##// END OF EJS Templates
permissions: properly flush user cache permissions in more cases of permission changes....
marcink -
r3887:85d5bce0 default
parent child
Show More
@@ -43,6 +43,7 from rhodecode.model.comment import Comm
43 from rhodecode.model.db import (
43 from rhodecode.model.db import (
44 Session, ChangesetStatus, RepositoryField, Repository, RepoGroup,
44 Session, ChangesetStatus, RepositoryField, Repository, RepoGroup,
45 ChangesetComment)
45 ChangesetComment)
46 from rhodecode.model.permission import PermissionModel
46 from rhodecode.model.repo import RepoModel
47 from rhodecode.model.repo import RepoModel
47 from rhodecode.model.scm import ScmModel, RepoList
48 from rhodecode.model.scm import ScmModel, RepoList
48 from rhodecode.model.settings import SettingsModel, VcsSettingsModel
49 from rhodecode.model.settings import SettingsModel, VcsSettingsModel
@@ -1783,8 +1784,9 def grant_user_permission(request, apius
1783 }
1784 }
1784 audit_logger.store_api(
1785 audit_logger.store_api(
1785 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1786 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1787 Session().commit()
1788 PermissionModel().flush_user_permission_caches(changes)
1786
1789
1787 Session().commit()
1788 return {
1790 return {
1789 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % (
1791 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % (
1790 perm.permission_name, user.username, repo.repo_name
1792 perm.permission_name, user.username, repo.repo_name
@@ -1845,8 +1847,9 def revoke_user_permission(request, apiu
1845 }
1847 }
1846 audit_logger.store_api(
1848 audit_logger.store_api(
1847 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1849 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1850 Session().commit()
1851 PermissionModel().flush_user_permission_caches(changes)
1848
1852
1849 Session().commit()
1850 return {
1853 return {
1851 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % (
1854 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % (
1852 user.username, repo.repo_name
1855 user.username, repo.repo_name
@@ -1931,8 +1934,9 def grant_user_group_permission(request,
1931 }
1934 }
1932 audit_logger.store_api(
1935 audit_logger.store_api(
1933 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1936 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
1937 Session().commit()
1938 PermissionModel().flush_user_permission_caches(changes)
1934
1939
1935 Session().commit()
1936 return {
1940 return {
1937 'msg': 'Granted perm: `%s` for user group: `%s` in '
1941 'msg': 'Granted perm: `%s` for user group: `%s` in '
1938 'repo: `%s`' % (
1942 'repo: `%s`' % (
@@ -2004,8 +2008,9 def revoke_user_group_permission(request
2004 }
2008 }
2005 audit_logger.store_api(
2009 audit_logger.store_api(
2006 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
2010 'repo.edit.permissions', action_data=action_data, user=apiuser, repo=repo)
2011 Session().commit()
2012 PermissionModel().flush_user_permission_caches(changes)
2007
2013
2008 Session().commit()
2009 return {
2014 return {
2010 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % (
2015 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % (
2011 user_group.users_group_name, repo.repo_name
2016 user_group.users_group_name, repo.repo_name
@@ -31,6 +31,7 from rhodecode.lib import audit_logger
31 from rhodecode.lib.auth import (
31 from rhodecode.lib.auth import (
32 HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi)
32 HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi)
33 from rhodecode.model.db import Session
33 from rhodecode.model.db import Session
34 from rhodecode.model.permission import PermissionModel
34 from rhodecode.model.repo_group import RepoGroupModel
35 from rhodecode.model.repo_group import RepoGroupModel
35 from rhodecode.model.scm import RepoGroupList
36 from rhodecode.model.scm import RepoGroupList
36 from rhodecode.model import validation_schema
37 from rhodecode.model import validation_schema
@@ -465,8 +466,9 def grant_user_permission_to_repo_group(
465 audit_logger.store_api(
466 audit_logger.store_api(
466 'repo_group.edit.permissions', action_data=action_data,
467 'repo_group.edit.permissions', action_data=action_data,
467 user=apiuser)
468 user=apiuser)
469 Session().commit()
470 PermissionModel().flush_user_permission_caches(changes)
468
471
469 Session().commit()
470 return {
472 return {
471 'msg': 'Granted perm: `%s` (recursive:%s) for user: '
473 'msg': 'Granted perm: `%s` (recursive:%s) for user: '
472 '`%s` in repo group: `%s`' % (
474 '`%s` in repo group: `%s`' % (
@@ -548,8 +550,9 def revoke_user_permission_from_repo_gro
548 audit_logger.store_api(
550 audit_logger.store_api(
549 'repo_group.edit.permissions', action_data=action_data,
551 'repo_group.edit.permissions', action_data=action_data,
550 user=apiuser)
552 user=apiuser)
553 Session().commit()
554 PermissionModel().flush_user_permission_caches(changes)
551
555
552 Session().commit()
553 return {
556 return {
554 'msg': 'Revoked perm (recursive:%s) for user: '
557 'msg': 'Revoked perm (recursive:%s) for user: '
555 '`%s` in repo group: `%s`' % (
558 '`%s` in repo group: `%s`' % (
@@ -641,8 +644,9 def grant_user_group_permission_to_repo_
641 audit_logger.store_api(
644 audit_logger.store_api(
642 'repo_group.edit.permissions', action_data=action_data,
645 'repo_group.edit.permissions', action_data=action_data,
643 user=apiuser)
646 user=apiuser)
647 Session().commit()
648 PermissionModel().flush_user_permission_caches(changes)
644
649
645 Session().commit()
646 return {
650 return {
647 'msg': 'Granted perm: `%s` (recursive:%s) '
651 'msg': 'Granted perm: `%s` (recursive:%s) '
648 'for user group: `%s` in repo group: `%s`' % (
652 'for user group: `%s` in repo group: `%s`' % (
@@ -733,8 +737,9 def revoke_user_group_permission_from_re
733 audit_logger.store_api(
737 audit_logger.store_api(
734 'repo_group.edit.permissions', action_data=action_data,
738 'repo_group.edit.permissions', action_data=action_data,
735 user=apiuser)
739 user=apiuser)
740 Session().commit()
741 PermissionModel().flush_user_permission_caches(changes)
736
742
737 Session().commit()
738 return {
743 return {
739 'msg': 'Revoked perm (recursive:%s) for user group: '
744 'msg': 'Revoked perm (recursive:%s) for user group: '
740 '`%s` in repo group: `%s`' % (
745 '`%s` in repo group: `%s`' % (
@@ -29,6 +29,7 from rhodecode.lib import audit_logger
29 from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi
29 from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi
30 from rhodecode.lib.exceptions import UserGroupAssignedException
30 from rhodecode.lib.exceptions import UserGroupAssignedException
31 from rhodecode.model.db import Session
31 from rhodecode.model.db import Session
32 from rhodecode.model.permission import PermissionModel
32 from rhodecode.model.scm import UserGroupList
33 from rhodecode.model.scm import UserGroupList
33 from rhodecode.model.user_group import UserGroupModel
34 from rhodecode.model.user_group import UserGroupModel
34 from rhodecode.model import validation_schema
35 from rhodecode.model import validation_schema
@@ -268,6 +269,10 def create_user_group(
268 'user_group.create', action_data={'data': creation_data},
269 'user_group.create', action_data={'data': creation_data},
269 user=apiuser)
270 user=apiuser)
270 Session().commit()
271 Session().commit()
272
273 affected_user_ids = [apiuser.user_id, owner.user_id]
274 PermissionModel().trigger_permission_flush(affected_user_ids)
275
271 return {
276 return {
272 'msg': 'created new user group `%s`' % group_name,
277 'msg': 'created new user group `%s`' % group_name,
273 'user_group': creation_data
278 'user_group': creation_data
@@ -653,8 +658,9 def grant_user_permission_to_user_group(
653 audit_logger.store_api(
658 audit_logger.store_api(
654 'user_group.edit.permissions', action_data=action_data,
659 'user_group.edit.permissions', action_data=action_data,
655 user=apiuser)
660 user=apiuser)
661 Session().commit()
662 PermissionModel().flush_user_permission_caches(changes)
656
663
657 Session().commit()
658 return {
664 return {
659 'msg':
665 'msg':
660 'Granted perm: `%s` for user: `%s` in user group: `%s`' % (
666 'Granted perm: `%s` for user: `%s` in user group: `%s`' % (
@@ -722,8 +728,9 def revoke_user_permission_from_user_gro
722 audit_logger.store_api(
728 audit_logger.store_api(
723 'user_group.edit.permissions', action_data=action_data,
729 'user_group.edit.permissions', action_data=action_data,
724 user=apiuser)
730 user=apiuser)
731 Session().commit()
732 PermissionModel().flush_user_permission_caches(changes)
725
733
726 Session().commit()
727 return {
734 return {
728 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % (
735 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % (
729 user.username, user_group.users_group_name
736 user.username, user_group.users_group_name
@@ -799,8 +806,9 def grant_user_group_permission_to_user_
799 audit_logger.store_api(
806 audit_logger.store_api(
800 'user_group.edit.permissions', action_data=action_data,
807 'user_group.edit.permissions', action_data=action_data,
801 user=apiuser)
808 user=apiuser)
809 Session().commit()
810 PermissionModel().flush_user_permission_caches(changes)
802
811
803 Session().commit()
804 return {
812 return {
805 'msg': 'Granted perm: `%s` for user group: `%s` '
813 'msg': 'Granted perm: `%s` for user group: `%s` '
806 'in user group: `%s`' % (
814 'in user group: `%s`' % (
@@ -877,8 +885,8 def revoke_user_group_permission_from_us
877 audit_logger.store_api(
885 audit_logger.store_api(
878 'user_group.edit.permissions', action_data=action_data,
886 'user_group.edit.permissions', action_data=action_data,
879 user=apiuser)
887 user=apiuser)
880
881 Session().commit()
888 Session().commit()
889 PermissionModel().flush_user_permission_caches(changes)
882
890
883 return {
891 return {
884 'msg': 'Revoked perm for user group: '
892 'msg': 'Revoked perm for user group: '
@@ -143,7 +143,7 class AdminPermissionsView(BaseAppView,
143 category='error')
143 category='error')
144
144
145 affected_user_ids = [User.get_default_user().user_id]
145 affected_user_ids = [User.get_default_user().user_id]
146 events.trigger(events.UserPermissionsChange(affected_user_ids))
146 PermissionModel().trigger_permission_flush(affected_user_ids)
147
147
148 raise HTTPFound(h.route_path('admin_permissions_application'))
148 raise HTTPFound(h.route_path('admin_permissions_application'))
149
149
@@ -219,7 +219,7 class AdminPermissionsView(BaseAppView,
219 category='error')
219 category='error')
220
220
221 affected_user_ids = [User.get_default_user().user_id]
221 affected_user_ids = [User.get_default_user().user_id]
222 events.trigger(events.UserPermissionsChange(affected_user_ids))
222 PermissionModel().trigger_permission_flush(affected_user_ids)
223
223
224 raise HTTPFound(h.route_path('admin_permissions_object'))
224 raise HTTPFound(h.route_path('admin_permissions_object'))
225
225
@@ -321,7 +321,7 class AdminPermissionsView(BaseAppView,
321 category='error')
321 category='error')
322
322
323 affected_user_ids = [User.get_default_user().user_id]
323 affected_user_ids = [User.get_default_user().user_id]
324 events.trigger(events.UserPermissionsChange(affected_user_ids))
324 PermissionModel().trigger_permission_flush(affected_user_ids)
325
325
326 raise HTTPFound(h.route_path('admin_permissions_global'))
326 raise HTTPFound(h.route_path('admin_permissions_global'))
327
327
@@ -36,6 +36,7 from rhodecode.lib.auth import (
36 from rhodecode.lib import helpers as h, audit_logger
36 from rhodecode.lib import helpers as h, audit_logger
37 from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time
37 from rhodecode.lib.utils2 import safe_int, safe_unicode, datetime_to_time
38 from rhodecode.model.forms import RepoGroupForm
38 from rhodecode.model.forms import RepoGroupForm
39 from rhodecode.model.permission import PermissionModel
39 from rhodecode.model.repo_group import RepoGroupModel
40 from rhodecode.model.repo_group import RepoGroupModel
40 from rhodecode.model.scm import RepoGroupList
41 from rhodecode.model.scm import RepoGroupList
41 from rhodecode.model.db import (
42 from rhodecode.model.db import (
@@ -354,7 +355,7 class AdminRepoGroupsView(BaseAppView, D
354 copy_perms = [perm['user_id'] for perm in user_group_perms]
355 copy_perms = [perm['user_id'] for perm in user_group_perms]
355 # also include those newly created by copy
356 # also include those newly created by copy
356 affected_user_ids.extend(copy_perms)
357 affected_user_ids.extend(copy_perms)
357 events.trigger(events.UserPermissionsChange(affected_user_ids))
358 PermissionModel().trigger_permission_flush(affected_user_ids)
358
359
359 raise HTTPFound(
360 raise HTTPFound(
360 h.route_path('repo_group_home',
361 h.route_path('repo_group_home',
@@ -39,6 +39,7 from rhodecode.lib import helpers as h
39 from rhodecode.lib.utils import repo_name_slug
39 from rhodecode.lib.utils import repo_name_slug
40 from rhodecode.lib.utils2 import safe_int, safe_unicode
40 from rhodecode.lib.utils2 import safe_int, safe_unicode
41 from rhodecode.model.forms import RepoForm
41 from rhodecode.model.forms import RepoForm
42 from rhodecode.model.permission import PermissionModel
42 from rhodecode.model.repo import RepoModel
43 from rhodecode.model.repo import RepoModel
43 from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel
44 from rhodecode.model.scm import RepoList, RepoGroupList, ScmModel
44 from rhodecode.model.settings import SettingsModel
45 from rhodecode.model.settings import SettingsModel
@@ -179,7 +180,7 class AdminReposView(BaseAppView, DataGr
179 if copy_permissions:
180 if copy_permissions:
180 # permission flush is done in repo creating
181 # permission flush is done in repo creating
181 pass
182 pass
182 events.trigger(events.UserPermissionsChange(affected_user_ids))
183 PermissionModel().trigger_permission_flush(affected_user_ids)
183
184
184 raise HTTPFound(
185 raise HTTPFound(
185 h.route_path('repo_creating', repo_name=repo_name,
186 h.route_path('repo_creating', repo_name=repo_name,
@@ -266,6 +266,8 class AdminUserGroupsView(BaseAppView, D
266 % user_group_name, category='error')
266 % user_group_name, category='error')
267 raise HTTPFound(h.route_path('user_groups_new'))
267 raise HTTPFound(h.route_path('user_groups_new'))
268
268
269 events.trigger(events.UserPermissionsChange([self._rhodecode_user.user_id]))
269 affected_user_ids = [self._rhodecode_user.user_id]
270 PermissionModel().trigger_permission_flush(affected_user_ids)
271
270 raise HTTPFound(
272 raise HTTPFound(
271 h.route_path('edit_user_group', user_group_id=user_group_id))
273 h.route_path('edit_user_group', user_group_id=user_group_id))
@@ -597,7 +597,7 class UsersView(UserAppView):
597 category='error')
597 category='error')
598
598
599 affected_user_ids = [user_id]
599 affected_user_ids = [user_id]
600 events.trigger(events.UserPermissionsChange(affected_user_ids))
600 PermissionModel().trigger_permission_flush(affected_user_ids)
601 raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id))
601 raise HTTPFound(h.route_path('user_edit_global_perms', user_id=user_id))
602
602
603 @LoginRequired()
603 @LoginRequired()
@@ -23,14 +23,12 import logging
23 from pyramid.view import view_config
23 from pyramid.view import view_config
24 from pyramid.httpexceptions import HTTPFound
24 from pyramid.httpexceptions import HTTPFound
25
25
26 from rhodecode import events
27 from rhodecode.apps._base import RepoGroupAppView
26 from rhodecode.apps._base import RepoGroupAppView
28 from rhodecode.lib import helpers as h
27 from rhodecode.lib import helpers as h
29 from rhodecode.lib import audit_logger
28 from rhodecode.lib import audit_logger
30 from rhodecode.lib.auth import (
29 from rhodecode.lib.auth import (
31 LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
30 LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
32 from rhodecode.lib.utils2 import safe_int
31 from rhodecode.model.permission import PermissionModel
33 from rhodecode.model.db import UserGroup
34 from rhodecode.model.repo_group import RepoGroupModel
32 from rhodecode.model.repo_group import RepoGroupModel
35 from rhodecode.model.forms import RepoGroupPermsForm
33 from rhodecode.model.forms import RepoGroupPermsForm
36 from rhodecode.model.meta import Session
34 from rhodecode.model.meta import Session
@@ -98,18 +96,7 class RepoGroupPermissionsView(RepoGroup
98
96
99 Session().commit()
97 Session().commit()
100 h.flash(_('Repository Group permissions updated'), category='success')
98 h.flash(_('Repository Group permissions updated'), category='success')
101
99 PermissionModel().flush_user_permission_caches(changes)
102 affected_user_ids = []
103 for change in changes['added'] + changes['updated'] + changes['deleted']:
104 if change['type'] == 'user':
105 affected_user_ids.append(change['id'])
106 if change['type'] == 'user_group':
107 user_group = UserGroup.get(safe_int(change['id']))
108 if user_group:
109 group_members_ids = [x.user_id for x in user_group.members]
110 affected_user_ids.extend(group_members_ids)
111
112 events.trigger(events.UserPermissionsChange(affected_user_ids))
113
100
114 raise HTTPFound(
101 raise HTTPFound(
115 h.route_path('edit_repo_group_perms',
102 h.route_path('edit_repo_group_perms',
@@ -33,6 +33,7 from rhodecode.lib.auth import (
33 LoginRequired, HasPermissionAll,
33 LoginRequired, HasPermissionAll,
34 HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
34 HasRepoGroupPermissionAny, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
35 from rhodecode.model.db import Session, RepoGroup, User
35 from rhodecode.model.db import Session, RepoGroup, User
36 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.scm import RepoGroupList
37 from rhodecode.model.scm import RepoGroupList
37 from rhodecode.model.repo_group import RepoGroupModel
38 from rhodecode.model.repo_group import RepoGroupModel
38 from rhodecode.model.validation_schema.schemas import repo_group_schema
39 from rhodecode.model.validation_schema.schemas import repo_group_schema
@@ -187,7 +188,7 class RepoGroupSettingsView(RepoGroupApp
187 owner = User.get_by_username(schema_data['repo_group_owner'])
188 owner = User.get_by_username(schema_data['repo_group_owner'])
188 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
189 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
189 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
190 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
190 events.trigger(events.UserPermissionsChange(affected_user_ids))
191 PermissionModel().trigger_permission_flush(affected_user_ids)
191
192
192 raise HTTPFound(
193 raise HTTPFound(
193 h.route_path('edit_repo_group', repo_group_name=new_repo_group_name))
194 h.route_path('edit_repo_group', repo_group_name=new_repo_group_name))
@@ -28,6 +28,7 from rhodecode.apps._base import BaseApp
28 from rhodecode.lib import helpers as h
28 from rhodecode.lib import helpers as h
29 from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny)
29 from rhodecode.lib.auth import (NotAnonymous, HasRepoPermissionAny)
30 from rhodecode.model.db import Repository
30 from rhodecode.model.db import Repository
31 from rhodecode.model.permission import PermissionModel
31 from rhodecode.model.validation_schema.types import RepoNameType
32 from rhodecode.model.validation_schema.types import RepoNameType
32
33
33 log = logging.getLogger(__name__)
34 log = logging.getLogger(__name__)
@@ -122,4 +123,4 class RepoChecksView(BaseAppView):
122 # repo is finished and created, we flush the permissions now
123 # repo is finished and created, we flush the permissions now
123 user_group_perms = db_repo.permissions(expand_from_user_groups=True)
124 user_group_perms = db_repo.permissions(expand_from_user_groups=True)
124 affected_user_ids = [perm['user_id'] for perm in user_group_perms]
125 affected_user_ids = [perm['user_id'] for perm in user_group_perms]
125 events.trigger(events.UserPermissionsChange(affected_user_ids))
126 PermissionModel().trigger_permission_flush(affected_user_ids)
@@ -36,6 +36,7 from rhodecode.lib.auth import (
36 import rhodecode.lib.helpers as h
36 import rhodecode.lib.helpers as h
37 from rhodecode.lib.celerylib.utils import get_task_id
37 from rhodecode.lib.celerylib.utils import get_task_id
38 from rhodecode.model.db import coalesce, or_, Repository, RepoGroup
38 from rhodecode.model.db import coalesce, or_, Repository, RepoGroup
39 from rhodecode.model.permission import PermissionModel
39 from rhodecode.model.repo import RepoModel
40 from rhodecode.model.repo import RepoModel
40 from rhodecode.model.forms import RepoForkForm
41 from rhodecode.model.forms import RepoForkForm
41 from rhodecode.model.scm import ScmModel, RepoGroupList
42 from rhodecode.model.scm import ScmModel, RepoGroupList
@@ -257,7 +258,7 class RepoForksView(RepoAppView, DataGri
257 # permission flush is done in repo creating
258 # permission flush is done in repo creating
258 pass
259 pass
259
260
260 events.trigger(events.UserPermissionsChange(affected_user_ids))
261 PermissionModel().trigger_permission_flush(affected_user_ids)
261
262
262 raise HTTPFound(
263 raise HTTPFound(
263 h.route_path('repo_creating', repo_name=repo_name,
264 h.route_path('repo_creating', repo_name=repo_name,
@@ -23,16 +23,14 import logging
23 from pyramid.httpexceptions import HTTPFound
23 from pyramid.httpexceptions import HTTPFound
24 from pyramid.view import view_config
24 from pyramid.view import view_config
25
25
26 from rhodecode import events
27 from rhodecode.apps._base import RepoAppView
26 from rhodecode.apps._base import RepoAppView
28 from rhodecode.lib import helpers as h
27 from rhodecode.lib import helpers as h
29 from rhodecode.lib import audit_logger
28 from rhodecode.lib import audit_logger
30 from rhodecode.lib.auth import (
29 from rhodecode.lib.auth import (
31 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
30 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
32 from rhodecode.lib.utils2 import safe_int
33 from rhodecode.model.db import UserGroup
34 from rhodecode.model.forms import RepoPermsForm
31 from rhodecode.model.forms import RepoPermsForm
35 from rhodecode.model.meta import Session
32 from rhodecode.model.meta import Session
33 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.repo import RepoModel
34 from rhodecode.model.repo import RepoModel
37
35
38 log = logging.getLogger(__name__)
36 log = logging.getLogger(__name__)
@@ -91,17 +89,7 class RepoSettingsPermissionsView(RepoAp
91 Session().commit()
89 Session().commit()
92 h.flash(_('Repository permissions updated'), category='success')
90 h.flash(_('Repository permissions updated'), category='success')
93
91
94 affected_user_ids = []
92 PermissionModel().flush_user_permission_caches(changes)
95 for change in changes['added'] + changes['updated'] + changes['deleted']:
96 if change['type'] == 'user':
97 affected_user_ids.append(change['id'])
98 if change['type'] == 'user_group':
99 user_group = UserGroup.get(safe_int(change['id']))
100 if user_group:
101 group_members_ids = [x.user_id for x in user_group.members]
102 affected_user_ids.extend(group_members_ids)
103
104 events.trigger(events.UserPermissionsChange(affected_user_ids))
105
93
106 raise HTTPFound(
94 raise HTTPFound(
107 h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
95 h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
@@ -33,6 +33,7 from rhodecode.lib.auth import (
33 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
33 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
34 from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User
34 from rhodecode.model.db import RepositoryField, RepoGroup, Repository, User
35 from rhodecode.model.meta import Session
35 from rhodecode.model.meta import Session
36 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.repo import RepoModel
37 from rhodecode.model.repo import RepoModel
37 from rhodecode.model.scm import RepoGroupList, ScmModel
38 from rhodecode.model.scm import RepoGroupList, ScmModel
38 from rhodecode.model.validation_schema.schemas import repo_schema
39 from rhodecode.model.validation_schema.schemas import repo_schema
@@ -184,7 +185,7 class RepoSettingsView(RepoAppView):
184 owner = User.get_by_username(schema_data['repo_owner'])
185 owner = User.get_by_username(schema_data['repo_owner'])
185 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
186 owner_id = owner.user_id if owner else self._rhodecode_user.user_id
186 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
187 affected_user_ids.extend([self._rhodecode_user.user_id, owner_id])
187 events.trigger(events.UserPermissionsChange(affected_user_ids))
188 PermissionModel().trigger_permission_flush(affected_user_ids)
188
189
189 raise HTTPFound(
190 raise HTTPFound(
190 h.route_path('edit_repo', repo_name=new_repo_name))
191 h.route_path('edit_repo', repo_name=new_repo_name))
@@ -34,6 +34,7 from rhodecode.lib.exceptions import Att
34 from rhodecode.lib.utils2 import safe_int
34 from rhodecode.lib.utils2 import safe_int
35 from rhodecode.lib.vcs import RepositoryError
35 from rhodecode.lib.vcs import RepositoryError
36 from rhodecode.model.db import Session, UserFollowing, User, Repository
36 from rhodecode.model.db import Session, UserFollowing, User, Repository
37 from rhodecode.model.permission import PermissionModel
37 from rhodecode.model.repo import RepoModel
38 from rhodecode.model.repo import RepoModel
38 from rhodecode.model.scm import ScmModel
39 from rhodecode.model.scm import ScmModel
39
40
@@ -110,7 +111,7 class RepoSettingsView(RepoAppView):
110
111
111 # flush permissions for all users defined in permissions
112 # flush permissions for all users defined in permissions
112 affected_user_ids = self._get_users_with_permissions().keys()
113 affected_user_ids = self._get_users_with_permissions().keys()
113 events.trigger(events.UserPermissionsChange(affected_user_ids))
114 PermissionModel().trigger_permission_flush(affected_user_ids)
114
115
115 raise HTTPFound(h.route_path('home'))
116 raise HTTPFound(h.route_path('home'))
116
117
@@ -199,7 +199,7 class UserGroupsView(UserGroupAppView):
199 affected_user_ids.append(self._rhodecode_user.user_id)
199 affected_user_ids.append(self._rhodecode_user.user_id)
200 affected_user_ids.append(owner_id)
200 affected_user_ids.append(owner_id)
201
201
202 events.trigger(events.UserPermissionsChange(affected_user_ids))
202 PermissionModel().trigger_permission_flush(affected_user_ids)
203
203
204 Session().commit()
204 Session().commit()
205 except formencode.Invalid as errors:
205 except formencode.Invalid as errors:
@@ -383,7 +383,7 class UserGroupsView(UserGroupAppView):
383 group_members_ids = [x.user_id for x in user_group.members]
383 group_members_ids = [x.user_id for x in user_group.members]
384 affected_user_ids.extend(group_members_ids)
384 affected_user_ids.extend(group_members_ids)
385
385
386 events.trigger(events.UserPermissionsChange(affected_user_ids))
386 PermissionModel().trigger_permission_flush(affected_user_ids)
387
387
388 raise HTTPFound(
388 raise HTTPFound(
389 h.route_path('edit_user_group_perms', user_group_id=user_group_id))
389 h.route_path('edit_user_group_perms', user_group_id=user_group_id))
@@ -28,6 +28,7 import traceback
28
28
29 from sqlalchemy.exc import DatabaseError
29 from sqlalchemy.exc import DatabaseError
30
30
31 from rhodecode import events
31 from rhodecode.model import BaseModel
32 from rhodecode.model import BaseModel
32 from rhodecode.model.db import (
33 from rhodecode.model.db import (
33 User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm,
34 User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm,
@@ -556,3 +557,21 class PermissionModel(BaseModel):
556 self.sa.rollback()
557 self.sa.rollback()
557 raise
558 raise
558
559
560 def trigger_permission_flush(self, affected_user_ids):
561 events.trigger(events.UserPermissionsChange(affected_user_ids))
562
563 def flush_user_permission_caches(self, changes, affected_user_ids=None):
564 affected_user_ids = affected_user_ids or []
565
566 for change in changes['added'] + changes['updated'] + changes['deleted']:
567 if change['type'] == 'user':
568 affected_user_ids.append(change['id'])
569 if change['type'] == 'user_group':
570 user_group = UserGroup.get(safe_int(change['id']))
571 if user_group:
572 group_members_ids = [x.user_id for x in user_group.members]
573 affected_user_ids.extend(group_members_ids)
574
575 self.trigger_permission_flush(affected_user_ids)
576
577 return affected_user_ids
General Comments 0
You need to be logged in to leave comments. Login now