db_manage.py
287 lines
| 9.5 KiB
| text/x-python
|
PythonLexer
| r547 | #!/usr/bin/env python | |||
| # encoding: utf-8 | ||||
| r569 | # database management for RhodeCode | |||
| r547 | # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> | |||
| # | ||||
| # This program is free software; you can redistribute it and/or | ||||
| # modify it under the terms of the GNU General Public License | ||||
| # as published by the Free Software Foundation; version 2 | ||||
| # of the License or (at your opinion) any later version of the license. | ||||
| # | ||||
| # This program is distributed in the hope that it will be useful, | ||||
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
| # GNU General Public License for more details. | ||||
| # | ||||
| # You should have received a copy of the GNU General Public License | ||||
| # along with this program; if not, write to the Free Software | ||||
| # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, | ||||
| # MA 02110-1301, USA. | ||||
| """ | ||||
| Created on April 10, 2010 | ||||
| r569 | database management and creation for RhodeCode | |||
| r547 | @author: marcink | |||
| """ | ||||
| from os.path import dirname as dn, join as jn | ||||
| import os | ||||
| import sys | ||||
| import uuid | ||||
| from rhodecode.lib.auth import get_crypt_password | ||||
| from rhodecode.lib.utils import ask_ok | ||||
| from rhodecode.model import init_model | ||||
| r549 | from rhodecode.model.db import User, Permission, RhodeCodeUi, RhodeCodeSettings, \ | |||
| r547 | UserToPerm | |||
| from rhodecode.model import meta | ||||
| from sqlalchemy.engine import create_engine | ||||
| import logging | ||||
| log = logging.getLogger(__name__) | ||||
| class DbManage(object): | ||||
| r552 | def __init__(self, log_sql, dbname, root, tests=False): | |||
| r547 | self.dbname = dbname | |||
| self.tests = tests | ||||
| r552 | self.root = root | |||
| dburi = 'sqlite:////%s' % jn(self.root, self.dbname) | ||||
| r629 | engine = create_engine(dburi, echo=log_sql) | |||
| r547 | init_model(engine) | |||
| r629 | self.sa = meta.Session() | |||
| r547 | self.db_exists = False | |||
| r629 | ||||
| r547 | def check_for_db(self, override): | |||
| r552 | db_path = jn(self.root, self.dbname) | |||
| log.info('checking for existing db in %s', db_path) | ||||
| if os.path.isfile(db_path): | ||||
| r547 | self.db_exists = True | |||
| if not override: | ||||
| raise Exception('database already exists') | ||||
| def create_tables(self, override=False): | ||||
| """ | ||||
| Create a auth database | ||||
| """ | ||||
| self.check_for_db(override) | ||||
| r597 | if self.db_exists: | |||
| r552 | log.info("database exist and it's going to be destroyed") | |||
| r547 | if self.tests: | |||
| destroy = True | ||||
| else: | ||||
| destroy = ask_ok('Are you sure to destroy old database ? [y/n]') | ||||
| if not destroy: | ||||
| sys.exit() | ||||
| if self.db_exists and destroy: | ||||
| r552 | os.remove(jn(self.root, self.dbname)) | |||
| r547 | checkfirst = not override | |||
| meta.Base.metadata.create_all(checkfirst=checkfirst) | ||||
| log.info('Created tables for %s', self.dbname) | ||||
| r629 | ||||
| r597 | def admin_prompt(self, second=False): | |||
| r547 | if not self.tests: | |||
| import getpass | ||||
| r629 | ||||
| r597 | def get_password(): | |||
| password = getpass.getpass('Specify admin password (min 6 chars):') | ||||
| confirm = getpass.getpass('Confirm password:') | ||||
| r629 | ||||
| r597 | if password != confirm: | |||
| log.error('passwords mismatch') | ||||
| return False | ||||
| if len(password) < 6: | ||||
| log.error('password is to short use at least 6 characters') | ||||
| return False | ||||
| r629 | ||||
| r597 | return password | |||
| r629 | ||||
| r547 | username = raw_input('Specify admin username:') | |||
| r629 | ||||
| r597 | password = get_password() | |||
| if not password: | ||||
| #second try | ||||
| password = get_password() | ||||
| if not password: | ||||
| sys.exit() | ||||
| r629 | ||||
| r547 | email = raw_input('Specify admin email:') | |||
| self.create_user(username, password, email, True) | ||||
| else: | ||||
| log.info('creating admin and regular test users') | ||||
| self.create_user('test_admin', 'test12', 'test_admin@mail.com', True) | ||||
| self.create_user('test_regular', 'test12', 'test_regular@mail.com', False) | ||||
| self.create_user('test_regular2', 'test12', 'test_regular2@mail.com', False) | ||||
| r629 | ||||
| r547 | def config_prompt(self, test_repo_path=''): | |||
| log.info('Setting up repositories config') | ||||
| r629 | ||||
| r547 | if not self.tests and not test_repo_path: | |||
| path = raw_input('Specify valid full path to your repositories' | ||||
| ' you can change this later in application settings:') | ||||
| else: | ||||
| path = test_repo_path | ||||
| r629 | ||||
| r547 | if not os.path.isdir(path): | |||
| log.error('You entered wrong path: %s', path) | ||||
| sys.exit() | ||||
| r629 | ||||
| r549 | hooks1 = RhodeCodeUi() | |||
| r547 | hooks1.ui_section = 'hooks' | |||
| hooks1.ui_key = 'changegroup.update' | ||||
| hooks1.ui_value = 'hg update >&2' | ||||
| r560 | hooks1.ui_active = False | |||
| r629 | ||||
| r549 | hooks2 = RhodeCodeUi() | |||
| r547 | hooks2.ui_section = 'hooks' | |||
| hooks2.ui_key = 'changegroup.repo_size' | ||||
| r629 | hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size' | |||
| r549 | web1 = RhodeCodeUi() | |||
| r547 | web1.ui_section = 'web' | |||
| web1.ui_key = 'push_ssl' | ||||
| web1.ui_value = 'false' | ||||
| r629 | ||||
| r549 | web2 = RhodeCodeUi() | |||
| r547 | web2.ui_section = 'web' | |||
| web2.ui_key = 'allow_archive' | ||||
| web2.ui_value = 'gz zip bz2' | ||||
| r629 | ||||
| r549 | web3 = RhodeCodeUi() | |||
| r547 | web3.ui_section = 'web' | |||
| web3.ui_key = 'allow_push' | ||||
| web3.ui_value = '*' | ||||
| r629 | ||||
| r549 | web4 = RhodeCodeUi() | |||
| r547 | web4.ui_section = 'web' | |||
| web4.ui_key = 'baseurl' | ||||
| r629 | web4.ui_value = '/' | |||
| r549 | paths = RhodeCodeUi() | |||
| r547 | paths.ui_section = 'paths' | |||
| paths.ui_key = '/' | ||||
| r631 | paths.ui_value = path | |||
| r629 | ||||
| r549 | hgsettings1 = RhodeCodeSettings() | |||
| r629 | ||||
| r547 | hgsettings1.app_settings_name = 'realm' | |||
| r555 | hgsettings1.app_settings_value = 'RhodeCode authentication' | |||
| r629 | ||||
| r549 | hgsettings2 = RhodeCodeSettings() | |||
| r547 | hgsettings2.app_settings_name = 'title' | |||
| r629 | hgsettings2.app_settings_value = 'RhodeCode' | |||
| r547 | try: | |||
| self.sa.add(hooks1) | ||||
| self.sa.add(hooks2) | ||||
| self.sa.add(web1) | ||||
| self.sa.add(web2) | ||||
| self.sa.add(web3) | ||||
| self.sa.add(web4) | ||||
| self.sa.add(paths) | ||||
| self.sa.add(hgsettings1) | ||||
| self.sa.add(hgsettings2) | ||||
| self.sa.commit() | ||||
| except: | ||||
| self.sa.rollback() | ||||
| r629 | raise | |||
| r547 | log.info('created ui config') | |||
| r629 | ||||
| r547 | def create_user(self, username, password, email='', admin=False): | |||
| log.info('creating administrator user %s', username) | ||||
| new_user = User() | ||||
| new_user.username = username | ||||
| new_user.password = get_crypt_password(password) | ||||
| r555 | new_user.name = 'RhodeCode' | |||
| r547 | new_user.lastname = 'Admin' | |||
| new_user.email = email | ||||
| new_user.admin = admin | ||||
| new_user.active = True | ||||
| r629 | ||||
| r547 | try: | |||
| self.sa.add(new_user) | ||||
| self.sa.commit() | ||||
| except: | ||||
| self.sa.rollback() | ||||
| raise | ||||
| def create_default_user(self): | ||||
| log.info('creating default user') | ||||
| #create default user for handling default permissions. | ||||
| def_user = User() | ||||
| def_user.username = 'default' | ||||
| def_user.password = get_crypt_password(str(uuid.uuid1())[:8]) | ||||
| def_user.name = 'default' | ||||
| def_user.lastname = 'default' | ||||
| def_user.email = 'default@default.com' | ||||
| def_user.admin = False | ||||
| def_user.active = False | ||||
| try: | ||||
| self.sa.add(def_user) | ||||
| self.sa.commit() | ||||
| except: | ||||
| self.sa.rollback() | ||||
| raise | ||||
| r629 | ||||
| r547 | def create_permissions(self): | |||
| #module.(access|create|change|delete)_[name] | ||||
| #module.(read|write|owner) | ||||
| perms = [('repository.none', 'Repository no access'), | ||||
| ('repository.read', 'Repository read access'), | ||||
| ('repository.write', 'Repository write access'), | ||||
| ('repository.admin', 'Repository admin access'), | ||||
| ('hg.admin', 'Hg Administrator'), | ||||
| ('hg.create.repository', 'Repository create'), | ||||
| ('hg.create.none', 'Repository creation disabled'), | ||||
| ('hg.register.none', 'Register disabled'), | ||||
| r549 | ('hg.register.manual_activate', 'Register new user with rhodecode without manual activation'), | |||
| ('hg.register.auto_activate', 'Register new user with rhodecode without auto activation'), | ||||
| r547 | ] | |||
| r629 | ||||
| r547 | for p in perms: | |||
| new_perm = Permission() | ||||
| new_perm.permission_name = p[0] | ||||
| new_perm.permission_longname = p[1] | ||||
| try: | ||||
| self.sa.add(new_perm) | ||||
| self.sa.commit() | ||||
| except: | ||||
| self.sa.rollback() | ||||
| raise | ||||
| def populate_default_permissions(self): | ||||
| log.info('creating default user permissions') | ||||
| r629 | ||||
| r547 | default_user = self.sa.query(User)\ | |||
| .filter(User.username == 'default').scalar() | ||||
| r629 | ||||
| r547 | reg_perm = UserToPerm() | |||
| reg_perm.user = default_user | ||||
| reg_perm.permission = self.sa.query(Permission)\ | ||||
| .filter(Permission.permission_name == 'hg.register.manual_activate')\ | ||||
| r629 | .scalar() | |||
| r547 | create_repo_perm = UserToPerm() | |||
| create_repo_perm.user = default_user | ||||
| create_repo_perm.permission = self.sa.query(Permission)\ | ||||
| .filter(Permission.permission_name == 'hg.create.repository')\ | ||||
| r629 | .scalar() | |||
| r547 | default_repo_perm = UserToPerm() | |||
| default_repo_perm.user = default_user | ||||
| default_repo_perm.permission = self.sa.query(Permission)\ | ||||
| .filter(Permission.permission_name == 'repository.read')\ | ||||
| r629 | .scalar() | |||
| r547 | try: | |||
| self.sa.add(reg_perm) | ||||
| self.sa.add(create_repo_perm) | ||||
| self.sa.add(default_repo_perm) | ||||
| self.sa.commit() | ||||
| except: | ||||
| self.sa.rollback() | ||||
| r629 | raise | |||
