Mercurial > kallithea
comparison rhodecode/model/user.py @ 1633:2c0d35e336b5 beta
refactoring of models names for repoGroup permissions
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Wed, 02 Nov 2011 03:08:33 +0200 |
parents | de71a4bde097 |
children | 1d904d972c47 |
comparison
equal
deleted
inserted
replaced
1632:5b2cf21b1947 | 1633:2c0d35e336b5 |
---|---|
29 from pylons.i18n.translation import _ | 29 from pylons.i18n.translation import _ |
30 | 30 |
31 from rhodecode.lib import safe_unicode | 31 from rhodecode.lib import safe_unicode |
32 from rhodecode.model import BaseModel | 32 from rhodecode.model import BaseModel |
33 from rhodecode.model.caching_query import FromCache | 33 from rhodecode.model.caching_query import FromCache |
34 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \ | 34 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ |
35 UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember | 35 UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember |
36 from rhodecode.lib.exceptions import DefaultUserException, \ | 36 from rhodecode.lib.exceptions import DefaultUserException, \ |
37 UserOwnsReposException | 37 UserOwnsReposException |
38 | 38 |
39 from sqlalchemy.exc import DatabaseError | 39 from sqlalchemy.exc import DatabaseError |
301 #====================================================================== | 301 #====================================================================== |
302 # fetch default permissions | 302 # fetch default permissions |
303 #====================================================================== | 303 #====================================================================== |
304 default_user = self.get_by_username('default', cache=True) | 304 default_user = self.get_by_username('default', cache=True) |
305 | 305 |
306 default_perms = self.sa.query(RepoToPerm, Repository, Permission)\ | 306 default_perms = self.sa.query(UserRepoToPerm, Repository, Permission)\ |
307 .join((Repository, RepoToPerm.repository_id == | 307 .join((Repository, UserRepoToPerm.repository_id == |
308 Repository.repo_id))\ | 308 Repository.repo_id))\ |
309 .join((Permission, RepoToPerm.permission_id == | 309 .join((Permission, UserRepoToPerm.permission_id == |
310 Permission.permission_id))\ | 310 Permission.permission_id))\ |
311 .filter(RepoToPerm.user == default_user).all() | 311 .filter(UserRepoToPerm.user == default_user).all() |
312 | 312 |
313 if user.is_admin: | 313 if user.is_admin: |
314 #================================================================== | 314 #================================================================== |
315 # #admin have all default rights set to admin | 315 # #admin have all default rights set to admin |
316 #================================================================== | 316 #================================================================== |
317 user.permissions['global'].add('hg.admin') | 317 user.permissions['global'].add('hg.admin') |
318 | 318 |
319 for perm in default_perms: | 319 for perm in default_perms: |
320 p = 'repository.admin' | 320 p = 'repository.admin' |
321 user.permissions['repositories'][perm.RepoToPerm. | 321 user.permissions['repositories'][perm.UserRepoToPerm. |
322 repository.repo_name] = p | 322 repository.repo_name] = p |
323 | 323 |
324 else: | 324 else: |
325 #================================================================== | 325 #================================================================== |
326 # set default permissions | 326 # set default permissions |
344 #set admin if owner | 344 #set admin if owner |
345 p = 'repository.admin' | 345 p = 'repository.admin' |
346 else: | 346 else: |
347 p = perm.Permission.permission_name | 347 p = perm.Permission.permission_name |
348 | 348 |
349 user.permissions['repositories'][perm.RepoToPerm. | 349 user.permissions['repositories'][perm.UserRepoToPerm. |
350 repository.repo_name] = p | 350 repository.repo_name] = p |
351 | 351 |
352 #================================================================== | 352 #================================================================== |
353 # overwrite default with user permissions if any | 353 # overwrite default with user permissions if any |
354 #================================================================== | 354 #================================================================== |
361 for perm in user_perms: | 361 for perm in user_perms: |
362 user.permissions['global'].add(perm.permission. | 362 user.permissions['global'].add(perm.permission. |
363 permission_name) | 363 permission_name) |
364 | 364 |
365 #user repositories | 365 #user repositories |
366 user_repo_perms = self.sa.query(RepoToPerm, Permission, | 366 user_repo_perms = self.sa.query(UserRepoToPerm, Permission, |
367 Repository)\ | 367 Repository)\ |
368 .join((Repository, RepoToPerm.repository_id == | 368 .join((Repository, UserRepoToPerm.repository_id == |
369 Repository.repo_id))\ | 369 Repository.repo_id))\ |
370 .join((Permission, RepoToPerm.permission_id == | 370 .join((Permission, UserRepoToPerm.permission_id == |
371 Permission.permission_id))\ | 371 Permission.permission_id))\ |
372 .filter(RepoToPerm.user_id == uid).all() | 372 .filter(UserRepoToPerm.user_id == uid).all() |
373 | 373 |
374 for perm in user_repo_perms: | 374 for perm in user_repo_perms: |
375 # set admin if owner | 375 # set admin if owner |
376 if perm.Repository.user_id == uid: | 376 if perm.Repository.user_id == uid: |
377 p = 'repository.admin' | 377 p = 'repository.admin' |
378 else: | 378 else: |
379 p = perm.Permission.permission_name | 379 p = perm.Permission.permission_name |
380 user.permissions['repositories'][perm.RepoToPerm. | 380 user.permissions['repositories'][perm.UserRepoToPerm. |
381 repository.repo_name] = p | 381 repository.repo_name] = p |
382 | 382 |
383 #================================================================== | 383 #================================================================== |
384 # check if user is part of groups for this repository and fill in | 384 # check if user is part of groups for this repository and fill in |
385 # (or replace with higher) permissions | 385 # (or replace with higher) permissions |