# HG changeset patch # User Marcin Kuzminski # Date 1331599171 -7200 # Node ID 273ce1a99c3f5a84e77163629c45078eb387dc37 # Parent f47f27a6b54e53525f763b4effbc07d00719dc87 fixed #397 Private repository groups shows up before login - added relevant test for this issue diff -r f47f27a6b54e -r 273ce1a99c3f docs/changelog.rst --- a/docs/changelog.rst Mon Mar 12 21:32:58 2012 +0200 +++ b/docs/changelog.rst Tue Mar 13 02:39:31 2012 +0200 @@ -30,6 +30,7 @@ - fixed error occurring during recursive group creation in API create_repo function - fixed #393 py2.5 fixes for routes url generator +- fixed #397 Private repository groups shows up before login 1.3.3 (**2012-03-02**) ---------------------- diff -r f47f27a6b54e -r 273ce1a99c3f rhodecode/model/user.py --- a/rhodecode/model/user.py Mon Mar 12 21:32:58 2012 +0200 +++ b/rhodecode/model/user.py Tue Mar 13 02:39:31 2012 +0200 @@ -298,14 +298,15 @@ try: if user.username == 'default': raise DefaultUserException( - _("You can't remove this user since it's" - " crucial for entire application")) + _("You can't remove this user since it's" + " crucial for entire application") + ) if user.repositories: - raise UserOwnsReposException(_('This user still owns %s ' - 'repositories and cannot be ' - 'removed. Switch owners or ' - 'remove those repositories') \ - % user.repositories) + raise UserOwnsReposException( + _('user "%s" still owns %s repositories and cannot be ' + 'removed. Switch owners or remove those repositories') + % (user.username, user.repositories) + ) self.sa.delete(user) except: log.error(traceback.format_exc()) @@ -500,7 +501,7 @@ self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\ .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\ - .filter(UserRepoToPerm.user_id == uid)\ + .filter(UserRepoGroupToPerm.user_id == uid)\ .all() for perm in user_repo_groups_perms: @@ -509,7 +510,6 @@ cur_perm = user.permissions[GK][rg_k] if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: user.permissions[GK][rg_k] = p - return user def has_perm(self, user, perm): diff -r f47f27a6b54e -r 273ce1a99c3f rhodecode/tests/test_models.py --- a/rhodecode/tests/test_models.py Mon Mar 12 21:32:58 2012 +0200 +++ b/rhodecode/tests/test_models.py Tue Mar 13 02:39:31 2012 +0200 @@ -430,6 +430,11 @@ username=u'u1', password=u'qweqwe', email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1' ) + self.u2 = UserModel().create_or_update( + username=u'u2', password=u'qweqwe', + email=u'u2@rhodecode.org', name=u'u2', lastname=u'u2' + ) + self.anon = User.get_by_username('default') self.a1 = UserModel().create_or_update( username=u'a1', password=u'qweqwe', email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True @@ -437,7 +442,10 @@ Session.commit() def tearDown(self): + if hasattr(self, 'test_repo'): + RepoModel().delete(repo=self.test_repo) UserModel().delete(self.u1) + UserModel().delete(self.u2) UserModel().delete(self.a1) if hasattr(self, 'g1'): ReposGroupModel().delete(self.g1.group_id) @@ -578,3 +586,75 @@ new_perm_h) self.assertEqual(u1_auth.permissions['repositories_groups'], perms['repositories_groups']) + + def test_repo_in_group_permissions(self): + self.g1 = _make_group('group1', skip_if_exists=True) + self.g2 = _make_group('group2', skip_if_exists=True) + Session.commit() + # both perms should be read ! + u1_auth = AuthUser(user_id=self.u1.user_id) + self.assertEqual(u1_auth.permissions['repositories_groups'], + {u'group1': u'group.read', u'group2': u'group.read'}) + + a1_auth = AuthUser(user_id=self.anon.user_id) + self.assertEqual(a1_auth.permissions['repositories_groups'], + {u'group1': u'group.read', u'group2': u'group.read'}) + + #Change perms to none for both groups + ReposGroupModel().grant_user_permission(repos_group=self.g1, + user=self.anon, + perm='group.none') + ReposGroupModel().grant_user_permission(repos_group=self.g2, + user=self.anon, + perm='group.none') + + u1_auth = AuthUser(user_id=self.u1.user_id) + self.assertEqual(u1_auth.permissions['repositories_groups'], + {u'group1': u'group.none', u'group2': u'group.none'}) + + a1_auth = AuthUser(user_id=self.anon.user_id) + self.assertEqual(a1_auth.permissions['repositories_groups'], + {u'group1': u'group.none', u'group2': u'group.none'}) + + # add repo to group + form_data = { + 'repo_name':HG_REPO, + 'repo_name_full':os.path.join(self.g1.group_name,HG_REPO), + 'repo_type':'hg', + 'clone_uri':'', + 'repo_group':self.g1.group_id, + 'description':'desc', + 'private':False + } + self.test_repo = RepoModel().create(form_data, cur_user=self.u1) + Session.commit() + + u1_auth = AuthUser(user_id=self.u1.user_id) + self.assertEqual(u1_auth.permissions['repositories_groups'], + {u'group1': u'group.none', u'group2': u'group.none'}) + + a1_auth = AuthUser(user_id=self.anon.user_id) + self.assertEqual(a1_auth.permissions['repositories_groups'], + {u'group1': u'group.none', u'group2': u'group.none'}) + + #grant permission for u2 ! + ReposGroupModel().grant_user_permission(repos_group=self.g1, + user=self.u2, + perm='group.read') + ReposGroupModel().grant_user_permission(repos_group=self.g2, + user=self.u2, + perm='group.read') + Session.commit() + self.assertNotEqual(self.u1, self.u2) + #u1 and anon should have not change perms while u2 should ! + u1_auth = AuthUser(user_id=self.u1.user_id) + self.assertEqual(u1_auth.permissions['repositories_groups'], + {u'group1': u'group.none', u'group2': u'group.none'}) + + u2_auth = AuthUser(user_id=self.u2.user_id) + self.assertEqual(u2_auth.permissions['repositories_groups'], + {u'group1': u'group.read', u'group2': u'group.read'}) + + a1_auth = AuthUser(user_id=self.anon.user_id) + self.assertEqual(a1_auth.permissions['repositories_groups'], + {u'group1': u'group.none', u'group2': u'group.none'})