Mercurial > kallithea

comparison rhodecode/model/user.py @ 1633:2c0d35e336b5 beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refactoring of models names for repoGroup permissions
author Marcin Kuzminski <marcin@python-works.com>
date Wed, 02 Nov 2011 03:08:33 +0200
parents de71a4bde097
children 1d904d972c47
comparison
equal deleted inserted replaced
1632:5b2cf21b1947 1633:2c0d35e336b5
29 from pylons.i18n.translation import _ 29 from pylons.i18n.translation import _
30 30
31 from rhodecode.lib import safe_unicode 31 from rhodecode.lib import safe_unicode
32 from rhodecode.model import BaseModel 32 from rhodecode.model import BaseModel
33 from rhodecode.model.caching_query import FromCache 33 from rhodecode.model.caching_query import FromCache
34 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \ 34 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \
35 UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember 35 UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember
36 from rhodecode.lib.exceptions import DefaultUserException, \ 36 from rhodecode.lib.exceptions import DefaultUserException, \
37 UserOwnsReposException 37 UserOwnsReposException
38 38
39 from sqlalchemy.exc import DatabaseError 39 from sqlalchemy.exc import DatabaseError
301 #====================================================================== 301 #======================================================================
302 # fetch default permissions 302 # fetch default permissions
303 #====================================================================== 303 #======================================================================
304 default_user = self.get_by_username('default', cache=True) 304 default_user = self.get_by_username('default', cache=True)
305 305
306 default_perms = self.sa.query(RepoToPerm, Repository, Permission)\ 306 default_perms = self.sa.query(UserRepoToPerm, Repository, Permission)\
307 .join((Repository, RepoToPerm.repository_id == 307 .join((Repository, UserRepoToPerm.repository_id ==
308 Repository.repo_id))\ 308 Repository.repo_id))\
309 .join((Permission, RepoToPerm.permission_id == 309 .join((Permission, UserRepoToPerm.permission_id ==
310 Permission.permission_id))\ 310 Permission.permission_id))\
311 .filter(RepoToPerm.user == default_user).all() 311 .filter(UserRepoToPerm.user == default_user).all()
312 312
313 if user.is_admin: 313 if user.is_admin:
314 #================================================================== 314 #==================================================================
315 # #admin have all default rights set to admin 315 # #admin have all default rights set to admin
316 #================================================================== 316 #==================================================================
317 user.permissions['global'].add('hg.admin') 317 user.permissions['global'].add('hg.admin')
318 318
319 for perm in default_perms: 319 for perm in default_perms:
320 p = 'repository.admin' 320 p = 'repository.admin'
321 user.permissions['repositories'][perm.RepoToPerm. 321 user.permissions['repositories'][perm.UserRepoToPerm.
322 repository.repo_name] = p 322 repository.repo_name] = p
323 323
324 else: 324 else:
325 #================================================================== 325 #==================================================================
326 # set default permissions 326 # set default permissions
344 #set admin if owner 344 #set admin if owner
345 p = 'repository.admin' 345 p = 'repository.admin'
346 else: 346 else:
347 p = perm.Permission.permission_name 347 p = perm.Permission.permission_name
348 348
349 user.permissions['repositories'][perm.RepoToPerm. 349 user.permissions['repositories'][perm.UserRepoToPerm.
350 repository.repo_name] = p 350 repository.repo_name] = p
351 351
352 #================================================================== 352 #==================================================================
353 # overwrite default with user permissions if any 353 # overwrite default with user permissions if any
354 #================================================================== 354 #==================================================================
361 for perm in user_perms: 361 for perm in user_perms:
362 user.permissions['global'].add(perm.permission. 362 user.permissions['global'].add(perm.permission.
363 permission_name) 363 permission_name)
364 364
365 #user repositories 365 #user repositories
366 user_repo_perms = self.sa.query(RepoToPerm, Permission, 366 user_repo_perms = self.sa.query(UserRepoToPerm, Permission,
367 Repository)\ 367 Repository)\
368 .join((Repository, RepoToPerm.repository_id == 368 .join((Repository, UserRepoToPerm.repository_id ==
369 Repository.repo_id))\ 369 Repository.repo_id))\
370 .join((Permission, RepoToPerm.permission_id == 370 .join((Permission, UserRepoToPerm.permission_id ==
371 Permission.permission_id))\ 371 Permission.permission_id))\
372 .filter(RepoToPerm.user_id == uid).all() 372 .filter(UserRepoToPerm.user_id == uid).all()
373 373
374 for perm in user_repo_perms: 374 for perm in user_repo_perms:
375 # set admin if owner 375 # set admin if owner
376 if perm.Repository.user_id == uid: 376 if perm.Repository.user_id == uid:
377 p = 'repository.admin' 377 p = 'repository.admin'
378 else: 378 else:
379 p = perm.Permission.permission_name 379 p = perm.Permission.permission_name
380 user.permissions['repositories'][perm.RepoToPerm. 380 user.permissions['repositories'][perm.UserRepoToPerm.
381 repository.repo_name] = p 381 repository.repo_name] = p
382 382
383 #================================================================== 383 #==================================================================
384 # check if user is part of groups for this repository and fill in 384 # check if user is part of groups for this repository and fill in
385 # (or replace with higher) permissions 385 # (or replace with higher) permissions