Mercurial > kallithea

comparison rhodecode/model/user.py @ 3788:d9b89874edf9 beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
UserGroup on UserGroup permissions implementation. - user group can have another usergroup assigned - it's impossible to assign usergroup on the same usergroup
author Marcin Kuzminski <marcin@python-works.com>
date Tue, 23 Apr 2013 02:18:31 +0200
parents 87e6960e250b
children 647fb653048e
comparison
equal deleted inserted replaced
3787:a3b1016855f8 3788:d9b89874edf9
37 from rhodecode.lib.caching_query import FromCache 37 from rhodecode.lib.caching_query import FromCache
38 from rhodecode.model import BaseModel 38 from rhodecode.model import BaseModel
39 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ 39 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \
40 UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \ 40 UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \
41 Notification, RepoGroup, UserRepoGroupToPerm, UserGroupRepoGroupToPerm, \ 41 Notification, RepoGroup, UserRepoGroupToPerm, UserGroupRepoGroupToPerm, \
42 UserEmailMap, UserIpMap 42 UserEmailMap, UserIpMap, UserGroupUserGroupToPerm, UserGroup
43 from rhodecode.lib.exceptions import DefaultUserException, \ 43 from rhodecode.lib.exceptions import DefaultUserException, \
44 UserOwnsReposException 44 UserOwnsReposException
45 from rhodecode.model.meta import Session 45 from rhodecode.model.meta import Session
46 46
47 47
568 568
569 for perm in user_perms: 569 for perm in user_perms:
570 user.permissions[GLOBAL].add(perm.permission.permission_name) 570 user.permissions[GLOBAL].add(perm.permission.permission_name)
571 ## END GLOBAL PERMISSIONS 571 ## END GLOBAL PERMISSIONS
572 572
573
574 #====================================================================== 573 #======================================================================
575 # !! PERMISSIONS FOR REPOSITORIES !! 574 # !! PERMISSIONS FOR REPOSITORIES !!
576 #====================================================================== 575 #======================================================================
577 #====================================================================== 576 #======================================================================
578 # check if user is part of user groups for this repository and 577 # check if user is part of user groups for this repository and
662 user.permissions[GK][rg_k] = p 661 user.permissions[GK][rg_k] = p
663 662
664 #====================================================================== 663 #======================================================================
665 # !! PERMISSIONS FOR USER GROUPS !! 664 # !! PERMISSIONS FOR USER GROUPS !!
666 #====================================================================== 665 #======================================================================
666 # user group for user group permissions
667 user_group_user_groups_perms = \
668 self.sa.query(UserGroupUserGroupToPerm, Permission, UserGroup)\
669 .join((UserGroup, UserGroupUserGroupToPerm.target_user_group_id
670 == UserGroup.users_group_id))\
671 .join((Permission, UserGroupUserGroupToPerm.permission_id
672 == Permission.permission_id))\
673 .join((UserGroupMember, UserGroupUserGroupToPerm.user_group_id
674 == UserGroupMember.users_group_id))\
675 .filter(UserGroupMember.user_id == uid)\
676 .all()
677
678 multiple_counter = collections.defaultdict(int)
679 for perm in user_group_user_groups_perms:
680 g_k = perm.UserGroupUserGroupToPerm.target_user_group.users_group_name
681 multiple_counter[g_k] += 1
682 p = perm.Permission.permission_name
683 cur_perm = user.permissions[UK][g_k]
684 if multiple_counter[g_k] > 1:
685 p = _choose_perm(p, cur_perm)
686 user.permissions[UK][g_k] = p
687
667 #user explicit permission for user groups 688 #user explicit permission for user groups
668 user_user_groups_perms = Permission.get_default_user_group_perms(uid) 689 user_user_groups_perms = Permission.get_default_user_group_perms(uid)
669 for perm in user_user_groups_perms: 690 for perm in user_user_groups_perms:
670 u_k = perm.UserUserGroupToPerm.user_group.users_group_name 691 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
671 p = perm.Permission.permission_name 692 p = perm.Permission.permission_name