user.py
612 lines
| 22.4 KiB
| text/x-python
|
PythonLexer
r761 | # -*- coding: utf-8 -*- | ||
""" | |||
r956 | rhodecode.model.user | ||
~~~~~~~~~~~~~~~~~~~~ | |||
r761 | |||
users model for RhodeCode | |||
r1203 | |||
r761 | :created_on: Apr 9, 2010 | ||
:author: marcink | |||
r1824 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | ||
r761 | :license: GPLv3, see COPYING for more details. | ||
""" | |||
r1206 | # This program is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | |||
# the Free Software Foundation, either version 3 of the License, or | |||
# (at your option) any later version. | |||
r1203 | # | ||
r629 | # This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
# GNU General Public License for more details. | |||
r1203 | # | ||
r629 | # You should have received a copy of the GNU General Public License | ||
r1206 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
r750 | |||
r629 | import logging | ||
import traceback | |||
r1731 | from pylons import url | ||
r761 | from pylons.i18n.translation import _ | ||
r2109 | from rhodecode.lib.utils2 import safe_unicode, generate_api_key | ||
r1669 | from rhodecode.lib.caching_query import FromCache | ||
r761 | from rhodecode.model import BaseModel | ||
r1633 | from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \ | ||
r1731 | UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember, \ | ||
r2432 | Notification, RepoGroup, UserRepoGroupToPerm, UsersGroupRepoGroupToPerm, \ | ||
UserEmailMap | |||
r1269 | from rhodecode.lib.exceptions import DefaultUserException, \ | ||
UserOwnsReposException | |||
r713 | |||
r761 | from sqlalchemy.exc import DatabaseError | ||
r2109 | |||
r1269 | from sqlalchemy.orm import joinedload | ||
r761 | |||
log = logging.getLogger(__name__) | |||
r629 | |||
r1731 | |||
r1982 | PERM_WEIGHTS = { | ||
'repository.none': 0, | |||
'repository.read': 1, | |||
'repository.write': 3, | |||
'repository.admin': 4, | |||
'group.none': 0, | |||
'group.read': 1, | |||
'group.write': 3, | |||
'group.admin': 4, | |||
} | |||
r1117 | |||
r1267 | |||
r752 | class UserModel(BaseModel): | ||
r1716 | |||
r1594 | def get(self, user_id, cache=False): | ||
r629 | user = self.sa.query(User) | ||
if cache: | |||
user = user.options(FromCache("sql_cache_short", | |||
"get_user_%s" % user_id)) | |||
return user.get(user_id) | |||
r2009 | def get_user(self, user): | ||
r2432 | return self._get_user(user) | ||
r2009 | |||
r1594 | def get_by_username(self, username, cache=False, case_insensitive=False): | ||
r750 | |||
r742 | if case_insensitive: | ||
user = self.sa.query(User).filter(User.username.ilike(username)) | |||
else: | |||
user = self.sa.query(User)\ | |||
.filter(User.username == username) | |||
r629 | if cache: | ||
user = user.options(FromCache("sql_cache_short", | |||
"get_user_%s" % username)) | |||
return user.scalar() | |||
r1594 | def get_by_api_key(self, api_key, cache=False): | ||
r1693 | return User.get_by_api_key(api_key, cache) | ||
r1117 | |||
r629 | def create(self, form_data): | ||
r2467 | from rhodecode.lib.auth import get_crypt_password | ||
r629 | try: | ||
new_user = User() | |||
for k, v in form_data.items(): | |||
r2467 | if k == 'password': | ||
v = get_crypt_password(v) | |||
r629 | setattr(new_user, k, v) | ||
r1116 | new_user.api_key = generate_api_key(form_data['username']) | ||
r629 | self.sa.add(new_user) | ||
Nicolas VINOT
|
r1586 | return new_user | |
r629 | except: | ||
log.error(traceback.format_exc()) | |||
raise | |||
r1728 | def create_or_update(self, username, password, email, name, lastname, | ||
r1634 | active=True, admin=False, ldap_dn=None): | ||
""" | |||
Creates a new instance if not found, or updates current one | |||
r1818 | |||
r1634 | :param username: | ||
:param password: | |||
:param email: | |||
:param active: | |||
:param name: | |||
:param lastname: | |||
:param active: | |||
:param admin: | |||
:param ldap_dn: | |||
""" | |||
r1728 | |||
r1634 | from rhodecode.lib.auth import get_crypt_password | ||
r1728 | |||
r1976 | log.debug('Checking for %s account in RhodeCode database' % username) | ||
r1634 | user = User.get_by_username(username, case_insensitive=True) | ||
if user is None: | |||
r1976 | log.debug('creating new user %s' % username) | ||
r1634 | new_user = User() | ||
else: | |||
r1976 | log.debug('updating user %s' % username) | ||
r1634 | new_user = user | ||
r1728 | |||
r1634 | try: | ||
new_user.username = username | |||
new_user.admin = admin | |||
new_user.password = get_crypt_password(password) | |||
new_user.api_key = generate_api_key(username) | |||
new_user.email = email | |||
new_user.active = active | |||
new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None | |||
new_user.name = name | |||
new_user.lastname = lastname | |||
self.sa.add(new_user) | |||
return new_user | |||
except (DatabaseError,): | |||
log.error(traceback.format_exc()) | |||
raise | |||
r1728 | |||
Liad Shani
|
r1621 | def create_for_container_auth(self, username, attrs): | |
""" | |||
Creates the given user if it's not already in the database | |||
r1818 | |||
Liad Shani
|
r1621 | :param username: | |
:param attrs: | |||
""" | |||
if self.get_by_username(username, case_insensitive=True) is None: | |||
r1690 | |||
# autogenerate email for container account without one | |||
generate_email = lambda usr: '%s@container_auth.account' % usr | |||
Liad Shani
|
r1621 | try: | |
new_user = User() | |||
new_user.username = username | |||
new_user.password = None | |||
new_user.api_key = generate_api_key(username) | |||
new_user.email = attrs['email'] | |||
r1628 | new_user.active = attrs.get('active', True) | ||
r1690 | new_user.name = attrs['name'] or generate_email(username) | ||
Liad Shani
|
r1621 | new_user.lastname = attrs['lastname'] | |
self.sa.add(new_user) | |||
r1628 | return new_user | ||
Liad Shani
|
r1621 | except (DatabaseError,): | |
log.error(traceback.format_exc()) | |||
self.sa.rollback() | |||
raise | |||
r1628 | log.debug('User %s already exists. Skipping creation of account' | ||
' for container auth.', username) | |||
return None | |||
Liad Shani
|
r1621 | ||
Thayne Harbaugh
|
r991 | def create_ldap(self, username, password, user_dn, attrs): | |
r705 | """ | ||
Checks if user is in database, if not creates this user marked | |||
as ldap user | |||
r1818 | |||
r705 | :param username: | ||
:param password: | |||
Thayne Harbaugh
|
r991 | :param user_dn: | |
:param attrs: | |||
r705 | """ | ||
r750 | from rhodecode.lib.auth import get_crypt_password | ||
r761 | log.debug('Checking for such ldap account in RhodeCode database') | ||
r1594 | if self.get_by_username(username, case_insensitive=True) is None: | ||
r1689 | |||
# autogenerate email for ldap account without one | |||
generate_email = lambda usr: '%s@ldap.account' % usr | |||
r705 | try: | ||
new_user = User() | |||
r1689 | username = username.lower() | ||
r1269 | # add ldap account always lowercase | ||
r1689 | new_user.username = username | ||
r750 | new_user.password = get_crypt_password(password) | ||
r1116 | new_user.api_key = generate_api_key(username) | ||
r1689 | new_user.email = attrs['email'] or generate_email(username) | ||
r1628 | new_user.active = attrs.get('active', True) | ||
r1516 | new_user.ldap_dn = safe_unicode(user_dn) | ||
Thayne Harbaugh
|
r991 | new_user.name = attrs['name'] | |
new_user.lastname = attrs['lastname'] | |||
r705 | |||
self.sa.add(new_user) | |||
r1628 | return new_user | ||
r761 | except (DatabaseError,): | ||
r705 | log.error(traceback.format_exc()) | ||
self.sa.rollback() | |||
raise | |||
r761 | log.debug('this %s user exists skipping creation of ldap account', | ||
username) | |||
r1628 | return None | ||
r705 | |||
r629 | def create_registration(self, form_data): | ||
r1731 | from rhodecode.model.notification import NotificationModel | ||
r629 | try: | ||
r2248 | form_data['admin'] = False | ||
new_user = self.create(form_data) | |||
r629 | |||
self.sa.add(new_user) | |||
r1731 | self.sa.flush() | ||
# notification to admins | |||
subject = _('new user registration') | |||
r689 | body = ('New user registration\n' | ||
r1731 | '---------------------\n' | ||
'- Username: %s\n' | |||
'- Full Name: %s\n' | |||
'- Email: %s\n') | |||
body = body % (new_user.username, new_user.full_name, | |||
new_user.email) | |||
edit_url = url('edit_user', id=new_user.user_id, qualified=True) | |||
r1950 | kw = {'registered_user_url': edit_url} | ||
r1731 | NotificationModel().create(created_by=new_user, subject=subject, | ||
body=body, recipients=None, | |||
type_=Notification.TYPE_REGISTRATION, | |||
email_kwargs=kw) | |||
r689 | |||
r629 | except: | ||
log.error(traceback.format_exc()) | |||
raise | |||
def update(self, user_id, form_data): | |||
try: | |||
r1594 | user = self.get(user_id, cache=False) | ||
r1116 | if user.username == 'default': | ||
r629 | raise DefaultUserException( | ||
_("You can't Edit this user since it's" | |||
" crucial for entire application")) | |||
r713 | |||
r629 | for k, v in form_data.items(): | ||
if k == 'new_password' and v != '': | |||
r1116 | user.password = v | ||
user.api_key = generate_api_key(user.username) | |||
r629 | else: | ||
r1116 | setattr(user, k, v) | ||
r629 | |||
r1116 | self.sa.add(user) | ||
r629 | except: | ||
log.error(traceback.format_exc()) | |||
raise | |||
def update_my_account(self, user_id, form_data): | |||
r2467 | from rhodecode.lib.auth import get_crypt_password | ||
r629 | try: | ||
r1594 | user = self.get(user_id, cache=False) | ||
r1116 | if user.username == 'default': | ||
r629 | raise DefaultUserException( | ||
r2467 | _("You can't Edit this user since it's" | ||
" crucial for entire application") | |||
) | |||
r629 | for k, v in form_data.items(): | ||
if k == 'new_password' and v != '': | |||
r2467 | user.password = get_crypt_password(v) | ||
r1116 | user.api_key = generate_api_key(user.username) | ||
r629 | else: | ||
if k not in ['admin', 'active']: | |||
r1116 | setattr(user, k, v) | ||
r629 | |||
r1116 | self.sa.add(user) | ||
r629 | except: | ||
log.error(traceback.format_exc()) | |||
raise | |||
r1758 | def delete(self, user): | ||
r2432 | user = self._get_user(user) | ||
r1818 | |||
r629 | try: | ||
if user.username == 'default': | |||
raise DefaultUserException( | |||
r2153 | _(u"You can't remove this user since it's" | ||
r2124 | " crucial for entire application") | ||
) | |||
r713 | if user.repositories: | ||
r2153 | repos = [x.repo_name for x in user.repositories] | ||
r2124 | raise UserOwnsReposException( | ||
r2153 | _(u'user "%s" still owns %s repositories and cannot be ' | ||
'removed. Switch owners or remove those repositories. %s') | |||
% (user.username, len(repos), ', '.join(repos)) | |||
r2124 | ) | ||
r629 | self.sa.delete(user) | ||
except: | |||
log.error(traceback.format_exc()) | |||
raise | |||
r1417 | def reset_password_link(self, data): | ||
from rhodecode.lib.celerylib import tasks, run_task | |||
run_task(tasks.send_password_link, data['email']) | |||
r629 | def reset_password(self, data): | ||
from rhodecode.lib.celerylib import tasks, run_task | |||
run_task(tasks.reset_user_password, data['email']) | |||
r673 | |||
r1594 | def fill_data(self, auth_user, user_id=None, api_key=None): | ||
r673 | """ | ||
r1117 | Fetches auth_user by user_id,or api_key if present. | ||
Fills auth_user attributes with those taken from database. | |||
r1203 | Additionally set's is_authenitated if lookup fails | ||
r673 | present in database | ||
r1203 | |||
r1117 | :param auth_user: instance of user to set attributes | ||
:param user_id: user id to fetch by | |||
:param api_key: api key to fetch by | |||
r673 | """ | ||
r1120 | if user_id is None and api_key is None: | ||
r1117 | raise Exception('You need to pass user_id or api_key') | ||
r686 | |||
r1117 | try: | ||
if api_key: | |||
dbuser = self.get_by_api_key(api_key) | |||
else: | |||
dbuser = self.get(user_id) | |||
Liad Shani
|
r1618 | if dbuser is not None and dbuser.active: | |
r1976 | log.debug('filling %s data' % dbuser) | ||
r1120 | for k, v in dbuser.get_dict().items(): | ||
setattr(auth_user, k, v) | |||
Liad Shani
|
r1618 | else: | |
return False | |||
r1117 | |||
except: | |||
log.error(traceback.format_exc()) | |||
auth_user.is_authenticated = False | |||
Liad Shani
|
r1618 | return False | |
r1117 | |||
Liad Shani
|
r1618 | return True | |
r686 | |||
r1117 | def fill_perms(self, user): | ||
r1269 | """ | ||
Fills user permission attribute with permissions taken from database | |||
r1117 | works for permissions given for repositories, and for permissions that | ||
r1269 | are granted to groups | ||
r1203 | |||
r1117 | :param user: user instance to fill his perms | ||
""" | |||
r1982 | RK = 'repositories' | ||
GK = 'repositories_groups' | |||
GLOBAL = 'global' | |||
user.permissions[RK] = {} | |||
user.permissions[GK] = {} | |||
user.permissions[GLOBAL] = set() | |||
r1117 | |||
r1267 | #====================================================================== | ||
r1117 | # fetch default permissions | ||
r1267 | #====================================================================== | ||
r1728 | default_user = User.get_by_username('default', cache=True) | ||
default_user_id = default_user.user_id | |||
r1117 | |||
r1982 | default_repo_perms = Permission.get_default_perms(default_user_id) | ||
default_repo_groups_perms = Permission.get_default_group_perms(default_user_id) | |||
r1117 | |||
if user.is_admin: | |||
r1267 | #================================================================== | ||
r1982 | # admin user have all default rights for repositories | ||
# and groups set to admin | |||
r1267 | #================================================================== | ||
r1982 | user.permissions[GLOBAL].add('hg.admin') | ||
r1117 | |||
r1982 | # repositories | ||
for perm in default_repo_perms: | |||
r_k = perm.UserRepoToPerm.repository.repo_name | |||
r1117 | p = 'repository.admin' | ||
r1982 | user.permissions[RK][r_k] = p | ||
# repositories groups | |||
for perm in default_repo_groups_perms: | |||
rg_k = perm.UserRepoGroupToPerm.group.group_name | |||
p = 'group.admin' | |||
user.permissions[GK][rg_k] = p | |||
r2186 | return user | ||
r1117 | |||
r2186 | #================================================================== | ||
# set default permissions first for repositories and groups | |||
#================================================================== | |||
uid = user.user_id | |||
r1117 | |||
r2186 | # default global permissions | ||
default_global_perms = self.sa.query(UserToPerm)\ | |||
.filter(UserToPerm.user_id == default_user_id) | |||
r1117 | |||
r2186 | for perm in default_global_perms: | ||
user.permissions[GLOBAL].add(perm.permission.permission_name) | |||
r1117 | |||
r2186 | # defaults for repositories, taken from default user | ||
for perm in default_repo_perms: | |||
r_k = perm.UserRepoToPerm.repository.repo_name | |||
if perm.Repository.private and not (perm.Repository.user_id == uid): | |||
# disable defaults for private repos, | |||
p = 'repository.none' | |||
elif perm.Repository.user_id == uid: | |||
# set admin if owner | |||
p = 'repository.admin' | |||
else: | |||
p = perm.Permission.permission_name | |||
user.permissions[RK][r_k] = p | |||
r1117 | |||
r2186 | # defaults for repositories groups taken from default user permission | ||
# on given group | |||
for perm in default_repo_groups_perms: | |||
rg_k = perm.UserRepoGroupToPerm.group.group_name | |||
p = perm.Permission.permission_name | |||
user.permissions[GK][rg_k] = p | |||
#================================================================== | |||
# overwrite defaults with user permissions if any found | |||
#================================================================== | |||
# user global permissions | |||
user_perms = self.sa.query(UserToPerm)\ | |||
.options(joinedload(UserToPerm.permission))\ | |||
.filter(UserToPerm.user_id == uid).all() | |||
for perm in user_perms: | |||
user.permissions[GLOBAL].add(perm.permission.permission_name) | |||
r1982 | |||
r2186 | # user explicit permissions for repositories | ||
user_repo_perms = \ | |||
self.sa.query(UserRepoToPerm, Permission, Repository)\ | |||
.join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\ | |||
.join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\ | |||
.filter(UserRepoToPerm.user_id == uid)\ | |||
.all() | |||
r1117 | |||
r2186 | for perm in user_repo_perms: | ||
# set admin if owner | |||
r_k = perm.UserRepoToPerm.repository.repo_name | |||
if perm.Repository.user_id == uid: | |||
p = 'repository.admin' | |||
else: | |||
p = perm.Permission.permission_name | |||
user.permissions[RK][r_k] = p | |||
r1267 | |||
r2186 | # USER GROUP | ||
#================================================================== | |||
# check if user is part of user groups for this repository and | |||
# fill in (or replace with higher) permissions | |||
#================================================================== | |||
r1267 | |||
r2186 | # users group global | ||
user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\ | |||
.options(joinedload(UsersGroupToPerm.permission))\ | |||
.join((UsersGroupMember, UsersGroupToPerm.users_group_id == | |||
UsersGroupMember.users_group_id))\ | |||
.filter(UsersGroupMember.user_id == uid).all() | |||
for perm in user_perms_from_users_groups: | |||
user.permissions[GLOBAL].add(perm.permission.permission_name) | |||
r1267 | |||
r2186 | # users group for repositories permissions | ||
user_repo_perms_from_users_groups = \ | |||
self.sa.query(UsersGroupRepoToPerm, Permission, Repository,)\ | |||
.join((Repository, UsersGroupRepoToPerm.repository_id == Repository.repo_id))\ | |||
.join((Permission, UsersGroupRepoToPerm.permission_id == Permission.permission_id))\ | |||
.join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id == UsersGroupMember.users_group_id))\ | |||
.filter(UsersGroupMember.user_id == uid)\ | |||
.all() | |||
r1117 | |||
r2186 | for perm in user_repo_perms_from_users_groups: | ||
r_k = perm.UsersGroupRepoToPerm.repository.repo_name | |||
p = perm.Permission.permission_name | |||
cur_perm = user.permissions[RK][r_k] | |||
# overwrite permission only if it's greater than permission | |||
# given from other sources | |||
if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: | |||
r1982 | user.permissions[RK][r_k] = p | ||
r1117 | |||
r2186 | # REPO GROUP | ||
#================================================================== | |||
# get access for this user for repos group and override defaults | |||
#================================================================== | |||
r1269 | |||
r2186 | # user explicit permissions for repository | ||
user_repo_groups_perms = \ | |||
self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\ | |||
.join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ | |||
.join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\ | |||
.filter(UserRepoGroupToPerm.user_id == uid)\ | |||
.all() | |||
r1269 | |||
r2186 | for perm in user_repo_groups_perms: | ||
rg_k = perm.UserRepoGroupToPerm.group.group_name | |||
p = perm.Permission.permission_name | |||
cur_perm = user.permissions[GK][rg_k] | |||
if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: | |||
user.permissions[GK][rg_k] = p | |||
r1982 | |||
r2186 | # REPO GROUP + USER GROUP | ||
#================================================================== | |||
# check if user is part of user groups for this repo group and | |||
# fill in (or replace with higher) permissions | |||
#================================================================== | |||
r2129 | |||
r2186 | # users group for repositories permissions | ||
user_repo_group_perms_from_users_groups = \ | |||
self.sa.query(UsersGroupRepoGroupToPerm, Permission, RepoGroup)\ | |||
.join((RepoGroup, UsersGroupRepoGroupToPerm.group_id == RepoGroup.group_id))\ | |||
.join((Permission, UsersGroupRepoGroupToPerm.permission_id == Permission.permission_id))\ | |||
.join((UsersGroupMember, UsersGroupRepoGroupToPerm.users_group_id == UsersGroupMember.users_group_id))\ | |||
.filter(UsersGroupMember.user_id == uid)\ | |||
.all() | |||
r2129 | |||
r2186 | for perm in user_repo_group_perms_from_users_groups: | ||
g_k = perm.UsersGroupRepoGroupToPerm.group.group_name | |||
p = perm.Permission.permission_name | |||
cur_perm = user.permissions[GK][g_k] | |||
# overwrite permission only if it's greater than permission | |||
# given from other sources | |||
if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: | |||
user.permissions[GK][g_k] = p | |||
r2129 | |||
r673 | return user | ||
r1594 | |||
r1749 | def has_perm(self, user, perm): | ||
if not isinstance(perm, Permission): | |||
r1758 | raise Exception('perm needs to be an instance of Permission class ' | ||
'got %s instead' % type(perm)) | |||
r1749 | |||
r2432 | user = self._get_user(user) | ||
r1749 | |||
r1758 | return UserToPerm.query().filter(UserToPerm.user == user)\ | ||
r1749 | .filter(UserToPerm.permission == perm).scalar() is not None | ||
def grant_perm(self, user, perm): | |||
r1982 | """ | ||
Grant user global permissions | |||
r1749 | |||
r1982 | :param user: | ||
:param perm: | |||
""" | |||
r2432 | user = self._get_user(user) | ||
perm = self._get_perm(perm) | |||
r2078 | # if this permission is already granted skip it | ||
_perm = UserToPerm.query()\ | |||
.filter(UserToPerm.user == user)\ | |||
.filter(UserToPerm.permission == perm)\ | |||
.scalar() | |||
if _perm: | |||
return | |||
r1749 | new = UserToPerm() | ||
r1758 | new.user = user | ||
r1749 | new.permission = perm | ||
self.sa.add(new) | |||
def revoke_perm(self, user, perm): | |||
r1982 | """ | ||
Revoke users global permissions | |||
r1818 | |||
r1982 | :param user: | ||
:param perm: | |||
""" | |||
r2432 | user = self._get_user(user) | ||
perm = self._get_perm(perm) | |||
r1818 | |||
r2078 | obj = UserToPerm.query()\ | ||
.filter(UserToPerm.user == user)\ | |||
.filter(UserToPerm.permission == perm)\ | |||
.scalar() | |||
r1758 | if obj: | ||
self.sa.delete(obj) | |||
r2330 | |||
def add_extra_email(self, user, email): | |||
""" | |||
Adds email address to UserEmailMap | |||
:param user: | |||
:param email: | |||
""" | |||
r2432 | user = self._get_user(user) | ||
r2330 | obj = UserEmailMap() | ||
obj.user = user | |||
obj.email = email | |||
self.sa.add(obj) | |||
return obj | |||
def delete_extra_email(self, user, email_id): | |||
""" | |||
Removes email address from UserEmailMap | |||
:param user: | |||
:param email_id: | |||
""" | |||
r2432 | user = self._get_user(user) | ||
r2330 | obj = UserEmailMap.query().get(email_id) | ||
if obj: | |||
self.sa.delete(obj) |