kallithea Changeset - aa7e45ad0cea

Changeset - aa7e45ad0cea

Parent rev.

Child rev.

[Not reviewed]

beta

0 12 0

Marcin Kuzminski - 15 years ago 2011-04-19 17:28:42
marcin@python-works.com

Fixed permissions for users groups, group can have create repo permission now.
Some code refactor + pep8ify

12 files changed with 218 insertions and 94 deletions:

rhodecode/config/routing.py

rhodecode/controllers/admin/users_groups.py

rhodecode/lib/dbmigrate/versions/003_version_1_2_0.py

rhodecode/model/__init__.py

rhodecode/model/caching_query.py

rhodecode/model/db.py

rhodecode/model/forms.py

rhodecode/model/meta.py

rhodecode/model/permission.py

rhodecode/model/repo.py

rhodecode/model/users_group.py

rhodecode/templates/admin/users_groups/users_group_edit.html

0 comments (0 inline, 0 general)

rhodecode/config/routing.py

➞

Show inline comments

@@ @@ -126,26 +126,53 @@ def make_map(config): @@
                   "/users/{id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("user", "/users/{id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_user", "/users/{id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
         #EXTRAS USER ROUTES
         m.connect("user_perm", "/users_perm/{id}",
                   action="update_perm", conditions=dict(method=["PUT"]))
     #ADMIN USERS REST ROUTES
     rmap.resource('users_group', 'users_groups',
                   controller='admin/users_groups', path_prefix='/_admin')
     with rmap.submapper(path_prefix='/_admin',
                         controller='admin/users_groups') as m:
         m.connect("users_groups", "/users_groups",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users_groups", "/users_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users_groups", "/users_groups.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_users_group", "/users_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_users_group", "/users_groups/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_users_group", "/users_groups/{id}",
                   action="update", conditions=dict(method=["PUT"]))
         m.connect("delete_users_group", "/users_groups/{id}",
                   action="delete", conditions=dict(method=["DELETE"]))
         m.connect("edit_users_group", "/users_groups/{id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("formatted_edit_users_group",
                   "/users_groups/{id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("users_group", "/users_groups/{id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_users_group", "/users_groups/{id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
         #EXTRAS USER ROUTES
         m.connect("users_group_perm", "/users_groups_perm/{id}",
                   action="update_perm", conditions=dict(method=["PUT"]))
     #ADMIN GROUP REST ROUTES
     rmap.resource('group', 'groups',
                   controller='admin/groups', path_prefix='/_admin')
     #ADMIN PERMISSIONS REST ROUTES
     rmap.resource('permission', 'permissions',
                   controller='admin/permissions', path_prefix='/_admin')
     ##ADMIN LDAP SETTINGS
     rmap.connect('ldap_settings', '/_admin/ldap',
                  controller='admin/ldap_settings', action='ldap_settings',

rhodecode/controllers/admin/users_groups.py

➞

Show inline comments

@@ @@ -27,27 +27,26 @@ import logging @@
 import traceback
 import formencode
 from formencode import htmlfill
 from pylons import request, session, tmpl_context as c, url, config
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
 from rhodecode.lib.base import BaseController, render
 from rhodecode.model.db import User, UsersGroup
+from rhodecode.model.db import User, UsersGroup, Permission, UsersGroupToPerm
 from rhodecode.model.forms import UserForm, UsersGroupForm
 from rhodecode.model.user import UserModel
 from rhodecode.model.users_group import UsersGroupModel
 log = logging.getLogger(__name__)
 class UsersGroupsController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('users_group', 'users_groups')
     @LoginRequired()
@@ @@ -114,28 +113,34 @@ class UsersGroupsController(BaseControll @@
                                           old_data=c.users_group.get_dict(),
                                           available_members=[str(x[0]) for x
                                                 in c.available_members])()
         try:
             form_result = users_group_form.to_python(request.POST)
             users_group_model.update(id, form_result)
             h.flash(_('updated users group %s') \
                         % form_result['users_group_name'],
                     category='success')
             #action_logger(self.rhodecode_user, 'new_user', '', '', self.sa)
         except formencode.Invalid, errors:
             e = errors.error_dict or {}
             perm = Permission.get_by_key('hg.create.repository')
             e.update({'create_repo_perm':
                          UsersGroupToPerm.has_perm(id, perm)})
             return htmlfill.render(
                 render('admin/users_groups/users_group_edit.html'),
                 defaults=errors.value,
-                errors=errors.error_dict or {},
+                errors=e,
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during update of users group %s') \
                     % request.POST.get('users_group_name'), category='error')
         return redirect(url('users_groups'))
     def delete(self, id):
         """DELETE /users_groups/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
@@ @@ -162,19 +167,47 @@ class UsersGroupsController(BaseControll @@
         # url('edit_users_group', id=ID)
         c.users_group = self.sa.query(UsersGroup).get(id)
         if not c.users_group:
             return redirect(url('users_groups'))
         c.users_group.permissions = {}
         c.group_members = [(x.user_id, x.user.username) for x in
                            c.users_group.members]
         c.available_members = [(x.user_id, x.username) for x in
                                self.sa.query(User).all()]
         defaults = c.users_group.get_dict()
         perm = Permission.get_by_key('hg.create.repository')
         defaults.update({'create_repo_perm':
                          UsersGroupToPerm.has_perm(id, perm)})
         return htmlfill.render(
             render('admin/users_groups/users_group_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False
+        )
     def update_perm(self, id):
         """PUT /users_perm/id: Update an existing item"""
         # url('users_group_perm', id=ID, method='put')
         grant_perm = request.POST.get('create_repo_perm', False)
         if grant_perm:
             perm = Permission.get_by_key('hg.create.none')
             UsersGroupToPerm.revoke_perm(id, perm)
             perm = Permission.get_by_key('hg.create.repository')
             UsersGroupToPerm.grant_perm(id, perm)
             h.flash(_("Granted 'repository create' permission to user"),
                     category='success')
         else:
             perm = Permission.get_by_key('hg.create.repository')
             UsersGroupToPerm.revoke_perm(id, perm)
             perm = Permission.get_by_key('hg.create.none')
             UsersGroupToPerm.grant_perm(id, perm)
             h.flash(_("Revoked 'repository create' permission to user"),
                     category='success')
         return redirect(url('edit_users_group', id=id))

rhodecode/lib/dbmigrate/versions/003_version_1_2_0.py

➞

Show inline comments

@@ @@ -34,30 +34,35 @@ def upgrade(migrate_engine): @@
     # Add table `users_groups`
     #==========================================================================
     from rhodecode.model.db import UsersGroup
     UsersGroup().__table__.create()
     #==========================================================================
     # Add table `users_groups_members`
     #==========================================================================
     from rhodecode.model.db import UsersGroupMember
     UsersGroupMember().__table__.create()
     #==========================================================================
     # Add table `users_group_repo_to_perm`
     #==========================================================================
     from rhodecode.model.db import UsersGroupRepoToPerm
     UsersGroupRepoToPerm().__table__.create()
     #==========================================================================
     # Add table `users_group_to_perm`
     #==========================================================================
     from rhodecode.model.db import UsersGroupToPerm
     UsersGroupToPerm().__table__.create()
     #==========================================================================
     # Upgrade of `users` table
     #==========================================================================
     from rhodecode.model.db import User
     #add column
     ldap_dn = Column("ldap_dn", String(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ldap_dn.create(User().__table__)
     api_key = Column("api_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     api_key.create(User().__table__)

rhodecode/model/__init__.py

➞

Show inline comments

@@ @@ -38,34 +38,37 @@ @@
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 from rhodecode.model import meta
 log = logging.getLogger(__name__)
 def init_model(engine):
     """Initializes db session, bind the engine with the metadata,
     Call this before using any of the tables or classes in the model, preferably
     once in application start
     """
     Initializes db session, bind the engine with the metadata,
     Call this before using any of the tables or classes in the model,
     preferably once in application start
     :param engine: engine to bind to
     """
     log.info("initializing db for %s", engine)
     meta.Base.metadata.bind = engine
 class BaseModel(object):
     """Base Model for all RhodeCode models, it adds sql alchemy session
     into instance of model
     :param sa: If passed it reuses this session instead of creating a new one
     """
     def __init__(self, sa=None):
         if sa is not None:
             self.sa = sa
         else:
             self.sa = meta.Session()

rhodecode/model/caching_query.py

➞

Show inline comments

@@ @@ -9,29 +9,31 @@ The three new concepts introduced here a @@
    retrieves results in/from Beaker.
  * FromCache - a query option that establishes caching
    parameters on a Query
  * RelationshipCache - a variant of FromCache which is specific
    to a query invoked during a lazy load.
  * _params_from_query - extracts value parameters from
    a Query.
 The rest of what's here are standard SQLAlchemy and
 Beaker constructs.
 """
 import beaker
 from beaker.exceptions import BeakerException
 from sqlalchemy.orm.interfaces import MapperOption
 from sqlalchemy.orm.query import Query
 from sqlalchemy.sql import visitors
-import beaker
 class CachingQuery(Query):
     """A Query subclass which optionally loads full results from a Beaker
     cache region.
     The CachingQuery stores additional state that allows it to consult
     a Beaker cache before accessing the database:
     * A "region", which is a cache region argument passed to a
       Beaker CacheManager, specifies a particular cache configuration
       (including backend implementation, expiration times, etc.)
     * A "namespace", which is a qualifying name that identifies a
@@ @@ -65,25 +67,26 @@ class CachingQuery(Query): @@
            if particular attributes have been configured.
            Note that this approach does *not* detach the loaded objects from
            the current session. If the cache backend is an in-process cache
            (like "memory") and lives beyond the scope of the current session's
            transaction, those objects may be expired. The method here can be
            modified to first expunge() each loaded item from the current
            session before returning the list of items, so that the items
            in the cache are not the same ones in the current Session.
         """
         if hasattr(self, '_cache_parameters'):
             return self.get_value(createfunc=lambda: list(Query.__iter__(self)))
             return self.get_value(createfunc=lambda:
                                   list(Query.__iter__(self)))
         else:
             return Query.__iter__(self)
     def invalidate(self):
         """Invalidate the value represented by this Query."""
         cache, cache_key = _get_cache_parameters(self)
         cache.remove(cache_key)
     def get_value(self, merge=True, createfunc=None):
         """Return the value from the cache for this query.
@@ @@ -94,83 +97,90 @@ class CachingQuery(Query): @@
         cache, cache_key = _get_cache_parameters(self)
         ret = cache.get_value(cache_key, createfunc=createfunc)
         if merge:
             ret = self.merge_result(ret, load=False)
         return ret
     def set_value(self, value):
         """Set the value in the cache for this query."""
         cache, cache_key = _get_cache_parameters(self)
         cache.put(cache_key, value)
 def query_callable(manager):
     def query(*arg, **kw):
         return CachingQuery(manager, *arg, **kw)
     return query
 def get_cache_region(name, region):
     if region not in beaker.cache.cache_regions:
         raise BeakerException('Cache region `%s` not configured '
             'Check if proper cache settings are in the .ini files' % region)
     kw = beaker.cache.cache_regions[region]
     return beaker.cache.Cache._get_cache(name, kw)
 def _get_cache_parameters(query):
     """For a query with cache_region and cache_namespace configured,
     return the correspoinding Cache instance and cache key, based
     on this query's current criterion and parameter values.
     """
     if not hasattr(query, '_cache_parameters'):
         raise ValueError("This Query does not have caching parameters configured.")
         raise ValueError("This Query does not have caching "
                          "parameters configured.")
     region, namespace, cache_key = query._cache_parameters
     namespace = _namespace_from_query(namespace, query)
     if cache_key is None:
         # cache key - the value arguments from this query's parameters.
         args = _params_from_query(query)
         cache_key = " ".join([str(x) for x in args])
     # get cache
     #cache = query.cache_manager.get_cache_region(namespace, region)
     cache = get_cache_region(namespace, region)
     # optional - hash the cache_key too for consistent length
     # import uuid
     # cache_key= str(uuid.uuid5(uuid.NAMESPACE_DNS, cache_key))
     return cache, cache_key
 def _namespace_from_query(namespace, query):
     # cache namespace - the token handed in by the
     # option + class we're querying against
     namespace = " ".join([namespace] + [str(x) for x in query._entities])
     # memcached wants this
     namespace = namespace.replace(' ', '_')
     return namespace
 def _set_cache_parameters(query, region, namespace, cache_key):
     if hasattr(query, '_cache_parameters'):
         region, namespace, cache_key = query._cache_parameters
         raise ValueError("This query is already configured "
                         "for region %r namespace %r" %
                         (region, namespace)
+                    )
     query._cache_parameters = region, namespace, cache_key
 class FromCache(MapperOption):
     """Specifies that a Query should load results from a cache."""
     propagate_to_loaders = False
     def __init__(self, region, namespace, cache_key=None):
         """Construct a new FromCache.
         :param region: the cache region.  Should be a
         region configured in the Beaker CacheManager.
         :param namespace: the cache namespace.  Should
@@ @@ -182,25 +192,27 @@ class FromCache(MapperOption): @@
         if your query has a huge amount of parameters (such
         as when using in_()) which correspond more simply to
         some other identifier.
         """
         self.region = region
         self.namespace = namespace
         self.cache_key = cache_key
     def process_query(self, query):
         """Process a Query during normal loading operation."""
         _set_cache_parameters(query, self.region, self.namespace, self.cache_key)
         _set_cache_parameters(query, self.region, self.namespace,
                               self.cache_key)
 class RelationshipCache(MapperOption):
     """Specifies that a Query as called within a "lazy load"
        should load results from a cache."""
     propagate_to_loaders = True
     def __init__(self, region, namespace, attribute):
         """Construct a new RelationshipCache.
         :param region: the cache region.  Should be a
         region configured in the Beaker CacheManager.
@@ @@ -208,40 +220,41 @@ class RelationshipCache(MapperOption): @@
         :param namespace: the cache namespace.  Should
         be a name uniquely describing the target Query's
         lexical structure.
         :param attribute: A Class.attribute which
         indicates a particular class relationship() whose
         lazy loader should be pulled from the cache.
         """
         self.region = region
         self.namespace = namespace
         self._relationship_options = {
-            (attribute.property.parent.class_, attribute.property.key) : self
             (attribute.property.parent.class_, attribute.property.key): self
+        }
     def process_query_conditionally(self, query):
         """Process a Query that is used within a lazy loader.
         (the process_query_conditionally() method is a SQLAlchemy
         hook invoked only within lazyload.)
         """
         if query._current_path:
             mapper, key = query._current_path[-2:]
             for cls in mapper.class_.__mro__:
                 if (cls, key) in self._relationship_options:
                     relationship_option = self._relationship_options[(cls, key)]
                     relationship_option = \
                         self._relationship_options[(cls, key)]
                     _set_cache_parameters(
                             query,
                             relationship_option.region,
                             relationship_option.namespace,
                             None)
     def and_(self, option):
         """Chain another RelationshipCache option to this one.
         While many RelationshipCache objects can be specified on a single
         Query separately, chaining them together allows for a more efficient
         lookup during load.
@@ @@ -252,25 +265,26 @@ class RelationshipCache(MapperOption): @@
 def _params_from_query(query):
     """Pull the bind parameter values from a query.
     This takes into account any scalar attribute bindparam set up.
     E.g. params_from_query(query.filter(Cls.foo==5).filter(Cls.bar==7)))
     would return [5, 7].
     """
     v = []
     def visit_bindparam(bind):
         value = query._params.get(bind.key, bind.value)
         # lazyloader may dig a callable in here, intended
         # to late-evaluate params after autoflush is called.
         # convert to a scalar value.
         if callable(value):
             value = value()
         v.append(value)
     if query._criterion is not None:
         visitors.traverse(query._criterion, {}, {'bindparam':visit_bindparam})
+        visitors.traverse(query._criterion, {}, {'bindparam': visit_bindparam})
     return v

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -180,24 +180,38 @@ class UserLog(Base): @@
 class UsersGroup(Base):
     __tablename__ = 'users_groups'
     __table_args__ = {'useexisting':True}
     users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_name = Column("users_group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
     members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
     @classmethod
     def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
         if case_insensitive:
             gr = Session.query(cls)\
             .filter(cls.users_group_name.ilike(group_name))
         else:
             gr = Session.query(UsersGroup)\
                 .filter(UsersGroup.users_group_name == group_name)
         if cache:
             gr = gr.options(FromCache("sql_cache_short",
                                           "get_user_%s" % group_name))
         return gr.scalar()
 class UsersGroupMember(Base):
     __tablename__ = 'users_groups_members'
     __table_args__ = {'useexisting':True}
     users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     user = relationship('User', lazy='joined')
     users_group = relationship('UsersGroup')
     def __init__(self, gr_id='', u_id=''):
@@ @@ -217,25 +231,25 @@ class Repository(Base): @@
     private = Column("private", Boolean(), nullable=True, unique=None, default=None)
     enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)
     enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)
     description = Column("description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)
     group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)
     user = relationship('User')
     fork = relationship('Repository', remote_side=repo_id)
     group = relationship('Group')
     repo_to_perm = relationship('RepoToPerm', cascade='all', order_by='RepoToPerm.repo_to_perm_id')
-    users_group_to_perm = relationship('UsersGroupToPerm', cascade='all')
+    users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')
     stats = relationship('Statistics', cascade='all', uselist=False)
     followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')
     logs = relationship('UserLog', cascade='all')
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__,
                                   self.repo_id, self.repo_name)
     @classmethod
     def by_repo_name(cls, repo_name):
@@ @@ -368,36 +382,85 @@ class UserToPerm(Base): @@
     @classmethod
     def revoke_perm(cls, user_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         try:
             Session.query(cls).filter(cls.user_id == user_id)\
                 .filter(cls.permission == perm).delete()
             Session.commit()
         except:
             Session.rollback()
 class UsersGroupToPerm(Base):
     __tablename__ = 'users_group_to_perm'
 class UsersGroupRepoToPerm(Base):
     __tablename__ = 'users_group_repo_to_perm'
     __table_args__ = (UniqueConstraint('users_group_id', 'permission_id'), {'useexisting':True})
     users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
     users_group = relationship('UsersGroup')
     permission = relationship('Permission')
     repository = relationship('Repository')
 class UsersGroupToPerm(Base):
     __tablename__ = 'users_group_to_perm'
     users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     users_group = relationship('UsersGroup')
     permission = relationship('Permission')
     @classmethod
     def has_perm(cls, users_group_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         return Session.query(cls).filter(cls.users_group_id ==
                                          users_group_id)\
                                          .filter(cls.permission == perm)\
                                          .scalar() is not None
     @classmethod
     def grant_perm(cls, users_group_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         new = cls()
         new.users_group_id = users_group_id
         new.permission = perm
         try:
             Session.add(new)
             Session.commit()
         except:
             Session.rollback()
     @classmethod
     def revoke_perm(cls, users_group_id, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         try:
             Session.query(cls).filter(cls.users_group_id == users_group_id)\
                 .filter(cls.permission == perm).delete()
             Session.commit()
         except:
             Session.rollback()
 class GroupToPerm(Base):
     __tablename__ = 'group_to_perm'
     __table_args__ = (UniqueConstraint('group_id', 'permission_id'), {'useexisting':True})
     group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
     user = relationship('User')
     permission = relationship('Permission')
     group = relationship('Group')

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -28,103 +28,99 @@ from formencode import All @@
 from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \
     Email, Bool, StringBoolean, Set
 from pylons.i18n.translation import _
 from webhelpers.pylonslib.secure_form import authentication_token
 from rhodecode.lib.utils import repo_name_slug
 from rhodecode.lib.auth import authenticate, get_crypt_password
 from rhodecode.lib.exceptions import LdapImportError
 from rhodecode.model import meta
 from rhodecode.model.user import UserModel
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.users_group import UsersGroupModel
 from rhodecode.model.db import User, UsersGroup
 from rhodecode import BACKENDS
 log = logging.getLogger(__name__)
 #this is needed to translate the messages using _() in validators
 class State_obj(object):
     _ = staticmethod(_)
-#===============================================================================
 #==============================================================================
 # VALIDATORS
-#===============================================================================
 #==============================================================================
 class ValidAuthToken(formencode.validators.FancyValidator):
     messages = {'invalid_token':_('Token mismatch')}
     def validate_python(self, value, state):
         if value != authentication_token():
             raise formencode.Invalid(self.message('invalid_token', state,
                                             search_number=value), value, state)
 def ValidUsername(edit, old_data):
     class _ValidUsername(formencode.validators.FancyValidator):
         def validate_python(self, value, state):
             if value in ['default', 'new_user']:
                 raise formencode.Invalid(_('Invalid username'), value, state)
             #check if user is unique
             old_un = None
             if edit:
                 old_un = UserModel().get(old_data.get('user_id')).username
             if old_un != value or not edit:
                 if UserModel().get_by_username(value, cache=False,
                                                case_insensitive=True):
                     raise formencode.Invalid(_('This username already exists') ,
                                              value, state)
                     raise formencode.Invalid(_('This username already '
                                                'exists') , value, state)
             if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:
                 raise formencode.Invalid(_('Username may only contain '
                                            'alphanumeric characters underscores, '
                                            'periods or dashes and must begin with '
                                            'alphanumeric character'),
                                       value, state)
                                            'alphanumeric characters '
                                            'underscores, periods or dashes '
                                            'and must begin with alphanumeric '
                                            'character'), value, state)
     return _ValidUsername
 def ValidUsersGroup(edit, old_data):
     class _ValidUsersGroup(formencode.validators.FancyValidator):
         def validate_python(self, value, state):
             if value in ['default']:
                 raise formencode.Invalid(_('Invalid group name'), value, state)
             #check if group is unique
             old_ugname = None
             if edit:
                 old_ugname = UsersGroupModel()\
                     .get(old_data.get('users_group_id')).users_group_name
                 old_ugname = UsersGroup.get(
                             old_data.get('users_group_id')).users_group_name
             if old_ugname != value or not edit:
-                if UsersGroupModel().get_by_groupname(value, cache=False,
+                if UsersGroup.get_by_group_name(value, cache=False,
                                                case_insensitive=True):
                     raise formencode.Invalid(_('This users group already exists') ,
                                              value, state)
                     raise formencode.Invalid(_('This users group '
                                                'already exists') , value,
                                              state)
             if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:
                 raise formencode.Invalid(_('Group name may only contain '
                                            'alphanumeric characters underscores, '
                                            'periods or dashes and must begin with '
                                            'alphanumeric character'),
                                       value, state)
                                            'alphanumeric characters '
                                            'underscores, periods or dashes '
                                            'and must begin with alphanumeric '
                                            'character'), value, state)
     return _ValidUsersGroup
 class ValidPassword(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         if value:
             if value.get('password'):

rhodecode/model/meta.py

➞

Show inline comments

@@ @@ -10,24 +10,25 @@ from rhodecode.model import caching_quer @@
 cache_manager = cache.CacheManager()
 __all__ = ['Base', 'Session']
+#
 # SQLAlchemy session manager. Updated by model.init_model()
+#
 Session = scoped_session(
                 sessionmaker(
                     query_cls=caching_query.query_callable(cache_manager)
+                )
+          )
 class BaseModel(object):
     """Base Model for all classess
     """
     @classmethod
     def _get_keys(cls):
         """return column names for this model """
         return class_mapper(cls).c.keys()
     def get_dict(self):
         """return dict with keys and values corresponding

rhodecode/model/permission.py

➞

Show inline comments

@@ @@ -57,26 +57,28 @@ class PermissionModel(BaseModel): @@
         :param name: name to fetch
         :param cache: Use cache for this query
         """
         perm = self.sa.query(Permission)\
             .filter(Permission.permission_name == name)
         if cache:
             perm = perm.options(FromCache("sql_cache_short",
                                           "get_permission_%s" % name))
         return perm.scalar()
     def update(self, form_result):
         perm_user = self.sa.query(User)\
                 .filter(User.username == form_result['perm_user_name']).scalar()
         u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all()
                 .filter(User.username ==
                         form_result['perm_user_name']).scalar()
         u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==
                                                perm_user).all()
         if len(u2p) != 3:
             raise Exception('Defined: %s should be 3  permissions for default'
                             ' user. This should not happen please verify'
                             ' your database' % len(u2p))
         try:
             #stage 1 change defaults
             for p in u2p:
                 if p.permission.permission_name.startswith('repository.'):
                     p.permission = self.get_permission_by_name(
                                        form_result['default_perm'])
                     self.sa.add(p)
@@ @@ -95,18 +97,17 @@ class PermissionModel(BaseModel): @@
             if form_result['overwrite_default'] == True:
                 for r2p in self.sa.query(RepoToPerm)\
                                .filter(RepoToPerm.user == perm_user).all():
                     r2p.permission = self.get_permission_by_name(
                                          form_result['default_perm'])
                     self.sa.add(r2p)
             #stage 3 set anonymous access
             if perm_user.username == 'default':
                 perm_user.active = bool(form_result['anonymous'])
                 self.sa.add(perm_user)
             self.sa.commit()
         except (DatabaseError,):
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise

rhodecode/model/repo.py

➞

Show inline comments

@@ @@ -27,154 +27,152 @@ import shutil @@
 import logging
 import traceback
 from datetime import datetime
 from sqlalchemy.orm import joinedload, make_transient
 from vcs.utils.lazy import LazyProperty
 from vcs.backends import get_backend
 from rhodecode.model import BaseModel
 from rhodecode.model.caching_query import FromCache
 from rhodecode.model.db import Repository, RepoToPerm, User, Permission, \
-    Statistics, UsersGroup, UsersGroupToPerm, RhodeCodeUi
+    Statistics, UsersGroup, UsersGroupRepoToPerm, RhodeCodeUi
 from rhodecode.model.user import UserModel
 from rhodecode.model.users_group import UsersGroupMember, UsersGroupModel
 log = logging.getLogger(__name__)
 class RepoModel(BaseModel):
     @LazyProperty
     def repos_path(self):
         """Get's the repositories root path from database
         """
         q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()
         return q.ui_value
     def get(self, repo_id, cache=False):
         repo = self.sa.query(Repository)\
             .filter(Repository.repo_id == repo_id)
         if cache:
             repo = repo.options(FromCache("sql_cache_short",
                                           "get_repo_%s" % repo_id))
         return repo.scalar()
     def get_by_repo_name(self, repo_name, cache=False):
         repo = self.sa.query(Repository)\
             .filter(Repository.repo_name == repo_name)
         if cache:
             repo = repo.options(FromCache("sql_cache_short",
                                           "get_repo_%s" % repo_name))
         return repo.scalar()
     def get_full(self, repo_name, cache=False, invalidate=False):
         repo = self.sa.query(Repository)\
             .options(joinedload(Repository.fork))\
             .options(joinedload(Repository.user))\
             .filter(Repository.repo_name == repo_name)\
         if cache:
             repo = repo.options(FromCache("sql_cache_long",
                                           "get_repo_full_%s" % repo_name))
         if invalidate and cache:
             repo.invalidate()
         ret = repo.scalar()
         #make transient for sake of errors
         make_transient(ret)
         for k in ['fork', 'user']:
             attr = getattr(ret, k, False)
             if attr:
                 make_transient(attr)
         return ret
     def get_users_js(self):
         users = self.sa.query(User).filter(User.active == True).all()
         u_tmpl = '''{id:%s, fname:"%s", lname:"%s", nname:"%s"},'''
         users_array = '[%s]' % '\n'.join([u_tmpl % (u.user_id, u.name,
                                                     u.lastname, u.username)
                                         for u in users])
         return users_array
     def get_users_groups_js(self):
         users_groups = self.sa.query(UsersGroup)\
             .filter(UsersGroup.users_group_active == True).all()
         g_tmpl = '''{id:%s, grname:"%s",grmembers:"%s"},'''
         users_groups_array = '[%s]' % '\n'.join([g_tmpl % \
                                     (gr.users_group_id, gr.users_group_name,
                                      len(gr.members))
                                         for gr in users_groups])
         return users_groups_array
     def update(self, repo_name, form_data):
         try:
             cur_repo = self.get_by_repo_name(repo_name, cache=False)
             user_model = UserModel(self.sa)
             users_group_model = UsersGroupModel(self.sa)
             #update permissions
             for member, perm, member_type in form_data['perms_updates']:
                 if member_type == 'user':
                     r2p = self.sa.query(RepoToPerm)\
                             .filter(RepoToPerm.user == user_model.get_by_username(member))\
                             .filter(RepoToPerm.user == user_model.
                                     get_by_username(member))\
                             .filter(RepoToPerm.repository == cur_repo)\
                             .one()
                     r2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.permission_name == perm)\
                                         .scalar()
                                         .filter(Permission.permission_name ==
                                                 perm).scalar()
                     self.sa.add(r2p)
                 else:
                     g2p = self.sa.query(UsersGroupToPerm)\
                             .filter(UsersGroupToPerm.users_group == users_group_model.get_by_groupname(member))\
                             .filter(UsersGroupToPerm.repository == cur_repo)\
                             .one()
                     g2p = self.sa.query(UsersGroupRepoToPerm)\
                             .filter(UsersGroupRepoToPerm.users_group ==
                                     UsersGroup.get_by_group_name(member))\
                             .filter(UsersGroupRepoToPerm.repository ==
                                     cur_repo).one()
                     g2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.permission_name == perm)\
                                         .scalar()
                                         .filter(Permission.permission_name ==
                                                 perm).scalar()
                     self.sa.add(g2p)
             #set new permissions
             for member, perm, member_type in form_data['perms_new']:
                 if member_type == 'user':
                     r2p = RepoToPerm()
                     r2p.repository = cur_repo
                     r2p.user = user_model.get_by_username(member)
                     r2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.permission_name == perm)\
                                         .scalar()
                                         .filter(Permission.
                                                 permission_name == perm)\
                                                 .scalar()
                     self.sa.add(r2p)
                 else:
-                    g2p = UsersGroupToPerm()
+                    g2p = UsersGroupRepoToPerm()
                     g2p.repository = cur_repo
-                    g2p.users_group = users_group_model.get_by_groupname(member)
+                    g2p.users_group = UsersGroup.get_by_group_name(member)
                     g2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.permission_name == perm)\
                                         .scalar()
                                         .filter(Permission.
                                                 permission_name == perm)\
                                                 .scalar()
                     self.sa.add(g2p)
             #update current repo
             for k, v in form_data.items():
                 if k == 'user':
                     cur_repo.user = user_model.get(v)
                 else:
                     setattr(cur_repo, k, v)
             self.sa.add(cur_repo)
             if repo_name != form_data['repo_name']:
@@ @@ -267,47 +265,46 @@ class RepoModel(BaseModel): @@
             self.sa.query(RepoToPerm)\
                 .filter(RepoToPerm.repository \
                         == self.get_by_repo_name(repo_name))\
                 .filter(RepoToPerm.user_id == form_data['user_id']).delete()
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def delete_perm_users_group(self, form_data, repo_name):
         try:
             self.sa.query(UsersGroupToPerm)\
                 .filter(UsersGroupToPerm.repository \
             self.sa.query(UsersGroupRepoToPerm)\
                 .filter(UsersGroupRepoToPerm.repository \
                         == self.get_by_repo_name(repo_name))\
-                .filter(UsersGroupToPerm.users_group_id \
+                .filter(UsersGroupRepoToPerm.users_group_id \
                         == form_data['users_group_id']).delete()
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def delete_stats(self, repo_name):
         try:
             self.sa.query(Statistics)\
                 .filter(Statistics.repository == \
                         self.get_by_repo_name(repo_name)).delete()
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def __create_repo(self, repo_name, alias, clone_uri=False):
         """
         makes repository on filesystem
         :param repo_name:
         :param alias:
         """
         from rhodecode.lib.utils import check_repo
         repo_path = os.path.join(self.repos_path, repo_name)
         if check_repo(repo_name, self.repos_path):
             log.info('creating repo %s in %s @ %s', repo_name, repo_path,
                     clone_uri)

rhodecode/model/users_group.py

➞

Show inline comments

@@ @@ -23,53 +23,36 @@ @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from pylons.i18n.translation import _
 from rhodecode.model import BaseModel
 from rhodecode.model.caching_query import FromCache
 from rhodecode.model.db import UsersGroup, UsersGroupMember
 from sqlalchemy.exc import DatabaseError
 log = logging.getLogger(__name__)
 class UsersGroupModel(BaseModel):
     def get(self, users_group_id, cache=False):
         users_group = self.sa.query(UsersGroup)
         if cache:
             users_group = users_group.options(FromCache("sql_cache_short",
-                                          "get_users_group_%s" % users_group_id))
                                     "get_users_group_%s" % users_group_id))
         return users_group.get(users_group_id)
     def get_by_groupname(self, users_group_name, cache=False,
                          case_insensitive=False):
         if case_insensitive:
             user = self.sa.query(UsersGroup)\
             .filter(UsersGroup.users_group_name.ilike(users_group_name))
         else:
             user = self.sa.query(UsersGroup)\
                 .filter(UsersGroup.users_group_name == users_group_name)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % users_group_name))
         return user.scalar()
     def create(self, form_data):
         try:
             new_users_group = UsersGroup()
             for k, v in form_data.items():
                 setattr(new_users_group, k, v)
             self.sa.add(new_users_group)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
@@ @@ -77,26 +60,27 @@ class UsersGroupModel(BaseModel): @@
     def update(self, users_group_id, form_data):
         try:
             users_group = self.get(users_group_id, cache=False)
             for k, v in form_data.items():
                 if k == 'users_group_members':
                     users_group.members = []
                     self.sa.flush()
                     members_list = []
                     if v:
                         for u_id in set(v):
                             members_list.append(UsersGroupMember(users_group_id,
                                                              u_id))
                             members_list.append(UsersGroupMember(
                                                             users_group_id,
                                                             u_id))
                     setattr(users_group, 'members', members_list)
                 setattr(users_group, k, v)
             self.sa.add(users_group)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise
     def delete(self, users_group_id):
         try:

rhodecode/templates/admin/users_groups/users_group_edit.html

➞

Show inline comments

@@ @@ -238,33 +238,33 @@ ${h.end_form()} @@
                 var choosen = D.get(selected_container);
                 for (var i = 0; i < choosen.options.length; i++) {
                     choosen.options[i].selected = 'selected';
+                }
             })
         });
 </script>
 <div class="box box-right">
     <!-- box / title -->
     <div class="title">
         <h5>${_('Permissions')}</h5>
     </div>
-    ${h.form(url('xxx', id=''),method='put')}
+    ${h.form(url('users_group_perm', id=c.users_group.users_group_id), method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
              <div class="field">
                 <div class="label label-checkbox">
                     <label for="">${_('Create repositories')}:</label>
                 </div>
                 <div class="checkboxes">
-                    ${h.checkbox('create',value=True)}
+                    ${h.checkbox('create_repo_perm',value=True)}
                 </div>
              </div>
             <div class="buttons">
               ${h.submit('save','Save',class_="ui-button")}
               ${h.reset('reset','Reset',class_="ui-button")}
             </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>
@@ \ No newline at end of file @@

0 comments (0 inline, 0 general)