##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

API: update_user returns new updated user data
marcink -
r2507:374693af beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,753 +1,764 b''
1 .. _api:
1 .. _api:
2
2
3 ===
3 ===
4 API
4 API
5 ===
5 ===
6
6
7
7
8 Starting from RhodeCode version 1.2 a simple API was implemented.
8 Starting from RhodeCode version 1.2 a simple API was implemented.
9 There's a single schema for calling all api methods. API is implemented
9 There's a single schema for calling all api methods. API is implemented
10 with JSON protocol both ways. An url to send API request in RhodeCode is
10 with JSON protocol both ways. An url to send API request in RhodeCode is
11 <your_server>/_admin/api
11 <your_server>/_admin/api
12
12
13 API ACCESS FOR WEB VIEWS
13 API ACCESS FOR WEB VIEWS
14 ++++++++++++++++++++++++
14 ++++++++++++++++++++++++
15
15
16 API access can also be turned on for each web view in RhodeCode that is
16 API access can also be turned on for each web view in RhodeCode that is
17 decorated with `@LoginRequired` decorator. To enable API access simple change
17 decorated with `@LoginRequired` decorator. To enable API access simple change
18 the standard login decorator to `@LoginRequired(api_access=True)`.
18 the standard login decorator to `@LoginRequired(api_access=True)`.
19 After this change, a rhodecode view can be accessed without login by adding a
19 After this change, a rhodecode view can be accessed without login by adding a
20 GET parameter `?api_key=<api_key>` to url. By default this is only
20 GET parameter `?api_key=<api_key>` to url. By default this is only
21 enabled on RSS/ATOM feed views.
21 enabled on RSS/ATOM feed views.
22
22
23
23
24 API ACCESS
24 API ACCESS
25 ++++++++++
25 ++++++++++
26
26
27 All clients are required to send JSON-RPC spec JSON data::
27 All clients are required to send JSON-RPC spec JSON data::
28
28
29 {
29 {
30 "id:"<id>",
30 "id:"<id>",
31 "api_key":"<api_key>",
31 "api_key":"<api_key>",
32 "method":"<method_name>",
32 "method":"<method_name>",
33 "args":{"<arg_key>":"<arg_val>"}
33 "args":{"<arg_key>":"<arg_val>"}
34 }
34 }
35
35
36 Example call for autopulling remotes repos using curl::
36 Example call for autopulling remotes repos using curl::
37 curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"id":1,"api_key":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull","args":{"repo":"CPython"}}'
37 curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"id":1,"api_key":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull","args":{"repo":"CPython"}}'
38
38
39 Simply provide
39 Simply provide
40 - *id* A value of any type, which is used to match the response with the request that it is replying to.
40 - *id* A value of any type, which is used to match the response with the request that it is replying to.
41 - *api_key* for access and permission validation.
41 - *api_key* for access and permission validation.
42 - *method* is name of method to call
42 - *method* is name of method to call
43 - *args* is an key:value list of arguments to pass to method
43 - *args* is an key:value list of arguments to pass to method
44
44
45 .. note::
45 .. note::
46
46
47 api_key can be found in your user account page
47 api_key can be found in your user account page
48
48
49
49
50 RhodeCode API will return always a JSON-RPC response::
50 RhodeCode API will return always a JSON-RPC response::
51
51
52 {
52 {
53 "id":<id>, # matching id sent by request
53 "id":<id>, # matching id sent by request
54 "result": "<result>"|null, # JSON formatted result, null if any errors
54 "result": "<result>"|null, # JSON formatted result, null if any errors
55 "error": "null"|<error_message> # JSON formatted error (if any)
55 "error": "null"|<error_message> # JSON formatted error (if any)
56 }
56 }
57
57
58 All responses from API will be `HTTP/1.0 200 OK`, if there's an error while
58 All responses from API will be `HTTP/1.0 200 OK`, if there's an error while
59 calling api *error* key from response will contain failure description
59 calling api *error* key from response will contain failure description
60 and result will be null.
60 and result will be null.
61
61
62
62
63 API CLIENT
63 API CLIENT
64 ++++++++++
64 ++++++++++
65
65
66 From version 1.4 RhodeCode adds a binary script that allows to easily
66 From version 1.4 RhodeCode adds a binary script that allows to easily
67 communicate with API. After installing RhodeCode a `rhodecode-api` script
67 communicate with API. After installing RhodeCode a `rhodecode-api` script
68 will be available.
68 will be available.
69
69
70 To get started quickly simply run::
70 To get started quickly simply run::
71
71
72 rhodecode-api _create_config --apikey=<youapikey> --apihost=<rhodecode host>
72 rhodecode-api _create_config --apikey=<youapikey> --apihost=<rhodecode host>
73
73
74 This will create a file named .config in the directory you executed it storing
74 This will create a file named .config in the directory you executed it storing
75 json config file with credentials. You can skip this step and always provide
75 json config file with credentials. You can skip this step and always provide
76 both of the arguments to be able to communicate with server
76 both of the arguments to be able to communicate with server
77
77
78
78
79 after that simply run any api command for example get_repo::
79 after that simply run any api command for example get_repo::
80
80
81 rhodecode-api get_repo
81 rhodecode-api get_repo
82
82
83 calling {"api_key": "<apikey>", "id": 75, "args": {}, "method": "get_repo"} to http://127.0.0.1:5000
83 calling {"api_key": "<apikey>", "id": 75, "args": {}, "method": "get_repo"} to http://127.0.0.1:5000
84 rhodecode said:
84 rhodecode said:
85 {'error': 'Missing non optional `repoid` arg in JSON DATA',
85 {'error': 'Missing non optional `repoid` arg in JSON DATA',
86 'id': 75,
86 'id': 75,
87 'result': None}
87 'result': None}
88
88
89 Ups looks like we forgot to add an argument
89 Ups looks like we forgot to add an argument
90
90
91 Let's try again now giving the repoid as parameters::
91 Let's try again now giving the repoid as parameters::
92
92
93 rhodecode-api get_repo repoid:rhodecode
93 rhodecode-api get_repo repoid:rhodecode
94
94
95 calling {"api_key": "<apikey>", "id": 39, "args": {"repoid": "rhodecode"}, "method": "get_repo"} to http://127.0.0.1:5000
95 calling {"api_key": "<apikey>", "id": 39, "args": {"repoid": "rhodecode"}, "method": "get_repo"} to http://127.0.0.1:5000
96 rhodecode said:
96 rhodecode said:
97 {'error': None,
97 {'error': None,
98 'id': 39,
98 'id': 39,
99 'result': <json data...>}
99 'result': <json data...>}
100
100
101
101
102
102
103 API METHODS
103 API METHODS
104 +++++++++++
104 +++++++++++
105
105
106
106
107 pull
107 pull
108 ----
108 ----
109
109
110 Pulls given repo from remote location. Can be used to automatically keep
110 Pulls given repo from remote location. Can be used to automatically keep
111 remote repos up to date. This command can be executed only using api_key
111 remote repos up to date. This command can be executed only using api_key
112 belonging to user with admin rights
112 belonging to user with admin rights
113
113
114 INPUT::
114 INPUT::
115
115
116 id : <id_for_response>
116 id : <id_for_response>
117 api_key : "<api_key>"
117 api_key : "<api_key>"
118 method : "pull"
118 method : "pull"
119 args : {
119 args : {
120 "repo_name" : "<reponame>"
120 "repo_name" : "<reponame>"
121 }
121 }
122
122
123 OUTPUT::
123 OUTPUT::
124
124
125 result : "Pulled from <reponame>"
125 result : "Pulled from <reponame>"
126 error : null
126 error : null
127
127
128
128
129 get_user
129 get_user
130 --------
130 --------
131
131
132 Get's an user by username or user_id, Returns empty result if user is not found.
132 Get's an user by username or user_id, Returns empty result if user is not found.
133 This command can be executed only using api_key belonging to user with admin
133 This command can be executed only using api_key belonging to user with admin
134 rights.
134 rights.
135
135
136
136
137 INPUT::
137 INPUT::
138
138
139 id : <id_for_response>
139 id : <id_for_response>
140 api_key : "<api_key>"
140 api_key : "<api_key>"
141 method : "get_user"
141 method : "get_user"
142 args : {
142 args : {
143 "userid" : "<username or user_id>"
143 "userid" : "<username or user_id>"
144 }
144 }
145
145
146 OUTPUT::
146 OUTPUT::
147
147
148 result: None if user does not exist or
148 result: None if user does not exist or
149 {
149 {
150 "id" : "<id>",
150 "id" : "<id>",
151 "username" : "<username>",
151 "username" : "<username>",
152 "firstname": "<firstname>",
152 "firstname": "<firstname>",
153 "lastname" : "<lastname>",
153 "lastname" : "<lastname>",
154 "email" : "<email>",
154 "email" : "<email>",
155 "emails": "<list_of_all_additional_emails>",
155 "emails": "<list_of_all_additional_emails>",
156 "active" : "<bool>",
156 "active" : "<bool>",
157 "admin" :Β  "<bool>",
157 "admin" :Β  "<bool>",
158 "ldap_dn" : "<ldap_dn>",
158 "ldap_dn" : "<ldap_dn>",
159 "last_login": "<last_login>",
159 "last_login": "<last_login>",
160 "permissions": {
160 "permissions": {
161 "global": ["hg.create.repository",
161 "global": ["hg.create.repository",
162 "repository.read",
162 "repository.read",
163 "hg.register.manual_activate"],
163 "hg.register.manual_activate"],
164 "repositories": {"repo1": "repository.none"},
164 "repositories": {"repo1": "repository.none"},
165 "repositories_groups": {"Group1": "group.read"}
165 "repositories_groups": {"Group1": "group.read"}
166 },
166 },
167 }
167 }
168
168
169 error: null
169 error: null
170
170
171
171
172 get_users
172 get_users
173 ---------
173 ---------
174
174
175 Lists all existing users. This command can be executed only using api_key
175 Lists all existing users. This command can be executed only using api_key
176 belonging to user with admin rights.
176 belonging to user with admin rights.
177
177
178
178
179 INPUT::
179 INPUT::
180
180
181 id : <id_for_response>
181 id : <id_for_response>
182 api_key : "<api_key>"
182 api_key : "<api_key>"
183 method : "get_users"
183 method : "get_users"
184 args : { }
184 args : { }
185
185
186 OUTPUT::
186 OUTPUT::
187
187
188 result: [
188 result: [
189 {
189 {
190 "id" : "<id>",
190 "id" : "<id>",
191 "username" : "<username>",
191 "username" : "<username>",
192 "firstname": "<firstname>",
192 "firstname": "<firstname>",
193 "lastname" : "<lastname>",
193 "lastname" : "<lastname>",
194 "email" : "<email>",
194 "email" : "<email>",
195 "active" : "<bool>",
195 "active" : "<bool>",
196 "admin" :Β  "<bool>",
196 "admin" :Β  "<bool>",
197 "ldap_dn" : "<ldap_dn>",
197 "ldap_dn" : "<ldap_dn>",
198 "last_login": "<last_login>",
198 "last_login": "<last_login>",
199 },
199 },
200 …
200 …
201 ]
201 ]
202 error: null
202 error: null
203
203
204
204
205 create_user
205 create_user
206 -----------
206 -----------
207
207
208 Creates new user. This command can
208 Creates new user. This command can
209 be executed only using api_key belonging to user with admin rights.
209 be executed only using api_key belonging to user with admin rights.
210
210
211
211
212 INPUT::
212 INPUT::
213
213
214 id : <id_for_response>
214 id : <id_for_response>
215 api_key : "<api_key>"
215 api_key : "<api_key>"
216 method : "create_user"
216 method : "create_user"
217 args : {
217 args : {
218 "username" : "<username>",
218 "username" : "<username>",
219 "password" : "<password>",
219 "password" : "<password>",
220 "email" : "<useremail>",
220 "email" : "<useremail>",
221 "firstname" : "<firstname> = None",
221 "firstname" : "<firstname> = None",
222 "lastname" : "<lastname> = None",
222 "lastname" : "<lastname> = None",
223 "active" : "<bool> = True",
223 "active" : "<bool> = True",
224 "admin" : "<bool> = False",
224 "admin" : "<bool> = False",
225 "ldap_dn" : "<ldap_dn> = None"
225 "ldap_dn" : "<ldap_dn> = None"
226 }
226 }
227
227
228 OUTPUT::
228 OUTPUT::
229
229
230 result: {
230 result: {
231 "id" : "<new_user_id>",
231 "id" : "<new_user_id>",
232 "msg" : "created new user <username>",
232 "msg" : "created new user <username>",
233 "user": {
233 "user": {
234 "id" : "<id>",
234 "id" : "<id>",
235 "username" : "<username>",
235 "username" : "<username>",
236 "firstname": "<firstname>",
236 "firstname": "<firstname>",
237 "lastname" : "<lastname>",
237 "lastname" : "<lastname>",
238 "email" : "<email>",
238 "email" : "<email>",
239 "active" : "<bool>",
239 "active" : "<bool>",
240 "admin" :Β  "<bool>",
240 "admin" :Β  "<bool>",
241 "ldap_dn" : "<ldap_dn>",
241 "ldap_dn" : "<ldap_dn>",
242 "last_login": "<last_login>",
242 "last_login": "<last_login>",
243 },
243 },
244 }
244 }
245 error: null
245 error: null
246
246
247
247
248 update_user
248 update_user
249 -----------
249 -----------
250
250
251 updates given user if such user exists. This command can
251 updates given user if such user exists. This command can
252 be executed only using api_key belonging to user with admin rights.
252 be executed only using api_key belonging to user with admin rights.
253
253
254
254
255 INPUT::
255 INPUT::
256
256
257 id : <id_for_response>
257 id : <id_for_response>
258 api_key : "<api_key>"
258 api_key : "<api_key>"
259 method : "update_user"
259 method : "update_user"
260 args : {
260 args : {
261 "userid" : "<user_id or username>",
261 "userid" : "<user_id or username>",
262 "username" : "<username>",
262 "username" : "<username>",
263 "password" : "<password>",
263 "password" : "<password>",
264 "email" : "<useremail>",
264 "email" : "<useremail>",
265 "firstname" : "<firstname>",
265 "firstname" : "<firstname>",
266 "lastname" : "<lastname>",
266 "lastname" : "<lastname>",
267 "active" : "<bool>",
267 "active" : "<bool>",
268 "admin" : "<bool>",
268 "admin" : "<bool>",
269 "ldap_dn" : "<ldap_dn>"
269 "ldap_dn" : "<ldap_dn>"
270 }
270 }
271
271
272 OUTPUT::
272 OUTPUT::
273
273
274 result: {
274 result: {
275 "id" : "<edited_user_id>",
275 "id" : "<edited_user_id>",
276 "msg" : "updated user ID:<userid> <username>"
276 "msg" : "updated user ID:<userid> <username>",
277 "user": {
278 "id" : "<id>",
279 "username" : "<username>",
280 "firstname": "<firstname>",
281 "lastname" : "<lastname>",
282 "email" : "<email>",
283 "active" : "<bool>",
284 "admin" :Β  "<bool>",
285 "ldap_dn" : "<ldap_dn>",
286 "last_login": "<last_login>",
287 },
277 }
288 }
278 error: null
289 error: null
279
290
280
291
281 delete_user
292 delete_user
282 -----------
293 -----------
283
294
284
295
285 deletes givenuser if such user exists. This command can
296 deletes givenuser if such user exists. This command can
286 be executed only using api_key belonging to user with admin rights.
297 be executed only using api_key belonging to user with admin rights.
287
298
288
299
289 INPUT::
300 INPUT::
290
301
291 id : <id_for_response>
302 id : <id_for_response>
292 api_key : "<api_key>"
303 api_key : "<api_key>"
293 method : "delete_user"
304 method : "delete_user"
294 args : {
305 args : {
295 "userid" : "<user_id or username>",
306 "userid" : "<user_id or username>",
296 }
307 }
297
308
298 OUTPUT::
309 OUTPUT::
299
310
300 result: {
311 result: {
301 "id" : "<edited_user_id>",
312 "id" : "<edited_user_id>",
302 "msg" : "deleted user ID:<userid> <username>"
313 "msg" : "deleted user ID:<userid> <username>"
303 }
314 }
304 error: null
315 error: null
305
316
306
317
307 get_users_group
318 get_users_group
308 ---------------
319 ---------------
309
320
310 Gets an existing users group. This command can be executed only using api_key
321 Gets an existing users group. This command can be executed only using api_key
311 belonging to user with admin rights.
322 belonging to user with admin rights.
312
323
313
324
314 INPUT::
325 INPUT::
315
326
316 id : <id_for_response>
327 id : <id_for_response>
317 api_key : "<api_key>"
328 api_key : "<api_key>"
318 method : "get_users_group"
329 method : "get_users_group"
319 args : {
330 args : {
320 "group_name" : "<name>"
331 "group_name" : "<name>"
321 }
332 }
322
333
323 OUTPUT::
334 OUTPUT::
324
335
325 result : None if group not exist
336 result : None if group not exist
326 {
337 {
327 "id" : "<id>",
338 "id" : "<id>",
328 "group_name" : "<groupname>",
339 "group_name" : "<groupname>",
329 "active": "<bool>",
340 "active": "<bool>",
330 "members" : [
341 "members" : [
331 { "id" : "<userid>",
342 { "id" : "<userid>",
332 "username" : "<username>",
343 "username" : "<username>",
333 "firstname": "<firstname>",
344 "firstname": "<firstname>",
334 "lastname" : "<lastname>",
345 "lastname" : "<lastname>",
335 "email" : "<email>",
346 "email" : "<email>",
336 "active" : "<bool>",
347 "active" : "<bool>",
337 "admin" :Β  "<bool>",
348 "admin" :Β  "<bool>",
338 "ldap" : "<ldap_dn>"
349 "ldap" : "<ldap_dn>"
339 },
350 },
340 …
351 …
341 ]
352 ]
342 }
353 }
343 error : null
354 error : null
344
355
345
356
346 get_users_groups
357 get_users_groups
347 ----------------
358 ----------------
348
359
349 Lists all existing users groups. This command can be executed only using
360 Lists all existing users groups. This command can be executed only using
350 api_key belonging to user with admin rights.
361 api_key belonging to user with admin rights.
351
362
352
363
353 INPUT::
364 INPUT::
354
365
355 id : <id_for_response>
366 id : <id_for_response>
356 api_key : "<api_key>"
367 api_key : "<api_key>"
357 method : "get_users_groups"
368 method : "get_users_groups"
358 args : { }
369 args : { }
359
370
360 OUTPUT::
371 OUTPUT::
361
372
362 result : [
373 result : [
363 {
374 {
364 "id" : "<id>",
375 "id" : "<id>",
365 "group_name" : "<groupname>",
376 "group_name" : "<groupname>",
366 "active": "<bool>",
377 "active": "<bool>",
367 "members" : [
378 "members" : [
368 {
379 {
369 "id" : "<userid>",
380 "id" : "<userid>",
370 "username" : "<username>",
381 "username" : "<username>",
371 "firstname": "<firstname>",
382 "firstname": "<firstname>",
372 "lastname" : "<lastname>",
383 "lastname" : "<lastname>",
373 "email" : "<email>",
384 "email" : "<email>",
374 "active" : "<bool>",
385 "active" : "<bool>",
375 "admin" :Β  "<bool>",
386 "admin" :Β  "<bool>",
376 "ldap" : "<ldap_dn>"
387 "ldap" : "<ldap_dn>"
377 },
388 },
378 …
389 …
379 ]
390 ]
380 }
391 }
381 ]
392 ]
382 error : null
393 error : null
383
394
384
395
385 create_users_group
396 create_users_group
386 ------------------
397 ------------------
387
398
388 Creates new users group. This command can be executed only using api_key
399 Creates new users group. This command can be executed only using api_key
389 belonging to user with admin rights
400 belonging to user with admin rights
390
401
391
402
392 INPUT::
403 INPUT::
393
404
394 id : <id_for_response>
405 id : <id_for_response>
395 api_key : "<api_key>"
406 api_key : "<api_key>"
396 method : "create_users_group"
407 method : "create_users_group"
397 args: {
408 args: {
398 "group_name": "<groupname>",
409 "group_name": "<groupname>",
399 "active":"<bool> = True"
410 "active":"<bool> = True"
400 }
411 }
401
412
402 OUTPUT::
413 OUTPUT::
403
414
404 result: {
415 result: {
405 "id": "<newusersgroupid>",
416 "id": "<newusersgroupid>",
406 "msg": "created new users group <groupname>"
417 "msg": "created new users group <groupname>"
407 }
418 }
408 error: null
419 error: null
409
420
410
421
411 add_user_to_users_group
422 add_user_to_users_group
412 -----------------------
423 -----------------------
413
424
414 Adds a user to a users group. If user exists in that group success will be
425 Adds a user to a users group. If user exists in that group success will be
415 `false`. This command can be executed only using api_key
426 `false`. This command can be executed only using api_key
416 belonging to user with admin rights
427 belonging to user with admin rights
417
428
418
429
419 INPUT::
430 INPUT::
420
431
421 id : <id_for_response>
432 id : <id_for_response>
422 api_key : "<api_key>"
433 api_key : "<api_key>"
423 method : "add_user_users_group"
434 method : "add_user_users_group"
424 args: {
435 args: {
425 "group_name" : "<groupname>",
436 "group_name" : "<groupname>",
426 "username" : "<username>"
437 "username" : "<username>"
427 }
438 }
428
439
429 OUTPUT::
440 OUTPUT::
430
441
431 result: {
442 result: {
432 "id": "<newusersgroupmemberid>",
443 "id": "<newusersgroupmemberid>",
433 "success": True|False # depends on if member is in group
444 "success": True|False # depends on if member is in group
434 "msg": "added member <username> to users group <groupname> |
445 "msg": "added member <username> to users group <groupname> |
435 User is already in that group"
446 User is already in that group"
436 }
447 }
437 error: null
448 error: null
438
449
439
450
440 remove_user_from_users_group
451 remove_user_from_users_group
441 ----------------------------
452 ----------------------------
442
453
443 Removes a user from a users group. If user is not in given group success will
454 Removes a user from a users group. If user is not in given group success will
444 be `false`. This command can be executed only
455 be `false`. This command can be executed only
445 using api_key belonging to user with admin rights
456 using api_key belonging to user with admin rights
446
457
447
458
448 INPUT::
459 INPUT::
449
460
450 id : <id_for_response>
461 id : <id_for_response>
451 api_key : "<api_key>"
462 api_key : "<api_key>"
452 method : "remove_user_from_users_group"
463 method : "remove_user_from_users_group"
453 args: {
464 args: {
454 "group_name" : "<groupname>",
465 "group_name" : "<groupname>",
455 "username" : "<username>"
466 "username" : "<username>"
456 }
467 }
457
468
458 OUTPUT::
469 OUTPUT::
459
470
460 result: {
471 result: {
461 "success": True|False, # depends on if member is in group
472 "success": True|False, # depends on if member is in group
462 "msg": "removed member <username> from users group <groupname> |
473 "msg": "removed member <username> from users group <groupname> |
463 User wasn't in group"
474 User wasn't in group"
464 }
475 }
465 error: null
476 error: null
466
477
467
478
468 get_repo
479 get_repo
469 --------
480 --------
470
481
471 Gets an existing repository by it's name or repository_id. Members will return
482 Gets an existing repository by it's name or repository_id. Members will return
472 either users_group or user associated to that repository. This command can
483 either users_group or user associated to that repository. This command can
473 be executed only using api_key belonging to user with admin rights.
484 be executed only using api_key belonging to user with admin rights.
474
485
475
486
476 INPUT::
487 INPUT::
477
488
478 id : <id_for_response>
489 id : <id_for_response>
479 api_key : "<api_key>"
490 api_key : "<api_key>"
480 method : "get_repo"
491 method : "get_repo"
481 args: {
492 args: {
482 "repoid" : "<reponame or repo_id>"
493 "repoid" : "<reponame or repo_id>"
483 }
494 }
484
495
485 OUTPUT::
496 OUTPUT::
486
497
487 result: None if repository does not exist or
498 result: None if repository does not exist or
488 {
499 {
489 "id" : "<id>",
500 "id" : "<id>",
490 "repo_name" : "<reponame>"
501 "repo_name" : "<reponame>"
491 "type" : "<type>",
502 "type" : "<type>",
492 "description" : "<description>",
503 "description" : "<description>",
493 "clone_uri" : "<clone_uri>",
504 "clone_uri" : "<clone_uri>",
494 "private": : "<bool>",
505 "private": : "<bool>",
495 "created_on" : "<datetimecreated>",
506 "created_on" : "<datetimecreated>",
496 "members" : [
507 "members" : [
497 {
508 {
498 "type": "user",
509 "type": "user",
499 "id" : "<userid>",
510 "id" : "<userid>",
500 "username" : "<username>",
511 "username" : "<username>",
501 "firstname": "<firstname>",
512 "firstname": "<firstname>",
502 "lastname" : "<lastname>",
513 "lastname" : "<lastname>",
503 "email" : "<email>",
514 "email" : "<email>",
504 "active" : "<bool>",
515 "active" : "<bool>",
505 "admin" :Β  "<bool>",
516 "admin" :Β  "<bool>",
506 "ldap" : "<ldap_dn>",
517 "ldap" : "<ldap_dn>",
507 "permission" : "repository.(read|write|admin)"
518 "permission" : "repository.(read|write|admin)"
508 },
519 },
509 …
520 …
510 {
521 {
511 "type": "users_group",
522 "type": "users_group",
512 "id" : "<usersgroupid>",
523 "id" : "<usersgroupid>",
513 "name" : "<usersgroupname>",
524 "name" : "<usersgroupname>",
514 "active": "<bool>",
525 "active": "<bool>",
515 "permission" : "repository.(read|write|admin)"
526 "permission" : "repository.(read|write|admin)"
516 },
527 },
517 …
528 …
518 ]
529 ]
519 }
530 }
520 error: null
531 error: null
521
532
522
533
523 get_repos
534 get_repos
524 ---------
535 ---------
525
536
526 Lists all existing repositories. This command can be executed only using api_key
537 Lists all existing repositories. This command can be executed only using api_key
527 belonging to user with admin rights
538 belonging to user with admin rights
528
539
529
540
530 INPUT::
541 INPUT::
531
542
532 id : <id_for_response>
543 id : <id_for_response>
533 api_key : "<api_key>"
544 api_key : "<api_key>"
534 method : "get_repos"
545 method : "get_repos"
535 args: { }
546 args: { }
536
547
537 OUTPUT::
548 OUTPUT::
538
549
539 result: [
550 result: [
540 {
551 {
541 "id" : "<id>",
552 "id" : "<id>",
542 "repo_name" : "<reponame>"
553 "repo_name" : "<reponame>"
543 "type" : "<type>",
554 "type" : "<type>",
544 "description" : "<description>",
555 "description" : "<description>",
545 "clone_uri" : "<clone_uri>",
556 "clone_uri" : "<clone_uri>",
546 "private": : "<bool>",
557 "private": : "<bool>",
547 "created_on" : "<datetimecreated>",
558 "created_on" : "<datetimecreated>",
548 },
559 },
549 …
560 …
550 ]
561 ]
551 error: null
562 error: null
552
563
553
564
554 get_repo_nodes
565 get_repo_nodes
555 --------------
566 --------------
556
567
557 returns a list of nodes and it's children in a flat list for a given path
568 returns a list of nodes and it's children in a flat list for a given path
558 at given revision. It's possible to specify ret_type to show only `files` or
569 at given revision. It's possible to specify ret_type to show only `files` or
559 `dirs`. This command can be executed only using api_key belonging to user
570 `dirs`. This command can be executed only using api_key belonging to user
560 with admin rights
571 with admin rights
561
572
562
573
563 INPUT::
574 INPUT::
564
575
565 id : <id_for_response>
576 id : <id_for_response>
566 api_key : "<api_key>"
577 api_key : "<api_key>"
567 method : "get_repo_nodes"
578 method : "get_repo_nodes"
568 args: {
579 args: {
569 "repo_name" : "<reponame>",
580 "repo_name" : "<reponame>",
570 "revision" : "<revision>",
581 "revision" : "<revision>",
571 "root_path" : "<root_path>",
582 "root_path" : "<root_path>",
572 "ret_type" : "<ret_type>" = 'all'
583 "ret_type" : "<ret_type>" = 'all'
573 }
584 }
574
585
575 OUTPUT::
586 OUTPUT::
576
587
577 result: [
588 result: [
578 {
589 {
579 "name" : "<name>"
590 "name" : "<name>"
580 "type" : "<type>",
591 "type" : "<type>",
581 },
592 },
582 …
593 …
583 ]
594 ]
584 error: null
595 error: null
585
596
586
597
587 create_repo
598 create_repo
588 -----------
599 -----------
589
600
590 Creates a repository. This command can be executed only using api_key
601 Creates a repository. This command can be executed only using api_key
591 belonging to user with admin rights.
602 belonging to user with admin rights.
592 If repository name contains "/", all needed repository groups will be created.
603 If repository name contains "/", all needed repository groups will be created.
593 For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),
604 For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),
594 and create "baz" repository with "bar" as group.
605 and create "baz" repository with "bar" as group.
595
606
596
607
597 INPUT::
608 INPUT::
598
609
599 id : <id_for_response>
610 id : <id_for_response>
600 api_key : "<api_key>"
611 api_key : "<api_key>"
601 method : "create_repo"
612 method : "create_repo"
602 args: {
613 args: {
603 "repo_name" : "<reponame>",
614 "repo_name" : "<reponame>",
604 "owner_name" : "<ownername>",
615 "owner_name" : "<ownername>",
605 "description" : "<description> = ''",
616 "description" : "<description> = ''",
606 "repo_type" : "<type> = 'hg'",
617 "repo_type" : "<type> = 'hg'",
607 "private" : "<bool> = False",
618 "private" : "<bool> = False",
608 "clone_uri" : "<clone_uri> = None",
619 "clone_uri" : "<clone_uri> = None",
609 }
620 }
610
621
611 OUTPUT::
622 OUTPUT::
612
623
613 result: {
624 result: {
614 "id": "<newrepoid>",
625 "id": "<newrepoid>",
615 "msg": "Created new repository <reponame>",
626 "msg": "Created new repository <reponame>",
616 "repo": {
627 "repo": {
617 "id" : "<id>",
628 "id" : "<id>",
618 "repo_name" : "<reponame>"
629 "repo_name" : "<reponame>"
619 "type" : "<type>",
630 "type" : "<type>",
620 "description" : "<description>",
631 "description" : "<description>",
621 "clone_uri" : "<clone_uri>",
632 "clone_uri" : "<clone_uri>",
622 "private": : "<bool>",
633 "private": : "<bool>",
623 "created_on" : "<datetimecreated>",
634 "created_on" : "<datetimecreated>",
624 },
635 },
625 }
636 }
626 error: null
637 error: null
627
638
628
639
629 delete_repo
640 delete_repo
630 -----------
641 -----------
631
642
632 Deletes a repository. This command can be executed only using api_key
643 Deletes a repository. This command can be executed only using api_key
633 belonging to user with admin rights.
644 belonging to user with admin rights.
634
645
635
646
636 INPUT::
647 INPUT::
637
648
638 id : <id_for_response>
649 id : <id_for_response>
639 api_key : "<api_key>"
650 api_key : "<api_key>"
640 method : "delete_repo"
651 method : "delete_repo"
641 args: {
652 args: {
642 "repo_name" : "<reponame>",
653 "repo_name" : "<reponame>",
643 }
654 }
644
655
645 OUTPUT::
656 OUTPUT::
646
657
647 result: {
658 result: {
648 "msg": "Deleted repository <reponame>",
659 "msg": "Deleted repository <reponame>",
649 }
660 }
650 error: null
661 error: null
651
662
652
663
653 grant_user_permission
664 grant_user_permission
654 ---------------------
665 ---------------------
655
666
656 Grant permission for user on given repository, or update existing one
667 Grant permission for user on given repository, or update existing one
657 if found. This command can be executed only using api_key belonging to user
668 if found. This command can be executed only using api_key belonging to user
658 with admin rights.
669 with admin rights.
659
670
660
671
661 INPUT::
672 INPUT::
662
673
663 id : <id_for_response>
674 id : <id_for_response>
664 api_key : "<api_key>"
675 api_key : "<api_key>"
665 method : "grant_user_permission"
676 method : "grant_user_permission"
666 args: {
677 args: {
667 "repo_name" : "<reponame>",
678 "repo_name" : "<reponame>",
668 "username" : "<username>",
679 "username" : "<username>",
669 "perm" : "(repository.(none|read|write|admin))",
680 "perm" : "(repository.(none|read|write|admin))",
670 }
681 }
671
682
672 OUTPUT::
683 OUTPUT::
673
684
674 result: {
685 result: {
675 "msg" : "Granted perm: <perm> for user: <username> in repo: <reponame>"
686 "msg" : "Granted perm: <perm> for user: <username> in repo: <reponame>"
676 }
687 }
677 error: null
688 error: null
678
689
679
690
680 revoke_user_permission
691 revoke_user_permission
681 ----------------------
692 ----------------------
682
693
683 Revoke permission for user on given repository. This command can be executed
694 Revoke permission for user on given repository. This command can be executed
684 only using api_key belonging to user with admin rights.
695 only using api_key belonging to user with admin rights.
685
696
686
697
687 INPUT::
698 INPUT::
688
699
689 id : <id_for_response>
700 id : <id_for_response>
690 api_key : "<api_key>"
701 api_key : "<api_key>"
691 method : "revoke_user_permission"
702 method : "revoke_user_permission"
692 args: {
703 args: {
693 "repo_name" : "<reponame>",
704 "repo_name" : "<reponame>",
694 "username" : "<username>",
705 "username" : "<username>",
695 }
706 }
696
707
697 OUTPUT::
708 OUTPUT::
698
709
699 result: {
710 result: {
700 "msg" : "Revoked perm for user: <suername> in repo: <reponame>"
711 "msg" : "Revoked perm for user: <suername> in repo: <reponame>"
701 }
712 }
702 error: null
713 error: null
703
714
704
715
705 grant_users_group_permission
716 grant_users_group_permission
706 ----------------------------
717 ----------------------------
707
718
708 Grant permission for users group on given repository, or update
719 Grant permission for users group on given repository, or update
709 existing one if found. This command can be executed only using
720 existing one if found. This command can be executed only using
710 api_key belonging to user with admin rights.
721 api_key belonging to user with admin rights.
711
722
712
723
713 INPUT::
724 INPUT::
714
725
715 id : <id_for_response>
726 id : <id_for_response>
716 api_key : "<api_key>"
727 api_key : "<api_key>"
717 method : "grant_users_group_permission"
728 method : "grant_users_group_permission"
718 args: {
729 args: {
719 "repo_name" : "<reponame>",
730 "repo_name" : "<reponame>",
720 "group_name" : "<usersgroupname>",
731 "group_name" : "<usersgroupname>",
721 "perm" : "(repository.(none|read|write|admin))",
732 "perm" : "(repository.(none|read|write|admin))",
722 }
733 }
723
734
724 OUTPUT::
735 OUTPUT::
725
736
726 result: {
737 result: {
727 "msg" : "Granted perm: <perm> for group: <usersgroupname> in repo: <reponame>"
738 "msg" : "Granted perm: <perm> for group: <usersgroupname> in repo: <reponame>"
728 }
739 }
729 error: null
740 error: null
730
741
731
742
732 revoke_users_group_permission
743 revoke_users_group_permission
733 -----------------------------
744 -----------------------------
734
745
735 Revoke permission for users group on given repository.This command can be
746 Revoke permission for users group on given repository.This command can be
736 executed only using api_key belonging to user with admin rights.
747 executed only using api_key belonging to user with admin rights.
737
748
738 INPUT::
749 INPUT::
739
750
740 id : <id_for_response>
751 id : <id_for_response>
741 api_key : "<api_key>"
752 api_key : "<api_key>"
742 method : "revoke_users_group_permission"
753 method : "revoke_users_group_permission"
743 args: {
754 args: {
744 "repo_name" : "<reponame>",
755 "repo_name" : "<reponame>",
745 "users_group" : "<usersgroupname>",
756 "users_group" : "<usersgroupname>",
746 }
757 }
747
758
748 OUTPUT::
759 OUTPUT::
749
760
750 result: {
761 result: {
751 "msg" : "Revoked perm for group: <usersgroupname> in repo: <reponame>"
762 "msg" : "Revoked perm for group: <usersgroupname> in repo: <reponame>"
752 }
763 }
753 error: null No newline at end of file
764 error: null
Show file before | Show file after | Hide comments
@@ -1,716 +1,727 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2 """
2 """
3 rhodecode.controllers.api
3 rhodecode.controllers.api
4 ~~~~~~~~~~~~~~~~~~~~~~~~~
4 ~~~~~~~~~~~~~~~~~~~~~~~~~
5
5
6 API controller for RhodeCode
6 API controller for RhodeCode
7
7
8 :created_on: Aug 20, 2011
8 :created_on: Aug 20, 2011
9 :author: marcink
9 :author: marcink
10 :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
10 :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
11 :license: GPLv3, see COPYING for more details.
11 :license: GPLv3, see COPYING for more details.
12 """
12 """
13 # This program is free software; you can redistribute it and/or
13 # This program is free software; you can redistribute it and/or
14 # modify it under the terms of the GNU General Public License
14 # modify it under the terms of the GNU General Public License
15 # as published by the Free Software Foundation; version 2
15 # as published by the Free Software Foundation; version 2
16 # of the License or (at your opinion) any later version of the license.
16 # of the License or (at your opinion) any later version of the license.
17 #
17 #
18 # This program is distributed in the hope that it will be useful,
18 # This program is distributed in the hope that it will be useful,
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 # GNU General Public License for more details.
21 # GNU General Public License for more details.
22 #
22 #
23 # You should have received a copy of the GNU General Public License
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
26 # MA 02110-1301, USA.
26 # MA 02110-1301, USA.
27
27
28 import traceback
28 import traceback
29 import logging
29 import logging
30
30
31 from rhodecode.controllers.api import JSONRPCController, JSONRPCError
31 from rhodecode.controllers.api import JSONRPCController, JSONRPCError
32 from rhodecode.lib.auth import HasPermissionAllDecorator, \
32 from rhodecode.lib.auth import HasPermissionAllDecorator, \
33 HasPermissionAnyDecorator, PasswordGenerator, AuthUser
33 HasPermissionAnyDecorator, PasswordGenerator, AuthUser
34
34
35 from rhodecode.model.meta import Session
35 from rhodecode.model.meta import Session
36 from rhodecode.model.scm import ScmModel
36 from rhodecode.model.scm import ScmModel
37 from rhodecode.model.db import User, UsersGroup, Repository
37 from rhodecode.model.db import User, UsersGroup, Repository
38 from rhodecode.model.repo import RepoModel
38 from rhodecode.model.repo import RepoModel
39 from rhodecode.model.user import UserModel
39 from rhodecode.model.user import UserModel
40 from rhodecode.model.users_group import UsersGroupModel
40 from rhodecode.model.users_group import UsersGroupModel
41 from rhodecode.lib.utils import map_groups
41 from rhodecode.lib.utils import map_groups
42
42
43 log = logging.getLogger(__name__)
43 log = logging.getLogger(__name__)
44
44
45
45
46 class ApiController(JSONRPCController):
46 class ApiController(JSONRPCController):
47 """
47 """
48 API Controller
48 API Controller
49
49
50
50
51 Each method needs to have USER as argument this is then based on given
51 Each method needs to have USER as argument this is then based on given
52 API_KEY propagated as instance of user object
52 API_KEY propagated as instance of user object
53
53
54 Preferably this should be first argument also
54 Preferably this should be first argument also
55
55
56
56
57 Each function should also **raise** JSONRPCError for any
57 Each function should also **raise** JSONRPCError for any
58 errors that happens
58 errors that happens
59
59
60 """
60 """
61
61
62 @HasPermissionAllDecorator('hg.admin')
62 @HasPermissionAllDecorator('hg.admin')
63 def pull(self, apiuser, repo_name):
63 def pull(self, apiuser, repo_name):
64 """
64 """
65 Dispatch pull action on given repo
65 Dispatch pull action on given repo
66
66
67
67
68 :param user:
68 :param user:
69 :param repo_name:
69 :param repo_name:
70 """
70 """
71
71
72 if Repository.is_valid(repo_name) is False:
72 if Repository.is_valid(repo_name) is False:
73 raise JSONRPCError('Unknown repo "%s"' % repo_name)
73 raise JSONRPCError('Unknown repo "%s"' % repo_name)
74
74
75 try:
75 try:
76 ScmModel().pull_changes(repo_name, self.rhodecode_user.username)
76 ScmModel().pull_changes(repo_name, self.rhodecode_user.username)
77 return 'Pulled from %s' % repo_name
77 return 'Pulled from %s' % repo_name
78 except Exception:
78 except Exception:
79 raise JSONRPCError('Unable to pull changes from "%s"' % repo_name)
79 raise JSONRPCError('Unable to pull changes from "%s"' % repo_name)
80
80
81 @HasPermissionAllDecorator('hg.admin')
81 @HasPermissionAllDecorator('hg.admin')
82 def get_user(self, apiuser, userid):
82 def get_user(self, apiuser, userid):
83 """"
83 """"
84 Get a user by username
84 Get a user by username
85
85
86 :param apiuser:
86 :param apiuser:
87 :param username:
87 :param username:
88 """
88 """
89
89
90 user = UserModel().get_user(userid)
90 user = UserModel().get_user(userid)
91 if user is None:
91 if user is None:
92 return user
92 return user
93
93
94 return dict(
94 return dict(
95 id=user.user_id,
95 id=user.user_id,
96 username=user.username,
96 username=user.username,
97 firstname=user.name,
97 firstname=user.name,
98 lastname=user.lastname,
98 lastname=user.lastname,
99 email=user.email,
99 email=user.email,
100 emails=user.emails,
100 emails=user.emails,
101 active=user.active,
101 active=user.active,
102 admin=user.admin,
102 admin=user.admin,
103 ldap_dn=user.ldap_dn,
103 ldap_dn=user.ldap_dn,
104 last_login=user.last_login,
104 last_login=user.last_login,
105 permissions=AuthUser(user_id=user.user_id).permissions
105 permissions=AuthUser(user_id=user.user_id).permissions
106 )
106 )
107
107
108 @HasPermissionAllDecorator('hg.admin')
108 @HasPermissionAllDecorator('hg.admin')
109 def get_users(self, apiuser):
109 def get_users(self, apiuser):
110 """"
110 """"
111 Get all users
111 Get all users
112
112
113 :param apiuser:
113 :param apiuser:
114 """
114 """
115
115
116 result = []
116 result = []
117 for user in User.getAll():
117 for user in User.getAll():
118 result.append(
118 result.append(
119 dict(
119 dict(
120 id=user.user_id,
120 id=user.user_id,
121 username=user.username,
121 username=user.username,
122 firstname=user.name,
122 firstname=user.name,
123 lastname=user.lastname,
123 lastname=user.lastname,
124 email=user.email,
124 email=user.email,
125 active=user.active,
125 active=user.active,
126 admin=user.admin,
126 admin=user.admin,
127 ldap_dn=user.ldap_dn,
127 ldap_dn=user.ldap_dn,
128 last_login=user.last_login,
128 last_login=user.last_login,
129 )
129 )
130 )
130 )
131 return result
131 return result
132
132
133 @HasPermissionAllDecorator('hg.admin')
133 @HasPermissionAllDecorator('hg.admin')
134 def create_user(self, apiuser, username, email, password, firstname=None,
134 def create_user(self, apiuser, username, email, password, firstname=None,
135 lastname=None, active=True, admin=False, ldap_dn=None):
135 lastname=None, active=True, admin=False, ldap_dn=None):
136 """
136 """
137 Create new user
137 Create new user
138
138
139 :param apiuser:
139 :param apiuser:
140 :param username:
140 :param username:
141 :param password:
141 :param password:
142 :param email:
142 :param email:
143 :param name:
143 :param name:
144 :param lastname:
144 :param lastname:
145 :param active:
145 :param active:
146 :param admin:
146 :param admin:
147 :param ldap_dn:
147 :param ldap_dn:
148 """
148 """
149 if User.get_by_username(username):
149 if User.get_by_username(username):
150 raise JSONRPCError("user %s already exist" % username)
150 raise JSONRPCError("user %s already exist" % username)
151
151
152 if User.get_by_email(email, case_insensitive=True):
152 if User.get_by_email(email, case_insensitive=True):
153 raise JSONRPCError("email %s already exist" % email)
153 raise JSONRPCError("email %s already exist" % email)
154
154
155 if ldap_dn:
155 if ldap_dn:
156 # generate temporary password if ldap_dn
156 # generate temporary password if ldap_dn
157 password = PasswordGenerator().gen_password(length=8)
157 password = PasswordGenerator().gen_password(length=8)
158
158
159 try:
159 try:
160 user = UserModel().create_or_update(
160 user = UserModel().create_or_update(
161 username, password, email, firstname,
161 username, password, email, firstname,
162 lastname, active, admin, ldap_dn
162 lastname, active, admin, ldap_dn
163 )
163 )
164 Session.commit()
164 Session.commit()
165 return dict(
165 return dict(
166 id=user.user_id,
166 id=user.user_id,
167 msg='created new user %s' % username,
167 msg='created new user %s' % username,
168 user=dict(
168 user=dict(
169 id=user.user_id,
169 id=user.user_id,
170 username=user.username,
170 username=user.username,
171 firstname=user.name,
171 firstname=user.name,
172 lastname=user.lastname,
172 lastname=user.lastname,
173 email=user.email,
173 email=user.email,
174 active=user.active,
174 active=user.active,
175 admin=user.admin,
175 admin=user.admin,
176 ldap_dn=user.ldap_dn,
176 ldap_dn=user.ldap_dn,
177 last_login=user.last_login,
177 last_login=user.last_login,
178 )
178 )
179 )
179 )
180 except Exception:
180 except Exception:
181 log.error(traceback.format_exc())
181 log.error(traceback.format_exc())
182 raise JSONRPCError('failed to create user %s' % username)
182 raise JSONRPCError('failed to create user %s' % username)
183
183
184 @HasPermissionAllDecorator('hg.admin')
184 @HasPermissionAllDecorator('hg.admin')
185 def update_user(self, apiuser, userid, username, password, email,
185 def update_user(self, apiuser, userid, username, password, email,
186 firstname, lastname, active, admin, ldap_dn):
186 firstname, lastname, active, admin, ldap_dn):
187 """
187 """
188 Updates given user
188 Updates given user
189
189
190 :param apiuser:
190 :param apiuser:
191 :param username:
191 :param username:
192 :param password:
192 :param password:
193 :param email:
193 :param email:
194 :param name:
194 :param name:
195 :param lastname:
195 :param lastname:
196 :param active:
196 :param active:
197 :param admin:
197 :param admin:
198 :param ldap_dn:
198 :param ldap_dn:
199 """
199 """
200 usr = UserModel().get_user(userid)
200 usr = UserModel().get_user(userid)
201 if not usr:
201 if not usr:
202 raise JSONRPCError("user ID:%s does not exist" % userid)
202 raise JSONRPCError("user ID:%s does not exist" % userid)
203
203
204 try:
204 try:
205 usr = UserModel().create_or_update(
205 user = UserModel().create_or_update(
206 username, password, email, firstname,
206 username, password, email, firstname,
207 lastname, active, admin, ldap_dn
207 lastname, active, admin, ldap_dn
208 )
208 )
209 Session.commit()
209 Session.commit()
210 return dict(
210 return dict(
211 id=usr.user_id,
211 id=usr.user_id,
212 msg='updated user ID:%s %s' % (usr.user_id, usr.username)
212 msg='updated user ID:%s %s' % (user.user_id, user.username),
213 user=dict(
214 id=user.user_id,
215 username=user.username,
216 firstname=user.name,
217 lastname=user.lastname,
218 email=user.email,
219 active=user.active,
220 admin=user.admin,
221 ldap_dn=user.ldap_dn,
222 last_login=user.last_login,
223 )
213 )
224 )
214 except Exception:
225 except Exception:
215 log.error(traceback.format_exc())
226 log.error(traceback.format_exc())
216 raise JSONRPCError('failed to update user %s' % userid)
227 raise JSONRPCError('failed to update user %s' % userid)
217
228
218 @HasPermissionAllDecorator('hg.admin')
229 @HasPermissionAllDecorator('hg.admin')
219 def delete_user(self, apiuser, userid):
230 def delete_user(self, apiuser, userid):
220 """"
231 """"
221 Deletes an user
232 Deletes an user
222
233
223 :param apiuser:
234 :param apiuser:
224 """
235 """
225 usr = UserModel().get_user(userid)
236 usr = UserModel().get_user(userid)
226 if not usr:
237 if not usr:
227 raise JSONRPCError("user ID:%s does not exist" % userid)
238 raise JSONRPCError("user ID:%s does not exist" % userid)
228
239
229 try:
240 try:
230 UserModel().delete(userid)
241 UserModel().delete(userid)
231 Session.commit()
242 Session.commit()
232 return dict(
243 return dict(
233 id=usr.user_id,
244 id=usr.user_id,
234 msg='deleted user ID:%s %s' % (usr.user_id, usr.username)
245 msg='deleted user ID:%s %s' % (usr.user_id, usr.username)
235 )
246 )
236 except Exception:
247 except Exception:
237 log.error(traceback.format_exc())
248 log.error(traceback.format_exc())
238 raise JSONRPCError('failed to delete ID:%s %s' % (usr.user_id,
249 raise JSONRPCError('failed to delete ID:%s %s' % (usr.user_id,
239 usr.username))
250 usr.username))
240
251
241 @HasPermissionAllDecorator('hg.admin')
252 @HasPermissionAllDecorator('hg.admin')
242 def get_users_group(self, apiuser, group_name):
253 def get_users_group(self, apiuser, group_name):
243 """"
254 """"
244 Get users group by name
255 Get users group by name
245
256
246 :param apiuser:
257 :param apiuser:
247 :param group_name:
258 :param group_name:
248 """
259 """
249
260
250 users_group = UsersGroup.get_by_group_name(group_name)
261 users_group = UsersGroup.get_by_group_name(group_name)
251 if not users_group:
262 if not users_group:
252 return None
263 return None
253
264
254 members = []
265 members = []
255 for user in users_group.members:
266 for user in users_group.members:
256 user = user.user
267 user = user.user
257 members.append(dict(id=user.user_id,
268 members.append(dict(id=user.user_id,
258 username=user.username,
269 username=user.username,
259 firstname=user.name,
270 firstname=user.name,
260 lastname=user.lastname,
271 lastname=user.lastname,
261 email=user.email,
272 email=user.email,
262 active=user.active,
273 active=user.active,
263 admin=user.admin,
274 admin=user.admin,
264 ldap=user.ldap_dn))
275 ldap=user.ldap_dn))
265
276
266 return dict(id=users_group.users_group_id,
277 return dict(id=users_group.users_group_id,
267 group_name=users_group.users_group_name,
278 group_name=users_group.users_group_name,
268 active=users_group.users_group_active,
279 active=users_group.users_group_active,
269 members=members)
280 members=members)
270
281
271 @HasPermissionAllDecorator('hg.admin')
282 @HasPermissionAllDecorator('hg.admin')
272 def get_users_groups(self, apiuser):
283 def get_users_groups(self, apiuser):
273 """"
284 """"
274 Get all users groups
285 Get all users groups
275
286
276 :param apiuser:
287 :param apiuser:
277 """
288 """
278
289
279 result = []
290 result = []
280 for users_group in UsersGroup.getAll():
291 for users_group in UsersGroup.getAll():
281 members = []
292 members = []
282 for user in users_group.members:
293 for user in users_group.members:
283 user = user.user
294 user = user.user
284 members.append(dict(id=user.user_id,
295 members.append(dict(id=user.user_id,
285 username=user.username,
296 username=user.username,
286 firstname=user.name,
297 firstname=user.name,
287 lastname=user.lastname,
298 lastname=user.lastname,
288 email=user.email,
299 email=user.email,
289 active=user.active,
300 active=user.active,
290 admin=user.admin,
301 admin=user.admin,
291 ldap=user.ldap_dn))
302 ldap=user.ldap_dn))
292
303
293 result.append(dict(id=users_group.users_group_id,
304 result.append(dict(id=users_group.users_group_id,
294 group_name=users_group.users_group_name,
305 group_name=users_group.users_group_name,
295 active=users_group.users_group_active,
306 active=users_group.users_group_active,
296 members=members))
307 members=members))
297 return result
308 return result
298
309
299 @HasPermissionAllDecorator('hg.admin')
310 @HasPermissionAllDecorator('hg.admin')
300 def create_users_group(self, apiuser, group_name, active=True):
311 def create_users_group(self, apiuser, group_name, active=True):
301 """
312 """
302 Creates an new usergroup
313 Creates an new usergroup
303
314
304 :param group_name:
315 :param group_name:
305 :param active:
316 :param active:
306 """
317 """
307
318
308 if self.get_users_group(apiuser, group_name):
319 if self.get_users_group(apiuser, group_name):
309 raise JSONRPCError("users group %s already exist" % group_name)
320 raise JSONRPCError("users group %s already exist" % group_name)
310
321
311 try:
322 try:
312 ug = UsersGroupModel().create(name=group_name, active=active)
323 ug = UsersGroupModel().create(name=group_name, active=active)
313 Session.commit()
324 Session.commit()
314 return dict(id=ug.users_group_id,
325 return dict(id=ug.users_group_id,
315 msg='created new users group %s' % group_name)
326 msg='created new users group %s' % group_name)
316 except Exception:
327 except Exception:
317 log.error(traceback.format_exc())
328 log.error(traceback.format_exc())
318 raise JSONRPCError('failed to create group %s' % group_name)
329 raise JSONRPCError('failed to create group %s' % group_name)
319
330
320 @HasPermissionAllDecorator('hg.admin')
331 @HasPermissionAllDecorator('hg.admin')
321 def add_user_to_users_group(self, apiuser, group_name, username):
332 def add_user_to_users_group(self, apiuser, group_name, username):
322 """"
333 """"
323 Add a user to a users group
334 Add a user to a users group
324
335
325 :param apiuser:
336 :param apiuser:
326 :param group_name:
337 :param group_name:
327 :param username:
338 :param username:
328 """
339 """
329
340
330 try:
341 try:
331 users_group = UsersGroup.get_by_group_name(group_name)
342 users_group = UsersGroup.get_by_group_name(group_name)
332 if not users_group:
343 if not users_group:
333 raise JSONRPCError('unknown users group %s' % group_name)
344 raise JSONRPCError('unknown users group %s' % group_name)
334
345
335 user = User.get_by_username(username)
346 user = User.get_by_username(username)
336 if user is None:
347 if user is None:
337 raise JSONRPCError('unknown user %s' % username)
348 raise JSONRPCError('unknown user %s' % username)
338
349
339 ugm = UsersGroupModel().add_user_to_group(users_group, user)
350 ugm = UsersGroupModel().add_user_to_group(users_group, user)
340 success = True if ugm != True else False
351 success = True if ugm != True else False
341 msg = 'added member %s to users group %s' % (username, group_name)
352 msg = 'added member %s to users group %s' % (username, group_name)
342 msg = msg if success else 'User is already in that group'
353 msg = msg if success else 'User is already in that group'
343 Session.commit()
354 Session.commit()
344
355
345 return dict(
356 return dict(
346 id=ugm.users_group_member_id if ugm != True else None,
357 id=ugm.users_group_member_id if ugm != True else None,
347 success=success,
358 success=success,
348 msg=msg
359 msg=msg
349 )
360 )
350 except Exception:
361 except Exception:
351 log.error(traceback.format_exc())
362 log.error(traceback.format_exc())
352 raise JSONRPCError('failed to add users group member')
363 raise JSONRPCError('failed to add users group member')
353
364
354 @HasPermissionAllDecorator('hg.admin')
365 @HasPermissionAllDecorator('hg.admin')
355 def remove_user_from_users_group(self, apiuser, group_name, username):
366 def remove_user_from_users_group(self, apiuser, group_name, username):
356 """
367 """
357 Remove user from a group
368 Remove user from a group
358
369
359 :param apiuser
370 :param apiuser
360 :param group_name
371 :param group_name
361 :param username
372 :param username
362 """
373 """
363
374
364 try:
375 try:
365 users_group = UsersGroup.get_by_group_name(group_name)
376 users_group = UsersGroup.get_by_group_name(group_name)
366 if not users_group:
377 if not users_group:
367 raise JSONRPCError('unknown users group %s' % group_name)
378 raise JSONRPCError('unknown users group %s' % group_name)
368
379
369 user = User.get_by_username(username)
380 user = User.get_by_username(username)
370 if user is None:
381 if user is None:
371 raise JSONRPCError('unknown user %s' % username)
382 raise JSONRPCError('unknown user %s' % username)
372
383
373 success = UsersGroupModel().remove_user_from_group(users_group, user)
384 success = UsersGroupModel().remove_user_from_group(users_group, user)
374 msg = 'removed member %s from users group %s' % (username, group_name)
385 msg = 'removed member %s from users group %s' % (username, group_name)
375 msg = msg if success else "User wasn't in group"
386 msg = msg if success else "User wasn't in group"
376 Session.commit()
387 Session.commit()
377 return dict(success=success, msg=msg)
388 return dict(success=success, msg=msg)
378 except Exception:
389 except Exception:
379 log.error(traceback.format_exc())
390 log.error(traceback.format_exc())
380 raise JSONRPCError('failed to remove user from group')
391 raise JSONRPCError('failed to remove user from group')
381
392
382 @HasPermissionAnyDecorator('hg.admin')
393 @HasPermissionAnyDecorator('hg.admin')
383 def get_repo(self, apiuser, repoid):
394 def get_repo(self, apiuser, repoid):
384 """"
395 """"
385 Get repository by name
396 Get repository by name
386
397
387 :param apiuser:
398 :param apiuser:
388 :param repo_name:
399 :param repo_name:
389 """
400 """
390
401
391 repo = RepoModel().get_repo(repoid)
402 repo = RepoModel().get_repo(repoid)
392 if repo is None:
403 if repo is None:
393 raise JSONRPCError('unknown repository "%s"' % (repo or repoid))
404 raise JSONRPCError('unknown repository "%s"' % (repo or repoid))
394
405
395 members = []
406 members = []
396 for user in repo.repo_to_perm:
407 for user in repo.repo_to_perm:
397 perm = user.permission.permission_name
408 perm = user.permission.permission_name
398 user = user.user
409 user = user.user
399 members.append(
410 members.append(
400 dict(
411 dict(
401 type="user",
412 type="user",
402 id=user.user_id,
413 id=user.user_id,
403 username=user.username,
414 username=user.username,
404 firstname=user.name,
415 firstname=user.name,
405 lastname=user.lastname,
416 lastname=user.lastname,
406 email=user.email,
417 email=user.email,
407 active=user.active,
418 active=user.active,
408 admin=user.admin,
419 admin=user.admin,
409 ldap=user.ldap_dn,
420 ldap=user.ldap_dn,
410 permission=perm
421 permission=perm
411 )
422 )
412 )
423 )
413 for users_group in repo.users_group_to_perm:
424 for users_group in repo.users_group_to_perm:
414 perm = users_group.permission.permission_name
425 perm = users_group.permission.permission_name
415 users_group = users_group.users_group
426 users_group = users_group.users_group
416 members.append(
427 members.append(
417 dict(
428 dict(
418 type="users_group",
429 type="users_group",
419 id=users_group.users_group_id,
430 id=users_group.users_group_id,
420 name=users_group.users_group_name,
431 name=users_group.users_group_name,
421 active=users_group.users_group_active,
432 active=users_group.users_group_active,
422 permission=perm
433 permission=perm
423 )
434 )
424 )
435 )
425
436
426 return dict(
437 return dict(
427 id=repo.repo_id,
438 id=repo.repo_id,
428 repo_name=repo.repo_name,
439 repo_name=repo.repo_name,
429 type=repo.repo_type,
440 type=repo.repo_type,
430 clone_uri=repo.clone_uri,
441 clone_uri=repo.clone_uri,
431 private=repo.private,
442 private=repo.private,
432 created_on=repo.created_on,
443 created_on=repo.created_on,
433 description=repo.description,
444 description=repo.description,
434 members=members
445 members=members
435 )
446 )
436
447
437 @HasPermissionAnyDecorator('hg.admin')
448 @HasPermissionAnyDecorator('hg.admin')
438 def get_repos(self, apiuser):
449 def get_repos(self, apiuser):
439 """"
450 """"
440 Get all repositories
451 Get all repositories
441
452
442 :param apiuser:
453 :param apiuser:
443 """
454 """
444
455
445 result = []
456 result = []
446 for repo in Repository.getAll():
457 for repo in Repository.getAll():
447 result.append(
458 result.append(
448 dict(
459 dict(
449 id=repo.repo_id,
460 id=repo.repo_id,
450 repo_name=repo.repo_name,
461 repo_name=repo.repo_name,
451 type=repo.repo_type,
462 type=repo.repo_type,
452 clone_uri=repo.clone_uri,
463 clone_uri=repo.clone_uri,
453 private=repo.private,
464 private=repo.private,
454 created_on=repo.created_on,
465 created_on=repo.created_on,
455 description=repo.description,
466 description=repo.description,
456 )
467 )
457 )
468 )
458 return result
469 return result
459
470
460 @HasPermissionAnyDecorator('hg.admin')
471 @HasPermissionAnyDecorator('hg.admin')
461 def get_repo_nodes(self, apiuser, repo_name, revision, root_path,
472 def get_repo_nodes(self, apiuser, repo_name, revision, root_path,
462 ret_type='all'):
473 ret_type='all'):
463 """
474 """
464 returns a list of nodes and it's children
475 returns a list of nodes and it's children
465 for a given path at given revision. It's possible to specify ret_type
476 for a given path at given revision. It's possible to specify ret_type
466 to show only files or dirs
477 to show only files or dirs
467
478
468 :param apiuser:
479 :param apiuser:
469 :param repo_name: name of repository
480 :param repo_name: name of repository
470 :param revision: revision for which listing should be done
481 :param revision: revision for which listing should be done
471 :param root_path: path from which start displaying
482 :param root_path: path from which start displaying
472 :param ret_type: return type 'all|files|dirs' nodes
483 :param ret_type: return type 'all|files|dirs' nodes
473 """
484 """
474 try:
485 try:
475 _d, _f = ScmModel().get_nodes(repo_name, revision, root_path,
486 _d, _f = ScmModel().get_nodes(repo_name, revision, root_path,
476 flat=False)
487 flat=False)
477 _map = {
488 _map = {
478 'all': _d + _f,
489 'all': _d + _f,
479 'files': _f,
490 'files': _f,
480 'dirs': _d,
491 'dirs': _d,
481 }
492 }
482 return _map[ret_type]
493 return _map[ret_type]
483 except KeyError:
494 except KeyError:
484 raise JSONRPCError('ret_type must be one of %s' % _map.keys())
495 raise JSONRPCError('ret_type must be one of %s' % _map.keys())
485 except Exception, e:
496 except Exception, e:
486 raise JSONRPCError(e)
497 raise JSONRPCError(e)
487
498
488 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
499 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
489 def create_repo(self, apiuser, repo_name, owner_name, description='',
500 def create_repo(self, apiuser, repo_name, owner_name, description='',
490 repo_type='hg', private=False, clone_uri=None):
501 repo_type='hg', private=False, clone_uri=None):
491 """
502 """
492 Create repository, if clone_url is given it makes a remote clone
503 Create repository, if clone_url is given it makes a remote clone
493
504
494 :param apiuser:
505 :param apiuser:
495 :param repo_name:
506 :param repo_name:
496 :param owner_name:
507 :param owner_name:
497 :param description:
508 :param description:
498 :param repo_type:
509 :param repo_type:
499 :param private:
510 :param private:
500 :param clone_uri:
511 :param clone_uri:
501 """
512 """
502
513
503 try:
514 try:
504 owner = User.get_by_username(owner_name)
515 owner = User.get_by_username(owner_name)
505 if owner is None:
516 if owner is None:
506 raise JSONRPCError('unknown user %s' % owner_name)
517 raise JSONRPCError('unknown user %s' % owner_name)
507
518
508 if Repository.get_by_repo_name(repo_name):
519 if Repository.get_by_repo_name(repo_name):
509 raise JSONRPCError("repo %s already exist" % repo_name)
520 raise JSONRPCError("repo %s already exist" % repo_name)
510
521
511 groups = repo_name.split(Repository.url_sep())
522 groups = repo_name.split(Repository.url_sep())
512 real_name = groups[-1]
523 real_name = groups[-1]
513 # create structure of groups
524 # create structure of groups
514 group = map_groups(repo_name)
525 group = map_groups(repo_name)
515
526
516 repo = RepoModel().create(
527 repo = RepoModel().create(
517 dict(
528 dict(
518 repo_name=real_name,
529 repo_name=real_name,
519 repo_name_full=repo_name,
530 repo_name_full=repo_name,
520 description=description,
531 description=description,
521 private=private,
532 private=private,
522 repo_type=repo_type,
533 repo_type=repo_type,
523 repo_group=group.group_id if group else None,
534 repo_group=group.group_id if group else None,
524 clone_uri=clone_uri
535 clone_uri=clone_uri
525 )
536 )
526 )
537 )
527 Session.commit()
538 Session.commit()
528
539
529 return dict(
540 return dict(
530 id=repo.repo_id,
541 id=repo.repo_id,
531 msg="Created new repository %s" % (repo.repo_name),
542 msg="Created new repository %s" % (repo.repo_name),
532 repo=dict(
543 repo=dict(
533 id=repo.repo_id,
544 id=repo.repo_id,
534 repo_name=repo.repo_name,
545 repo_name=repo.repo_name,
535 type=repo.repo_type,
546 type=repo.repo_type,
536 clone_uri=repo.clone_uri,
547 clone_uri=repo.clone_uri,
537 private=repo.private,
548 private=repo.private,
538 created_on=repo.created_on,
549 created_on=repo.created_on,
539 description=repo.description,
550 description=repo.description,
540 )
551 )
541 )
552 )
542
553
543 except Exception:
554 except Exception:
544 log.error(traceback.format_exc())
555 log.error(traceback.format_exc())
545 raise JSONRPCError('failed to create repository %s' % repo_name)
556 raise JSONRPCError('failed to create repository %s' % repo_name)
546
557
547 @HasPermissionAnyDecorator('hg.admin')
558 @HasPermissionAnyDecorator('hg.admin')
548 def fork_repo(self, apiuser, repoid):
559 def fork_repo(self, apiuser, repoid):
549 repo = RepoModel().get_repo(repoid)
560 repo = RepoModel().get_repo(repoid)
550 if repo is None:
561 if repo is None:
551 raise JSONRPCError('unknown repository "%s"' % (repo or repoid))
562 raise JSONRPCError('unknown repository "%s"' % (repo or repoid))
552
563
553 RepoModel().create_fork(form_data, cur_user)
564 RepoModel().create_fork(form_data, cur_user)
554
565
555
566
556 @HasPermissionAnyDecorator('hg.admin')
567 @HasPermissionAnyDecorator('hg.admin')
557 def delete_repo(self, apiuser, repo_name):
568 def delete_repo(self, apiuser, repo_name):
558 """
569 """
559 Deletes a given repository
570 Deletes a given repository
560
571
561 :param repo_name:
572 :param repo_name:
562 """
573 """
563 if not Repository.get_by_repo_name(repo_name):
574 if not Repository.get_by_repo_name(repo_name):
564 raise JSONRPCError("repo %s does not exist" % repo_name)
575 raise JSONRPCError("repo %s does not exist" % repo_name)
565 try:
576 try:
566 RepoModel().delete(repo_name)
577 RepoModel().delete(repo_name)
567 Session.commit()
578 Session.commit()
568 return dict(
579 return dict(
569 msg='Deleted repository %s' % repo_name
580 msg='Deleted repository %s' % repo_name
570 )
581 )
571 except Exception:
582 except Exception:
572 log.error(traceback.format_exc())
583 log.error(traceback.format_exc())
573 raise JSONRPCError('failed to delete repository %s' % repo_name)
584 raise JSONRPCError('failed to delete repository %s' % repo_name)
574
585
575 @HasPermissionAnyDecorator('hg.admin')
586 @HasPermissionAnyDecorator('hg.admin')
576 def grant_user_permission(self, apiuser, repo_name, username, perm):
587 def grant_user_permission(self, apiuser, repo_name, username, perm):
577 """
588 """
578 Grant permission for user on given repository, or update existing one
589 Grant permission for user on given repository, or update existing one
579 if found
590 if found
580
591
581 :param repo_name:
592 :param repo_name:
582 :param username:
593 :param username:
583 :param perm:
594 :param perm:
584 """
595 """
585
596
586 try:
597 try:
587 repo = Repository.get_by_repo_name(repo_name)
598 repo = Repository.get_by_repo_name(repo_name)
588 if repo is None:
599 if repo is None:
589 raise JSONRPCError('unknown repository %s' % repo)
600 raise JSONRPCError('unknown repository %s' % repo)
590
601
591 user = User.get_by_username(username)
602 user = User.get_by_username(username)
592 if user is None:
603 if user is None:
593 raise JSONRPCError('unknown user %s' % username)
604 raise JSONRPCError('unknown user %s' % username)
594
605
595 RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)
606 RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)
596
607
597 Session.commit()
608 Session.commit()
598 return dict(
609 return dict(
599 msg='Granted perm: %s for user: %s in repo: %s' % (
610 msg='Granted perm: %s for user: %s in repo: %s' % (
600 perm, username, repo_name
611 perm, username, repo_name
601 )
612 )
602 )
613 )
603 except Exception:
614 except Exception:
604 log.error(traceback.format_exc())
615 log.error(traceback.format_exc())
605 raise JSONRPCError(
616 raise JSONRPCError(
606 'failed to edit permission %(repo)s for %(user)s' % dict(
617 'failed to edit permission %(repo)s for %(user)s' % dict(
607 user=username, repo=repo_name
618 user=username, repo=repo_name
608 )
619 )
609 )
620 )
610
621
611 @HasPermissionAnyDecorator('hg.admin')
622 @HasPermissionAnyDecorator('hg.admin')
612 def revoke_user_permission(self, apiuser, repo_name, username):
623 def revoke_user_permission(self, apiuser, repo_name, username):
613 """
624 """
614 Revoke permission for user on given repository
625 Revoke permission for user on given repository
615
626
616 :param repo_name:
627 :param repo_name:
617 :param username:
628 :param username:
618 """
629 """
619
630
620 try:
631 try:
621 repo = Repository.get_by_repo_name(repo_name)
632 repo = Repository.get_by_repo_name(repo_name)
622 if repo is None:
633 if repo is None:
623 raise JSONRPCError('unknown repository %s' % repo)
634 raise JSONRPCError('unknown repository %s' % repo)
624
635
625 user = User.get_by_username(username)
636 user = User.get_by_username(username)
626 if user is None:
637 if user is None:
627 raise JSONRPCError('unknown user %s' % username)
638 raise JSONRPCError('unknown user %s' % username)
628
639
629 RepoModel().revoke_user_permission(repo=repo_name, user=username)
640 RepoModel().revoke_user_permission(repo=repo_name, user=username)
630
641
631 Session.commit()
642 Session.commit()
632 return dict(
643 return dict(
633 msg='Revoked perm for user: %s in repo: %s' % (
644 msg='Revoked perm for user: %s in repo: %s' % (
634 username, repo_name
645 username, repo_name
635 )
646 )
636 )
647 )
637 except Exception:
648 except Exception:
638 log.error(traceback.format_exc())
649 log.error(traceback.format_exc())
639 raise JSONRPCError(
650 raise JSONRPCError(
640 'failed to edit permission %(repo)s for %(user)s' % dict(
651 'failed to edit permission %(repo)s for %(user)s' % dict(
641 user=username, repo=repo_name
652 user=username, repo=repo_name
642 )
653 )
643 )
654 )
644
655
645 @HasPermissionAnyDecorator('hg.admin')
656 @HasPermissionAnyDecorator('hg.admin')
646 def grant_users_group_permission(self, apiuser, repo_name, group_name, perm):
657 def grant_users_group_permission(self, apiuser, repo_name, group_name, perm):
647 """
658 """
648 Grant permission for users group on given repository, or update
659 Grant permission for users group on given repository, or update
649 existing one if found
660 existing one if found
650
661
651 :param repo_name:
662 :param repo_name:
652 :param group_name:
663 :param group_name:
653 :param perm:
664 :param perm:
654 """
665 """
655
666
656 try:
667 try:
657 repo = Repository.get_by_repo_name(repo_name)
668 repo = Repository.get_by_repo_name(repo_name)
658 if repo is None:
669 if repo is None:
659 raise JSONRPCError('unknown repository %s' % repo)
670 raise JSONRPCError('unknown repository %s' % repo)
660
671
661 user_group = UsersGroup.get_by_group_name(group_name)
672 user_group = UsersGroup.get_by_group_name(group_name)
662 if user_group is None:
673 if user_group is None:
663 raise JSONRPCError('unknown users group %s' % user_group)
674 raise JSONRPCError('unknown users group %s' % user_group)
664
675
665 RepoModel().grant_users_group_permission(repo=repo_name,
676 RepoModel().grant_users_group_permission(repo=repo_name,
666 group_name=group_name,
677 group_name=group_name,
667 perm=perm)
678 perm=perm)
668
679
669 Session.commit()
680 Session.commit()
670 return dict(
681 return dict(
671 msg='Granted perm: %s for group: %s in repo: %s' % (
682 msg='Granted perm: %s for group: %s in repo: %s' % (
672 perm, group_name, repo_name
683 perm, group_name, repo_name
673 )
684 )
674 )
685 )
675 except Exception:
686 except Exception:
676 log.error(traceback.format_exc())
687 log.error(traceback.format_exc())
677 raise JSONRPCError(
688 raise JSONRPCError(
678 'failed to edit permission %(repo)s for %(usersgr)s' % dict(
689 'failed to edit permission %(repo)s for %(usersgr)s' % dict(
679 usersgr=group_name, repo=repo_name
690 usersgr=group_name, repo=repo_name
680 )
691 )
681 )
692 )
682
693
683 @HasPermissionAnyDecorator('hg.admin')
694 @HasPermissionAnyDecorator('hg.admin')
684 def revoke_users_group_permission(self, apiuser, repo_name, group_name):
695 def revoke_users_group_permission(self, apiuser, repo_name, group_name):
685 """
696 """
686 Revoke permission for users group on given repository
697 Revoke permission for users group on given repository
687
698
688 :param repo_name:
699 :param repo_name:
689 :param group_name:
700 :param group_name:
690 """
701 """
691
702
692 try:
703 try:
693 repo = Repository.get_by_repo_name(repo_name)
704 repo = Repository.get_by_repo_name(repo_name)
694 if repo is None:
705 if repo is None:
695 raise JSONRPCError('unknown repository %s' % repo)
706 raise JSONRPCError('unknown repository %s' % repo)
696
707
697 user_group = UsersGroup.get_by_group_name(group_name)
708 user_group = UsersGroup.get_by_group_name(group_name)
698 if user_group is None:
709 if user_group is None:
699 raise JSONRPCError('unknown users group %s' % user_group)
710 raise JSONRPCError('unknown users group %s' % user_group)
700
711
701 RepoModel().revoke_users_group_permission(repo=repo_name,
712 RepoModel().revoke_users_group_permission(repo=repo_name,
702 group_name=group_name)
713 group_name=group_name)
703
714
704 Session.commit()
715 Session.commit()
705 return dict(
716 return dict(
706 msg='Revoked perm for group: %s in repo: %s' % (
717 msg='Revoked perm for group: %s in repo: %s' % (
707 group_name, repo_name
718 group_name, repo_name
708 )
719 )
709 )
720 )
710 except Exception:
721 except Exception:
711 log.error(traceback.format_exc())
722 log.error(traceback.format_exc())
712 raise JSONRPCError(
723 raise JSONRPCError(
713 'failed to edit permission %(repo)s for %(usersgr)s' % dict(
724 'failed to edit permission %(repo)s for %(usersgr)s' % dict(
714 usersgr=group_name, repo=repo_name
725 usersgr=group_name, repo=repo_name
715 )
726 )
716 )
727 )
General Comments 0
You need to be logged in to leave comments. Login now