def create(self, name=None, **kw):
if M.ProjectRole.by_name(name):
flash('%s already exists' % name, 'error')
else:
M.ProjectRole(project_id=c.project._id, name=name)
M.AuditLog.log('create group %s', name)
g.post_event('project_updated')
redirect('.')
def test_project_role():
role = M.ProjectRole(project_id=c.project._id, name='test_role')
c.user.project_role().roles.append(role._id)
ThreadLocalORMSession.flush_all()
for pr in g.credentials.user_roles(c.user._id,
project_id=c.project.root_project._id):
assert pr.display()
pr.special
assert pr.user in (c.user, None, M.User.anonymous())
def test_is_spam(self, spam_checker):
spam_checker.check.return_value = True
c.user = M.User.query.get(username="******")
role = M.ProjectRole(project_id=c.project._id, name='TestRole')
M.ProjectRole.by_user(c.user, upsert=True).roles.append(role._id)
ThreadLocalORMSession.flush_all()
t = M.Thread()
p = M.Post(thread=t)
assert_in('TestRole', [r.name for r in c.project.named_roles])
assert_false(t.is_spam(p))
def test_project_role():
role = M.ProjectRole(project_id=c.project._id, name='test_role')
c.user.project_role().roles.append(role._id)
ThreadLocalORMSession.flush_all()
roles = g.credentials.user_roles(
c.user._id, project_id=c.project.root_project._id)
roles_ids = [role['_id'] for role in roles]
roles = M.ProjectRole.query.find({'_id': {'$in': roles_ids}})
for pr in roles:
assert pr.display()
pr.special
assert pr.user in (c.user, None, M.User.anonymous())
def test_user_projects_unnamed():
"""
Confirm that spurious ProjectRoles associating a user with
a project to which they do not belong to any named group
don't cause the user to count as a member of the project.
"""
sub1 = M.Project.query.get(shortname='test/sub1')
M.ProjectRole(user_id=c.user._id, project_id=sub1._id)
ThreadLocalORMSession.flush_all()
project_names = [p.shortname for p in c.user.my_projects()]
assert_not_in('test/sub1', project_names)
assert_in('test', project_names)
def project_role(project, name):
role = M.ProjectRole.query.get(project_id=project._id, name=name)
if role is None:
role = M.ProjectRole(project_id=project._id, name=name)
return role
'''Merge all the OldProjectRole collections in various project databases into a
central ProjectRole collection.
'''
import logging
from pylons import c
from ming.orm import session, state
from allura import model as M
log = logging.getLogger(__name__)
seen_databases = set()
projects = M.Project.query.find().all()
for p in projects:
if p.database_uri in seen_databases:
continue
seen_databases.add(p.database_uri)
log.info('Moving project roles in database %s to main DB', p.database_uri)
c.project = p
for opr in M.OldProjectRole.query.find():
pr = M.ProjectRole(**state(opr).document)
session(opr).clear()
session(pr).flush()
session(pr).clear()
def _create_project(self, neighborhood, shortname, project_name, user, user_project, private_project, apps):
'''
Actually create the project, no validation. This should not be called directly
under normal circumstances.
'''
from allura import model as M
project_template = neighborhood.get_project_template()
p = M.Project(neighborhood_id=neighborhood._id,
shortname=shortname,
name=project_name,
short_description='',
description=('You can edit this description in the admin page'),
homepage_title=shortname,
database_uri=M.Project.default_database_uri(shortname),
last_updated = datetime.utcnow(),
is_nbhd_project=False,
is_root=True)
p.configure_project(
users=[user],
is_user_project=user_project,
is_private_project=private_project or project_template.get('private', False),
apps=apps or [] if 'tools' in project_template else None)
# Setup defaults from neighborhood project template if applicable
offset = p.next_mount_point(include_hidden=True)
if 'groups' in project_template:
for obj in project_template['groups']:
name = obj.get('name')
permissions = set(obj.get('permissions', [])) & \
set(p.permissions)
usernames = obj.get('usernames', [])
# Must provide a group name
if not name: continue
# If the group already exists, we'll add users to it,
# but we won't change permissions on the group
group = M.ProjectRole.by_name(name, project=p)
if not group:
# If creating a new group, *must* specify permissions
if not permissions: continue
group = M.ProjectRole(project_id=p._id, name=name)
p.acl += [M.ACE.allow(group._id, perm)
for perm in permissions]
for username in usernames:
guser = M.User.by_username(username)
if not (guser and guser._id): continue
pr = guser.project_role(project=p)
if group._id not in pr.roles:
pr.roles.append(group._id)
if 'tools' in project_template:
for i, tool in enumerate(project_template['tools'].keys()):
tool_config = project_template['tools'][tool]
tool_options = tool_config.get('options', {})
for k, v in tool_options.iteritems():
if isinstance(v, basestring):
tool_options[k] = \
string.Template(v).safe_substitute(
p.__dict__.get('root_project', {}))
if p.app_instance(tool) is None:
app = p.install_app(tool,
mount_label=tool_config['label'],
mount_point=tool_config['mount_point'],
ordinal=i + offset,
**tool_options)
if tool == 'wiki':
from forgewiki import model as WM
text = tool_config.get('home_text',
'[[members limit=20]]\n[[download_button]]')
WM.Page.query.get(app_config_id=app.config._id).text = text
if 'tool_order' in project_template:
for i, tool in enumerate(project_template['tool_order']):
p.app_config(tool).options.ordinal = i
if 'labels' in project_template:
p.labels = project_template['labels']
if 'trove_cats' in project_template:
for trove_type in project_template['trove_cats'].keys():
troves = getattr(p, 'trove_%s' % trove_type)
for trove_id in project_template['trove_cats'][trove_type]:
troves.append(M.TroveCategory.query.get(trove_cat_id=trove_id)._id)
if 'icon' in project_template:
icon_file = StringIO(urlopen(project_template['icon']['url']).read())
M.ProjectFile.save_image(
project_template['icon']['filename'], icon_file,
square=True, thumbnail_size=(48, 48),
thumbnail_meta=dict(project_id=p._id, category='icon'))
if user_project:
# Allow for special user-only tools
p._extra_tool_status = ['user']
# add user project informative text to home
from forgewiki import model as WM
home_app = p.app_instance('wiki')
home_page = WM.Page.query.get(app_config_id=home_app.config._id)
home_page.text = ("This is the personal project of %s."
" This project is created automatically during user registration"
" as an easy place to store personal data that doesn't need its own"
" project such as cloned repositories.") % user.display_name
# clear the RoleCache for the user so this project will
# be picked up by user.my_projects()
g.credentials.clear_user(user._id, None) # unnamed roles for this user
g.credentials.clear_user(user._id, p._id) # named roles for this project + user
with h.push_config(c, project=p, user=user):
ThreadLocalORMSession.flush_all()
# have to add user to context, since this may occur inside auth code
# for user-project reg, and c.user isn't set yet
g.post_event('project_created')
return p
def register_project(self, neighborhood, shortname, project_name, user, user_project, private_project, apps=None):
'''Register a new project in the neighborhood. The given user will
become the project's superuser.
'''
from allura import model as M
# Check for private project rights
if neighborhood.features['private_projects'] == False and private_project:
raise ValueError("You can't create private projects for %s neighborhood" % neighborhood.name)
# Check for project limit creation
pq = M.Project.query.find(dict(
neighborhood_id=neighborhood._id,
deleted=False,
is_nbhd_project=False,
))
count = pq.count()
nb_max_projects = neighborhood.get_max_projects()
if nb_max_projects is not None and count >= nb_max_projects:
log.exception('Error registering project %s' % project_name)
raise forge_exc.ProjectOverlimitError()
if not h.re_path_portion.match(shortname.replace('/', '')):
raise ValueError('Invalid project shortname: %s' % shortname)
try:
p = M.Project.query.get(shortname=shortname, neighborhood_id=neighborhood._id)
if p:
raise forge_exc.ProjectConflict()
project_template = neighborhood.get_project_template()
p = M.Project(neighborhood_id=neighborhood._id,
shortname=shortname,
name=project_name,
short_description='',
description=('You can edit this description in the admin page'),
homepage_title=shortname,
database_uri=M.Project.default_database_uri(shortname),
last_updated = datetime.utcnow(),
is_nbhd_project=False,
is_root=True)
p.configure_project(
users=[user],
is_user_project=user_project,
is_private_project=private_project or project_template.get('private', False),
apps=apps or [] if 'tools' in project_template else None)
# Setup defaults from neighborhood project template if applicable
offset = p.next_mount_point(include_hidden=True)
if 'groups' in project_template:
for obj in project_template['groups']:
name = obj.get('name')
permissions = set(obj.get('permissions', [])) & \
set(p.permissions)
usernames = obj.get('usernames', [])
# Must provide a group name
if not name: continue
# If the group already exists, we'll add users to it,
# but we won't change permissions on the group
group = M.ProjectRole.by_name(name, project=p)
if not group:
# If creating a new group, *must* specify permissions
if not permissions: continue
group = M.ProjectRole(project_id=p._id, name=name)
p.acl += [M.ACE.allow(group._id, perm)
for perm in permissions]
for username in usernames:
user = M.User.by_username(username)
if not (user and user._id): continue
pr = user.project_role(project=p)
if group._id not in pr.roles:
pr.roles.append(group._id)
if 'tools' in project_template:
for i, tool in enumerate(project_template['tools'].keys()):
tool_config = project_template['tools'][tool]
tool_options = tool_config.get('options', {})
for k, v in tool_options.iteritems():
if isinstance(v, basestring):
tool_options[k] = \
string.Template(v).safe_substitute(
p.__dict__.get('root_project', {}))
app = p.install_app(tool,
mount_label=tool_config['label'],
mount_point=tool_config['mount_point'],
ordinal=i + offset,
**tool_options)
if tool == 'wiki':
from forgewiki import model as WM
text = tool_config.get('home_text',
'[[project_admins]]\n[[download_button]]')
WM.Page.query.get(app_config_id=app.config._id).text = text
if 'tool_order' in project_template:
for i, tool in enumerate(project_template['tool_order']):
p.app_config(tool).options.ordinal = i
if 'labels' in project_template:
p.labels = project_template['labels']
if 'trove_cats' in project_template:
for trove_type in project_template['trove_cats'].keys():
troves = getattr(p, 'trove_%s' % trove_type)
for trove_id in project_template['trove_cats'][trove_type]:
troves.append(M.TroveCategory.query.get(trove_cat_id=trove_id)._id)
if 'icon' in project_template:
icon_file = StringIO(urlopen(project_template['icon']['url']).read())
M.ProjectFile.save_image(
project_template['icon']['filename'], icon_file,
square=True, thumbnail_size=(48, 48),
thumbnail_meta=dict(project_id=p._id, category='icon'))
except forge_exc.ProjectConflict:
raise
except:
ThreadLocalORMSession.close_all()
log.exception('Error registering project %s' % p)
raise
with h.push_config(c, project=p, user=user):
ThreadLocalORMSession.flush_all()
# have to add user to context, since this may occur inside auth code
# for user-project reg, and c.user isn't set yet
g.post_event('project_created')
return p
