Changeset - 69b25f1b0b45
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 13 years ago 2012-12-13 14:38:45
marcin@python-works.com
switch to defaultdict for counter implementation
1 file changed with 2 insertions and 2 deletions:
rhodecode/model/user.py
2
2
0 comments (0 inline, 0 general)
rhodecode/model/user.py
Show inline comments
 
@@ -452,250 +452,250 @@ class UserModel(BaseModel):
 

			




	
	
	
		
 
        # default global permissions taken fron the default user

			




	
	
	
		
 
        default_global_perms = self.sa.query(UserToPerm)\

			




	
	
	
		
 
            .filter(UserToPerm.user_id == default_user_id)

			




	
	
	
		
 

			




	
	
	
		
 
        for perm in default_global_perms:

			




	
	
	
		
 
            user.permissions[GLOBAL].add(perm.permission.permission_name)

			




	
	
	
		
 

			




	
	
	
		
 
        # defaults for repositories, taken from default user

			




	
	
	
		
 
        for perm in default_repo_perms:

			




	
	
	
		
 
            r_k = perm.UserRepoToPerm.repository.repo_name

			




	
	
	
		
 
            if perm.Repository.private and not (perm.Repository.user_id == uid):

			




	
	
	
		
 
                # disable defaults for private repos,

			




	
	
	
		
 
                p = 'repository.none'

			




	
	
	
		
 
            elif perm.Repository.user_id == uid:

			




	
	
	
		
 
                # set admin if owner

			




	
	
	
		
 
                p = 'repository.admin'

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                p = perm.Permission.permission_name

			




	
	
	
		
 

			




	
	
	
		
 
            user.permissions[RK][r_k] = p

			




	
	
	
		
 

			




	
	
	
		
 
        # defaults for repositories groups taken from default user permission

			




	
	
	
		
 
        # on given group

			




	
	
	
		
 
        for perm in default_repo_groups_perms:

			




	
	
	
		
 
            rg_k = perm.UserRepoGroupToPerm.group.group_name

			




	
	
	
		
 
            p = perm.Permission.permission_name

			




	
	
	
		
 
            user.permissions[GK][rg_k] = p

			




	
	
	
		
 

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # !! OVERRIDE GLOBALS !! with user permissions if any found

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # those can be configured from groups or users explicitly

			




	
	
	
		
 
        _configurable = set(['hg.fork.none', 'hg.fork.repository',

			




	
	
	
		
 
                             'hg.create.none', 'hg.create.repository'])

			




	
	
	
		
 

			




	
	
	
		
 
        # USER GROUPS comes first

			




	
	
	
		
 
        # users group global permissions

			




	
	
	
		
 
        user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\

			




	
	
	
		
 
            .options(joinedload(UsersGroupToPerm.permission))\

			




	
	
	
		
 
            .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==

			




	
	
	
		
 
                   UsersGroupMember.users_group_id))\

			




	
	
	
		
 
            .filter(UsersGroupMember.user_id == uid)\

			




	
	
	
		
 
            .order_by(UsersGroupToPerm.users_group_id)\

			




	
	
	
		
 
            .all()

			




	
	
	
		
 
        #need to group here by groups since user can be in more than one group

			




	
	
	
		
 
        _grouped = [[x, list(y)] for x, y in

			




	
	
	
		
 
                    itertools.groupby(user_perms_from_users_groups,

			




	
	
	
		
 
                                      lambda x:x.users_group)]

			




	
	
	
		
 
        for gr, perms in _grouped:

			




	
	
	
		
 
            # since user can be in multiple groups iterate over them and

			




	
	
	
		
 
            # select the lowest permissions first (more explicit)

			




	
	
	
		
 
            ##TODO: do this^^

			




	
	
	
		
 
            if not gr.inherit_default_permissions:

			




	
	
	
		
 
                # NEED TO IGNORE all configurable permissions and

			




	
	
	
		
 
                # replace them with explicitly set

			




	
	
	
		
 
                user.permissions[GLOBAL] = user.permissions[GLOBAL]\

			




	
	
	
		
 
                                                .difference(_configurable)

			




	
	
	
		
 
            for perm in perms:

			




	
	
	
		
 
                user.permissions[GLOBAL].add(perm.permission.permission_name)

			




	
	
	
		
 

			




	
	
	
		
 
        # user specific global permissions

			




	
	
	
		
 
        user_perms = self.sa.query(UserToPerm)\

			




	
	
	
		
 
                .options(joinedload(UserToPerm.permission))\

			




	
	
	
		
 
                .filter(UserToPerm.user_id == uid).all()

			




	
	
	
		
 

			




	
	
	
		
 
        if not user.inherit_default_permissions:

			




	
	
	
		
 
            # NEED TO IGNORE all configurable permissions and

			




	
	
	
		
 
            # replace them with explicitly set

			




	
	
	
		
 
            user.permissions[GLOBAL] = user.permissions[GLOBAL]\

			




	
	
	
		
 
                                            .difference(_configurable)

			




	
	
	
		
 

			




	
	
	
		
 
            for perm in user_perms:

			




	
	
	
		
 
                user.permissions[GLOBAL].add(perm.permission.permission_name)

			




	
	
	
		
 

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # !! PERMISSIONS FOR REPOSITORIES !!

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # check if user is part of user groups for this repository and

			




	
	
	
		
 
        # fill in his permission from it. _choose_perm decides of which

			




	
	
	
		
 
        # permission should be selected based on selected method

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 

			




	
	
	
		
 
        # users group for repositories permissions

			




	
	
	
		
 
        user_repo_perms_from_users_groups = \

			




	
	
	
		
 
         self.sa.query(UsersGroupRepoToPerm, Permission, Repository,)\

			




	
	
	
		
 
            .join((Repository, UsersGroupRepoToPerm.repository_id ==

			




	
	
	
		
 
                   Repository.repo_id))\

			




	
	
	
		
 
            .join((Permission, UsersGroupRepoToPerm.permission_id ==

			




	
	
	
		
 
                   Permission.permission_id))\

			




	
	
	
		
 
            .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id ==

			




	
	
	
		
 
                   UsersGroupMember.users_group_id))\

			




	
	
	
		
 
            .filter(UsersGroupMember.user_id == uid)\

			




	
	
	
		
 
            .all()

			




	
	
	
		
 

			




	
	
	
		
 
        multiple_counter = collections.Counter()

			




	
	
	
		
 
        multiple_counter = collections.defaultdict(int)

			




	
	
	
		
 
        for perm in user_repo_perms_from_users_groups:

			




	
	
	
		
 
            r_k = perm.UsersGroupRepoToPerm.repository.repo_name

			




	
	
	
		
 
            multiple_counter[r_k] += 1

			




	
	
	
		
 
            p = perm.Permission.permission_name

			




	
	
	
		
 
            cur_perm = user.permissions[RK][r_k]

			




	
	
	
		
 

			




	
	
	
		
 
            if perm.Repository.user_id == uid:

			




	
	
	
		
 
                # set admin if owner

			




	
	
	
		
 
                p = 'repository.admin'

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                if multiple_counter[r_k] > 1:

			




	
	
	
		
 
                    p = _choose_perm(p, cur_perm)

			




	
	
	
		
 
            user.permissions[RK][r_k] = p

			




	
	
	
		
 

			




	
	
	
		
 
        # user explicit permissions for repositories, overrides any specified

			




	
	
	
		
 
        # by the group permission

			




	
	
	
		
 
        user_repo_perms = \

			




	
	
	
		
 
         self.sa.query(UserRepoToPerm, Permission, Repository)\

			




	
	
	
		
 
            .join((Repository, UserRepoToPerm.repository_id ==

			




	
	
	
		
 
                   Repository.repo_id))\

			




	
	
	
		
 
            .join((Permission, UserRepoToPerm.permission_id ==

			




	
	
	
		
 
                   Permission.permission_id))\

			




	
	
	
		
 
            .filter(UserRepoToPerm.user_id == uid)\

			




	
	
	
		
 
            .all()

			




	
	
	
		
 

			




	
	
	
		
 
        for perm in user_repo_perms:

			




	
	
	
		
 
            r_k = perm.UserRepoToPerm.repository.repo_name

			




	
	
	
		
 
            cur_perm = user.permissions[RK][r_k]

			




	
	
	
		
 
            # set admin if owner

			




	
	
	
		
 
            if perm.Repository.user_id == uid:

			




	
	
	
		
 
                p = 'repository.admin'

			




	
	
	
		
 
            else:

			




	
	
	
		
 
                p = perm.Permission.permission_name

			




	
	
	
		
 
                if not explicit:

			




	
	
	
		
 
                    p = _choose_perm(p, cur_perm)

			




	
	
	
		
 
            user.permissions[RK][r_k] = p

			




	
	
	
		
 

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # !! PERMISSIONS FOR REPOSITORIES GROUPS !!

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # check if user is part of user groups for this repository groups and

			




	
	
	
		
 
        # fill in his permission from it. _choose_perm decides of which

			




	
	
	
		
 
        # permission should be selected based on selected method

			




	
	
	
		
 
        #======================================================================

			




	
	
	
		
 
        # users group for repo groups permissions

			




	
	
	
		
 
        user_repo_group_perms_from_users_groups = \

			




	
	
	
		
 
         self.sa.query(UsersGroupRepoGroupToPerm, Permission, RepoGroup)\

			




	
	
	
		
 
         .join((RepoGroup, UsersGroupRepoGroupToPerm.group_id == RepoGroup.group_id))\

			




	
	
	
		
 
         .join((Permission, UsersGroupRepoGroupToPerm.permission_id

			




	
	
	
		
 
                == Permission.permission_id))\

			




	
	
	
		
 
         .join((UsersGroupMember, UsersGroupRepoGroupToPerm.users_group_id

			




	
	
	
		
 
                == UsersGroupMember.users_group_id))\

			




	
	
	
		
 
         .filter(UsersGroupMember.user_id == uid)\

			




	
	
	
		
 
         .all()

			




	
	
	
		
 

			




	
	
	
		
 
        multiple_counter = collections.Counter()

			




	
	
	
		
 
        multiple_counter = collections.defaultdict(int)

			




	
	
	
		
 
        for perm in user_repo_group_perms_from_users_groups:

			




	
	
	
		
 
            g_k = perm.UsersGroupRepoGroupToPerm.group.group_name

			




	
	
	
		
 
            multiple_counter[g_k] += 1

			




	
	
	
		
 
            p = perm.Permission.permission_name

			




	
	
	
		
 
            cur_perm = user.permissions[GK][g_k]

			




	
	
	
		
 
            if multiple_counter[g_k] > 1:

			




	
	
	
		
 
                p = _choose_perm(p, cur_perm)

			




	
	
	
		
 
            user.permissions[GK][g_k] = p

			




	
	
	
		
 

			




	
	
	
		
 
        # user explicit permissions for repository groups

			




	
	
	
		
 
        user_repo_groups_perms = \

			




	
	
	
		
 
         self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\

			




	
	
	
		
 
         .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\

			




	
	
	
		
 
         .join((Permission, UserRepoGroupToPerm.permission_id

			




	
	
	
		
 
                == Permission.permission_id))\

			




	
	
	
		
 
         .filter(UserRepoGroupToPerm.user_id == uid)\

			




	
	
	
		
 
         .all()

			




	
	
	
		
 

			




	
	
	
		
 
        for perm in user_repo_groups_perms:

			




	
	
	
		
 
            rg_k = perm.UserRepoGroupToPerm.group.group_name

			




	
	
	
		
 
            p = perm.Permission.permission_name

			




	
	
	
		
 
            cur_perm = user.permissions[GK][rg_k]

			




	
	
	
		
 
            if not explicit:

			




	
	
	
		
 
                p = _choose_perm(p, cur_perm)

			




	
	
	
		
 
            user.permissions[GK][rg_k] = p

			




	
	
	
		
 

			




	
	
	
		
 
        return user

			




	
	
	
		
 

			




	
	
	
		
 
    def has_perm(self, user, perm):

			




	
	
	
		
 
        perm = self._get_perm(perm)

			




	
	
	
		
 
        user = self._get_user(user)

			




	
	
	
		
 

			




	
	
	
		
 
        return UserToPerm.query().filter(UserToPerm.user == user)\

			




	
	
	
		
 
            .filter(UserToPerm.permission == perm).scalar() is not None

			




	
	
	
		
 

			




	
	
	
		
 
    def grant_perm(self, user, perm):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Grant user global permissions

			




	
	
	
		
 

			




	
	
	
		
 
        :param user:

			




	
	
	
		
 
        :param perm:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        user = self._get_user(user)

			




	
	
	
		
 
        perm = self._get_perm(perm)

			




	
	
	
		
 
        # if this permission is already granted skip it

			




	
	
	
		
 
        _perm = UserToPerm.query()\

			




	
	
	
		
 
            .filter(UserToPerm.user == user)\

			




	
	
	
		
 
            .filter(UserToPerm.permission == perm)\

			




	
	
	
		
 
            .scalar()

			




	
	
	
		
 
        if _perm:

			




	
	
	
		
 
            return

			




	
	
	
		
 
        new = UserToPerm()

			




	
	
	
		
 
        new.user = user

			




	
	
	
		
 
        new.permission = perm

			




	
	
	
		
 
        self.sa.add(new)

			




	
	
	
		
 

			




	
	
	
		
 
    def revoke_perm(self, user, perm):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Revoke users global permissions

			




	
	
	
		
 

			




	
	
	
		
 
        :param user:

			




	
	
	
		
 
        :param perm:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        user = self._get_user(user)

			




	
	
	
		
 
        perm = self._get_perm(perm)

			




	
	
	
		
 

			




	
	
	
		
 
        obj = UserToPerm.query()\

			




	
	
	
		
 
                .filter(UserToPerm.user == user)\

			




	
	
	
		
 
                .filter(UserToPerm.permission == perm)\

			




	
	
	
		
 
                .scalar()

			




	
	
	
		
 
        if obj:

			




	
	
	
		
 
            self.sa.delete(obj)

			




	
	
	
		
 

			




	
	
	
		
 
    def add_extra_email(self, user, email):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Adds email address to UserEmailMap

			




	
	
	
		
 

			




	
	
	
		
 
        :param user:

			




	
	
	
		
 
        :param email:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        from rhodecode.model import forms

			




	
	
	
		
 
        form = forms.UserExtraEmailForm()()

			




	
	
	
		
 
        data = form.to_python(dict(email=email))

			




	
	
	
		
 
        user = self._get_user(user)

			




	
	
	
		
 

			




	
	
	
		
 
        obj = UserEmailMap()

			




	
	
	
		
 
        obj.user = user

			




	
	
	
		
 
        obj.email = data['email']

			




	
	
	
		
 
        self.sa.add(obj)

			




	
	
	
		
 
        return obj

			




	
	
	
		
 

			




	
	
	
		
 
    def delete_extra_email(self, user, email_id):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Removes email address from UserEmailMap

			




	
	
	
		
 

			




	
	
	
		
 
        :param user:

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.