##// END OF EJS Templates
implements #329...
marcink -
r1793:631caf88 beta
parent child Browse files
Show More
@@ -223,8 +223,8 b' OUTPUT::'
223 223 }
224 224 error: null
225 225
226 add_user_to_users_groups
227 ------------------------
226 add_user_to_users_group
227 -----------------------
228 228
229 229 Adds a user to a users group. This command can be executed only using api_key
230 230 belonging to user with admin rights
@@ -302,14 +302,14 b' OUTPUT::'
302 302 "active" : "<bool>",
303 303 "admin" :Β  "<bool>",
304 304 "ldap" : "<ldap_dn>",
305 "permission" : "repository_(read|write|admin)"
305 "permission" : "repository.(read|write|admin)"
306 306 },
307 307 …
308 308 {
309 309 "id" : "<usersgroupid>",
310 310 "name" : "<usersgroupname>",
311 311 "active": "<bool>",
312 "permission" : "repository_(read|write|admin)"
312 "permission" : "repository.(read|write|admin)"
313 313 },
314 314 …
315 315 ]
@@ -356,10 +356,27 b' INPUT::'
356 356 args: {
357 357 "repo_name" : "<reponame>",
358 358 "user_name" : "<username>",
359 "perm" : "(None|repository_(read|write|admin))",
359 "perm" : "(None|repository.(read|write|admin))",
360 360 }
361 361
362 362 OUTPUT::
363 363
364 364 result: None
365 365 error: null
366
367 add_users_group_to_repo
368 -----------------------
369
370 Add a users group to a repository. This command can be executed only using
371 api_key belonging to user with admin rights. If "perm" is None, group will
372 be removed from the repository.
373
374 INPUT::
375
376 api_key : "<api_key>"
377 method : "add_users_group_to_repo"
378 args: {
379 "repo_name" : "<reponame>",
380 "group_name" : "<groupname>",
381 "perm" : "(None|repository.(read|write|admin))",
382 } No newline at end of file
@@ -46,6 +46,7 b' from rhodecode.lib.auth import AuthUser'
46 46
47 47 log = logging.getLogger('JSONRPC')
48 48
49
49 50 class JSONRPCError(BaseException):
50 51
51 52 def __init__(self, message):
@@ -67,7 +68,6 b' def jsonrpc_error(message, code=None):'
67 68 return resp
68 69
69 70
70
71 71 class JSONRPCController(WSGIController):
72 72 """
73 73 A WSGI-speaking JSON-RPC controller class
@@ -120,10 +120,10 b' class JSONRPCController(WSGIController):'
120 120 self._req_api_key = json_body['api_key']
121 121 self._req_id = json_body['id']
122 122 self._req_method = json_body['method']
123 self._req_params = json_body['args']
123 self._request_params = json_body['args']
124 124 log.debug('method: %s, params: %s',
125 125 self._req_method,
126 self._req_params)
126 self._request_params)
127 127 except KeyError, e:
128 128 return jsonrpc_error(message='Incorrect JSON query missing %s' % e)
129 129
@@ -146,10 +146,11 b' class JSONRPCController(WSGIController):'
146 146 # self.kargs and dispatch control to WGIController
147 147 argspec = inspect.getargspec(self._func)
148 148 arglist = argspec[0][1:]
149 defaults = argspec[3] or []
149 defaults = map(type, argspec[3] or [])
150 150 default_empty = types.NotImplementedType
151 151
152 kwarglist = list(izip_longest(reversed(arglist), reversed(defaults),
152 # kw arguments required by this method
153 func_kwargs = dict(izip_longest(reversed(arglist), reversed(defaults),
153 154 fillvalue=default_empty))
154 155
155 156 # this is little trick to inject logged in user for
@@ -167,7 +168,7 b' class JSONRPCController(WSGIController):'
167 168 (self._func.__name__, USER_SESSION_ATTR))
168 169
169 170 # get our arglist and check if we provided them as args
170 for arg, default in kwarglist:
171 for arg, default in func_kwargs.iteritems():
171 172 if arg == USER_SESSION_ATTR:
172 173 # USER_SESSION_ATTR is something translated from api key and
173 174 # this is checked before so we don't need validate it
@@ -175,13 +176,15 b' class JSONRPCController(WSGIController):'
175 176
176 177 # skip the required param check if it's default value is
177 178 # NotImplementedType (default_empty)
178 if not self._req_params or (type(default) == default_empty
179 and arg not in self._req_params):
180 return jsonrpc_error(message=('Missing non optional %s arg '
181 'in JSON DATA') % arg)
179 if (default == default_empty and arg not in self._request_params):
180 return jsonrpc_error(
181 message=(
182 'Missing non optional `%s` arg in JSON DATA' % arg
183 )
184 )
182 185
183 186 self._rpc_args = {USER_SESSION_ATTR:u}
184 self._rpc_args.update(self._req_params)
187 self._rpc_args.update(self._request_params)
185 188
186 189 self._rpc_args['action'] = self._req_method
187 190 self._rpc_args['environ'] = environ
@@ -190,6 +193,7 b' class JSONRPCController(WSGIController):'
190 193 status = []
191 194 headers = []
192 195 exc_info = []
196
193 197 def change_content(new_status, new_headers, new_exc_info=None):
194 198 status.append(new_status)
195 199 headers.extend(new_headers)
@@ -60,41 +60,47 b' class ApiController(JSONRPCController):'
60 60 """"
61 61 Get a user by username
62 62
63 :param apiuser
64 :param username
63 :param apiuser:
64 :param username:
65 65 """
66 66
67 67 user = User.get_by_username(username)
68 68 if not user:
69 69 return None
70 70
71 return dict(id=user.user_id,
71 return dict(
72 id=user.user_id,
72 73 username=user.username,
73 74 firstname=user.name,
74 75 lastname=user.lastname,
75 76 email=user.email,
76 77 active=user.active,
77 78 admin=user.admin,
78 ldap=user.ldap_dn)
79 ldap=user.ldap_dn
80 )
79 81
80 82 @HasPermissionAllDecorator('hg.admin')
81 83 def get_users(self, apiuser):
82 84 """"
83 85 Get all users
84 86
85 :param apiuser
87 :param apiuser:
86 88 """
87 89
88 90 result = []
89 91 for user in User.getAll():
90 result.append(dict(id=user.user_id,
92 result.append(
93 dict(
94 id=user.user_id,
91 95 username=user.username,
92 96 firstname=user.name,
93 97 lastname=user.lastname,
94 98 email=user.email,
95 99 active=user.active,
96 100 admin=user.admin,
97 ldap=user.ldap_dn))
101 ldap=user.ldap_dn
102 )
103 )
98 104 return result
99 105
100 106 @HasPermissionAllDecorator('hg.admin')
@@ -131,8 +137,8 b' class ApiController(JSONRPCController):'
131 137 """"
132 138 Get users group by name
133 139
134 :param apiuser
135 :param group_name
140 :param apiuser:
141 :param group_name:
136 142 """
137 143
138 144 users_group = UsersGroup.get_by_group_name(group_name)
@@ -161,7 +167,7 b' class ApiController(JSONRPCController):'
161 167 """"
162 168 Get all users groups
163 169
164 :param apiuser
170 :param apiuser:
165 171 """
166 172
167 173 result = []
@@ -210,9 +216,9 b' class ApiController(JSONRPCController):'
210 216 """"
211 217 Add a user to a group
212 218
213 :param apiuser
214 :param group_name
215 :param user_name
219 :param apiuser:
220 :param group_name:
221 :param user_name:
216 222 """
217 223
218 224 try:
@@ -238,8 +244,8 b' class ApiController(JSONRPCController):'
238 244 """"
239 245 Get repository by name
240 246
241 :param apiuser
242 :param repo_name
247 :param apiuser:
248 :param repo_name:
243 249 """
244 250
245 251 repo = Repository.get_by_repo_name(repo_name)
@@ -250,7 +256,9 b' class ApiController(JSONRPCController):'
250 256 for user in repo.repo_to_perm:
251 257 perm = user.permission.permission_name
252 258 user = user.user
253 members.append(dict(type_="user",
259 members.append(
260 dict(
261 type_="user",
254 262 id=user.user_id,
255 263 username=user.username,
256 264 firstname=user.name,
@@ -259,36 +267,48 b' class ApiController(JSONRPCController):'
259 267 active=user.active,
260 268 admin=user.admin,
261 269 ldap=user.ldap_dn,
262 permission=perm))
270 permission=perm
271 )
272 )
263 273 for users_group in repo.users_group_to_perm:
264 274 perm = users_group.permission.permission_name
265 275 users_group = users_group.users_group
266 members.append(dict(type_="users_group",
276 members.append(
277 dict(
278 type_="users_group",
267 279 id=users_group.users_group_id,
268 280 name=users_group.users_group_name,
269 281 active=users_group.users_group_active,
270 permission=perm))
282 permission=perm
283 )
284 )
271 285
272 return dict(id=repo.repo_id,
286 return dict(
287 id=repo.repo_id,
273 288 name=repo.repo_name,
274 289 type=repo.repo_type,
275 290 description=repo.description,
276 members=members)
291 members=members
292 )
277 293
278 294 @HasPermissionAnyDecorator('hg.admin')
279 295 def get_repos(self, apiuser):
280 296 """"
281 297 Get all repositories
282 298
283 :param apiuser
299 :param apiuser:
284 300 """
285 301
286 302 result = []
287 303 for repository in Repository.getAll():
288 result.append(dict(id=repository.repo_id,
304 result.append(
305 dict(
306 id=repository.repo_id,
289 307 name=repository.repo_name,
290 308 type=repository.repo_type,
291 description=repository.description))
309 description=repository.description
310 )
311 )
292 312 return result
293 313
294 314 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
@@ -297,12 +317,12 b' class ApiController(JSONRPCController):'
297 317 """
298 318 Create a repository
299 319
300 :param apiuser
301 :param name
302 :param description
303 :param type
304 :param private
305 :param owner_name
320 :param apiuser:
321 :param name:
322 :param description:
323 :param type:
324 :param private:
325 :param owner_name:
306 326 """
307 327
308 328 try:
@@ -321,18 +341,27 b' class ApiController(JSONRPCController):'
321 341 for g in groups:
322 342 group = RepoGroup.get_by_group_name(g)
323 343 if not group:
324 group = ReposGroupModel().create(dict(group_name=g,
344 group = ReposGroupModel().create(
345 dict(
346 group_name=g,
325 347 group_description='',
326 group_parent_id=parent_id))
348 group_parent_id=parent_id
349 )
350 )
327 351 parent_id = group.group_id
328 352
329 RepoModel().create(dict(repo_name=real_name,
353 RepoModel().create(
354 dict(
355 repo_name=real_name,
330 356 repo_name_full=name,
331 357 description=description,
332 358 private=private,
333 359 repo_type=repo_type,
334 360 repo_group=parent_id,
335 clone_uri=None), owner)
361 clone_uri=None
362 ),
363 owner
364 )
336 365 Session.commit()
337 366 except Exception:
338 367 log.error(traceback.format_exc())
@@ -343,10 +372,10 b' class ApiController(JSONRPCController):'
343 372 """
344 373 Add permission for a user to a repository
345 374
346 :param apiuser
347 :param repo_name
348 :param user_name
349 :param perm
375 :param apiuser:
376 :param repo_name:
377 :param user_name:
378 :param perm:
350 379 """
351 380
352 381 try:
@@ -362,8 +391,54 b' class ApiController(JSONRPCController):'
362 391 RepositoryPermissionModel()\
363 392 .update_or_delete_user_permission(repo, user, perm)
364 393 Session.commit()
394
395 return dict(
396 msg='Added perm: %s for %s in repo: %s' % (
397 perm, user_name, repo_name
398 )
399 )
365 400 except Exception:
366 401 log.error(traceback.format_exc())
367 raise JSONRPCError('failed to edit permission %(repo)s for %(user)s'
368 % dict(user=user_name, repo=repo_name))
402 raise JSONRPCError(
403 'failed to edit permission %(repo)s for %(user)s' % dict(
404 user=user_name, repo=repo_name
405 )
406 )
407
408 @HasPermissionAnyDecorator('hg.admin')
409 def add_users_group_to_repo(self, apiuser, repo_name, group_name, perm):
410 """
411 Add permission for a users group to a repository
412
413 :param apiuser:
414 :param repo_name:
415 :param group_name:
416 :param perm:
417 """
418
419 try:
420 repo = Repository.get_by_repo_name(repo_name)
421 if repo is None:
422 raise JSONRPCError('unknown repository %s' % repo)
369 423
424 try:
425 user_group = UsersGroup.get_by_group_name(group_name)
426 except NoResultFound:
427 raise JSONRPCError('unknown users group %s' % user_group)
428
429 RepositoryPermissionModel()\
430 .update_or_delete_users_group_permission(repo, user_group,
431 perm)
432 Session.commit()
433 return dict(
434 msg='Added perm: %s for %s in repo: %s' % (
435 perm, group_name, repo_name
436 )
437 )
438 except Exception:
439 log.error(traceback.format_exc())
440 raise JSONRPCError(
441 'failed to edit permission %(repo)s for %(usergr)s' % dict(
442 usergr=group_name, repo=repo_name
443 )
444 )
@@ -6,8 +6,9 b''
6 6 repository permission model for RhodeCode
7 7
8 8 :created_on: Oct 1, 2011
9 :author: nvinot
9 :author: nvinot, marcink
10 10 :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
11 :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
11 12 :license: GPLv3, see COPYING for more details.
12 13 """
13 14 # This program is free software: you can redistribute it and/or modify
@@ -25,7 +26,7 b''
25 26
26 27 import logging
27 28 from rhodecode.model import BaseModel
28 from rhodecode.model.db import UserRepoToPerm, Permission
29 from rhodecode.model.db import UserRepoToPerm, UsersGroupRepoToPerm, Permission
29 30
30 31 log = logging.getLogger(__name__)
31 32
@@ -39,6 +40,15 b' class RepositoryPermissionModel(BaseMode'
39 40 .scalar()
40 41
41 42 def update_user_permission(self, repository, user, permission):
43
44 #TODO: REMOVE THIS !!
45 ################################
46 import ipdb;ipdb.set_trace()
47 print 'setting ipdb debuggin for rhodecode.model.repo_permission.RepositoryPermissionModel.update_user_permission'
48 ################################
49
50
51
42 52 permission = Permission.get_by_key(permission)
43 53 current = self.get_user_permission(repository, user)
44 54 if current:
@@ -56,8 +66,41 b' class RepositoryPermissionModel(BaseMode'
56 66 if current:
57 67 self.sa.delete(current)
58 68
69 def get_users_group_permission(self, repository, users_group):
70 return UsersGroupRepoToPerm.query() \
71 .filter(UsersGroupRepoToPerm.users_group == users_group) \
72 .filter(UsersGroupRepoToPerm.repository == repository) \
73 .scalar()
74
75 def update_users_group_permission(self, repository, users_group,
76 permission):
77 permission = Permission.get_by_key(permission)
78 current = self.get_users_group_permission(repository, users_group)
79 if current:
80 if not current.permission is permission:
81 current.permission = permission
82 else:
83 p = UsersGroupRepoToPerm()
84 p.users_group = users_group
85 p.repository = repository
86 p.permission = permission
87 self.sa.add(p)
88
89 def delete_users_group_permission(self, repository, users_group):
90 current = self.get_users_group_permission(repository, users_group)
91 if current:
92 self.sa.delete(current)
93
59 94 def update_or_delete_user_permission(self, repository, user, permission):
60 95 if permission:
61 96 self.update_user_permission(repository, user, permission)
62 97 else:
63 98 self.delete_user_permission(repository, user)
99
100 def update_or_delete_users_group_permission(self, repository, user_group,
101 permission):
102 if permission:
103 self.update_users_group_permission(repository, user_group,
104 permission)
105 else:
106 self.delete_users_group_permission(repository, user_group) No newline at end of file
General Comments 0
You need to be logged in to leave comments. Login now