Beispiel #1
0
    def grant_users_group_permission(self, repo, group_name, perm):
        """
        Grant permission for users group on given repository, or update
        existing one if found

        :param repo: Instance of Repository, repository_id, or repository name
        :param group_name: Instance of UserGroup, users_group_id,
            or users group name
        :param perm: Instance of Permission, or permission_name
        """
        repo = self.__get_repo(repo)
        group_name = self.__get_users_group(group_name)
        permission = self.__get_perm(perm)

        # check if we have that permission already
        obj = self.sa.query(UsersGroupRepoToPerm)\
            .filter(UsersGroupRepoToPerm.users_group == group_name)\
            .filter(UsersGroupRepoToPerm.repository == repo)\
            .scalar()

        if obj is None:
            # create new
            obj = UsersGroupRepoToPerm()

        obj.repository = repo
        obj.users_group = group_name
        obj.permission = permission
        self.sa.add(obj)
Beispiel #2
0
    def grant_users_group_permission(self, repo, group_name, perm):
        """
        Grant permission for users group on given repository, or update
        existing one if found

        :param repo: Instance of Repository, repository_id, or repository name
        :param group_name: Instance of UserGroup, users_group_id,
            or users group name
        :param perm: Instance of Permission, or permission_name
        """
        repo = self.__get_repo(repo)
        group_name = self.__get_users_group(group_name)
        permission = self.__get_perm(perm)

        # check if we have that permission already
        obj = (
            self.sa.query(UsersGroupRepoToPerm)
            .filter(UsersGroupRepoToPerm.users_group == group_name)
            .filter(UsersGroupRepoToPerm.repository == repo)
            .scalar()
        )

        if obj is None:
            # create new
            obj = UsersGroupRepoToPerm()

        obj.repository = repo
        obj.users_group = group_name
        obj.permission = permission
        self.sa.add(obj)
Beispiel #3
0
 def update_users_group_permission(self, repository, users_group,
                                   permission):
     permission = Permission.get_by_key(permission)
     current = self.get_users_group_permission(repository, users_group)
     if current:
         if not current.permission is permission:
             current.permission = permission
     else:
         p = UsersGroupRepoToPerm()
         p.users_group = users_group
         p.repository = repository
         p.permission = permission
         self.sa.add(p)
Beispiel #4
0
 def update_users_group_permission(self, repository, users_group, permission):
     permission = Permission.get_by_key(permission)
     current = self.get_users_group_permission(repository, users_group)
     if current:
         if not current.permission is permission:
             current.permission = permission
     else:
         p = UsersGroupRepoToPerm()
         p.users_group = users_group
         p.repository = repository
         p.permission = permission
         self.sa.add(p)
     Session.commit()
Beispiel #5
0
    def _load_data(self, id):
        c.users_group.permissions = {
            'repositories': {},
            'repositories_groups': {}
        }

        ugroup_repo_perms = UsersGroupRepoToPerm.query()\
            .options(joinedload(UsersGroupRepoToPerm.permission))\
            .options(joinedload(UsersGroupRepoToPerm.repository))\
            .filter(UsersGroupRepoToPerm.users_group_id == id)\
            .all()

        for gr in ugroup_repo_perms:
            c.users_group.permissions['repositories'][gr.repository.repo_name]  \
                = gr.permission.permission_name

        ugroup_group_perms = UsersGroupRepoGroupToPerm.query()\
            .options(joinedload(UsersGroupRepoGroupToPerm.permission))\
            .options(joinedload(UsersGroupRepoGroupToPerm.group))\
            .filter(UsersGroupRepoGroupToPerm.users_group_id == id)\
            .all()

        for gr in ugroup_group_perms:
            c.users_group.permissions['repositories_groups'][gr.group.group_name] \
                = gr.permission.permission_name

        c.group_members_obj = [x.user for x in c.users_group.members]
        c.group_members = [(x.user_id, x.username) for x in
                           c.group_members_obj]
        c.available_members = [(x.user_id, x.username) for x in
                               User.query().all()]
Beispiel #6
0
 def get_users_group_permission(self, repository, users_group):
     return (
         UsersGroupRepoToPerm.query()
         .filter(UsersGroupRepoToPerm.users_group == users_group)
         .filter(UsersGroupRepoToPerm.repository == repository)
         .scalar()
     )
Beispiel #7
0
    def delete(self, users_group, force=False):
        """
        Deletes repos group, unless force flag is used
        raises exception if there are members in that group, else deletes
        group and users

        :param users_group:
        :param force:
        """
        try:
            users_group = self.__get_users_group(users_group)

            # check if this group is not assigned to repo
            assigned_groups = UsersGroupRepoToPerm.query()\
                .filter(UsersGroupRepoToPerm.users_group == users_group).all()

            if assigned_groups and force is False:
                raise UsersGroupsAssignedException('RepoGroup assigned to %s' %
                                                   assigned_groups)

            self.sa.delete(users_group)
        except:
            log.error(traceback.format_exc())
            raise
Beispiel #8
0
 def get_users_group_permission(self, repository, users_group):
     return UsersGroupRepoToPerm.query() \
             .filter(UsersGroupRepoToPerm.users_group == users_group) \
             .filter(UsersGroupRepoToPerm.repository == repository) \
             .scalar()
Beispiel #9
0
    def update(self, repo_name, form_data):
        try:
            cur_repo = self.get_by_repo_name(repo_name, cache=False)

            # update permissions
            for member, perm, member_type in form_data["perms_updates"]:
                if member_type == "user":
                    r2p = (
                        self.sa.query(RepoToPerm)
                        .filter(RepoToPerm.user == User.by_username(member))
                        .filter(RepoToPerm.repository == cur_repo)
                        .one()
                    )

                    r2p.permission = self.sa.query(Permission).filter(Permission.permission_name == perm).scalar()
                    self.sa.add(r2p)
                else:
                    g2p = (
                        self.sa.query(UsersGroupRepoToPerm)
                        .filter(UsersGroupRepoToPerm.users_group == UsersGroup.get_by_group_name(member))
                        .filter(UsersGroupRepoToPerm.repository == cur_repo)
                        .one()
                    )

                    g2p.permission = self.sa.query(Permission).filter(Permission.permission_name == perm).scalar()
                    self.sa.add(g2p)

            # set new permissions
            for member, perm, member_type in form_data["perms_new"]:
                if member_type == "user":
                    r2p = RepoToPerm()
                    r2p.repository = cur_repo
                    r2p.user = User.by_username(member)

                    r2p.permission = self.sa.query(Permission).filter(Permission.permission_name == perm).scalar()
                    self.sa.add(r2p)
                else:
                    g2p = UsersGroupRepoToPerm()
                    g2p.repository = cur_repo
                    g2p.users_group = UsersGroup.get_by_group_name(member)
                    g2p.permission = self.sa.query(Permission).filter(Permission.permission_name == perm).scalar()
                    self.sa.add(g2p)

            # update current repo
            for k, v in form_data.items():
                if k == "user":
                    cur_repo.user = User.by_username(v)
                elif k == "repo_name":
                    cur_repo.repo_name = form_data["repo_name_full"]
                elif k == "repo_group":
                    cur_repo.group_id = v

                else:
                    setattr(cur_repo, k, v)

            self.sa.add(cur_repo)

            if repo_name != form_data["repo_name_full"]:
                # rename repository
                self.__rename_repo(old=repo_name, new=form_data["repo_name_full"])

            self.sa.commit()
        except:
            log.error(traceback.format_exc())
            self.sa.rollback()
            raise
Beispiel #10
0
    def create(self, form_data, cur_user, just_db=False, fork=False):
        from rhodecode.model.scm import ScmModel

        try:
            if fork:
                fork_parent_id = form_data['fork_parent_id']

            # repo name is just a name of repository
            # while repo_name_full is a full qualified name that is combined
            # with name and path of group
            repo_name = form_data['repo_name']
            repo_name_full = form_data['repo_name_full']

            new_repo = Repository()
            new_repo.enable_statistics = False

            for k, v in form_data.items():
                if k == 'repo_name':
                    v = repo_name_full
                if k == 'repo_group':
                    k = 'group_id'
                if k == 'description':
                    v = v or repo_name

                setattr(new_repo, k, v)

            if fork:
                parent_repo = Repository.get(fork_parent_id)
                new_repo.fork = parent_repo

            new_repo.user_id = cur_user.user_id
            self.sa.add(new_repo)

            def _create_default_perms():
                # create default permission
                repo_to_perm = UserRepoToPerm()
                default = 'repository.read'
                for p in User.get_by_username('default').user_perms:
                    if p.permission.permission_name.startswith('repository.'):
                        default = p.permission.permission_name
                        break

                default_perm = 'repository.none' if form_data[
                    'private'] else default

                repo_to_perm.permission_id = self.sa.query(Permission)\
                        .filter(Permission.permission_name == default_perm)\
                        .one().permission_id

                repo_to_perm.repository = new_repo
                repo_to_perm.user_id = User.get_by_username('default').user_id

                self.sa.add(repo_to_perm)

            if fork:
                if form_data.get('copy_permissions'):
                    repo = Repository.get(fork_parent_id)
                    user_perms = UserRepoToPerm.query()\
                        .filter(UserRepoToPerm.repository == repo).all()
                    group_perms = UsersGroupRepoToPerm.query()\
                        .filter(UsersGroupRepoToPerm.repository == repo).all()

                    for perm in user_perms:
                        UserRepoToPerm.create(perm.user, new_repo,
                                              perm.permission)

                    for perm in group_perms:
                        UsersGroupRepoToPerm.create(perm.users_group, new_repo,
                                                    perm.permission)
                else:
                    _create_default_perms()
            else:
                _create_default_perms()

            if not just_db:
                self.__create_repo(repo_name, form_data['repo_type'],
                                   form_data['repo_group'],
                                   form_data['clone_uri'])
                log_create_repository(new_repo.get_dict(),
                                      created_by=cur_user.username)

            # now automatically start following this repository as owner
            ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
                                                    cur_user.user_id)
            return new_repo
        except:
            log.error(traceback.format_exc())
            raise
Beispiel #11
0
    def update(self, repo_name, form_data):
        try:
            cur_repo = self.get_by_repo_name(repo_name, cache=False)

            # update permissions
            for member, perm, member_type in form_data['perms_updates']:
                if member_type == 'user':
                    r2p = self.sa.query(RepoToPerm)\
                            .filter(RepoToPerm.user == User.get_by_username(member))\
                            .filter(RepoToPerm.repository == cur_repo)\
                            .one()

                    r2p.permission = self.sa.query(Permission)\
                                        .filter(Permission.permission_name ==
                                                perm).scalar()
                    self.sa.add(r2p)
                else:
                    g2p = self.sa.query(UsersGroupRepoToPerm)\
                            .filter(UsersGroupRepoToPerm.users_group ==
                                    UsersGroup.get_by_group_name(member))\
                            .filter(UsersGroupRepoToPerm.repository ==
                                    cur_repo).one()

                    g2p.permission = self.sa.query(Permission)\
                                        .filter(Permission.permission_name ==
                                                perm).scalar()
                    self.sa.add(g2p)

            # set new permissions
            for member, perm, member_type in form_data['perms_new']:
                if member_type == 'user':
                    r2p = RepoToPerm()
                    r2p.repository = cur_repo
                    r2p.user = User.get_by_username(member)

                    r2p.permission = self.sa.query(Permission)\
                                        .filter(Permission.
                                                permission_name == perm)\
                                                .scalar()
                    self.sa.add(r2p)
                else:
                    g2p = UsersGroupRepoToPerm()
                    g2p.repository = cur_repo
                    g2p.users_group = UsersGroup.get_by_group_name(member)
                    g2p.permission = self.sa.query(Permission)\
                                        .filter(Permission.
                                                permission_name == perm)\
                                                .scalar()
                    self.sa.add(g2p)

            # update current repo
            for k, v in form_data.items():
                if k == 'user':
                    cur_repo.user = User.get_by_username(v)
                elif k == 'repo_name':
                    pass
                elif k == 'repo_group':
                    cur_repo.group_id = v

                else:
                    setattr(cur_repo, k, v)

            new_name = cur_repo.get_new_name(form_data['repo_name'])
            cur_repo.repo_name = new_name

            self.sa.add(cur_repo)

            if repo_name != new_name:
                # rename repository
                self.__rename_repo(old=repo_name, new=new_name)

            self.sa.commit()
            return cur_repo
        except:
            log.error(traceback.format_exc())
            self.sa.rollback()
            raise
Beispiel #12
0
    def create(self, form_data, cur_user, just_db=False, fork=False):
        from rhodecode.model.scm import ScmModel

        try:
            if fork:
                fork_parent_id = form_data["fork_parent_id"]

            # repo name is just a name of repository
            # while repo_name_full is a full qualified name that is combined
            # with name and path of group
            repo_name = form_data["repo_name"]
            repo_name_full = form_data["repo_name_full"]

            new_repo = Repository()
            new_repo.enable_statistics = False

            for k, v in form_data.items():
                if k == "repo_name":
                    v = repo_name_full
                if k == "repo_group":
                    k = "group_id"
                if k == "description":
                    v = v or repo_name

                setattr(new_repo, k, v)

            if fork:
                parent_repo = Repository.get(fork_parent_id)
                new_repo.fork = parent_repo

            new_repo.user_id = cur_user.user_id
            self.sa.add(new_repo)

            def _create_default_perms():
                # create default permission
                repo_to_perm = UserRepoToPerm()
                default = "repository.read"
                for p in User.get_by_username("default").user_perms:
                    if p.permission.permission_name.startswith("repository."):
                        default = p.permission.permission_name
                        break

                default_perm = "repository.none" if form_data["private"] else default

                repo_to_perm.permission_id = (
                    self.sa.query(Permission).filter(Permission.permission_name == default_perm).one().permission_id
                )

                repo_to_perm.repository = new_repo
                repo_to_perm.user_id = User.get_by_username("default").user_id

                self.sa.add(repo_to_perm)

            if fork:
                if form_data.get("copy_permissions"):
                    repo = Repository.get(fork_parent_id)
                    user_perms = UserRepoToPerm.query().filter(UserRepoToPerm.repository == repo).all()
                    group_perms = UsersGroupRepoToPerm.query().filter(UsersGroupRepoToPerm.repository == repo).all()

                    for perm in user_perms:
                        UserRepoToPerm.create(perm.user, new_repo, perm.permission)

                    for perm in group_perms:
                        UsersGroupRepoToPerm.create(perm.users_group, new_repo, perm.permission)
                else:
                    _create_default_perms()
            else:
                _create_default_perms()

            if not just_db:
                self.__create_repo(repo_name, form_data["repo_type"], form_data["repo_group"], form_data["clone_uri"])
                log_create_repository(new_repo.get_dict(), created_by=cur_user.username)

            # now automatically start following this repository as owner
            ScmModel(self.sa).toggle_following_repo(new_repo.repo_id, cur_user.user_id)
            return new_repo
        except:
            log.error(traceback.format_exc())
            raise
Beispiel #13
0
    def create_repo(self, repo_name, repo_type, description, owner,
                    private=False, clone_uri=None, repos_group=None,
                    landing_rev='tip', just_db=False, fork_of=None,
                    copy_fork_permissions=False):
        """
        Create repository

        """
        from rhodecode.model.scm import ScmModel

        owner = self._get_user(owner)
        fork_of = self._get_repo(fork_of)
        repos_group = self._get_repos_group(repos_group)
        try:

            # repo name is just a name of repository
            # while repo_name_full is a full qualified name that is combined
            # with name and path of group
            repo_name_full = repo_name
            repo_name = repo_name.split(self.URL_SEPARATOR)[-1]

            new_repo = Repository()
            new_repo.enable_statistics = False
            new_repo.repo_name = repo_name_full
            new_repo.repo_type = repo_type
            new_repo.user = owner
            new_repo.group = repos_group
            new_repo.description = description or repo_name
            new_repo.private = private
            new_repo.clone_uri = clone_uri
            new_repo.landing_rev = landing_rev

            if repos_group:
                new_repo.enable_locking = repos_group.enable_locking

            if fork_of:
                parent_repo = fork_of
                new_repo.fork = parent_repo

            self.sa.add(new_repo)

            def _create_default_perms():
                # create default permission
                repo_to_perm = UserRepoToPerm()
                default = 'repository.read'
                for p in User.get_by_username('default').user_perms:
                    if p.permission.permission_name.startswith('repository.'):
                        default = p.permission.permission_name
                        break

                default_perm = 'repository.none' if private else default

                repo_to_perm.permission_id = self.sa.query(Permission)\
                        .filter(Permission.permission_name == default_perm)\
                        .one().permission_id

                repo_to_perm.repository = new_repo
                repo_to_perm.user_id = User.get_by_username('default').user_id

                self.sa.add(repo_to_perm)

            if fork_of:
                if copy_fork_permissions:
                    repo = fork_of
                    user_perms = UserRepoToPerm.query()\
                        .filter(UserRepoToPerm.repository == repo).all()
                    group_perms = UsersGroupRepoToPerm.query()\
                        .filter(UsersGroupRepoToPerm.repository == repo).all()

                    for perm in user_perms:
                        UserRepoToPerm.create(perm.user, new_repo,
                                              perm.permission)

                    for perm in group_perms:
                        UsersGroupRepoToPerm.create(perm.users_group, new_repo,
                                                    perm.permission)
                else:
                    _create_default_perms()
            else:
                _create_default_perms()

            if not just_db:
                self.__create_repo(repo_name, repo_type,
                                   repos_group,
                                   clone_uri)
                log_create_repository(new_repo.get_dict(),
                                      created_by=owner.username)

            # now automatically start following this repository as owner
            ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
                                                    owner.user_id)
            return new_repo
        except:
            log.error(traceback.format_exc())
            raise