Mercurial > kallithea
comparison rhodecode/model/user.py @ 3788:d9b89874edf9 beta
UserGroup on UserGroup permissions implementation.
- user group can have another usergroup assigned
- it's impossible to assign usergroup on the same usergroup
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Tue, 23 Apr 2013 02:18:31 +0200 |
parents | 87e6960e250b |
children | 647fb653048e |
comparison
equal
deleted
inserted
replaced
3787:a3b1016855f8 | 3788:d9b89874edf9 |
---|---|
37 from rhodecode.lib.caching_query import FromCache | 37 from rhodecode.lib.caching_query import FromCache |
38 from rhodecode.model import BaseModel | 38 from rhodecode.model import BaseModel |
39 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ | 39 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ |
40 UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \ | 40 UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \ |
41 Notification, RepoGroup, UserRepoGroupToPerm, UserGroupRepoGroupToPerm, \ | 41 Notification, RepoGroup, UserRepoGroupToPerm, UserGroupRepoGroupToPerm, \ |
42 UserEmailMap, UserIpMap | 42 UserEmailMap, UserIpMap, UserGroupUserGroupToPerm, UserGroup |
43 from rhodecode.lib.exceptions import DefaultUserException, \ | 43 from rhodecode.lib.exceptions import DefaultUserException, \ |
44 UserOwnsReposException | 44 UserOwnsReposException |
45 from rhodecode.model.meta import Session | 45 from rhodecode.model.meta import Session |
46 | 46 |
47 | 47 |
568 | 568 |
569 for perm in user_perms: | 569 for perm in user_perms: |
570 user.permissions[GLOBAL].add(perm.permission.permission_name) | 570 user.permissions[GLOBAL].add(perm.permission.permission_name) |
571 ## END GLOBAL PERMISSIONS | 571 ## END GLOBAL PERMISSIONS |
572 | 572 |
573 | |
574 #====================================================================== | 573 #====================================================================== |
575 # !! PERMISSIONS FOR REPOSITORIES !! | 574 # !! PERMISSIONS FOR REPOSITORIES !! |
576 #====================================================================== | 575 #====================================================================== |
577 #====================================================================== | 576 #====================================================================== |
578 # check if user is part of user groups for this repository and | 577 # check if user is part of user groups for this repository and |
662 user.permissions[GK][rg_k] = p | 661 user.permissions[GK][rg_k] = p |
663 | 662 |
664 #====================================================================== | 663 #====================================================================== |
665 # !! PERMISSIONS FOR USER GROUPS !! | 664 # !! PERMISSIONS FOR USER GROUPS !! |
666 #====================================================================== | 665 #====================================================================== |
666 # user group for user group permissions | |
667 user_group_user_groups_perms = \ | |
668 self.sa.query(UserGroupUserGroupToPerm, Permission, UserGroup)\ | |
669 .join((UserGroup, UserGroupUserGroupToPerm.target_user_group_id | |
670 == UserGroup.users_group_id))\ | |
671 .join((Permission, UserGroupUserGroupToPerm.permission_id | |
672 == Permission.permission_id))\ | |
673 .join((UserGroupMember, UserGroupUserGroupToPerm.user_group_id | |
674 == UserGroupMember.users_group_id))\ | |
675 .filter(UserGroupMember.user_id == uid)\ | |
676 .all() | |
677 | |
678 multiple_counter = collections.defaultdict(int) | |
679 for perm in user_group_user_groups_perms: | |
680 g_k = perm.UserGroupUserGroupToPerm.target_user_group.users_group_name | |
681 multiple_counter[g_k] += 1 | |
682 p = perm.Permission.permission_name | |
683 cur_perm = user.permissions[UK][g_k] | |
684 if multiple_counter[g_k] > 1: | |
685 p = _choose_perm(p, cur_perm) | |
686 user.permissions[UK][g_k] = p | |
687 | |
667 #user explicit permission for user groups | 688 #user explicit permission for user groups |
668 user_user_groups_perms = Permission.get_default_user_group_perms(uid) | 689 user_user_groups_perms = Permission.get_default_user_group_perms(uid) |
669 for perm in user_user_groups_perms: | 690 for perm in user_user_groups_perms: |
670 u_k = perm.UserUserGroupToPerm.user_group.users_group_name | 691 u_k = perm.UserUserGroupToPerm.user_group.users_group_name |
671 p = perm.Permission.permission_name | 692 p = perm.Permission.permission_name |