users_group.py
196 lines
| 6.6 KiB
| text/x-python
|
PythonLexer
Nicolas VINOT
|
r1586 | # -*- coding: utf-8 -*- | ||
""" | ||||
rhodecode.model.users_group | ||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||||
users group model for RhodeCode | ||||
:created_on: Oct 1, 2011 | ||||
:author: nvinot | ||||
:copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr> | ||||
r1824 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |||
Nicolas VINOT
|
r1586 | :license: GPLv3, see COPYING for more details. | ||
""" | ||||
# This program is free software: you can redistribute it and/or modify | ||||
# it under the terms of the GNU General Public License as published by | ||||
# the Free Software Foundation, either version 3 of the License, or | ||||
# (at your option) any later version. | ||||
# | ||||
# This program is distributed in the hope that it will be useful, | ||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
# GNU General Public License for more details. | ||||
# | ||||
# You should have received a copy of the GNU General Public License | ||||
# along with this program. If not, see <http://www.gnu.org/licenses/>. | ||||
import logging | ||||
import traceback | ||||
r1692 | from rhodecode.model import BaseModel | |||
r1749 | from rhodecode.model.db import UsersGroupMember, UsersGroup,\ | |||
r1989 | UsersGroupRepoToPerm, Permission, UsersGroupToPerm, User | |||
r1749 | from rhodecode.lib.exceptions import UsersGroupsAssignedException | |||
Nicolas VINOT
|
r1586 | |||
Nicolas VINOT
|
r1593 | log = logging.getLogger(__name__) | ||
Nicolas VINOT
|
r1586 | |||
r1716 | ||||
Nicolas VINOT
|
r1593 | class UsersGroupModel(BaseModel): | ||
Nicolas VINOT
|
r1586 | |||
r1989 | def __get_user(self, user): | |||
return self._get_instance(User, user, callback=User.get_by_username) | ||||
r1713 | def __get_users_group(self, users_group): | |||
r1982 | return self._get_instance(UsersGroup, users_group, | |||
callback=UsersGroup.get_by_group_name) | ||||
def __get_perm(self, permission): | ||||
return self._get_instance(Permission, permission, | ||||
callback=Permission.get_by_key) | ||||
r1713 | ||||
r1716 | def get(self, users_group_id, cache=False): | |||
r1713 | return UsersGroup.get(users_group_id) | |||
Nicolas VINOT
|
r1586 | |||
r1716 | def get_by_name(self, name, cache=False, case_insensitive=False): | |||
r1713 | return UsersGroup.get_by_group_name(name, cache, case_insensitive) | |||
Nicolas VINOT
|
r1586 | |||
r1734 | def create(self, name, active=True): | |||
r1749 | try: | |||
new = UsersGroup() | ||||
new.users_group_name = name | ||||
new.users_group_active = active | ||||
self.sa.add(new) | ||||
return new | ||||
except: | ||||
log.error(traceback.format_exc()) | ||||
raise | ||||
def update(self, users_group, form_data): | ||||
try: | ||||
users_group = self.__get_users_group(users_group) | ||||
for k, v in form_data.items(): | ||||
if k == 'users_group_members': | ||||
users_group.members = [] | ||||
self.sa.flush() | ||||
members_list = [] | ||||
if v: | ||||
v = [v] if isinstance(v, basestring) else v | ||||
for u_id in set(v): | ||||
member = UsersGroupMember(users_group.users_group_id, u_id) | ||||
members_list.append(member) | ||||
setattr(users_group, 'members', members_list) | ||||
setattr(users_group, k, v) | ||||
self.sa.add(users_group) | ||||
except: | ||||
log.error(traceback.format_exc()) | ||||
raise | ||||
r1713 | ||||
r1982 | def delete(self, users_group, force=False): | |||
""" | ||||
Deletes repos group, unless force flag is used | ||||
raises exception if there are members in that group, else deletes | ||||
group and users | ||||
:param users_group: | ||||
:param force: | ||||
""" | ||||
r1749 | try: | |||
users_group = self.__get_users_group(users_group) | ||||
r1818 | ||||
r1749 | # check if this group is not assigned to repo | |||
assigned_groups = UsersGroupRepoToPerm.query()\ | ||||
.filter(UsersGroupRepoToPerm.users_group == users_group).all() | ||||
r1982 | if assigned_groups and force is False: | |||
r1749 | raise UsersGroupsAssignedException('RepoGroup assigned to %s' % | |||
assigned_groups) | ||||
r1818 | ||||
r1749 | self.sa.delete(users_group) | |||
except: | ||||
log.error(traceback.format_exc()) | ||||
raise | ||||
r1713 | ||||
Nicolas VINOT
|
r1593 | def add_user_to_group(self, users_group, user): | ||
r1989 | users_group = self.__get_users_group(users_group) | |||
user = self.__get_user(user) | ||||
Nicolas VINOT
|
r1589 | for m in users_group.members: | ||
u = m.user | ||||
if u.user_id == user.user_id: | ||||
r1989 | return True | |||
Nicolas VINOT
|
r1589 | |||
Nicolas VINOT
|
r1586 | try: | ||
users_group_member = UsersGroupMember() | ||||
users_group_member.user = user | ||||
users_group_member.users_group = users_group | ||||
Nicolas VINOT
|
r1593 | users_group.members.append(users_group_member) | ||
user.group_member.append(users_group_member) | ||||
Nicolas VINOT
|
r1587 | |||
Nicolas VINOT
|
r1593 | self.sa.add(users_group_member) | ||
Nicolas VINOT
|
r1586 | return users_group_member | ||
except: | ||||
Nicolas VINOT
|
r1593 | log.error(traceback.format_exc()) | ||
Nicolas VINOT
|
r1587 | raise | ||
r1749 | ||||
r1989 | def remove_user_from_group(self, users_group, user): | |||
users_group = self.__get_users_group(users_group) | ||||
user = self.__get_user(user) | ||||
users_group_member = None | ||||
for m in users_group.members: | ||||
if m.user.user_id == user.user_id: | ||||
# Found this user's membership row | ||||
users_group_member = m | ||||
break | ||||
if users_group_member: | ||||
try: | ||||
self.sa.delete(users_group_member) | ||||
return True | ||||
except: | ||||
log.error(traceback.format_exc()) | ||||
raise | ||||
else: | ||||
# User isn't in that group | ||||
return False | ||||
r1749 | def has_perm(self, users_group, perm): | |||
users_group = self.__get_users_group(users_group) | ||||
r1982 | perm = self.__get_perm(perm) | |||
r1749 | ||||
return UsersGroupToPerm.query()\ | ||||
.filter(UsersGroupToPerm.users_group == users_group)\ | ||||
.filter(UsersGroupToPerm.permission == perm).scalar() is not None | ||||
def grant_perm(self, users_group, perm): | ||||
if not isinstance(perm, Permission): | ||||
raise Exception('perm needs to be an instance of Permission class') | ||||
users_group = self.__get_users_group(users_group) | ||||
r2078 | # if this permission is already granted skip it | |||
_perm = UsersGroupToPerm.query()\ | ||||
.filter(UsersGroupToPerm.users_group == users_group)\ | ||||
.filter(UsersGroupToPerm.permission == perm)\ | ||||
.scalar() | ||||
if _perm: | ||||
return | ||||
r1749 | new = UsersGroupToPerm() | |||
new.users_group = users_group | ||||
new.permission = perm | ||||
self.sa.add(new) | ||||
def revoke_perm(self, users_group, perm): | ||||
users_group = self.__get_users_group(users_group) | ||||
r1982 | perm = self.__get_perm(perm) | |||
r1818 | ||||
r1749 | obj = UsersGroupToPerm.query()\ | |||
.filter(UsersGroupToPerm.users_group == users_group)\ | ||||
r1932 | .filter(UsersGroupToPerm.permission == perm).scalar() | |||
if obj: | ||||
self.sa.delete(obj) | ||||