kallithea Changeset - f14fd4cbb488

Changeset - f14fd4cbb488

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Mads Kiilerich - 5 years ago 2020-08-23 14:46:06
mads@kiilerich.com

auth: compute AuthUser.repository_group_permissions lazily

1 file changed with 48 insertions and 50 deletions:

kallithea/lib/auth.py

0 comments (0 inline, 0 general)

kallithea/lib/auth.py

➞

Show inline comments

@@ @@ -131,14 +131,11 @@ def bump_permission(permissions, key, ne @@
         permissions[key] = new_perm
 def get_user_permissions(user_id, user_is_admin):
     repository_group_permissions = {}
     user_group_permissions = {}
     #======================================================================
     # fetch default permissions
     #======================================================================
     default_repo_groups_perms = Permission.get_default_group_perms(kallithea.DEFAULT_USER_ID)
     default_user_group_perms = Permission.get_default_user_group_perms(kallithea.DEFAULT_USER_ID)
     if user_is_admin:
@@ @@ -147,30 +144,17 @@ def get_user_permissions(user_id, user_i @@
         # based on default permissions, just set everything to admin
         #==================================================================
         # repository groups
         for perm in default_repo_groups_perms:
             rg_k = perm.group.group_name
             p = 'group.admin'
             repository_group_permissions[rg_k] = p
         # user groups
         for perm in default_user_group_perms:
             u_k = perm.user_group.users_group_name
             p = 'usergroup.admin'
             user_group_permissions[u_k] = p
-        return (repository_group_permissions, user_group_permissions)
         return (user_group_permissions)
     #==================================================================
     # SET DEFAULTS GLOBAL, REPOS, REPOSITORY GROUPS
     #==================================================================
     # defaults for repository groups taken from default user permission
     # on given group
     for perm in default_repo_groups_perms:
         rg_k = perm.group.group_name
         p = perm.permission.permission_name
         repository_group_permissions[rg_k] = p
     # defaults for user groups taken from default user permission
     # on given user group
     for perm in default_user_group_perms:
@@ @@ -179,37 +163,6 @@ def get_user_permissions(user_id, user_i @@
         user_group_permissions[u_k] = p
     #======================================================================
     # !! PERMISSIONS FOR REPOSITORY GROUPS !!
     #======================================================================
     #======================================================================
     # check if user is part of user groups for this repository groups and
     # fill in his permission from it.
     #======================================================================
     # user group for repo groups permissions
     user_repo_group_perms_from_users_groups = \
      Session().query(UserGroupRepoGroupToPerm) \
      .join((UserGroup, UserGroupRepoGroupToPerm.users_group_id ==
             UserGroup.users_group_id)) \
      .filter(UserGroup.users_group_active == True) \
      .join((UserGroupMember, UserGroupRepoGroupToPerm.users_group_id
             == UserGroupMember.users_group_id)) \
      .filter(UserGroupMember.user_id == user_id) \
      .options(joinedload(UserGroupRepoGroupToPerm.permission)) \
      .all()
     for perm in user_repo_group_perms_from_users_groups:
         bump_permission(repository_group_permissions,
             perm.group.group_name,
             perm.permission.permission_name)
     # user explicit permissions for repository groups
     user_repo_groups_perms = Permission.get_default_group_perms(user_id)
     for perm in user_repo_groups_perms:
         bump_permission(repository_group_permissions,
             perm.group.group_name,
             perm.permission.permission_name)
     #======================================================================
     # !! PERMISSIONS FOR USER GROUPS !!
     #======================================================================
     # user group for user group permissions
@@ @@ -238,7 +191,7 @@ def get_user_permissions(user_id, user_i @@
             perm.user_group.users_group_name,
             perm.permission.permission_name)
-    return (repository_group_permissions, user_group_permissions)
     return (user_group_permissions)
 class AuthUser(object):
@@ @@ -327,7 +280,7 @@ class AuthUser(object): @@
         log.debug('Auth User is now %s', self)
         log.debug('Getting PERMISSION tree for %s', self)
-        (self.repository_group_permissions, self.user_group_permissions,
         (self.user_group_permissions,
         )= get_user_permissions(self.user_id, self.is_admin)
     @LazyProperty
@@ @@ -431,6 +384,51 @@ class AuthUser(object): @@
         return repository_permissions
     @LazyProperty
     def repository_group_permissions(self):
         log.debug('Getting repository group permissions for %s', self)
         repository_group_permissions = {}
         default_repo_groups_perms = Permission.get_default_group_perms(kallithea.DEFAULT_USER_ID)
         if self.is_admin:
             for perm in default_repo_groups_perms:
                 rg_k = perm.group.group_name
                 p = 'group.admin'
                 repository_group_permissions[rg_k] = p
         else:
             # defaults for repository groups taken from default user permission
             # on given group
             for perm in default_repo_groups_perms:
                 rg_k = perm.group.group_name
                 p = perm.permission.permission_name
                 repository_group_permissions[rg_k] = p
             # user group for repo groups permissions
             user_repo_group_perms_from_users_groups = \
                 Session().query(UserGroupRepoGroupToPerm) \
                 .join((UserGroup, UserGroupRepoGroupToPerm.users_group_id ==
                        UserGroup.users_group_id)) \
                 .filter(UserGroup.users_group_active == True) \
                 .join((UserGroupMember, UserGroupRepoGroupToPerm.users_group_id
                        == UserGroupMember.users_group_id)) \
                 .filter(UserGroupMember.user_id == self.user_id) \
                 .options(joinedload(UserGroupRepoGroupToPerm.permission)) \
                 .all()
             for perm in user_repo_group_perms_from_users_groups:
                 bump_permission(repository_group_permissions,
                     perm.group.group_name,
                     perm.permission.permission_name)
             # user explicit permissions for repository groups
             user_repo_groups_perms = Permission.get_default_group_perms(self.user_id)
             for perm in user_repo_groups_perms:
                 bump_permission(repository_group_permissions,
                     perm.group.group_name,
                     perm.permission.permission_name)
         return repository_group_permissions
     @LazyProperty
     def permissions(self):
         """dict with all 4 kind of permissions - mainly for backwards compatibility"""
         return {

0 comments (0 inline, 0 general)