Show More
| @@ -43,6 +43,7 b' from rhodecode.model.comment import Comm' | |||||
| 43 | from rhodecode.model.db import ( |
|
43 | from rhodecode.model.db import ( | |
| 44 | Session, ChangesetStatus, RepositoryField, Repository, RepoGroup, |
|
44 | Session, ChangesetStatus, RepositoryField, Repository, RepoGroup, | |
| 45 | ChangesetComment) |
|
45 | ChangesetComment) | |
|
|
46 | from rhodecode.model.permission import PermissionModel | |||
| 46 | from rhodecode.model.repo import RepoModel |
|
47 | from rhodecode.model.repo import RepoModel | |
| 47 | from rhodecode.model.scm import ScmModel, RepoList |
|
48 | from rhodecode.model.scm import ScmModel, RepoList | |
| 48 | from rhodecode.model.settings import SettingsModel, VcsSettingsModel |
|
49 | from rhodecode.model.settings import SettingsModel, VcsSettingsModel | |
| @@ -1771,8 +1772,9 b' def grant_user_permission(request, apius' | |||||
| 1771 | } |
|
1772 | } | |
| 1772 | audit_logger.store_api( |
|
1773 | audit_logger.store_api( | |
| 1773 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1774 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1775 | Session().commit() | |||
|
|
1776 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1774 |
|
1777 | |||
| 1775 | Session().commit() |
|
|||
| 1776 | return { |
|
1778 | return { | |
| 1777 | 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % ( |
|
1779 | 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % ( | |
| 1778 | perm.permission_name, user.username, repo.repo_name |
|
1780 | perm.permission_name, user.username, repo.repo_name | |
| @@ -1833,8 +1835,9 b' def revoke_user_permission(request, apiu' | |||||
| 1833 | } |
|
1835 | } | |
| 1834 | audit_logger.store_api( |
|
1836 | audit_logger.store_api( | |
| 1835 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1837 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1838 | Session().commit() | |||
|
|
1839 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1836 |
|
1840 | |||
| 1837 | Session().commit() |
|
|||
| 1838 | return { |
|
1841 | return { | |
| 1839 | 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % ( |
|
1842 | 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % ( | |
| 1840 | user.username, repo.repo_name |
|
1843 | user.username, repo.repo_name | |
| @@ -1919,8 +1922,9 b' def grant_user_group_permission(request,' | |||||
| 1919 | } |
|
1922 | } | |
| 1920 | audit_logger.store_api( |
|
1923 | audit_logger.store_api( | |
| 1921 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1924 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1925 | Session().commit() | |||
|
|
1926 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1922 |
|
1927 | |||
| 1923 | Session().commit() |
|
|||
| 1924 | return { |
|
1928 | return { | |
| 1925 | 'msg': 'Granted perm: `%s` for user group: `%s` in ' |
|
1929 | 'msg': 'Granted perm: `%s` for user group: `%s` in ' | |
| 1926 | 'repo: `%s`' % ( |
|
1930 | 'repo: `%s`' % ( | |
| @@ -1992,8 +1996,9 b' def revoke_user_group_permission(request' | |||||
| 1992 | } |
|
1996 | } | |
| 1993 | audit_logger.store_api( |
|
1997 | audit_logger.store_api( | |
| 1994 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1998 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1999 | Session().commit() | |||
|
|
2000 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1995 |
|
2001 | |||
| 1996 | Session().commit() |
|
|||
| 1997 | return { |
|
2002 | return { | |
| 1998 | 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % ( |
|
2003 | 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % ( | |
| 1999 | user_group.users_group_name, repo.repo_name |
|
2004 | user_group.users_group_name, repo.repo_name | |
| @@ -31,6 +31,7 b' from rhodecode.lib import audit_logger' | |||||
| 31 | from rhodecode.lib.auth import ( |
|
31 | from rhodecode.lib.auth import ( | |
| 32 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) |
|
32 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) | |
| 33 | from rhodecode.model.db import Session |
|
33 | from rhodecode.model.db import Session | |
|
|
34 | from rhodecode.model.permission import PermissionModel | |||
| 34 | from rhodecode.model.repo_group import RepoGroupModel |
|
35 | from rhodecode.model.repo_group import RepoGroupModel | |
| 35 | from rhodecode.model.scm import RepoGroupList |
|
36 | from rhodecode.model.scm import RepoGroupList | |
| 36 | from rhodecode.model import validation_schema |
|
37 | from rhodecode.model import validation_schema | |
| @@ -465,8 +466,9 b' def grant_user_permission_to_repo_group(' | |||||
| 465 | audit_logger.store_api( |
|
466 | audit_logger.store_api( | |
| 466 | 'repo_group.edit.permissions', action_data=action_data, |
|
467 | 'repo_group.edit.permissions', action_data=action_data, | |
| 467 | user=apiuser) |
|
468 | user=apiuser) | |
|
|
469 | Session().commit() | |||
|
|
470 | PermissionModel().flush_user_permission_caches(changes) | |||
| 468 |
|
471 | |||
| 469 | Session().commit() |
|
|||
| 470 | return { |
|
472 | return { | |
| 471 | 'msg': 'Granted perm: `%s` (recursive:%s) for user: ' |
|
473 | 'msg': 'Granted perm: `%s` (recursive:%s) for user: ' | |
| 472 | '`%s` in repo group: `%s`' % ( |
|
474 | '`%s` in repo group: `%s`' % ( | |
| @@ -548,8 +550,9 b' def revoke_user_permission_from_repo_gro' | |||||
| 548 | audit_logger.store_api( |
|
550 | audit_logger.store_api( | |
| 549 | 'repo_group.edit.permissions', action_data=action_data, |
|
551 | 'repo_group.edit.permissions', action_data=action_data, | |
| 550 | user=apiuser) |
|
552 | user=apiuser) | |
|
|
553 | Session().commit() | |||
|
|
554 | PermissionModel().flush_user_permission_caches(changes) | |||
| 551 |
|
555 | |||
| 552 | Session().commit() |
|
|||
| 553 | return { |
|
556 | return { | |
| 554 | 'msg': 'Revoked perm (recursive:%s) for user: ' |
|
557 | 'msg': 'Revoked perm (recursive:%s) for user: ' | |
| 555 | '`%s` in repo group: `%s`' % ( |
|
558 | '`%s` in repo group: `%s`' % ( | |
| @@ -641,8 +644,9 b' def grant_user_group_permission_to_repo_' | |||||
| 641 | audit_logger.store_api( |
|
644 | audit_logger.store_api( | |
| 642 | 'repo_group.edit.permissions', action_data=action_data, |
|
645 | 'repo_group.edit.permissions', action_data=action_data, | |
| 643 | user=apiuser) |
|
646 | user=apiuser) | |
|
|
647 | Session().commit() | |||
|
|
648 | PermissionModel().flush_user_permission_caches(changes) | |||
| 644 |
|
649 | |||
| 645 | Session().commit() |
|
|||
| 646 | return { |
|
650 | return { | |
| 647 | 'msg': 'Granted perm: `%s` (recursive:%s) ' |
|
651 | 'msg': 'Granted perm: `%s` (recursive:%s) ' | |
| 648 | 'for user group: `%s` in repo group: `%s`' % ( |
|
652 | 'for user group: `%s` in repo group: `%s`' % ( | |
| @@ -733,8 +737,9 b' def revoke_user_group_permission_from_re' | |||||
| 733 | audit_logger.store_api( |
|
737 | audit_logger.store_api( | |
| 734 | 'repo_group.edit.permissions', action_data=action_data, |
|
738 | 'repo_group.edit.permissions', action_data=action_data, | |
| 735 | user=apiuser) |
|
739 | user=apiuser) | |
|
|
740 | Session().commit() | |||
|
|
741 | PermissionModel().flush_user_permission_caches(changes) | |||
| 736 |
|
742 | |||
| 737 | Session().commit() |
|
|||
| 738 | return { |
|
743 | return { | |
| 739 | 'msg': 'Revoked perm (recursive:%s) for user group: ' |
|
744 | 'msg': 'Revoked perm (recursive:%s) for user group: ' | |
| 740 | '`%s` in repo group: `%s`' % ( |
|
745 | '`%s` in repo group: `%s`' % ( | |
| @@ -29,6 +29,7 b' from rhodecode.lib import audit_logger' | |||||
| 29 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi |
|
29 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi | |
| 30 | from rhodecode.lib.exceptions import UserGroupAssignedException |
|
30 | from rhodecode.lib.exceptions import UserGroupAssignedException | |
| 31 | from rhodecode.model.db import Session |
|
31 | from rhodecode.model.db import Session | |
|
|
32 | from rhodecode.model.permission import PermissionModel | |||
| 32 | from rhodecode.model.scm import UserGroupList |
|
33 | from rhodecode.model.scm import UserGroupList | |
| 33 | from rhodecode.model.user_group import UserGroupModel |
|
34 | from rhodecode.model.user_group import UserGroupModel | |
| 34 | from rhodecode.model import validation_schema |
|
35 | from rhodecode.model import validation_schema | |
| @@ -266,6 +267,10 b' def create_user_group(' | |||||
| 266 | 'user_group.create', action_data={'data': creation_data}, |
|
267 | 'user_group.create', action_data={'data': creation_data}, | |
| 267 | user=apiuser) |
|
268 | user=apiuser) | |
| 268 | Session().commit() |
|
269 | Session().commit() | |
|
|
270 | ||||
|
|
271 | affected_user_ids = [apiuser.user_id, owner.user_id] | |||
|
|
272 | PermissionModel().trigger_permission_flush(affected_user_ids) | |||
|
|
273 | ||||
| 269 | return { |
|
274 | return { | |
| 270 | 'msg': 'created new user group `%s`' % group_name, |
|
275 | 'msg': 'created new user group `%s`' % group_name, | |
| 271 | 'user_group': creation_data |
|
276 | 'user_group': creation_data | |
| @@ -649,8 +654,9 b' def grant_user_permission_to_user_group(' | |||||
| 649 | audit_logger.store_api( |
|
654 | audit_logger.store_api( | |
| 650 | 'user_group.edit.permissions', action_data=action_data, |
|
655 | 'user_group.edit.permissions', action_data=action_data, | |
| 651 | user=apiuser) |
|
656 | user=apiuser) | |
|
|
657 | Session().commit() | |||
|
|
658 | PermissionModel().flush_user_permission_caches(changes) | |||
| 652 |
|
659 | |||
| 653 | Session().commit() |
|
|||
| 654 | return { |
|
660 | return { | |
| 655 | 'msg': |
|
661 | 'msg': | |
| 656 | 'Granted perm: `%s` for user: `%s` in user group: `%s`' % ( |
|
662 | 'Granted perm: `%s` for user: `%s` in user group: `%s`' % ( | |
| @@ -718,8 +724,9 b' def revoke_user_permission_from_user_gro' | |||||
| 718 | audit_logger.store_api( |
|
724 | audit_logger.store_api( | |
| 719 | 'user_group.edit.permissions', action_data=action_data, |
|
725 | 'user_group.edit.permissions', action_data=action_data, | |
| 720 | user=apiuser) |
|
726 | user=apiuser) | |
|
|
727 | Session().commit() | |||
|
|
728 | PermissionModel().flush_user_permission_caches(changes) | |||
| 721 |
|
729 | |||
| 722 | Session().commit() |
|
|||
| 723 | return { |
|
730 | return { | |
| 724 | 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % ( |
|
731 | 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % ( | |
| 725 | user.username, user_group.users_group_name |
|
732 | user.username, user_group.users_group_name | |
| @@ -795,8 +802,9 b' def grant_user_group_permission_to_user_' | |||||
| 795 | audit_logger.store_api( |
|
802 | audit_logger.store_api( | |
| 796 | 'user_group.edit.permissions', action_data=action_data, |
|
803 | 'user_group.edit.permissions', action_data=action_data, | |
| 797 | user=apiuser) |
|
804 | user=apiuser) | |
|
|
805 | Session().commit() | |||
|
|
806 | PermissionModel().flush_user_permission_caches(changes) | |||
| 798 |
|
807 | |||
| 799 | Session().commit() |
|
|||
| 800 | return { |
|
808 | return { | |
| 801 | 'msg': 'Granted perm: `%s` for user group: `%s` ' |
|
809 | 'msg': 'Granted perm: `%s` for user group: `%s` ' | |
| 802 | 'in user group: `%s`' % ( |
|
810 | 'in user group: `%s`' % ( | |
| @@ -873,8 +881,8 b' def revoke_user_group_permission_from_us' | |||||
| 873 | audit_logger.store_api( |
|
881 | audit_logger.store_api( | |
| 874 | 'user_group.edit.permissions', action_data=action_data, |
|
882 | 'user_group.edit.permissions', action_data=action_data, | |
| 875 | user=apiuser) |
|
883 | user=apiuser) | |
| 876 |
|
||||
| 877 | Session().commit() |
|
884 | Session().commit() | |
|
|
885 | PermissionModel().flush_user_permission_caches(changes) | |||
| 878 |
|
886 | |||
| 879 | return { |
|
887 | return { | |
| 880 | 'msg': 'Revoked perm for user group: ' |
|
888 | 'msg': 'Revoked perm for user group: ' | |
| @@ -142,7 +142,7 b' class AdminPermissionsView(BaseAppView, ' | |||||
| 142 | category='error') |
|
142 | category='error') | |
| 143 |
|
143 | |||
| 144 | affected_user_ids = [User.get_default_user().user_id] |
|
144 | affected_user_ids = [User.get_default_user().user_id] | |
| 145 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
145 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 146 |
|
146 | |||
| 147 | raise HTTPFound(h.route_path('admin_permissions_application')) |
|
147 | raise HTTPFound(h.route_path('admin_permissions_application')) | |
| 148 |
|
148 | |||
| @@ -218,7 +218,7 b' class AdminPermissionsView(BaseAppView, ' | |||||
| 218 | category='error') |
|
218 | category='error') | |
| 219 |
|
219 | |||
| 220 | affected_user_ids = [User.get_default_user().user_id] |
|
220 | affected_user_ids = [User.get_default_user().user_id] | |
| 221 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
221 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 222 |
|
222 | |||
| 223 | raise HTTPFound(h.route_path('admin_permissions_object')) |
|
223 | raise HTTPFound(h.route_path('admin_permissions_object')) | |
| 224 |
|
224 | |||
| @@ -320,7 +320,7 b' class AdminPermissionsView(BaseAppView, ' | |||||
| 320 | category='error') |
|
320 | category='error') | |
| 321 |
|
321 | |||
| 322 | affected_user_ids = [User.get_default_user().user_id] |
|
322 | affected_user_ids = [User.get_default_user().user_id] | |
| 323 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
323 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 324 |
|
324 | |||
| 325 | raise HTTPFound(h.route_path('admin_permissions_global')) |
|
325 | raise HTTPFound(h.route_path('admin_permissions_global')) | |
| 326 |
|
326 | |||
| @@ -36,6 +36,7 b' from rhodecode.lib.auth import (' | |||||
| 36 | from rhodecode.lib import helpers as h, audit_logger |
|
36 | from rhodecode.lib import helpers as h, audit_logger | |
| 37 | from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time |
|
37 | from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time | |
| 38 | from rhodecode.model.forms import RepoGroupForm |
|
38 | from rhodecode.model.forms import RepoGroupForm | |
|
|
39 | from rhodecode.model.permission import PermissionModel | |||
| 39 | from rhodecode.model.repo_group import RepoGroupModel |
|
40 | from rhodecode.model.repo_group import RepoGroupModel | |
| 40 | from rhodecode.model.scm import RepoGroupList |
|
41 | from rhodecode.model.scm import RepoGroupList | |
| 41 | from rhodecode.model.db import ( |
|
42 | from rhodecode.model.db import ( | |
| @@ -354,7 +355,7 b' class AdminRepoGroupsView(BaseAppView, D' | |||||
| 354 | copy_perms = [perm['user_id'] for perm in user_group_perms] |
|
355 | copy_perms = [perm['user_id'] for perm in user_group_perms] | |
| 355 | # also include those newly created by copy |
|
356 | # also include those newly created by copy | |
| 356 | affected_user_ids.extend(copy_perms) |
|
357 | affected_user_ids.extend(copy_perms) | |
| 357 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
358 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 358 |
|
359 | |||
| 359 | raise HTTPFound( |
|
360 | raise HTTPFound( | |
| 360 | h.route_path('repo_group_home', |
|
361 | h.route_path('repo_group_home', | |
| @@ -39,6 +39,7 b' from rhodecode.lib import helpers as h' | |||||
| 39 | from rhodecode.lib.utils import repo_name_slug |
|
39 | from rhodecode.lib.utils import repo_name_slug | |
| 40 | from rhodecode.lib.utils2 import safe_int, safe_unicode |
|
40 | from rhodecode.lib.utils2 import safe_int, safe_unicode | |
| 41 | from rhodecode.model.forms import RepoForm |
|
41 | from rhodecode.model.forms import RepoForm | |
|
|
42 | from rhodecode.model.permission import PermissionModel | |||
| 42 | from rhodecode.model.repo import RepoModel |
|
43 | from rhodecode.model.repo import RepoModel | |
| 43 | from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel |
|
44 | from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel | |
| 44 | from rhodecode.model.settings import SettingsModel |
|
45 | from rhodecode.model.settings import SettingsModel | |
| @@ -182,7 +183,7 b' class AdminReposView(BaseAppView, DataGr' | |||||
| 182 | if copy_permissions: |
|
183 | if copy_permissions: | |
| 183 | # permission flush is done in repo creating |
|
184 | # permission flush is done in repo creating | |
| 184 | pass |
|
185 | pass | |
| 185 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
186 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 186 |
|
187 | |||
| 187 | raise HTTPFound( |
|
188 | raise HTTPFound( | |
| 188 | h.route_path('repo_creating', repo_name=repo_name, |
|
189 | h.route_path('repo_creating', repo_name=repo_name, | |
| @@ -266,6 +266,8 b' class AdminUserGroupsView(BaseAppView, D' | |||||
| 266 | % user_group_name, category='error') |
|
266 | % user_group_name, category='error') | |
| 267 | raise HTTPFound(h.route_path('user_groups_new')) |
|
267 | raise HTTPFound(h.route_path('user_groups_new')) | |
| 268 |
|
268 | |||
| 269 |
|
|
269 | affected_user_ids = [self._rhodecode_user.user_id] | |
|
|
270 | PermissionModel().trigger_permission_flush(affected_user_ids) | |||
|
|
271 | ||||
| 270 | raise HTTPFound( |
|
272 | raise HTTPFound( | |
| 271 | h.route_path('edit_user_group', user_group_id=user_group_id)) |
|
273 | h.route_path('edit_user_group', user_group_id=user_group_id)) | |
| @@ -597,7 +597,7 b' class UsersView(UserAppView):' | |||||
| 597 | category='error') |
|
597 | category='error') | |
| 598 |
|
598 | |||
| 599 | affected_user_ids = [user_id] |
|
599 | affected_user_ids = [user_id] | |
| 600 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
600 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 601 | raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id)) |
|
601 | raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id)) | |
| 602 |
|
602 | |||
| 603 | @LoginRequired() |
|
603 | @LoginRequired() | |
| @@ -23,14 +23,12 b' import logging' | |||||
| 23 | from pyramid.view import view_config |
|
23 | from pyramid.view import view_config | |
| 24 | from pyramid.httpexceptions import HTTPFound |
|
24 | from pyramid.httpexceptions import HTTPFound | |
| 25 |
|
25 | |||
| 26 | from rhodecode import events |
|
|||
| 27 | from rhodecode.apps._base import RepoGroupAppView |
|
26 | from rhodecode.apps._base import RepoGroupAppView | |
| 28 | from rhodecode.lib import helpers as h |
|
27 | from rhodecode.lib import helpers as h | |
| 29 | from rhodecode.lib import audit_logger |
|
28 | from rhodecode.lib import audit_logger | |
| 30 | from rhodecode.lib.auth import ( |
|
29 | from rhodecode.lib.auth import ( | |
| 31 | LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired) |
|
30 | LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired) | |
| 32 | from rhodecode.lib.utils2 import safe_int |
|
31 | from rhodecode.model.permission import PermissionModel | |
| 33 | from rhodecode.model.db import UserGroup |
|
|||
| 34 | from rhodecode.model.repo_group import RepoGroupModel |
|
32 | from rhodecode.model.repo_group import RepoGroupModel | |
| 35 | from rhodecode.model.forms import RepoGroupPermsForm |
|
33 | from rhodecode.model.forms import RepoGroupPermsForm | |
| 36 | from rhodecode.model.meta import Session |
|
34 | from rhodecode.model.meta import Session | |
| @@ -98,18 +96,7 b' class RepoGroupPermissionsView(RepoGroup' | |||||
| 98 |
|
96 | |||
| 99 | Session().commit() |
|
97 | Session().commit() | |
| 100 | h.flash(_('Repository Group permissions updated'), category='success') |
|
98 | h.flash(_('Repository Group permissions updated'), category='success') | |
| 101 |
|
99 | PermissionModel().flush_user_permission_caches(changes) | ||
| 102 | affected_user_ids = [] |
|
|||
| 103 | for change in changes['added'] + changes['updated'] + changes['deleted']: |
|
|||
| 104 | if change['type'] == 'user': |
|
|||
| 105 | affected_user_ids.append(change['id']) |
|
|||
| 106 | if change['type'] == 'user_group': |
|
|||
| 107 | user_group = UserGroup.get(safe_int(change['id'])) |
|
|||
| 108 | if user_group: |
|
|||
| 109 | group_members_ids = [x.user_id for x in user_group.members] |
|
|||
| 110 | affected_user_ids.extend(group_members_ids) |
|
|||
| 111 |
|
||||
| 112 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
|||
| 113 |
|
100 | |||
| 114 | raise HTTPFound( |
|
101 | raise HTTPFound( | |
| 115 | h.route_path('edit_repo_group_perms', |
|
102 | h.route_path('edit_repo_group_perms', | |
| @@ -33,6 +33,7 b' from rhodecode.lib.auth import (' | |||||
| 33 | LoginRequired, HasPermissionAll, |
|
33 | LoginRequired, HasPermissionAll, | |
| 34 | HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired) |
|
34 | HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired) | |
| 35 | from rhodecode.model.db import Session, RepoGroup, User |
|
35 | from rhodecode.model.db import Session, RepoGroup, User | |
|
|
36 | from rhodecode.model.permission import PermissionModel | |||
| 36 | from rhodecode.model.scm import RepoGroupList |
|
37 | from rhodecode.model.scm import RepoGroupList | |
| 37 | from rhodecode.model.repo_group import RepoGroupModel |
|
38 | from rhodecode.model.repo_group import RepoGroupModel | |
| 38 | from rhodecode.model.validation_schema.schemas import repo_group_schema |
|
39 | from rhodecode.model.validation_schema.schemas import repo_group_schema | |
| @@ -187,7 +188,7 b' class RepoGroupSettingsView(RepoGroupApp' | |||||
| 187 | owner = User.get_by_username(schema_data['repo_group_owner']) |
|
188 | owner = User.get_by_username(schema_data['repo_group_owner']) | |
| 188 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id |
|
189 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id | |
| 189 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) |
|
190 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) | |
| 190 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
191 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 191 |
|
192 | |||
| 192 | raise HTTPFound( |
|
193 | raise HTTPFound( | |
| 193 | h.route_path('edit_repo_group', repo_group_name=new_repo_group_name)) |
|
194 | h.route_path('edit_repo_group', repo_group_name=new_repo_group_name)) | |
| @@ -28,6 +28,7 b' from rhodecode.apps._base import BaseApp' | |||||
| 28 | from rhodecode.lib import helpers as h |
|
28 | from rhodecode.lib import helpers as h | |
| 29 | from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny) |
|
29 | from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny) | |
| 30 | from rhodecode.model.db import Repository |
|
30 | from rhodecode.model.db import Repository | |
|
|
31 | from rhodecode.model.permission import PermissionModel | |||
| 31 | from rhodecode.model.validation_schema.types import RepoNameType |
|
32 | from rhodecode.model.validation_schema.types import RepoNameType | |
| 32 |
|
33 | |||
| 33 | log = logging.getLogger(__name__) |
|
34 | log = logging.getLogger(__name__) | |
| @@ -122,4 +123,4 b' class RepoChecksView(BaseAppView):' | |||||
| 122 | # repo is finished and created, we flush the permissions now |
|
123 | # repo is finished and created, we flush the permissions now | |
| 123 | user_group_perms = db_repo.permissions(expand_from_user_groups=True) |
|
124 | user_group_perms = db_repo.permissions(expand_from_user_groups=True) | |
| 124 | affected_user_ids = [perm['user_id'] for perm in user_group_perms] |
|
125 | affected_user_ids = [perm['user_id'] for perm in user_group_perms] | |
| 125 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
126 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| @@ -36,6 +36,7 b' from rhodecode.lib.auth import (' | |||||
| 36 | import rhodecode.lib.helpers as h |
|
36 | import rhodecode.lib.helpers as h | |
| 37 | from rhodecode.lib.celerylib.utils import get_task_id |
|
37 | from rhodecode.lib.celerylib.utils import get_task_id | |
| 38 | from rhodecode.model.db import coalesce, or_, Repository, RepoGroup |
|
38 | from rhodecode.model.db import coalesce, or_, Repository, RepoGroup | |
|
|
39 | from rhodecode.model.permission import PermissionModel | |||
| 39 | from rhodecode.model.repo import RepoModel |
|
40 | from rhodecode.model.repo import RepoModel | |
| 40 | from rhodecode.model.forms import RepoForkForm |
|
41 | from rhodecode.model.forms import RepoForkForm | |
| 41 | from rhodecode.model.scm import ScmModel, RepoGroupList |
|
42 | from rhodecode.model.scm import ScmModel, RepoGroupList | |
| @@ -259,7 +260,7 b' class RepoForksView(RepoAppView, DataGri' | |||||
| 259 | # permission flush is done in repo creating |
|
260 | # permission flush is done in repo creating | |
| 260 | pass |
|
261 | pass | |
| 261 |
|
262 | |||
| 262 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
263 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 263 |
|
264 | |||
| 264 | raise HTTPFound( |
|
265 | raise HTTPFound( | |
| 265 | h.route_path('repo_creating', repo_name=repo_name, |
|
266 | h.route_path('repo_creating', repo_name=repo_name, | |
| @@ -23,16 +23,14 b' import logging' | |||||
| 23 | from pyramid.httpexceptions import HTTPFound |
|
23 | from pyramid.httpexceptions import HTTPFound | |
| 24 | from pyramid.view import view_config |
|
24 | from pyramid.view import view_config | |
| 25 |
|
25 | |||
| 26 | from rhodecode import events |
|
|||
| 27 | from rhodecode.apps._base import RepoAppView |
|
26 | from rhodecode.apps._base import RepoAppView | |
| 28 | from rhodecode.lib import helpers as h |
|
27 | from rhodecode.lib import helpers as h | |
| 29 | from rhodecode.lib import audit_logger |
|
28 | from rhodecode.lib import audit_logger | |
| 30 | from rhodecode.lib.auth import ( |
|
29 | from rhodecode.lib.auth import ( | |
| 31 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) |
|
30 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) | |
| 32 | from rhodecode.lib.utils2 import safe_int |
|
|||
| 33 | from rhodecode.model.db import UserGroup |
|
|||
| 34 | from rhodecode.model.forms import RepoPermsForm |
|
31 | from rhodecode.model.forms import RepoPermsForm | |
| 35 | from rhodecode.model.meta import Session |
|
32 | from rhodecode.model.meta import Session | |
|
|
33 | from rhodecode.model.permission import PermissionModel | |||
| 36 | from rhodecode.model.repo import RepoModel |
|
34 | from rhodecode.model.repo import RepoModel | |
| 37 |
|
35 | |||
| 38 | log = logging.getLogger(__name__) |
|
36 | log = logging.getLogger(__name__) | |
| @@ -91,17 +89,7 b' class RepoSettingsPermissionsView(RepoAp' | |||||
| 91 | Session().commit() |
|
89 | Session().commit() | |
| 92 | h.flash(_('Repository permissions updated'), category='success') |
|
90 | h.flash(_('Repository permissions updated'), category='success') | |
| 93 |
|
91 | |||
| 94 | affected_user_ids = [] |
|
92 | PermissionModel().flush_user_permission_caches(changes) | |
| 95 | for change in changes['added'] + changes['updated'] + changes['deleted']: |
|
|||
| 96 | if change['type'] == 'user': |
|
|||
| 97 | affected_user_ids.append(change['id']) |
|
|||
| 98 | if change['type'] == 'user_group': |
|
|||
| 99 | user_group = UserGroup.get(safe_int(change['id'])) |
|
|||
| 100 | if user_group: |
|
|||
| 101 | group_members_ids = [x.user_id for x in user_group.members] |
|
|||
| 102 | affected_user_ids.extend(group_members_ids) |
|
|||
| 103 |
|
||||
| 104 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
|||
| 105 |
|
93 | |||
| 106 | raise HTTPFound( |
|
94 | raise HTTPFound( | |
| 107 | h.route_path('edit_repo_perms', repo_name=self.db_repo_name)) |
|
95 | h.route_path('edit_repo_perms', repo_name=self.db_repo_name)) | |
| @@ -33,6 +33,7 b' from rhodecode.lib.auth import (' | |||||
| 33 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) |
|
33 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) | |
| 34 | from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User |
|
34 | from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User | |
| 35 | from rhodecode.model.meta import Session |
|
35 | from rhodecode.model.meta import Session | |
|
|
36 | from rhodecode.model.permission import PermissionModel | |||
| 36 | from rhodecode.model.repo import RepoModel |
|
37 | from rhodecode.model.repo import RepoModel | |
| 37 | from rhodecode.model.scm import RepoGroupList, ScmModel |
|
38 | from rhodecode.model.scm import RepoGroupList, ScmModel | |
| 38 | from rhodecode.model.validation_schema.schemas import repo_schema |
|
39 | from rhodecode.model.validation_schema.schemas import repo_schema | |
| @@ -184,7 +185,7 b' class RepoSettingsView(RepoAppView):' | |||||
| 184 | owner = User.get_by_username(schema_data['repo_owner']) |
|
185 | owner = User.get_by_username(schema_data['repo_owner']) | |
| 185 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id |
|
186 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id | |
| 186 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) |
|
187 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) | |
| 187 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
188 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 188 |
|
189 | |||
| 189 | raise HTTPFound( |
|
190 | raise HTTPFound( | |
| 190 | h.route_path('edit_repo', repo_name=new_repo_name)) |
|
191 | h.route_path('edit_repo', repo_name=new_repo_name)) | |
| @@ -34,6 +34,7 b' from rhodecode.lib.exceptions import Att' | |||||
| 34 | from rhodecode.lib.utils2 import safe_int |
|
34 | from rhodecode.lib.utils2 import safe_int | |
| 35 | from rhodecode.lib.vcs import RepositoryError |
|
35 | from rhodecode.lib.vcs import RepositoryError | |
| 36 | from rhodecode.model.db import Session, UserFollowing, User, Repository |
|
36 | from rhodecode.model.db import Session, UserFollowing, User, Repository | |
|
|
37 | from rhodecode.model.permission import PermissionModel | |||
| 37 | from rhodecode.model.repo import RepoModel |
|
38 | from rhodecode.model.repo import RepoModel | |
| 38 | from rhodecode.model.scm import ScmModel |
|
39 | from rhodecode.model.scm import ScmModel | |
| 39 |
|
40 | |||
| @@ -110,7 +111,7 b' class RepoSettingsView(RepoAppView):' | |||||
| 110 |
|
111 | |||
| 111 | # flush permissions for all users defined in permissions |
|
112 | # flush permissions for all users defined in permissions | |
| 112 | affected_user_ids = self._get_users_with_permissions().keys() |
|
113 | affected_user_ids = self._get_users_with_permissions().keys() | |
| 113 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
114 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 114 |
|
115 | |||
| 115 | raise HTTPFound(h.route_path('home')) |
|
116 | raise HTTPFound(h.route_path('home')) | |
| 116 |
|
117 | |||
| @@ -199,7 +199,7 b' class UserGroupsView(UserGroupAppView):' | |||||
| 199 | affected_user_ids.append(self._rhodecode_user.user_id) |
|
199 | affected_user_ids.append(self._rhodecode_user.user_id) | |
| 200 | affected_user_ids.append(owner_id) |
|
200 | affected_user_ids.append(owner_id) | |
| 201 |
|
201 | |||
| 202 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
202 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 203 |
|
203 | |||
| 204 | Session().commit() |
|
204 | Session().commit() | |
| 205 | except formencode.Invalid as errors: |
|
205 | except formencode.Invalid as errors: | |
| @@ -383,7 +383,7 b' class UserGroupsView(UserGroupAppView):' | |||||
| 383 | group_members_ids = [x.user_id for x in user_group.members] |
|
383 | group_members_ids = [x.user_id for x in user_group.members] | |
| 384 | affected_user_ids.extend(group_members_ids) |
|
384 | affected_user_ids.extend(group_members_ids) | |
| 385 |
|
385 | |||
| 386 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
386 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 387 |
|
387 | |||
| 388 | raise HTTPFound( |
|
388 | raise HTTPFound( | |
| 389 | h.route_path('edit_user_group_perms', user_group_id=user_group_id)) |
|
389 | h.route_path('edit_user_group_perms', user_group_id=user_group_id)) | |
| @@ -28,6 +28,7 b' import traceback' | |||||
| 28 |
|
28 | |||
| 29 | from sqlalchemy.exc import DatabaseError |
|
29 | from sqlalchemy.exc import DatabaseError | |
| 30 |
|
30 | |||
|
|
31 | from rhodecode import events | |||
| 31 | from rhodecode.model import BaseModel |
|
32 | from rhodecode.model import BaseModel | |
| 32 | from rhodecode.model.db import ( |
|
33 | from rhodecode.model.db import ( | |
| 33 | User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm, |
|
34 | User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm, | |
| @@ -556,3 +557,21 b' class PermissionModel(BaseModel):' | |||||
| 556 | self.sa.rollback() |
|
557 | self.sa.rollback() | |
| 557 | raise |
|
558 | raise | |
| 558 |
|
559 | |||
|
|
560 | def trigger_permission_flush(self, affected_user_ids): | |||
|
|
561 | events.trigger(events.UserPermissionsChange(affected_user_ids)) | |||
|
|
562 | ||||
|
|
563 | def flush_user_permission_caches(self, changes, affected_user_ids=None): | |||
|
|
564 | affected_user_ids = affected_user_ids or [] | |||
|
|
565 | ||||
|
|
566 | for change in changes['added'] + changes['updated'] + changes['deleted']: | |||
|
|
567 | if change['type'] == 'user': | |||
|
|
568 | affected_user_ids.append(change['id']) | |||
|
|
569 | if change['type'] == 'user_group': | |||
|
|
570 | user_group = UserGroup.get(safe_int(change['id'])) | |||
|
|
571 | if user_group: | |||
|
|
572 | group_members_ids = [x.user_id for x in user_group.members] | |||
|
|
573 | affected_user_ids.extend(group_members_ids) | |||
|
|
574 | ||||
|
|
575 | self.trigger_permission_flush(affected_user_ids) | |||
|
|
576 | ||||
|
|
577 | return affected_user_ids | |||
General Comments 0
You need to be logged in to leave comments.
Login now