diff --git a/rhodecode/lib/dbmigrate/utils.py b/rhodecode/lib/dbmigrate/utils.py new file mode 100644 --- /dev/null +++ b/rhodecode/lib/dbmigrate/utils.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- + +# Copyright (C) 2010-2017 RhodeCode GmbH +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License, version 3 +# (only), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . +# +# This program is dual-licensed. If you wish to learn more about the +# RhodeCode Enterprise Edition, including its added features, Support services, +# and proprietary license terms, please see https://rhodecode.com/licenses/ + +import logging + +log = logging.getLogger(__name__) + + +def create_default_permissions(_SESSION, db): + for p in db.Permission.PERMS: + if not db.Permission.get_by_key(p[0]): + new_perm = db.Permission() + new_perm.permission_name = p[0] + new_perm.permission_longname = p[0] # translation err with p[1] + _SESSION().add(new_perm) + + +def create_default_object_permission(_SESSION, db): + + obj = db.User.get_by_username(db.User.DEFAULT_USER) + obj_perms = db.UserToPerm.query().filter(db.UserToPerm.user == obj).all() + + def _get_group(perm_name): + return '.'.join(perm_name.split('.')[:1]) + + defined_perms_groups = map( + _get_group, (x.permission.permission_name for x in obj_perms)) + log.debug('GOT ALREADY DEFINED:%s', obj_perms) + + # for every default permission that needs to be created, we check if + # it's group is already defined, if it's not we create default perm + for perm_name in db.Permission.DEFAULT_USER_PERMISSIONS: + gr = _get_group(perm_name) + if gr not in defined_perms_groups: + log.debug('GR:%s not found, creating permission %s', gr, perm_name) + new_perm = db.UserToPerm() + new_perm.user = obj + new_perm.permission = db.Permission.get_by_key(perm_name) + _SESSION().add(new_perm) diff --git a/rhodecode/lib/dbmigrate/versions/040_version_3_0_0.py b/rhodecode/lib/dbmigrate/versions/040_version_3_0_0.py --- a/rhodecode/lib/dbmigrate/versions/040_version_3_0_0.py +++ b/rhodecode/lib/dbmigrate/versions/040_version_3_0_0.py @@ -1,20 +1,11 @@ import logging -import datetime from sqlalchemy import * -from sqlalchemy.exc import DatabaseError -from sqlalchemy.orm import relation, backref, class_mapper, joinedload -from sqlalchemy.orm.session import Session -from sqlalchemy.ext.declarative import declarative_base -from rhodecode.lib.dbmigrate.migrate import * -from rhodecode.lib.dbmigrate.migrate.changeset import * -from rhodecode.lib.utils2 import str2bool - -from rhodecode.model.meta import Base from rhodecode.model import meta from rhodecode.lib.dbmigrate.versions import _reset_base, notify - +from rhodecode.lib.dbmigrate.utils import ( + create_default_object_permission, create_default_permissions) log = logging.getLogger(__name__) @@ -36,12 +27,13 @@ def downgrade(migrate_engine): def fixups(models, _SESSION): - # ** create default permissions ** # - from rhodecode.model.permission import PermissionModel - PermissionModel(_SESSION()).create_permissions() + # create default permissions + create_default_permissions(_SESSION, models) + log.info('created default global permissions definitions') _SESSION().commit() - res = PermissionModel(_SESSION()).create_default_user_permissions( - models.User.DEFAULT_USER) - log.info('created default permission %s', res) + # fix default object permissions + create_default_object_permission(_SESSION, models) + + log.info('created default permission') _SESSION().commit() diff --git a/rhodecode/lib/dbmigrate/versions/061_version_4_5_0.py b/rhodecode/lib/dbmigrate/versions/061_version_4_5_0.py --- a/rhodecode/lib/dbmigrate/versions/061_version_4_5_0.py +++ b/rhodecode/lib/dbmigrate/versions/061_version_4_5_0.py @@ -1,20 +1,10 @@ import logging -import datetime from sqlalchemy import * -from sqlalchemy.exc import DatabaseError -from sqlalchemy.orm import relation, backref, class_mapper, joinedload -from sqlalchemy.orm.session import Session -from sqlalchemy.ext.declarative import declarative_base - -from rhodecode.lib.dbmigrate.migrate import * -from rhodecode.lib.dbmigrate.migrate.changeset import * -from rhodecode.lib.utils2 import str2bool - -from rhodecode.model.meta import Base from rhodecode.model import meta from rhodecode.lib.dbmigrate.versions import _reset_base, notify - +from rhodecode.lib.dbmigrate.utils import ( + create_default_object_permission, create_default_permissions) log = logging.getLogger(__name__) @@ -28,15 +18,20 @@ def upgrade(migrate_engine): fixups(db_4_5_0_0, meta.Session) + def downgrade(migrate_engine): meta = MetaData() meta.bind = migrate_engine + def fixups(models, _SESSION): - # ** create default permissions ** # - from rhodecode.model.permission import PermissionModel - PermissionModel(_SESSION()).create_permissions() + # create default permissions + create_default_permissions(_SESSION, models) + log.info('created default global permissions definitions') + _SESSION().commit() - res = PermissionModel(_SESSION()).create_default_user_permissions( - models.User.DEFAULT_USER) + # fix default object permissions + create_default_object_permission(_SESSION, models) + + log.info('created default permission') _SESSION().commit()