##// END OF EJS Templates
permissions: properly flush user cache permissions in more cases of permission changes....
marcink -
r3824:49be3910 stable
parent child
Show More
@@ -43,6 +43,7 from rhodecode.model.comment import Comm
43 from rhodecode.model.db import (
43 from rhodecode.model.db import (
44 Session, ChangesetStatus, RepositoryField, Repository, RepoGroup,
44 Session, ChangesetStatus, RepositoryField, Repository, RepoGroup,
45 ChangesetComment)
45 ChangesetComment)
46 from rhodecode.model.permission import PermissionModel
46 from rhodecode.model.repo import RepoModel
47 from rhodecode.model.repo import RepoModel
47 from rhodecode.model.scm import ScmModel, RepoList
48 from rhodecode.model.scm import ScmModel, RepoList
48 from rhodecode.model.settings import SettingsModel, VcsSettingsModel
49 from rhodecode.model.settings import SettingsModel, VcsSettingsModel
@@ -1771,8 +1772,9 def grant_user_permission(request, apius
1771 }
1772 }
1772 audit_logger.store_api(
1773 audit_logger.store_api(
1773 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1774 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1775 Session().commit()
1776 PermissionModel().flush_user_permission_caches(changes)
1774
1777
1775 Session().commit()
1776 return {
1778 return {
1777 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % (
1779 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % (
1778 perm.permission_name, user.username, repo.repo_name
1780 perm.permission_name, user.username, repo.repo_name
@@ -1833,8 +1835,9 def revoke_user_permission(request, apiu
1833 }
1835 }
1834 audit_logger.store_api(
1836 audit_logger.store_api(
1835 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1837 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1838 Session().commit()
1839 PermissionModel().flush_user_permission_caches(changes)
1836
1840
1837 Session().commit()
1838 return {
1841 return {
1839 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % (
1842 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % (
1840 user.username, repo.repo_name
1843 user.username, repo.repo_name
@@ -1919,8 +1922,9 def grant_user_group_permission(request,
1919 }
1922 }
1920 audit_logger.store_api(
1923 audit_logger.store_api(
1921 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1924 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1925 Session().commit()
1926 PermissionModel().flush_user_permission_caches(changes)
1922
1927
1923 Session().commit()
1924 return {
1928 return {
1925 'msg': 'Granted perm: `%s` for user group: `%s` in '
1929 'msg': 'Granted perm: `%s` for user group: `%s` in '
1926 'repo: `%s`' % (
1930 'repo: `%s`' % (
@@ -1992,8 +1996,9 def revoke_user_group_permission(request
1992 }
1996 }
1993 audit_logger.store_api(
1997 audit_logger.store_api(
1994 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1998 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1999 Session().commit()
2000 PermissionModel().flush_user_permission_caches(changes)
1995
2001
1996 Session().commit()
1997 return {
2002 return {
1998 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % (
2003 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % (
1999 user_group.users_group_name, repo.repo_name
2004 user_group.users_group_name, repo.repo_name
@@ -31,6 +31,7 from rhodecode.lib import audit_logger
31 from rhodecode.lib.auth import (
31 from rhodecode.lib.auth import (
32 HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi)
32 HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi)
33 from rhodecode.model.db import Session
33 from rhodecode.model.db import Session
34 from rhodecode.model.permission import PermissionModel
34 from rhodecode.model.repo_group import RepoGroupModel
35 from rhodecode.model.repo_group import RepoGroupModel
35 from rhodecode.model.scm import RepoGroupList
36 from rhodecode.model.scm import RepoGroupList
36 from rhodecode.model import validation_schema
37 from rhodecode.model import validation_schema
@@ -465,8 +466,9 def grant_user_permission_to_repo_group(
465 audit_logger.store_api(
466 audit_logger.store_api(
466 'repo_group.edit.permissions', action_data=action_data,
467 'repo_group.edit.permissions', action_data=action_data,
467 user=apiuser)
468 user=apiuser)
469 Session().commit()
470 PermissionModel().flush_user_permission_caches(changes)
468
471
469 Session().commit()
470 return {
472 return {
471 'msg': 'Granted perm: `%s` (recursive:%s) for user: '
473 'msg': 'Granted perm: `%s` (recursive:%s) for user: '
472 '`%s` in repo group: `%s`' % (
474 '`%s` in repo group: `%s`' % (
@@ -548,8 +550,9 def revoke_user_permission_from_repo_gro
548 audit_logger.store_api(
550 audit_logger.store_api(
549 'repo_group.edit.permissions', action_data=action_data,
551 'repo_group.edit.permissions', action_data=action_data,
550 user=apiuser)
552 user=apiuser)
553 Session().commit()
554 PermissionModel().flush_user_permission_caches(changes)
551
555
552 Session().commit()
553 return {
556 return {
554 'msg': 'Revoked perm (recursive:%s) for user: '
557 'msg': 'Revoked perm (recursive:%s) for user: '
555 '`%s` in repo group: `%s`' % (
558 '`%s` in repo group: `%s`' % (
@@ -641,8 +644,9 def grant_user_group_permission_to_repo_
641 audit_logger.store_api(
644 audit_logger.store_api(
642 'repo_group.edit.permissions', action_data=action_data,
645 'repo_group.edit.permissions', action_data=action_data,
643 user=apiuser)
646 user=apiuser)
647 Session().commit()
648 PermissionModel().flush_user_permission_caches(changes)
644
649
645 Session().commit()
646 return {
650 return {
647 'msg': 'Granted perm: `%s` (recursive:%s) '
651 'msg': 'Granted perm: `%s` (recursive:%s) '
648 'for user group: `%s` in repo group: `%s`' % (
652 'for user group: `%s` in repo group: `%s`' % (
@@ -733,8 +737,9 def revoke_user_group_permission_from_re
733 audit_logger.store_api(
737 audit_logger.store_api(
734 'repo_group.edit.permissions', action_data=action_data,
738 'repo_group.edit.permissions', action_data=action_data,
735 user=apiuser)
739 user=apiuser)
740 Session().commit()
741 PermissionModel().flush_user_permission_caches(changes)
736
742
737 Session().commit()
738 return {
743 return {
739 'msg': 'Revoked perm (recursive:%s) for user group: '
744 'msg': 'Revoked perm (recursive:%s) for user group: '
740 '`%s` in repo group: `%s`' % (
745 '`%s` in repo group: `%s`' % (
@@ -29,6 +29,7 from rhodecode.lib import audit_logger
29 from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi
29 from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi
30 from rhodecode.lib.exceptions import UserGroupAssignedException
30 from rhodecode.lib.exceptions import UserGroupAssignedException
31 from rhodecode.model.db import Session
31 from rhodecode.model.db import Session
32 from rhodecode.model.permission import PermissionModel
32 from rhodecode.model.scm import UserGroupList
33 from rhodecode.model.scm import UserGroupList
33 from rhodecode.model.user_group import UserGroupModel
34 from rhodecode.model.user_group import UserGroupModel
34 from rhodecode.model import validation_schema
35 from rhodecode.model import validation_schema
@@ -266,6 +267,10 def create_user_group(
266 'user_group.create', action_data={'data': creation_data},
267 'user_group.create', action_data={'data': creation_data},
267 user=apiuser)
268 user=apiuser)
268 Session().commit()
269 Session().commit()
270
271 affected_user_ids = [apiuser.user_id, owner.user_id]
272 PermissionModel().trigger_permission_flush(affected_user_ids)
273
269 return {
274 return {
270 'msg': 'created new user group `%s`' % group_name,
275 'msg': 'created new user group `%s`' % group_name,
271 'user_group': creation_data
276 'user_group': creation_data
@@ -649,8 +654,9 def grant_user_permission_to_user_group(
649 audit_logger.store_api(
654 audit_logger.store_api(
650 'user_group.edit.permissions', action_data=action_data,
655 'user_group.edit.permissions', action_data=action_data,
651 user=apiuser)
656 user=apiuser)
657 Session().commit()
658 PermissionModel().flush_user_permission_caches(changes)
652
659
653 Session().commit()
654 return {
660 return {
655 'msg':
661 'msg':
656 'Granted perm: `%s` for user: `%s` in user group: `%s`' % (
662 'Granted perm: `%s` for user: `%s` in user group: `%s`' % (
@@ -718,8 +724,9 def revoke_user_permission_from_user_gro
718 audit_logger.store_api(
724 audit_logger.store_api(
719 'user_group.edit.permissions', action_data=action_data,
725 'user_group.edit.permissions', action_data=action_data,
720 user=apiuser)
726 user=apiuser)
727 Session().commit()
728 PermissionModel().flush_user_permission_caches(changes)
721
729
722 Session().commit()
723 return {
730 return {
724 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % (
731 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % (
725 user.username, user_group.users_group_name
732 user.username, user_group.users_group_name
@@ -795,8 +802,9 def grant_user_group_permission_to_user_
795 audit_logger.store_api(
802 audit_logger.store_api(
796 'user_group.edit.permissions', action_data=action_data,
803 'user_group.edit.permissions', action_data=action_data,
797 user=apiuser)
804 user=apiuser)
805 Session().commit()
806 PermissionModel().flush_user_permission_caches(changes)
798
807
799 Session().commit()
800 return {
808 return {
801 'msg': 'Granted perm: `%s` for user group: `%s` '
809 'msg': 'Granted perm: `%s` for user group: `%s` '
802 'in user group: `%s`' % (
810 'in user group: `%s`' % (
@@ -873,8 +881,8 def revoke_user_group_permission_from_us
873 audit_logger.store_api(
881 audit_logger.store_api(
874 'user_group.edit.permissions', action_data=action_data,
882 'user_group.edit.permissions', action_data=action_data,
875 user=apiuser)
883 user=apiuser)
876
877 Session().commit()
884 Session().commit()
885 PermissionModel().flush_user_permission_caches(changes)
878
886
879 return {
887 return {
880 'msg': 'Revoked perm for user group: '
888 'msg': 'Revoked perm for user group: '
@@ -142,7 +142,7 class AdminPermissionsView(BaseAppView,
142 category='error')
142 category='error')
143
143
144 affected_user_ids = [User.get_default_user().user_id]
144 affected_user_ids = [User.get_default_user().user_id]
145 events.trigger(events.UserPermissionsChange(affected_user_ids))
145 PermissionModel().trigger_permission_flush(affected_user_ids)
146
146
147 raise HTTPFound(h.route_path('admin_permissions_application'))
147 raise HTTPFound(h.route_path('admin_permissions_application'))
148
148
@@ -218,7 +218,7 class AdminPermissionsView(BaseAppView,
218 category='error')
218 category='error')
219
219
220 affected_user_ids = [User.get_default_user().user_id]
220 affected_user_ids = [User.get_default_user().user_id]
221 events.trigger(events.UserPermissionsChange(affected_user_ids))
221 PermissionModel().trigger_permission_flush(affected_user_ids)
222
222
223 raise HTTPFound(h.route_path('admin_permissions_object'))
223 raise HTTPFound(h.route_path('admin_permissions_object'))
224
224
@@ -320,7 +320,7 class AdminPermissionsView(BaseAppView,
320 category='error')
320 category='error')
321
321
322 affected_user_ids = [User.get_default_user().user_id]
322 affected_user_ids = [User.get_default_user().user_id]
323 events.trigger(events.UserPermissionsChange(affected_user_ids))
323 PermissionModel().trigger_permission_flush(affected_user_ids)
324
324
325 raise HTTPFound(h.route_path('admin_permissions_global'))
325 raise HTTPFound(h.route_path('admin_permissions_global'))
326
326
@@ -36,6 +36,7 from rhodecode.lib.auth import (
36 from rhodecode.lib import helpers as h, audit_logger
36 from rhodecode.lib import helpers as h, audit_logger
37 from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time
37 from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time
38 from rhodecode.model.forms import RepoGroupForm
38 from rhodecode.model.forms import RepoGroupForm
39 from rhodecode.model.permission import PermissionModel
39 from rhodecode.model.repo_group import RepoGroupModel
40 from rhodecode.model.repo_group import RepoGroupModel
40 from rhodecode.model.scm import RepoGroupList
41 from rhodecode.model.scm import RepoGroupList
41 from rhodecode.model.db import (
42 from rhodecode.model.db import (
@@ -354,7 +355,7 class AdminRepoGroupsView(BaseAppView, D
354 copy_perms = [perm['user_id'] for perm in user_group_perms]
355 copy_perms = [perm['user_id'] for perm in user_group_perms]
355 # also include those newly created by copy
356 # also include those newly created by copy
356 affected_user_ids.extend(copy_perms)
357 affected_user_ids.extend(copy_perms)
357 events.trigger(events.UserPermissionsChange(affected_user_ids))
358 PermissionModel().trigger_permission_flush(affected_user_ids)
358
359
359 raise HTTPFound(
360 raise HTTPFound(
360 h.route_path('repo_group_home',
361 h.route_path('repo_group_home',
@@ -39,6 +39,7 from rhodecode.lib import helpers as h
39 from rhodecode.lib.utils import repo_name_slug
39 from rhodecode.lib.utils import repo_name_slug
40 from rhodecode.lib.utils2 import safe_int, safe_unicode
40 from rhodecode.lib.utils2 import safe_int, safe_unicode
41 from rhodecode.model.forms import RepoForm
41 from rhodecode.model.forms import RepoForm
42 from rhodecode.model.permission import PermissionModel
42 from rhodecode.model.repo import RepoModel
43 from rhodecode.model.repo import RepoModel
43 from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel
44 from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel
44 from rhodecode.model.settings import SettingsModel
45 from rhodecode.model.settings import SettingsModel
@@ -182,7 +183,7 class AdminReposView(BaseAppView, DataGr
182 if copy_permissions:
183 if copy_permissions:
183 # permission flush is done in repo creating
184 # permission flush is done in repo creating
184 pass
185 pass
185 events.trigger(events.UserPermissionsChange(affected_user_ids))
186 PermissionModel().trigger_permission_flush(affected_user_ids)
186
187
187 raise HTTPFound(
188 raise HTTPFound(
188 h.route_path('repo_creating', repo_name=repo_name,
189 h.route_path('repo_creating', repo_name=repo_name,
@@ -266,6 +266,8 class AdminUserGroupsView(BaseAppView, D
266 % user_group_name, category='error')
266 % user_group_name, category='error')
267 raise HTTPFound(h.route_path('user_groups_new'))
267 raise HTTPFound(h.route_path('user_groups_new'))
268
268
269 events.trigger(events.UserPermissionsChange([self._rhodecode_user.user_id]))
269 affected_user_ids = [self._rhodecode_user.user_id]
270 PermissionModel().trigger_permission_flush(affected_user_ids)
271
270 raise HTTPFound(
272 raise HTTPFound(
271 h.route_path('edit_user_group', user_group_id=user_group_id))
273 h.route_path('edit_user_group', user_group_id=user_group_id))
@@ -597,7 +597,7 class UsersView(UserAppView):
597 category='error')
597 category='error')
598
598
599 affected_user_ids = [user_id]
599 affected_user_ids = [user_id]
600 events.trigger(events.UserPermissionsChange(affected_user_ids))
600 PermissionModel().trigger_permission_flush(affected_user_ids)
601 raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id))
601 raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id))
602
602
603 @LoginRequired()
603 @LoginRequired()
@@ -23,14 +23,12 import logging
23 from pyramid.view import view_config
23 from pyramid.view import view_config
24 from pyramid.httpexceptions import HTTPFound
24 from pyramid.httpexceptions import HTTPFound
25
25
26 from rhodecode import events
27 from rhodecode.apps._base import RepoGroupAppView
26 from rhodecode.apps._base import RepoGroupAppView
28 from rhodecode.lib import helpers as h
27 from rhodecode.lib import helpers as h
29 from rhodecode.lib import audit_logger
28 from rhodecode.lib import audit_logger
30 from rhodecode.lib.auth import (
29 from rhodecode.lib.auth import (
31 LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
30 LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
32 from rhodecode.lib.utils2 import safe_int
31 from rhodecode.model.permission import PermissionModel
33 from rhodecode.model.db import UserGroup
34 from rhodecode.model.repo_group import RepoGroupModel
32 from rhodecode.model.repo_group import RepoGroupModel
35 from rhodecode.model.forms import RepoGroupPermsForm
33 from rhodecode.model.forms import RepoGroupPermsForm
36 from rhodecode.model.meta import Session
34 from rhodecode.model.meta import Session
@@ -98,18 +96,7 class RepoGroupPermissionsView(RepoGroup
98
96
99 Session().commit()
97 Session().commit()
100 h.flash(_('Repository Group permissions updated'), category='success')
98 h.flash(_('Repository Group permissions updated'), category='success')
101
99 PermissionModel().flush_user_permission_caches(changes)
102 affected_user_ids = []
103 for change in changes['added'] + changes['updated'] + changes['deleted']:
104 if change['type'] == 'user':
105 affected_user_ids.append(change['id'])
106 if change['type'] == 'user_group':
107 user_group = UserGroup.get(safe_int(change['id']))
108 if user_group:
109 group_members_ids = [x.user_id for x in user_group.members]
110 affected_user_ids.extend(group_members_ids)
111
112 events.trigger(events.UserPermissionsChange(affected_user_ids))
113
100
114 raise HTTPFound(
101 raise HTTPFound(
115 h.route_path('edit_repo_group_perms',
102 h.route_path('edit_repo_group_perms',
@@ -33,6 +33,7 from rhodecode.lib.auth import (
33 LoginRequired, HasPermissionAll,
33 LoginRequired, HasPermissionAll,
34 HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
34 HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
35 from rhodecode.model.db import Session, RepoGroup, User
35 from rhodecode.model.db import Session, RepoGroup, User
36 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.scm import RepoGroupList
37 from rhodecode.model.scm import RepoGroupList
37 from rhodecode.model.repo_group import RepoGroupModel
38 from rhodecode.model.repo_group import RepoGroupModel
38 from rhodecode.model.validation_schema.schemas import repo_group_schema
39 from rhodecode.model.validation_schema.schemas import repo_group_schema
@@ -187,7 +188,7 class RepoGroupSettingsView(RepoGroupApp
187 owner = User.get_by_username(schema_data['repo_group_owner'])
188 owner = User.get_by_username(schema_data['repo_group_owner'])
188 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
189 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
189 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
190 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
190 events.trigger(events.UserPermissionsChange(affected_user_ids))
191 PermissionModel().trigger_permission_flush(affected_user_ids)
191
192
192 raise HTTPFound(
193 raise HTTPFound(
193 h.route_path('edit_repo_group', repo_group_name=new_repo_group_name))
194 h.route_path('edit_repo_group', repo_group_name=new_repo_group_name))
@@ -28,6 +28,7 from rhodecode.apps._base import BaseApp
28 from rhodecode.lib import helpers as h
28 from rhodecode.lib import helpers as h
29 from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny)
29 from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny)
30 from rhodecode.model.db import Repository
30 from rhodecode.model.db import Repository
31 from rhodecode.model.permission import PermissionModel
31 from rhodecode.model.validation_schema.types import RepoNameType
32 from rhodecode.model.validation_schema.types import RepoNameType
32
33
33 log = logging.getLogger(__name__)
34 log = logging.getLogger(__name__)
@@ -122,4 +123,4 class RepoChecksView(BaseAppView):
122 # repo is finished and created, we flush the permissions now
123 # repo is finished and created, we flush the permissions now
123 user_group_perms = db_repo.permissions(expand_from_user_groups=True)
124 user_group_perms = db_repo.permissions(expand_from_user_groups=True)
124 affected_user_ids = [perm['user_id'] for perm in user_group_perms]
125 affected_user_ids = [perm['user_id'] for perm in user_group_perms]
125 events.trigger(events.UserPermissionsChange(affected_user_ids))
126 PermissionModel().trigger_permission_flush(affected_user_ids)
@@ -36,6 +36,7 from rhodecode.lib.auth import (
36 import rhodecode.lib.helpers as h
36 import rhodecode.lib.helpers as h
37 from rhodecode.lib.celerylib.utils import get_task_id
37 from rhodecode.lib.celerylib.utils import get_task_id
38 from rhodecode.model.db import coalesce, or_, Repository, RepoGroup
38 from rhodecode.model.db import coalesce, or_, Repository, RepoGroup
39 from rhodecode.model.permission import PermissionModel
39 from rhodecode.model.repo import RepoModel
40 from rhodecode.model.repo import RepoModel
40 from rhodecode.model.forms import RepoForkForm
41 from rhodecode.model.forms import RepoForkForm
41 from rhodecode.model.scm import ScmModel, RepoGroupList
42 from rhodecode.model.scm import ScmModel, RepoGroupList
@@ -259,7 +260,7 class RepoForksView(RepoAppView, DataGri
259 # permission flush is done in repo creating
260 # permission flush is done in repo creating
260 pass
261 pass
261
262
262 events.trigger(events.UserPermissionsChange(affected_user_ids))
263 PermissionModel().trigger_permission_flush(affected_user_ids)
263
264
264 raise HTTPFound(
265 raise HTTPFound(
265 h.route_path('repo_creating', repo_name=repo_name,
266 h.route_path('repo_creating', repo_name=repo_name,
@@ -23,16 +23,14 import logging
23 from pyramid.httpexceptions import HTTPFound
23 from pyramid.httpexceptions import HTTPFound
24 from pyramid.view import view_config
24 from pyramid.view import view_config
25
25
26 from rhodecode import events
27 from rhodecode.apps._base import RepoAppView
26 from rhodecode.apps._base import RepoAppView
28 from rhodecode.lib import helpers as h
27 from rhodecode.lib import helpers as h
29 from rhodecode.lib import audit_logger
28 from rhodecode.lib import audit_logger
30 from rhodecode.lib.auth import (
29 from rhodecode.lib.auth import (
31 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
30 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
32 from rhodecode.lib.utils2 import safe_int
33 from rhodecode.model.db import UserGroup
34 from rhodecode.model.forms import RepoPermsForm
31 from rhodecode.model.forms import RepoPermsForm
35 from rhodecode.model.meta import Session
32 from rhodecode.model.meta import Session
33 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.repo import RepoModel
34 from rhodecode.model.repo import RepoModel
37
35
38 log = logging.getLogger(__name__)
36 log = logging.getLogger(__name__)
@@ -91,17 +89,7 class RepoSettingsPermissionsView(RepoAp
91 Session().commit()
89 Session().commit()
92 h.flash(_('Repository permissions updated'), category='success')
90 h.flash(_('Repository permissions updated'), category='success')
93
91
94 affected_user_ids = []
92 PermissionModel().flush_user_permission_caches(changes)
95 for change in changes['added'] + changes['updated'] + changes['deleted']:
96 if change['type'] == 'user':
97 affected_user_ids.append(change['id'])
98 if change['type'] == 'user_group':
99 user_group = UserGroup.get(safe_int(change['id']))
100 if user_group:
101 group_members_ids = [x.user_id for x in user_group.members]
102 affected_user_ids.extend(group_members_ids)
103
104 events.trigger(events.UserPermissionsChange(affected_user_ids))
105
93
106 raise HTTPFound(
94 raise HTTPFound(
107 h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
95 h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
@@ -33,6 +33,7 from rhodecode.lib.auth import (
33 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
33 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
34 from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User
34 from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User
35 from rhodecode.model.meta import Session
35 from rhodecode.model.meta import Session
36 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.repo import RepoModel
37 from rhodecode.model.repo import RepoModel
37 from rhodecode.model.scm import RepoGroupList, ScmModel
38 from rhodecode.model.scm import RepoGroupList, ScmModel
38 from rhodecode.model.validation_schema.schemas import repo_schema
39 from rhodecode.model.validation_schema.schemas import repo_schema
@@ -184,7 +185,7 class RepoSettingsView(RepoAppView):
184 owner = User.get_by_username(schema_data['repo_owner'])
185 owner = User.get_by_username(schema_data['repo_owner'])
185 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
186 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
186 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
187 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
187 events.trigger(events.UserPermissionsChange(affected_user_ids))
188 PermissionModel().trigger_permission_flush(affected_user_ids)
188
189
189 raise HTTPFound(
190 raise HTTPFound(
190 h.route_path('edit_repo', repo_name=new_repo_name))
191 h.route_path('edit_repo', repo_name=new_repo_name))
@@ -34,6 +34,7 from rhodecode.lib.exceptions import Att
34 from rhodecode.lib.utils2 import safe_int
34 from rhodecode.lib.utils2 import safe_int
35 from rhodecode.lib.vcs import RepositoryError
35 from rhodecode.lib.vcs import RepositoryError
36 from rhodecode.model.db import Session, UserFollowing, User, Repository
36 from rhodecode.model.db import Session, UserFollowing, User, Repository
37 from rhodecode.model.permission import PermissionModel
37 from rhodecode.model.repo import RepoModel
38 from rhodecode.model.repo import RepoModel
38 from rhodecode.model.scm import ScmModel
39 from rhodecode.model.scm import ScmModel
39
40
@@ -110,7 +111,7 class RepoSettingsView(RepoAppView):
110
111
111 # flush permissions for all users defined in permissions
112 # flush permissions for all users defined in permissions
112 affected_user_ids = self._get_users_with_permissions().keys()
113 affected_user_ids = self._get_users_with_permissions().keys()
113 events.trigger(events.UserPermissionsChange(affected_user_ids))
114 PermissionModel().trigger_permission_flush(affected_user_ids)
114
115
115 raise HTTPFound(h.route_path('home'))
116 raise HTTPFound(h.route_path('home'))
116
117
@@ -199,7 +199,7 class UserGroupsView(UserGroupAppView):
199 affected_user_ids.append(self._rhodecode_user.user_id)
199 affected_user_ids.append(self._rhodecode_user.user_id)
200 affected_user_ids.append(owner_id)
200 affected_user_ids.append(owner_id)
201
201
202 events.trigger(events.UserPermissionsChange(affected_user_ids))
202 PermissionModel().trigger_permission_flush(affected_user_ids)
203
203
204 Session().commit()
204 Session().commit()
205 except formencode.Invalid as errors:
205 except formencode.Invalid as errors:
@@ -383,7 +383,7 class UserGroupsView(UserGroupAppView):
383 group_members_ids = [x.user_id for x in user_group.members]
383 group_members_ids = [x.user_id for x in user_group.members]
384 affected_user_ids.extend(group_members_ids)
384 affected_user_ids.extend(group_members_ids)
385
385
386 events.trigger(events.UserPermissionsChange(affected_user_ids))
386 PermissionModel().trigger_permission_flush(affected_user_ids)
387
387
388 raise HTTPFound(
388 raise HTTPFound(
389 h.route_path('edit_user_group_perms', user_group_id=user_group_id))
389 h.route_path('edit_user_group_perms', user_group_id=user_group_id))
@@ -28,6 +28,7 import traceback
28
28
29 from sqlalchemy.exc import DatabaseError
29 from sqlalchemy.exc import DatabaseError
30
30
31 from rhodecode import events
31 from rhodecode.model import BaseModel
32 from rhodecode.model import BaseModel
32 from rhodecode.model.db import (
33 from rhodecode.model.db import (
33 User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm,
34 User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm,
@@ -556,3 +557,21 class PermissionModel(BaseModel):
556 self.sa.rollback()
557 self.sa.rollback()
557 raise
558 raise
558
559
560 def trigger_permission_flush(self, affected_user_ids):
561 events.trigger(events.UserPermissionsChange(affected_user_ids))
562
563 def flush_user_permission_caches(self, changes, affected_user_ids=None):
564 affected_user_ids = affected_user_ids or []
565
566 for change in changes['added'] + changes['updated'] + changes['deleted']:
567 if change['type'] == 'user':
568 affected_user_ids.append(change['id'])
569 if change['type'] == 'user_group':
570 user_group = UserGroup.get(safe_int(change['id']))
571 if user_group:
572 group_members_ids = [x.user_id for x in user_group.members]
573 affected_user_ids.extend(group_members_ids)
574
575 self.trigger_permission_flush(affected_user_ids)
576
577 return affected_user_ids
General Comments 0
You need to be logged in to leave comments. Login now