Show More
@@ -40,8 +40,8 b' from rhodecode.model.scm import ScmModel' | |||
|
40 | 40 | from rhodecode.model.repo import RepoModel |
|
41 | 41 | from rhodecode.model.user import UserModel |
|
42 | 42 | from rhodecode.model.users_group import UserGroupModel |
|
43 | from rhodecode.model.permission import PermissionModel | |
|
44 | from rhodecode.model.db import Repository, RhodeCodeSetting, UserIpMap | |
|
43 | from rhodecode.model.db import Repository, RhodeCodeSetting, UserIpMap,\ | |
|
44 | Permission | |
|
45 | 45 | from rhodecode.lib.compat import json |
|
46 | 46 | |
|
47 | 47 | log = logging.getLogger(__name__) |
@@ -139,7 +139,7 b' def get_perm_or_error(permid):' | |||
|
139 | 139 | |
|
140 | 140 | :param userid: |
|
141 | 141 | """ |
|
142 |
perm = Permission |
|
|
142 | perm = Permission.get_by_key(permid) | |
|
143 | 143 | if perm is None: |
|
144 | 144 | raise JSONRPCError('permission `%s` does not exist' % (permid)) |
|
145 | 145 | return perm |
@@ -28,11 +28,10 b' import traceback' | |||
|
28 | 28 | |
|
29 | 29 | from sqlalchemy.exc import DatabaseError |
|
30 | 30 | |
|
31 | from rhodecode.lib.caching_query import FromCache | |
|
32 | ||
|
33 | 31 | from rhodecode.model import BaseModel |
|
34 | 32 | from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm,\ |
|
35 | 33 | UserRepoGroupToPerm |
|
34 | from rhodecode.lib.utils2 import str2bool | |
|
36 | 35 | |
|
37 | 36 | log = logging.getLogger(__name__) |
|
38 | 37 | |
@@ -44,76 +43,32 b' class PermissionModel(BaseModel):' | |||
|
44 | 43 | |
|
45 | 44 | cls = Permission |
|
46 | 45 | |
|
47 | def get_permission(self, permission_id, cache=False): | |
|
48 | """ | |
|
49 | Get's permissions by id | |
|
50 | ||
|
51 | :param permission_id: id of permission to get from database | |
|
52 | :param cache: use Cache for this query | |
|
53 | """ | |
|
54 | perm = self.sa.query(Permission) | |
|
55 | if cache: | |
|
56 | perm = perm.options(FromCache("sql_cache_short", | |
|
57 | "get_permission_%s" % permission_id)) | |
|
58 | return perm.get(permission_id) | |
|
59 | ||
|
60 | def get_permission_by_name(self, name, cache=False): | |
|
61 | """ | |
|
62 | Get's permissions by given name | |
|
63 | ||
|
64 | :param name: name to fetch | |
|
65 | :param cache: Use cache for this query | |
|
66 | """ | |
|
67 | perm = self.sa.query(Permission)\ | |
|
68 | .filter(Permission.permission_name == name) | |
|
69 | if cache: | |
|
70 | perm = perm.options(FromCache("sql_cache_short", | |
|
71 | "get_permission_%s" % name)) | |
|
72 | return perm.scalar() | |
|
73 | ||
|
74 | 46 | def update(self, form_result): |
|
75 | perm_user = self.sa.query(User)\ | |
|
76 | .filter(User.username == | |
|
77 | form_result['perm_user_name']).scalar() | |
|
78 | u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == | |
|
79 | perm_user).all() | |
|
80 | if len(u2p) != len(User.DEFAULT_PERMISSIONS): | |
|
81 | raise Exception('Defined: %s should be %s permissions for default' | |
|
82 | ' user. This should not happen please verify' | |
|
83 | ' your database' % (len(u2p), len(User.DEFAULT_PERMISSIONS))) | |
|
47 | perm_user = User.get_by_username(username=form_result['perm_user_name']) | |
|
48 | u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all() | |
|
84 | 49 | |
|
85 | 50 | try: |
|
86 | # stage 1 change defaults | |
|
51 | def _make_new(usr, perm_name): | |
|
52 | new = UserToPerm() | |
|
53 | new.user = usr | |
|
54 | new.permission = Permission.get_by_key(perm_name) | |
|
55 | return new | |
|
56 | # clear current entries, to make this function idempotent | |
|
57 | # it will fix even if we define more permissions or permissions | |
|
58 | # are somehow missing | |
|
87 | 59 | for p in u2p: |
|
88 | if p.permission.permission_name.startswith('repository.'): | |
|
89 | p.permission = self.get_permission_by_name( | |
|
90 | form_result['default_repo_perm']) | |
|
91 | self.sa.add(p) | |
|
92 | ||
|
93 | elif p.permission.permission_name.startswith('group.'): | |
|
94 | p.permission = self.get_permission_by_name( | |
|
95 | form_result['default_group_perm']) | |
|
96 | self.sa.add(p) | |
|
97 | ||
|
98 | elif p.permission.permission_name.startswith('hg.register.'): | |
|
99 | p.permission = self.get_permission_by_name( | |
|
100 | form_result['default_register']) | |
|
101 | self.sa.add(p) | |
|
102 | ||
|
103 | elif p.permission.permission_name.startswith('hg.create.'): | |
|
104 | p.permission = self.get_permission_by_name( | |
|
105 | form_result['default_create']) | |
|
106 | self.sa.add(p) | |
|
107 | ||
|
108 | elif p.permission.permission_name.startswith('hg.fork.'): | |
|
109 | p.permission = self.get_permission_by_name( | |
|
110 | form_result['default_fork']) | |
|
60 | self.sa.delete(p) | |
|
61 | #create fresh set of permissions | |
|
62 | for def_perm_key in ['default_repo_perm', 'default_group_perm', | |
|
63 | 'default_register', 'default_create', | |
|
64 | 'default_fork']: | |
|
65 | p = _make_new(perm_user, form_result[def_perm_key]) | |
|
111 | 66 |
|
|
112 | 67 | |
|
113 | 68 | #stage 2 update all default permissions for repos if checked |
|
114 | 69 | if form_result['overwrite_default_repo'] == True: |
|
115 | 70 | _def_name = form_result['default_repo_perm'].split('repository.')[-1] |
|
116 |
_def = |
|
|
71 | _def = Permission.get_by_key('repository.' + _def_name) | |
|
117 | 72 | # repos |
|
118 | 73 | for r2p in self.sa.query(UserRepoToPerm)\ |
|
119 | 74 | .filter(UserRepoToPerm.user == perm_user)\ |
@@ -127,7 +82,7 b' class PermissionModel(BaseModel):' | |||
|
127 | 82 | if form_result['overwrite_default_group'] == True: |
|
128 | 83 | _def_name = form_result['default_group_perm'].split('group.')[-1] |
|
129 | 84 | # groups |
|
130 |
_def = |
|
|
85 | _def = Permission.get_by_key('group.' + _def_name) | |
|
131 | 86 | for g2p in self.sa.query(UserRepoGroupToPerm)\ |
|
132 | 87 | .filter(UserRepoGroupToPerm.user == perm_user)\ |
|
133 | 88 | .all(): |
@@ -136,9 +91,11 b' class PermissionModel(BaseModel):' | |||
|
136 | 91 | |
|
137 | 92 | # stage 3 set anonymous access |
|
138 | 93 | if perm_user.username == 'default': |
|
139 | perm_user.active = bool(form_result['anonymous']) | |
|
94 | perm_user.active = str2bool(form_result['anonymous']) | |
|
140 | 95 | self.sa.add(perm_user) |
|
141 | 96 | |
|
97 | self.sa.commit() | |
|
142 | 98 | except (DatabaseError,): |
|
143 | 99 | log.error(traceback.format_exc()) |
|
100 | self.sa.rollback() | |
|
144 | 101 | raise |
General Comments 0
You need to be logged in to leave comments.
Login now