Show More
| @@ -43,6 +43,7 b' from rhodecode.model.comment import Comm' | |||||
| 43 | from rhodecode.model.db import ( |
|
43 | from rhodecode.model.db import ( | |
| 44 | Session, ChangesetStatus, RepositoryField, Repository, RepoGroup, |
|
44 | Session, ChangesetStatus, RepositoryField, Repository, RepoGroup, | |
| 45 | ChangesetComment) |
|
45 | ChangesetComment) | |
|
|
46 | from rhodecode.model.permission import PermissionModel | |||
| 46 | from rhodecode.model.repo import RepoModel |
|
47 | from rhodecode.model.repo import RepoModel | |
| 47 | from rhodecode.model.scm import ScmModel, RepoList |
|
48 | from rhodecode.model.scm import ScmModel, RepoList | |
| 48 | from rhodecode.model.settings import SettingsModel, VcsSettingsModel |
|
49 | from rhodecode.model.settings import SettingsModel, VcsSettingsModel | |
| @@ -1783,8 +1784,9 b' def grant_user_permission(request, apius' | |||||
| 1783 | } |
|
1784 | } | |
| 1784 | audit_logger.store_api( |
|
1785 | audit_logger.store_api( | |
| 1785 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1786 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1787 | Session().commit() | |||
|
|
1788 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1786 |
|
1789 | |||
| 1787 | Session().commit() |
|
|||
| 1788 | return { |
|
1790 | return { | |
| 1789 | 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % ( |
|
1791 | 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % ( | |
| 1790 | perm.permission_name, user.username, repo.repo_name |
|
1792 | perm.permission_name, user.username, repo.repo_name | |
| @@ -1845,8 +1847,9 b' def revoke_user_permission(request, apiu' | |||||
| 1845 | } |
|
1847 | } | |
| 1846 | audit_logger.store_api( |
|
1848 | audit_logger.store_api( | |
| 1847 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1849 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1850 | Session().commit() | |||
|
|
1851 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1848 |
|
1852 | |||
| 1849 | Session().commit() |
|
|||
| 1850 | return { |
|
1853 | return { | |
| 1851 | 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % ( |
|
1854 | 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % ( | |
| 1852 | user.username, repo.repo_name |
|
1855 | user.username, repo.repo_name | |
| @@ -1931,8 +1934,9 b' def grant_user_group_permission(request,' | |||||
| 1931 | } |
|
1934 | } | |
| 1932 | audit_logger.store_api( |
|
1935 | audit_logger.store_api( | |
| 1933 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
1936 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
1937 | Session().commit() | |||
|
|
1938 | PermissionModel().flush_user_permission_caches(changes) | |||
| 1934 |
|
1939 | |||
| 1935 | Session().commit() |
|
|||
| 1936 | return { |
|
1940 | return { | |
| 1937 | 'msg': 'Granted perm: `%s` for user group: `%s` in ' |
|
1941 | 'msg': 'Granted perm: `%s` for user group: `%s` in ' | |
| 1938 | 'repo: `%s`' % ( |
|
1942 | 'repo: `%s`' % ( | |
| @@ -2004,8 +2008,9 b' def revoke_user_group_permission(request' | |||||
| 2004 | } |
|
2008 | } | |
| 2005 | audit_logger.store_api( |
|
2009 | audit_logger.store_api( | |
| 2006 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) |
|
2010 | 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo) | |
|
|
2011 | Session().commit() | |||
|
|
2012 | PermissionModel().flush_user_permission_caches(changes) | |||
| 2007 |
|
2013 | |||
| 2008 | Session().commit() |
|
|||
| 2009 | return { |
|
2014 | return { | |
| 2010 | 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % ( |
|
2015 | 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % ( | |
| 2011 | user_group.users_group_name, repo.repo_name |
|
2016 | user_group.users_group_name, repo.repo_name | |
| @@ -31,6 +31,7 b' from rhodecode.lib import audit_logger' | |||||
| 31 | from rhodecode.lib.auth import ( |
|
31 | from rhodecode.lib.auth import ( | |
| 32 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) |
|
32 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) | |
| 33 | from rhodecode.model.db import Session |
|
33 | from rhodecode.model.db import Session | |
|
|
34 | from rhodecode.model.permission import PermissionModel | |||
| 34 | from rhodecode.model.repo_group import RepoGroupModel |
|
35 | from rhodecode.model.repo_group import RepoGroupModel | |
| 35 | from rhodecode.model.scm import RepoGroupList |
|
36 | from rhodecode.model.scm import RepoGroupList | |
| 36 | from rhodecode.model import validation_schema |
|
37 | from rhodecode.model import validation_schema | |
| @@ -465,8 +466,9 b' def grant_user_permission_to_repo_group(' | |||||
| 465 | audit_logger.store_api( |
|
466 | audit_logger.store_api( | |
| 466 | 'repo_group.edit.permissions', action_data=action_data, |
|
467 | 'repo_group.edit.permissions', action_data=action_data, | |
| 467 | user=apiuser) |
|
468 | user=apiuser) | |
|
|
469 | Session().commit() | |||
|
|
470 | PermissionModel().flush_user_permission_caches(changes) | |||
| 468 |
|
471 | |||
| 469 | Session().commit() |
|
|||
| 470 | return { |
|
472 | return { | |
| 471 | 'msg': 'Granted perm: `%s` (recursive:%s) for user: ' |
|
473 | 'msg': 'Granted perm: `%s` (recursive:%s) for user: ' | |
| 472 | '`%s` in repo group: `%s`' % ( |
|
474 | '`%s` in repo group: `%s`' % ( | |
| @@ -548,8 +550,9 b' def revoke_user_permission_from_repo_gro' | |||||
| 548 | audit_logger.store_api( |
|
550 | audit_logger.store_api( | |
| 549 | 'repo_group.edit.permissions', action_data=action_data, |
|
551 | 'repo_group.edit.permissions', action_data=action_data, | |
| 550 | user=apiuser) |
|
552 | user=apiuser) | |
|
|
553 | Session().commit() | |||
|
|
554 | PermissionModel().flush_user_permission_caches(changes) | |||
| 551 |
|
555 | |||
| 552 | Session().commit() |
|
|||
| 553 | return { |
|
556 | return { | |
| 554 | 'msg': 'Revoked perm (recursive:%s) for user: ' |
|
557 | 'msg': 'Revoked perm (recursive:%s) for user: ' | |
| 555 | '`%s` in repo group: `%s`' % ( |
|
558 | '`%s` in repo group: `%s`' % ( | |
| @@ -641,8 +644,9 b' def grant_user_group_permission_to_repo_' | |||||
| 641 | audit_logger.store_api( |
|
644 | audit_logger.store_api( | |
| 642 | 'repo_group.edit.permissions', action_data=action_data, |
|
645 | 'repo_group.edit.permissions', action_data=action_data, | |
| 643 | user=apiuser) |
|
646 | user=apiuser) | |
|
|
647 | Session().commit() | |||
|
|
648 | PermissionModel().flush_user_permission_caches(changes) | |||
| 644 |
|
649 | |||
| 645 | Session().commit() |
|
|||
| 646 | return { |
|
650 | return { | |
| 647 | 'msg': 'Granted perm: `%s` (recursive:%s) ' |
|
651 | 'msg': 'Granted perm: `%s` (recursive:%s) ' | |
| 648 | 'for user group: `%s` in repo group: `%s`' % ( |
|
652 | 'for user group: `%s` in repo group: `%s`' % ( | |
| @@ -733,8 +737,9 b' def revoke_user_group_permission_from_re' | |||||
| 733 | audit_logger.store_api( |
|
737 | audit_logger.store_api( | |
| 734 | 'repo_group.edit.permissions', action_data=action_data, |
|
738 | 'repo_group.edit.permissions', action_data=action_data, | |
| 735 | user=apiuser) |
|
739 | user=apiuser) | |
|
|
740 | Session().commit() | |||
|
|
741 | PermissionModel().flush_user_permission_caches(changes) | |||
| 736 |
|
742 | |||
| 737 | Session().commit() |
|
|||
| 738 | return { |
|
743 | return { | |
| 739 | 'msg': 'Revoked perm (recursive:%s) for user group: ' |
|
744 | 'msg': 'Revoked perm (recursive:%s) for user group: ' | |
| 740 | '`%s` in repo group: `%s`' % ( |
|
745 | '`%s` in repo group: `%s`' % ( | |
| @@ -29,6 +29,7 b' from rhodecode.lib import audit_logger' | |||||
| 29 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi |
|
29 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi | |
| 30 | from rhodecode.lib.exceptions import UserGroupAssignedException |
|
30 | from rhodecode.lib.exceptions import UserGroupAssignedException | |
| 31 | from rhodecode.model.db import Session |
|
31 | from rhodecode.model.db import Session | |
|
|
32 | from rhodecode.model.permission import PermissionModel | |||
| 32 | from rhodecode.model.scm import UserGroupList |
|
33 | from rhodecode.model.scm import UserGroupList | |
| 33 | from rhodecode.model.user_group import UserGroupModel |
|
34 | from rhodecode.model.user_group import UserGroupModel | |
| 34 | from rhodecode.model import validation_schema |
|
35 | from rhodecode.model import validation_schema | |
| @@ -268,6 +269,10 b' def create_user_group(' | |||||
| 268 | 'user_group.create', action_data={'data': creation_data}, |
|
269 | 'user_group.create', action_data={'data': creation_data}, | |
| 269 | user=apiuser) |
|
270 | user=apiuser) | |
| 270 | Session().commit() |
|
271 | Session().commit() | |
|
|
272 | ||||
|
|
273 | affected_user_ids = [apiuser.user_id, owner.user_id] | |||
|
|
274 | PermissionModel().trigger_permission_flush(affected_user_ids) | |||
|
|
275 | ||||
| 271 | return { |
|
276 | return { | |
| 272 | 'msg': 'created new user group `%s`' % group_name, |
|
277 | 'msg': 'created new user group `%s`' % group_name, | |
| 273 | 'user_group': creation_data |
|
278 | 'user_group': creation_data | |
| @@ -653,8 +658,9 b' def grant_user_permission_to_user_group(' | |||||
| 653 | audit_logger.store_api( |
|
658 | audit_logger.store_api( | |
| 654 | 'user_group.edit.permissions', action_data=action_data, |
|
659 | 'user_group.edit.permissions', action_data=action_data, | |
| 655 | user=apiuser) |
|
660 | user=apiuser) | |
|
|
661 | Session().commit() | |||
|
|
662 | PermissionModel().flush_user_permission_caches(changes) | |||
| 656 |
|
663 | |||
| 657 | Session().commit() |
|
|||
| 658 | return { |
|
664 | return { | |
| 659 | 'msg': |
|
665 | 'msg': | |
| 660 | 'Granted perm: `%s` for user: `%s` in user group: `%s`' % ( |
|
666 | 'Granted perm: `%s` for user: `%s` in user group: `%s`' % ( | |
| @@ -722,8 +728,9 b' def revoke_user_permission_from_user_gro' | |||||
| 722 | audit_logger.store_api( |
|
728 | audit_logger.store_api( | |
| 723 | 'user_group.edit.permissions', action_data=action_data, |
|
729 | 'user_group.edit.permissions', action_data=action_data, | |
| 724 | user=apiuser) |
|
730 | user=apiuser) | |
|
|
731 | Session().commit() | |||
|
|
732 | PermissionModel().flush_user_permission_caches(changes) | |||
| 725 |
|
733 | |||
| 726 | Session().commit() |
|
|||
| 727 | return { |
|
734 | return { | |
| 728 | 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % ( |
|
735 | 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % ( | |
| 729 | user.username, user_group.users_group_name |
|
736 | user.username, user_group.users_group_name | |
| @@ -799,8 +806,9 b' def grant_user_group_permission_to_user_' | |||||
| 799 | audit_logger.store_api( |
|
806 | audit_logger.store_api( | |
| 800 | 'user_group.edit.permissions', action_data=action_data, |
|
807 | 'user_group.edit.permissions', action_data=action_data, | |
| 801 | user=apiuser) |
|
808 | user=apiuser) | |
|
|
809 | Session().commit() | |||
|
|
810 | PermissionModel().flush_user_permission_caches(changes) | |||
| 802 |
|
811 | |||
| 803 | Session().commit() |
|
|||
| 804 | return { |
|
812 | return { | |
| 805 | 'msg': 'Granted perm: `%s` for user group: `%s` ' |
|
813 | 'msg': 'Granted perm: `%s` for user group: `%s` ' | |
| 806 | 'in user group: `%s`' % ( |
|
814 | 'in user group: `%s`' % ( | |
| @@ -877,8 +885,8 b' def revoke_user_group_permission_from_us' | |||||
| 877 | audit_logger.store_api( |
|
885 | audit_logger.store_api( | |
| 878 | 'user_group.edit.permissions', action_data=action_data, |
|
886 | 'user_group.edit.permissions', action_data=action_data, | |
| 879 | user=apiuser) |
|
887 | user=apiuser) | |
| 880 |
|
||||
| 881 | Session().commit() |
|
888 | Session().commit() | |
|
|
889 | PermissionModel().flush_user_permission_caches(changes) | |||
| 882 |
|
890 | |||
| 883 | return { |
|
891 | return { | |
| 884 | 'msg': 'Revoked perm for user group: ' |
|
892 | 'msg': 'Revoked perm for user group: ' | |
| @@ -143,7 +143,7 b' class AdminPermissionsView(BaseAppView, ' | |||||
| 143 | category='error') |
|
143 | category='error') | |
| 144 |
|
144 | |||
| 145 | affected_user_ids = [User.get_default_user().user_id] |
|
145 | affected_user_ids = [User.get_default_user().user_id] | |
| 146 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
146 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 147 |
|
147 | |||
| 148 | raise HTTPFound(h.route_path('admin_permissions_application')) |
|
148 | raise HTTPFound(h.route_path('admin_permissions_application')) | |
| 149 |
|
149 | |||
| @@ -219,7 +219,7 b' class AdminPermissionsView(BaseAppView, ' | |||||
| 219 | category='error') |
|
219 | category='error') | |
| 220 |
|
220 | |||
| 221 | affected_user_ids = [User.get_default_user().user_id] |
|
221 | affected_user_ids = [User.get_default_user().user_id] | |
| 222 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
222 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 223 |
|
223 | |||
| 224 | raise HTTPFound(h.route_path('admin_permissions_object')) |
|
224 | raise HTTPFound(h.route_path('admin_permissions_object')) | |
| 225 |
|
225 | |||
| @@ -321,7 +321,7 b' class AdminPermissionsView(BaseAppView, ' | |||||
| 321 | category='error') |
|
321 | category='error') | |
| 322 |
|
322 | |||
| 323 | affected_user_ids = [User.get_default_user().user_id] |
|
323 | affected_user_ids = [User.get_default_user().user_id] | |
| 324 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
324 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 325 |
|
325 | |||
| 326 | raise HTTPFound(h.route_path('admin_permissions_global')) |
|
326 | raise HTTPFound(h.route_path('admin_permissions_global')) | |
| 327 |
|
327 | |||
| @@ -36,6 +36,7 b' from rhodecode.lib.auth import (' | |||||
| 36 | from rhodecode.lib import helpers as h, audit_logger |
|
36 | from rhodecode.lib import helpers as h, audit_logger | |
| 37 | from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time |
|
37 | from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time | |
| 38 | from rhodecode.model.forms import RepoGroupForm |
|
38 | from rhodecode.model.forms import RepoGroupForm | |
|
|
39 | from rhodecode.model.permission import PermissionModel | |||
| 39 | from rhodecode.model.repo_group import RepoGroupModel |
|
40 | from rhodecode.model.repo_group import RepoGroupModel | |
| 40 | from rhodecode.model.scm import RepoGroupList |
|
41 | from rhodecode.model.scm import RepoGroupList | |
| 41 | from rhodecode.model.db import ( |
|
42 | from rhodecode.model.db import ( | |
| @@ -354,7 +355,7 b' class AdminRepoGroupsView(BaseAppView, D' | |||||
| 354 | copy_perms = [perm['user_id'] for perm in user_group_perms] |
|
355 | copy_perms = [perm['user_id'] for perm in user_group_perms] | |
| 355 | # also include those newly created by copy |
|
356 | # also include those newly created by copy | |
| 356 | affected_user_ids.extend(copy_perms) |
|
357 | affected_user_ids.extend(copy_perms) | |
| 357 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
358 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 358 |
|
359 | |||
| 359 | raise HTTPFound( |
|
360 | raise HTTPFound( | |
| 360 | h.route_path('repo_group_home', |
|
361 | h.route_path('repo_group_home', | |
| @@ -39,6 +39,7 b' from rhodecode.lib import helpers as h' | |||||
| 39 | from rhodecode.lib.utils import repo_name_slug |
|
39 | from rhodecode.lib.utils import repo_name_slug | |
| 40 | from rhodecode.lib.utils2 import safe_int, safe_unicode |
|
40 | from rhodecode.lib.utils2 import safe_int, safe_unicode | |
| 41 | from rhodecode.model.forms import RepoForm |
|
41 | from rhodecode.model.forms import RepoForm | |
|
|
42 | from rhodecode.model.permission import PermissionModel | |||
| 42 | from rhodecode.model.repo import RepoModel |
|
43 | from rhodecode.model.repo import RepoModel | |
| 43 | from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel |
|
44 | from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel | |
| 44 | from rhodecode.model.settings import SettingsModel |
|
45 | from rhodecode.model.settings import SettingsModel | |
| @@ -179,7 +180,7 b' class AdminReposView(BaseAppView, DataGr' | |||||
| 179 | if copy_permissions: |
|
180 | if copy_permissions: | |
| 180 | # permission flush is done in repo creating |
|
181 | # permission flush is done in repo creating | |
| 181 | pass |
|
182 | pass | |
| 182 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
183 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 183 |
|
184 | |||
| 184 | raise HTTPFound( |
|
185 | raise HTTPFound( | |
| 185 | h.route_path('repo_creating', repo_name=repo_name, |
|
186 | h.route_path('repo_creating', repo_name=repo_name, | |
| @@ -266,6 +266,8 b' class AdminUserGroupsView(BaseAppView, D' | |||||
| 266 | % user_group_name, category='error') |
|
266 | % user_group_name, category='error') | |
| 267 | raise HTTPFound(h.route_path('user_groups_new')) |
|
267 | raise HTTPFound(h.route_path('user_groups_new')) | |
| 268 |
|
268 | |||
| 269 |
|
|
269 | affected_user_ids = [self._rhodecode_user.user_id] | |
|
|
270 | PermissionModel().trigger_permission_flush(affected_user_ids) | |||
|
|
271 | ||||
| 270 | raise HTTPFound( |
|
272 | raise HTTPFound( | |
| 271 | h.route_path('edit_user_group', user_group_id=user_group_id)) |
|
273 | h.route_path('edit_user_group', user_group_id=user_group_id)) | |
| @@ -597,7 +597,7 b' class UsersView(UserAppView):' | |||||
| 597 | category='error') |
|
597 | category='error') | |
| 598 |
|
598 | |||
| 599 | affected_user_ids = [user_id] |
|
599 | affected_user_ids = [user_id] | |
| 600 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
600 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 601 | raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id)) |
|
601 | raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id)) | |
| 602 |
|
602 | |||
| 603 | @LoginRequired() |
|
603 | @LoginRequired() | |
| @@ -23,14 +23,12 b' import logging' | |||||
| 23 | from pyramid.view import view_config |
|
23 | from pyramid.view import view_config | |
| 24 | from pyramid.httpexceptions import HTTPFound |
|
24 | from pyramid.httpexceptions import HTTPFound | |
| 25 |
|
25 | |||
| 26 | from rhodecode import events |
|
|||
| 27 | from rhodecode.apps._base import RepoGroupAppView |
|
26 | from rhodecode.apps._base import RepoGroupAppView | |
| 28 | from rhodecode.lib import helpers as h |
|
27 | from rhodecode.lib import helpers as h | |
| 29 | from rhodecode.lib import audit_logger |
|
28 | from rhodecode.lib import audit_logger | |
| 30 | from rhodecode.lib.auth import ( |
|
29 | from rhodecode.lib.auth import ( | |
| 31 | LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired) |
|
30 | LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired) | |
| 32 | from rhodecode.lib.utils2 import safe_int |
|
31 | from rhodecode.model.permission import PermissionModel | |
| 33 | from rhodecode.model.db import UserGroup |
|
|||
| 34 | from rhodecode.model.repo_group import RepoGroupModel |
|
32 | from rhodecode.model.repo_group import RepoGroupModel | |
| 35 | from rhodecode.model.forms import RepoGroupPermsForm |
|
33 | from rhodecode.model.forms import RepoGroupPermsForm | |
| 36 | from rhodecode.model.meta import Session |
|
34 | from rhodecode.model.meta import Session | |
| @@ -98,18 +96,7 b' class RepoGroupPermissionsView(RepoGroup' | |||||
| 98 |
|
96 | |||
| 99 | Session().commit() |
|
97 | Session().commit() | |
| 100 | h.flash(_('Repository Group permissions updated'), category='success') |
|
98 | h.flash(_('Repository Group permissions updated'), category='success') | |
| 101 |
|
99 | PermissionModel().flush_user_permission_caches(changes) | ||
| 102 | affected_user_ids = [] |
|
|||
| 103 | for change in changes['added'] + changes['updated'] + changes['deleted']: |
|
|||
| 104 | if change['type'] == 'user': |
|
|||
| 105 | affected_user_ids.append(change['id']) |
|
|||
| 106 | if change['type'] == 'user_group': |
|
|||
| 107 | user_group = UserGroup.get(safe_int(change['id'])) |
|
|||
| 108 | if user_group: |
|
|||
| 109 | group_members_ids = [x.user_id for x in user_group.members] |
|
|||
| 110 | affected_user_ids.extend(group_members_ids) |
|
|||
| 111 |
|
||||
| 112 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
|||
| 113 |
|
100 | |||
| 114 | raise HTTPFound( |
|
101 | raise HTTPFound( | |
| 115 | h.route_path('edit_repo_group_perms', |
|
102 | h.route_path('edit_repo_group_perms', | |
| @@ -33,6 +33,7 b' from rhodecode.lib.auth import (' | |||||
| 33 | LoginRequired, HasPermissionAll, |
|
33 | LoginRequired, HasPermissionAll, | |
| 34 | HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired) |
|
34 | HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired) | |
| 35 | from rhodecode.model.db import Session, RepoGroup, User |
|
35 | from rhodecode.model.db import Session, RepoGroup, User | |
|
|
36 | from rhodecode.model.permission import PermissionModel | |||
| 36 | from rhodecode.model.scm import RepoGroupList |
|
37 | from rhodecode.model.scm import RepoGroupList | |
| 37 | from rhodecode.model.repo_group import RepoGroupModel |
|
38 | from rhodecode.model.repo_group import RepoGroupModel | |
| 38 | from rhodecode.model.validation_schema.schemas import repo_group_schema |
|
39 | from rhodecode.model.validation_schema.schemas import repo_group_schema | |
| @@ -187,7 +188,7 b' class RepoGroupSettingsView(RepoGroupApp' | |||||
| 187 | owner = User.get_by_username(schema_data['repo_group_owner']) |
|
188 | owner = User.get_by_username(schema_data['repo_group_owner']) | |
| 188 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id |
|
189 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id | |
| 189 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) |
|
190 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) | |
| 190 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
191 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 191 |
|
192 | |||
| 192 | raise HTTPFound( |
|
193 | raise HTTPFound( | |
| 193 | h.route_path('edit_repo_group', repo_group_name=new_repo_group_name)) |
|
194 | h.route_path('edit_repo_group', repo_group_name=new_repo_group_name)) | |
| @@ -28,6 +28,7 b' from rhodecode.apps._base import BaseApp' | |||||
| 28 | from rhodecode.lib import helpers as h |
|
28 | from rhodecode.lib import helpers as h | |
| 29 | from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny) |
|
29 | from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny) | |
| 30 | from rhodecode.model.db import Repository |
|
30 | from rhodecode.model.db import Repository | |
|
|
31 | from rhodecode.model.permission import PermissionModel | |||
| 31 | from rhodecode.model.validation_schema.types import RepoNameType |
|
32 | from rhodecode.model.validation_schema.types import RepoNameType | |
| 32 |
|
33 | |||
| 33 | log = logging.getLogger(__name__) |
|
34 | log = logging.getLogger(__name__) | |
| @@ -122,4 +123,4 b' class RepoChecksView(BaseAppView):' | |||||
| 122 | # repo is finished and created, we flush the permissions now |
|
123 | # repo is finished and created, we flush the permissions now | |
| 123 | user_group_perms = db_repo.permissions(expand_from_user_groups=True) |
|
124 | user_group_perms = db_repo.permissions(expand_from_user_groups=True) | |
| 124 | affected_user_ids = [perm['user_id'] for perm in user_group_perms] |
|
125 | affected_user_ids = [perm['user_id'] for perm in user_group_perms] | |
| 125 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
126 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| @@ -36,6 +36,7 b' from rhodecode.lib.auth import (' | |||||
| 36 | import rhodecode.lib.helpers as h |
|
36 | import rhodecode.lib.helpers as h | |
| 37 | from rhodecode.lib.celerylib.utils import get_task_id |
|
37 | from rhodecode.lib.celerylib.utils import get_task_id | |
| 38 | from rhodecode.model.db import coalesce, or_, Repository, RepoGroup |
|
38 | from rhodecode.model.db import coalesce, or_, Repository, RepoGroup | |
|
|
39 | from rhodecode.model.permission import PermissionModel | |||
| 39 | from rhodecode.model.repo import RepoModel |
|
40 | from rhodecode.model.repo import RepoModel | |
| 40 | from rhodecode.model.forms import RepoForkForm |
|
41 | from rhodecode.model.forms import RepoForkForm | |
| 41 | from rhodecode.model.scm import ScmModel, RepoGroupList |
|
42 | from rhodecode.model.scm import ScmModel, RepoGroupList | |
| @@ -257,7 +258,7 b' class RepoForksView(RepoAppView, DataGri' | |||||
| 257 | # permission flush is done in repo creating |
|
258 | # permission flush is done in repo creating | |
| 258 | pass |
|
259 | pass | |
| 259 |
|
260 | |||
| 260 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
261 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 261 |
|
262 | |||
| 262 | raise HTTPFound( |
|
263 | raise HTTPFound( | |
| 263 | h.route_path('repo_creating', repo_name=repo_name, |
|
264 | h.route_path('repo_creating', repo_name=repo_name, | |
| @@ -23,16 +23,14 b' import logging' | |||||
| 23 | from pyramid.httpexceptions import HTTPFound |
|
23 | from pyramid.httpexceptions import HTTPFound | |
| 24 | from pyramid.view import view_config |
|
24 | from pyramid.view import view_config | |
| 25 |
|
25 | |||
| 26 | from rhodecode import events |
|
|||
| 27 | from rhodecode.apps._base import RepoAppView |
|
26 | from rhodecode.apps._base import RepoAppView | |
| 28 | from rhodecode.lib import helpers as h |
|
27 | from rhodecode.lib import helpers as h | |
| 29 | from rhodecode.lib import audit_logger |
|
28 | from rhodecode.lib import audit_logger | |
| 30 | from rhodecode.lib.auth import ( |
|
29 | from rhodecode.lib.auth import ( | |
| 31 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) |
|
30 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) | |
| 32 | from rhodecode.lib.utils2 import safe_int |
|
|||
| 33 | from rhodecode.model.db import UserGroup |
|
|||
| 34 | from rhodecode.model.forms import RepoPermsForm |
|
31 | from rhodecode.model.forms import RepoPermsForm | |
| 35 | from rhodecode.model.meta import Session |
|
32 | from rhodecode.model.meta import Session | |
|
|
33 | from rhodecode.model.permission import PermissionModel | |||
| 36 | from rhodecode.model.repo import RepoModel |
|
34 | from rhodecode.model.repo import RepoModel | |
| 37 |
|
35 | |||
| 38 | log = logging.getLogger(__name__) |
|
36 | log = logging.getLogger(__name__) | |
| @@ -91,17 +89,7 b' class RepoSettingsPermissionsView(RepoAp' | |||||
| 91 | Session().commit() |
|
89 | Session().commit() | |
| 92 | h.flash(_('Repository permissions updated'), category='success') |
|
90 | h.flash(_('Repository permissions updated'), category='success') | |
| 93 |
|
91 | |||
| 94 | affected_user_ids = [] |
|
92 | PermissionModel().flush_user_permission_caches(changes) | |
| 95 | for change in changes['added'] + changes['updated'] + changes['deleted']: |
|
|||
| 96 | if change['type'] == 'user': |
|
|||
| 97 | affected_user_ids.append(change['id']) |
|
|||
| 98 | if change['type'] == 'user_group': |
|
|||
| 99 | user_group = UserGroup.get(safe_int(change['id'])) |
|
|||
| 100 | if user_group: |
|
|||
| 101 | group_members_ids = [x.user_id for x in user_group.members] |
|
|||
| 102 | affected_user_ids.extend(group_members_ids) |
|
|||
| 103 |
|
||||
| 104 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
|||
| 105 |
|
93 | |||
| 106 | raise HTTPFound( |
|
94 | raise HTTPFound( | |
| 107 | h.route_path('edit_repo_perms', repo_name=self.db_repo_name)) |
|
95 | h.route_path('edit_repo_perms', repo_name=self.db_repo_name)) | |
| @@ -33,6 +33,7 b' from rhodecode.lib.auth import (' | |||||
| 33 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) |
|
33 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) | |
| 34 | from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User |
|
34 | from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User | |
| 35 | from rhodecode.model.meta import Session |
|
35 | from rhodecode.model.meta import Session | |
|
|
36 | from rhodecode.model.permission import PermissionModel | |||
| 36 | from rhodecode.model.repo import RepoModel |
|
37 | from rhodecode.model.repo import RepoModel | |
| 37 | from rhodecode.model.scm import RepoGroupList, ScmModel |
|
38 | from rhodecode.model.scm import RepoGroupList, ScmModel | |
| 38 | from rhodecode.model.validation_schema.schemas import repo_schema |
|
39 | from rhodecode.model.validation_schema.schemas import repo_schema | |
| @@ -184,7 +185,7 b' class RepoSettingsView(RepoAppView):' | |||||
| 184 | owner = User.get_by_username(schema_data['repo_owner']) |
|
185 | owner = User.get_by_username(schema_data['repo_owner']) | |
| 185 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id |
|
186 | owner_id = owner.user_id if owner else self._rhodecode_user.user_id | |
| 186 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) |
|
187 | affected_user_ids.extend([self._rhodecode_user.user_id, owner_id]) | |
| 187 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
188 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 188 |
|
189 | |||
| 189 | raise HTTPFound( |
|
190 | raise HTTPFound( | |
| 190 | h.route_path('edit_repo', repo_name=new_repo_name)) |
|
191 | h.route_path('edit_repo', repo_name=new_repo_name)) | |
| @@ -34,6 +34,7 b' from rhodecode.lib.exceptions import Att' | |||||
| 34 | from rhodecode.lib.utils2 import safe_int |
|
34 | from rhodecode.lib.utils2 import safe_int | |
| 35 | from rhodecode.lib.vcs import RepositoryError |
|
35 | from rhodecode.lib.vcs import RepositoryError | |
| 36 | from rhodecode.model.db import Session, UserFollowing, User, Repository |
|
36 | from rhodecode.model.db import Session, UserFollowing, User, Repository | |
|
|
37 | from rhodecode.model.permission import PermissionModel | |||
| 37 | from rhodecode.model.repo import RepoModel |
|
38 | from rhodecode.model.repo import RepoModel | |
| 38 | from rhodecode.model.scm import ScmModel |
|
39 | from rhodecode.model.scm import ScmModel | |
| 39 |
|
40 | |||
| @@ -110,7 +111,7 b' class RepoSettingsView(RepoAppView):' | |||||
| 110 |
|
111 | |||
| 111 | # flush permissions for all users defined in permissions |
|
112 | # flush permissions for all users defined in permissions | |
| 112 | affected_user_ids = self._get_users_with_permissions().keys() |
|
113 | affected_user_ids = self._get_users_with_permissions().keys() | |
| 113 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
114 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 114 |
|
115 | |||
| 115 | raise HTTPFound(h.route_path('home')) |
|
116 | raise HTTPFound(h.route_path('home')) | |
| 116 |
|
117 | |||
| @@ -199,7 +199,7 b' class UserGroupsView(UserGroupAppView):' | |||||
| 199 | affected_user_ids.append(self._rhodecode_user.user_id) |
|
199 | affected_user_ids.append(self._rhodecode_user.user_id) | |
| 200 | affected_user_ids.append(owner_id) |
|
200 | affected_user_ids.append(owner_id) | |
| 201 |
|
201 | |||
| 202 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
202 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 203 |
|
203 | |||
| 204 | Session().commit() |
|
204 | Session().commit() | |
| 205 | except formencode.Invalid as errors: |
|
205 | except formencode.Invalid as errors: | |
| @@ -383,7 +383,7 b' class UserGroupsView(UserGroupAppView):' | |||||
| 383 | group_members_ids = [x.user_id for x in user_group.members] |
|
383 | group_members_ids = [x.user_id for x in user_group.members] | |
| 384 | affected_user_ids.extend(group_members_ids) |
|
384 | affected_user_ids.extend(group_members_ids) | |
| 385 |
|
385 | |||
| 386 | events.trigger(events.UserPermissionsChange(affected_user_ids)) |
|
386 | PermissionModel().trigger_permission_flush(affected_user_ids) | |
| 387 |
|
387 | |||
| 388 | raise HTTPFound( |
|
388 | raise HTTPFound( | |
| 389 | h.route_path('edit_user_group_perms', user_group_id=user_group_id)) |
|
389 | h.route_path('edit_user_group_perms', user_group_id=user_group_id)) | |
| @@ -28,6 +28,7 b' import traceback' | |||||
| 28 |
|
28 | |||
| 29 | from sqlalchemy.exc import DatabaseError |
|
29 | from sqlalchemy.exc import DatabaseError | |
| 30 |
|
30 | |||
|
|
31 | from rhodecode import events | |||
| 31 | from rhodecode.model import BaseModel |
|
32 | from rhodecode.model import BaseModel | |
| 32 | from rhodecode.model.db import ( |
|
33 | from rhodecode.model.db import ( | |
| 33 | User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm, |
|
34 | User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm, | |
| @@ -556,3 +557,21 b' class PermissionModel(BaseModel):' | |||||
| 556 | self.sa.rollback() |
|
557 | self.sa.rollback() | |
| 557 | raise |
|
558 | raise | |
| 558 |
|
559 | |||
|
|
560 | def trigger_permission_flush(self, affected_user_ids): | |||
|
|
561 | events.trigger(events.UserPermissionsChange(affected_user_ids)) | |||
|
|
562 | ||||
|
|
563 | def flush_user_permission_caches(self, changes, affected_user_ids=None): | |||
|
|
564 | affected_user_ids = affected_user_ids or [] | |||
|
|
565 | ||||
|
|
566 | for change in changes['added'] + changes['updated'] + changes['deleted']: | |||
|
|
567 | if change['type'] == 'user': | |||
|
|
568 | affected_user_ids.append(change['id']) | |||
|
|
569 | if change['type'] == 'user_group': | |||
|
|
570 | user_group = UserGroup.get(safe_int(change['id'])) | |||
|
|
571 | if user_group: | |||
|
|
572 | group_members_ids = [x.user_id for x in user_group.members] | |||
|
|
573 | affected_user_ids.extend(group_members_ids) | |||
|
|
574 | ||||
|
|
575 | self.trigger_permission_flush(affected_user_ids) | |||
|
|
576 | ||||
|
|
577 | return affected_user_ids | |||
General Comments 0
You need to be logged in to leave comments.
Login now