kallithea Changeset - f43dc1913984

Changeset - f43dc1913984

Parent rev.

Child rev.

[Not reviewed]

default

0 4 0

Mads Kiilerich - 10 years ago 2015-07-20 15:08:08
madski@unity3d.com

auth: various minor cleanup

4 files changed with 22 insertions and 20 deletions:

kallithea/controllers/admin/repo_groups.py

kallithea/controllers/admin/repos.py

kallithea/lib/auth.py

kallithea/model/db.py

0 comments (0 inline, 0 general)

kallithea/controllers/admin/repo_groups.py

➞

Show inline comments

@@ @@ -58,7 +58,6 @@ log = logging.getLogger(__name__) @@
 class RepoGroupsController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     @LoginRequired()
     def __before__(self):

kallithea/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -37,7 +37,7 @@ from sqlalchemy.sql.expression import fu @@
 from kallithea.lib import helpers as h
 from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator, \
     HasRepoPermissionAllDecorator, NotAnonymous,HasPermissionAny, \
+    HasRepoPermissionAllDecorator, NotAnonymous, HasPermissionAny, \
     HasRepoGroupPermissionAny, HasRepoPermissionAnyDecorator
 from kallithea.lib.base import BaseRepoController, render
 from kallithea.lib.utils import action_logger, repo_name_slug, jsonify
@@ @@ -137,7 +137,7 @@ class ReposController(BaseRepoController @@
         form_result = {}
         task_id = None
         try:
-            # CanWriteToGroup validators checks permissions of this POST
+            # CanWriteGroup validators checks permissions of this POST
             form_result = RepoForm(repo_groups=c.repo_groups_choices,
                                    landing_revs=c.landing_revs_choices)()\
                             .to_python(dict(request.POST))
@@ @@ -149,6 +149,7 @@ class ReposController(BaseRepoController @@
             if isinstance(task, BaseAsyncResult):
                 task_id = task.task_id
         except formencode.Invalid, errors:
             log.info(errors)
             return htmlfill.render(
                 render('admin/repos/repo_add.html'),
                 defaults=errors.value,
@@ @@ -290,6 +291,7 @@ class ReposController(BaseRepoController @@
                               changed_name, self.ip_addr, self.sa)
             Session().commit()
         except formencode.Invalid, errors:
             log.info(errors)
             defaults = self.__load_data(repo_name)
             defaults.update(errors.value)
             c.users_array = repo_model.get_users_js()

kallithea/lib/auth.py

➞

Show inline comments

@@ @@ -178,8 +178,8 @@ def _cached_perms_data(user_id, user_is_ @@
     if user_is_admin:
         #==================================================================
         # admin user have all default rights for repositories
         # and groups set to admin
         # admin users have all rights;
         # based on default permissions, just set everything to admin
         #==================================================================
         permissions[GLOBAL].add('hg.admin')
         permissions[GLOBAL].add('hg.create.write_on_repogroup.true')
@@ @@ -206,7 +206,6 @@ def _cached_perms_data(user_id, user_is_ @@
     #==================================================================
     # SET DEFAULTS GLOBAL, REPOS, REPOSITORY GROUPS
     #==================================================================
     uid = user_id
     # default global permissions taken from the default user
     default_global_perms = UserToPerm.query()\
@@ @@ -219,10 +218,10 @@ def _cached_perms_data(user_id, user_is_ @@
     # defaults for repositories, taken from default user
     for perm in default_repo_perms:
         r_k = perm.UserRepoToPerm.repository.repo_name
-        if perm.Repository.private and not (perm.Repository.user_id == uid):
+        if perm.Repository.private and not (perm.Repository.user_id == user_id):
             # disable defaults for private repos,
             p = 'repository.none'
-        elif perm.Repository.user_id == uid:
+        elif perm.Repository.user_id == user_id:
             # set admin if owner
             p = 'repository.admin'
         else:
@@ @@ -260,7 +259,7 @@ def _cached_perms_data(user_id, user_is_ @@
         .options(joinedload(UserGroupToPerm.permission))\
         .join((UserGroupMember, UserGroupToPerm.users_group_id ==
                UserGroupMember.users_group_id))\
-        .filter(UserGroupMember.user_id == uid)\
+        .filter(UserGroupMember.user_id == user_id)\
         .join((UserGroup, UserGroupMember.users_group_id ==
                UserGroup.users_group_id))\
         .filter(UserGroup.users_group_active == True)\
@@ @@ -286,7 +285,7 @@ def _cached_perms_data(user_id, user_is_ @@
     # user specific global permissions
     user_perms = Session().query(UserToPerm)\
             .options(joinedload(UserToPerm.permission))\
-            .filter(UserToPerm.user_id == uid).all()
+            .filter(UserToPerm.user_id == user_id).all()
     if not user_inherit_default_permissions:
         # NEED TO IGNORE all configurable permissions and
@@ @@ -319,7 +318,7 @@ def _cached_perms_data(user_id, user_is_ @@
         .filter(UserGroup.users_group_active == True)\
         .join((UserGroupMember, UserGroupRepoToPerm.users_group_id ==
                UserGroupMember.users_group_id))\
-        .filter(UserGroupMember.user_id == uid)\
+        .filter(UserGroupMember.user_id == user_id)\
         .all()
     multiple_counter = collections.defaultdict(int)
@@ @@ -329,7 +328,7 @@ def _cached_perms_data(user_id, user_is_ @@
         p = perm.Permission.permission_name
         cur_perm = permissions[RK][r_k]
-        if perm.Repository.user_id == uid:
+        if perm.Repository.user_id == user_id:
             # set admin if owner
             p = 'repository.admin'
         else:
@@ @@ -339,12 +338,12 @@ def _cached_perms_data(user_id, user_is_ @@
     # user explicit permissions for repositories, overrides any specified
     # by the group permission
-    user_repo_perms = Permission.get_default_perms(uid)
+    user_repo_perms = Permission.get_default_perms(user_id)
     for perm in user_repo_perms:
         r_k = perm.UserRepoToPerm.repository.repo_name
         cur_perm = permissions[RK][r_k]
         # set admin if owner
-        if perm.Repository.user_id == uid:
+        if perm.Repository.user_id == user_id:
             p = 'repository.admin'
         else:
             p = perm.Permission.permission_name
@@ @@ -371,7 +370,7 @@ def _cached_perms_data(user_id, user_is_ @@
      .filter(UserGroup.users_group_active == True)\
      .join((UserGroupMember, UserGroupRepoGroupToPerm.users_group_id
             == UserGroupMember.users_group_id))\
-     .filter(UserGroupMember.user_id == uid)\
+     .filter(UserGroupMember.user_id == user_id)\
      .all()
     multiple_counter = collections.defaultdict(int)
@@ @@ -385,7 +384,7 @@ def _cached_perms_data(user_id, user_is_ @@
         permissions[GK][g_k] = p
     # user explicit permissions for repository groups
-    user_repo_groups_perms = Permission.get_default_group_perms(uid)
+    user_repo_groups_perms = Permission.get_default_group_perms(user_id)
     for perm in user_repo_groups_perms:
         rg_k = perm.UserRepoGroupToPerm.group.group_name
         p = perm.Permission.permission_name
@@ @@ -406,7 +405,7 @@ def _cached_perms_data(user_id, user_is_ @@
             == Permission.permission_id))\
      .join((UserGroupMember, UserGroupUserGroupToPerm.user_group_id
             == UserGroupMember.users_group_id))\
-     .filter(UserGroupMember.user_id == uid)\
+     .filter(UserGroupMember.user_id == user_id)\
      .join((UserGroup, UserGroupMember.users_group_id ==
             UserGroup.users_group_id), aliased=True, from_joinpoint=True)\
      .filter(UserGroup.users_group_active == True)\
@@ @@ -423,7 +422,7 @@ def _cached_perms_data(user_id, user_is_ @@
         permissions[UK][g_k] = p
     #user explicit permission for user groups
-    user_user_groups_perms = Permission.get_default_user_group_perms(uid)
+    user_user_groups_perms = Permission.get_default_user_group_perms(user_id)
     for perm in user_user_groups_perms:
         u_k = perm.UserUserGroupToPerm.user_group.users_group_name
         p = perm.Permission.permission_name
@@ @@ -480,9 +479,9 @@ class AuthUser(object): @@
             is_external_auth=False):
         self.user_id = user_id
         self._api_key = api_key
+        self._api_key = api_key # API key passed as parameter
         self.api_key = None
+        self.api_key = None # API key set by user_model.fill_data
         self.username = username
         self.name = ''
         self.lastname = ''

kallithea/model/db.py

➞

Show inline comments

@@ @@ -1742,6 +1742,7 @@ class Permission(Base, BaseModel): @@
         'usergroup.read': 1,
         'usergroup.write': 3,
         'usergroup.admin': 4,
         'hg.repogroup.create.false': 0,
         'hg.repogroup.create.true': 1,
@@ @@ -1750,6 +1751,7 @@ class Permission(Base, BaseModel): @@
         'hg.fork.none': 0,
         'hg.fork.repository': 1,
         'hg.create.none': 0,
         'hg.create.repository': 1
+    }

0 comments (0 inline, 0 general)