Mercurial > kallithea
comparison rhodecode/model/permission.py @ 2031:82a88013a3fd
merge 1.3 into stable
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Sun, 26 Feb 2012 17:25:09 +0200 |
parents | bf263968da47 89efedac4e6c |
children | 63e58ef80ef1 |
comparison
equal
deleted
inserted
replaced
2005:ab0e122b38a7 | 2031:82a88013a3fd |
---|---|
5 | 5 |
6 permissions model for RhodeCode | 6 permissions model for RhodeCode |
7 | 7 |
8 :created_on: Aug 20, 2010 | 8 :created_on: Aug 20, 2010 |
9 :author: marcink | 9 :author: marcink |
10 :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com> | 10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
11 :license: GPLv3, see COPYING for more details. | 11 :license: GPLv3, see COPYING for more details. |
12 """ | 12 """ |
13 # This program is free software: you can redistribute it and/or modify | 13 # This program is free software: you can redistribute it and/or modify |
14 # it under the terms of the GNU General Public License as published by | 14 # it under the terms of the GNU General Public License as published by |
15 # the Free Software Foundation, either version 3 of the License, or | 15 # the Free Software Foundation, either version 3 of the License, or |
26 import logging | 26 import logging |
27 import traceback | 27 import traceback |
28 | 28 |
29 from sqlalchemy.exc import DatabaseError | 29 from sqlalchemy.exc import DatabaseError |
30 | 30 |
31 from rhodecode.lib.caching_query import FromCache | |
32 | |
31 from rhodecode.model import BaseModel | 33 from rhodecode.model import BaseModel |
32 from rhodecode.model.db import User, Permission, UserToPerm, RepoToPerm | 34 from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm |
33 from rhodecode.model.caching_query import FromCache | |
34 | 35 |
35 log = logging.getLogger(__name__) | 36 log = logging.getLogger(__name__) |
36 | 37 |
37 | 38 |
38 class PermissionModel(BaseModel): | 39 class PermissionModel(BaseModel): |
39 """Permissions model for RhodeCode | 40 """ |
41 Permissions model for RhodeCode | |
40 """ | 42 """ |
41 | 43 |
42 def get_permission(self, permission_id, cache=False): | 44 def get_permission(self, permission_id, cache=False): |
43 """Get's permissions by id | 45 """ |
46 Get's permissions by id | |
44 | 47 |
45 :param permission_id: id of permission to get from database | 48 :param permission_id: id of permission to get from database |
46 :param cache: use Cache for this query | 49 :param cache: use Cache for this query |
47 """ | 50 """ |
48 perm = self.sa.query(Permission) | 51 perm = self.sa.query(Permission) |
50 perm = perm.options(FromCache("sql_cache_short", | 53 perm = perm.options(FromCache("sql_cache_short", |
51 "get_permission_%s" % permission_id)) | 54 "get_permission_%s" % permission_id)) |
52 return perm.get(permission_id) | 55 return perm.get(permission_id) |
53 | 56 |
54 def get_permission_by_name(self, name, cache=False): | 57 def get_permission_by_name(self, name, cache=False): |
55 """Get's permissions by given name | 58 """ |
59 Get's permissions by given name | |
56 | 60 |
57 :param name: name to fetch | 61 :param name: name to fetch |
58 :param cache: Use cache for this query | 62 :param cache: Use cache for this query |
59 """ | 63 """ |
60 perm = self.sa.query(Permission)\ | 64 perm = self.sa.query(Permission)\ |
64 "get_permission_%s" % name)) | 68 "get_permission_%s" % name)) |
65 return perm.scalar() | 69 return perm.scalar() |
66 | 70 |
67 def update(self, form_result): | 71 def update(self, form_result): |
68 perm_user = self.sa.query(User)\ | 72 perm_user = self.sa.query(User)\ |
69 .filter(User.username == | 73 .filter(User.username == |
70 form_result['perm_user_name']).scalar() | 74 form_result['perm_user_name']).scalar() |
71 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == | 75 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == |
72 perm_user).all() | 76 perm_user).all() |
73 if len(u2p) != 3: | 77 if len(u2p) != 3: |
74 raise Exception('Defined: %s should be 3 permissions for default' | 78 raise Exception('Defined: %s should be 3 permissions for default' |
75 ' user. This should not happen please verify' | 79 ' user. This should not happen please verify' |
76 ' your database' % len(u2p)) | 80 ' your database' % len(u2p)) |
77 | 81 |
78 try: | 82 try: |
79 #stage 1 change defaults | 83 # stage 1 change defaults |
80 for p in u2p: | 84 for p in u2p: |
81 if p.permission.permission_name.startswith('repository.'): | 85 if p.permission.permission_name.startswith('repository.'): |
82 p.permission = self.get_permission_by_name( | 86 p.permission = self.get_permission_by_name( |
83 form_result['default_perm']) | 87 form_result['default_perm']) |
84 self.sa.add(p) | 88 self.sa.add(p) |
93 form_result['default_create']) | 97 form_result['default_create']) |
94 self.sa.add(p) | 98 self.sa.add(p) |
95 | 99 |
96 #stage 2 update all default permissions for repos if checked | 100 #stage 2 update all default permissions for repos if checked |
97 if form_result['overwrite_default'] == True: | 101 if form_result['overwrite_default'] == True: |
98 for r2p in self.sa.query(RepoToPerm)\ | 102 for r2p in self.sa.query(UserRepoToPerm)\ |
99 .filter(RepoToPerm.user == perm_user).all(): | 103 .filter(UserRepoToPerm.user == perm_user).all(): |
100 r2p.permission = self.get_permission_by_name( | 104 r2p.permission = self.get_permission_by_name( |
101 form_result['default_perm']) | 105 form_result['default_perm']) |
102 self.sa.add(r2p) | 106 self.sa.add(r2p) |
103 | 107 |
104 #stage 3 set anonymous access | 108 # stage 3 set anonymous access |
105 if perm_user.username == 'default': | 109 if perm_user.username == 'default': |
106 perm_user.active = bool(form_result['anonymous']) | 110 perm_user.active = bool(form_result['anonymous']) |
107 self.sa.add(perm_user) | 111 self.sa.add(perm_user) |
108 | 112 |
109 self.sa.commit() | |
110 except (DatabaseError,): | 113 except (DatabaseError,): |
111 log.error(traceback.format_exc()) | 114 log.error(traceback.format_exc()) |
112 self.sa.rollback() | |
113 raise | 115 raise |