kallithea: rhodecode/model/permission.py annotate

annotate rhodecode/model/permission.py @ 692:cb0d9ce6ac5c beta

#50 on point cache invalidation changes. Created cacheInvalidation table cleaned up sa sessions from models, since it wasn't really needed.

author	Marcin Kuzminski <marcin@python-works.com>
date	Mon, 15 Nov 2010 02:26:19 +0100
parents	rhodecode/model/permission_model.py@dd532af216d9
children	9e9f1b919c0c

rev	line source
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	1 #!/usr/bin/env python
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	2 # encoding: utf-8
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	3 # Model for permissions
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	5
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	6 # This program is free software; you can redistribute it and/or
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	7 # modify it under the terms of the GNU General Public License
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	8 # as published by the Free Software Foundation; version 2
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	9 # of the License or (at your opinion) any later version of the license.
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	10 #
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	11 # This program is distributed in the hope that it will be useful,
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	14 # GNU General Public License for more details.
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	15 #
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	16 # You should have received a copy of the GNU General Public License
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	17 # along with this program; if not, write to the Free Software
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	19 # MA 02110-1301, USA.
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	20 """
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	21 Created on Aug 20, 2010
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	22 Model for permissions
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	23 @author: marcink
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	24 """
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	25
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 418 diff changeset	26 from rhodecode.model.db import User, Permission, UserToPerm, RepoToPerm
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	27 from rhodecode.model.caching_query import FromCache
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 418 diff changeset	28 from rhodecode.model.meta import Session
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	29 import logging
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	30 import traceback
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	31 log = logging.getLogger(__name__)
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	32
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	33
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	34 class PermissionModel(object):
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	35
692 cb0d9ce6ac5c #50 on point cache invalidation changes. Marcin Kuzminski <marcin@python-works.com> parents: 673 diff changeset	36 def __init__(self):
cb0d9ce6ac5c #50 on point cache invalidation changes. Marcin Kuzminski <marcin@python-works.com> parents: 673 diff changeset	37 self.sa = Session()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	38
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	39 def get_permission(self, permission_id, cache=False):
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	40 perm = self.sa.query(Permission)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	41 if cache:
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	42 perm = perm.options(FromCache("sql_cache_short",
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	43 "get_permission_%s" % permission_id))
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	44 return perm.get(permission_id)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	45
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	46 def get_permission_by_name(self, name, cache=False):
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	47 perm = self.sa.query(Permission)\
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	48 .filter(Permission.permission_name == name)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	49 if cache:
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	50 perm = perm.options(FromCache("sql_cache_short",
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	51 "get_permission_%s" % name))
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	52 return perm.scalar()
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	53
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	54 def update(self, form_result):
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	55 perm_user = self.sa.query(User)\
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	56 .filter(User.username == form_result['perm_user_name']).scalar()
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	57 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all()
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	58 if len(u2p) != 3:
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	59 raise Exception('Defined: %s should be 3 permissions for default'
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	60 ' user. This should not happen please verify'
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	61 ' your database' % len(u2p))
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	62
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	63 try:
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	64 #stage 1 change defaults
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	65 for p in u2p:
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	66 if p.permission.permission_name.startswith('repository.'):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	67 p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	68 form_result['default_perm'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	69 self.sa.add(p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	70
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	71 if p.permission.permission_name.startswith('hg.register.'):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	72 p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	73 form_result['default_register'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	74 self.sa.add(p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	75
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	76 if p.permission.permission_name.startswith('hg.create.'):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	77 p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	78 form_result['default_create'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	79 self.sa.add(p)
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	80 #stage 2 update all default permissions for repos if checked
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	81 if form_result['overwrite_default'] == 'true':
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	82 for r2p in self.sa.query(RepoToPerm)\
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	83 .filter(RepoToPerm.user == perm_user).all():
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	84 r2p.permission = self.get_permission_by_name(
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	85 form_result['default_perm'])
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	86 self.sa.add(r2p)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	87
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	88 #stage 3 set anonymous access
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	89 if perm_user.username == 'default':
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	90 perm_user.active = bool(form_result['anonymous'])
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	91 self.sa.add(perm_user)
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	92
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	93
418 63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	94 self.sa.commit()
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	95 except:
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	96 log.error(traceback.format_exc())
63c697d1a631 added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository Marcin Kuzminski <marcin@python-works.com> parents: 417 diff changeset	97 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	98 raise
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	99
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	100
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	101
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	102
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	103

Mercurial > kallithea

annotate rhodecode/model/permission.py @ 692:cb0d9ce6ac5c beta