kallithea: rhodecode/model/user.py annotate

annotate rhodecode/model/user.py @ 1267:d534aff5e82a beta

user defined permission will update the global permissions, and overwrite default settings.

author	Marcin Kuzminski <marcin@python-works.com>
date	Mon, 18 Apr 2011 20:55:37 +0200
parents	a671db5bdd58
children	2e7f21429316

rev	line source
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	1 # -- coding: utf-8 --
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	2 """
956 83d35d716a02 started working on issue #56 Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	3 rhodecode.model.user
83d35d716a02 started working on issue #56 Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	4 ~~~~~~~~~~~~~~~~~~~~
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	5
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	6 users model for RhodeCode
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	7
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	8 :created_on: Apr 9, 2010
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	9 :author: marcink
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	10 :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	11 :license: GPLv3, see COPYING for more details.
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	12 """
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	13 # This program is free software: you can redistribute it and/or modify
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	14 # it under the terms of the GNU General Public License as published by
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	15 # the Free Software Foundation, either version 3 of the License, or
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	16 # (at your option) any later version.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	17 #
252 3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 238 diff changeset	18 # This program is distributed in the hope that it will be useful,
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 238 diff changeset	19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 238 diff changeset	20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 238 diff changeset	21 # GNU General Public License for more details.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	22 #
252 3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 238 diff changeset	23 # You should have received a copy of the GNU General Public License
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
750 73c99f45ef2a fixed security issue when saving ldap user saved plaintext password Marcin Kuzminski <marcin@python-works.com> parents: 742 diff changeset	25
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	26 import logging
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	27 import traceback
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	28
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	29 from pylons.i18n.translation import _
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	30
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	31 from rhodecode.model import BaseModel
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	32 from rhodecode.model.caching_query import FromCache
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	33 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	34 UserToPerm, UsersGroupToPerm, UsersGroupMember
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	35 from rhodecode.lib.exceptions import DefaultUserException, UserOwnsReposException
713 1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	36
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	37 from sqlalchemy.exc import DatabaseError
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	38 from rhodecode.lib import generate_api_key
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	39
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	40 log = logging.getLogger(__name__)
314 0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	41
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	42
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	43 PERM_ = ''
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	44
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	45 PERM_WEIGHTS = {'repository.none':0,
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	46 'repository.read':1,
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	47 'repository.write':3,
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	48 'repository.admin':3}
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	49
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	50
752 89b9037d68b7 fixed Example celery config to ampq, Marcin Kuzminski <marcin@python-works.com> parents: 750 diff changeset	51 class UserModel(BaseModel):
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	52
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	53 def get(self, user_id, cache=False):
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	54 user = self.sa.query(User)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	55 if cache:
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	56 user = user.options(FromCache("sql_cache_short",
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	57 "get_user_%s" % user_id))
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	58 return user.get(user_id)
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	59
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	60
742 1377a9d4bdb9 #78, fixed more reliable case insensitive searches Marcin Kuzminski <marcin@python-works.com> parents: 713 diff changeset	61 def get_by_username(self, username, cache=False, case_insensitive=False):
750 73c99f45ef2a fixed security issue when saving ldap user saved plaintext password Marcin Kuzminski <marcin@python-works.com> parents: 742 diff changeset	62
742 1377a9d4bdb9 #78, fixed more reliable case insensitive searches Marcin Kuzminski <marcin@python-works.com> parents: 713 diff changeset	63 if case_insensitive:
1377a9d4bdb9 #78, fixed more reliable case insensitive searches Marcin Kuzminski <marcin@python-works.com> parents: 713 diff changeset	64 user = self.sa.query(User).filter(User.username.ilike(username))
1377a9d4bdb9 #78, fixed more reliable case insensitive searches Marcin Kuzminski <marcin@python-works.com> parents: 713 diff changeset	65 else:
1377a9d4bdb9 #78, fixed more reliable case insensitive searches Marcin Kuzminski <marcin@python-works.com> parents: 713 diff changeset	66 user = self.sa.query(User)\
1377a9d4bdb9 #78, fixed more reliable case insensitive searches Marcin Kuzminski <marcin@python-works.com> parents: 713 diff changeset	67 .filter(User.username == username)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	68 if cache:
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	69 user = user.options(FromCache("sql_cache_short",
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	70 "get_user_%s" % username))
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	71 return user.scalar()
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	72
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	73
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	74 def get_by_api_key(self, api_key, cache=False):
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	75
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	76 user = self.sa.query(User)\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	77 .filter(User.api_key == api_key)
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	78 if cache:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	79 user = user.options(FromCache("sql_cache_short",
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	80 "get_user_%s" % api_key))
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	81 return user.scalar()
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	82
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	83 def create(self, form_data):
a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	84 try:
a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	85 new_user = User()
a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	86 for k, v in form_data.items():
a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	87 setattr(new_user, k, v)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	88
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	89 new_user.api_key = generate_api_key(form_data['username'])
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	90 self.sa.add(new_user)
a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	91 self.sa.commit()
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	92 except:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	93 log.error(traceback.format_exc())
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	94 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	95 raise
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	96
991 b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	97 def create_ldap(self, username, password, user_dn, attrs):
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	98 """
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	99 Checks if user is in database, if not creates this user marked
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	100 as ldap user
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	101 :param username:
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	102 :param password:
991 b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	103 :param user_dn:
b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	104 :param attrs:
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	105 """
750 73c99f45ef2a fixed security issue when saving ldap user saved plaintext password Marcin Kuzminski <marcin@python-works.com> parents: 742 diff changeset	106 from rhodecode.lib.auth import get_crypt_password
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	107 log.debug('Checking for such ldap account in RhodeCode database')
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	108 if self.get_by_username(username, case_insensitive=True) is None:
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	109 try:
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	110 new_user = User()
991 b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	111 new_user.username = username.lower() # add ldap account always lowercase
750 73c99f45ef2a fixed security issue when saving ldap user saved plaintext password Marcin Kuzminski <marcin@python-works.com> parents: 742 diff changeset	112 new_user.password = get_crypt_password(password)
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	113 new_user.api_key = generate_api_key(username)
991 b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	114 new_user.email = attrs['email']
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	115 new_user.active = True
991 b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	116 new_user.ldap_dn = user_dn
b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	117 new_user.name = attrs['name']
b232a36cc51f Improve LDAP authentication Thayne Harbaugh <thayne@fusionio.com> parents: 956 diff changeset	118 new_user.lastname = attrs['lastname']
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	119
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	120
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	121 self.sa.add(new_user)
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	122 self.sa.commit()
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	123 return True
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	124 except (DatabaseError,):
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	125 log.error(traceback.format_exc())
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	126 self.sa.rollback()
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	127 raise
761 56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	128 log.debug('this %s user exists skipping creation of ldap account',
56c2850a5b5f ldap auth rewrite, moved split authfunc into two functions, Marcin Kuzminski <marcin@python-works.com> parents: 752 diff changeset	129 username)
705 9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	130 return False
9e9f1b919c0c implements #60, ldap configuration and authentication. Marcin Kuzminski <marcin@python-works.com> parents: 692 diff changeset	131
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	132 def create_registration(self, form_data):
689 ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	133 from rhodecode.lib.celerylib import tasks, run_task
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	134 try:
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	135 new_user = User()
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	136 for k, v in form_data.items():
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 371 diff changeset	137 if k != 'admin':
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	138 setattr(new_user, k, v)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	139
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	140 self.sa.add(new_user)
98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	141 self.sa.commit()
689 ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	142 body = ('New user registration\n'
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	143 'username: %s\n'
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	144 'email: %s\n')
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	145 body = body % (form_data['username'], form_data['email'])
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	146
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	147 run_task(tasks.send_email, None,
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	148 _('[RhodeCode] New User registration'),
ecc566f8b69f fixes #59, notifications for user registrations + some changes to mailer Marcin Kuzminski <marcin@python-works.com> parents: 686 diff changeset	149 body)
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	150 except:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	151 log.error(traceback.format_exc())
363 98abf8953b87 Added user registration, changed login url schema, moved it into _admin/ for safety Marcin Kuzminski <marcin@python-works.com> parents: 347 diff changeset	152 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	153 raise
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	154
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	155 def update(self, user_id, form_data):
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	156 try:
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	157 user = self.get(user_id, cache=False)
716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	158 if user.username == 'default':
314 0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	159 raise DefaultUserException(
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	160 _("You can't Edit this user since it's"
314 0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	161 " crucial for entire application"))
713 1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	162
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	163 for k, v in form_data.items():
a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	164 if k == 'new_password' and v != '':
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	165 user.password = v
716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	166 user.api_key = generate_api_key(user.username)
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	167 else:
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	168 setattr(user, k, v)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	169
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	170 self.sa.add(user)
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	171 self.sa.commit()
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	172 except:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	173 log.error(traceback.format_exc())
238 a55c17874486 Rewrite of user managment, improved forms, added some user info Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	174 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	175 raise
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	176
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	177 def update_my_account(self, user_id, form_data):
371 5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	178 try:
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	179 user = self.get(user_id, cache=False)
716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	180 if user.username == 'default':
371 5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	181 raise DefaultUserException(
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	182 _("You can't Edit this user since it's"
371 5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	183 " crucial for entire application"))
5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	184 for k, v in form_data.items():
5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	185 if k == 'new_password' and v != '':
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	186 user.password = v
716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	187 user.api_key = generate_api_key(user.username)
371 5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	188 else:
5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	189 if k not in ['admin', 'active']:
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	190 setattr(user, k, v)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	191
1116 716911af91e1 Added api_key into user, api key get's generated again after password change Marcin Kuzminski <marcin@python-works.com> parents: 991 diff changeset	192 self.sa.add(user)
371 5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	193 self.sa.commit()
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	194 except:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	195 log.error(traceback.format_exc())
371 5cd6616b8673 routes python 2.5 compatible Marcin Kuzminski <marcin@python-works.com> parents: 363 diff changeset	196 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	197 raise
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	198
7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	199 def delete(self, user_id):
265 0e5455fda8fd Implemented basic repository managment. Implemented repo2db mappings, model, helpers updates and code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	200 try:
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	201 user = self.get(user_id, cache=False)
314 0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	202 if user.username == 'default':
0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	203 raise DefaultUserException(
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	204 _("You can't remove this user since it's"
314 0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	205 " crucial for entire application"))
713 1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	206 if user.repositories:
1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	207 raise UserOwnsReposException(_('This user still owns %s '
1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	208 'repositories and cannot be '
1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	209 'removed. Switch owners or '
1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	210 'remove those repositories') \
1bb0fcdec895 fixed #72 show warning on removal when user still is owner of existing repositories Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	211 % user.repositories)
314 0d26d46bd370 protected againts changing default user. Marcin Kuzminski <marcin@python-works.com> parents: 265 diff changeset	212 self.sa.delete(user)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	213 self.sa.commit()
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	214 except:
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	215 log.error(traceback.format_exc())
265 0e5455fda8fd Implemented basic repository managment. Implemented repo2db mappings, model, helpers updates and code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	216 self.sa.rollback()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	217 raise
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	218
a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	219 def reset_password(self, data):
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 547 diff changeset	220 from rhodecode.lib.celerylib import tasks, run_task
474 a3d9d24acbec Implemented password reset(forms/models/ tasks) and mailing tasks. Marcin Kuzminski <marcin@python-works.com> parents: 442 diff changeset	221 run_task(tasks.reset_user_password, data['email'])
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	222
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	223
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	224 def fill_data(self, auth_user, user_id=None, api_key=None):
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	225 """
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	226 Fetches auth_user by user_id,or api_key if present.
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	227 Fills auth_user attributes with those taken from database.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	228 Additionally set's is_authenitated if lookup fails
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	229 present in database
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	230
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	231 :param auth_user: instance of user to set attributes
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	232 :param user_id: user id to fetch by
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	233 :param api_key: api key to fetch by
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	234 """
1120 a8d759613d8f fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal Marcin Kuzminski <marcin@python-works.com> parents: 1117 diff changeset	235 if user_id is None and api_key is None:
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	236 raise Exception('You need to pass user_id or api_key')
686 ff6a8196ebfe fixed anonymous access bug. Marcin Kuzminski <marcin@python-works.com> parents: 673 diff changeset	237
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	238 try:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	239 if api_key:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	240 dbuser = self.get_by_api_key(api_key)
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	241 else:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	242 dbuser = self.get(user_id)
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	243
1120 a8d759613d8f fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal Marcin Kuzminski <marcin@python-works.com> parents: 1117 diff changeset	244 if dbuser is not None:
a8d759613d8f fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal Marcin Kuzminski <marcin@python-works.com> parents: 1117 diff changeset	245 log.debug('filling %s data', dbuser)
a8d759613d8f fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal Marcin Kuzminski <marcin@python-works.com> parents: 1117 diff changeset	246 for k, v in dbuser.get_dict().items():
a8d759613d8f fixed some bugs in api key auth, added access by api key into rss/atom feeds in global journal Marcin Kuzminski <marcin@python-works.com> parents: 1117 diff changeset	247 setattr(auth_user, k, v)
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	248
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	249 except:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	250 log.error(traceback.format_exc())
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	251 auth_user.is_authenticated = False
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	252
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	253 return auth_user
686 ff6a8196ebfe fixed anonymous access bug. Marcin Kuzminski <marcin@python-works.com> parents: 673 diff changeset	254
ff6a8196ebfe fixed anonymous access bug. Marcin Kuzminski <marcin@python-works.com> parents: 673 diff changeset	255
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	256 def fill_perms(self, user):
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	257 """Fills user permission attribute with permissions taken from database
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	258 works for permissions given for repositories, and for permissions that
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	259 as part of beeing group member
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	260
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	261 :param user: user instance to fill his perms
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	262 """
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	263
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	264 user.permissions['repositories'] = {}
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	265 user.permissions['global'] = set()
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	266
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	267 #======================================================================
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	268 # fetch default permissions
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	269 #======================================================================
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	270 default_user = self.get_by_username('default', cache=True)
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	271
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	272 default_perms = self.sa.query(RepoToPerm, Repository, Permission)\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	273 .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	274 .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	275 .filter(RepoToPerm.user == default_user).all()
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	276
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	277 if user.is_admin:
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	278 #==================================================================
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	279 # #admin have all default rights set to admin
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	280 #==================================================================
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	281 user.permissions['global'].add('hg.admin')
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	282
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	283 for perm in default_perms:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	284 p = 'repository.admin'
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	285 user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	286
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	287 else:
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	288 #==================================================================
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	289 # set default permissions
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	290 #==================================================================
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	291
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	292 #default global
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	293 default_global_perms = self.sa.query(UserToPerm)\
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	294 .filter(UserToPerm.user == User.by_username('default'))
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	295
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	296 for perm in default_global_perms:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	297 user.permissions['global'].add(perm.permission.permission_name)
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	298
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	299 #default for repositories
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	300 for perm in default_perms:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	301 if perm.Repository.private and not perm.Repository.user_id == user.user_id:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	302 #diself.sable defaults for private repos,
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	303 p = 'repository.none'
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	304 elif perm.Repository.user_id == user.user_id:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	305 #set admin if owner
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	306 p = 'repository.admin'
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	307 else:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	308 p = perm.Permission.permission_name
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	309
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	310 user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	311
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	312 #==================================================================
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	313 # overwrite default with user permissions if any
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	314 #==================================================================
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	315
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	316 user_perms = self.sa.query(UserToPerm)\
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	317 .filter(UserToPerm.user ==
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	318 User.get(user.user_id)).all()
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	319
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	320 for perm in user_perms:
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	321 user.permissions['global'].add(perm.permission.permission_name)
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	322
d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	323 user_repo_perms = self.sa.query(RepoToPerm, Permission, Repository)\
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	324 .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	325 .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	326 .filter(RepoToPerm.user_id == user.user_id).all()
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	327
1267 d534aff5e82a user defined permission will update the global permissions, and overwrite default settings. Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	328 for perm in user_repo_perms:
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	329 if perm.Repository.user_id == user.user_id:#set admin if owner
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	330 p = 'repository.admin'
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	331 else:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	332 p = perm.Permission.permission_name
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	333 user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	334
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	335
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	336 #=======================================================================
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 1120 diff changeset	337 # check if user is part of groups for this repository and fill in
1117 6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	338 # (or replace with higher) permissions
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	339 #=======================================================================
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	340 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm, Permission, Repository,)\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	341 .join((Repository, UsersGroupToPerm.repository_id == Repository.repo_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	342 .join((Permission, UsersGroupToPerm.permission_id == Permission.permission_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	343 .join((UsersGroupMember, UsersGroupToPerm.users_group_id == UsersGroupMember.users_group_id))\
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	344 .filter(UsersGroupMember.user_id == user.user_id).all()
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	345
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	346 for perm in user_perms_from_users_groups:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	347 p = perm.Permission.permission_name
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	348 cur_perm = user.permissions['repositories'][perm.UsersGroupToPerm.repository.repo_name]
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	349 #overwrite permission only if it's greater than permission given from other sources
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	350 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
6eb5bb24a948 Major rewrite of auth objects. Moved parts of filling user data into user model. Marcin Kuzminski <marcin@python-works.com> parents: 1116 diff changeset	351 user.permissions['repositories'][perm.UsersGroupToPerm.repository.repo_name] = p
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	352
dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 629 diff changeset	353 return user

Mercurial > kallithea

annotate rhodecode/model/user.py @ 1267:d534aff5e82a beta