##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

#227 Initial version of repository groups permissions system...
#227 Initial version of repository groups permissions system - implemented none/read/write/admin permissions for groups - wrote more tests for permissions, and new permissions groups - a lot of code garden, splitted logic into proper models - permissions on groups doesn't propagate yet to repositories - deprecated some methods on api for managing permissions on repositories for users, and users groups
marcink - - Load All Authors

File last commit:

r1982:87f0800a beta
r1982:87f0800a beta
Show More
users_group.py
160 lines | 5.5 KiB | text/x-python | PythonLexer
/ rhodecode / model / users_group.py
History | Source | Raw |Copy content |Copy permalink
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586 # -*- coding: utf-8 -*-
"""
rhodecode.model.users_group
~~~~~~~~~~~~~~~~~~~~~~~~~~~
users group model for RhodeCode
:created_on: Oct 1, 2011
:author: nvinot
:copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
marcink
2012 copyrights
 r1824 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586 :license: GPLv3, see COPYING for more details.
"""
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import logging
import traceback
marcink
fixed typo
 r1692 from rhodecode.model import BaseModel
marcink
commit less models...
 r1749 from rhodecode.model.db import UsersGroupMember, UsersGroup,\
UsersGroupRepoToPerm, Permission, UsersGroupToPerm
from rhodecode.lib.exceptions import UsersGroupsAssignedException
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586
Nicolas VINOT
Correct code style
 r1593 log = logging.getLogger(__name__)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586
marcink
notification to commit author + gardening
 r1716
Nicolas VINOT
Correct code style
 r1593 class UsersGroupModel(BaseModel):
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586
marcink
Tests updates, Session refactoring
 r1713 def __get_users_group(self, users_group):
marcink
#227 Initial version of repository groups permissions system...
 r1982 return self._get_instance(UsersGroup, users_group,
callback=UsersGroup.get_by_group_name)
def __get_perm(self, permission):
return self._get_instance(Permission, permission,
callback=Permission.get_by_key)
marcink
Tests updates, Session refactoring
 r1713
marcink
notification to commit author + gardening
 r1716 def get(self, users_group_id, cache=False):
marcink
Tests updates, Session refactoring
 r1713 return UsersGroup.get(users_group_id)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586
marcink
notification to commit author + gardening
 r1716 def get_by_name(self, name, cache=False, case_insensitive=False):
marcink
Tests updates, Session refactoring
 r1713 return UsersGroup.get_by_group_name(name, cache, case_insensitive)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586
marcink
another major refactoring with session management
 r1734 def create(self, name, active=True):
marcink
commit less models...
 r1749 try:
new = UsersGroup()
new.users_group_name = name
new.users_group_active = active
self.sa.add(new)
return new
except:
log.error(traceback.format_exc())
raise
def update(self, users_group, form_data):
try:
users_group = self.__get_users_group(users_group)
for k, v in form_data.items():
if k == 'users_group_members':
users_group.members = []
self.sa.flush()
members_list = []
if v:
v = [v] if isinstance(v, basestring) else v
for u_id in set(v):
member = UsersGroupMember(users_group.users_group_id, u_id)
members_list.append(member)
setattr(users_group, 'members', members_list)
setattr(users_group, k, v)
self.sa.add(users_group)
except:
log.error(traceback.format_exc())
raise
marcink
Tests updates, Session refactoring
 r1713
marcink
#227 Initial version of repository groups permissions system...
 r1982 def delete(self, users_group, force=False):
"""
Deletes repos group, unless force flag is used
raises exception if there are members in that group, else deletes
group and users
:param users_group:
:param force:
"""
marcink
commit less models...
 r1749 try:
users_group = self.__get_users_group(users_group)
marcink
auto white-space removal
 r1818
marcink
commit less models...
 r1749 # check if this group is not assigned to repo
assigned_groups = UsersGroupRepoToPerm.query()\
.filter(UsersGroupRepoToPerm.users_group == users_group).all()
marcink
#227 Initial version of repository groups permissions system...
 r1982 if assigned_groups and force is False:
marcink
commit less models...
 r1749 raise UsersGroupsAssignedException('RepoGroup assigned to %s' %
assigned_groups)
marcink
auto white-space removal
 r1818
marcink
commit less models...
 r1749 self.sa.delete(users_group)
except:
log.error(traceback.format_exc())
raise
marcink
Tests updates, Session refactoring
 r1713
Nicolas VINOT
Correct code style
 r1593 def add_user_to_group(self, users_group, user):
Nicolas VINOT
[API] Create groups needed when creating repo
 r1589 for m in users_group.members:
u = m.user
if u.user_id == user.user_id:
return m
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586 try:
users_group_member = UsersGroupMember()
users_group_member.user = user
users_group_member.users_group = users_group
Nicolas VINOT
Correct code style
 r1593 users_group.members.append(users_group_member)
user.group_member.append(users_group_member)
Nicolas VINOT
Implement all CRUD API operation for repo
 r1587
Nicolas VINOT
Correct code style
 r1593 self.sa.add(users_group_member)
Nicolas VINOT
Add API for repositories and groups (creation, permission)
 r1586 return users_group_member
except:
Nicolas VINOT
Correct code style
 r1593 log.error(traceback.format_exc())
Nicolas VINOT
Implement all CRUD API operation for repo
 r1587 raise
marcink
commit less models...
 r1749
def has_perm(self, users_group, perm):
users_group = self.__get_users_group(users_group)
marcink
#227 Initial version of repository groups permissions system...
 r1982 perm = self.__get_perm(perm)
marcink
commit less models...
 r1749
return UsersGroupToPerm.query()\
.filter(UsersGroupToPerm.users_group == users_group)\
.filter(UsersGroupToPerm.permission == perm).scalar() is not None
def grant_perm(self, users_group, perm):
if not isinstance(perm, Permission):
raise Exception('perm needs to be an instance of Permission class')
users_group = self.__get_users_group(users_group)
new = UsersGroupToPerm()
new.users_group = users_group
new.permission = perm
self.sa.add(new)
def revoke_perm(self, users_group, perm):
users_group = self.__get_users_group(users_group)
marcink
#227 Initial version of repository groups permissions system...
 r1982 perm = self.__get_perm(perm)
marcink
auto white-space removal
 r1818
marcink
commit less models...
 r1749 obj = UsersGroupToPerm.query()\
.filter(UsersGroupToPerm.users_group == users_group)\
marcink
fixes issue with initial grant/revoke permissions for users group
 r1932 .filter(UsersGroupToPerm.permission == perm).scalar()
if obj:
self.sa.delete(obj)