Show More
| @@ -34,6 +34,7 b' import traceback' | |||
|
|
34 | 34 | from functools import wraps |
|
|
35 | 35 | |
|
|
36 | 36 | import ipaddress |
|
|
37 | from beaker.cache import cache_region | |
|
|
37 | 38 | from pyramid.httpexceptions import HTTPForbidden, HTTPFound, HTTPNotFound |
|
|
38 | 39 | from pylons.i18n.translation import _ |
|
|
39 | 40 | # NOTE(marcink): this has to be removed only after pyramid migration, |
| @@ -48,7 +49,7 b' from rhodecode.model.meta import Session' | |||
|
|
48 | 49 | from rhodecode.model.user import UserModel |
|
|
49 | 50 | from rhodecode.model.db import ( |
|
|
50 | 51 | User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember, |
|
|
51 | UserIpMap, UserApiKeys, RepoGroup) | |
|
|
52 | UserIpMap, UserApiKeys, RepoGroup, UserGroup) | |
|
|
52 | 53 | from rhodecode.lib import caches |
|
|
53 | 54 | from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5 |
|
|
54 | 55 | from rhodecode.lib.utils import ( |
| @@ -1003,6 +1004,66 b' class AuthUser(object):' | |||
|
|
1003 | 1004 | x[0] for x in self.permissions['user_groups'].iteritems() |
|
|
1004 | 1005 | if x[1] == 'usergroup.admin'] |
|
|
1005 | 1006 | |
|
|
1007 | def repo_acl_ids(self, perms=None, cache=False): | |
|
|
1008 | """ | |
|
|
1009 | Returns list of repository ids that user have access to based on given | |
|
|
1010 | perms. The cache flag should be only used in cases that are used for | |
|
|
1011 | display purposes, NOT IN ANY CASE for permission checks. | |
|
|
1012 | """ | |
|
|
1013 | from rhodecode.model.scm import RepoList | |
|
|
1014 | if not perms: | |
|
|
1015 | perms = [ | |
|
|
1016 | 'repository.read', 'repository.write', 'repository.admin'] | |
|
|
1017 | ||
|
|
1018 | def _cached_repo_acl(user_id, perm_def): | |
|
|
1019 | return [x.repo_id for x in RepoList( | |
|
|
1020 | Repository.query().all(), perm_set=perm_def)] | |
|
|
1021 | ||
|
|
1022 | compute = caches.conditional_cache( | |
|
|
1023 | 'long_term', 'repo_acl_ids', | |
|
|
1024 | condition=cache, func=_cached_repo_acl) | |
|
|
1025 | return compute(self.user_id, perms) | |
|
|
1026 | ||
|
|
1027 | def repo_group_acl_ids(self, perms=None, cache=False): | |
|
|
1028 | """ | |
|
|
1029 | Returns list of repository group ids that user have access to based on given | |
|
|
1030 | perms. The cache flag should be only used in cases that are used for | |
|
|
1031 | display purposes, NOT IN ANY CASE for permission checks. | |
|
|
1032 | """ | |
|
|
1033 | from rhodecode.model.scm import RepoGroupList | |
|
|
1034 | if not perms: | |
|
|
1035 | perms = [ | |
|
|
1036 | 'group.read', 'group.write', 'group.admin'] | |
|
|
1037 | ||
|
|
1038 | def _cached_repo_group_acl(user_id, perm_def): | |
|
|
1039 | return [x.group_id for x in RepoGroupList( | |
|
|
1040 | RepoGroup.query().all(), perm_set=perm_def)] | |
|
|
1041 | ||
|
|
1042 | compute = caches.conditional_cache( | |
|
|
1043 | 'long_term', 'repo_group_acl_ids', | |
|
|
1044 | condition=cache, func=_cached_repo_group_acl) | |
|
|
1045 | return compute(self.user_id, perms) | |
|
|
1046 | ||
|
|
1047 | def user_group_acl_ids(self, perms=None, cache=False): | |
|
|
1048 | """ | |
|
|
1049 | Returns list of user group ids that user have access to based on given | |
|
|
1050 | perms. The cache flag should be only used in cases that are used for | |
|
|
1051 | display purposes, NOT IN ANY CASE for permission checks. | |
|
|
1052 | """ | |
|
|
1053 | from rhodecode.model.scm import UserGroupList | |
|
|
1054 | if not perms: | |
|
|
1055 | perms = [ | |
|
|
1056 | 'usergroup.read', 'usergroup.write', 'usergroup.admin'] | |
|
|
1057 | ||
|
|
1058 | def _cached_user_group_acl(user_id, perm_def): | |
|
|
1059 | return [x.users_group_id for x in UserGroupList( | |
|
|
1060 | UserGroup.query().all(), perm_set=perm_def)] | |
|
|
1061 | ||
|
|
1062 | compute = caches.conditional_cache( | |
|
|
1063 | 'long_term', 'user_group_acl_ids', | |
|
|
1064 | condition=cache, func=_cached_user_group_acl) | |
|
|
1065 | return compute(self.user_id, perms) | |
|
|
1066 | ||
|
|
1006 | 1067 | @property |
|
|
1007 | 1068 | def ip_allowed(self): |
|
|
1008 | 1069 | """ |
General Comments 0
You need to be logged in to leave comments.
Login now