##// END OF EJS Templates
#478 permissions overview for admin in user edit view
#478 permissions overview for admin in user edit view

File last commit:

r2432:d3ac7491 codereview
r2435:751c1c56 beta
Show More
users_group.py
196 lines | 6.6 KiB | text/x-python | PythonLexer
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586 # -*- coding: utf-8 -*-
"""
rhodecode.model.users_group
~~~~~~~~~~~~~~~~~~~~~~~~~~~
users group model for RhodeCode
:created_on: Oct 1, 2011
:author: nvinot
:copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
2012 copyrights
r1824 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586 :license: GPLv3, see COPYING for more details.
"""
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import logging
import traceback
fixed typo
r1692 from rhodecode.model import BaseModel
commit less models...
r1749 from rhodecode.model.db import UsersGroupMember, UsersGroup,\
API changes...
r1989 UsersGroupRepoToPerm, Permission, UsersGroupToPerm, User
commit less models...
r1749 from rhodecode.lib.exceptions import UsersGroupsAssignedException
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586
Nicolas VINOT
Correct code style
r1593 log = logging.getLogger(__name__)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586
notification to commit author + gardening
r1716
Nicolas VINOT
Correct code style
r1593 class UsersGroupModel(BaseModel):
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586
API changes...
r1989 def __get_user(self, user):
return self._get_instance(User, user, callback=User.get_by_username)
Tests updates, Session refactoring
r1713 def __get_users_group(self, users_group):
#227 Initial version of repository groups permissions system...
r1982 return self._get_instance(UsersGroup, users_group,
callback=UsersGroup.get_by_group_name)
def __get_perm(self, permission):
return self._get_instance(Permission, permission,
callback=Permission.get_by_key)
Tests updates, Session refactoring
r1713
notification to commit author + gardening
r1716 def get(self, users_group_id, cache=False):
Tests updates, Session refactoring
r1713 return UsersGroup.get(users_group_id)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586
notification to commit author + gardening
r1716 def get_by_name(self, name, cache=False, case_insensitive=False):
Tests updates, Session refactoring
r1713 return UsersGroup.get_by_group_name(name, cache, case_insensitive)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586
another major refactoring with session management
r1734 def create(self, name, active=True):
commit less models...
r1749 try:
new = UsersGroup()
new.users_group_name = name
new.users_group_active = active
self.sa.add(new)
return new
except:
log.error(traceback.format_exc())
raise
def update(self, users_group, form_data):
try:
users_group = self.__get_users_group(users_group)
for k, v in form_data.items():
if k == 'users_group_members':
users_group.members = []
self.sa.flush()
members_list = []
if v:
v = [v] if isinstance(v, basestring) else v
for u_id in set(v):
member = UsersGroupMember(users_group.users_group_id, u_id)
members_list.append(member)
setattr(users_group, 'members', members_list)
setattr(users_group, k, v)
self.sa.add(users_group)
except:
log.error(traceback.format_exc())
raise
Tests updates, Session refactoring
r1713
#227 Initial version of repository groups permissions system...
r1982 def delete(self, users_group, force=False):
"""
Deletes repos group, unless force flag is used
raises exception if there are members in that group, else deletes
group and users
:param users_group:
:param force:
"""
commit less models...
r1749 try:
users_group = self.__get_users_group(users_group)
auto white-space removal
r1818
commit less models...
r1749 # check if this group is not assigned to repo
assigned_groups = UsersGroupRepoToPerm.query()\
.filter(UsersGroupRepoToPerm.users_group == users_group).all()
#227 Initial version of repository groups permissions system...
r1982 if assigned_groups and force is False:
commit less models...
r1749 raise UsersGroupsAssignedException('RepoGroup assigned to %s' %
assigned_groups)
auto white-space removal
r1818
commit less models...
r1749 self.sa.delete(users_group)
except:
log.error(traceback.format_exc())
raise
Tests updates, Session refactoring
r1713
Nicolas VINOT
Correct code style
r1593 def add_user_to_group(self, users_group, user):
API changes...
r1989 users_group = self.__get_users_group(users_group)
user = self.__get_user(user)
Nicolas VINOT
[API] Create groups needed when creating repo
r1589 for m in users_group.members:
u = m.user
if u.user_id == user.user_id:
API changes...
r1989 return True
Nicolas VINOT
[API] Create groups needed when creating repo
r1589
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586 try:
users_group_member = UsersGroupMember()
users_group_member.user = user
users_group_member.users_group = users_group
Nicolas VINOT
Correct code style
r1593 users_group.members.append(users_group_member)
user.group_member.append(users_group_member)
Nicolas VINOT
Implement all CRUD API operation for repo
r1587
Nicolas VINOT
Correct code style
r1593 self.sa.add(users_group_member)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
r1586 return users_group_member
except:
Nicolas VINOT
Correct code style
r1593 log.error(traceback.format_exc())
Nicolas VINOT
Implement all CRUD API operation for repo
r1587 raise
commit less models...
r1749
API changes...
r1989 def remove_user_from_group(self, users_group, user):
users_group = self.__get_users_group(users_group)
user = self.__get_user(user)
users_group_member = None
for m in users_group.members:
if m.user.user_id == user.user_id:
# Found this user's membership row
users_group_member = m
break
if users_group_member:
try:
self.sa.delete(users_group_member)
return True
except:
log.error(traceback.format_exc())
raise
else:
# User isn't in that group
return False
commit less models...
r1749 def has_perm(self, users_group, perm):
users_group = self.__get_users_group(users_group)
#227 Initial version of repository groups permissions system...
r1982 perm = self.__get_perm(perm)
commit less models...
r1749
return UsersGroupToPerm.query()\
.filter(UsersGroupToPerm.users_group == users_group)\
.filter(UsersGroupToPerm.permission == perm).scalar() is not None
def grant_perm(self, users_group, perm):
if not isinstance(perm, Permission):
raise Exception('perm needs to be an instance of Permission class')
users_group = self.__get_users_group(users_group)
fixes issue when user tried to resubmit same permission into user/user_groups
r2078 # if this permission is already granted skip it
_perm = UsersGroupToPerm.query()\
.filter(UsersGroupToPerm.users_group == users_group)\
.filter(UsersGroupToPerm.permission == perm)\
.scalar()
if _perm:
return
commit less models...
r1749 new = UsersGroupToPerm()
new.users_group = users_group
new.permission = perm
self.sa.add(new)
def revoke_perm(self, users_group, perm):
users_group = self.__get_users_group(users_group)
#227 Initial version of repository groups permissions system...
r1982 perm = self.__get_perm(perm)
auto white-space removal
r1818
commit less models...
r1749 obj = UsersGroupToPerm.query()\
.filter(UsersGroupToPerm.users_group == users_group)\
fixes issue with initial grant/revoke permissions for users group
r1932 .filter(UsersGroupToPerm.permission == perm).scalar()
if obj:
self.sa.delete(obj)