Mercurial > kallithea
changeset 7506:3abfc5aa0dd7
auth: drop support for different "algorithms" for computing permission
Drop partially implemented support for different permission "algorithms". Only
"higherwin" is used and makes sense - just hardcode that.
| author | Mads Kiilerich <mads@kiilerich.com> |
|---|---|
| date | Sat, 29 Dec 2018 01:48:02 +0100 |
| parents | 5d7a1997a8d9 |
| children | 0f00dfa68205 |
| files | kallithea/lib/auth.py kallithea/tests/models/test_user_permissions_on_repos.py |
| diffstat | 2 files changed, 9 insertions(+), 21 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/lib/auth.py Sat Dec 29 16:17:31 2018 +0100 +++ b/kallithea/lib/auth.py Sat Dec 29 01:48:02 2018 +0100 @@ -133,7 +133,7 @@ def _cached_perms_data(user_id, user_is_admin, user_inherit_default_permissions, - explicit, algo): + explicit): RK = 'repositories' GK = 'repositories_groups' UK = 'user_groups' @@ -144,14 +144,9 @@ def _choose_perm(new_perm, cur_perm): new_perm_val = PERM_WEIGHTS[new_perm] cur_perm_val = PERM_WEIGHTS[cur_perm] - if algo == 'higherwin': - if new_perm_val > cur_perm_val: - return new_perm - return cur_perm - elif algo == 'lowerwin': - if new_perm_val < cur_perm_val: - return new_perm - return cur_perm + if new_perm_val > cur_perm_val: + return new_perm + return cur_perm #====================================================================== # fetch default permissions @@ -289,8 +284,7 @@ #====================================================================== #====================================================================== # check if user is part of user groups for this repository and - # fill in his permission from it. _choose_perm decides of which - # permission should be selected based on selected method + # fill in his permission from it. #====================================================================== # user group for repositories permissions @@ -343,8 +337,7 @@ #====================================================================== #====================================================================== # check if user is part of user groups for this repository groups and - # fill in his permission from it. _choose_perm decides of which - # permission should be selected based on selected method + # fill in his permission from it. #====================================================================== # user group for repo groups permissions user_repo_group_perms_from_users_groups = \ @@ -580,7 +573,7 @@ def api_keys(self): return self._get_api_keys() - def __get_perms(self, user, explicit=True, algo='higherwin', cache=False): + def __get_perms(self, user, explicit=True, cache=False): """ Fills user permission attribute with permissions taken from database works for permissions given for repositories, and for permissions that @@ -590,11 +583,7 @@ :param explicit: In case there are permissions both for user and a group that user is part of, explicit flag will define if user will explicitly override permissions from group, if it's False it will - make decision based on the algo - :param algo: algorithm to decide what permission should be choose if - it's multiple defined, eg user in two different groups. It also - decides if explicit flag is turned off how to specify the permission - for case when user is in a group + have defined separate permission + compute the decision """ user_id = user.user_id user_is_admin = user.is_admin @@ -604,7 +593,7 @@ compute = conditional_cache('short_term', 'cache_desc', condition=cache, func=_cached_perms_data) return compute(user_id, user_is_admin, - user_inherit_default_permissions, explicit, algo) + user_inherit_default_permissions, explicit) def _get_api_keys(self): api_keys = [self.api_key]