##// END OF EJS Templates
api: add consistent permissions_summary data for both user and user_groups that expose...
marcink -
r2437:31460ef8 default
parent child Browse files
Show More
@@ -115,7 +115,9 b' def get_user(request, apiuser, userid=Op'
115 115
116 116 user = get_user_or_error(userid)
117 117 data = user.get_api_data(include_secrets=True)
118 data['permissions'] = AuthUser(user_id=user.user_id).permissions
118 permissions = AuthUser(user_id=user.user_id).permissions
119 data['permissions'] = permissions # TODO(marcink): should be deprecated
120 data['permissions_summary'] = permissions
119 121 return data
120 122
121 123
@@ -120,7 +120,8 b' def get_user_group(request, apiuser, use'
120 120
121 121 data = user_group.get_api_data()
122 122 data["permissions"] = permissions
123
123 data["Permissions_summary"] = UserGroupModel().get_perms_summary(
124 user_group.users_group_id)
124 125 return data
125 126
126 127
@@ -40,8 +40,7 b' from rhodecode.lib.auth import ('
40 40 LoginRequired, HasUserGroupPermissionAnyDecorator, CSRFRequired)
41 41 from rhodecode.lib import helpers as h, audit_logger
42 42 from rhodecode.lib.utils2 import str2bool
43 from rhodecode.model.db import (
44 joinedload, User, UserGroupRepoToPerm, UserGroupRepoGroupToPerm)
43 from rhodecode.model.db import User
45 44 from rhodecode.model.meta import Session
46 45 from rhodecode.model.user_group import UserGroupModel
47 46
@@ -56,35 +55,8 b' class UserGroupsView(UserGroupAppView):'
56 55 PermissionModel().set_global_permission_choices(
57 56 c, gettext_translator=self.request.translate)
58 57
59
60 58 return c
61 59
62 def _get_perms_summary(self, user_group_id):
63 permissions = {
64 'repositories': {},
65 'repositories_groups': {},
66 }
67 ugroup_repo_perms = UserGroupRepoToPerm.query()\
68 .options(joinedload(UserGroupRepoToPerm.permission))\
69 .options(joinedload(UserGroupRepoToPerm.repository))\
70 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
71 .all()
72
73 for gr in ugroup_repo_perms:
74 permissions['repositories'][gr.repository.repo_name] \
75 = gr.permission.permission_name
76
77 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
78 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
79 .options(joinedload(UserGroupRepoGroupToPerm.group))\
80 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
81 .all()
82
83 for gr in ugroup_group_perms:
84 permissions['repositories_groups'][gr.group.group_name] \
85 = gr.permission.permission_name
86 return permissions
87
88 60 @LoginRequired()
89 61 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
90 62 @view_config(
@@ -127,7 +99,8 b' class UserGroupsView(UserGroupAppView):'
127 99 c = self.load_default_context()
128 100 c.user_group = self.db_user_group
129 101 c.active = 'perms_summary'
130 c.permissions = self._get_perms_summary(c.user_group.users_group_id)
102 c.permissions = UserGroupModel().get_perms_summary(
103 c.user_group.users_group_id)
131 104 return self._get_template_context(c)
132 105
133 106 @LoginRequired()
@@ -138,7 +111,7 b' class UserGroupsView(UserGroupAppView):'
138 111 def user_group_perms_summary_json(self):
139 112 self.load_default_context()
140 113 user_group = self.db_user_group
141 return self._get_perms_summary(user_group.users_group_id)
114 return UserGroupModel().get_perms_summary(user_group.users_group_id)
142 115
143 116 def _revoke_perms_on_yourself(self, form_result):
144 117 _updates = filter(lambda u: self._rhodecode_user.user_id == int(u[0]),
@@ -29,7 +29,7 b' from rhodecode.lib.utils2 import ('
29 29 from rhodecode.model import BaseModel
30 30 from rhodecode.model.scm import UserGroupList
31 31 from rhodecode.model.db import (
32 true, func, User, UserGroupMember, UserGroup,
32 joinedload, true, func, User, UserGroupMember, UserGroup,
33 33 UserGroupRepoToPerm, Permission, UserGroupToPerm, UserUserGroupToPerm,
34 34 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm)
35 35
@@ -502,6 +502,32 b' class UserGroupModel(BaseModel):'
502 502 user_group, target_user_group),
503 503 namespace='security.repogroup')
504 504
505 def get_perms_summary(self, user_group_id):
506 permissions = {
507 'repositories': {},
508 'repositories_groups': {},
509 }
510 ugroup_repo_perms = UserGroupRepoToPerm.query()\
511 .options(joinedload(UserGroupRepoToPerm.permission))\
512 .options(joinedload(UserGroupRepoToPerm.repository))\
513 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
514 .all()
515
516 for gr in ugroup_repo_perms:
517 permissions['repositories'][gr.repository.repo_name] \
518 = gr.permission.permission_name
519
520 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
521 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
522 .options(joinedload(UserGroupRepoGroupToPerm.group))\
523 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
524 .all()
525
526 for gr in ugroup_group_perms:
527 permissions['repositories_groups'][gr.group.group_name] \
528 = gr.permission.permission_name
529 return permissions
530
505 531 def enforce_groups(self, user, groups, extern_type=None):
506 532 user = self._get_user(user)
507 533 current_groups = user.group_member
General Comments 0
You need to be logged in to leave comments. Login now