Show More
| @@ -1,656 +1,660 b'' | |||||
| 1 | # -*- coding: utf-8 -*- |
|
1 | # -*- coding: utf-8 -*- | |
| 2 | """ |
|
2 | """ | |
| 3 | rhodecode.controllers.api |
|
3 | rhodecode.controllers.api | |
| 4 | ~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
4 | ~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 5 |
|
5 | |||
| 6 | API controller for RhodeCode |
|
6 | API controller for RhodeCode | |
| 7 |
|
7 | |||
| 8 | :created_on: Aug 20, 2011 |
|
8 | :created_on: Aug 20, 2011 | |
| 9 | :author: marcink |
|
9 | :author: marcink | |
| 10 | :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com> |
|
10 | :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com> | |
| 11 | :license: GPLv3, see COPYING for more details. |
|
11 | :license: GPLv3, see COPYING for more details. | |
| 12 | """ |
|
12 | """ | |
| 13 | # This program is free software; you can redistribute it and/or |
|
13 | # This program is free software; you can redistribute it and/or | |
| 14 | # modify it under the terms of the GNU General Public License |
|
14 | # modify it under the terms of the GNU General Public License | |
| 15 | # as published by the Free Software Foundation; version 2 |
|
15 | # as published by the Free Software Foundation; version 2 | |
| 16 | # of the License or (at your opinion) any later version of the license. |
|
16 | # of the License or (at your opinion) any later version of the license. | |
| 17 | # |
|
17 | # | |
| 18 | # This program is distributed in the hope that it will be useful, |
|
18 | # This program is distributed in the hope that it will be useful, | |
| 19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 21 | # GNU General Public License for more details. |
|
21 | # GNU General Public License for more details. | |
| 22 | # |
|
22 | # | |
| 23 | # You should have received a copy of the GNU General Public License |
|
23 | # You should have received a copy of the GNU General Public License | |
| 24 | # along with this program; if not, write to the Free Software |
|
24 | # along with this program; if not, write to the Free Software | |
| 25 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
25 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, | |
| 26 | # MA 02110-1301, USA. |
|
26 | # MA 02110-1301, USA. | |
| 27 |
|
27 | |||
| 28 | import traceback |
|
28 | import traceback | |
| 29 | import logging |
|
29 | import logging | |
| 30 |
|
30 | |||
| 31 | from sqlalchemy.orm.exc import NoResultFound |
|
|||
| 32 |
|
||||
| 33 | from rhodecode.controllers.api import JSONRPCController, JSONRPCError |
|
31 | from rhodecode.controllers.api import JSONRPCController, JSONRPCError | |
| 34 | from rhodecode.lib.auth import HasPermissionAllDecorator, \ |
|
32 | from rhodecode.lib.auth import HasPermissionAllDecorator, \ | |
| 35 | HasPermissionAnyDecorator |
|
33 | HasPermissionAnyDecorator, PasswordGenerator | |
| 36 |
|
34 | |||
| 37 | from rhodecode.model.meta import Session |
|
35 | from rhodecode.model.meta import Session | |
| 38 | from rhodecode.model.scm import ScmModel |
|
36 | from rhodecode.model.scm import ScmModel | |
| 39 | from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository |
|
37 | from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository | |
| 40 | from rhodecode.model.repo import RepoModel |
|
38 | from rhodecode.model.repo import RepoModel | |
| 41 | from rhodecode.model.user import UserModel |
|
39 | from rhodecode.model.user import UserModel | |
| 42 | from rhodecode.model.repo_permission import RepositoryPermissionModel |
|
|||
| 43 | from rhodecode.model.users_group import UsersGroupModel |
|
40 | from rhodecode.model.users_group import UsersGroupModel | |
| 44 | from rhodecode.model.repos_group import ReposGroupModel |
|
41 | from rhodecode.model.repos_group import ReposGroupModel | |
| 45 |
|
42 | |||
| 46 |
|
43 | |||
| 47 | log = logging.getLogger(__name__) |
|
44 | log = logging.getLogger(__name__) | |
| 48 |
|
45 | |||
| 49 |
|
46 | |||
| 50 | class ApiController(JSONRPCController): |
|
47 | class ApiController(JSONRPCController): | |
| 51 | """ |
|
48 | """ | |
| 52 | API Controller |
|
49 | API Controller | |
| 53 |
|
50 | |||
| 54 |
|
51 | |||
| 55 | Each method needs to have USER as argument this is then based on given |
|
52 | Each method needs to have USER as argument this is then based on given | |
| 56 | API_KEY propagated as instance of user object |
|
53 | API_KEY propagated as instance of user object | |
| 57 |
|
54 | |||
| 58 | Preferably this should be first argument also |
|
55 | Preferably this should be first argument also | |
| 59 |
|
56 | |||
| 60 |
|
57 | |||
| 61 | Each function should also **raise** JSONRPCError for any |
|
58 | Each function should also **raise** JSONRPCError for any | |
| 62 | errors that happens |
|
59 | errors that happens | |
| 63 |
|
60 | |||
| 64 | """ |
|
61 | """ | |
| 65 |
|
62 | |||
| 66 | @HasPermissionAllDecorator('hg.admin') |
|
63 | @HasPermissionAllDecorator('hg.admin') | |
| 67 | def pull(self, apiuser, repo_name): |
|
64 | def pull(self, apiuser, repo_name): | |
| 68 | """ |
|
65 | """ | |
| 69 | Dispatch pull action on given repo |
|
66 | Dispatch pull action on given repo | |
| 70 |
|
67 | |||
| 71 |
|
68 | |||
| 72 | :param user: |
|
69 | :param user: | |
| 73 | :param repo_name: |
|
70 | :param repo_name: | |
| 74 | """ |
|
71 | """ | |
| 75 |
|
72 | |||
| 76 | if Repository.is_valid(repo_name) is False: |
|
73 | if Repository.is_valid(repo_name) is False: | |
| 77 | raise JSONRPCError('Unknown repo "%s"' % repo_name) |
|
74 | raise JSONRPCError('Unknown repo "%s"' % repo_name) | |
| 78 |
|
75 | |||
| 79 | try: |
|
76 | try: | |
| 80 | ScmModel().pull_changes(repo_name, self.rhodecode_user.username) |
|
77 | ScmModel().pull_changes(repo_name, self.rhodecode_user.username) | |
| 81 | return 'Pulled from %s' % repo_name |
|
78 | return 'Pulled from %s' % repo_name | |
| 82 | except Exception: |
|
79 | except Exception: | |
| 83 | raise JSONRPCError('Unable to pull changes from "%s"' % repo_name) |
|
80 | raise JSONRPCError('Unable to pull changes from "%s"' % repo_name) | |
| 84 |
|
81 | |||
| 85 | @HasPermissionAllDecorator('hg.admin') |
|
82 | @HasPermissionAllDecorator('hg.admin') | |
| 86 | def get_user(self, apiuser, username): |
|
83 | def get_user(self, apiuser, username): | |
| 87 | """" |
|
84 | """" | |
| 88 | Get a user by username |
|
85 | Get a user by username | |
| 89 |
|
86 | |||
| 90 | :param apiuser: |
|
87 | :param apiuser: | |
| 91 | :param username: |
|
88 | :param username: | |
| 92 | """ |
|
89 | """ | |
| 93 |
|
90 | |||
| 94 | user = User.get_by_username(username) |
|
91 | user = User.get_by_username(username) | |
| 95 | if user is None: |
|
92 | if user is None: | |
| 96 | return user |
|
93 | return user | |
| 97 |
|
94 | |||
| 98 | return dict( |
|
95 | return dict( | |
| 99 | id=user.user_id, |
|
96 | id=user.user_id, | |
| 100 | username=user.username, |
|
97 | username=user.username, | |
| 101 | firstname=user.name, |
|
98 | firstname=user.name, | |
| 102 | lastname=user.lastname, |
|
99 | lastname=user.lastname, | |
| 103 | email=user.email, |
|
100 | email=user.email, | |
| 104 | active=user.active, |
|
101 | active=user.active, | |
| 105 | admin=user.admin, |
|
102 | admin=user.admin, | |
| 106 | ldap=user.ldap_dn |
|
103 | ldap=user.ldap_dn | |
| 107 | ) |
|
104 | ) | |
| 108 |
|
105 | |||
| 109 | @HasPermissionAllDecorator('hg.admin') |
|
106 | @HasPermissionAllDecorator('hg.admin') | |
| 110 | def get_users(self, apiuser): |
|
107 | def get_users(self, apiuser): | |
| 111 | """" |
|
108 | """" | |
| 112 | Get all users |
|
109 | Get all users | |
| 113 |
|
110 | |||
| 114 | :param apiuser: |
|
111 | :param apiuser: | |
| 115 | """ |
|
112 | """ | |
| 116 |
|
113 | |||
| 117 | result = [] |
|
114 | result = [] | |
| 118 | for user in User.getAll(): |
|
115 | for user in User.getAll(): | |
| 119 | result.append( |
|
116 | result.append( | |
| 120 | dict( |
|
117 | dict( | |
| 121 | id=user.user_id, |
|
118 | id=user.user_id, | |
| 122 | username=user.username, |
|
119 | username=user.username, | |
| 123 | firstname=user.name, |
|
120 | firstname=user.name, | |
| 124 | lastname=user.lastname, |
|
121 | lastname=user.lastname, | |
| 125 | email=user.email, |
|
122 | email=user.email, | |
| 126 | active=user.active, |
|
123 | active=user.active, | |
| 127 | admin=user.admin, |
|
124 | admin=user.admin, | |
| 128 | ldap=user.ldap_dn |
|
125 | ldap=user.ldap_dn | |
| 129 | ) |
|
126 | ) | |
| 130 | ) |
|
127 | ) | |
| 131 | return result |
|
128 | return result | |
| 132 |
|
129 | |||
| 133 | @HasPermissionAllDecorator('hg.admin') |
|
130 | @HasPermissionAllDecorator('hg.admin') | |
| 134 |
def create_user(self, apiuser, username, |
|
131 | def create_user(self, apiuser, username, email, password, firstname=None, | |
| 135 | lastname=None, active=True, admin=False, ldap_dn=None): |
|
132 | lastname=None, active=True, admin=False, ldap_dn=None): | |
| 136 | """ |
|
133 | """ | |
| 137 | Create new user |
|
134 | Create new user | |
| 138 |
|
135 | |||
| 139 | :param apiuser: |
|
136 | :param apiuser: | |
| 140 | :param username: |
|
137 | :param username: | |
| 141 | :param password: |
|
138 | :param password: | |
| 142 | :param email: |
|
139 | :param email: | |
| 143 | :param name: |
|
140 | :param name: | |
| 144 | :param lastname: |
|
141 | :param lastname: | |
| 145 | :param active: |
|
142 | :param active: | |
| 146 | :param admin: |
|
143 | :param admin: | |
| 147 | :param ldap_dn: |
|
144 | :param ldap_dn: | |
| 148 | """ |
|
145 | """ | |
| 149 | if User.get_by_username(username): |
|
146 | if User.get_by_username(username): | |
| 150 | raise JSONRPCError("user %s already exist" % username) |
|
147 | raise JSONRPCError("user %s already exist" % username) | |
| 151 |
|
148 | |||
|
|
149 | if User.get_by_email(email, case_insensitive=True): | |||
|
|
150 | raise JSONRPCError("email %s already exist" % email) | |||
|
|
151 | ||||
|
|
152 | if ldap_dn: | |||
|
|
153 | # generate temporary password if ldap_dn | |||
|
|
154 | password = PasswordGenerator().gen_password(length=8) | |||
|
|
155 | ||||
| 152 | try: |
|
156 | try: | |
| 153 | usr = UserModel().create_or_update( |
|
157 | usr = UserModel().create_or_update( | |
| 154 | username, password, email, firstname, |
|
158 | username, password, email, firstname, | |
| 155 | lastname, active, admin, ldap_dn |
|
159 | lastname, active, admin, ldap_dn | |
| 156 | ) |
|
160 | ) | |
| 157 | Session.commit() |
|
161 | Session.commit() | |
| 158 | return dict( |
|
162 | return dict( | |
| 159 | id=usr.user_id, |
|
163 | id=usr.user_id, | |
| 160 | msg='created new user %s' % username |
|
164 | msg='created new user %s' % username | |
| 161 | ) |
|
165 | ) | |
| 162 | except Exception: |
|
166 | except Exception: | |
| 163 | log.error(traceback.format_exc()) |
|
167 | log.error(traceback.format_exc()) | |
| 164 | raise JSONRPCError('failed to create user %s' % username) |
|
168 | raise JSONRPCError('failed to create user %s' % username) | |
| 165 |
|
169 | |||
| 166 | @HasPermissionAllDecorator('hg.admin') |
|
170 | @HasPermissionAllDecorator('hg.admin') | |
| 167 | def update_user(self, apiuser, username, password, email, firstname=None, |
|
171 | def update_user(self, apiuser, username, password, email, firstname=None, | |
| 168 | lastname=None, active=True, admin=False, ldap_dn=None): |
|
172 | lastname=None, active=True, admin=False, ldap_dn=None): | |
| 169 | """ |
|
173 | """ | |
| 170 | Updates given user |
|
174 | Updates given user | |
| 171 |
|
175 | |||
| 172 | :param apiuser: |
|
176 | :param apiuser: | |
| 173 | :param username: |
|
177 | :param username: | |
| 174 | :param password: |
|
178 | :param password: | |
| 175 | :param email: |
|
179 | :param email: | |
| 176 | :param name: |
|
180 | :param name: | |
| 177 | :param lastname: |
|
181 | :param lastname: | |
| 178 | :param active: |
|
182 | :param active: | |
| 179 | :param admin: |
|
183 | :param admin: | |
| 180 | :param ldap_dn: |
|
184 | :param ldap_dn: | |
| 181 | """ |
|
185 | """ | |
| 182 | if not User.get_by_username(username): |
|
186 | if not User.get_by_username(username): | |
| 183 | raise JSONRPCError("user %s does not exist" % username) |
|
187 | raise JSONRPCError("user %s does not exist" % username) | |
| 184 |
|
188 | |||
| 185 | try: |
|
189 | try: | |
| 186 | usr = UserModel().create_or_update( |
|
190 | usr = UserModel().create_or_update( | |
| 187 | username, password, email, firstname, |
|
191 | username, password, email, firstname, | |
| 188 | lastname, active, admin, ldap_dn |
|
192 | lastname, active, admin, ldap_dn | |
| 189 | ) |
|
193 | ) | |
| 190 | Session.commit() |
|
194 | Session.commit() | |
| 191 | return dict( |
|
195 | return dict( | |
| 192 | id=usr.user_id, |
|
196 | id=usr.user_id, | |
| 193 | msg='updated user %s' % username |
|
197 | msg='updated user %s' % username | |
| 194 | ) |
|
198 | ) | |
| 195 | except Exception: |
|
199 | except Exception: | |
| 196 | log.error(traceback.format_exc()) |
|
200 | log.error(traceback.format_exc()) | |
| 197 | raise JSONRPCError('failed to update user %s' % username) |
|
201 | raise JSONRPCError('failed to update user %s' % username) | |
| 198 |
|
202 | |||
| 199 | @HasPermissionAllDecorator('hg.admin') |
|
203 | @HasPermissionAllDecorator('hg.admin') | |
| 200 | def get_users_group(self, apiuser, group_name): |
|
204 | def get_users_group(self, apiuser, group_name): | |
| 201 | """" |
|
205 | """" | |
| 202 | Get users group by name |
|
206 | Get users group by name | |
| 203 |
|
207 | |||
| 204 | :param apiuser: |
|
208 | :param apiuser: | |
| 205 | :param group_name: |
|
209 | :param group_name: | |
| 206 | """ |
|
210 | """ | |
| 207 |
|
211 | |||
| 208 | users_group = UsersGroup.get_by_group_name(group_name) |
|
212 | users_group = UsersGroup.get_by_group_name(group_name) | |
| 209 | if not users_group: |
|
213 | if not users_group: | |
| 210 | return None |
|
214 | return None | |
| 211 |
|
215 | |||
| 212 | members = [] |
|
216 | members = [] | |
| 213 | for user in users_group.members: |
|
217 | for user in users_group.members: | |
| 214 | user = user.user |
|
218 | user = user.user | |
| 215 | members.append(dict(id=user.user_id, |
|
219 | members.append(dict(id=user.user_id, | |
| 216 | username=user.username, |
|
220 | username=user.username, | |
| 217 | firstname=user.name, |
|
221 | firstname=user.name, | |
| 218 | lastname=user.lastname, |
|
222 | lastname=user.lastname, | |
| 219 | email=user.email, |
|
223 | email=user.email, | |
| 220 | active=user.active, |
|
224 | active=user.active, | |
| 221 | admin=user.admin, |
|
225 | admin=user.admin, | |
| 222 | ldap=user.ldap_dn)) |
|
226 | ldap=user.ldap_dn)) | |
| 223 |
|
227 | |||
| 224 | return dict(id=users_group.users_group_id, |
|
228 | return dict(id=users_group.users_group_id, | |
| 225 | group_name=users_group.users_group_name, |
|
229 | group_name=users_group.users_group_name, | |
| 226 | active=users_group.users_group_active, |
|
230 | active=users_group.users_group_active, | |
| 227 | members=members) |
|
231 | members=members) | |
| 228 |
|
232 | |||
| 229 | @HasPermissionAllDecorator('hg.admin') |
|
233 | @HasPermissionAllDecorator('hg.admin') | |
| 230 | def get_users_groups(self, apiuser): |
|
234 | def get_users_groups(self, apiuser): | |
| 231 | """" |
|
235 | """" | |
| 232 | Get all users groups |
|
236 | Get all users groups | |
| 233 |
|
237 | |||
| 234 | :param apiuser: |
|
238 | :param apiuser: | |
| 235 | """ |
|
239 | """ | |
| 236 |
|
240 | |||
| 237 | result = [] |
|
241 | result = [] | |
| 238 | for users_group in UsersGroup.getAll(): |
|
242 | for users_group in UsersGroup.getAll(): | |
| 239 | members = [] |
|
243 | members = [] | |
| 240 | for user in users_group.members: |
|
244 | for user in users_group.members: | |
| 241 | user = user.user |
|
245 | user = user.user | |
| 242 | members.append(dict(id=user.user_id, |
|
246 | members.append(dict(id=user.user_id, | |
| 243 | username=user.username, |
|
247 | username=user.username, | |
| 244 | firstname=user.name, |
|
248 | firstname=user.name, | |
| 245 | lastname=user.lastname, |
|
249 | lastname=user.lastname, | |
| 246 | email=user.email, |
|
250 | email=user.email, | |
| 247 | active=user.active, |
|
251 | active=user.active, | |
| 248 | admin=user.admin, |
|
252 | admin=user.admin, | |
| 249 | ldap=user.ldap_dn)) |
|
253 | ldap=user.ldap_dn)) | |
| 250 |
|
254 | |||
| 251 | result.append(dict(id=users_group.users_group_id, |
|
255 | result.append(dict(id=users_group.users_group_id, | |
| 252 | group_name=users_group.users_group_name, |
|
256 | group_name=users_group.users_group_name, | |
| 253 | active=users_group.users_group_active, |
|
257 | active=users_group.users_group_active, | |
| 254 | members=members)) |
|
258 | members=members)) | |
| 255 | return result |
|
259 | return result | |
| 256 |
|
260 | |||
| 257 | @HasPermissionAllDecorator('hg.admin') |
|
261 | @HasPermissionAllDecorator('hg.admin') | |
| 258 | def create_users_group(self, apiuser, group_name, active=True): |
|
262 | def create_users_group(self, apiuser, group_name, active=True): | |
| 259 | """ |
|
263 | """ | |
| 260 | Creates an new usergroup |
|
264 | Creates an new usergroup | |
| 261 |
|
265 | |||
| 262 | :param group_name: |
|
266 | :param group_name: | |
| 263 | :param active: |
|
267 | :param active: | |
| 264 | """ |
|
268 | """ | |
| 265 |
|
269 | |||
| 266 | if self.get_users_group(apiuser, group_name): |
|
270 | if self.get_users_group(apiuser, group_name): | |
| 267 | raise JSONRPCError("users group %s already exist" % group_name) |
|
271 | raise JSONRPCError("users group %s already exist" % group_name) | |
| 268 |
|
272 | |||
| 269 | try: |
|
273 | try: | |
| 270 | ug = UsersGroupModel().create(name=group_name, active=active) |
|
274 | ug = UsersGroupModel().create(name=group_name, active=active) | |
| 271 | Session.commit() |
|
275 | Session.commit() | |
| 272 | return dict(id=ug.users_group_id, |
|
276 | return dict(id=ug.users_group_id, | |
| 273 | msg='created new users group %s' % group_name) |
|
277 | msg='created new users group %s' % group_name) | |
| 274 | except Exception: |
|
278 | except Exception: | |
| 275 | log.error(traceback.format_exc()) |
|
279 | log.error(traceback.format_exc()) | |
| 276 | raise JSONRPCError('failed to create group %s' % group_name) |
|
280 | raise JSONRPCError('failed to create group %s' % group_name) | |
| 277 |
|
281 | |||
| 278 | @HasPermissionAllDecorator('hg.admin') |
|
282 | @HasPermissionAllDecorator('hg.admin') | |
| 279 | def add_user_to_users_group(self, apiuser, group_name, username): |
|
283 | def add_user_to_users_group(self, apiuser, group_name, username): | |
| 280 | """" |
|
284 | """" | |
| 281 | Add a user to a group |
|
285 | Add a user to a group | |
| 282 |
|
286 | |||
| 283 | :param apiuser: |
|
287 | :param apiuser: | |
| 284 | :param group_name: |
|
288 | :param group_name: | |
| 285 | :param username: |
|
289 | :param username: | |
| 286 | """ |
|
290 | """ | |
| 287 |
|
291 | |||
| 288 | try: |
|
292 | try: | |
| 289 | users_group = UsersGroup.get_by_group_name(group_name) |
|
293 | users_group = UsersGroup.get_by_group_name(group_name) | |
| 290 | if not users_group: |
|
294 | if not users_group: | |
| 291 | raise JSONRPCError('unknown users group %s' % group_name) |
|
295 | raise JSONRPCError('unknown users group %s' % group_name) | |
| 292 |
|
296 | |||
| 293 | user = User.get_by_username(username) |
|
297 | user = User.get_by_username(username) | |
| 294 | if user is None: |
|
298 | if user is None: | |
| 295 | raise JSONRPCError('unknown user %s' % username) |
|
299 | raise JSONRPCError('unknown user %s' % username) | |
| 296 |
|
300 | |||
| 297 | ugm = UsersGroupModel().add_user_to_group(users_group, user) |
|
301 | ugm = UsersGroupModel().add_user_to_group(users_group, user) | |
| 298 | success = True if ugm != True else False |
|
302 | success = True if ugm != True else False | |
| 299 | msg = 'added member %s to users group %s' % (username, group_name) |
|
303 | msg = 'added member %s to users group %s' % (username, group_name) | |
| 300 | msg = msg if success else 'User is already in that group' |
|
304 | msg = msg if success else 'User is already in that group' | |
| 301 | Session.commit() |
|
305 | Session.commit() | |
| 302 |
|
306 | |||
| 303 | return dict( |
|
307 | return dict( | |
| 304 | id=ugm.users_group_member_id if ugm != True else None, |
|
308 | id=ugm.users_group_member_id if ugm != True else None, | |
| 305 | success=success, |
|
309 | success=success, | |
| 306 | msg=msg |
|
310 | msg=msg | |
| 307 | ) |
|
311 | ) | |
| 308 | except Exception: |
|
312 | except Exception: | |
| 309 | log.error(traceback.format_exc()) |
|
313 | log.error(traceback.format_exc()) | |
| 310 | raise JSONRPCError('failed to add users group member') |
|
314 | raise JSONRPCError('failed to add users group member') | |
| 311 |
|
315 | |||
| 312 | @HasPermissionAllDecorator('hg.admin') |
|
316 | @HasPermissionAllDecorator('hg.admin') | |
| 313 | def remove_user_from_users_group(self, apiuser, group_name, username): |
|
317 | def remove_user_from_users_group(self, apiuser, group_name, username): | |
| 314 | """ |
|
318 | """ | |
| 315 | Remove user from a group |
|
319 | Remove user from a group | |
| 316 |
|
320 | |||
| 317 | :param apiuser |
|
321 | :param apiuser | |
| 318 | :param group_name |
|
322 | :param group_name | |
| 319 | :param username |
|
323 | :param username | |
| 320 | """ |
|
324 | """ | |
| 321 |
|
325 | |||
| 322 | try: |
|
326 | try: | |
| 323 | users_group = UsersGroup.get_by_group_name(group_name) |
|
327 | users_group = UsersGroup.get_by_group_name(group_name) | |
| 324 | if not users_group: |
|
328 | if not users_group: | |
| 325 | raise JSONRPCError('unknown users group %s' % group_name) |
|
329 | raise JSONRPCError('unknown users group %s' % group_name) | |
| 326 |
|
330 | |||
| 327 | user = User.get_by_username(username) |
|
331 | user = User.get_by_username(username) | |
| 328 | if user is None: |
|
332 | if user is None: | |
| 329 | raise JSONRPCError('unknown user %s' % username) |
|
333 | raise JSONRPCError('unknown user %s' % username) | |
| 330 |
|
334 | |||
| 331 | success = UsersGroupModel().remove_user_from_group(users_group, user) |
|
335 | success = UsersGroupModel().remove_user_from_group(users_group, user) | |
| 332 | msg = 'removed member %s from users group %s' % (username, group_name) |
|
336 | msg = 'removed member %s from users group %s' % (username, group_name) | |
| 333 | msg = msg if success else "User wasn't in group" |
|
337 | msg = msg if success else "User wasn't in group" | |
| 334 | Session.commit() |
|
338 | Session.commit() | |
| 335 | return dict(success=success, msg=msg) |
|
339 | return dict(success=success, msg=msg) | |
| 336 | except Exception: |
|
340 | except Exception: | |
| 337 | log.error(traceback.format_exc()) |
|
341 | log.error(traceback.format_exc()) | |
| 338 | raise JSONRPCError('failed to remove user from group') |
|
342 | raise JSONRPCError('failed to remove user from group') | |
| 339 |
|
343 | |||
| 340 | @HasPermissionAnyDecorator('hg.admin') |
|
344 | @HasPermissionAnyDecorator('hg.admin') | |
| 341 | def get_repo(self, apiuser, repo_name): |
|
345 | def get_repo(self, apiuser, repo_name): | |
| 342 | """" |
|
346 | """" | |
| 343 | Get repository by name |
|
347 | Get repository by name | |
| 344 |
|
348 | |||
| 345 | :param apiuser: |
|
349 | :param apiuser: | |
| 346 | :param repo_name: |
|
350 | :param repo_name: | |
| 347 | """ |
|
351 | """ | |
| 348 |
|
352 | |||
| 349 | repo = Repository.get_by_repo_name(repo_name) |
|
353 | repo = Repository.get_by_repo_name(repo_name) | |
| 350 | if repo is None: |
|
354 | if repo is None: | |
| 351 | raise JSONRPCError('unknown repository %s' % repo) |
|
355 | raise JSONRPCError('unknown repository %s' % repo) | |
| 352 |
|
356 | |||
| 353 | members = [] |
|
357 | members = [] | |
| 354 | for user in repo.repo_to_perm: |
|
358 | for user in repo.repo_to_perm: | |
| 355 | perm = user.permission.permission_name |
|
359 | perm = user.permission.permission_name | |
| 356 | user = user.user |
|
360 | user = user.user | |
| 357 | members.append( |
|
361 | members.append( | |
| 358 | dict( |
|
362 | dict( | |
| 359 | type_="user", |
|
363 | type_="user", | |
| 360 | id=user.user_id, |
|
364 | id=user.user_id, | |
| 361 | username=user.username, |
|
365 | username=user.username, | |
| 362 | firstname=user.name, |
|
366 | firstname=user.name, | |
| 363 | lastname=user.lastname, |
|
367 | lastname=user.lastname, | |
| 364 | email=user.email, |
|
368 | email=user.email, | |
| 365 | active=user.active, |
|
369 | active=user.active, | |
| 366 | admin=user.admin, |
|
370 | admin=user.admin, | |
| 367 | ldap=user.ldap_dn, |
|
371 | ldap=user.ldap_dn, | |
| 368 | permission=perm |
|
372 | permission=perm | |
| 369 | ) |
|
373 | ) | |
| 370 | ) |
|
374 | ) | |
| 371 | for users_group in repo.users_group_to_perm: |
|
375 | for users_group in repo.users_group_to_perm: | |
| 372 | perm = users_group.permission.permission_name |
|
376 | perm = users_group.permission.permission_name | |
| 373 | users_group = users_group.users_group |
|
377 | users_group = users_group.users_group | |
| 374 | members.append( |
|
378 | members.append( | |
| 375 | dict( |
|
379 | dict( | |
| 376 | type_="users_group", |
|
380 | type_="users_group", | |
| 377 | id=users_group.users_group_id, |
|
381 | id=users_group.users_group_id, | |
| 378 | name=users_group.users_group_name, |
|
382 | name=users_group.users_group_name, | |
| 379 | active=users_group.users_group_active, |
|
383 | active=users_group.users_group_active, | |
| 380 | permission=perm |
|
384 | permission=perm | |
| 381 | ) |
|
385 | ) | |
| 382 | ) |
|
386 | ) | |
| 383 |
|
387 | |||
| 384 | return dict( |
|
388 | return dict( | |
| 385 | id=repo.repo_id, |
|
389 | id=repo.repo_id, | |
| 386 | repo_name=repo.repo_name, |
|
390 | repo_name=repo.repo_name, | |
| 387 | type=repo.repo_type, |
|
391 | type=repo.repo_type, | |
| 388 | description=repo.description, |
|
392 | description=repo.description, | |
| 389 | members=members |
|
393 | members=members | |
| 390 | ) |
|
394 | ) | |
| 391 |
|
395 | |||
| 392 | @HasPermissionAnyDecorator('hg.admin') |
|
396 | @HasPermissionAnyDecorator('hg.admin') | |
| 393 | def get_repos(self, apiuser): |
|
397 | def get_repos(self, apiuser): | |
| 394 | """" |
|
398 | """" | |
| 395 | Get all repositories |
|
399 | Get all repositories | |
| 396 |
|
400 | |||
| 397 | :param apiuser: |
|
401 | :param apiuser: | |
| 398 | """ |
|
402 | """ | |
| 399 |
|
403 | |||
| 400 | result = [] |
|
404 | result = [] | |
| 401 | for repository in Repository.getAll(): |
|
405 | for repository in Repository.getAll(): | |
| 402 | result.append( |
|
406 | result.append( | |
| 403 | dict( |
|
407 | dict( | |
| 404 | id=repository.repo_id, |
|
408 | id=repository.repo_id, | |
| 405 | repo_name=repository.repo_name, |
|
409 | repo_name=repository.repo_name, | |
| 406 | type=repository.repo_type, |
|
410 | type=repository.repo_type, | |
| 407 | description=repository.description |
|
411 | description=repository.description | |
| 408 | ) |
|
412 | ) | |
| 409 | ) |
|
413 | ) | |
| 410 | return result |
|
414 | return result | |
| 411 |
|
415 | |||
| 412 | @HasPermissionAnyDecorator('hg.admin') |
|
416 | @HasPermissionAnyDecorator('hg.admin') | |
| 413 | def get_repo_nodes(self, apiuser, repo_name, revision, root_path, |
|
417 | def get_repo_nodes(self, apiuser, repo_name, revision, root_path, | |
| 414 | ret_type='all'): |
|
418 | ret_type='all'): | |
| 415 | """ |
|
419 | """ | |
| 416 | returns a list of nodes and it's children |
|
420 | returns a list of nodes and it's children | |
| 417 | for a given path at given revision. It's possible to specify ret_type |
|
421 | for a given path at given revision. It's possible to specify ret_type | |
| 418 | to show only files or dirs |
|
422 | to show only files or dirs | |
| 419 |
|
423 | |||
| 420 | :param apiuser: |
|
424 | :param apiuser: | |
| 421 | :param repo_name: name of repository |
|
425 | :param repo_name: name of repository | |
| 422 | :param revision: revision for which listing should be done |
|
426 | :param revision: revision for which listing should be done | |
| 423 | :param root_path: path from which start displaying |
|
427 | :param root_path: path from which start displaying | |
| 424 | :param ret_type: return type 'all|files|dirs' nodes |
|
428 | :param ret_type: return type 'all|files|dirs' nodes | |
| 425 | """ |
|
429 | """ | |
| 426 | try: |
|
430 | try: | |
| 427 | _d, _f = ScmModel().get_nodes(repo_name, revision, root_path, |
|
431 | _d, _f = ScmModel().get_nodes(repo_name, revision, root_path, | |
| 428 | flat=False) |
|
432 | flat=False) | |
| 429 | _map = { |
|
433 | _map = { | |
| 430 | 'all': _d + _f, |
|
434 | 'all': _d + _f, | |
| 431 | 'files': _f, |
|
435 | 'files': _f, | |
| 432 | 'dirs': _d, |
|
436 | 'dirs': _d, | |
| 433 | } |
|
437 | } | |
| 434 | return _map[ret_type] |
|
438 | return _map[ret_type] | |
| 435 | except KeyError: |
|
439 | except KeyError: | |
| 436 | raise JSONRPCError('ret_type must be one of %s' % _map.keys()) |
|
440 | raise JSONRPCError('ret_type must be one of %s' % _map.keys()) | |
| 437 | except Exception, e: |
|
441 | except Exception, e: | |
| 438 | raise JSONRPCError(e) |
|
442 | raise JSONRPCError(e) | |
| 439 |
|
443 | |||
| 440 | @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository') |
|
444 | @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository') | |
| 441 | def create_repo(self, apiuser, repo_name, owner_name, description='', |
|
445 | def create_repo(self, apiuser, repo_name, owner_name, description='', | |
| 442 | repo_type='hg', private=False, clone_uri=None): |
|
446 | repo_type='hg', private=False, clone_uri=None): | |
| 443 | """ |
|
447 | """ | |
| 444 | Create repository, if clone_url is given it makes a remote clone |
|
448 | Create repository, if clone_url is given it makes a remote clone | |
| 445 |
|
449 | |||
| 446 | :param apiuser: |
|
450 | :param apiuser: | |
| 447 | :param repo_name: |
|
451 | :param repo_name: | |
| 448 | :param owner_name: |
|
452 | :param owner_name: | |
| 449 | :param description: |
|
453 | :param description: | |
| 450 | :param repo_type: |
|
454 | :param repo_type: | |
| 451 | :param private: |
|
455 | :param private: | |
| 452 | :param clone_uri: |
|
456 | :param clone_uri: | |
| 453 | """ |
|
457 | """ | |
| 454 |
|
458 | |||
| 455 | try: |
|
459 | try: | |
| 456 | owner = User.get_by_username(owner_name) |
|
460 | owner = User.get_by_username(owner_name) | |
| 457 | if owner is None: |
|
461 | if owner is None: | |
| 458 | raise JSONRPCError('unknown user %s' % owner_name) |
|
462 | raise JSONRPCError('unknown user %s' % owner_name) | |
| 459 |
|
463 | |||
| 460 | if Repository.get_by_repo_name(repo_name): |
|
464 | if Repository.get_by_repo_name(repo_name): | |
| 461 | raise JSONRPCError("repo %s already exist" % repo_name) |
|
465 | raise JSONRPCError("repo %s already exist" % repo_name) | |
| 462 |
|
466 | |||
| 463 | groups = repo_name.split('/') |
|
467 | groups = repo_name.split('/') | |
| 464 | real_name = groups[-1] |
|
468 | real_name = groups[-1] | |
| 465 | groups = groups[:-1] |
|
469 | groups = groups[:-1] | |
| 466 | parent_id = None |
|
470 | parent_id = None | |
| 467 | for g in groups: |
|
471 | for g in groups: | |
| 468 | group = RepoGroup.get_by_group_name(g) |
|
472 | group = RepoGroup.get_by_group_name(g) | |
| 469 | if not group: |
|
473 | if not group: | |
| 470 | group = ReposGroupModel().create(g, '', parent_id) |
|
474 | group = ReposGroupModel().create(g, '', parent_id) | |
| 471 | parent_id = group.group_id |
|
475 | parent_id = group.group_id | |
| 472 |
|
476 | |||
| 473 | repo = RepoModel().create( |
|
477 | repo = RepoModel().create( | |
| 474 | dict( |
|
478 | dict( | |
| 475 | repo_name=real_name, |
|
479 | repo_name=real_name, | |
| 476 | repo_name_full=repo_name, |
|
480 | repo_name_full=repo_name, | |
| 477 | description=description, |
|
481 | description=description, | |
| 478 | private=private, |
|
482 | private=private, | |
| 479 | repo_type=repo_type, |
|
483 | repo_type=repo_type, | |
| 480 | repo_group=parent_id, |
|
484 | repo_group=parent_id, | |
| 481 | clone_uri=clone_uri |
|
485 | clone_uri=clone_uri | |
| 482 | ), |
|
486 | ), | |
| 483 | owner |
|
487 | owner | |
| 484 | ) |
|
488 | ) | |
| 485 | Session.commit() |
|
489 | Session.commit() | |
| 486 |
|
490 | |||
| 487 | return dict( |
|
491 | return dict( | |
| 488 | id=repo.repo_id, |
|
492 | id=repo.repo_id, | |
| 489 | msg="Created new repository %s" % repo.repo_name |
|
493 | msg="Created new repository %s" % repo.repo_name | |
| 490 | ) |
|
494 | ) | |
| 491 |
|
495 | |||
| 492 | except Exception: |
|
496 | except Exception: | |
| 493 | log.error(traceback.format_exc()) |
|
497 | log.error(traceback.format_exc()) | |
| 494 | raise JSONRPCError('failed to create repository %s' % repo_name) |
|
498 | raise JSONRPCError('failed to create repository %s' % repo_name) | |
| 495 |
|
499 | |||
| 496 | @HasPermissionAnyDecorator('hg.admin') |
|
500 | @HasPermissionAnyDecorator('hg.admin') | |
| 497 | def delete_repo(self, apiuser, repo_name): |
|
501 | def delete_repo(self, apiuser, repo_name): | |
| 498 | """ |
|
502 | """ | |
| 499 | Deletes a given repository |
|
503 | Deletes a given repository | |
| 500 |
|
504 | |||
| 501 | :param repo_name: |
|
505 | :param repo_name: | |
| 502 | """ |
|
506 | """ | |
| 503 | if not Repository.get_by_repo_name(repo_name): |
|
507 | if not Repository.get_by_repo_name(repo_name): | |
| 504 | raise JSONRPCError("repo %s does not exist" % repo_name) |
|
508 | raise JSONRPCError("repo %s does not exist" % repo_name) | |
| 505 | try: |
|
509 | try: | |
| 506 | RepoModel().delete(repo_name) |
|
510 | RepoModel().delete(repo_name) | |
| 507 | Session.commit() |
|
511 | Session.commit() | |
| 508 | return dict( |
|
512 | return dict( | |
| 509 | msg='Deleted repository %s' % repo_name |
|
513 | msg='Deleted repository %s' % repo_name | |
| 510 | ) |
|
514 | ) | |
| 511 | except Exception: |
|
515 | except Exception: | |
| 512 | log.error(traceback.format_exc()) |
|
516 | log.error(traceback.format_exc()) | |
| 513 | raise JSONRPCError('failed to delete repository %s' % repo_name) |
|
517 | raise JSONRPCError('failed to delete repository %s' % repo_name) | |
| 514 |
|
518 | |||
| 515 | @HasPermissionAnyDecorator('hg.admin') |
|
519 | @HasPermissionAnyDecorator('hg.admin') | |
| 516 | def grant_user_permission(self, apiuser, repo_name, username, perm): |
|
520 | def grant_user_permission(self, apiuser, repo_name, username, perm): | |
| 517 | """ |
|
521 | """ | |
| 518 | Grant permission for user on given repository, or update existing one |
|
522 | Grant permission for user on given repository, or update existing one | |
| 519 | if found |
|
523 | if found | |
| 520 |
|
524 | |||
| 521 | :param repo_name: |
|
525 | :param repo_name: | |
| 522 | :param username: |
|
526 | :param username: | |
| 523 | :param perm: |
|
527 | :param perm: | |
| 524 | """ |
|
528 | """ | |
| 525 |
|
529 | |||
| 526 | try: |
|
530 | try: | |
| 527 | repo = Repository.get_by_repo_name(repo_name) |
|
531 | repo = Repository.get_by_repo_name(repo_name) | |
| 528 | if repo is None: |
|
532 | if repo is None: | |
| 529 | raise JSONRPCError('unknown repository %s' % repo) |
|
533 | raise JSONRPCError('unknown repository %s' % repo) | |
| 530 |
|
534 | |||
| 531 | user = User.get_by_username(username) |
|
535 | user = User.get_by_username(username) | |
| 532 | if user is None: |
|
536 | if user is None: | |
| 533 | raise JSONRPCError('unknown user %s' % username) |
|
537 | raise JSONRPCError('unknown user %s' % username) | |
| 534 |
|
538 | |||
| 535 | RepoModel().grant_user_permission(repo=repo, user=user, perm=perm) |
|
539 | RepoModel().grant_user_permission(repo=repo, user=user, perm=perm) | |
| 536 |
|
540 | |||
| 537 | Session.commit() |
|
541 | Session.commit() | |
| 538 | return dict( |
|
542 | return dict( | |
| 539 | msg='Granted perm: %s for user: %s in repo: %s' % ( |
|
543 | msg='Granted perm: %s for user: %s in repo: %s' % ( | |
| 540 | perm, username, repo_name |
|
544 | perm, username, repo_name | |
| 541 | ) |
|
545 | ) | |
| 542 | ) |
|
546 | ) | |
| 543 | except Exception: |
|
547 | except Exception: | |
| 544 | log.error(traceback.format_exc()) |
|
548 | log.error(traceback.format_exc()) | |
| 545 | raise JSONRPCError( |
|
549 | raise JSONRPCError( | |
| 546 | 'failed to edit permission %(repo)s for %(user)s' % dict( |
|
550 | 'failed to edit permission %(repo)s for %(user)s' % dict( | |
| 547 | user=username, repo=repo_name |
|
551 | user=username, repo=repo_name | |
| 548 | ) |
|
552 | ) | |
| 549 | ) |
|
553 | ) | |
| 550 |
|
554 | |||
| 551 | @HasPermissionAnyDecorator('hg.admin') |
|
555 | @HasPermissionAnyDecorator('hg.admin') | |
| 552 | def revoke_user_permission(self, apiuser, repo_name, username): |
|
556 | def revoke_user_permission(self, apiuser, repo_name, username): | |
| 553 | """ |
|
557 | """ | |
| 554 | Revoke permission for user on given repository |
|
558 | Revoke permission for user on given repository | |
| 555 |
|
559 | |||
| 556 | :param repo_name: |
|
560 | :param repo_name: | |
| 557 | :param username: |
|
561 | :param username: | |
| 558 | """ |
|
562 | """ | |
| 559 |
|
563 | |||
| 560 | try: |
|
564 | try: | |
| 561 | repo = Repository.get_by_repo_name(repo_name) |
|
565 | repo = Repository.get_by_repo_name(repo_name) | |
| 562 | if repo is None: |
|
566 | if repo is None: | |
| 563 | raise JSONRPCError('unknown repository %s' % repo) |
|
567 | raise JSONRPCError('unknown repository %s' % repo) | |
| 564 |
|
568 | |||
| 565 | user = User.get_by_username(username) |
|
569 | user = User.get_by_username(username) | |
| 566 | if user is None: |
|
570 | if user is None: | |
| 567 | raise JSONRPCError('unknown user %s' % username) |
|
571 | raise JSONRPCError('unknown user %s' % username) | |
| 568 |
|
572 | |||
| 569 | RepoModel().revoke_user_permission(repo=repo_name, user=username) |
|
573 | RepoModel().revoke_user_permission(repo=repo_name, user=username) | |
| 570 |
|
574 | |||
| 571 | Session.commit() |
|
575 | Session.commit() | |
| 572 | return dict( |
|
576 | return dict( | |
| 573 | msg='Revoked perm for user: %s in repo: %s' % ( |
|
577 | msg='Revoked perm for user: %s in repo: %s' % ( | |
| 574 | username, repo_name |
|
578 | username, repo_name | |
| 575 | ) |
|
579 | ) | |
| 576 | ) |
|
580 | ) | |
| 577 | except Exception: |
|
581 | except Exception: | |
| 578 | log.error(traceback.format_exc()) |
|
582 | log.error(traceback.format_exc()) | |
| 579 | raise JSONRPCError( |
|
583 | raise JSONRPCError( | |
| 580 | 'failed to edit permission %(repo)s for %(user)s' % dict( |
|
584 | 'failed to edit permission %(repo)s for %(user)s' % dict( | |
| 581 | user=username, repo=repo_name |
|
585 | user=username, repo=repo_name | |
| 582 | ) |
|
586 | ) | |
| 583 | ) |
|
587 | ) | |
| 584 |
|
588 | |||
| 585 | @HasPermissionAnyDecorator('hg.admin') |
|
589 | @HasPermissionAnyDecorator('hg.admin') | |
| 586 | def grant_users_group_permission(self, apiuser, repo_name, group_name, perm): |
|
590 | def grant_users_group_permission(self, apiuser, repo_name, group_name, perm): | |
| 587 | """ |
|
591 | """ | |
| 588 | Grant permission for users group on given repository, or update |
|
592 | Grant permission for users group on given repository, or update | |
| 589 | existing one if found |
|
593 | existing one if found | |
| 590 |
|
594 | |||
| 591 | :param repo_name: |
|
595 | :param repo_name: | |
| 592 | :param group_name: |
|
596 | :param group_name: | |
| 593 | :param perm: |
|
597 | :param perm: | |
| 594 | """ |
|
598 | """ | |
| 595 |
|
599 | |||
| 596 | try: |
|
600 | try: | |
| 597 | repo = Repository.get_by_repo_name(repo_name) |
|
601 | repo = Repository.get_by_repo_name(repo_name) | |
| 598 | if repo is None: |
|
602 | if repo is None: | |
| 599 | raise JSONRPCError('unknown repository %s' % repo) |
|
603 | raise JSONRPCError('unknown repository %s' % repo) | |
| 600 |
|
604 | |||
| 601 | user_group = UsersGroup.get_by_group_name(group_name) |
|
605 | user_group = UsersGroup.get_by_group_name(group_name) | |
| 602 | if user_group is None: |
|
606 | if user_group is None: | |
| 603 | raise JSONRPCError('unknown users group %s' % user_group) |
|
607 | raise JSONRPCError('unknown users group %s' % user_group) | |
| 604 |
|
608 | |||
| 605 | RepoModel().grant_users_group_permission(repo=repo_name, |
|
609 | RepoModel().grant_users_group_permission(repo=repo_name, | |
| 606 | group_name=group_name, |
|
610 | group_name=group_name, | |
| 607 | perm=perm) |
|
611 | perm=perm) | |
| 608 |
|
612 | |||
| 609 | Session.commit() |
|
613 | Session.commit() | |
| 610 | return dict( |
|
614 | return dict( | |
| 611 | msg='Granted perm: %s for group: %s in repo: %s' % ( |
|
615 | msg='Granted perm: %s for group: %s in repo: %s' % ( | |
| 612 | perm, group_name, repo_name |
|
616 | perm, group_name, repo_name | |
| 613 | ) |
|
617 | ) | |
| 614 | ) |
|
618 | ) | |
| 615 | except Exception: |
|
619 | except Exception: | |
| 616 | log.error(traceback.format_exc()) |
|
620 | log.error(traceback.format_exc()) | |
| 617 | raise JSONRPCError( |
|
621 | raise JSONRPCError( | |
| 618 | 'failed to edit permission %(repo)s for %(usersgr)s' % dict( |
|
622 | 'failed to edit permission %(repo)s for %(usersgr)s' % dict( | |
| 619 | usersgr=group_name, repo=repo_name |
|
623 | usersgr=group_name, repo=repo_name | |
| 620 | ) |
|
624 | ) | |
| 621 | ) |
|
625 | ) | |
| 622 |
|
626 | |||
| 623 | @HasPermissionAnyDecorator('hg.admin') |
|
627 | @HasPermissionAnyDecorator('hg.admin') | |
| 624 | def revoke_users_group_permission(self, apiuser, repo_name, group_name): |
|
628 | def revoke_users_group_permission(self, apiuser, repo_name, group_name): | |
| 625 | """ |
|
629 | """ | |
| 626 | Revoke permission for users group on given repository |
|
630 | Revoke permission for users group on given repository | |
| 627 |
|
631 | |||
| 628 | :param repo_name: |
|
632 | :param repo_name: | |
| 629 | :param group_name: |
|
633 | :param group_name: | |
| 630 | """ |
|
634 | """ | |
| 631 |
|
635 | |||
| 632 | try: |
|
636 | try: | |
| 633 | repo = Repository.get_by_repo_name(repo_name) |
|
637 | repo = Repository.get_by_repo_name(repo_name) | |
| 634 | if repo is None: |
|
638 | if repo is None: | |
| 635 | raise JSONRPCError('unknown repository %s' % repo) |
|
639 | raise JSONRPCError('unknown repository %s' % repo) | |
| 636 |
|
640 | |||
| 637 | user_group = UsersGroup.get_by_group_name(group_name) |
|
641 | user_group = UsersGroup.get_by_group_name(group_name) | |
| 638 | if user_group is None: |
|
642 | if user_group is None: | |
| 639 | raise JSONRPCError('unknown users group %s' % user_group) |
|
643 | raise JSONRPCError('unknown users group %s' % user_group) | |
| 640 |
|
644 | |||
| 641 | RepoModel().revoke_users_group_permission(repo=repo_name, |
|
645 | RepoModel().revoke_users_group_permission(repo=repo_name, | |
| 642 | group_name=group_name) |
|
646 | group_name=group_name) | |
| 643 |
|
647 | |||
| 644 | Session.commit() |
|
648 | Session.commit() | |
| 645 | return dict( |
|
649 | return dict( | |
| 646 | msg='Revoked perm for group: %s in repo: %s' % ( |
|
650 | msg='Revoked perm for group: %s in repo: %s' % ( | |
| 647 | group_name, repo_name |
|
651 | group_name, repo_name | |
| 648 | ) |
|
652 | ) | |
| 649 | ) |
|
653 | ) | |
| 650 | except Exception: |
|
654 | except Exception: | |
| 651 | log.error(traceback.format_exc()) |
|
655 | log.error(traceback.format_exc()) | |
| 652 | raise JSONRPCError( |
|
656 | raise JSONRPCError( | |
| 653 | 'failed to edit permission %(repo)s for %(usersgr)s' % dict( |
|
657 | 'failed to edit permission %(repo)s for %(usersgr)s' % dict( | |
| 654 | usersgr=group_name, repo=repo_name |
|
658 | usersgr=group_name, repo=repo_name | |
| 655 | ) |
|
659 | ) | |
| 656 | ) |
|
660 | ) | |
General Comments 0
You need to be logged in to leave comments.
Login now