Mercurial > kallithea
comparison rhodecode/model/user.py @ 1728:07e56179633e beta
- fixes celery sqlalchemy session issues for async forking
- summary page css fixes
- speed optimizations
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Sat, 26 Nov 2011 17:51:03 +0200 |
parents | 7d1fc253549e |
children | da8ee2ef7f6d |
comparison
equal
deleted
inserted
replaced
1727:8e9f51091229 | 1728:07e56179633e |
---|---|
87 log.error(traceback.format_exc()) | 87 log.error(traceback.format_exc()) |
88 self.sa.rollback() | 88 self.sa.rollback() |
89 raise | 89 raise |
90 | 90 |
91 | 91 |
92 def create_or_update(self, username, password, email, name, lastname, | 92 def create_or_update(self, username, password, email, name, lastname, |
93 active=True, admin=False, ldap_dn=None): | 93 active=True, admin=False, ldap_dn=None): |
94 """ | 94 """ |
95 Creates a new instance if not found, or updates current one | 95 Creates a new instance if not found, or updates current one |
96 | 96 |
97 :param username: | 97 :param username: |
102 :param lastname: | 102 :param lastname: |
103 :param active: | 103 :param active: |
104 :param admin: | 104 :param admin: |
105 :param ldap_dn: | 105 :param ldap_dn: |
106 """ | 106 """ |
107 | 107 |
108 from rhodecode.lib.auth import get_crypt_password | 108 from rhodecode.lib.auth import get_crypt_password |
109 | 109 |
110 log.debug('Checking for %s account in RhodeCode database', username) | 110 log.debug('Checking for %s account in RhodeCode database', username) |
111 user = User.get_by_username(username, case_insensitive=True) | 111 user = User.get_by_username(username, case_insensitive=True) |
112 if user is None: | 112 if user is None: |
113 log.debug('creating new user %s', username) | 113 log.debug('creating new user %s', username) |
114 new_user = User() | 114 new_user = User() |
115 else: | 115 else: |
116 log.debug('updating user %s', username) | 116 log.debug('updating user %s', username) |
117 new_user = user | 117 new_user = user |
118 | 118 |
119 try: | 119 try: |
120 new_user.username = username | 120 new_user.username = username |
121 new_user.admin = admin | 121 new_user.admin = admin |
122 new_user.password = get_crypt_password(password) | 122 new_user.password = get_crypt_password(password) |
123 new_user.api_key = generate_api_key(username) | 123 new_user.api_key = generate_api_key(username) |
132 return new_user | 132 return new_user |
133 except (DatabaseError,): | 133 except (DatabaseError,): |
134 log.error(traceback.format_exc()) | 134 log.error(traceback.format_exc()) |
135 self.sa.rollback() | 135 self.sa.rollback() |
136 raise | 136 raise |
137 | 137 |
138 | 138 |
139 def create_for_container_auth(self, username, attrs): | 139 def create_for_container_auth(self, username, attrs): |
140 """ | 140 """ |
141 Creates the given user if it's not already in the database | 141 Creates the given user if it's not already in the database |
142 | 142 |
143 :param username: | 143 :param username: |
352 user.permissions['global'] = set() | 352 user.permissions['global'] = set() |
353 | 353 |
354 #====================================================================== | 354 #====================================================================== |
355 # fetch default permissions | 355 # fetch default permissions |
356 #====================================================================== | 356 #====================================================================== |
357 default_user = User.get_by_username('default') | 357 default_user = User.get_by_username('default', cache=True) |
358 | 358 default_user_id = default_user.user_id |
359 default_perms = self.sa.query(UserRepoToPerm, Repository, Permission)\ | 359 |
360 .join((Repository, UserRepoToPerm.repository_id == | 360 default_perms = Permission.get_default_perms(default_user_id) |
361 Repository.repo_id))\ | |
362 .join((Permission, UserRepoToPerm.permission_id == | |
363 Permission.permission_id))\ | |
364 .filter(UserRepoToPerm.user == default_user).all() | |
365 | 361 |
366 if user.is_admin: | 362 if user.is_admin: |
367 #================================================================== | 363 #================================================================== |
368 # #admin have all default rights set to admin | 364 # #admin have all default rights set to admin |
369 #================================================================== | 365 #================================================================== |
380 #================================================================== | 376 #================================================================== |
381 uid = user.user_id | 377 uid = user.user_id |
382 | 378 |
383 #default global | 379 #default global |
384 default_global_perms = self.sa.query(UserToPerm)\ | 380 default_global_perms = self.sa.query(UserToPerm)\ |
385 .filter(UserToPerm.user == default_user) | 381 .filter(UserToPerm.user_id == default_user_id) |
386 | 382 |
387 for perm in default_global_perms: | 383 for perm in default_global_perms: |
388 user.permissions['global'].add(perm.permission.permission_name) | 384 user.permissions['global'].add(perm.permission.permission_name) |
389 | 385 |
390 #default for repositories | 386 #default for repositories |
391 for perm in default_perms: | 387 for perm in default_perms: |
392 if perm.Repository.private and not (perm.Repository.user_id == | 388 if perm.Repository.private and not (perm.Repository.user_id == |
393 uid): | 389 uid): |
394 #diself.sable defaults for private repos, | 390 #disable defaults for private repos, |
395 p = 'repository.none' | 391 p = 'repository.none' |
396 elif perm.Repository.user_id == uid: | 392 elif perm.Repository.user_id == uid: |
397 #set admin if owner | 393 #set admin if owner |
398 p = 'repository.admin' | 394 p = 'repository.admin' |
399 else: | 395 else: |
436 #================================================================== | 432 #================================================================== |
437 # check if user is part of groups for this repository and fill in | 433 # check if user is part of groups for this repository and fill in |
438 # (or replace with higher) permissions | 434 # (or replace with higher) permissions |
439 #================================================================== | 435 #================================================================== |
440 | 436 |
441 #users group global | 437 # users group global |
442 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\ | 438 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\ |
443 .options(joinedload(UsersGroupToPerm.permission))\ | 439 .options(joinedload(UsersGroupToPerm.permission))\ |
444 .join((UsersGroupMember, UsersGroupToPerm.users_group_id == | 440 .join((UsersGroupMember, UsersGroupToPerm.users_group_id == |
445 UsersGroupMember.users_group_id))\ | 441 UsersGroupMember.users_group_id))\ |
446 .filter(UsersGroupMember.user_id == uid).all() | 442 .filter(UsersGroupMember.user_id == uid).all() |
447 | 443 |
448 for perm in user_perms_from_users_groups: | 444 for perm in user_perms_from_users_groups: |
449 user.permissions['global'].add(perm.permission.permission_name) | 445 user.permissions['global'].add(perm.permission.permission_name) |
450 | 446 |
451 #users group repositories | 447 # users group repositories |
452 user_repo_perms_from_users_groups = self.sa.query( | 448 user_repo_perms_from_users_groups = self.sa.query( |
453 UsersGroupRepoToPerm, | 449 UsersGroupRepoToPerm, |
454 Permission, Repository,)\ | 450 Permission, Repository,)\ |
455 .join((Repository, UsersGroupRepoToPerm.repository_id == | 451 .join((Repository, UsersGroupRepoToPerm.repository_id == |
456 Repository.repo_id))\ | 452 Repository.repo_id))\ |
463 for perm in user_repo_perms_from_users_groups: | 459 for perm in user_repo_perms_from_users_groups: |
464 p = perm.Permission.permission_name | 460 p = perm.Permission.permission_name |
465 cur_perm = user.permissions['repositories'][perm. | 461 cur_perm = user.permissions['repositories'][perm. |
466 UsersGroupRepoToPerm. | 462 UsersGroupRepoToPerm. |
467 repository.repo_name] | 463 repository.repo_name] |
468 #overwrite permission only if it's greater than permission | 464 # overwrite permission only if it's greater than permission |
469 # given from other sources | 465 # given from other sources |
470 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: | 466 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: |
471 user.permissions['repositories'][perm.UsersGroupRepoToPerm. | 467 user.permissions['repositories'][perm.UsersGroupRepoToPerm. |
472 repository.repo_name] = p | 468 repository.repo_name] = p |
473 | 469 |