##// END OF EJS Templates
auto-healing of permissions for default user after upgrading from some old versions.
marcink -
r2798:091e99b2 beta
parent child Browse files
Show More
@@ -5,7 +5,7 b' Changelog'
5 =========
5 =========
6
6
7
7
8 1.4.1 (**2012-XX-XX**)
8 1.4.1 (**2012-09-04**)
9 ----------------------
9 ----------------------
10
10
11 :status: in-progress
11 :status: in-progress
@@ -16,11 +16,17 b' news'
16
16
17 - always put a comment about code-review status change even if user send
17 - always put a comment about code-review status change even if user send
18 empty data
18 empty data
19 - modified_on column saves repository update and it's going to be used
20 later for light version of main page ref #500
19
21
20 fixes
22 fixes
21 +++++
23 +++++
22
24
23 - fixed migrations of permissions that can lead to inconsistency issue
25 - fixed migrations of permissions that can lead to inconsistency.
26 Some users sent feedback that after upgrading from older versions issues with updating
27 default permissions occured. RhodeCode detects that now and resets default user
28 permission to initial state if there is a need for that. Also forces users to set
29 the default value for new forking permission.
24
30
25
31
26 1.4.0 (**2012-09-03**)
32 1.4.0 (**2012-09-03**)
@@ -255,7 +255,14 b' class DbManage(object):'
255 Session().add(reg_perm)
255 Session().add(reg_perm)
256
256
257 def step_7(self):
257 def step_7(self):
258 pass
258 perm_fixes = self.klass.reset_permissions(User.DEFAULT_USER)
259 Session().commit()
260 if perm_fixes:
261 notify('There was an inconsistent state of permissions '
262 'detected for default user. Permissions are now '
263 'reset to the default value for default user. '
264 'Please validate and check default permissions '
265 'in admin panel')
259
266
260 upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)
267 upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)
261
268
@@ -478,6 +485,28 b' class DbManage(object):'
478 log.debug('missing default permission for group %s adding' % g)
485 log.debug('missing default permission for group %s adding' % g)
479 ReposGroupModel()._create_default_perms(g)
486 ReposGroupModel()._create_default_perms(g)
480
487
488 def reset_permissions(self, username):
489 """
490 Resets permissions to default state, usefull when old systems had
491 bad permissions, we must clean them up
492
493 :param username:
494 :type username:
495 """
496 default_user = User.get_by_username(username)
497 if not default_user:
498 return
499
500 u2p = UserToPerm.query()\
501 .filter(UserToPerm.user == default_user).all()
502 fixed = False
503 if len(u2p) != len(User.DEFAULT_PERMISSIONS):
504 for p in u2p:
505 Session().delete(p)
506 fixed = True
507 self.populate_default_permissions()
508 return fixed
509
481 def config_prompt(self, test_repo_path='', retries=3, defaults={}):
510 def config_prompt(self, test_repo_path='', retries=3, defaults={}):
482 _path = defaults.get('repos_location')
511 _path = defaults.get('repos_location')
483 if retries == 3:
512 if retries == 3:
@@ -605,8 +634,7 b' class DbManage(object):'
605
634
606 default_user = User.get_by_username('default')
635 default_user = User.get_by_username('default')
607
636
608 for def_perm in ['hg.register.manual_activate', 'hg.create.repository',
637 for def_perm in User.DEFAULT_PERMISSIONS:
609 'hg.fork.repository', 'repository.read']:
610
638
611 perm = self.sa.query(Permission)\
639 perm = self.sa.query(Permission)\
612 .filter(Permission.permission_name == def_perm)\
640 .filter(Permission.permission_name == def_perm)\
@@ -289,7 +289,10 b' class User(Base, BaseModel):'
289 'mysql_charset': 'utf8'}
289 'mysql_charset': 'utf8'}
290 )
290 )
291 DEFAULT_USER = 'default'
291 DEFAULT_USER = 'default'
292
292 DEFAULT_PERMISSIONS = [
293 'hg.register.manual_activate', 'hg.create.repository',
294 'hg.fork.repository', 'repository.read'
295 ]
293 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
296 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
294 username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
297 username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
295 password = Column("password", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
298 password = Column("password", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
@@ -77,7 +77,7 b' class PermissionModel(BaseModel):'
77 form_result['perm_user_name']).scalar()
77 form_result['perm_user_name']).scalar()
78 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==
78 u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==
79 perm_user).all()
79 perm_user).all()
80 if len(u2p) != 4:
80 if len(u2p) != len(User.DEFAULT_PERMISSIONS):
81 raise Exception('Defined: %s should be 4 permissions for default'
81 raise Exception('Defined: %s should be 4 permissions for default'
82 ' user. This should not happen please verify'
82 ' user. This should not happen please verify'
83 ' your database' % len(u2p))
83 ' your database' % len(u2p))
General Comments 0
You need to be logged in to leave comments. Login now