##// END OF EJS Templates
#227 Initial version of repository groups permissions system...
#227 Initial version of repository groups permissions system - implemented none/read/write/admin permissions for groups - wrote more tests for permissions, and new permissions groups - a lot of code garden, splitted logic into proper models - permissions on groups doesn't propagate yet to repositories - deprecated some methods on api for managing permissions on repositories for users, and users groups

File last commit:

r1982:87f0800a beta
r1982:87f0800a beta
Show More
repo.py
491 lines | 17.4 KiB | text/x-python | PythonLexer
when new repo is created make user follow it automatically,...
r786 # -*- coding: utf-8 -*-
"""
docs updates
r811 rhodecode.model.repo
~~~~~~~~~~~~~~~~~~~~
when new repo is created make user follow it automatically,...
r786
Repository model for rhodecode
source code cleanup: remove trailing white space, normalize file endings
r1203
when new repo is created make user follow it automatically,...
r786 :created_on: Jun 5, 2010
:author: marcink
2012 copyrights
r1824 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
when new repo is created make user follow it automatically,...
r786 :license: GPLv3, see COPYING for more details.
"""
fixed license issue #149
r1206 # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
Code refactoring,models renames...
r629 # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
Code refactoring,models renames...
r629 # You should have received a copy of the GNU General Public License
fixed license issue #149
r1206 # along with this program. If not, see <http://www.gnu.org/licenses/>.
when new repo is created make user follow it automatically,...
r786 import os
import shutil
import logging
import traceback
Code refactoring,models renames...
r629 from datetime import datetime
when new repo is created make user follow it automatically,...
r786
Major refactoring, removed when possible calls to app globals....
r1036 from vcs.backends import get_backend
#227 Initial version of repository groups permissions system...
r1982 from rhodecode.lib import LazyProperty
fixed issue with logger crashing on mixed str and unicode
r1973 from rhodecode.lib import safe_str, safe_unicode
moved caching query to libs
r1669 from rhodecode.lib.caching_query import FromCache
#348 added post-create repository hook
r1972 from rhodecode.lib.hooks import log_create_repository
Unicode fixes, added safe_str method for global str() operations +better test sandboxing
r1401
when new repo is created make user follow it automatically,...
r786 from rhodecode.model import BaseModel
refactoring of models names for repoGroup permissions
r1633 from rhodecode.model.db import Repository, UserRepoToPerm, User, Permission, \
Statistics, UsersGroup, UsersGroupRepoToPerm, RhodeCodeUi, RepoGroup
when new repo is created make user follow it automatically,...
r786
#227 Initial version of repository groups permissions system...
r1982
Code refactoring,models renames...
r629 log = logging.getLogger(__name__)
Fixed permissions for users groups, group can have create repo permission now....
r1271
fixed Example celery config to ampq,...
r752 class RepoModel(BaseModel):
Code refactoring,models renames...
r629
#227 Initial version of repository groups permissions system...
r1982 def __get_user(self, user):
return self._get_instance(User, user, callback=User.get_by_username)
def __get_users_group(self, users_group):
return self._get_instance(UsersGroup, users_group,
callback=UsersGroup.get_by_group_name)
def __get_repos_group(self, repos_group):
return self._get_instance(RepoGroup, repos_group,
callback=RepoGroup.get_by_group_name)
def __get_repo(self, repository):
return self._get_instance(Repository, repository,
callback=Repository.get_by_repo_name)
def __get_perm(self, permission):
return self._get_instance(Permission, permission,
callback=Permission.get_by_key)
Major refactoring, removed when possible calls to app globals....
r1036 @LazyProperty
def repos_path(self):
notification to commit author + gardening
r1716 """
Get's the repositories root path from database
Major refactoring, removed when possible calls to app globals....
r1036 """
Fixed problems with repository creation
r1017
Major refactoring, removed when possible calls to app globals....
r1036 q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()
return q.ui_value
#56 hacking on forms, and model for users groups
r1013
Code refactoring,models renames...
r629 def get(self, repo_id, cache=False):
repo = self.sa.query(Repository)\
added action loggers to following repositories,...
r735 .filter(Repository.repo_id == repo_id)
Code refactoring,models renames...
r629
if cache:
repo = repo.options(FromCache("sql_cache_short",
added action loggers to following repositories,...
r735 "get_repo_%s" % repo_id))
Code refactoring,models renames...
r629 return repo.scalar()
added action loggers to following repositories,...
r735 def get_by_repo_name(self, repo_name, cache=False):
repo = self.sa.query(Repository)\
.filter(Repository.repo_name == repo_name)
if cache:
repo = repo.options(FromCache("sql_cache_short",
"get_repo_%s" % repo_name))
fixed Example celery config to ampq,...
r752 return repo.scalar()
added action loggers to following repositories,...
r735
Code refactoring,models renames...
r629 def get_users_js(self):
users = self.sa.query(User).filter(User.active == True).all()
u_tmpl = '''{id:%s, fname:"%s", lname:"%s", nname:"%s"},'''
#56 hacking on forms, and model for users groups
r1013 users_array = '[%s]' % '\n'.join([u_tmpl % (u.user_id, u.name,
Code refactoring,models renames...
r629 u.lastname, u.username)
for u in users])
return users_array
#56 hacking on forms, and model for users groups
r1013 def get_users_groups_js(self):
users_groups = self.sa.query(UsersGroup)\
.filter(UsersGroup.users_group_active == True).all()
g_tmpl = '''{id:%s, grname:"%s",grmembers:"%s"},'''
users_groups_array = '[%s]' % '\n'.join([g_tmpl % \
(gr.users_group_id, gr.users_group_name,
len(gr.members))
for gr in users_groups])
return users_groups_array
fixes #288...
r1594 def _get_defaults(self, repo_name):
"""
auto white-space removal
r1818 Get's information about repository, and returns a dict for
fixes #288...
r1594 usage in forms
auto white-space removal
r1818
fixes #288...
r1594 :param repo_name:
"""
repo_info = Repository.get_by_repo_name(repo_name)
if repo_info is None:
return None
defaults = repo_info.get_dict()
group, repo_name = repo_info.groups_and_repo
defaults['repo_name'] = repo_name
defaults['repo_group'] = getattr(group[-1] if group else None,
'group_id', None)
# fill owner
if repo_info.user:
defaults.update({'user': repo_info.user.username})
else:
replacement_user = User.query().filter(User.admin ==
True).first().username
defaults.update({'user': replacement_user})
# fill repository users
for p in repo_info.repo_to_perm:
defaults.update({'u_perm_%s' % p.user.username:
p.permission.permission_name})
# fill repository groups
for p in repo_info.users_group_to_perm:
defaults.update({'g_perm_%s' % p.users_group.users_group_name:
p.permission.permission_name})
return defaults
Code refactoring,models renames...
r629 def update(self, repo_name, form_data):
try:
small code fixes to repo model
r822 cur_repo = self.get_by_repo_name(repo_name, cache=False)
Code refactoring,models renames...
r629
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 # update permissions
#56 added assignments of users groups into repository
r1014 for member, perm, member_type in form_data['perms_updates']:
if member_type == 'user':
#227 Initial version of repository groups permissions system...
r1982 # this updates existing one
RepoModel().grant_user_permission(
repo=cur_repo, user=member, perm=perm
)
#56 added assignments of users groups into repository
r1014 else:
#227 Initial version of repository groups permissions system...
r1982 RepoModel().grant_users_group_permission(
repo=cur_repo, group_name=member, perm=perm
)
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 # set new permissions
#56 added assignments of users groups into repository
r1014 for member, perm, member_type in form_data['perms_new']:
if member_type == 'user':
#227 Initial version of repository groups permissions system...
r1982 RepoModel().grant_user_permission(
repo=cur_repo, user=member, perm=perm
)
#56 added assignments of users groups into repository
r1014 else:
#227 Initial version of repository groups permissions system...
r1982 RepoModel().grant_users_group_permission(
repo=cur_repo, group_name=member, perm=perm
)
Code refactoring,models renames...
r629
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 # update current repo
Code refactoring,models renames...
r629 for k, v in form_data.items():
if k == 'user':
Refactoring of model get functions
r1530 cur_repo.user = User.get_by_username(v)
fixed saving settings on repositories inside groups, also fixes #187...
r1323 elif k == 'repo_name':
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 pass
fixes #205 db value was not set to none after moving out of group
r1379 elif k == 'repo_group':
refactoring of models names for repoGroup permissions
r1633 cur_repo.group = RepoGroup.get(v)
fixed saving settings on repositories inside groups, also fixes #187...
r1323
Code refactoring,models renames...
r629 else:
setattr(cur_repo, k, v)
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 new_name = cur_repo.get_new_name(form_data['repo_name'])
cur_repo.repo_name = new_name
Code refactoring,models renames...
r629 self.sa.add(cur_repo)
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 if repo_name != new_name:
fixed saving settings on repositories inside groups, also fixes #187...
r1323 # rename repository
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 self.__rename_repo(old=repo_name, new=new_name)
Code refactoring,models renames...
r629
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 return cur_repo
Code refactoring,models renames...
r629 except:
log.error(traceback.format_exc())
raise
def create(self, form_data, cur_user, just_db=False, fork=False):
#235 forking page repo group selection...
r1722 from rhodecode.model.scm import ScmModel
fixes #200, rewrote the whole caching mechanism to get rid of such problems. Now cached instances are attached...
r1366
Code refactoring,models renames...
r629 try:
if fork:
#235 forking page repo group selection...
r1722 fork_parent_id = form_data['fork_parent_id']
Code refactoring,models renames...
r629
#235 forking page repo group selection...
r1722 # repo name is just a name of repository
# while repo_name_full is a full qualified name that is combined
# with name and path of group
repo_name = form_data['repo_name']
repo_name_full = form_data['repo_name_full']
fixed #47 adding a new repo that have a group chosen had wrong paths.
r1361
Code refactoring,models renames...
r629 new_repo = Repository()
Enable statistics are disabled by default now
r1075 new_repo.enable_statistics = False
#235 forking page repo group selection...
r1722
Code refactoring,models renames...
r629 for k, v in form_data.items():
if k == 'repo_name':
#235 forking page repo group selection...
r1722 v = repo_name_full
#47 fixed group aware on adding new repo
r1350 if k == 'repo_group':
k = 'group_id'
assure that we don't have an empty description when creating a repo
r1517 if k == 'description':
v = v or repo_name
Code refactoring,models renames...
r629 setattr(new_repo, k, v)
if fork:
#235 forking page repo group selection...
r1722 parent_repo = Repository.get(fork_parent_id)
Code refactoring,models renames...
r629 new_repo.fork = parent_repo
new_repo.user_id = cur_user.user_id
self.sa.add(new_repo)
implements #236 forking copy permission option
r1729 def _create_default_perms():
# create default permission
repo_to_perm = UserRepoToPerm()
default = 'repository.read'
for p in User.get_by_username('default').user_perms:
if p.permission.permission_name.startswith('repository.'):
default = p.permission.permission_name
break
default_perm = 'repository.none' if form_data['private'] else default
repo_to_perm.permission_id = self.sa.query(Permission)\
.filter(Permission.permission_name == default_perm)\
.one().permission_id
repo_to_perm.repository = new_repo
repo_to_perm.user_id = User.get_by_username('default').user_id
self.sa.add(repo_to_perm)
Code refactoring,models renames...
r629
implements #236 forking copy permission option
r1729 if fork:
if form_data.get('copy_permissions'):
repo = Repository.get(fork_parent_id)
user_perms = UserRepoToPerm.query()\
.filter(UserRepoToPerm.repository == repo).all()
group_perms = UsersGroupRepoToPerm.query()\
.filter(UsersGroupRepoToPerm.repository == repo).all()
Code refactoring,models renames...
r629
implements #236 forking copy permission option
r1729 for perm in user_perms:
UserRepoToPerm.create(perm.user, new_repo,
perm.permission)
Code refactoring,models renames...
r629
implements #236 forking copy permission option
r1729 for perm in group_perms:
UsersGroupRepoToPerm.create(perm.users_group, new_repo,
perm.permission)
else:
_create_default_perms()
else:
_create_default_perms()
fixed issue with db transaction when filesystem creation of repository failed...
r1028
if not just_db:
#109, added optional clone uri when creating repo....
r1112 self.__create_repo(repo_name, form_data['repo_type'],
#47 fixed group aware on adding new repo
r1350 form_data['repo_group'],
#109, added optional clone uri when creating repo....
r1112 form_data['clone_uri'])
fixed issue with db transaction when filesystem creation of repository failed...
r1028
#235 forking page repo group selection...
r1722 # now automatically start following this repository as owner
when new repo is created make user follow it automatically,...
r786 ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
#235 forking page repo group selection...
r1722 cur_user.user_id)
#348 added post-create repository hook
r1972 log_create_repository(new_repo.get_dict(),
created_by=cur_user.username)
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
r1539 return new_repo
Code refactoring,models renames...
r629 except:
log.error(traceback.format_exc())
raise
def create_fork(self, form_data, cur_user):
#235 forking page repo group selection...
r1722 """
Simple wrapper into executing celery task for fork creation
auto white-space removal
r1818
#235 forking page repo group selection...
r1722 :param form_data:
:param cur_user:
"""
Code refactoring,models renames...
r629 from rhodecode.lib.celerylib import tasks, run_task
run_task(tasks.create_repo_fork, form_data, cur_user)
def delete(self, repo):
try:
self.sa.delete(repo)
fixed deletion of repository on filesystem, works based on scm type for git and hg....
r668 self.__delete_repo(repo)
Code refactoring,models renames...
r629 except:
log.error(traceback.format_exc())
raise
#227 Initial version of repository groups permissions system...
r1982 def grant_user_permission(self, repo, user, perm):
"""
Grant permission for user on given repository, or update existing one
if found
:param repo: Instance of Repository, repository_id, or repository name
:param user: Instance of User, user_id or username
:param perm: Instance of Permission, or permission_name
"""
user = self.__get_user(user)
repo = self.__get_repo(repo)
permission = self.__get_perm(perm)
# check if we have that permission already
obj = self.sa.query(UserRepoToPerm)\
.filter(UserRepoToPerm.user == user)\
.filter(UserRepoToPerm.repository == repo)\
.scalar()
if obj is None:
# create new !
obj = UserRepoToPerm()
obj.repository = repo
obj.user = user
obj.permission = permission
self.sa.add(obj)
def revoke_user_permission(self, repo, user):
"""
Revoke permission for user on given repository
:param repo: Instance of Repository, repository_id, or repository name
:param user: Instance of User, user_id or username
"""
user = self.__get_user(user)
repo = self.__get_repo(repo)
obj = self.sa.query(UserRepoToPerm)\
.filter(UserRepoToPerm.repository == repo)\
.filter(UserRepoToPerm.user == user)\
.one()
self.sa.delete(obj)
Code refactoring,models renames...
r629
#227 Initial version of repository groups permissions system...
r1982 def grant_users_group_permission(self, repo, group_name, perm):
"""
Grant permission for users group on given repository, or update
existing one if found
:param repo: Instance of Repository, repository_id, or repository name
:param group_name: Instance of UserGroup, users_group_id,
or users group name
:param perm: Instance of Permission, or permission_name
"""
repo = self.__get_repo(repo)
group_name = self.__get_users_group(group_name)
permission = self.__get_perm(perm)
# check if we have that permission already
obj = self.sa.query(UsersGroupRepoToPerm)\
.filter(UsersGroupRepoToPerm.users_group == group_name)\
.filter(UsersGroupRepoToPerm.repository == repo)\
.scalar()
if obj is None:
# create new
obj = UsersGroupRepoToPerm()
obj.repository = repo
obj.users_group = group_name
obj.permission = permission
self.sa.add(obj)
def revoke_users_group_permission(self, repo, group_name):
"""
Revoke permission for users group on given repository
:param repo: Instance of Repository, repository_id, or repository name
:param group_name: Instance of UserGroup, users_group_id,
or users group name
"""
repo = self.__get_repo(repo)
group_name = self.__get_users_group(group_name)
obj = self.sa.query(UsersGroupRepoToPerm)\
.filter(UsersGroupRepoToPerm.repository == repo)\
.filter(UsersGroupRepoToPerm.users_group == group_name)\
.one()
self.sa.delete(obj)
#56 added ajax removal of users groups,...
r1015
added cache reset, stats reset, and delete into repository settings in admin....
r708 def delete_stats(self, repo_name):
#235 forking page repo group selection...
r1722 """
removes stats for given repo
auto white-space removal
r1818
#235 forking page repo group selection...
r1722 :param repo_name:
"""
added cache reset, stats reset, and delete into repository settings in admin....
r708 try:
Tests updates, Session refactoring
r1713 obj = self.sa.query(Statistics)\
#227 Initial version of repository groups permissions system...
r1982 .filter(Statistics.repository ==
self.get_by_repo_name(repo_name))\
.one()
Tests updates, Session refactoring
r1713 self.sa.delete(obj)
added cache reset, stats reset, and delete into repository settings in admin....
r708 except:
log.error(traceback.format_exc())
raise
#47 fixed group aware on adding new repo
r1350 def __create_repo(self, repo_name, alias, new_parent_id, clone_uri=False):
docs update for repo model
r787 """
fixed #47 adding a new repo that have a group chosen had wrong paths.
r1361 makes repository on filesystem. It's group aware means it'll create
a repository within a group, and alter the paths accordingly of
group location
source code cleanup: remove trailing white space, normalize file endings
r1203
docs update for repo model
r787 :param repo_name:
:param alias:
#47 fixed group aware on adding new repo
r1350 :param parent_id:
:param clone_uri:
docs update for repo model
r787 """
fixes #288...
r1594 from rhodecode.lib.utils import is_valid_repo, is_valid_repos_group
assure that we don't have an empty description when creating a repo
r1517
#47 fixed group aware on adding new repo
r1350 if new_parent_id:
notification to commit author + gardening
r1716 paths = RepoGroup.get(new_parent_id)\
.full_path.split(RepoGroup.url_sep())
#47 fixed group aware on adding new repo
r1350 new_parent_path = os.sep.join(paths)
else:
new_parent_path = ''
fixed issue with logger crashing on mixed str and unicode
r1973 # we need to make it str for mercurial
#227 Initial version of repository groups permissions system...
r1982 repo_path = os.path.join(*map(lambda x: safe_str(x),
Unicode fixes, added safe_str method for global str() operations +better test sandboxing
r1401 [self.repos_path, new_parent_path, repo_name]))
#47 fixed group aware on adding new repo
r1350
fixes #266 Rhodecode allows to create repo with the same name and in the same parent as group
r1550 # check if this path is not a repository
if is_valid_repo(repo_path, self.repos_path):
raise Exception('This path %s is a valid repository' % repo_path)
Unicode fixes, added safe_str method for global str() operations +better test sandboxing
r1401
fixes #266 Rhodecode allows to create repo with the same name and in the same parent as group
r1550 # check if this path is a group
if is_valid_repos_group(repo_path, self.repos_path):
raise Exception('This path %s is a valid group' % repo_path)
fixes #288...
r1594
fixed issue with logger crashing on mixed str and unicode
r1973 log.info('creating repo %s in %s @ %s' % (
repo_name, safe_unicode(repo_path), clone_uri
)
)
fixes #266 Rhodecode allows to create repo with the same name and in the same parent as group
r1550 backend = get_backend(alias)
backend(repo_path, create=True, src_url=clone_uri)
Code refactoring,models renames...
r629
def __rename_repo(self, old, new):
docs update for repo model
r787 """
renames repository on filesystem
source code cleanup: remove trailing white space, normalize file endings
r1203
docs update for repo model
r787 :param old: old name
:param new: new name
"""
garden...
r1976 log.info('renaming repo from %s to %s' % (old, new))
Code refactoring,models renames...
r629
Major refactoring, removed when possible calls to app globals....
r1036 old_path = os.path.join(self.repos_path, old)
new_path = os.path.join(self.repos_path, new)
Code refactoring,models renames...
r629 if os.path.isdir(new_path):
#227 Initial version of repository groups permissions system...
r1982 raise Exception(
'Was trying to rename to already existing dir %s' % new_path
)
Code refactoring,models renames...
r629 shutil.move(old_path, new_path)
fixed deletion of repository on filesystem, works based on scm type for git and hg....
r668 def __delete_repo(self, repo):
docs update for repo model
r787 """
removes repo from filesystem, the removal is acctually made by
added rm__ prefix into dir, and rename internat .hg/.git dirs so this
repository is no longer valid for rhodecode, can be undeleted later on
by reverting the renames on this repository
source code cleanup: remove trailing white space, normalize file endings
r1203
docs update for repo model
r787 :param repo: repo object
"""
Major refactoring, removed when possible calls to app globals....
r1036 rm_path = os.path.join(self.repos_path, repo.repo_name)
garden...
r1976 log.info("Removing %s" % (rm_path))
commit less models...
r1749 # disable hg/git
fixed deletion of repository on filesystem, works based on scm type for git and hg....
r668 alias = repo.repo_type
shutil.move(os.path.join(rm_path, '.%s' % alias),
os.path.join(rm_path, 'rm__.%s' % alias))
commit less models...
r1749 # disable repo
#227 Initial version of repository groups permissions system...
r1982 _d = 'rm__%s__%s' % (datetime.now().strftime('%Y%m%d_%H%M%S_%f'),
repo.repo_name)
shutil.move(rm_path, os.path.join(self.repos_path, _d))