Mercurial > kallithea
annotate rhodecode/model/user.py @ 1594:9dae92a65e40 beta
fixes #288
- added group management into non admin repo settings form
- fixes also issues with groups after API codes merge
- all tests passes ok.
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 24 Oct 2011 22:40:43 +0200 |
parents | 92a4f7c496a5 |
children | 9353189b7675 b8cde49f5e5b 95c3e33ef32e |
rev | line source |
---|---|
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
1 # -*- coding: utf-8 -*- |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
2 """ |
956
83d35d716a02
started working on issue #56
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
3 rhodecode.model.user |
83d35d716a02
started working on issue #56
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~ |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
5 |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
6 users model for RhodeCode |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
7 |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
8 :created_on: Apr 9, 2010 |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
9 :author: marcink |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
10 :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com> |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
11 :license: GPLv3, see COPYING for more details. |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
12 """ |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # This program is free software: you can redistribute it and/or modify |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
14 # it under the terms of the GNU General Public License as published by |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
15 # the Free Software Foundation, either version 3 of the License, or |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
16 # (at your option) any later version. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
17 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
18 # This program is distributed in the hope that it will be useful, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
21 # GNU General Public License for more details. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
22 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
238
diff
changeset
|
23 # You should have received a copy of the GNU General Public License |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
25 |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
26 import logging |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
27 import traceback |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
28 |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
29 from pylons.i18n.translation import _ |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
30 |
1516
582686d76cb6
fixes #256 fixes non ascii chars problems in base_dn on LDAP user creation
Marcin Kuzminski <marcin@python-works.com>
parents:
1417
diff
changeset
|
31 from rhodecode.lib import safe_unicode |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
32 from rhodecode.model import BaseModel |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
33 from rhodecode.model.caching_query import FromCache |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
34 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \ |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
35 UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
36 from rhodecode.lib.exceptions import DefaultUserException, \ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
37 UserOwnsReposException |
713
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
38 |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
39 from sqlalchemy.exc import DatabaseError |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
40 from rhodecode.lib import generate_api_key |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
41 from sqlalchemy.orm import joinedload |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
42 |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
43 log = logging.getLogger(__name__) |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
44 |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
45 PERM_WEIGHTS = {'repository.none': 0, |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
46 'repository.read': 1, |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
47 'repository.write': 3, |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
48 'repository.admin': 3} |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
49 |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
50 |
752
89b9037d68b7
fixed Example celery config to ampq,
Marcin Kuzminski <marcin@python-works.com>
parents:
750
diff
changeset
|
51 class UserModel(BaseModel): |
1594 | 52 def get(self, user_id, cache=False): |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
53 user = self.sa.query(User) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
54 if cache: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
55 user = user.options(FromCache("sql_cache_short", |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
56 "get_user_%s" % user_id)) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
57 return user.get(user_id) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
58 |
1594 | 59 def get_by_username(self, username, cache=False, case_insensitive=False): |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
60 |
742
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
61 if case_insensitive: |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
62 user = self.sa.query(User).filter(User.username.ilike(username)) |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
63 else: |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
64 user = self.sa.query(User)\ |
1377a9d4bdb9
#78, fixed more reliable case insensitive searches
Marcin Kuzminski <marcin@python-works.com>
parents:
713
diff
changeset
|
65 .filter(User.username == username) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
66 if cache: |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
67 user = user.options(FromCache("sql_cache_short", |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
68 "get_user_%s" % username)) |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
69 return user.scalar() |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
70 |
1594 | 71 def get_by_api_key(self, api_key, cache=False): |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
72 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
73 user = self.sa.query(User)\ |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
74 .filter(User.api_key == api_key) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
75 if cache: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
76 user = user.options(FromCache("sql_cache_short", |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
77 "get_user_%s" % api_key)) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
78 return user.scalar() |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
79 |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
80 def create(self, form_data): |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
81 try: |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
82 new_user = User() |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
83 for k, v in form_data.items(): |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
84 setattr(new_user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
85 |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
86 new_user.api_key = generate_api_key(form_data['username']) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
87 self.sa.add(new_user) |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
88 self.sa.commit() |
1586
2ccb32ddcfd7
Add API for repositories and groups (creation, permission)
Nicolas VINOT <aeris@imirhil.fr>
parents:
1417
diff
changeset
|
89 return new_user |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
90 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
91 log.error(traceback.format_exc()) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
92 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
93 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
94 |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
95 def create_ldap(self, username, password, user_dn, attrs): |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
96 """ |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
97 Checks if user is in database, if not creates this user marked |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
98 as ldap user |
1594 | 99 |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
100 :param username: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
101 :param password: |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
102 :param user_dn: |
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
103 :param attrs: |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
104 """ |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
105 from rhodecode.lib.auth import get_crypt_password |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
106 log.debug('Checking for such ldap account in RhodeCode database') |
1594 | 107 if self.get_by_username(username, case_insensitive=True) is None: |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
108 try: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
109 new_user = User() |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
110 # add ldap account always lowercase |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
111 new_user.username = username.lower() |
750
73c99f45ef2a
fixed security issue when saving ldap user saved plaintext password
Marcin Kuzminski <marcin@python-works.com>
parents:
742
diff
changeset
|
112 new_user.password = get_crypt_password(password) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
113 new_user.api_key = generate_api_key(username) |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
114 new_user.email = attrs['email'] |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
115 new_user.active = True |
1516
582686d76cb6
fixes #256 fixes non ascii chars problems in base_dn on LDAP user creation
Marcin Kuzminski <marcin@python-works.com>
parents:
1417
diff
changeset
|
116 new_user.ldap_dn = safe_unicode(user_dn) |
991
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
117 new_user.name = attrs['name'] |
b232a36cc51f
Improve LDAP authentication
Thayne Harbaugh <thayne@fusionio.com>
parents:
956
diff
changeset
|
118 new_user.lastname = attrs['lastname'] |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
119 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
120 self.sa.add(new_user) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
121 self.sa.commit() |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
122 return True |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
123 except (DatabaseError,): |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
124 log.error(traceback.format_exc()) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
125 self.sa.rollback() |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
126 raise |
761
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
127 log.debug('this %s user exists skipping creation of ldap account', |
56c2850a5b5f
ldap auth rewrite, moved split authfunc into two functions,
Marcin Kuzminski <marcin@python-works.com>
parents:
752
diff
changeset
|
128 username) |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
129 return False |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
130 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
131 def create_registration(self, form_data): |
689
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
132 from rhodecode.lib.celerylib import tasks, run_task |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
133 try: |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
134 new_user = User() |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
135 for k, v in form_data.items(): |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
371
diff
changeset
|
136 if k != 'admin': |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
137 setattr(new_user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
138 |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
139 self.sa.add(new_user) |
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
140 self.sa.commit() |
689
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
141 body = ('New user registration\n' |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
142 'username: %s\n' |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
143 'email: %s\n') |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
144 body = body % (form_data['username'], form_data['email']) |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
145 |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
146 run_task(tasks.send_email, None, |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
147 _('[RhodeCode] New User registration'), |
ecc566f8b69f
fixes #59, notifications for user registrations + some changes to mailer
Marcin Kuzminski <marcin@python-works.com>
parents:
686
diff
changeset
|
148 body) |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
149 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
150 log.error(traceback.format_exc()) |
363
98abf8953b87
Added user registration, changed login url schema, moved it into _admin/ for safety
Marcin Kuzminski <marcin@python-works.com>
parents:
347
diff
changeset
|
151 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
152 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
153 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
154 def update(self, user_id, form_data): |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
155 try: |
1594 | 156 user = self.get(user_id, cache=False) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
157 if user.username == 'default': |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
158 raise DefaultUserException( |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
159 _("You can't Edit this user since it's" |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
160 " crucial for entire application")) |
713
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
161 |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
162 for k, v in form_data.items(): |
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
163 if k == 'new_password' and v != '': |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
164 user.password = v |
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
165 user.api_key = generate_api_key(user.username) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
166 else: |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
167 setattr(user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
168 |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
169 self.sa.add(user) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
170 self.sa.commit() |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
171 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
172 log.error(traceback.format_exc()) |
238
a55c17874486
Rewrite of user managment, improved forms, added some user info
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
173 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
174 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
175 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
176 def update_my_account(self, user_id, form_data): |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
177 try: |
1594 | 178 user = self.get(user_id, cache=False) |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
179 if user.username == 'default': |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
180 raise DefaultUserException( |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
181 _("You can't Edit this user since it's" |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
182 " crucial for entire application")) |
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
183 for k, v in form_data.items(): |
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
184 if k == 'new_password' and v != '': |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
185 user.password = v |
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
186 user.api_key = generate_api_key(user.username) |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
187 else: |
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
188 if k not in ['admin', 'active']: |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
189 setattr(user, k, v) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
190 |
1116
716911af91e1
Added api_key into user, api key get's generated again after password change
Marcin Kuzminski <marcin@python-works.com>
parents:
991
diff
changeset
|
191 self.sa.add(user) |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
192 self.sa.commit() |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
193 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
194 log.error(traceback.format_exc()) |
371
5cd6616b8673
routes python 2.5 compatible
Marcin Kuzminski <marcin@python-works.com>
parents:
363
diff
changeset
|
195 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
196 raise |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
197 |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
198 def delete(self, user_id): |
265
0e5455fda8fd
Implemented basic repository managment. Implemented repo2db mappings, model, helpers updates and code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
199 try: |
1594 | 200 user = self.get(user_id, cache=False) |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
201 if user.username == 'default': |
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
202 raise DefaultUserException( |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
203 _("You can't remove this user since it's" |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
204 " crucial for entire application")) |
713
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
205 if user.repositories: |
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
206 raise UserOwnsReposException(_('This user still owns %s ' |
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
207 'repositories and cannot be ' |
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
208 'removed. Switch owners or ' |
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
209 'remove those repositories') \ |
1bb0fcdec895
fixed #72 show warning on removal when user still is owner of existing repositories
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
210 % user.repositories) |
314
0d26d46bd370
protected againts changing default user.
Marcin Kuzminski <marcin@python-works.com>
parents:
265
diff
changeset
|
211 self.sa.delete(user) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
212 self.sa.commit() |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
213 except: |
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
214 log.error(traceback.format_exc()) |
265
0e5455fda8fd
Implemented basic repository managment. Implemented repo2db mappings, model, helpers updates and code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
215 self.sa.rollback() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
216 raise |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
217 |
1417
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
218 def reset_password_link(self, data): |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
219 from rhodecode.lib.celerylib import tasks, run_task |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
220 run_task(tasks.send_password_link, data['email']) |
5875955def39
fixes #223 improve password reset form
Marcin Kuzminski <marcin@python-works.com>
parents:
1270
diff
changeset
|
221 |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
222 def reset_password(self, data): |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
223 from rhodecode.lib.celerylib import tasks, run_task |
474
a3d9d24acbec
Implemented password reset(forms/models/ tasks) and mailing tasks.
Marcin Kuzminski <marcin@python-works.com>
parents:
442
diff
changeset
|
224 run_task(tasks.reset_user_password, data['email']) |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
225 |
1594 | 226 def fill_data(self, auth_user, user_id=None, api_key=None): |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
227 """ |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
228 Fetches auth_user by user_id,or api_key if present. |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
229 Fills auth_user attributes with those taken from database. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
230 Additionally set's is_authenitated if lookup fails |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
231 present in database |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
232 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
233 :param auth_user: instance of user to set attributes |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
234 :param user_id: user id to fetch by |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
235 :param api_key: api key to fetch by |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
236 """ |
1120
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
237 if user_id is None and api_key is None: |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
238 raise Exception('You need to pass user_id or api_key') |
686
ff6a8196ebfe
fixed anonymous access bug.
Marcin Kuzminski <marcin@python-works.com>
parents:
673
diff
changeset
|
239 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
240 try: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
241 if api_key: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
242 dbuser = self.get_by_api_key(api_key) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
243 else: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
244 dbuser = self.get(user_id) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
245 |
1120
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
246 if dbuser is not None: |
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
247 log.debug('filling %s data', dbuser) |
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
248 for k, v in dbuser.get_dict().items(): |
a8d759613d8f
fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal
Marcin Kuzminski <marcin@python-works.com>
parents:
1117
diff
changeset
|
249 setattr(auth_user, k, v) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
250 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
251 except: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
252 log.error(traceback.format_exc()) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
253 auth_user.is_authenticated = False |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
254 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
255 return auth_user |
686
ff6a8196ebfe
fixed anonymous access bug.
Marcin Kuzminski <marcin@python-works.com>
parents:
673
diff
changeset
|
256 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
257 def fill_perms(self, user): |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
258 """ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
259 Fills user permission attribute with permissions taken from database |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
260 works for permissions given for repositories, and for permissions that |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
261 are granted to groups |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
262 |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
263 :param user: user instance to fill his perms |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
264 """ |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
265 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
266 user.permissions['repositories'] = {} |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
267 user.permissions['global'] = set() |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
268 |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
269 #====================================================================== |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
270 # fetch default permissions |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
271 #====================================================================== |
1594 | 272 default_user = self.get_by_username('default', cache=True) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
273 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
274 default_perms = self.sa.query(RepoToPerm, Repository, Permission)\ |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
275 .join((Repository, RepoToPerm.repository_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
276 Repository.repo_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
277 .join((Permission, RepoToPerm.permission_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
278 Permission.permission_id))\ |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
279 .filter(RepoToPerm.user == default_user).all() |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
280 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
281 if user.is_admin: |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
282 #================================================================== |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
283 # #admin have all default rights set to admin |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
284 #================================================================== |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
285 user.permissions['global'].add('hg.admin') |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
286 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
287 for perm in default_perms: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
288 p = 'repository.admin' |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
289 user.permissions['repositories'][perm.RepoToPerm. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
290 repository.repo_name] = p |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
291 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
292 else: |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
293 #================================================================== |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
294 # set default permissions |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
295 #================================================================== |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
296 uid = user.user_id |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
297 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
298 #default global |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
299 default_global_perms = self.sa.query(UserToPerm)\ |
1270
49872ed3227a
removed extra query for default user
Marcin Kuzminski <marcin@python-works.com>
parents:
1269
diff
changeset
|
300 .filter(UserToPerm.user == default_user) |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
301 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
302 for perm in default_global_perms: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
303 user.permissions['global'].add(perm.permission.permission_name) |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
304 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
305 #default for repositories |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
306 for perm in default_perms: |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
307 if perm.Repository.private and not (perm.Repository.user_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
308 uid): |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
309 #diself.sable defaults for private repos, |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
310 p = 'repository.none' |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
311 elif perm.Repository.user_id == uid: |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
312 #set admin if owner |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
313 p = 'repository.admin' |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
314 else: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
315 p = perm.Permission.permission_name |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
316 |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
317 user.permissions['repositories'][perm.RepoToPerm. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
318 repository.repo_name] = p |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
319 |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
320 #================================================================== |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
321 # overwrite default with user permissions if any |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
322 #================================================================== |
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
323 |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
324 #user global |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
325 user_perms = self.sa.query(UserToPerm)\ |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
326 .options(joinedload(UserToPerm.permission))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
327 .filter(UserToPerm.user_id == uid).all() |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
328 |
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
329 for perm in user_perms: |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
330 user.permissions['global'].add(perm.permission. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
331 permission_name) |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
332 |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
333 #user repositories |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
334 user_repo_perms = self.sa.query(RepoToPerm, Permission, |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
335 Repository)\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
336 .join((Repository, RepoToPerm.repository_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
337 Repository.repo_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
338 .join((Permission, RepoToPerm.permission_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
339 Permission.permission_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
340 .filter(RepoToPerm.user_id == uid).all() |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
341 |
1267
d534aff5e82a
user defined permission will update the global permissions, and overwrite default settings.
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
342 for perm in user_repo_perms: |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
343 # set admin if owner |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
344 if perm.Repository.user_id == uid: |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
345 p = 'repository.admin' |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
346 else: |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
347 p = perm.Permission.permission_name |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
348 user.permissions['repositories'][perm.RepoToPerm. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
349 repository.repo_name] = p |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
350 |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
351 #================================================================== |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
1120
diff
changeset
|
352 # check if user is part of groups for this repository and fill in |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
353 # (or replace with higher) permissions |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
354 #================================================================== |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
355 |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
356 #users group global |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
357 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
358 .options(joinedload(UsersGroupToPerm.permission))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
359 .join((UsersGroupMember, UsersGroupToPerm.users_group_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
360 UsersGroupMember.users_group_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
361 .filter(UsersGroupMember.user_id == uid).all() |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
362 |
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
363 for perm in user_perms_from_users_groups: |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
364 user.permissions['global'].add(perm.permission.permission_name) |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
365 |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
366 #users group repositories |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
367 user_repo_perms_from_users_groups = self.sa.query( |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
368 UsersGroupRepoToPerm, |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
369 Permission, Repository,)\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
370 .join((Repository, UsersGroupRepoToPerm.repository_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
371 Repository.repo_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
372 .join((Permission, UsersGroupRepoToPerm.permission_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
373 Permission.permission_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
374 .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id == |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
375 UsersGroupMember.users_group_id))\ |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
376 .filter(UsersGroupMember.user_id == uid).all() |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
377 |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
378 for perm in user_repo_perms_from_users_groups: |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
379 p = perm.Permission.permission_name |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
380 cur_perm = user.permissions['repositories'][perm. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
381 UsersGroupRepoToPerm. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
382 repository.repo_name] |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
383 #overwrite permission only if it's greater than permission |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
384 # given from other sources |
1117
6eb5bb24a948
Major rewrite of auth objects. Moved parts of filling user data into user model.
Marcin Kuzminski <marcin@python-works.com>
parents:
1116
diff
changeset
|
385 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: |
1269
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
386 user.permissions['repositories'][perm.UsersGroupRepoToPerm. |
2e7f21429316
tries to fix issue #177 by fallback to user.user_id instead of fetching from db, user.user_id
Marcin Kuzminski <marcin@python-works.com>
parents:
1267
diff
changeset
|
387 repository.repo_name] = p |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
388 |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
629
diff
changeset
|
389 return user |
1594 | 390 |