##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
api: add consistent permissions_summary data for both user and user_groups that expose...
marcink -
r2437:31460ef8 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -115,7 +115,9 b' def get_user(request, apiuser, userid=Op'
115
115
116 user = get_user_or_error(userid)
116 user = get_user_or_error(userid)
117 data = user.get_api_data(include_secrets=True)
117 data = user.get_api_data(include_secrets=True)
118 data['permissions'] = AuthUser(user_id=user.user_id).permissions
118 permissions = AuthUser(user_id=user.user_id).permissions
119 data['permissions'] = permissions # TODO(marcink): should be deprecated
120 data['permissions_summary'] = permissions
119 return data
121 return data
120
122
121
123
Show file before | Show file after | Hide comments
@@ -120,7 +120,8 b' def get_user_group(request, apiuser, use'
120
120
121 data = user_group.get_api_data()
121 data = user_group.get_api_data()
122 data["permissions"] = permissions
122 data["permissions"] = permissions
123
123 data["Permissions_summary"] = UserGroupModel().get_perms_summary(
124 user_group.users_group_id)
124 return data
125 return data
125
126
126
127
Show file before | Show file after | Hide comments
@@ -40,8 +40,7 b' from rhodecode.lib.auth import ('
40 LoginRequired, HasUserGroupPermissionAnyDecorator, CSRFRequired)
40 LoginRequired, HasUserGroupPermissionAnyDecorator, CSRFRequired)
41 from rhodecode.lib import helpers as h, audit_logger
41 from rhodecode.lib import helpers as h, audit_logger
42 from rhodecode.lib.utils2 import str2bool
42 from rhodecode.lib.utils2 import str2bool
43 from rhodecode.model.db import (
43 from rhodecode.model.db import User
44 joinedload, User, UserGroupRepoToPerm, UserGroupRepoGroupToPerm)
45 from rhodecode.model.meta import Session
44 from rhodecode.model.meta import Session
46 from rhodecode.model.user_group import UserGroupModel
45 from rhodecode.model.user_group import UserGroupModel
47
46
@@ -56,35 +55,8 b' class UserGroupsView(UserGroupAppView):'
56 PermissionModel().set_global_permission_choices(
55 PermissionModel().set_global_permission_choices(
57 c, gettext_translator=self.request.translate)
56 c, gettext_translator=self.request.translate)
58
57
59
60 return c
58 return c
61
59
62 def _get_perms_summary(self, user_group_id):
63 permissions = {
64 'repositories': {},
65 'repositories_groups': {},
66 }
67 ugroup_repo_perms = UserGroupRepoToPerm.query()\
68 .options(joinedload(UserGroupRepoToPerm.permission))\
69 .options(joinedload(UserGroupRepoToPerm.repository))\
70 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
71 .all()
72
73 for gr in ugroup_repo_perms:
74 permissions['repositories'][gr.repository.repo_name] \
75 = gr.permission.permission_name
76
77 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
78 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
79 .options(joinedload(UserGroupRepoGroupToPerm.group))\
80 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
81 .all()
82
83 for gr in ugroup_group_perms:
84 permissions['repositories_groups'][gr.group.group_name] \
85 = gr.permission.permission_name
86 return permissions
87
88 @LoginRequired()
60 @LoginRequired()
89 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
61 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
90 @view_config(
62 @view_config(
@@ -127,7 +99,8 b' class UserGroupsView(UserGroupAppView):'
127 c = self.load_default_context()
99 c = self.load_default_context()
128 c.user_group = self.db_user_group
100 c.user_group = self.db_user_group
129 c.active = 'perms_summary'
101 c.active = 'perms_summary'
130 c.permissions = self._get_perms_summary(c.user_group.users_group_id)
102 c.permissions = UserGroupModel().get_perms_summary(
103 c.user_group.users_group_id)
131 return self._get_template_context(c)
104 return self._get_template_context(c)
132
105
133 @LoginRequired()
106 @LoginRequired()
@@ -138,7 +111,7 b' class UserGroupsView(UserGroupAppView):'
138 def user_group_perms_summary_json(self):
111 def user_group_perms_summary_json(self):
139 self.load_default_context()
112 self.load_default_context()
140 user_group = self.db_user_group
113 user_group = self.db_user_group
141 return self._get_perms_summary(user_group.users_group_id)
114 return UserGroupModel().get_perms_summary(user_group.users_group_id)
142
115
143 def _revoke_perms_on_yourself(self, form_result):
116 def _revoke_perms_on_yourself(self, form_result):
144 _updates = filter(lambda u: self._rhodecode_user.user_id == int(u[0]),
117 _updates = filter(lambda u: self._rhodecode_user.user_id == int(u[0]),
Show file before | Show file after | Hide comments
@@ -29,7 +29,7 b' from rhodecode.lib.utils2 import ('
29 from rhodecode.model import BaseModel
29 from rhodecode.model import BaseModel
30 from rhodecode.model.scm import UserGroupList
30 from rhodecode.model.scm import UserGroupList
31 from rhodecode.model.db import (
31 from rhodecode.model.db import (
32 true, func, User, UserGroupMember, UserGroup,
32 joinedload, true, func, User, UserGroupMember, UserGroup,
33 UserGroupRepoToPerm, Permission, UserGroupToPerm, UserUserGroupToPerm,
33 UserGroupRepoToPerm, Permission, UserGroupToPerm, UserUserGroupToPerm,
34 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm)
34 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm)
35
35
@@ -502,6 +502,32 b' class UserGroupModel(BaseModel):'
502 user_group, target_user_group),
502 user_group, target_user_group),
503 namespace='security.repogroup')
503 namespace='security.repogroup')
504
504
505 def get_perms_summary(self, user_group_id):
506 permissions = {
507 'repositories': {},
508 'repositories_groups': {},
509 }
510 ugroup_repo_perms = UserGroupRepoToPerm.query()\
511 .options(joinedload(UserGroupRepoToPerm.permission))\
512 .options(joinedload(UserGroupRepoToPerm.repository))\
513 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
514 .all()
515
516 for gr in ugroup_repo_perms:
517 permissions['repositories'][gr.repository.repo_name] \
518 = gr.permission.permission_name
519
520 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
521 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
522 .options(joinedload(UserGroupRepoGroupToPerm.group))\
523 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
524 .all()
525
526 for gr in ugroup_group_perms:
527 permissions['repositories_groups'][gr.group.group_name] \
528 = gr.permission.permission_name
529 return permissions
530
505 def enforce_groups(self, user, groups, extern_type=None):
531 def enforce_groups(self, user, groups, extern_type=None):
506 user = self._get_user(user)
532 user = self._get_user(user)
507 current_groups = user.group_member
533 current_groups = user.group_member
General Comments 0
You need to be logged in to leave comments. Login now