Show More
| @@ -28,6 +28,7 b' from rhodecode.lib import helpers as h' | |||
|
|
28 | 28 | from rhodecode.lib import audit_logger |
|
|
29 | 29 | from rhodecode.lib.auth import ( |
|
|
30 | 30 | LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired) |
|
|
31 | from rhodecode.model.db import User | |
|
|
31 | 32 | from rhodecode.model.permission import PermissionModel |
|
|
32 | 33 | from rhodecode.model.repo_group import RepoGroupModel |
|
|
33 | 34 | from rhodecode.model.forms import RepoGroupPermsForm |
| @@ -96,7 +97,13 b' class RepoGroupPermissionsView(RepoGroup' | |||
|
|
96 | 97 | |
|
|
97 | 98 | Session().commit() |
|
|
98 | 99 | h.flash(_('Repository Group permissions updated'), category='success') |
|
|
99 | PermissionModel().flush_user_permission_caches(changes) | |
|
|
100 | ||
|
|
101 | affected_user_ids = None | |
|
|
102 | if changes.get('default_user_changed', False): | |
|
|
103 | # if we change the default user, we need to flush everyone permissions | |
|
|
104 | affected_user_ids = [x.user_id for x in User.get_all()] | |
|
|
105 | PermissionModel().flush_user_permission_caches( | |
|
|
106 | changes, affected_user_ids=affected_user_ids) | |
|
|
100 | 107 | |
|
|
101 | 108 | raise HTTPFound( |
|
|
102 | 109 | h.route_path('edit_repo_group_perms', |
| @@ -28,6 +28,7 b' from rhodecode.lib import helpers as h' | |||
|
|
28 | 28 | from rhodecode.lib import audit_logger |
|
|
29 | 29 | from rhodecode.lib.auth import ( |
|
|
30 | 30 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) |
|
|
31 | from rhodecode.model.db import User | |
|
|
31 | 32 | from rhodecode.model.forms import RepoPermsForm |
|
|
32 | 33 | from rhodecode.model.meta import Session |
|
|
33 | 34 | from rhodecode.model.permission import PermissionModel |
| @@ -89,7 +90,12 b' class RepoSettingsPermissionsView(RepoAp' | |||
|
|
89 | 90 | Session().commit() |
|
|
90 | 91 | h.flash(_('Repository access permissions updated'), category='success') |
|
|
91 | 92 | |
|
|
92 | PermissionModel().flush_user_permission_caches(changes) | |
|
|
93 | affected_user_ids = None | |
|
|
94 | if changes.get('default_user_changed', False): | |
|
|
95 | # if we change the default user, we need to flush everyone permissions | |
|
|
96 | affected_user_ids = [x.user_id for x in User.get_all()] | |
|
|
97 | PermissionModel().flush_user_permission_caches( | |
|
|
98 | changes, affected_user_ids=affected_user_ids) | |
|
|
93 | 99 | |
|
|
94 | 100 | raise HTTPFound( |
|
|
95 | 101 | h.route_path('edit_repo_perms', repo_name=self.db_repo_name)) |
| @@ -619,13 +619,26 b' class RepoModel(BaseModel):' | |||
|
|
619 | 619 | changes = { |
|
|
620 | 620 | 'added': [], |
|
|
621 | 621 | 'updated': [], |
|
|
622 | 'deleted': [] | |
|
|
622 | 'deleted': [], | |
|
|
623 | 'default_user_changed': None | |
|
|
623 | 624 | } |
|
|
625 | ||
|
|
626 | repo = self._get_repo(repo) | |
|
|
627 | ||
|
|
624 | 628 | # update permissions |
|
|
625 | 629 | for member_id, perm, member_type in perm_updates: |
|
|
626 | 630 | member_id = int(member_id) |
|
|
627 | 631 | if member_type == 'user': |
|
|
628 | 632 | member_name = User.get(member_id).username |
|
|
633 | if member_name == User.DEFAULT_USER: | |
|
|
634 | # NOTE(dan): detect if we changed permissions for default user | |
|
|
635 | perm_obj = self.sa.query(UserRepoToPerm) \ | |
|
|
636 | .filter(UserRepoToPerm.user_id == member_id) \ | |
|
|
637 | .filter(UserRepoToPerm.repository == repo) \ | |
|
|
638 | .scalar() | |
|
|
639 | if perm_obj and perm_obj.permission.permission_name != perm: | |
|
|
640 | changes['default_user_changed'] = True | |
|
|
641 | ||
|
|
629 | 642 | # this updates also current one if found |
|
|
630 | 643 | self.grant_user_permission( |
|
|
631 | 644 | repo=repo, user=member_id, perm=perm) |
| @@ -353,7 +353,8 b' class RepoGroupModel(BaseModel):' | |||
|
|
353 | 353 | changes = { |
|
|
354 | 354 | 'added': [], |
|
|
355 | 355 | 'updated': [], |
|
|
356 | 'deleted': [] | |
|
|
356 | 'deleted': [], | |
|
|
357 | 'default_user_changed': None | |
|
|
357 | 358 | } |
|
|
358 | 359 | |
|
|
359 | 360 | def _set_perm_user(obj, user, perm): |
| @@ -430,6 +431,15 b' class RepoGroupModel(BaseModel):' | |||
|
|
430 | 431 | member_id = int(member_id) |
|
|
431 | 432 | if member_type == 'user': |
|
|
432 | 433 | member_name = User.get(member_id).username |
|
|
434 | if isinstance(obj, RepoGroup) and obj == repo_group and member_name == User.DEFAULT_USER: | |
|
|
435 | # NOTE(dan): detect if we changed permissions for default user | |
|
|
436 | perm_obj = self.sa.query(UserRepoGroupToPerm) \ | |
|
|
437 | .filter(UserRepoGroupToPerm.user_id == member_id) \ | |
|
|
438 | .filter(UserRepoGroupToPerm.group == repo_group) \ | |
|
|
439 | .scalar() | |
|
|
440 | if perm_obj and perm_obj.permission.permission_name != perm: | |
|
|
441 | changes['default_user_changed'] = True | |
|
|
442 | ||
|
|
433 | 443 | # this updates also current one if found |
|
|
434 | 444 | _set_perm_user(obj, user=member_id, perm=perm) |
|
|
435 | 445 | elif member_type == 'user_group': |
General Comments 0
You need to be logged in to leave comments.
Login now