upstream/kallithea Files · rhodecode/model/permission.py

pullrequest: pullrequest from changelog view...

pullrequest: pullrequest from changelog view It seems like it didn't work ... perhaps because I broke it. But now we clean it up and make it work: Use rev_end as the revision to merge. We don't know where to merge ... but start_rev cannot be used for that. This might to some extent have been working before ... but we prefer to clean it up and start over again when the normal merge workflow is fully working.

marcink - - Load All Authors

File last commit:

r3220:9e76876a beta


                r3485:b19b1723

beta

Download file

             permission.py
        
                    144 lines
            
             | 5.6 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / model / permission.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # -*- coding: utf-8 -*-

      """

          rhodecode.model.permission

          ~~~~~~~~~~~~~~~~~~~~~~~~~~

          permissions model for RhodeCode

          :created_on: Aug 20, 2010

          :author: marcink

          :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

          :license: GPLv3, see COPYING for more details.

      """

      # This program is free software: you can redistribute it and/or modify

      # it under the terms of the GNU General Public License as published by

      # the Free Software Foundation, either version 3 of the License, or

      # (at your option) any later version.

      #

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      #

      # You should have received a copy of the GNU General Public License

      # along with this program.  If not, see <http://www.gnu.org/licenses/>.

      import logging

      import traceback

      from sqlalchemy.exc import DatabaseError

      from rhodecode.lib.caching_query import FromCache

      from rhodecode.model import BaseModel

      from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm,\

          UserRepoGroupToPerm

      log = logging.getLogger(__name__)

      class PermissionModel(BaseModel):

          """

          Permissions model for RhodeCode

          """

          cls = Permission

          def get_permission(self, permission_id, cache=False):

              """

              Get's permissions by id

              :param permission_id: id of permission to get from database

              :param cache: use Cache for this query

              """

              perm = self.sa.query(Permission)

              if cache:

                  perm = perm.options(FromCache("sql_cache_short",

                                                "get_permission_%s" % permission_id))

              return perm.get(permission_id)

          def get_permission_by_name(self, name, cache=False):

              """

              Get's permissions by given name

              :param name: name to fetch

              :param cache: Use cache for this query

              """

              perm = self.sa.query(Permission)\

                  .filter(Permission.permission_name == name)

              if cache:

                  perm = perm.options(FromCache("sql_cache_short",

                                                "get_permission_%s" % name))

              return perm.scalar()

          def update(self, form_result):

              perm_user = self.sa.query(User)\

                              .filter(User.username ==

                                      form_result['perm_user_name']).scalar()

              u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==

                                                     perm_user).all()

              if len(u2p) != len(User.DEFAULT_PERMISSIONS):

                  raise Exception('Defined: %s should be %s  permissions for default'

                                  ' user. This should not happen please verify'

                                  ' your database' % (len(u2p), len(User.DEFAULT_PERMISSIONS)))

              try:

                  # stage 1 change defaults

                  for p in u2p:

                      if p.permission.permission_name.startswith('repository.'):

                          p.permission = self.get_permission_by_name(

                                             form_result['default_repo_perm'])

                          self.sa.add(p)

                      elif p.permission.permission_name.startswith('group.'):

                          p.permission = self.get_permission_by_name(

                                             form_result['default_group_perm'])

                          self.sa.add(p)

                      elif p.permission.permission_name.startswith('hg.register.'):

                          p.permission = self.get_permission_by_name(

                                             form_result['default_register'])

                          self.sa.add(p)

                      elif p.permission.permission_name.startswith('hg.create.'):

                          p.permission = self.get_permission_by_name(

                                              form_result['default_create'])

                          self.sa.add(p)

                      elif p.permission.permission_name.startswith('hg.fork.'):

                          p.permission = self.get_permission_by_name(

                                              form_result['default_fork'])

                          self.sa.add(p)

                  #stage 2 update all default permissions for repos if checked

                  if form_result['overwrite_default_repo'] == True:

                      _def_name = form_result['default_repo_perm'].split('repository.')[-1]

                      _def = self.get_permission_by_name('repository.' + _def_name)

                      # repos

                      for r2p in self.sa.query(UserRepoToPerm)\

                                     .filter(UserRepoToPerm.user == perm_user)\

                                     .all():

                          #don't reset PRIVATE repositories

                          if r2p.repository.private is False:

                              r2p.permission = _def

                              self.sa.add(r2p)

                  if form_result['overwrite_default_group'] == True:

                      _def_name = form_result['default_group_perm'].split('group.')[-1]

                      # groups

                      _def = self.get_permission_by_name('group.' + _def_name)

                      for g2p in self.sa.query(UserRepoGroupToPerm)\

                                     .filter(UserRepoGroupToPerm.user == perm_user)\

                                     .all():

                          g2p.permission = _def

                          self.sa.add(g2p)

                  # stage 3 set anonymous access

                  if perm_user.username == 'default':

                      perm_user.active = bool(form_result['anonymous'])

                      self.sa.add(perm_user)

              except (DatabaseError,):

                  log.error(traceback.format_exc())

                  raise

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# -- coding: utf-8 --
				"""
				rhodecode.model.permission
				~~~~~~~~~~~~~~~~~~~~~~~~~~

				permissions model for RhodeCode

				:created_on: Aug 20, 2010
				:author: marcink
				:copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
				:license: GPLv3, see COPYING for more details.
				"""
				# This program is free software: you can redistribute it and/or modify
				# it under the terms of the GNU General Public License as published by
				# the Free Software Foundation, either version 3 of the License, or
				# (at your option) any later version.
				#
				# This program is distributed in the hope that it will be useful,
				# but WITHOUT ANY WARRANTY; without even the implied warranty of
				# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				# GNU General Public License for more details.
				#
				# You should have received a copy of the GNU General Public License
				# along with this program. If not, see <http://www.gnu.org/licenses/>.

				import logging
				import traceback

				from sqlalchemy.exc import DatabaseError

				from rhodecode.lib.caching_query import FromCache

				from rhodecode.model import BaseModel
				from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm,\
				UserRepoGroupToPerm

				log = logging.getLogger(__name__)


				class PermissionModel(BaseModel):
				"""
				Permissions model for RhodeCode
				"""

				cls = Permission

				def get_permission(self, permission_id, cache=False):
				"""
				Get's permissions by id

				:param permission_id: id of permission to get from database
				:param cache: use Cache for this query
				"""
				perm = self.sa.query(Permission)
				if cache:
				perm = perm.options(FromCache("sql_cache_short",
				"get_permission_%s" % permission_id))
				return perm.get(permission_id)

				def get_permission_by_name(self, name, cache=False):
				"""
				Get's permissions by given name

				:param name: name to fetch
				:param cache: Use cache for this query
				"""
				perm = self.sa.query(Permission)\
				.filter(Permission.permission_name == name)
				if cache:
				perm = perm.options(FromCache("sql_cache_short",
				"get_permission_%s" % name))
				return perm.scalar()

				def update(self, form_result):
				perm_user = self.sa.query(User)\
				.filter(User.username ==
				form_result['perm_user_name']).scalar()
				u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==
				perm_user).all()
				if len(u2p) != len(User.DEFAULT_PERMISSIONS):
				raise Exception('Defined: %s should be %s permissions for default'
				' user. This should not happen please verify'
				' your database' % (len(u2p), len(User.DEFAULT_PERMISSIONS)))

				try:
				# stage 1 change defaults
				for p in u2p:
				if p.permission.permission_name.startswith('repository.'):
				p.permission = self.get_permission_by_name(
				form_result['default_repo_perm'])
				self.sa.add(p)

				elif p.permission.permission_name.startswith('group.'):
				p.permission = self.get_permission_by_name(
				form_result['default_group_perm'])
				self.sa.add(p)

				elif p.permission.permission_name.startswith('hg.register.'):
				p.permission = self.get_permission_by_name(
				form_result['default_register'])
				self.sa.add(p)

				elif p.permission.permission_name.startswith('hg.create.'):
				p.permission = self.get_permission_by_name(
				form_result['default_create'])
				self.sa.add(p)

				elif p.permission.permission_name.startswith('hg.fork.'):
				p.permission = self.get_permission_by_name(
				form_result['default_fork'])
				self.sa.add(p)

				#stage 2 update all default permissions for repos if checked
				if form_result['overwrite_default_repo'] == True:
				_def_name = form_result['default_repo_perm'].split('repository.')[-1]
				_def = self.get_permission_by_name('repository.' + _def_name)
				# repos
				for r2p in self.sa.query(UserRepoToPerm)\
				.filter(UserRepoToPerm.user == perm_user)\
				.all():

				#don't reset PRIVATE repositories
				if r2p.repository.private is False:
				r2p.permission = _def
				self.sa.add(r2p)

				if form_result['overwrite_default_group'] == True:
				_def_name = form_result['default_group_perm'].split('group.')[-1]
				# groups
				_def = self.get_permission_by_name('group.' + _def_name)
				for g2p in self.sa.query(UserRepoGroupToPerm)\
				.filter(UserRepoGroupToPerm.user == perm_user)\
				.all():
				g2p.permission = _def
				self.sa.add(g2p)

				# stage 3 set anonymous access
				if perm_user.username == 'default':
				perm_user.active = bool(form_result['anonymous'])
				self.sa.add(perm_user)

				except (DatabaseError,):
				log.error(traceback.format_exc())
				raise