permission_model.py
106 lines
| 3.9 KiB
| text/x-python
|
PythonLexer
r547 | #!/usr/bin/env python | |||
# encoding: utf-8 | ||||
# Model for permissions | ||||
# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> | ||||
r629 | ||||
r547 | # This program is free software; you can redistribute it and/or | |||
# modify it under the terms of the GNU General Public License | ||||
# as published by the Free Software Foundation; version 2 | ||||
# of the License or (at your opinion) any later version of the license. | ||||
# | ||||
# This program is distributed in the hope that it will be useful, | ||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
# GNU General Public License for more details. | ||||
# | ||||
# You should have received a copy of the GNU General Public License | ||||
# along with this program; if not, write to the Free Software | ||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, | ||||
# MA 02110-1301, USA. | ||||
""" | ||||
Created on Aug 20, 2010 | ||||
Model for permissions | ||||
@author: marcink | ||||
""" | ||||
from rhodecode.model.db import User, Permission, UserToPerm, RepoToPerm | ||||
r629 | from rhodecode.model.caching_query import FromCache | |||
r547 | from rhodecode.model.meta import Session | |||
import logging | ||||
import traceback | ||||
log = logging.getLogger(__name__) | ||||
class PermissionModel(object): | ||||
r629 | def __init__(self, sa=None): | |||
if not sa: | ||||
self.sa = Session() | ||||
else: | ||||
self.sa = sa | ||||
def get_permission(self, permission_id, cache=False): | ||||
perm = self.sa.query(Permission) | ||||
if cache: | ||||
perm = perm.options(FromCache("sql_cache_short", | ||||
"get_permission_%s" % permission_id)) | ||||
return perm.get(permission_id) | ||||
def get_permission_by_name(self, name, cache=False): | ||||
perm = self.sa.query(Permission)\ | ||||
.filter(Permission.permission_name == name) | ||||
if cache: | ||||
perm = perm.options(FromCache("sql_cache_short", | ||||
"get_permission_%s" % name)) | ||||
return perm.scalar() | ||||
r547 | def update(self, form_result): | |||
perm_user = self.sa.query(User)\ | ||||
.filter(User.username == form_result['perm_user_name']).scalar() | ||||
u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all() | ||||
if len(u2p) != 3: | ||||
r673 | raise Exception('Defined: %s should be 3 permissions for default' | |||
' user. This should not happen please verify' | ||||
' your database' % len(u2p)) | ||||
r629 | ||||
r547 | try: | |||
#stage 1 change defaults | ||||
for p in u2p: | ||||
if p.permission.permission_name.startswith('repository.'): | ||||
r673 | p.permission = self.get_permission_by_name( | |||
form_result['default_perm']) | ||||
r547 | self.sa.add(p) | |||
r629 | ||||
r547 | if p.permission.permission_name.startswith('hg.register.'): | |||
r673 | p.permission = self.get_permission_by_name( | |||
form_result['default_register']) | ||||
r547 | self.sa.add(p) | |||
r629 | ||||
r547 | if p.permission.permission_name.startswith('hg.create.'): | |||
r673 | p.permission = self.get_permission_by_name( | |||
form_result['default_create']) | ||||
r547 | self.sa.add(p) | |||
#stage 2 update all default permissions for repos if checked | ||||
if form_result['overwrite_default'] == 'true': | ||||
r673 | for r2p in self.sa.query(RepoToPerm)\ | |||
.filter(RepoToPerm.user == perm_user).all(): | ||||
r2p.permission = self.get_permission_by_name( | ||||
form_result['default_perm']) | ||||
r547 | self.sa.add(r2p) | |||
r629 | ||||
r673 | #stage 3 set anonymous access | |||
if perm_user.username == 'default': | ||||
perm_user.active = bool(form_result['anonymous']) | ||||
self.sa.add(perm_user) | ||||
r547 | self.sa.commit() | |||
except: | ||||
log.error(traceback.format_exc()) | ||||
self.sa.rollback() | ||||
r629 | raise | |||