kallithea Changeset - 2ccb32ddcfd7

Changeset - 2ccb32ddcfd7

Parent rev.

Child rev.

[Not reviewed]

beta

0 3 2

Nicolas VINOT - 14 years ago 2011-10-02 17:39:52
aeris@imirhil.fr

Transplanted from: fecfb43a75f2

Add API for repositories and groups (creation, permission)

5 files changed with 253 insertions and 79 deletions:

rhodecode/controllers/api/api.py

109

rhodecode/model/db.py

rhodecode/model/repo_permission.py

rhodecode/model/user.py

rhodecode/model/users_group.py

0 comments (0 inline, 0 general)

rhodecode/controllers/api/api.py

➞

Show inline comments

 import traceback
 import logging
 from rhodecode.controllers.api import JSONRPCController, JSONRPCError
 from rhodecode.lib.auth import HasPermissionAllDecorator, HasPermissionAnyDecorator
 from rhodecode.model.scm import ScmModel
 from rhodecode.model.db import User, UsersGroup, UsersGroupMember, Group, Repository
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.user import UserModel
 from rhodecode.model.users_group import UsersGroupModel
 from rhodecode.model.repo_permission import RepositoryPermissionModel
 log = logging.getLogger(__name__)
 class ApiController(JSONRPCController):
     """
     API Controller
     Each method needs to have USER as argument this is then based on given
     API_KEY propagated as instance of user object
     Preferably this should be first argument also
     Each function should also **raise** JSONRPCError for any
     errors that happens
     """
     @HasPermissionAllDecorator('hg.admin')
     def pull(self, apiuser, repo):
         """
         Dispatch pull action on given repo
         :param user:
         :param repo:
         """
         if Repository.is_valid(repo) is False:
             raise JSONRPCError('Unknown repo "%s"' % repo)
         try:
             ScmModel().pull_changes(repo, self.rhodecode_user.username)
             return 'Pulled from %s' % repo
         except Exception:
             raise JSONRPCError('Unable to pull changes from "%s"' % repo)
     @HasPermissionAllDecorator('hg.admin')
     def create_user(self, apiuser, username, password, name,
     def list_users(self, apiuser):
         """"
         Lists all users
         :param apiuser
         """
         result = []
         for user in User.getAll():
             result.append( dict(id = user.user_id,
                                 username = user.username,
                                 firstname = user.name,
                                 lastname = user.lastname,
                                 email = user.email,
                                 active = user.active,
                                 admin = user.admin) )
         return result
     @HasPermissionAllDecorator('hg.admin')
     def create_user(self, apiuser, username, password, firstname,
                     lastname, email, active=True, admin=False, ldap_dn=None):
         """
         Creates new user
         :param apiuser:
         :param username:
         :param password:
         :param name:
         :param lastname:
         :param email:
         :param active:
         :param admin:
         :param ldap_dn:
         """
         form_data = dict(username=username,
                          password=password,
                          active=active,
                          admin=admin,
                          name=name,
                          lastname=lastname,
                          email=email,
                          ldap_dn=ldap_dn)
         try:
             u = User.create(form_data)
             return {'id':u.user_id,
                     'msg':'created new user %s' % name}
             form_data = dict(username=username,
                              password=password,
                              active=active,
                              admin=admin,
                              name=firstname,
                              lastname=lastname,
                              email=email,
                              ldap_dn=ldap_dn)
             UserModel().create_ldap(username, password, ldap_dn, form_data)
             return dict(msg='created new user %s' % username)
         except Exception:
             log.error(traceback.format_exc())
-            raise JSONRPCError('failed to create user %s' % name)
+            raise JSONRPCError('failed to create user %s' % username)
     @HasPermissionAllDecorator('hg.admin')
-    def list_users(self, apiuser):
+    def list_users_groups(self, apiuser):
         """"
         Lists all users
+        Lists all users groups
         :param apiuser
         """
         result = []
         for user in User.getAll():
             result.append({ 'username':user.username,
                             'name': user.name,
                             'lastname': user.lastname,
                             'email': user.email })
         for users_group in UsersGroup.getAll():
             result.append( dict(id=users_group.users_group_id,
                                 name=users_group.users_group_name,
                                 active=users_group.users_group_active) )
         return result
     @HasPermissionAllDecorator('hg.admin')
     def create_users_group(self, apiuser, name, active=True):
         """
         Creates an new usergroup
         :param name:
         :param active:
         """
         form_data = {'users_group_name':name,
                      'users_group_active':active}
         try:
             ug = UsersGroup.create(form_data)
             return {'id':ug.users_group_id,
                     'msg':'created new users group %s' % name}
             form_data = dict(users_group_name=name,
                              users_group_active=active)
             ug = UsersGroupModel().create(form_data)
             return dict(id=ug.users_group_id,
                         msg='created new users group %s' % name)
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError('failed to create group %s' % name)
     @HasPermissionAllDecorator('hg.admin')
     def list_users_groups(self, apiuser):
         """"
         Lists all users groups
         :param apiuser
         """
         result = []
         for users_group in UsersGroup.getAll():
             result.append({ 'name': users_group.name })
         return result
     @HasPermissionAllDecorator('hg.admin')
     def add_user_to_group(self, apiuser, user_name, group_name):
     def add_user_to_users_group(self, apiuser, user_name, group_name):
         """"
         Add a user to a group
         :param apiuser
         :param user_name
         :param group_name
         """
         users_group = UsersGroup.get_by_group_name(group_name)
         if not users_group:
             raise JSONRPCError('unknown users group %s' % group_name)
         try:
             users_group = UsersGroup.get_by_group_name(group_name)
             if not users_group:
                 raise JSONRPCError('unknown users group %s' % group_name)
         user = User.by_username(user_name)
         if not user:
             raise JSONRPCError('unknown user %s' % user_name)
             user = User.by_username(user_name)
             if not user:
                 raise JSONRPCError('unknown user %s' % user_name)
         try:
             UsersGroupMember.create(user, users_group)
             ugm = UsersGroupModel().add_user_to_group(users_group, user)
             return dict(id=ugm.users_group_member_id,
                         msg='created new users group member')
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError('failed to create users group member')
     @HasPermissionAnyDecorator('hg.admin')
     def list_repos(self, apiuser):
         """"
         Lists all repositories
         :param apiuser
         """
         result = []
         for repository in Repository.getAll():
             result.append( dict(id=repository.repo_id,
                                 name=repository.repo_name,
                                 type=repository.repo_type,
                                 description=repository.description) )
         return result
     @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def create_repo(self, apiuser, name, owner_name, description=None, repo_type='hg', \
                     private=False, group_name=None):
         """
         Create a repository
         :param apiuser
         :param name
         :param description
         :param type
         :param private
         :param owner_name
         :param group_name
         :param clone
         """
         if group_name:
             group = Group.get_by_group_name(group_name)
             if group is None:
                 raise JSONRPCError('unknown group %s' % group_name)
         else:
             group = None
         try:
             if group_name:
                 group = Group.get_by_group_name(group_name)
                 if group is None:
                     raise JSONRPCError('unknown group %s' % group_name)
             else:
                 group = None
         owner = User.by_username(owner_name)
         if owner is None:
             raise JSONRPCError('unknown user %s' % owner)
             owner = User.by_username(owner_name)
             if owner is None:
                 raise JSONRPCError('unknown user %s' % owner)
         try:
             RepoModel().create({ "repo_name" : name,
                                  "repo_name_full" : name,
                                  "description" : description,
                                  "private" : private,
                                  "repo_type" : repo_type,
                                  "repo_group" : group,
                                  "clone_uri" : None }, owner)
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError('failed to create repository %s' % name)
     @HasPermissionAnyDecorator('hg.admin')
     def add_user_perm_to_repo(self, apiuser, repo_name, user_name, perm):
         """
         Add permission for a user to a repository
         :param apiuser
         :param repo_name
         :param user_name
         :param perm
         """
         try:
             repo = Repository.by_repo_name(repo_name)
             if repo is None:
                 raise JSONRPCError('unknown repository %s' % repo)
             user = User.by_username(user_name)
             if user is None:
                 raise JSONRPCError('unknown user %s' % user)
             RepositoryPermissionModel() \
                 .updateOrDeleteUserPermission(repo, user, perm)
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError('failed to edit permission %(repo)s for %(user)s'
                             % dict( user = user_name, repo = repo_name ) )

rhodecode/model/db.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.db
     ~~~~~~~~~~~~~~~~~~
     Database Models for RhodeCode
     :created_on: Apr 08, 2010
     :author: marcink
     :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import logging
 import datetime
 import traceback
 from datetime import date
 from sqlalchemy import *
 from sqlalchemy.exc import DatabaseError
 from sqlalchemy.orm import relationship, backref, joinedload, class_mapper
 from sqlalchemy.orm.interfaces import MapperExtension
 from beaker.cache import cache_region, region_invalidate
 from vcs import get_backend
 from vcs.utils.helpers import get_scm
 from vcs.exceptions import VCSError
 from vcs.utils.lazy import LazyProperty
 from rhodecode.lib.exceptions import UsersGroupsAssignedException
 from rhodecode.lib import str2bool, json, safe_str, get_changeset_safe,\
     generate_api_key
 from rhodecode.model.meta import Base, Session
 from rhodecode.model.caching_query import FromCache
 log = logging.getLogger(__name__)
 #==============================================================================
 # BASE CLASSES
 #==============================================================================
 class ModelSerializer(json.JSONEncoder):
     """
     Simple Serializer for JSON,
     usage::
         to make object customized for serialization implement a __json__
         method that will return a dict for serialization into json
     example::
         class Task(object):
             def __init__(self, name, value):
                 self.name = name
                 self.value = value
             def __json__(self):
                 return dict(name=self.name,
                             value=self.value)
     """
     def default(self, obj):
         if hasattr(obj, '__json__'):
             return obj.__json__()
         else:
             return json.JSONEncoder.default(self, obj)
 class BaseModel(object):
     """Base Model for all classess
     """
     @classmethod
     def _get_keys(cls):
         """return column names for this model """
         return class_mapper(cls).c.keys()
     def get_dict(self):
         """return dict with keys and values corresponding
         to this model data """
         d = {}
         for k in self._get_keys():
             d[k] = getattr(self, k)
         return d
     def get_appstruct(self):
         """return list with keys and values tupples corresponding
         to this model data """
         l = []
         for k in self._get_keys():
             l.append((k, getattr(self, k),))
         return l
     def populate_obj(self, populate_dict):
         """populate model with data from given populate_dict"""
         for k in self._get_keys():
             if k in populate_dict:
                 setattr(self, k, populate_dict[k])
     @classmethod
     def query(cls):
         return Session.query(cls)
     @classmethod
     def get(cls, id_):
         return cls.query().get(id_)
     @classmethod
     def getAll(cls):
         return cls.query().all()
     @classmethod
     def delete(cls, id_):
         obj = cls.query().get(id_)
         Session.delete(obj)
         Session.commit()
 class RhodeCodeSettings(Base, BaseModel):
     __tablename__ = 'rhodecode_settings'
     __table_args__ = (UniqueConstraint('app_settings_name'), {'extend_existing':True})
     app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     app_settings_name = Column("app_settings_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     app_settings_value = Column("app_settings_value", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     def __init__(self, k='', v=''):
         self.app_settings_name = k
         self.app_settings_value = v
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__,
                                   self.app_settings_name, self.app_settings_value)
     @classmethod
     def get_by_name(cls, ldap_key):
         return cls.query()\
             .filter(cls.app_settings_name == ldap_key).scalar()
     @classmethod
     def get_app_settings(cls, cache=False):
         ret = cls.query()
         if cache:
             ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))
         if not ret:
             raise Exception('Could not get application settings !')
         settings = {}
         for each in ret:
             settings['rhodecode_' + each.app_settings_name] = \
                 each.app_settings_value
         return settings
     @classmethod
     def get_ldap_settings(cls, cache=False):
         ret = cls.query()\
                 .filter(cls.app_settings_name.startswith('ldap_'))\
                 .all()
         fd = {}
         for row in ret:
             fd.update({row.app_settings_name:row.app_settings_value})
         fd.update({'ldap_active':str2bool(fd.get('ldap_active'))})
         return fd
 class RhodeCodeUi(Base, BaseModel):
     __tablename__ = 'rhodecode_ui'
     __table_args__ = (UniqueConstraint('ui_key'), {'extend_existing':True})
     HOOK_UPDATE = 'changegroup.update'
     HOOK_REPO_SIZE = 'changegroup.repo_size'
     HOOK_PUSH = 'pretxnchangegroup.push_logger'
     HOOK_PULL = 'preoutgoing.pull_logger'
     ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     ui_section = Column("ui_section", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ui_key = Column("ui_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ui_value = Column("ui_value", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True)
     @classmethod
     def get_by_key(cls, key):
         return cls.query().filter(cls.ui_key == key)
     @classmethod
     def get_builtin_hooks(cls):
         q = cls.query()
         q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE,
                                     cls.HOOK_REPO_SIZE,
                                     cls.HOOK_PUSH, cls.HOOK_PULL]))
         return q.all()
     @classmethod
     def get_custom_hooks(cls):
         q = cls.query()
         q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE,
                                     cls.HOOK_REPO_SIZE,
                                     cls.HOOK_PUSH, cls.HOOK_PULL]))
         q = q.filter(cls.ui_section == 'hooks')
         return q.all()
     @classmethod
     def create_or_update_hook(cls, key, val):
         new_ui = cls.get_by_key(key).scalar() or cls()
         new_ui.ui_section = 'hooks'
         new_ui.ui_active = True
         new_ui.ui_key = key
         new_ui.ui_value = val
         Session.add(new_ui)
         Session.commit()
 class User(Base, BaseModel):
     __tablename__ = 'users'
     __table_args__ = (UniqueConstraint('username'), UniqueConstraint('email'), {'extend_existing':True})
     user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     username = Column("username", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     password = Column("password", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     active = Column("active", Boolean(), nullable=True, unique=None, default=None)
     admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
     name = Column("name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     lastname = Column("lastname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     email = Column("email", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
     ldap_dn = Column("ldap_dn", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     api_key = Column("api_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     user_log = relationship('UserLog', cascade='all')
     user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
     repositories = relationship('Repository')
     user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
     repo_to_perm = relationship('RepoToPerm', primaryjoin='RepoToPerm.user_id==User.user_id', cascade='all')
     group_member = relationship('UsersGroupMember', cascade='all')
     @property
     def full_contact(self):
         return '%s %s <%s>' % (self.name, self.lastname, self.email)
     @property
     def short_contact(self):
         return '%s %s' % (self.name, self.lastname)
     @property
     def is_admin(self):
         return self.admin
     def __repr__(self):
         try:
             return "<%s('id:%s:%s')>" % (self.__class__.__name__,
                                              self.user_id, self.username)
         except:
             return self.__class__.__name__
     @classmethod
     def by_username(cls, username, case_insensitive=False):
         if case_insensitive:
             return cls.query().filter(cls.username.like(username)).one()
         else:
             return cls.query().filter(cls.username == username).one()
     @classmethod
     def get_by_api_key(cls, api_key):
         return cls.query().filter(cls.api_key == api_key).one()
     def update_lastlogin(self):
         """Update user lastlogin"""
         self.last_login = datetime.datetime.now()
         Session.add(self)
         Session.commit()
         log.debug('updated user %s lastlogin', self.username)
     @classmethod
     def create(cls, form_data):
         from rhodecode.lib.auth import get_crypt_password
         try:
             new_user = cls()
             for k, v in form_data.items():
                 if k == 'password':
                     v = get_crypt_password(v)
                 setattr(new_user, k, v)
             new_user.api_key = generate_api_key(form_data['username'])
             Session.add(new_user)
             Session.commit()
             return new_user
         except:
             log.error(traceback.format_exc())
             Session.rollback()
             raise
 class UserLog(Base, BaseModel):
     __tablename__ = 'user_logs'
     __table_args__ = {'extend_existing':True}
     user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
     repository_name = Column("repository_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     user_ip = Column("user_ip", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     action = Column("action", UnicodeText(length=1200000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
     @property
     def action_as_day(self):
         return date(*self.action_date.timetuple()[:3])
     user = relationship('User')
     repository = relationship('Repository')
 class UsersGroup(Base, BaseModel):
     __tablename__ = 'users_groups'
     __table_args__ = {'extend_existing':True}
     users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_name = Column("users_group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
     members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
     def __repr__(self):
         return '<userGroup(%s)>' % (self.users_group_name)
     @classmethod
     def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
         if case_insensitive:
             gr = cls.query()\
                 .filter(cls.users_group_name.ilike(group_name))
         else:
             gr = cls.query()\
                 .filter(cls.users_group_name == group_name)
         if cache:
             gr = gr.options(FromCache("sql_cache_short",
                                           "get_user_%s" % group_name))
         return gr.scalar()
     @classmethod
     def get(cls, users_group_id, cache=False):
         users_group = cls.query()
         if cache:
             users_group = users_group.options(FromCache("sql_cache_short",
                                     "get_users_group_%s" % users_group_id))
         return users_group.get(users_group_id)
     @classmethod
     def create(cls, form_data):
         try:
             new_users_group = cls()
             for k, v in form_data.items():
                 setattr(new_users_group, k, v)
             Session.add(new_users_group)
             Session.commit()
             return new_users_group
         except:
             log.error(traceback.format_exc())
             Session.rollback()
             raise
     @classmethod
     def update(cls, users_group_id, form_data):
         try:
             users_group = cls.get(users_group_id, cache=False)
             for k, v in form_data.items():
                 if k == 'users_group_members':
                     users_group.members = []
                     Session.flush()
                     members_list = []
                     if v:
                         for u_id in set(v):
                             members_list.append(UsersGroupMember(
                                                             users_group_id,
                                                             u_id))
                     setattr(users_group, 'members', members_list)
                 setattr(users_group, k, v)
             Session.add(users_group)
             Session.commit()
         except:
             log.error(traceback.format_exc())
             Session.rollback()
             raise
     @classmethod
     def delete(cls, users_group_id):
         try:
             # check if this group is not assigned to repo
             assigned_groups = UsersGroupRepoToPerm.query()\
                 .filter(UsersGroupRepoToPerm.users_group_id ==
                         users_group_id).all()
             if assigned_groups:
                 raise UsersGroupsAssignedException('Group assigned to %s' %
                                                    assigned_groups)
             users_group = cls.get(users_group_id, cache=False)
             Session.delete(users_group)
             Session.commit()
         except:
             log.error(traceback.format_exc())
             Session.rollback()
             raise
 class UsersGroupMember(Base, BaseModel):
     __tablename__ = 'users_groups_members'
     __table_args__ = {'extend_existing':True}
     users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     user = relationship('User', lazy='joined')
     users_group = relationship('UsersGroup')
     def __init__(self, gr_id='', u_id=''):
         self.users_group_id = gr_id
         self.user_id = u_id
     @classmethod
     def create(cls, user, users_group):
         try:
             users_group_member = cls()
             users_group_member.user = user
             users_group_member.users_group = users_group
             Session.add(users_group_member)
             Session.commit()
             return users_group_member
         except:
             log.error(traceback.format_exc())
             Session.rollback()
             raise
 class Repository(Base, BaseModel):
     __tablename__ = 'repositories'
     __table_args__ = (UniqueConstraint('repo_name'), {'extend_existing':True},)
     repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     repo_name = Column("repo_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     clone_uri = Column("clone_uri", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)
     repo_type = Column("repo_type", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default='hg')
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
     private = Column("private", Boolean(), nullable=True, unique=None, default=None)
     enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)
     enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)
     description = Column("description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
     fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)
     group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)
     user = relationship('User')
     fork = relationship('Repository', remote_side=repo_id)
     group = relationship('Group')
     repo_to_perm = relationship('RepoToPerm', cascade='all', order_by='RepoToPerm.repo_to_perm_id')
     users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')
     stats = relationship('Statistics', cascade='all', uselist=False)
     followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')
     logs = relationship('UserLog', cascade='all')
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__,
                                   self.repo_id, self.repo_name)
     @classmethod
     def by_repo_name(cls, repo_name):
         q = cls.query().filter(cls.repo_name == repo_name)
         q = q.options(joinedload(Repository.fork))\
             .options(joinedload(Repository.user))\
             .options(joinedload(Repository.group))\
         return q.one()
     @classmethod
     def get_repo_forks(cls, repo_id):
         return cls.query().filter(Repository.fork_id == repo_id)
     @classmethod
     def base_path(cls):
         """
         Returns base path when all repos are stored
         :param cls:
         """
         q = Session.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/')
         q.options(FromCache("sql_cache_short", "repository_repo_path"))
         return q.one().ui_value
     @property
     def just_name(self):
         return self.repo_name.split(os.sep)[-1]
     @property
     def groups_with_parents(self):
         groups = []
         if self.group is None:
             return groups
         cur_gr = self.group
         groups.insert(0, cur_gr)
         while 1:
             gr = getattr(cur_gr, 'parent_group', None)
             cur_gr = cur_gr.parent_group
             if gr is None:
                 break
             groups.insert(0, gr)
         return groups
     @property
     def groups_and_repo(self):
         return self.groups_with_parents, self.just_name
     @LazyProperty
     def repo_path(self):
         """
         Returns base full path for that repository means where it actually
         exists on a filesystem
         """
         q = RhodeCodeUi.query().filter(RhodeCodeUi.ui_key == '/')
         q.options(FromCache("sql_cache_short", "repository_repo_path"))
         return q.one().ui_value
     @property
     def repo_full_path(self):
         p = [self.repo_path]
         # we need to split the name by / since this is how we store the
         # names in the database, but that eventually needs to be converted
         # into a valid system path
         p += self.repo_name.split('/')
         return os.path.join(*p)
     @property
     def _ui(self):
         """
         Creates an db based ui object for this repository
         """
         from mercurial import ui
         from mercurial import config
         baseui = ui.ui()
         #clean the baseui object
         baseui._ocfg = config.config()
         baseui._ucfg = config.config()
         baseui._tcfg = config.config()
         ret = RhodeCodeUi.query()\
             .options(FromCache("sql_cache_short", "repository_repo_ui")).all()
         hg_ui = ret
         for ui_ in hg_ui:
             if ui_.ui_active:
                 log.debug('settings ui from db[%s]%s:%s', ui_.ui_section,
                           ui_.ui_key, ui_.ui_value)
                 baseui.setconfig(ui_.ui_section, ui_.ui_key, ui_.ui_value)
         return baseui
     @classmethod
     def is_valid(cls, repo_name):
         """
         returns True if given repo name is a valid filesystem repository
         @param cls:
         @param repo_name:
         """
         from rhodecode.lib.utils import is_valid_repo
         return is_valid_repo(repo_name, cls.base_path())
     #==========================================================================
     # SCM PROPERTIES
     #==========================================================================
     def get_changeset(self, rev):
         return get_changeset_safe(self.scm_instance, rev)
     @property
     def tip(self):
         return self.get_changeset('tip')
     @property
     def author(self):
         return self.tip.author
     @property
     def last_change(self):
         return self.scm_instance.last_change
     #==========================================================================
     # SCM CACHE INSTANCE
     #==========================================================================
     @property
     def invalidate(self):
         """
         Returns Invalidation object if this repo should be invalidated
         None otherwise. `cache_active = False` means that this cache
         state is not valid and needs to be invalidated
         """
         return CacheInvalidation.query()\
             .filter(CacheInvalidation.cache_key == self.repo_name)\
             .filter(CacheInvalidation.cache_active == False)\
             .scalar()
     def set_invalidate(self):
         """
         set a cache for invalidation for this instance
         """
         inv = CacheInvalidation.query()\
             .filter(CacheInvalidation.cache_key == self.repo_name)\
             .scalar()
         if inv is None:
             inv = CacheInvalidation(self.repo_name)
         inv.cache_active = True
         Session.add(inv)
         Session.commit()
     @LazyProperty
     def scm_instance(self):
         return self.__get_instance()
     @property
     def scm_instance_cached(self):
         @cache_region('long_term')
         def _c(repo_name):
             return self.__get_instance()
         # TODO: remove this trick when beaker 1.6 is released
         # and have fixed this issue with not supporting unicode keys
         rn = safe_str(self.repo_name)
         inv = self.invalidate
         if inv is not None:
             region_invalidate(_c, None, rn)
             # update our cache
             inv.cache_active = True
             Session.add(inv)
             Session.commit()
         return _c(rn)
     def __get_instance(self):
         repo_full_path = self.repo_full_path
         try:
             alias = get_scm(repo_full_path)[0]
             log.debug('Creating instance of %s repository', alias)
             backend = get_backend(alias)
         except VCSError:
             log.error(traceback.format_exc())
             log.error('Perhaps this repository is in db and not in '
                       'filesystem run rescan repositories with '
                       '"destroy old data " option from admin panel')
             return
         if alias == 'hg':
             repo = backend(safe_str(repo_full_path), create=False,
                            baseui=self._ui)
             #skip hidden web repository
             if repo._get_hidden():
                 return
         else:
             repo = backend(repo_full_path, create=False)
         return repo
 class Group(Base, BaseModel):
     __tablename__ = 'groups'
     __table_args__ = (UniqueConstraint('group_name', 'group_parent_id'),
                       CheckConstraint('group_id != group_parent_id'), {'extend_existing':True},)
     __mapper_args__ = {'order_by':'group_name'}
     group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     group_name = Column("group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
     group_description = Column("group_description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     parent_group = relationship('Group', remote_side=group_id)
     def __init__(self, group_name='', parent_group=None):
         self.group_name = group_name
         self.parent_group = parent_group
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,
                                   self.group_name)
     @classmethod
     def url_sep(cls):
         return '/'
     @classmethod
     def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
         if case_insensitive:
             gr = cls.query()\
                 .filter(cls.group_name.ilike(group_name))
         else:
             gr = cls.query()\
                 .filter(cls.group_name == group_name)
         if cache:
             gr = gr.options(FromCache("sql_cache_short",
                                           "get_group_%s" % group_name))
         return gr.scalar()
     @property
     def parents(self):
         parents_recursion_limit = 5
         groups = []
         if self.parent_group is None:
             return groups
         cur_gr = self.parent_group
         groups.insert(0, cur_gr)
         cnt = 0
         while 1:
             cnt += 1
             gr = getattr(cur_gr, 'parent_group', None)
             cur_gr = cur_gr.parent_group
             if gr is None:
                 break
             if cnt == parents_recursion_limit:
                 # this will prevent accidental infinit loops
                 log.error('group nested more than %s' %
                           parents_recursion_limit)
                 break
             groups.insert(0, gr)
         return groups
     @property
     def children(self):
         return Group.query().filter(Group.parent_group == self)
     @property
     def full_path(self):
         return Group.url_sep().join([g.group_name for g in self.parents] +
                         [self.group_name])
     @property
     def repositories(self):
         return Repository.query().filter(Repository.group == self)
     @property
     def repositories_recursive_count(self):
         cnt = self.repositories.count()
         def children_count(group):
             cnt = 0
             for child in group.children:
                 cnt += child.repositories.count()
                 cnt += children_count(child)
             return cnt
         return cnt + children_count(self)
 class Permission(Base, BaseModel):
     __tablename__ = 'permissions'
     __table_args__ = {'extend_existing':True}
     permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     permission_name = Column("permission_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     permission_longname = Column("permission_longname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__,
                                   self.permission_id, self.permission_name)
     @classmethod
     def get_by_key(cls, key):
         return cls.query().filter(cls.permission_name == key).scalar()
     @classmethod
     def get_by_name(cls, name):
         return cls.query().filter(cls.permission_name == name).one()
 class RepoToPerm(Base, BaseModel):
     __tablename__ = 'repo_to_perm'
     __table_args__ = (UniqueConstraint('user_id', 'repository_id'), {'extend_existing':True})
     repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
     user = relationship('User')
     permission = relationship('Permission')
     repository = relationship('Repository')
 class UserToPerm(Base, BaseModel):
     __tablename__ = 'user_to_perm'
     __table_args__ = (UniqueConstraint('user_id', 'permission_id'), {'extend_existing':True})
     user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     user = relationship('User')
     permission = relationship('Permission')
     @classmethod
     def has_perm(cls, user_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         return cls.query().filter(cls.user_id == user_id)\
             .filter(cls.permission == perm).scalar() is not None
     @classmethod
     def grant_perm(cls, user_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         new = cls()
         new.user_id = user_id
         new.permission = perm
         try:
             Session.add(new)
             Session.commit()
         except:
             Session.rollback()
     @classmethod
     def revoke_perm(cls, user_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         try:
             cls.query().filter(cls.user_id == user_id)\
                 .filter(cls.permission == perm).delete()
             Session.commit()
         except:
             Session.rollback()
 class UsersGroupRepoToPerm(Base, BaseModel):
     __tablename__ = 'users_group_repo_to_perm'
     __table_args__ = (UniqueConstraint('repository_id', 'users_group_id', 'permission_id'), {'extend_existing':True})
     users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
     users_group = relationship('UsersGroup')
     permission = relationship('Permission')
     repository = relationship('Repository')
     def __repr__(self):
         return '<userGroup:%s => %s >' % (self.users_group, self.repository)
 class UsersGroupToPerm(Base, BaseModel):
     __tablename__ = 'users_group_to_perm'
     users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     users_group = relationship('UsersGroup')
     permission = relationship('Permission')
     @classmethod
     def has_perm(cls, users_group_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         return cls.query().filter(cls.users_group_id ==
                                          users_group_id)\
                                          .filter(cls.permission == perm)\
                                          .scalar() is not None
     @classmethod
     def grant_perm(cls, users_group_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         new = cls()
         new.users_group_id = users_group_id
         new.permission = perm
         try:
             Session.add(new)
             Session.commit()
         except:
             Session.rollback()
     @classmethod
     def revoke_perm(cls, users_group_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         try:
             cls.query().filter(cls.users_group_id == users_group_id)\
                 .filter(cls.permission == perm).delete()
             Session.commit()
         except:
             Session.rollback()
 class GroupToPerm(Base, BaseModel):
     __tablename__ = 'group_to_perm'
     __table_args__ = (UniqueConstraint('group_id', 'permission_id'), {'extend_existing':True})
     group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
     user = relationship('User')
     permission = relationship('Permission')
     group = relationship('Group')
 class Statistics(Base, BaseModel):
     __tablename__ = 'statistics'
     __table_args__ = (UniqueConstraint('repository_id'), {'extend_existing':True})
     stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
     stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
     commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
     commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
     languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
     repository = relationship('Repository', single_parent=True)
 class UserFollowing(Base, BaseModel):
     __tablename__ = 'user_followings'
     __table_args__ = (UniqueConstraint('user_id', 'follows_repository_id'),
                       UniqueConstraint('user_id', 'follows_user_id')
                       , {'extend_existing':True})
     user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
     follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
     follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
     user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
     follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
     follows_repository = relationship('Repository', order_by='Repository.repo_name')
     @classmethod
     def get_repo_followers(cls, repo_id):
         return cls.query().filter(cls.follows_repo_id == repo_id)
 class CacheInvalidation(Base, BaseModel):
     __tablename__ = 'cache_invalidation'
     __table_args__ = (UniqueConstraint('cache_key'), {'extend_existing':True})
     cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     cache_key = Column("cache_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     cache_args = Column("cache_args", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
     def __init__(self, cache_key, cache_args=''):
         self.cache_key = cache_key
         self.cache_args = cache_args
         self.cache_active = False
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__,
                                   self.cache_id, self.cache_key)
 class DbMigrateVersion(Base, BaseModel):
     __tablename__ = 'db_migrate_version'
     __table_args__ = {'extend_existing':True}
     repository_id = Column('repository_id', String(250), primary_key=True)
     repository_path = Column('repository_path', Text)
     version = Column('version', Integer)

rhodecode/model/repo_permission.py

➞

Show inline comments

@@ new file 100644 @@
 # -*- coding: utf-8 -*-
 """
     rhodecode.model.users_group
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     repository permission model for RhodeCode
     :created_on: Oct 1, 2011
     :author: nvinot
     :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 from rhodecode.model.db import BaseModel, RepoToPerm, Permission
 from rhodecode.model.meta import Session
 log = logging.getLogger(__name__)
 class RepositoryPermissionModel(BaseModel):
     def getUserPermission(self, repository, user):
         return RepoToPerm.query() \
                 .filter(RepoToPerm.user == user) \
                 .filter(RepoToPerm.repository == repository) \
                 .scalar()
     def updateUserPermission(self, repository, user, permission):
         permission = Permission.get_by_key(permission)
         current = self.getUserPermission(repository, user)
         if current:
             if not current.permission is permission:
                 current.permission = permission
         else:
             p = RepoToPerm()
             p.user = user
             p.repository = repository
             p.permission = permission
             Session.add(p)
         Session.commit()
     def deleteUserPermission(self, repository, user):
         current = self.getUserPermission(repository, user)
         Session.delete(current)
         Session.commit()
     def updateOrDeleteUserPermission(self, repository, user, permission):
         if permission:
             self.updateUserPermission(repository, user, permission)
         else:
             self.deleteUserPermission(repository, user)
@@ \ No newline at end of file @@

rhodecode/model/user.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.user
     ~~~~~~~~~~~~~~~~~~~~
     users model for RhodeCode
     :created_on: Apr 9, 2010
     :author: marcink
     :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from pylons.i18n.translation import _
 from rhodecode.model import BaseModel
 from rhodecode.model.caching_query import FromCache
 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \
     UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember
 from rhodecode.lib.exceptions import DefaultUserException, \
     UserOwnsReposException
 from sqlalchemy.exc import DatabaseError
 from rhodecode.lib import generate_api_key
 from sqlalchemy.orm import joinedload
 log = logging.getLogger(__name__)
 PERM_WEIGHTS = {'repository.none': 0,
                 'repository.read': 1,
                 'repository.write': 3,
                 'repository.admin': 3}
 class UserModel(BaseModel):
     def get(self, user_id, cache=False):
         user = self.sa.query(User)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % user_id))
         return user.get(user_id)
     def get_by_username(self, username, cache=False, case_insensitive=False):
         if case_insensitive:
             user = self.sa.query(User).filter(User.username.ilike(username))
         else:
             user = self.sa.query(User)\
                 .filter(User.username == username)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % username))
         return user.scalar()
     def get_by_api_key(self, api_key, cache=False):
         user = self.sa.query(User)\
                 .filter(User.api_key == api_key)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % api_key))
         return user.scalar()
     def create(self, form_data):
         try:
             new_user = User()
             for k, v in form_data.items():
                 setattr(new_user, k, v)
             new_user.api_key = generate_api_key(form_data['username'])
             self.sa.add(new_user)
             self.sa.commit()
             return new_user
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def create_ldap(self, username, password, user_dn, attrs):
         """
         Checks if user is in database, if not creates this user marked
         as ldap user
         :param username:
         :param password:
         :param user_dn:
         :param attrs:
         """
         from rhodecode.lib.auth import get_crypt_password
         log.debug('Checking for such ldap account in RhodeCode database')
         if self.get_by_username(username, case_insensitive=True) is None:
             try:
                 new_user = User()
                 # add ldap account always lowercase
                 new_user.username = username.lower()
                 new_user.password = get_crypt_password(password)
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = True
                 new_user.ldap_dn = user_dn
                 new_user.name = attrs['name']
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 self.sa.commit()
                 return True
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('this %s user exists skipping creation of ldap account',
                   username)
         return False
     def create_registration(self, form_data):
         from rhodecode.lib.celerylib import tasks, run_task
         try:
             new_user = User()
             for k, v in form_data.items():
                 if k != 'admin':
                     setattr(new_user, k, v)
             self.sa.add(new_user)
             self.sa.commit()
             body = ('New user registration\n'
                     'username: %s\n'
                     'email: %s\n')
             body = body % (form_data['username'], form_data['email'])
             run_task(tasks.send_email, None,
                      _('[RhodeCode] New User registration'),
                      body)
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def update(self, user_id, form_data):
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
             for k, v in form_data.items():
                 if k == 'new_password' and v != '':
                     user.password = v
                     user.api_key = generate_api_key(user.username)
                 else:
                     setattr(user, k, v)
             self.sa.add(user)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def update_my_account(self, user_id, form_data):
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
             for k, v in form_data.items():
                 if k == 'new_password' and v != '':
                     user.password = v
                     user.api_key = generate_api_key(user.username)
                 else:
                     if k not in ['admin', 'active']:
                         setattr(user, k, v)
             self.sa.add(user)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def delete(self, user_id):
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't remove this user since it's"
                                   " crucial for entire application"))
             if user.repositories:
                 raise UserOwnsReposException(_('This user still owns %s '
                                                'repositories and cannot be '
                                                'removed. Switch owners or '
                                                'remove those repositories') \
                                                % user.repositories)
             self.sa.delete(user)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def reset_password_link(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.send_password_link, data['email'])
     def reset_password(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.reset_user_password, data['email'])
     def fill_data(self, auth_user, user_id=None, api_key=None):
         """
         Fetches auth_user by user_id,or api_key if present.
         Fills auth_user attributes with those taken from database.
         Additionally set's is_authenitated if lookup fails
         present in database
         :param auth_user: instance of user to set attributes
         :param user_id: user id to fetch by
         :param api_key: api key to fetch by
         """
         if user_id is None and api_key is None:
             raise Exception('You need to pass user_id or api_key')
         try:
             if api_key:
                 dbuser = self.get_by_api_key(api_key)
             else:
                 dbuser = self.get(user_id)
             if dbuser is not None:
                 log.debug('filling %s data', dbuser)
                 for k, v in dbuser.get_dict().items():
                     setattr(auth_user, k, v)
         except:
             log.error(traceback.format_exc())
             auth_user.is_authenticated = False
         return auth_user
     def fill_perms(self, user):
         """
         Fills user permission attribute with permissions taken from database
         works for permissions given for repositories, and for permissions that
         are granted to groups
         :param user: user instance to fill his perms
         """
         user.permissions['repositories'] = {}
         user.permissions['global'] = set()
         #======================================================================
         # fetch default permissions
         #======================================================================
         default_user = self.get_by_username('default', cache=True)
         default_perms = self.sa.query(RepoToPerm, Repository, Permission)\
             .join((Repository, RepoToPerm.repository_id ==
                    Repository.repo_id))\
             .join((Permission, RepoToPerm.permission_id ==
                    Permission.permission_id))\
             .filter(RepoToPerm.user == default_user).all()
         if user.is_admin:
             #==================================================================
             # #admin have all default rights set to admin
             #==================================================================
             user.permissions['global'].add('hg.admin')
             for perm in default_perms:
                 p = 'repository.admin'
                 user.permissions['repositories'][perm.RepoToPerm.
                                                  repository.repo_name] = p
         else:
             #==================================================================
             # set default permissions
             #==================================================================
             uid = user.user_id
             #default global
             default_global_perms = self.sa.query(UserToPerm)\
                 .filter(UserToPerm.user == default_user)
             for perm in default_global_perms:
                 user.permissions['global'].add(perm.permission.permission_name)
             #default for repositories
             for perm in default_perms:
                 if perm.Repository.private and not (perm.Repository.user_id ==
                                                     uid):
                     #diself.sable defaults for private repos,
                     p = 'repository.none'
                 elif perm.Repository.user_id == uid:
                     #set admin if owner
                     p = 'repository.admin'
                 else:
                     p = perm.Permission.permission_name
                 user.permissions['repositories'][perm.RepoToPerm.
                                                  repository.repo_name] = p
             #==================================================================
             # overwrite default with user permissions if any
             #==================================================================
             #user global
             user_perms = self.sa.query(UserToPerm)\
                     .options(joinedload(UserToPerm.permission))\
                     .filter(UserToPerm.user_id == uid).all()
             for perm in user_perms:
                 user.permissions['global'].add(perm.permission.
                                                permission_name)
             #user repositories
             user_repo_perms = self.sa.query(RepoToPerm, Permission,
                                             Repository)\
                 .join((Repository, RepoToPerm.repository_id ==
                        Repository.repo_id))\
                 .join((Permission, RepoToPerm.permission_id ==
                        Permission.permission_id))\
                 .filter(RepoToPerm.user_id == uid).all()
             for perm in user_repo_perms:
                 # set admin if owner
                 if perm.Repository.user_id == uid:
                     p = 'repository.admin'
                 else:
                     p = perm.Permission.permission_name
                 user.permissions['repositories'][perm.RepoToPerm.
                                                  repository.repo_name] = p
             #==================================================================
             # check if user is part of groups for this repository and fill in
             # (or replace with higher) permissions
             #==================================================================
             #users group global
             user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\
                 .options(joinedload(UsersGroupToPerm.permission))\
                 .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==
                        UsersGroupMember.users_group_id))\
                 .filter(UsersGroupMember.user_id == uid).all()
             for perm in user_perms_from_users_groups:
                 user.permissions['global'].add(perm.permission.permission_name)
             #users group repositories
             user_repo_perms_from_users_groups = self.sa.query(
                                                 UsersGroupRepoToPerm,
                                                 Permission, Repository,)\
                 .join((Repository, UsersGroupRepoToPerm.repository_id ==
                        Repository.repo_id))\
                 .join((Permission, UsersGroupRepoToPerm.permission_id ==
                        Permission.permission_id))\
                 .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id ==
                        UsersGroupMember.users_group_id))\
                 .filter(UsersGroupMember.user_id == uid).all()
             for perm in user_repo_perms_from_users_groups:
                 p = perm.Permission.permission_name
                 cur_perm = user.permissions['repositories'][perm.
                                                     UsersGroupRepoToPerm.
                                                     repository.repo_name]
                 #overwrite permission only if it's greater than permission
                 # given from other sources
                 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
                     user.permissions['repositories'][perm.UsersGroupRepoToPerm.
                                                      repository.repo_name] = p
         return user

rhodecode/model/users_group.py

➞

Show inline comments

@@ new file 100644 @@
 # -*- coding: utf-8 -*-
 """
     rhodecode.model.users_group
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     users group model for RhodeCode
     :created_on: Oct 1, 2011
     :author: nvinot
     :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from rhodecode.model import BaseModel
 from rhodecode.model.caching_query import FromCache
 from rhodecode.model.db import UsersGroupMember, UsersGroup
 log = logging.getLogger(__name__)
 class UsersGroupModel(BaseModel):
     def get(self, users_group_id, cache=False):
         users_group = UsersGroup.query()
         if cache:
             users_group = users_group.options(FromCache("sql_cache_short",
                                           "get_users_group_%s" % users_group_id))
         return users_group.get(users_group_id)
     def get_by_name(self, name, cache=False, case_insensitive=False):
         users_group = UsersGroup.query()
         if case_insensitive:
             users_group = users_group.filter(UsersGroup.users_group_name.ilike(name))
         else:
             users_group = users_group.filter(UsersGroup.users_group_name == name)
         if cache:
             users_group = users_group.options(FromCache("sql_cache_short",
                                           "get_users_group_%s" % name))
         return users_group.scalar()
     def create(self, form_data):
         try:
             new_users_group = UsersGroup()
             for k, v in form_data.items():
                 setattr(new_users_group, k, v)
             self.sa.add(new_users_group)
             self.sa.commit()
             return new_users_group
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def add_user_to_group(self, users_group, user):
         try:
             users_group_member = UsersGroupMember()
             users_group_member.user = user
             users_group_member.users_group = users_group
             self.sa.add(users_group_member)
             self.sa.commit()
             return users_group_member
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
@@ \ No newline at end of file @@

0 comments (0 inline, 0 general)