Show More
@@ -0,0 +1,78 b'' | |||
|
1 | # -*- coding: utf-8 -*- | |
|
2 | ||
|
3 | # Copyright (C) 2016-2017 RhodeCode GmbH | |
|
4 | # | |
|
5 | # This program is free software: you can redistribute it and/or modify | |
|
6 | # it under the terms of the GNU Affero General Public License, version 3 | |
|
7 | # (only), as published by the Free Software Foundation. | |
|
8 | # | |
|
9 | # This program is distributed in the hope that it will be useful, | |
|
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
|
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
|
12 | # GNU General Public License for more details. | |
|
13 | # | |
|
14 | # You should have received a copy of the GNU Affero General Public License | |
|
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
|
16 | # | |
|
17 | # This program is dual-licensed. If you wish to learn more about the | |
|
18 | # RhodeCode Enterprise Edition, including its added features, Support services, | |
|
19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ | |
|
20 | import re | |
|
21 | import colander | |
|
22 | ||
|
23 | from rhodecode.model.validation_schema import types, validators | |
|
24 | from rhodecode.translation import _ | |
|
25 | ||
|
26 | ||
|
27 | @colander.deferred | |
|
28 | def deferred_user_group_name_validator(node, kw): | |
|
29 | ||
|
30 | def name_validator(node, value): | |
|
31 | ||
|
32 | msg = _('Allowed in name are letters, numbers, and `-`, `_`, `.` ' | |
|
33 | 'Name must start with a letter or number. Got `{}`').format(value) | |
|
34 | ||
|
35 | if not re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value): | |
|
36 | raise colander.Invalid(node, msg) | |
|
37 | ||
|
38 | return name_validator | |
|
39 | ||
|
40 | ||
|
41 | @colander.deferred | |
|
42 | def deferred_user_group_owner_validator(node, kw): | |
|
43 | ||
|
44 | def owner_validator(node, value): | |
|
45 | from rhodecode.model.db import User | |
|
46 | existing = User.get_by_username(value) | |
|
47 | if not existing: | |
|
48 | msg = _(u'User group owner with id `{}` does not exists').format(value) | |
|
49 | raise colander.Invalid(node, msg) | |
|
50 | ||
|
51 | return owner_validator | |
|
52 | ||
|
53 | ||
|
54 | class UserGroupSchema(colander.Schema): | |
|
55 | ||
|
56 | user_group_name = colander.SchemaNode( | |
|
57 | colander.String(), | |
|
58 | validator=deferred_user_group_name_validator) | |
|
59 | ||
|
60 | user_group_description = colander.SchemaNode( | |
|
61 | colander.String(), missing='') | |
|
62 | ||
|
63 | user_group_owner = colander.SchemaNode( | |
|
64 | colander.String(), | |
|
65 | validator=deferred_user_group_owner_validator) | |
|
66 | ||
|
67 | user_group_active = colander.SchemaNode( | |
|
68 | types.StringBooleanType(), | |
|
69 | missing=False) | |
|
70 | ||
|
71 | def deserialize(self, cstruct): | |
|
72 | """ | |
|
73 | Custom deserialize that allows to chain validation, and verify | |
|
74 | permissions, and as last step uniqueness | |
|
75 | """ | |
|
76 | ||
|
77 | appstruct = super(UserGroupSchema, self).deserialize(cstruct) | |
|
78 | return appstruct |
@@ -112,3 +112,16 b' class TestCreateUserGroup(object):' | |||
|
112 | 112 | |
|
113 | 113 | expected = 'failed to create group `%s`' % (group_name,) |
|
114 | 114 | assert_error(id_, expected, given=response.body) |
|
115 | ||
|
116 | def test_api_create_user_group_with_wrong_name(self, user_util): | |
|
117 | ||
|
118 | group_name = 'wrong NAME <>' | |
|
119 | id_, params = build_data( | |
|
120 | self.apikey, 'create_user_group', group_name=group_name) | |
|
121 | response = api_call(self.app, params) | |
|
122 | ||
|
123 | expected = {"user_group_name": | |
|
124 | "Allowed in name are letters, numbers, and `-`, `_`, " | |
|
125 | "`.` Name must start with a letter or number. " | |
|
126 | "Got `{}`".format(group_name)} | |
|
127 | assert_error(id_, expected, given=response.body) |
@@ -20,7 +20,8 b'' | |||
|
20 | 20 | |
|
21 | 21 | import logging |
|
22 | 22 | |
|
23 | from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden | |
|
23 | from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden, \ | |
|
24 | JSONRPCValidationError | |
|
24 | 25 | from rhodecode.api.utils import ( |
|
25 | 26 | Optional, OAttr, store_update, has_superadmin_permission, get_origin, |
|
26 | 27 | get_user_or_error, get_user_group_or_error, get_perm_or_error) |
@@ -30,6 +31,8 b' from rhodecode.lib.exceptions import Use' | |||
|
30 | 31 | from rhodecode.model.db import Session |
|
31 | 32 | from rhodecode.model.scm import UserGroupList |
|
32 | 33 | from rhodecode.model.user_group import UserGroupModel |
|
34 | from rhodecode.model import validation_schema | |
|
35 | from rhodecode.model.validation_schema.schemas import user_group_schema | |
|
33 | 36 | |
|
34 | 37 | log = logging.getLogger(__name__) |
|
35 | 38 | |
@@ -211,16 +214,32 b' def create_user_group(' | |||
|
211 | 214 | if UserGroupModel().get_by_name(group_name): |
|
212 | 215 | raise JSONRPCError("user group `%s` already exist" % (group_name,)) |
|
213 | 216 | |
|
214 | try: | |
|
215 | 217 |
|
|
216 | 218 |
|
|
217 | 219 | |
|
218 | 220 |
|
|
219 | 221 |
|
|
220 | 222 |
|
|
223 | ||
|
224 | schema = user_group_schema.UserGroupSchema().bind( | |
|
225 | # user caller | |
|
226 | user=apiuser) | |
|
227 | try: | |
|
228 | schema_data = schema.deserialize(dict( | |
|
229 | user_group_name=group_name, | |
|
230 | user_group_description=description, | |
|
231 | user_group_owner=owner.username, | |
|
232 | user_group_active=active, | |
|
233 | )) | |
|
234 | except validation_schema.Invalid as err: | |
|
235 | raise JSONRPCValidationError(colander_exc=err) | |
|
236 | ||
|
237 | try: | |
|
221 | 238 | user_group = UserGroupModel().create( |
|
222 | name=group_name, description=description, owner=owner, | |
|
223 | active=active) | |
|
239 | name=schema_data['user_group_name'], | |
|
240 | description=schema_data['user_group_description'], | |
|
241 | owner=owner, | |
|
242 | active=schema_data['user_group_active']) | |
|
224 | 243 | Session().flush() |
|
225 | 244 | creation_data = user_group.get_api_data() |
|
226 | 245 | audit_logger.store_api( |
General Comments 0
You need to be logged in to leave comments.
Login now