##// END OF EJS Templates
user-groups: expose public profile link to user group in membership view
marcink -
r2793:d95dfd20 default
parent child Browse files
Show More
@@ -1,745 +1,745 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2011-2018 RhodeCode GmbH
3 # Copyright (C) 2011-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import logging
21 import logging
22 import traceback
22 import traceback
23
23
24 from rhodecode.lib.utils2 import safe_str, safe_unicode
24 from rhodecode.lib.utils2 import safe_str, safe_unicode
25 from rhodecode.lib.exceptions import (
25 from rhodecode.lib.exceptions import (
26 UserGroupAssignedException, RepoGroupAssignmentError)
26 UserGroupAssignedException, RepoGroupAssignmentError)
27 from rhodecode.lib.utils2 import (
27 from rhodecode.lib.utils2 import (
28 get_current_rhodecode_user, action_logger_generic)
28 get_current_rhodecode_user, action_logger_generic)
29 from rhodecode.model import BaseModel
29 from rhodecode.model import BaseModel
30 from rhodecode.model.scm import UserGroupList
30 from rhodecode.model.scm import UserGroupList
31 from rhodecode.model.db import (
31 from rhodecode.model.db import (
32 joinedload, true, func, User, UserGroupMember, UserGroup,
32 joinedload, true, func, User, UserGroupMember, UserGroup,
33 UserGroupRepoToPerm, Permission, UserGroupToPerm, UserUserGroupToPerm,
33 UserGroupRepoToPerm, Permission, UserGroupToPerm, UserUserGroupToPerm,
34 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm)
34 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm)
35
35
36
36
37 log = logging.getLogger(__name__)
37 log = logging.getLogger(__name__)
38
38
39
39
40 class UserGroupModel(BaseModel):
40 class UserGroupModel(BaseModel):
41
41
42 cls = UserGroup
42 cls = UserGroup
43
43
44 def _get_user_group(self, user_group):
44 def _get_user_group(self, user_group):
45 return self._get_instance(UserGroup, user_group,
45 return self._get_instance(UserGroup, user_group,
46 callback=UserGroup.get_by_group_name)
46 callback=UserGroup.get_by_group_name)
47
47
48 def _create_default_perms(self, user_group):
48 def _create_default_perms(self, user_group):
49 # create default permission
49 # create default permission
50 default_perm = 'usergroup.read'
50 default_perm = 'usergroup.read'
51 def_user = User.get_default_user()
51 def_user = User.get_default_user()
52 for p in def_user.user_perms:
52 for p in def_user.user_perms:
53 if p.permission.permission_name.startswith('usergroup.'):
53 if p.permission.permission_name.startswith('usergroup.'):
54 default_perm = p.permission.permission_name
54 default_perm = p.permission.permission_name
55 break
55 break
56
56
57 user_group_to_perm = UserUserGroupToPerm()
57 user_group_to_perm = UserUserGroupToPerm()
58 user_group_to_perm.permission = Permission.get_by_key(default_perm)
58 user_group_to_perm.permission = Permission.get_by_key(default_perm)
59
59
60 user_group_to_perm.user_group = user_group
60 user_group_to_perm.user_group = user_group
61 user_group_to_perm.user_id = def_user.user_id
61 user_group_to_perm.user_id = def_user.user_id
62 return user_group_to_perm
62 return user_group_to_perm
63
63
64 def update_permissions(
64 def update_permissions(
65 self, user_group, perm_additions=None, perm_updates=None,
65 self, user_group, perm_additions=None, perm_updates=None,
66 perm_deletions=None, check_perms=True, cur_user=None):
66 perm_deletions=None, check_perms=True, cur_user=None):
67
67
68 from rhodecode.lib.auth import HasUserGroupPermissionAny
68 from rhodecode.lib.auth import HasUserGroupPermissionAny
69 if not perm_additions:
69 if not perm_additions:
70 perm_additions = []
70 perm_additions = []
71 if not perm_updates:
71 if not perm_updates:
72 perm_updates = []
72 perm_updates = []
73 if not perm_deletions:
73 if not perm_deletions:
74 perm_deletions = []
74 perm_deletions = []
75
75
76 req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
76 req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
77
77
78 changes = {
78 changes = {
79 'added': [],
79 'added': [],
80 'updated': [],
80 'updated': [],
81 'deleted': []
81 'deleted': []
82 }
82 }
83 change_obj = user_group.get_api_data()
83 change_obj = user_group.get_api_data()
84 # update permissions
84 # update permissions
85 for member_id, perm, member_type in perm_updates:
85 for member_id, perm, member_type in perm_updates:
86 member_id = int(member_id)
86 member_id = int(member_id)
87 if member_type == 'user':
87 if member_type == 'user':
88 member_name = User.get(member_id).username
88 member_name = User.get(member_id).username
89 # this updates existing one
89 # this updates existing one
90 self.grant_user_permission(
90 self.grant_user_permission(
91 user_group=user_group, user=member_id, perm=perm
91 user_group=user_group, user=member_id, perm=perm
92 )
92 )
93 else:
93 else:
94 # check if we have permissions to alter this usergroup
94 # check if we have permissions to alter this usergroup
95 member_name = UserGroup.get(member_id).users_group_name
95 member_name = UserGroup.get(member_id).users_group_name
96 if not check_perms or HasUserGroupPermissionAny(
96 if not check_perms or HasUserGroupPermissionAny(
97 *req_perms)(member_name, user=cur_user):
97 *req_perms)(member_name, user=cur_user):
98 self.grant_user_group_permission(
98 self.grant_user_group_permission(
99 target_user_group=user_group, user_group=member_id, perm=perm)
99 target_user_group=user_group, user_group=member_id, perm=perm)
100
100
101 changes['updated'].append({
101 changes['updated'].append({
102 'change_obj': change_obj,
102 'change_obj': change_obj,
103 'type': member_type, 'id': member_id,
103 'type': member_type, 'id': member_id,
104 'name': member_name, 'new_perm': perm})
104 'name': member_name, 'new_perm': perm})
105
105
106 # set new permissions
106 # set new permissions
107 for member_id, perm, member_type in perm_additions:
107 for member_id, perm, member_type in perm_additions:
108 member_id = int(member_id)
108 member_id = int(member_id)
109 if member_type == 'user':
109 if member_type == 'user':
110 member_name = User.get(member_id).username
110 member_name = User.get(member_id).username
111 self.grant_user_permission(
111 self.grant_user_permission(
112 user_group=user_group, user=member_id, perm=perm)
112 user_group=user_group, user=member_id, perm=perm)
113 else:
113 else:
114 # check if we have permissions to alter this usergroup
114 # check if we have permissions to alter this usergroup
115 member_name = UserGroup.get(member_id).users_group_name
115 member_name = UserGroup.get(member_id).users_group_name
116 if not check_perms or HasUserGroupPermissionAny(
116 if not check_perms or HasUserGroupPermissionAny(
117 *req_perms)(member_name, user=cur_user):
117 *req_perms)(member_name, user=cur_user):
118 self.grant_user_group_permission(
118 self.grant_user_group_permission(
119 target_user_group=user_group, user_group=member_id, perm=perm)
119 target_user_group=user_group, user_group=member_id, perm=perm)
120
120
121 changes['added'].append({
121 changes['added'].append({
122 'change_obj': change_obj,
122 'change_obj': change_obj,
123 'type': member_type, 'id': member_id,
123 'type': member_type, 'id': member_id,
124 'name': member_name, 'new_perm': perm})
124 'name': member_name, 'new_perm': perm})
125
125
126 # delete permissions
126 # delete permissions
127 for member_id, perm, member_type in perm_deletions:
127 for member_id, perm, member_type in perm_deletions:
128 member_id = int(member_id)
128 member_id = int(member_id)
129 if member_type == 'user':
129 if member_type == 'user':
130 member_name = User.get(member_id).username
130 member_name = User.get(member_id).username
131 self.revoke_user_permission(user_group=user_group, user=member_id)
131 self.revoke_user_permission(user_group=user_group, user=member_id)
132 else:
132 else:
133 # check if we have permissions to alter this usergroup
133 # check if we have permissions to alter this usergroup
134 member_name = UserGroup.get(member_id).users_group_name
134 member_name = UserGroup.get(member_id).users_group_name
135 if not check_perms or HasUserGroupPermissionAny(
135 if not check_perms or HasUserGroupPermissionAny(
136 *req_perms)(member_name, user=cur_user):
136 *req_perms)(member_name, user=cur_user):
137 self.revoke_user_group_permission(
137 self.revoke_user_group_permission(
138 target_user_group=user_group, user_group=member_id)
138 target_user_group=user_group, user_group=member_id)
139
139
140 changes['deleted'].append({
140 changes['deleted'].append({
141 'change_obj': change_obj,
141 'change_obj': change_obj,
142 'type': member_type, 'id': member_id,
142 'type': member_type, 'id': member_id,
143 'name': member_name, 'new_perm': perm})
143 'name': member_name, 'new_perm': perm})
144
144
145 return changes
145 return changes
146
146
147 def get(self, user_group_id, cache=False):
147 def get(self, user_group_id, cache=False):
148 return UserGroup.get(user_group_id)
148 return UserGroup.get(user_group_id)
149
149
150 def get_group(self, user_group):
150 def get_group(self, user_group):
151 return self._get_user_group(user_group)
151 return self._get_user_group(user_group)
152
152
153 def get_by_name(self, name, cache=False, case_insensitive=False):
153 def get_by_name(self, name, cache=False, case_insensitive=False):
154 return UserGroup.get_by_group_name(name, cache, case_insensitive)
154 return UserGroup.get_by_group_name(name, cache, case_insensitive)
155
155
156 def create(self, name, description, owner, active=True, group_data=None):
156 def create(self, name, description, owner, active=True, group_data=None):
157 try:
157 try:
158 new_user_group = UserGroup()
158 new_user_group = UserGroup()
159 new_user_group.user = self._get_user(owner)
159 new_user_group.user = self._get_user(owner)
160 new_user_group.users_group_name = name
160 new_user_group.users_group_name = name
161 new_user_group.user_group_description = description
161 new_user_group.user_group_description = description
162 new_user_group.users_group_active = active
162 new_user_group.users_group_active = active
163 if group_data:
163 if group_data:
164 new_user_group.group_data = group_data
164 new_user_group.group_data = group_data
165 self.sa.add(new_user_group)
165 self.sa.add(new_user_group)
166 perm_obj = self._create_default_perms(new_user_group)
166 perm_obj = self._create_default_perms(new_user_group)
167 self.sa.add(perm_obj)
167 self.sa.add(perm_obj)
168
168
169 self.grant_user_permission(user_group=new_user_group,
169 self.grant_user_permission(user_group=new_user_group,
170 user=owner, perm='usergroup.admin')
170 user=owner, perm='usergroup.admin')
171
171
172 return new_user_group
172 return new_user_group
173 except Exception:
173 except Exception:
174 log.error(traceback.format_exc())
174 log.error(traceback.format_exc())
175 raise
175 raise
176
176
177 def _get_memberships_for_user_ids(self, user_group, user_id_list):
177 def _get_memberships_for_user_ids(self, user_group, user_id_list):
178 members = []
178 members = []
179 for user_id in user_id_list:
179 for user_id in user_id_list:
180 member = self._get_membership(user_group.users_group_id, user_id)
180 member = self._get_membership(user_group.users_group_id, user_id)
181 members.append(member)
181 members.append(member)
182 return members
182 return members
183
183
184 def _get_added_and_removed_user_ids(self, user_group, user_id_list):
184 def _get_added_and_removed_user_ids(self, user_group, user_id_list):
185 current_members = user_group.members or []
185 current_members = user_group.members or []
186 current_members_ids = [m.user.user_id for m in current_members]
186 current_members_ids = [m.user.user_id for m in current_members]
187
187
188 added_members = [
188 added_members = [
189 user_id for user_id in user_id_list
189 user_id for user_id in user_id_list
190 if user_id not in current_members_ids]
190 if user_id not in current_members_ids]
191 if user_id_list == []:
191 if user_id_list == []:
192 # all members were deleted
192 # all members were deleted
193 deleted_members = current_members_ids
193 deleted_members = current_members_ids
194 else:
194 else:
195 deleted_members = [
195 deleted_members = [
196 user_id for user_id in current_members_ids
196 user_id for user_id in current_members_ids
197 if user_id not in user_id_list]
197 if user_id not in user_id_list]
198
198
199 return added_members, deleted_members
199 return added_members, deleted_members
200
200
201 def _set_users_as_members(self, user_group, user_ids):
201 def _set_users_as_members(self, user_group, user_ids):
202 user_group.members = []
202 user_group.members = []
203 self.sa.flush()
203 self.sa.flush()
204 members = self._get_memberships_for_user_ids(
204 members = self._get_memberships_for_user_ids(
205 user_group, user_ids)
205 user_group, user_ids)
206 user_group.members = members
206 user_group.members = members
207 self.sa.add(user_group)
207 self.sa.add(user_group)
208
208
209 def _update_members_from_user_ids(self, user_group, user_ids):
209 def _update_members_from_user_ids(self, user_group, user_ids):
210 added, removed = self._get_added_and_removed_user_ids(
210 added, removed = self._get_added_and_removed_user_ids(
211 user_group, user_ids)
211 user_group, user_ids)
212 self._set_users_as_members(user_group, user_ids)
212 self._set_users_as_members(user_group, user_ids)
213 self._log_user_changes('added to', user_group, added)
213 self._log_user_changes('added to', user_group, added)
214 self._log_user_changes('removed from', user_group, removed)
214 self._log_user_changes('removed from', user_group, removed)
215 return added, removed
215 return added, removed
216
216
217 def _clean_members_data(self, members_data):
217 def _clean_members_data(self, members_data):
218 if not members_data:
218 if not members_data:
219 members_data = []
219 members_data = []
220
220
221 members = []
221 members = []
222 for user in members_data:
222 for user in members_data:
223 uid = int(user['member_user_id'])
223 uid = int(user['member_user_id'])
224 if uid not in members and user['type'] in ['new', 'existing']:
224 if uid not in members and user['type'] in ['new', 'existing']:
225 members.append(uid)
225 members.append(uid)
226 return members
226 return members
227
227
228 def update(self, user_group, form_data, group_data=None):
228 def update(self, user_group, form_data, group_data=None):
229 user_group = self._get_user_group(user_group)
229 user_group = self._get_user_group(user_group)
230 if 'users_group_name' in form_data:
230 if 'users_group_name' in form_data:
231 user_group.users_group_name = form_data['users_group_name']
231 user_group.users_group_name = form_data['users_group_name']
232 if 'users_group_active' in form_data:
232 if 'users_group_active' in form_data:
233 user_group.users_group_active = form_data['users_group_active']
233 user_group.users_group_active = form_data['users_group_active']
234 if 'user_group_description' in form_data:
234 if 'user_group_description' in form_data:
235 user_group.user_group_description = form_data[
235 user_group.user_group_description = form_data[
236 'user_group_description']
236 'user_group_description']
237
237
238 # handle owner change
238 # handle owner change
239 if 'user' in form_data:
239 if 'user' in form_data:
240 owner = form_data['user']
240 owner = form_data['user']
241 if isinstance(owner, basestring):
241 if isinstance(owner, basestring):
242 owner = User.get_by_username(form_data['user'])
242 owner = User.get_by_username(form_data['user'])
243
243
244 if not isinstance(owner, User):
244 if not isinstance(owner, User):
245 raise ValueError(
245 raise ValueError(
246 'invalid owner for user group: %s' % form_data['user'])
246 'invalid owner for user group: %s' % form_data['user'])
247
247
248 user_group.user = owner
248 user_group.user = owner
249
249
250 added_user_ids = []
250 added_user_ids = []
251 removed_user_ids = []
251 removed_user_ids = []
252 if 'users_group_members' in form_data:
252 if 'users_group_members' in form_data:
253 members_id_list = self._clean_members_data(
253 members_id_list = self._clean_members_data(
254 form_data['users_group_members'])
254 form_data['users_group_members'])
255 added_user_ids, removed_user_ids = \
255 added_user_ids, removed_user_ids = \
256 self._update_members_from_user_ids(user_group, members_id_list)
256 self._update_members_from_user_ids(user_group, members_id_list)
257
257
258 if group_data:
258 if group_data:
259 new_group_data = {}
259 new_group_data = {}
260 new_group_data.update(group_data)
260 new_group_data.update(group_data)
261 user_group.group_data = new_group_data
261 user_group.group_data = new_group_data
262
262
263 self.sa.add(user_group)
263 self.sa.add(user_group)
264 return user_group, added_user_ids, removed_user_ids
264 return user_group, added_user_ids, removed_user_ids
265
265
266 def delete(self, user_group, force=False):
266 def delete(self, user_group, force=False):
267 """
267 """
268 Deletes repository group, unless force flag is used
268 Deletes repository group, unless force flag is used
269 raises exception if there are members in that group, else deletes
269 raises exception if there are members in that group, else deletes
270 group and users
270 group and users
271
271
272 :param user_group:
272 :param user_group:
273 :param force:
273 :param force:
274 """
274 """
275 user_group = self._get_user_group(user_group)
275 user_group = self._get_user_group(user_group)
276 if not user_group:
276 if not user_group:
277 return
277 return
278
278
279 try:
279 try:
280 # check if this group is not assigned to repo
280 # check if this group is not assigned to repo
281 assigned_to_repo = [x.repository for x in UserGroupRepoToPerm.query()\
281 assigned_to_repo = [x.repository for x in UserGroupRepoToPerm.query()\
282 .filter(UserGroupRepoToPerm.users_group == user_group).all()]
282 .filter(UserGroupRepoToPerm.users_group == user_group).all()]
283 # check if this group is not assigned to repo
283 # check if this group is not assigned to repo
284 assigned_to_repo_group = [x.group for x in UserGroupRepoGroupToPerm.query()\
284 assigned_to_repo_group = [x.group for x in UserGroupRepoGroupToPerm.query()\
285 .filter(UserGroupRepoGroupToPerm.users_group == user_group).all()]
285 .filter(UserGroupRepoGroupToPerm.users_group == user_group).all()]
286
286
287 if (assigned_to_repo or assigned_to_repo_group) and not force:
287 if (assigned_to_repo or assigned_to_repo_group) and not force:
288 assigned = ','.join(map(safe_str,
288 assigned = ','.join(map(safe_str,
289 assigned_to_repo+assigned_to_repo_group))
289 assigned_to_repo+assigned_to_repo_group))
290
290
291 raise UserGroupAssignedException(
291 raise UserGroupAssignedException(
292 'UserGroup assigned to %s' % (assigned,))
292 'UserGroup assigned to %s' % (assigned,))
293 self.sa.delete(user_group)
293 self.sa.delete(user_group)
294 except Exception:
294 except Exception:
295 log.error(traceback.format_exc())
295 log.error(traceback.format_exc())
296 raise
296 raise
297
297
298 def _log_user_changes(self, action, user_group, user_or_users):
298 def _log_user_changes(self, action, user_group, user_or_users):
299 users = user_or_users
299 users = user_or_users
300 if not isinstance(users, (list, tuple)):
300 if not isinstance(users, (list, tuple)):
301 users = [users]
301 users = [users]
302
302
303 group_name = user_group.users_group_name
303 group_name = user_group.users_group_name
304
304
305 for user_or_user_id in users:
305 for user_or_user_id in users:
306 user = self._get_user(user_or_user_id)
306 user = self._get_user(user_or_user_id)
307 log_text = 'User {user} {action} {group}'.format(
307 log_text = 'User {user} {action} {group}'.format(
308 action=action, user=user.username, group=group_name)
308 action=action, user=user.username, group=group_name)
309 action_logger_generic(log_text)
309 action_logger_generic(log_text)
310
310
311 def _find_user_in_group(self, user, user_group):
311 def _find_user_in_group(self, user, user_group):
312 user_group_member = None
312 user_group_member = None
313 for m in user_group.members:
313 for m in user_group.members:
314 if m.user_id == user.user_id:
314 if m.user_id == user.user_id:
315 # Found this user's membership row
315 # Found this user's membership row
316 user_group_member = m
316 user_group_member = m
317 break
317 break
318
318
319 return user_group_member
319 return user_group_member
320
320
321 def _get_membership(self, user_group_id, user_id):
321 def _get_membership(self, user_group_id, user_id):
322 user_group_member = UserGroupMember(user_group_id, user_id)
322 user_group_member = UserGroupMember(user_group_id, user_id)
323 return user_group_member
323 return user_group_member
324
324
325 def add_user_to_group(self, user_group, user):
325 def add_user_to_group(self, user_group, user):
326 user_group = self._get_user_group(user_group)
326 user_group = self._get_user_group(user_group)
327 user = self._get_user(user)
327 user = self._get_user(user)
328 user_member = self._find_user_in_group(user, user_group)
328 user_member = self._find_user_in_group(user, user_group)
329 if user_member:
329 if user_member:
330 # user already in the group, skip
330 # user already in the group, skip
331 return True
331 return True
332
332
333 member = self._get_membership(
333 member = self._get_membership(
334 user_group.users_group_id, user.user_id)
334 user_group.users_group_id, user.user_id)
335 user_group.members.append(member)
335 user_group.members.append(member)
336
336
337 try:
337 try:
338 self.sa.add(member)
338 self.sa.add(member)
339 except Exception:
339 except Exception:
340 # what could go wrong here?
340 # what could go wrong here?
341 log.error(traceback.format_exc())
341 log.error(traceback.format_exc())
342 raise
342 raise
343
343
344 self._log_user_changes('added to', user_group, user)
344 self._log_user_changes('added to', user_group, user)
345 return member
345 return member
346
346
347 def remove_user_from_group(self, user_group, user):
347 def remove_user_from_group(self, user_group, user):
348 user_group = self._get_user_group(user_group)
348 user_group = self._get_user_group(user_group)
349 user = self._get_user(user)
349 user = self._get_user(user)
350 user_group_member = self._find_user_in_group(user, user_group)
350 user_group_member = self._find_user_in_group(user, user_group)
351
351
352 if not user_group_member:
352 if not user_group_member:
353 # User isn't in that group
353 # User isn't in that group
354 return False
354 return False
355
355
356 try:
356 try:
357 self.sa.delete(user_group_member)
357 self.sa.delete(user_group_member)
358 except Exception:
358 except Exception:
359 log.error(traceback.format_exc())
359 log.error(traceback.format_exc())
360 raise
360 raise
361
361
362 self._log_user_changes('removed from', user_group, user)
362 self._log_user_changes('removed from', user_group, user)
363 return True
363 return True
364
364
365 def has_perm(self, user_group, perm):
365 def has_perm(self, user_group, perm):
366 user_group = self._get_user_group(user_group)
366 user_group = self._get_user_group(user_group)
367 perm = self._get_perm(perm)
367 perm = self._get_perm(perm)
368
368
369 return UserGroupToPerm.query()\
369 return UserGroupToPerm.query()\
370 .filter(UserGroupToPerm.users_group == user_group)\
370 .filter(UserGroupToPerm.users_group == user_group)\
371 .filter(UserGroupToPerm.permission == perm).scalar() is not None
371 .filter(UserGroupToPerm.permission == perm).scalar() is not None
372
372
373 def grant_perm(self, user_group, perm):
373 def grant_perm(self, user_group, perm):
374 user_group = self._get_user_group(user_group)
374 user_group = self._get_user_group(user_group)
375 perm = self._get_perm(perm)
375 perm = self._get_perm(perm)
376
376
377 # if this permission is already granted skip it
377 # if this permission is already granted skip it
378 _perm = UserGroupToPerm.query()\
378 _perm = UserGroupToPerm.query()\
379 .filter(UserGroupToPerm.users_group == user_group)\
379 .filter(UserGroupToPerm.users_group == user_group)\
380 .filter(UserGroupToPerm.permission == perm)\
380 .filter(UserGroupToPerm.permission == perm)\
381 .scalar()
381 .scalar()
382 if _perm:
382 if _perm:
383 return
383 return
384
384
385 new = UserGroupToPerm()
385 new = UserGroupToPerm()
386 new.users_group = user_group
386 new.users_group = user_group
387 new.permission = perm
387 new.permission = perm
388 self.sa.add(new)
388 self.sa.add(new)
389 return new
389 return new
390
390
391 def revoke_perm(self, user_group, perm):
391 def revoke_perm(self, user_group, perm):
392 user_group = self._get_user_group(user_group)
392 user_group = self._get_user_group(user_group)
393 perm = self._get_perm(perm)
393 perm = self._get_perm(perm)
394
394
395 obj = UserGroupToPerm.query()\
395 obj = UserGroupToPerm.query()\
396 .filter(UserGroupToPerm.users_group == user_group)\
396 .filter(UserGroupToPerm.users_group == user_group)\
397 .filter(UserGroupToPerm.permission == perm).scalar()
397 .filter(UserGroupToPerm.permission == perm).scalar()
398 if obj:
398 if obj:
399 self.sa.delete(obj)
399 self.sa.delete(obj)
400
400
401 def grant_user_permission(self, user_group, user, perm):
401 def grant_user_permission(self, user_group, user, perm):
402 """
402 """
403 Grant permission for user on given user group, or update
403 Grant permission for user on given user group, or update
404 existing one if found
404 existing one if found
405
405
406 :param user_group: Instance of UserGroup, users_group_id,
406 :param user_group: Instance of UserGroup, users_group_id,
407 or users_group_name
407 or users_group_name
408 :param user: Instance of User, user_id or username
408 :param user: Instance of User, user_id or username
409 :param perm: Instance of Permission, or permission_name
409 :param perm: Instance of Permission, or permission_name
410 """
410 """
411 changes = {
411 changes = {
412 'added': [],
412 'added': [],
413 'updated': [],
413 'updated': [],
414 'deleted': []
414 'deleted': []
415 }
415 }
416
416
417 user_group = self._get_user_group(user_group)
417 user_group = self._get_user_group(user_group)
418 user = self._get_user(user)
418 user = self._get_user(user)
419 permission = self._get_perm(perm)
419 permission = self._get_perm(perm)
420 perm_name = permission.permission_name
420 perm_name = permission.permission_name
421 member_id = user.user_id
421 member_id = user.user_id
422 member_name = user.username
422 member_name = user.username
423
423
424 # check if we have that permission already
424 # check if we have that permission already
425 obj = self.sa.query(UserUserGroupToPerm)\
425 obj = self.sa.query(UserUserGroupToPerm)\
426 .filter(UserUserGroupToPerm.user == user)\
426 .filter(UserUserGroupToPerm.user == user)\
427 .filter(UserUserGroupToPerm.user_group == user_group)\
427 .filter(UserUserGroupToPerm.user_group == user_group)\
428 .scalar()
428 .scalar()
429 if obj is None:
429 if obj is None:
430 # create new !
430 # create new !
431 obj = UserUserGroupToPerm()
431 obj = UserUserGroupToPerm()
432 obj.user_group = user_group
432 obj.user_group = user_group
433 obj.user = user
433 obj.user = user
434 obj.permission = permission
434 obj.permission = permission
435 self.sa.add(obj)
435 self.sa.add(obj)
436 log.debug('Granted perm %s to %s on %s', perm, user, user_group)
436 log.debug('Granted perm %s to %s on %s', perm, user, user_group)
437 action_logger_generic(
437 action_logger_generic(
438 'granted permission: {} to user: {} on usergroup: {}'.format(
438 'granted permission: {} to user: {} on usergroup: {}'.format(
439 perm, user, user_group), namespace='security.usergroup')
439 perm, user, user_group), namespace='security.usergroup')
440
440
441 changes['added'].append({
441 changes['added'].append({
442 'change_obj': user_group.get_api_data(),
442 'change_obj': user_group.get_api_data(),
443 'type': 'user', 'id': member_id,
443 'type': 'user', 'id': member_id,
444 'name': member_name, 'new_perm': perm_name})
444 'name': member_name, 'new_perm': perm_name})
445
445
446 return changes
446 return changes
447
447
448 def revoke_user_permission(self, user_group, user):
448 def revoke_user_permission(self, user_group, user):
449 """
449 """
450 Revoke permission for user on given user group
450 Revoke permission for user on given user group
451
451
452 :param user_group: Instance of UserGroup, users_group_id,
452 :param user_group: Instance of UserGroup, users_group_id,
453 or users_group name
453 or users_group name
454 :param user: Instance of User, user_id or username
454 :param user: Instance of User, user_id or username
455 """
455 """
456 changes = {
456 changes = {
457 'added': [],
457 'added': [],
458 'updated': [],
458 'updated': [],
459 'deleted': []
459 'deleted': []
460 }
460 }
461
461
462 user_group = self._get_user_group(user_group)
462 user_group = self._get_user_group(user_group)
463 user = self._get_user(user)
463 user = self._get_user(user)
464 perm_name = 'usergroup.none'
464 perm_name = 'usergroup.none'
465 member_id = user.user_id
465 member_id = user.user_id
466 member_name = user.username
466 member_name = user.username
467
467
468 obj = self.sa.query(UserUserGroupToPerm)\
468 obj = self.sa.query(UserUserGroupToPerm)\
469 .filter(UserUserGroupToPerm.user == user)\
469 .filter(UserUserGroupToPerm.user == user)\
470 .filter(UserUserGroupToPerm.user_group == user_group)\
470 .filter(UserUserGroupToPerm.user_group == user_group)\
471 .scalar()
471 .scalar()
472 if obj:
472 if obj:
473 self.sa.delete(obj)
473 self.sa.delete(obj)
474 log.debug('Revoked perm on %s on %s', user_group, user)
474 log.debug('Revoked perm on %s on %s', user_group, user)
475 action_logger_generic(
475 action_logger_generic(
476 'revoked permission from user: {} on usergroup: {}'.format(
476 'revoked permission from user: {} on usergroup: {}'.format(
477 user, user_group), namespace='security.usergroup')
477 user, user_group), namespace='security.usergroup')
478
478
479 changes['deleted'].append({
479 changes['deleted'].append({
480 'change_obj': user_group.get_api_data(),
480 'change_obj': user_group.get_api_data(),
481 'type': 'user', 'id': member_id,
481 'type': 'user', 'id': member_id,
482 'name': member_name, 'new_perm': perm_name})
482 'name': member_name, 'new_perm': perm_name})
483
483
484 return changes
484 return changes
485
485
486 def grant_user_group_permission(self, target_user_group, user_group, perm):
486 def grant_user_group_permission(self, target_user_group, user_group, perm):
487 """
487 """
488 Grant user group permission for given target_user_group
488 Grant user group permission for given target_user_group
489
489
490 :param target_user_group:
490 :param target_user_group:
491 :param user_group:
491 :param user_group:
492 :param perm:
492 :param perm:
493 """
493 """
494 changes = {
494 changes = {
495 'added': [],
495 'added': [],
496 'updated': [],
496 'updated': [],
497 'deleted': []
497 'deleted': []
498 }
498 }
499
499
500 target_user_group = self._get_user_group(target_user_group)
500 target_user_group = self._get_user_group(target_user_group)
501 user_group = self._get_user_group(user_group)
501 user_group = self._get_user_group(user_group)
502 permission = self._get_perm(perm)
502 permission = self._get_perm(perm)
503 perm_name = permission.permission_name
503 perm_name = permission.permission_name
504 member_id = user_group.users_group_id
504 member_id = user_group.users_group_id
505 member_name = user_group.users_group_name
505 member_name = user_group.users_group_name
506
506
507 # forbid assigning same user group to itself
507 # forbid assigning same user group to itself
508 if target_user_group == user_group:
508 if target_user_group == user_group:
509 raise RepoGroupAssignmentError('target repo:%s cannot be '
509 raise RepoGroupAssignmentError('target repo:%s cannot be '
510 'assigned to itself' % target_user_group)
510 'assigned to itself' % target_user_group)
511
511
512 # check if we have that permission already
512 # check if we have that permission already
513 obj = self.sa.query(UserGroupUserGroupToPerm)\
513 obj = self.sa.query(UserGroupUserGroupToPerm)\
514 .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
514 .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
515 .filter(UserGroupUserGroupToPerm.user_group == user_group)\
515 .filter(UserGroupUserGroupToPerm.user_group == user_group)\
516 .scalar()
516 .scalar()
517 if obj is None:
517 if obj is None:
518 # create new !
518 # create new !
519 obj = UserGroupUserGroupToPerm()
519 obj = UserGroupUserGroupToPerm()
520 obj.user_group = user_group
520 obj.user_group = user_group
521 obj.target_user_group = target_user_group
521 obj.target_user_group = target_user_group
522 obj.permission = permission
522 obj.permission = permission
523 self.sa.add(obj)
523 self.sa.add(obj)
524 log.debug(
524 log.debug(
525 'Granted perm %s to %s on %s', perm, target_user_group, user_group)
525 'Granted perm %s to %s on %s', perm, target_user_group, user_group)
526 action_logger_generic(
526 action_logger_generic(
527 'granted permission: {} to usergroup: {} on usergroup: {}'.format(
527 'granted permission: {} to usergroup: {} on usergroup: {}'.format(
528 perm, user_group, target_user_group),
528 perm, user_group, target_user_group),
529 namespace='security.usergroup')
529 namespace='security.usergroup')
530
530
531 changes['added'].append({
531 changes['added'].append({
532 'change_obj': target_user_group.get_api_data(),
532 'change_obj': target_user_group.get_api_data(),
533 'type': 'user_group', 'id': member_id,
533 'type': 'user_group', 'id': member_id,
534 'name': member_name, 'new_perm': perm_name})
534 'name': member_name, 'new_perm': perm_name})
535
535
536 return changes
536 return changes
537
537
538 def revoke_user_group_permission(self, target_user_group, user_group):
538 def revoke_user_group_permission(self, target_user_group, user_group):
539 """
539 """
540 Revoke user group permission for given target_user_group
540 Revoke user group permission for given target_user_group
541
541
542 :param target_user_group:
542 :param target_user_group:
543 :param user_group:
543 :param user_group:
544 """
544 """
545 changes = {
545 changes = {
546 'added': [],
546 'added': [],
547 'updated': [],
547 'updated': [],
548 'deleted': []
548 'deleted': []
549 }
549 }
550
550
551 target_user_group = self._get_user_group(target_user_group)
551 target_user_group = self._get_user_group(target_user_group)
552 user_group = self._get_user_group(user_group)
552 user_group = self._get_user_group(user_group)
553 perm_name = 'usergroup.none'
553 perm_name = 'usergroup.none'
554 member_id = user_group.users_group_id
554 member_id = user_group.users_group_id
555 member_name = user_group.users_group_name
555 member_name = user_group.users_group_name
556
556
557 obj = self.sa.query(UserGroupUserGroupToPerm)\
557 obj = self.sa.query(UserGroupUserGroupToPerm)\
558 .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
558 .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
559 .filter(UserGroupUserGroupToPerm.user_group == user_group)\
559 .filter(UserGroupUserGroupToPerm.user_group == user_group)\
560 .scalar()
560 .scalar()
561 if obj:
561 if obj:
562 self.sa.delete(obj)
562 self.sa.delete(obj)
563 log.debug(
563 log.debug(
564 'Revoked perm on %s on %s', target_user_group, user_group)
564 'Revoked perm on %s on %s', target_user_group, user_group)
565 action_logger_generic(
565 action_logger_generic(
566 'revoked permission from usergroup: {} on usergroup: {}'.format(
566 'revoked permission from usergroup: {} on usergroup: {}'.format(
567 user_group, target_user_group),
567 user_group, target_user_group),
568 namespace='security.repogroup')
568 namespace='security.repogroup')
569
569
570 changes['deleted'].append({
570 changes['deleted'].append({
571 'change_obj': target_user_group.get_api_data(),
571 'change_obj': target_user_group.get_api_data(),
572 'type': 'user_group', 'id': member_id,
572 'type': 'user_group', 'id': member_id,
573 'name': member_name, 'new_perm': perm_name})
573 'name': member_name, 'new_perm': perm_name})
574
574
575 return changes
575 return changes
576
576
577 def get_perms_summary(self, user_group_id):
577 def get_perms_summary(self, user_group_id):
578 permissions = {
578 permissions = {
579 'repositories': {},
579 'repositories': {},
580 'repositories_groups': {},
580 'repositories_groups': {},
581 }
581 }
582 ugroup_repo_perms = UserGroupRepoToPerm.query()\
582 ugroup_repo_perms = UserGroupRepoToPerm.query()\
583 .options(joinedload(UserGroupRepoToPerm.permission))\
583 .options(joinedload(UserGroupRepoToPerm.permission))\
584 .options(joinedload(UserGroupRepoToPerm.repository))\
584 .options(joinedload(UserGroupRepoToPerm.repository))\
585 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
585 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
586 .all()
586 .all()
587
587
588 for gr in ugroup_repo_perms:
588 for gr in ugroup_repo_perms:
589 permissions['repositories'][gr.repository.repo_name] \
589 permissions['repositories'][gr.repository.repo_name] \
590 = gr.permission.permission_name
590 = gr.permission.permission_name
591
591
592 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
592 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
593 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
593 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
594 .options(joinedload(UserGroupRepoGroupToPerm.group))\
594 .options(joinedload(UserGroupRepoGroupToPerm.group))\
595 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
595 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
596 .all()
596 .all()
597
597
598 for gr in ugroup_group_perms:
598 for gr in ugroup_group_perms:
599 permissions['repositories_groups'][gr.group.group_name] \
599 permissions['repositories_groups'][gr.group.group_name] \
600 = gr.permission.permission_name
600 = gr.permission.permission_name
601 return permissions
601 return permissions
602
602
603 def enforce_groups(self, user, groups, extern_type=None):
603 def enforce_groups(self, user, groups, extern_type=None):
604 user = self._get_user(user)
604 user = self._get_user(user)
605 current_groups = user.group_member
605 current_groups = user.group_member
606
606
607 # find the external created groups, i.e automatically created
607 # find the external created groups, i.e automatically created
608 log.debug('Enforcing user group set `%s` on user %s', groups, user)
608 log.debug('Enforcing user group set `%s` on user %s', groups, user)
609 # calculate from what groups user should be removed
609 # calculate from what groups user should be removed
610 # external_groups that are not in groups
610 # external_groups that are not in groups
611 for gr in [x.users_group for x in current_groups]:
611 for gr in [x.users_group for x in current_groups]:
612 managed = gr.group_data.get('extern_type')
612 managed = gr.group_data.get('extern_type')
613 if managed:
613 if managed:
614 if gr.users_group_name not in groups:
614 if gr.users_group_name not in groups:
615 log.debug('Removing user %s from user group %s. '
615 log.debug('Removing user %s from user group %s. '
616 'Group sync managed by: %s', user, gr, managed)
616 'Group sync managed by: %s', user, gr, managed)
617 self.remove_user_from_group(gr, user)
617 self.remove_user_from_group(gr, user)
618 else:
618 else:
619 log.debug('Skipping removal from group %s since it is '
619 log.debug('Skipping removal from group %s since it is '
620 'not set to be automatically synchronized' % gr)
620 'not set to be automatically synchronized' % gr)
621
621
622 # now we calculate in which groups user should be == groups params
622 # now we calculate in which groups user should be == groups params
623 owner = User.get_first_super_admin().username
623 owner = User.get_first_super_admin().username
624 for gr in set(groups):
624 for gr in set(groups):
625 existing_group = UserGroup.get_by_group_name(gr)
625 existing_group = UserGroup.get_by_group_name(gr)
626 if not existing_group:
626 if not existing_group:
627 desc = 'Automatically created from plugin:%s' % extern_type
627 desc = 'Automatically created from plugin:%s' % extern_type
628 # we use first admin account to set the owner of the group
628 # we use first admin account to set the owner of the group
629 existing_group = UserGroupModel().create(
629 existing_group = UserGroupModel().create(
630 gr, desc, owner, group_data={'extern_type': extern_type})
630 gr, desc, owner, group_data={'extern_type': extern_type})
631
631
632 # we can only add users to groups which have set sync flag via
632 # we can only add users to groups which have set sync flag via
633 # extern_type attribute.
633 # extern_type attribute.
634 # This is either set and created via plugins, or manually
634 # This is either set and created via plugins, or manually
635 managed = existing_group.group_data.get('extern_type')
635 managed = existing_group.group_data.get('extern_type')
636 if managed:
636 if managed:
637 log.debug('Adding user %s to user group %s', user, gr)
637 log.debug('Adding user %s to user group %s', user, gr)
638 UserGroupModel().add_user_to_group(existing_group, user)
638 UserGroupModel().add_user_to_group(existing_group, user)
639 else:
639 else:
640 log.debug('Skipping addition to group %s since it is '
640 log.debug('Skipping addition to group %s since it is '
641 'not set to be automatically synchronized' % gr)
641 'not set to be automatically synchronized' % gr)
642
642
643 def change_groups(self, user, groups):
643 def change_groups(self, user, groups):
644 """
644 """
645 This method changes user group assignment
645 This method changes user group assignment
646 :param user: User
646 :param user: User
647 :param groups: array of UserGroupModel
647 :param groups: array of UserGroupModel
648 """
648 """
649 user = self._get_user(user)
649 user = self._get_user(user)
650 log.debug('Changing user(%s) assignment to groups(%s)', user, groups)
650 log.debug('Changing user(%s) assignment to groups(%s)', user, groups)
651 current_groups = user.group_member
651 current_groups = user.group_member
652 current_groups = [x.users_group for x in current_groups]
652 current_groups = [x.users_group for x in current_groups]
653
653
654 # calculate from what groups user should be removed/add
654 # calculate from what groups user should be removed/add
655 groups = set(groups)
655 groups = set(groups)
656 current_groups = set(current_groups)
656 current_groups = set(current_groups)
657
657
658 groups_to_remove = current_groups - groups
658 groups_to_remove = current_groups - groups
659 groups_to_add = groups - current_groups
659 groups_to_add = groups - current_groups
660
660
661 removed_from_groups = []
661 removed_from_groups = []
662 added_to_groups = []
662 added_to_groups = []
663 for gr in groups_to_remove:
663 for gr in groups_to_remove:
664 log.debug('Removing user %s from user group %s',
664 log.debug('Removing user %s from user group %s',
665 user.username, gr.users_group_name)
665 user.username, gr.users_group_name)
666 removed_from_groups.append(gr.users_group_id)
666 removed_from_groups.append(gr.users_group_id)
667 self.remove_user_from_group(gr.users_group_name, user.username)
667 self.remove_user_from_group(gr.users_group_name, user.username)
668 for gr in groups_to_add:
668 for gr in groups_to_add:
669 log.debug('Adding user %s to user group %s',
669 log.debug('Adding user %s to user group %s',
670 user.username, gr.users_group_name)
670 user.username, gr.users_group_name)
671 added_to_groups.append(gr.users_group_id)
671 added_to_groups.append(gr.users_group_id)
672 UserGroupModel().add_user_to_group(
672 UserGroupModel().add_user_to_group(
673 gr.users_group_name, user.username)
673 gr.users_group_name, user.username)
674
674
675 return added_to_groups, removed_from_groups
675 return added_to_groups, removed_from_groups
676
676
677 def _serialize_user_group(self, user_group):
677 def _serialize_user_group(self, user_group):
678 import rhodecode.lib.helpers as h
678 import rhodecode.lib.helpers as h
679 return {
679 return {
680 'id': user_group.users_group_id,
680 'id': user_group.users_group_id,
681 # TODO: marcink figure out a way to generate the url for the
681 # TODO: marcink figure out a way to generate the url for the
682 # icon
682 # icon
683 'icon_link': '',
683 'icon_link': '',
684 'value_display': 'Group: %s (%d members)' % (
684 'value_display': 'Group: %s (%d members)' % (
685 user_group.users_group_name, len(user_group.members),),
685 user_group.users_group_name, len(user_group.members),),
686 'value': user_group.users_group_name,
686 'value': user_group.users_group_name,
687 'description': user_group.user_group_description,
687 'description': user_group.user_group_description,
688 'owner': user_group.user.username,
688 'owner': user_group.user.username,
689
689
690 'owner_icon': h.gravatar_url(user_group.user.email, 30),
690 'owner_icon': h.gravatar_url(user_group.user.email, 30),
691 'value_display_owner': h.person(user_group.user.email),
691 'value_display_owner': h.person(user_group.user.email),
692
692
693 'value_type': 'user_group',
693 'value_type': 'user_group',
694 'active': user_group.users_group_active,
694 'active': user_group.users_group_active,
695 }
695 }
696
696
697 def get_user_groups(self, name_contains=None, limit=20, only_active=True,
697 def get_user_groups(self, name_contains=None, limit=20, only_active=True,
698 expand_groups=False):
698 expand_groups=False):
699 query = self.sa.query(UserGroup)
699 query = self.sa.query(UserGroup)
700 if only_active:
700 if only_active:
701 query = query.filter(UserGroup.users_group_active == true())
701 query = query.filter(UserGroup.users_group_active == true())
702
702
703 if name_contains:
703 if name_contains:
704 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
704 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
705 query = query.filter(
705 query = query.filter(
706 UserGroup.users_group_name.ilike(ilike_expression))\
706 UserGroup.users_group_name.ilike(ilike_expression))\
707 .order_by(func.length(UserGroup.users_group_name))\
707 .order_by(func.length(UserGroup.users_group_name))\
708 .order_by(UserGroup.users_group_name)
708 .order_by(UserGroup.users_group_name)
709
709
710 query = query.limit(limit)
710 query = query.limit(limit)
711 user_groups = query.all()
711 user_groups = query.all()
712 perm_set = ['usergroup.read', 'usergroup.write', 'usergroup.admin']
712 perm_set = ['usergroup.read', 'usergroup.write', 'usergroup.admin']
713 user_groups = UserGroupList(user_groups, perm_set=perm_set)
713 user_groups = UserGroupList(user_groups, perm_set=perm_set)
714
714
715 # store same serialize method to extract data from User
715 # store same serialize method to extract data from User
716 from rhodecode.model.user import UserModel
716 from rhodecode.model.user import UserModel
717 serialize_user = UserModel()._serialize_user
717 serialize_user = UserModel()._serialize_user
718
718
719 _groups = []
719 _groups = []
720 for group in user_groups:
720 for group in user_groups:
721 entry = self._serialize_user_group(group)
721 entry = self._serialize_user_group(group)
722 if expand_groups:
722 if expand_groups:
723 expanded_members = []
723 expanded_members = []
724 for member in group.members:
724 for member in group.members:
725 expanded_members.append(serialize_user(member.user))
725 expanded_members.append(serialize_user(member.user))
726 entry['members'] = expanded_members
726 entry['members'] = expanded_members
727 _groups.append(entry)
727 _groups.append(entry)
728 return _groups
728 return _groups
729
729
730 @staticmethod
730 @staticmethod
731 def get_user_groups_as_dict(user_group):
731 def get_user_groups_as_dict(user_group):
732 import rhodecode.lib.helpers as h
732 import rhodecode.lib.helpers as h
733
733
734 data = {
734 data = {
735 'users_group_id': user_group.users_group_id,
735 'users_group_id': user_group.users_group_id,
736 'group_name': user_group.users_group_name,
736 'group_name': h.link_to_group(user_group.users_group_name),
737 'group_description': user_group.user_group_description,
737 'group_description': user_group.user_group_description,
738 'active': user_group.users_group_active,
738 'active': user_group.users_group_active,
739 "owner": user_group.user.username,
739 "owner": user_group.user.username,
740 'owner_icon': h.gravatar_url(user_group.user.email, 30),
740 'owner_icon': h.gravatar_url(user_group.user.email, 30),
741 "owner_data": {
741 "owner_data": {
742 'owner': user_group.user.username,
742 'owner': user_group.user.username,
743 'owner_icon': h.gravatar_url(user_group.user.email, 30)}
743 'owner_icon': h.gravatar_url(user_group.user.email, 30)}
744 }
744 }
745 return data
745 return data
General Comments 0
You need to be logged in to leave comments. Login now