1593 | 180 users_group.members.append(users_group_member) |
| 181 user.group_member.append(users_group_member) | |
|
1587
8898a79ac628
Implement all CRUD API operation for repo
Nicolas VINOT <aeris@imirhil.fr>
parents:
1586
diff
changeset
|
182 |
| 1593 | 183 self.sa.add(users_group_member) |
|
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
diff
changeset
|
184 return users_group_member |
|
3631
10b4e34841a4
Don't catch all exceptions
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
185 except Exception: |
| 1593 | 186 log.error(traceback.format_exc()) |
|
1587
8898a79ac628
Implement all CRUD API operation for repo
Nicolas VINOT <aeris@imirhil.fr>
parents:
1586
diff
changeset
|
187 raise |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
188 |
| 1989 | 189 def remove_user_from_group(self, users_group, user): |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
190 users_group = self._get_user_group(users_group) |
|
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2078
diff
changeset
|
191 user = self._get_user(user) |
| 1989 | 192 |
| 193 users_group_member = None | |
| 194 for m in users_group.members: | |
| 195 if m.user.user_id == user.user_id: | |
| 196 # Found this user's membership row | |
| 197 users_group_member = m | |
| 198 break | |
| 199 | |
| 200 if users_group_member: | |
| 201 try: | |
| 202 self.sa.delete(users_group_member) | |
| 203 return True | |
|
3631
10b4e34841a4
Don't catch all exceptions
Marcin Kuzminski <marcin@python-works.com>
parents:
3625
diff
changeset
|
204 except Exception: |
| 1989 | 205 log.error(traceback.format_exc()) |
| 206 raise | |
| 207 else: | |
| 208 # User isn't in that group | |
| 209 return False | |
| 210 | |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
211 def has_perm(self, users_group, perm): |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
212 users_group = self._get_user_group(users_group) |
|
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2078
diff
changeset
|
213 perm = self._get_perm(perm) |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
214 |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
215 return UserGroupToPerm.query()\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
216 .filter(UserGroupToPerm.users_group == users_group)\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
217 .filter(UserGroupToPerm.permission == perm).scalar() is not None |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
218 |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
219 def grant_perm(self, users_group, perm): |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
220 users_group = self._get_user_group(users_group) |
|
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2524
diff
changeset
|
221 perm = self._get_perm(perm) |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
222 |
|
2078
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
1989
diff
changeset
|
223 # if this permission is already granted skip it |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
224 _perm = UserGroupToPerm.query()\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
225 .filter(UserGroupToPerm.users_group == users_group)\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
226 .filter(UserGroupToPerm.permission == perm)\ |
|
2078
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
1989
diff
changeset
|
227 .scalar() |
|
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
1989
diff
changeset
|
228 if _perm: |
|
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
1989
diff
changeset
|
229 return |
|
d4b6c8541bd9
fixes issue when user tried to resubmit same permission into user/user_groups
Marcin Kuzminski <marcin@python-works.com>
parents:
1989
diff
changeset
|
230 |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
231 new = UserGroupToPerm() |
|
1749
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
232 new.users_group = users_group |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
233 new.permission = perm |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
234 self.sa.add(new) |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
235 |
|
8ecc6b8229a5
commit less models
Marcin Kuzminski <marcin@python-works.com>
parents:
1734
diff
changeset
|
236 def revoke_perm(self, users_group, perm): |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
237 users_group = self._get_user_group(users_group) |
|
2432
d3ac7491a5c8
Share common getter functions in base model, and remove duplicated functions from other models
Marcin Kuzminski <marcin@python-works.com>
parents:
2078
diff
changeset
|
238 perm = self._get_perm(perm) |
|
1818
cf51bbfb120e
auto white-space removal
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
239 |
|
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
240 obj = UserGroupToPerm.query()\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
241 .filter(UserGroupToPerm.users_group == users_group)\ |
|
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3410
diff
changeset
|
242 .filter(UserGroupToPerm.permission == perm).scalar() |
|
1932
1cf94aadabdc
fixes issue with initial grant/revoke permissions for users group
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
243 if obj: |
|
1cf94aadabdc
fixes issue with initial grant/revoke permissions for users group
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
244 self.sa.delete(obj) |
|
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
245 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
246 def grant_user_permission(self, user_group, user, perm): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
247 """ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
248 Grant permission for user on given user group, or update |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
249 existing one if found |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
250 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
251 :param user_group: Instance of UserGroup, users_group_id, |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
252 or users_group_name |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
253 :param user: Instance of User, user_id or username |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
254 :param perm: Instance of Permission, or permission_name |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
255 """ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
256 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
257 user_group = self._get_user_group(user_group) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
258 user = self._get_user(user) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
259 permission = self._get_perm(perm) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
260 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
261 # check if we have that permission already |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
262 obj = self.sa.query(UserUserGroupToPerm)\ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
263 .filter(UserUserGroupToPerm.user == user)\ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
264 .filter(UserUserGroupToPerm.user_group == user_group)\ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
265 .scalar() |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
266 if obj is None: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
267 # create new ! |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
268 obj = UserUserGroupToPerm() |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
269 obj.user_group = user_group |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
270 obj.user = user |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
271 obj.permission = permission |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
272 self.sa.add(obj) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
273 log.debug('Granted perm %s to %s on %s' % (perm, user, user_group)) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
274 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
275 def revoke_user_permission(self, user_group, user): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
276 """ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
277 Revoke permission for user on given repository group |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
278 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
279 :param user_group: Instance of ReposGroup, repositories_group_id, |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
280 or repositories_group name |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
281 :param user: Instance of User, user_id or username |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
282 """ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
283 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
284 user_group = self._get_user_group(user_group) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
285 user = self._get_user(user) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
286 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
287 obj = self.sa.query(UserUserGroupToPerm)\ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
288 .filter(UserUserGroupToPerm.user == user)\ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
289 .filter(UserUserGroupToPerm.user_group == user_group)\ |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
290 .scalar() |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
291 if obj: |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
292 self.sa.delete(obj) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
293 log.debug('Revoked perm on %s on %s' % (user_group, user)) |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
294 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
295 def grant_users_group_permission(self, user_group, group_name, perm): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
296 raise NotImplementedError() |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
297 |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
298 def revoke_users_group_permission(self, user_group, group_name): |
|
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3653
diff
changeset
|
299 raise NotImplementedError() |