self.sa = sa

        else:

            self.sa = meta.Session()

        """

        user = User.guess_instance(user)

        repo = Repository.guess_instance(repo)

        # check if we have that permission already

        obj = self.sa.query(UserRepoToPerm) \

        """

        repo = Repository.guess_instance(repo)

        group_name = self._get_user_group(group_name)

        # check if we have that permission already

        obj = self.sa.query(UserGroupRepoToPerm) \

    def add_permission(self, repo_group, obj, obj_type, perm, recursive):

        from kallithea.model.repo import RepoModel

        repo_group = self._get_repo_group(repo_group)

        for el in repo_group.recursive_groups_and_repos():

            # iterated obj is an instance of a repos group or repository in

        repo_group = self._get_repo_group(repo_group)

        user = User.guess_instance(user)

        # check if we have that permission already

        obj = self.sa.query(UserRepoGroupToPerm) \

        """

        repo_group = self._get_repo_group(repo_group)

        group_name = self._get_user_group(group_name)

        # check if we have that permission already

        obj = self.sa.query(UserGroupRepoGroupToPerm) \

from kallithea.lib.utils2 import safe_str, generate_api_key, get_current_authuser

from kallithea.lib.caching_query import FromCache

from kallithea.model.base import BaseModel

    UserEmailMap, UserIpMap

from kallithea.lib.exceptions import DefaultUserException, \

    UserOwnsReposException

        return True

    def has_perm(self, user, perm):

        user = User.guess_instance(user)

        return UserToPerm.query().filter(UserToPerm.user == user) \

        :param perm:

        """

        user = User.guess_instance(user)

        # if this permission is already granted skip it

        _perm = UserToPerm.query() \

            .filter(UserToPerm.user == user) \

        :param perm:

        """

        user = User.guess_instance(user)

        UserToPerm.query().filter(

            UserToPerm.user == user,

    def has_perm(self, user_group, perm):

        user_group = self._get_user_group(user_group)

        return UserGroupToPerm.query() \

            .filter(UserGroupToPerm.users_group == user_group) \

    def grant_perm(self, user_group, perm):

        user_group = self._get_user_group(user_group)

        # if this permission is already granted skip it

        _perm = UserGroupToPerm.query() \

    def revoke_perm(self, user_group, perm):

        user_group = self._get_user_group(user_group)

        obj = UserGroupToPerm.query() \

            .filter(UserGroupToPerm.users_group == user_group) \

        user_group = self._get_user_group(user_group)

        user = User.guess_instance(user)

        # check if we have that permission already

        obj = self.sa.query(UserUserGroupToPerm) \

        """

        target_user_group = self._get_user_group(target_user_group)

        user_group = self._get_user_group(user_group)

        # forbid assigning same user group to itself

        if target_user_group == user_group:

            raise RepoGroupAssignmentError('target repo:%s cannot be '