kallithea Changeset - 6d0573ba0721

Changeset - 6d0573ba0721

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Mads Kiilerich - 7 years ago 2018-12-29 19:16:56
mads@kiilerich.com

auth: drop "multiple_counter" from computing permissions

This seems to have been something about having some permissions override
existing permissions. It is not clear to me why anybody should want that.

test_user_group_permissions_on_repo_groups.py seems to have been testing for
something we don't want. The new behaviour seems more reasonable. The test user
is inhering access from the default user, and thus in this case getting read
access (except when private).

3 files changed with 10 insertions and 19 deletions:

kallithea/lib/auth.py

kallithea/tests/models/test_permissions.py

kallithea/tests/models/test_user_group_permissions_on_repo_groups.py

0 comments (0 inline, 0 general)

kallithea/lib/auth.py

➞

Show inline comments

@@ @@ -285,14 +285,11 @@ def _cached_perms_data(user_id, user_is_ @@
         .filter(UserGroupMember.user_id == user_id) \
         .all()
     multiple_counter = collections.defaultdict(int)
     for perm in user_repo_perms_from_users_groups:
         r_k = perm.UserGroupRepoToPerm.repository.repo_name
-        multiple_counter[r_k] += 1
+        cur_perm = permissions[RK][r_k]
         p = perm.Permission.permission_name
         cur_perm = permissions[RK][r_k]
         if multiple_counter[r_k] > 1:
             p = _choose_perm(p, cur_perm)
         p = _choose_perm(p, cur_perm)
         permissions[RK][r_k] = p
     # user permissions for repositories
@@ @@ -325,14 +322,11 @@ def _cached_perms_data(user_id, user_is_ @@
      .filter(UserGroupMember.user_id == user_id) \
      .all()
     multiple_counter = collections.defaultdict(int)
     for perm in user_repo_group_perms_from_users_groups:
         g_k = perm.UserGroupRepoGroupToPerm.group.group_name
         multiple_counter[g_k] += 1
         p = perm.Permission.permission_name
         cur_perm = permissions[GK][g_k]
         if multiple_counter[g_k] > 1:
             p = _choose_perm(p, cur_perm)
         p = _choose_perm(p, cur_perm)
         permissions[GK][g_k] = p
     # user explicit permissions for repository groups
@@ @@ -362,14 +356,11 @@ def _cached_perms_data(user_id, user_is_ @@
      .filter(UserGroup.users_group_active == True) \
      .all()
     multiple_counter = collections.defaultdict(int)
     for perm in user_group_user_groups_perms:
         g_k = perm.UserGroupUserGroupToPerm.target_user_group.users_group_name
         multiple_counter[g_k] += 1
         p = perm.Permission.permission_name
         cur_perm = permissions[UK][g_k]
         if multiple_counter[g_k] > 1:
             p = _choose_perm(p, cur_perm)
         p = _choose_perm(p, cur_perm)
         permissions[UK][g_k] = p
     # user explicit permission for user groups

kallithea/tests/models/test_permissions.py

➞

Show inline comments

@@ @@ -599,7 +599,7 @@ class TestPermissions(TestController): @@
         Session().commit()
         u1_auth = AuthUser(user_id=self.u1.user_id)
-        assert u1_auth.permissions['repositories']['myownrepo'] == 'repository.none' # temporarily, because multiple_counter
+        assert u1_auth.permissions['repositories']['myownrepo'] == 'repository.admin'
     def test_owner_permissions_doesnot_get_overwritten_by_others(self):
         # create repo as USER,

kallithea/tests/models/test_user_group_permissions_on_repo_groups.py

➞

Show inline comments

@@ @@ -129,14 +129,14 @@ def test_user_permissions_on_group_with_ @@
     _check_expected_count(items, repo_items, expected_count(group, True))
     for name, perm in repo_items:
         check_tree_perms(name, perm, group, 'repository.none')
+        check_tree_perms(name, perm, group, 'repository.none' if name.endswith('_private') else 'repository.read')
     for name, perm in items:
-        check_tree_perms(name, perm, group, 'group.none')
+        check_tree_perms(name, perm, group, 'group.read')
 def test_user_permissions_on_group_with_recursive_mode_deepest():
-    ## set permission to g0_3 group to none
+    ## set permission to g0/g0_1/g0_1_1 group to write
     recursive = 'all'
     group = u'g0/g0_1/g0_1_1'
     permissions_setup_func(group, 'group.write', recursive=recursive)
@@ @@ -153,7 +153,7 @@ def test_user_permissions_on_group_with_ @@
 def test_user_permissions_on_group_with_recursive_mode_only_with_repos():
-    ## set permission to g0_3 group to none
+    ## set permission to g0/g0_2 group to admin
     recursive = 'all'
     group = u'g0/g0_2'
     permissions_setup_func(group, 'group.admin', recursive=recursive)
@@ @@ -208,4 +208,4 @@ def test_user_permissions_on_group_with_ @@
         check_tree_perms(name, perm, group, 'repository.read')
     for name, perm in items:
-        check_tree_perms(name, perm, group, 'group.none')
+        check_tree_perms(name, perm, group, 'group.read')

0 comments (0 inline, 0 general)