api.py
367 lines
| 12.1 KiB
| text/x-python
|
PythonLexer
| r1500 | import traceback | |||
| import logging | ||||
| r1445 | from rhodecode.controllers.api import JSONRPCController, JSONRPCError | |||
| r1594 | from rhodecode.lib.auth import HasPermissionAllDecorator, \ | |||
| HasPermissionAnyDecorator | ||||
| r1445 | from rhodecode.model.scm import ScmModel | |||
| r1633 | from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository | |||
Nicolas VINOT
|
r1584 | from rhodecode.model.repo import RepoModel | ||
|
Nicolas VINOT
|
r1586 | from rhodecode.model.user import UserModel | ||
|
Nicolas VINOT
|
r1587 | from rhodecode.model.repo_permission import RepositoryPermissionModel | ||
|
Nicolas VINOT
|
r1586 | from rhodecode.model.users_group import UsersGroupModel | ||
|
Nicolas VINOT
|
r1587 | from rhodecode.model import users_group | ||
|
Nicolas VINOT
|
r1589 | from rhodecode.model.repos_group import ReposGroupModel | ||
| from sqlalchemy.orm.exc import NoResultFound | ||||
| r1500 | ||||
|
Nicolas VINOT
|
r1593 | log = logging.getLogger(__name__) | ||
| r1500 | ||||
| r1445 | ||||
|
Nicolas VINOT
|
r1593 | class ApiController(JSONRPCController): | ||
| r1445 | """ | |||
| API Controller | ||||
|
Nicolas VINOT
|
r1584 | |||
| r1445 | Each method needs to have USER as argument this is then based on given | |||
| API_KEY propagated as instance of user object | ||||
|
Nicolas VINOT
|
r1584 | |||
| r1445 | Preferably this should be first argument also | |||
|
Nicolas VINOT
|
r1584 | |||
| Each function should also **raise** JSONRPCError for any | ||||
| r1445 | errors that happens | |||
|
Nicolas VINOT
|
r1584 | |||
| r1445 | """ | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def pull(self, apiuser, repo): | ||||
| r1445 | """ | |||
| Dispatch pull action on given repo | ||||
|
Nicolas VINOT
|
r1584 | |||
| r1500 | :param user: | |||
| :param repo: | ||||
| r1445 | """ | |||
|
Nicolas VINOT
|
r1593 | if Repository.is_valid(repo) is False: | ||
| raise JSONRPCError('Unknown repo "%s"' % repo) | ||||
|
Nicolas VINOT
|
r1587 | |||
| r1445 | try: | |||
|
Nicolas VINOT
|
r1593 | ScmModel().pull_changes(repo, self.rhodecode_user.username) | ||
| r1445 | return 'Pulled from %s' % repo | |||
| except Exception: | ||||
|
Nicolas VINOT
|
r1593 | raise JSONRPCError('Unable to pull changes from "%s"' % repo) | ||
| r1445 | ||||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def get_user(self, apiuser, username): | ||||
|
Nicolas VINOT
|
r1587 | """" | ||
| Get a user by username | ||||
| :param apiuser | ||||
| :param username | ||||
| """ | ||||
| r1445 | ||||
|
Nicolas VINOT
|
r1593 | user = User.get_by_username(username) | ||
|
Nicolas VINOT
|
r1591 | if not user: | ||
|
Nicolas VINOT
|
r1587 | return None | ||
| r1594 | return dict(id=user.user_id, | |||
| username=user.username, | ||||
| firstname=user.name, | ||||
| lastname=user.lastname, | ||||
| email=user.email, | ||||
| active=user.active, | ||||
| admin=user.admin, | ||||
| ldap=user.ldap_dn) | ||||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def get_users(self, apiuser): | ||||
|
Nicolas VINOT
|
r1586 | """" | ||
|
Nicolas VINOT
|
r1587 | Get all users | ||
|
Nicolas VINOT
|
r1586 | |||
| :param apiuser | ||||
| """ | ||||
| result = [] | ||||
| for user in User.getAll(): | ||||
| r1594 | result.append(dict(id=user.user_id, | |||
| username=user.username, | ||||
| firstname=user.name, | ||||
| lastname=user.lastname, | ||||
| email=user.email, | ||||
| active=user.active, | ||||
| admin=user.admin, | ||||
| ldap=user.ldap_dn)) | ||||
|
Nicolas VINOT
|
r1586 | return result | ||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def create_user(self, apiuser, username, password, firstname, | ||||
| r1594 | lastname, email, active=True, admin=False, ldap_dn=None): | |||
| r1500 | """ | |||
|
Nicolas VINOT
|
r1587 | Create new user | ||
|
Nicolas VINOT
|
r1584 | |||
| r1500 | :param apiuser: | |||
| :param username: | ||||
| :param password: | ||||
| :param name: | ||||
| :param lastname: | ||||
| :param email: | ||||
|
Nicolas VINOT
|
r1584 | :param active: | ||
| :param admin: | ||||
| :param ldap_dn: | ||||
| r1500 | """ | |||
|
Nicolas VINOT
|
r1584 | |||
|
Nicolas VINOT
|
r1593 | if self.get_user(apiuser, username): | ||
| raise JSONRPCError("user %s already exist" % username) | ||||
|
Nicolas VINOT
|
r1589 | |||
| r1500 | try: | |||
| r1649 | UserModel().create_or_update(username, password, email, firstname, | |||
| lastname, active, admin, ldap_dn) | ||||
| r1594 | return dict(msg='created new user %s' % username) | |||
| r1500 | except Exception: | |||
|
Nicolas VINOT
|
r1593 | log.error(traceback.format_exc()) | ||
| raise JSONRPCError('failed to create user %s' % username) | ||||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def get_users_group(self, apiuser, group_name): | ||||
|
Nicolas VINOT
|
r1587 | """" | ||
| Get users group by name | ||||
| :param apiuser | ||||
| :param group_name | ||||
| """ | ||||
|
Nicolas VINOT
|
r1593 | users_group = UsersGroup.get_by_group_name(group_name) | ||
|
Nicolas VINOT
|
r1587 | if not users_group: | ||
| return None | ||||
| r1445 | ||||
|
Nicolas VINOT
|
r1587 | members = [] | ||
| for user in users_group.members: | ||||
| user = user.user | ||||
| r1594 | members.append(dict(id=user.user_id, | |||
| username=user.username, | ||||
| firstname=user.name, | ||||
| lastname=user.lastname, | ||||
| email=user.email, | ||||
| active=user.active, | ||||
| admin=user.admin, | ||||
| ldap=user.ldap_dn)) | ||||
|
Nicolas VINOT
|
r1587 | |||
| r1594 | return dict(id=users_group.users_group_id, | |||
| name=users_group.users_group_name, | ||||
| active=users_group.users_group_active, | ||||
| members=members) | ||||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def get_users_groups(self, apiuser): | ||||
|
Nicolas VINOT
|
r1584 | """" | ||
|
Nicolas VINOT
|
r1587 | Get all users groups | ||
|
Nicolas VINOT
|
r1584 | |||
| :param apiuser | ||||
| """ | ||||
|
Nicolas VINOT
|
r1586 | |||
|
Nicolas VINOT
|
r1584 | result = [] | ||
|
Nicolas VINOT
|
r1586 | for users_group in UsersGroup.getAll(): | ||
|
Nicolas VINOT
|
r1587 | members = [] | ||
| for user in users_group.members: | ||||
| user = user.user | ||||
| r1594 | members.append(dict(id=user.user_id, | |||
| username=user.username, | ||||
| firstname=user.name, | ||||
| lastname=user.lastname, | ||||
| email=user.email, | ||||
| active=user.active, | ||||
| admin=user.admin, | ||||
| ldap=user.ldap_dn)) | ||||
|
Nicolas VINOT
|
r1587 | |||
| r1594 | result.append(dict(id=users_group.users_group_id, | |||
| name=users_group.users_group_name, | ||||
| active=users_group.users_group_active, | ||||
| members=members)) | ||||
|
Nicolas VINOT
|
r1584 | return result | ||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| r1594 | def create_users_group(self, apiuser, name, active=True): | |||
| r1500 | """ | |||
| Creates an new usergroup | ||||
|
Nicolas VINOT
|
r1584 | |||
| r1500 | :param name: | |||
| :param active: | ||||
| """ | ||||
|
Nicolas VINOT
|
r1586 | |||
|
Nicolas VINOT
|
r1593 | if self.get_users_group(apiuser, name): | ||
| raise JSONRPCError("users group %s already exist" % name) | ||||
|
Nicolas VINOT
|
r1589 | |||
| r1500 | try: | |||
| r1594 | form_data = dict(users_group_name=name, | |||
| users_group_active=active) | ||||
|
Nicolas VINOT
|
r1593 | ug = UsersGroup.create(form_data) | ||
| r1594 | return dict(id=ug.users_group_id, | |||
| msg='created new users group %s' % name) | ||||
| r1500 | except Exception: | |||
|
Nicolas VINOT
|
r1593 | log.error(traceback.format_exc()) | ||
| raise JSONRPCError('failed to create group %s' % name) | ||||
|
Nicolas VINOT
|
r1584 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAllDecorator('hg.admin') | ||
| def add_user_to_users_group(self, apiuser, group_name, user_name): | ||||
|
Nicolas VINOT
|
r1584 | """" | ||
| Add a user to a group | ||||
| :param apiuser | ||||
|
Nicolas VINOT
|
r1587 | :param group_name | ||
|
Nicolas VINOT
|
r1584 | :param user_name | ||
| """ | ||||
|
Nicolas VINOT
|
r1586 | try: | ||
|
Nicolas VINOT
|
r1593 | users_group = UsersGroup.get_by_group_name(group_name) | ||
|
Nicolas VINOT
|
r1586 | if not users_group: | ||
|
Nicolas VINOT
|
r1593 | raise JSONRPCError('unknown users group %s' % group_name) | ||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1589 | try: | ||
|
Nicolas VINOT
|
r1593 | user = User.get_by_username(user_name) | ||
|
Nicolas VINOT
|
r1589 | except NoResultFound: | ||
|
Nicolas VINOT
|
r1593 | raise JSONRPCError('unknown user %s' % user_name) | ||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1593 | ugm = UsersGroupModel().add_user_to_group(users_group, user) | ||
|
Nicolas VINOT
|
r1584 | |||
| r1594 | return dict(id=ugm.users_group_member_id, | |||
| msg='created new users group member') | ||||
|
Nicolas VINOT
|
r1587 | except Exception: | ||
|
Nicolas VINOT
|
r1593 | log.error(traceback.format_exc()) | ||
| raise JSONRPCError('failed to create users group member') | ||||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAnyDecorator('hg.admin') | ||
| def get_repo(self, apiuser, repo_name): | ||||
|
Nicolas VINOT
|
r1587 | """" | ||
| Get repository by name | ||||
| :param apiuser | ||||
| :param repo_name | ||||
| """ | ||||
|
Nicolas VINOT
|
r1589 | try: | ||
|
Nicolas VINOT
|
r1593 | repo = Repository.get_by_repo_name(repo_name) | ||
|
Nicolas VINOT
|
r1589 | except NoResultFound: | ||
|
Nicolas VINOT
|
r1587 | return None | ||
|
Nicolas VINOT
|
r1584 | |||
|
Nicolas VINOT
|
r1587 | members = [] | ||
| for user in repo.repo_to_perm: | ||||
| perm = user.permission.permission_name | ||||
| user = user.user | ||||
| r1594 | members.append(dict(type_="user", | |||
| id=user.user_id, | ||||
| username=user.username, | ||||
| firstname=user.name, | ||||
| lastname=user.lastname, | ||||
| email=user.email, | ||||
| active=user.active, | ||||
| admin=user.admin, | ||||
| ldap=user.ldap_dn, | ||||
| permission=perm)) | ||||
|
Nicolas VINOT
|
r1587 | for users_group in repo.users_group_to_perm: | ||
| perm = users_group.permission.permission_name | ||||
| users_group = users_group.users_group | ||||
| r1594 | members.append(dict(type_="users_group", | |||
| id=users_group.users_group_id, | ||||
| name=users_group.users_group_name, | ||||
| active=users_group.users_group_active, | ||||
| permission=perm)) | ||||
|
Nicolas VINOT
|
r1584 | |||
| r1594 | return dict(id=repo.repo_id, | |||
| name=repo.repo_name, | ||||
| type=repo.repo_type, | ||||
| description=repo.description, | ||||
| members=members) | ||||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAnyDecorator('hg.admin') | ||
| def get_repos(self, apiuser): | ||||
|
Nicolas VINOT
|
r1586 | """" | ||
|
Nicolas VINOT
|
r1587 | Get all repositories | ||
|
Nicolas VINOT
|
r1586 | |||
| :param apiuser | ||||
| """ | ||||
|
Nicolas VINOT
|
r1587 | |||
|
Nicolas VINOT
|
r1586 | result = [] | ||
| for repository in Repository.getAll(): | ||||
| r1594 | result.append(dict(id=repository.repo_id, | |||
| name=repository.repo_name, | ||||
| type=repository.repo_type, | ||||
| description=repository.description)) | ||||
|
Nicolas VINOT
|
r1586 | return result | ||
|
Nicolas VINOT
|
r1593 | @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository') | ||
| r1594 | def create_repo(self, apiuser, name, owner_name, description='', | |||
| repo_type='hg', private=False): | ||||
|
Nicolas VINOT
|
r1584 | """ | ||
| Create a repository | ||||
| :param apiuser | ||||
| :param name | ||||
| :param description | ||||
| :param type | ||||
| :param private | ||||
| :param owner_name | ||||
| """ | ||||
|
Nicolas VINOT
|
r1586 | try: | ||
|
Nicolas VINOT
|
r1589 | try: | ||
|
Nicolas VINOT
|
r1593 | owner = User.get_by_username(owner_name) | ||
|
Nicolas VINOT
|
r1589 | except NoResultFound: | ||
|
Nicolas VINOT
|
r1593 | raise JSONRPCError('unknown user %s' % owner) | ||
|
Nicolas VINOT
|
r1584 | |||
|
Nicolas VINOT
|
r1593 | if self.get_repo(apiuser, name): | ||
| raise JSONRPCError("repo %s already exist" % name) | ||||
|
Nicolas VINOT
|
r1589 | |||
|
Nicolas VINOT
|
r1593 | groups = name.split('/') | ||
|
Nicolas VINOT
|
r1589 | real_name = groups[-1] | ||
| groups = groups[:-1] | ||||
| parent_id = None | ||||
| for g in groups: | ||||
| r1633 | group = RepoGroup.get_by_group_name(g) | |||
|
Nicolas VINOT
|
r1589 | if not group: | ||
| r1594 | group = ReposGroupModel().create(dict(group_name=g, | |||
| group_description='', | ||||
| group_parent_id=parent_id)) | ||||
|
Nicolas VINOT
|
r1589 | parent_id = group.group_id | ||
| r1594 | RepoModel().create(dict(repo_name=real_name, | |||
| repo_name_full=name, | ||||
| description=description, | ||||
| private=private, | ||||
| repo_type=repo_type, | ||||
| repo_group=parent_id, | ||||
| clone_uri=None), owner) | ||||
|
Nicolas VINOT
|
r1584 | except Exception: | ||
|
Nicolas VINOT
|
r1593 | log.error(traceback.format_exc()) | ||
| raise JSONRPCError('failed to create repository %s' % name) | ||||
|
Nicolas VINOT
|
r1584 | |||
|
Nicolas VINOT
|
r1593 | @HasPermissionAnyDecorator('hg.admin') | ||
| def add_user_to_repo(self, apiuser, repo_name, user_name, perm): | ||||
|
Nicolas VINOT
|
r1586 | """ | ||
| Add permission for a user to a repository | ||||
|
Nicolas VINOT
|
r1584 | |||
|
Nicolas VINOT
|
r1586 | :param apiuser | ||
| :param repo_name | ||||
| :param user_name | ||||
| :param perm | ||||
| """ | ||||
| try: | ||||
|
Nicolas VINOT
|
r1589 | try: | ||
|
Nicolas VINOT
|
r1593 | repo = Repository.get_by_repo_name(repo_name) | ||
|
Nicolas VINOT
|
r1589 | except NoResultFound: | ||
|
Nicolas VINOT
|
r1593 | raise JSONRPCError('unknown repository %s' % repo) | ||
|
Nicolas VINOT
|
r1586 | |||
|
Nicolas VINOT
|
r1589 | try: | ||
|
Nicolas VINOT
|
r1593 | user = User.get_by_username(user_name) | ||
|
Nicolas VINOT
|
r1589 | except NoResultFound: | ||
|
Nicolas VINOT
|
r1593 | raise JSONRPCError('unknown user %s' % user) | ||
|
Nicolas VINOT
|
r1586 | |||
| r1594 | RepositoryPermissionModel()\ | |||
| .update_or_delete_user_permission(repo, user, perm) | ||||
|
Nicolas VINOT
|
r1586 | except Exception: | ||
|
Nicolas VINOT
|
r1593 | log.error(traceback.format_exc()) | ||
| raise JSONRPCError('failed to edit permission %(repo)s for %(user)s' | ||||
| r1594 | % dict(user=user_name, repo=repo_name)) | |||
|
Nicolas VINOT
|
r1586 | |||
