Mercurial > kallithea

comparison rhodecode/model/user.py @ 1728:07e56179633e beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- fixes celery sqlalchemy session issues for async forking - summary page css fixes - speed optimizations
author Marcin Kuzminski <marcin@python-works.com>
date Sat, 26 Nov 2011 17:51:03 +0200
parents 7d1fc253549e
children da8ee2ef7f6d
comparison
equal deleted inserted replaced
1727:8e9f51091229 1728:07e56179633e
87 log.error(traceback.format_exc()) 87 log.error(traceback.format_exc())
88 self.sa.rollback() 88 self.sa.rollback()
89 raise 89 raise
90 90
91 91
92 def create_or_update(self, username, password, email, name, lastname, 92 def create_or_update(self, username, password, email, name, lastname,
93 active=True, admin=False, ldap_dn=None): 93 active=True, admin=False, ldap_dn=None):
94 """ 94 """
95 Creates a new instance if not found, or updates current one 95 Creates a new instance if not found, or updates current one
96 96
97 :param username: 97 :param username:
102 :param lastname: 102 :param lastname:
103 :param active: 103 :param active:
104 :param admin: 104 :param admin:
105 :param ldap_dn: 105 :param ldap_dn:
106 """ 106 """
107 107
108 from rhodecode.lib.auth import get_crypt_password 108 from rhodecode.lib.auth import get_crypt_password
109 109
110 log.debug('Checking for %s account in RhodeCode database', username) 110 log.debug('Checking for %s account in RhodeCode database', username)
111 user = User.get_by_username(username, case_insensitive=True) 111 user = User.get_by_username(username, case_insensitive=True)
112 if user is None: 112 if user is None:
113 log.debug('creating new user %s', username) 113 log.debug('creating new user %s', username)
114 new_user = User() 114 new_user = User()
115 else: 115 else:
116 log.debug('updating user %s', username) 116 log.debug('updating user %s', username)
117 new_user = user 117 new_user = user
118 118
119 try: 119 try:
120 new_user.username = username 120 new_user.username = username
121 new_user.admin = admin 121 new_user.admin = admin
122 new_user.password = get_crypt_password(password) 122 new_user.password = get_crypt_password(password)
123 new_user.api_key = generate_api_key(username) 123 new_user.api_key = generate_api_key(username)
132 return new_user 132 return new_user
133 except (DatabaseError,): 133 except (DatabaseError,):
134 log.error(traceback.format_exc()) 134 log.error(traceback.format_exc())
135 self.sa.rollback() 135 self.sa.rollback()
136 raise 136 raise
137 137
138 138
139 def create_for_container_auth(self, username, attrs): 139 def create_for_container_auth(self, username, attrs):
140 """ 140 """
141 Creates the given user if it's not already in the database 141 Creates the given user if it's not already in the database
142 142
143 :param username: 143 :param username:
352 user.permissions['global'] = set() 352 user.permissions['global'] = set()
353 353
354 #====================================================================== 354 #======================================================================
355 # fetch default permissions 355 # fetch default permissions
356 #====================================================================== 356 #======================================================================
357 default_user = User.get_by_username('default') 357 default_user = User.get_by_username('default', cache=True)
358 358 default_user_id = default_user.user_id
359 default_perms = self.sa.query(UserRepoToPerm, Repository, Permission)\ 359
360 .join((Repository, UserRepoToPerm.repository_id == 360 default_perms = Permission.get_default_perms(default_user_id)
361 Repository.repo_id))\
362 .join((Permission, UserRepoToPerm.permission_id ==
363 Permission.permission_id))\
364 .filter(UserRepoToPerm.user == default_user).all()
365 361
366 if user.is_admin: 362 if user.is_admin:
367 #================================================================== 363 #==================================================================
368 # #admin have all default rights set to admin 364 # #admin have all default rights set to admin
369 #================================================================== 365 #==================================================================
380 #================================================================== 376 #==================================================================
381 uid = user.user_id 377 uid = user.user_id
382 378
383 #default global 379 #default global
384 default_global_perms = self.sa.query(UserToPerm)\ 380 default_global_perms = self.sa.query(UserToPerm)\
385 .filter(UserToPerm.user == default_user) 381 .filter(UserToPerm.user_id == default_user_id)
386 382
387 for perm in default_global_perms: 383 for perm in default_global_perms:
388 user.permissions['global'].add(perm.permission.permission_name) 384 user.permissions['global'].add(perm.permission.permission_name)
389 385
390 #default for repositories 386 #default for repositories
391 for perm in default_perms: 387 for perm in default_perms:
392 if perm.Repository.private and not (perm.Repository.user_id == 388 if perm.Repository.private and not (perm.Repository.user_id ==
393 uid): 389 uid):
394 #diself.sable defaults for private repos, 390 #disable defaults for private repos,
395 p = 'repository.none' 391 p = 'repository.none'
396 elif perm.Repository.user_id == uid: 392 elif perm.Repository.user_id == uid:
397 #set admin if owner 393 #set admin if owner
398 p = 'repository.admin' 394 p = 'repository.admin'
399 else: 395 else:
436 #================================================================== 432 #==================================================================
437 # check if user is part of groups for this repository and fill in 433 # check if user is part of groups for this repository and fill in
438 # (or replace with higher) permissions 434 # (or replace with higher) permissions
439 #================================================================== 435 #==================================================================
440 436
441 #users group global 437 # users group global
442 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\ 438 user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\
443 .options(joinedload(UsersGroupToPerm.permission))\ 439 .options(joinedload(UsersGroupToPerm.permission))\
444 .join((UsersGroupMember, UsersGroupToPerm.users_group_id == 440 .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==
445 UsersGroupMember.users_group_id))\ 441 UsersGroupMember.users_group_id))\
446 .filter(UsersGroupMember.user_id == uid).all() 442 .filter(UsersGroupMember.user_id == uid).all()
447 443
448 for perm in user_perms_from_users_groups: 444 for perm in user_perms_from_users_groups:
449 user.permissions['global'].add(perm.permission.permission_name) 445 user.permissions['global'].add(perm.permission.permission_name)
450 446
451 #users group repositories 447 # users group repositories
452 user_repo_perms_from_users_groups = self.sa.query( 448 user_repo_perms_from_users_groups = self.sa.query(
453 UsersGroupRepoToPerm, 449 UsersGroupRepoToPerm,
454 Permission, Repository,)\ 450 Permission, Repository,)\
455 .join((Repository, UsersGroupRepoToPerm.repository_id == 451 .join((Repository, UsersGroupRepoToPerm.repository_id ==
456 Repository.repo_id))\ 452 Repository.repo_id))\
463 for perm in user_repo_perms_from_users_groups: 459 for perm in user_repo_perms_from_users_groups:
464 p = perm.Permission.permission_name 460 p = perm.Permission.permission_name
465 cur_perm = user.permissions['repositories'][perm. 461 cur_perm = user.permissions['repositories'][perm.
466 UsersGroupRepoToPerm. 462 UsersGroupRepoToPerm.
467 repository.repo_name] 463 repository.repo_name]
468 #overwrite permission only if it's greater than permission 464 # overwrite permission only if it's greater than permission
469 # given from other sources 465 # given from other sources
470 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: 466 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
471 user.permissions['repositories'][perm.UsersGroupRepoToPerm. 467 user.permissions['repositories'][perm.UsersGroupRepoToPerm.
472 repository.repo_name] = p 468 repository.repo_name] = p
473 469