Show More
@@ -30,6 +30,7 b' fixes' | |||||
30 | - fixed error occurring during recursive group creation in API |
|
30 | - fixed error occurring during recursive group creation in API | |
31 | create_repo function |
|
31 | create_repo function | |
32 | - fixed #393 py2.5 fixes for routes url generator |
|
32 | - fixed #393 py2.5 fixes for routes url generator | |
|
33 | - fixed #397 Private repository groups shows up before login | |||
33 |
|
34 | |||
34 | 1.3.3 (**2012-03-02**) |
|
35 | 1.3.3 (**2012-03-02**) | |
35 | ---------------------- |
|
36 | ---------------------- |
@@ -299,13 +299,14 b' class UserModel(BaseModel):' | |||||
299 | if user.username == 'default': |
|
299 | if user.username == 'default': | |
300 | raise DefaultUserException( |
|
300 | raise DefaultUserException( | |
301 |
|
|
301 | _("You can't remove this user since it's" | |
302 |
|
|
302 | " crucial for entire application") | |
|
303 | ) | |||
303 | if user.repositories: |
|
304 | if user.repositories: | |
304 |
raise UserOwnsReposException( |
|
305 | raise UserOwnsReposException( | |
305 |
|
|
306 | _('user "%s" still owns %s repositories and cannot be ' | |
306 |
|
|
307 | 'removed. Switch owners or remove those repositories') | |
307 | 'remove those repositories') \ |
|
308 | % (user.username, user.repositories) | |
308 | % user.repositories) |
|
309 | ) | |
309 | self.sa.delete(user) |
|
310 | self.sa.delete(user) | |
310 | except: |
|
311 | except: | |
311 | log.error(traceback.format_exc()) |
|
312 | log.error(traceback.format_exc()) | |
@@ -500,7 +501,7 b' class UserModel(BaseModel):' | |||||
500 | self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\ |
|
501 | self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\ | |
501 | .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ |
|
502 | .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ | |
502 | .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\ |
|
503 | .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\ | |
503 | .filter(UserRepoToPerm.user_id == uid)\ |
|
504 | .filter(UserRepoGroupToPerm.user_id == uid)\ | |
504 | .all() |
|
505 | .all() | |
505 |
|
506 | |||
506 | for perm in user_repo_groups_perms: |
|
507 | for perm in user_repo_groups_perms: | |
@@ -509,7 +510,6 b' class UserModel(BaseModel):' | |||||
509 | cur_perm = user.permissions[GK][rg_k] |
|
510 | cur_perm = user.permissions[GK][rg_k] | |
510 | if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: |
|
511 | if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]: | |
511 | user.permissions[GK][rg_k] = p |
|
512 | user.permissions[GK][rg_k] = p | |
512 |
|
||||
513 | return user |
|
513 | return user | |
514 |
|
514 | |||
515 | def has_perm(self, user, perm): |
|
515 | def has_perm(self, user, perm): |
@@ -430,6 +430,11 b' class TestPermissions(unittest.TestCase)' | |||||
430 | username=u'u1', password=u'qweqwe', |
|
430 | username=u'u1', password=u'qweqwe', | |
431 | email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1' |
|
431 | email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1' | |
432 | ) |
|
432 | ) | |
|
433 | self.u2 = UserModel().create_or_update( | |||
|
434 | username=u'u2', password=u'qweqwe', | |||
|
435 | email=u'u2@rhodecode.org', name=u'u2', lastname=u'u2' | |||
|
436 | ) | |||
|
437 | self.anon = User.get_by_username('default') | |||
433 | self.a1 = UserModel().create_or_update( |
|
438 | self.a1 = UserModel().create_or_update( | |
434 | username=u'a1', password=u'qweqwe', |
|
439 | username=u'a1', password=u'qweqwe', | |
435 | email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True |
|
440 | email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True | |
@@ -437,7 +442,10 b' class TestPermissions(unittest.TestCase)' | |||||
437 | Session.commit() |
|
442 | Session.commit() | |
438 |
|
443 | |||
439 | def tearDown(self): |
|
444 | def tearDown(self): | |
|
445 | if hasattr(self, 'test_repo'): | |||
|
446 | RepoModel().delete(repo=self.test_repo) | |||
440 | UserModel().delete(self.u1) |
|
447 | UserModel().delete(self.u1) | |
|
448 | UserModel().delete(self.u2) | |||
441 | UserModel().delete(self.a1) |
|
449 | UserModel().delete(self.a1) | |
442 | if hasattr(self, 'g1'): |
|
450 | if hasattr(self, 'g1'): | |
443 | ReposGroupModel().delete(self.g1.group_id) |
|
451 | ReposGroupModel().delete(self.g1.group_id) | |
@@ -578,3 +586,75 b' class TestPermissions(unittest.TestCase)' | |||||
578 | new_perm_h) |
|
586 | new_perm_h) | |
579 | self.assertEqual(u1_auth.permissions['repositories_groups'], |
|
587 | self.assertEqual(u1_auth.permissions['repositories_groups'], | |
580 | perms['repositories_groups']) |
|
588 | perms['repositories_groups']) | |
|
589 | ||||
|
590 | def test_repo_in_group_permissions(self): | |||
|
591 | self.g1 = _make_group('group1', skip_if_exists=True) | |||
|
592 | self.g2 = _make_group('group2', skip_if_exists=True) | |||
|
593 | Session.commit() | |||
|
594 | # both perms should be read ! | |||
|
595 | u1_auth = AuthUser(user_id=self.u1.user_id) | |||
|
596 | self.assertEqual(u1_auth.permissions['repositories_groups'], | |||
|
597 | {u'group1': u'group.read', u'group2': u'group.read'}) | |||
|
598 | ||||
|
599 | a1_auth = AuthUser(user_id=self.anon.user_id) | |||
|
600 | self.assertEqual(a1_auth.permissions['repositories_groups'], | |||
|
601 | {u'group1': u'group.read', u'group2': u'group.read'}) | |||
|
602 | ||||
|
603 | #Change perms to none for both groups | |||
|
604 | ReposGroupModel().grant_user_permission(repos_group=self.g1, | |||
|
605 | user=self.anon, | |||
|
606 | perm='group.none') | |||
|
607 | ReposGroupModel().grant_user_permission(repos_group=self.g2, | |||
|
608 | user=self.anon, | |||
|
609 | perm='group.none') | |||
|
610 | ||||
|
611 | u1_auth = AuthUser(user_id=self.u1.user_id) | |||
|
612 | self.assertEqual(u1_auth.permissions['repositories_groups'], | |||
|
613 | {u'group1': u'group.none', u'group2': u'group.none'}) | |||
|
614 | ||||
|
615 | a1_auth = AuthUser(user_id=self.anon.user_id) | |||
|
616 | self.assertEqual(a1_auth.permissions['repositories_groups'], | |||
|
617 | {u'group1': u'group.none', u'group2': u'group.none'}) | |||
|
618 | ||||
|
619 | # add repo to group | |||
|
620 | form_data = { | |||
|
621 | 'repo_name':HG_REPO, | |||
|
622 | 'repo_name_full':os.path.join(self.g1.group_name,HG_REPO), | |||
|
623 | 'repo_type':'hg', | |||
|
624 | 'clone_uri':'', | |||
|
625 | 'repo_group':self.g1.group_id, | |||
|
626 | 'description':'desc', | |||
|
627 | 'private':False | |||
|
628 | } | |||
|
629 | self.test_repo = RepoModel().create(form_data, cur_user=self.u1) | |||
|
630 | Session.commit() | |||
|
631 | ||||
|
632 | u1_auth = AuthUser(user_id=self.u1.user_id) | |||
|
633 | self.assertEqual(u1_auth.permissions['repositories_groups'], | |||
|
634 | {u'group1': u'group.none', u'group2': u'group.none'}) | |||
|
635 | ||||
|
636 | a1_auth = AuthUser(user_id=self.anon.user_id) | |||
|
637 | self.assertEqual(a1_auth.permissions['repositories_groups'], | |||
|
638 | {u'group1': u'group.none', u'group2': u'group.none'}) | |||
|
639 | ||||
|
640 | #grant permission for u2 ! | |||
|
641 | ReposGroupModel().grant_user_permission(repos_group=self.g1, | |||
|
642 | user=self.u2, | |||
|
643 | perm='group.read') | |||
|
644 | ReposGroupModel().grant_user_permission(repos_group=self.g2, | |||
|
645 | user=self.u2, | |||
|
646 | perm='group.read') | |||
|
647 | Session.commit() | |||
|
648 | self.assertNotEqual(self.u1, self.u2) | |||
|
649 | #u1 and anon should have not change perms while u2 should ! | |||
|
650 | u1_auth = AuthUser(user_id=self.u1.user_id) | |||
|
651 | self.assertEqual(u1_auth.permissions['repositories_groups'], | |||
|
652 | {u'group1': u'group.none', u'group2': u'group.none'}) | |||
|
653 | ||||
|
654 | u2_auth = AuthUser(user_id=self.u2.user_id) | |||
|
655 | self.assertEqual(u2_auth.permissions['repositories_groups'], | |||
|
656 | {u'group1': u'group.read', u'group2': u'group.read'}) | |||
|
657 | ||||
|
658 | a1_auth = AuthUser(user_id=self.anon.user_id) | |||
|
659 | self.assertEqual(a1_auth.permissions['repositories_groups'], | |||
|
660 | {u'group1': u'group.none', u'group2': u'group.none'}) |
General Comments 0
You need to be logged in to leave comments.
Login now