# HG changeset patch # User Marcin Kuzminski # Date 1346715957 -7200 # Node ID 091e99b29fd46eed0252e76c02ec1a2ef8d8d822 # Parent c9baaacb670aad4b830a7f3e33f7331dbf48967e auto-healing of permissions for default user after upgrading from some old versions. diff -r c9baaacb670a -r 091e99b29fd4 docs/changelog.rst --- a/docs/changelog.rst Tue Sep 04 01:07:34 2012 +0200 +++ b/docs/changelog.rst Tue Sep 04 01:45:57 2012 +0200 @@ -5,7 +5,7 @@ ========= -1.4.1 (**2012-XX-XX**) +1.4.1 (**2012-09-04**) ---------------------- :status: in-progress @@ -16,11 +16,17 @@ - always put a comment about code-review status change even if user send empty data +- modified_on column saves repository update and it's going to be used + later for light version of main page ref #500 fixes +++++ -- fixed migrations of permissions that can lead to inconsistency issue +- fixed migrations of permissions that can lead to inconsistency. + Some users sent feedback that after upgrading from older versions issues with updating + default permissions occured. RhodeCode detects that now and resets default user + permission to initial state if there is a need for that. Also forces users to set + the default value for new forking permission. 1.4.0 (**2012-09-03**) diff -r c9baaacb670a -r 091e99b29fd4 rhodecode/lib/db_manage.py --- a/rhodecode/lib/db_manage.py Tue Sep 04 01:07:34 2012 +0200 +++ b/rhodecode/lib/db_manage.py Tue Sep 04 01:45:57 2012 +0200 @@ -255,7 +255,14 @@ Session().add(reg_perm) def step_7(self): - pass + perm_fixes = self.klass.reset_permissions(User.DEFAULT_USER) + Session().commit() + if perm_fixes: + notify('There was an inconsistent state of permissions ' + 'detected for default user. Permissions are now ' + 'reset to the default value for default user. ' + 'Please validate and check default permissions ' + 'in admin panel') upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1) @@ -478,6 +485,28 @@ log.debug('missing default permission for group %s adding' % g) ReposGroupModel()._create_default_perms(g) + def reset_permissions(self, username): + """ + Resets permissions to default state, usefull when old systems had + bad permissions, we must clean them up + + :param username: + :type username: + """ + default_user = User.get_by_username(username) + if not default_user: + return + + u2p = UserToPerm.query()\ + .filter(UserToPerm.user == default_user).all() + fixed = False + if len(u2p) != len(User.DEFAULT_PERMISSIONS): + for p in u2p: + Session().delete(p) + fixed = True + self.populate_default_permissions() + return fixed + def config_prompt(self, test_repo_path='', retries=3, defaults={}): _path = defaults.get('repos_location') if retries == 3: @@ -605,8 +634,7 @@ default_user = User.get_by_username('default') - for def_perm in ['hg.register.manual_activate', 'hg.create.repository', - 'hg.fork.repository', 'repository.read']: + for def_perm in User.DEFAULT_PERMISSIONS: perm = self.sa.query(Permission)\ .filter(Permission.permission_name == def_perm)\ diff -r c9baaacb670a -r 091e99b29fd4 rhodecode/model/db.py --- a/rhodecode/model/db.py Tue Sep 04 01:07:34 2012 +0200 +++ b/rhodecode/model/db.py Tue Sep 04 01:45:57 2012 +0200 @@ -289,7 +289,10 @@ 'mysql_charset': 'utf8'} ) DEFAULT_USER = 'default' - + DEFAULT_PERMISSIONS = [ + 'hg.register.manual_activate', 'hg.create.repository', + 'hg.fork.repository', 'repository.read' + ] user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) password = Column("password", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) diff -r c9baaacb670a -r 091e99b29fd4 rhodecode/model/permission.py --- a/rhodecode/model/permission.py Tue Sep 04 01:07:34 2012 +0200 +++ b/rhodecode/model/permission.py Tue Sep 04 01:45:57 2012 +0200 @@ -77,7 +77,7 @@ form_result['perm_user_name']).scalar() u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all() - if len(u2p) != 4: + if len(u2p) != len(User.DEFAULT_PERMISSIONS): raise Exception('Defined: %s should be 4 permissions for default' ' user. This should not happen please verify' ' your database' % len(u2p))