def grant_user_group_permission(self, target_user_group, user_group, perm): """ Grant user group permission for given target_user_group :param target_user_group: :param user_group: :param perm: """ target_user_group = UserGroup.guess_instance(target_user_group) user_group = UserGroup.guess_instance(user_group) permission = Permission.guess_instance(perm) # forbid assigning same user group to itself if target_user_group == user_group: raise RepoGroupAssignmentError('target repo:%s cannot be ' 'assigned to itself' % target_user_group) # check if we have that permission already obj = UserGroupUserGroupToPerm.query() \ .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group) \ .filter(UserGroupUserGroupToPerm.user_group == user_group) \ .scalar() if obj is None: # create new ! obj = UserGroupUserGroupToPerm() Session().add(obj) obj.user_group = user_group obj.target_user_group = target_user_group obj.permission = permission log.debug('Granted perm %s to %s on %s', perm, target_user_group, user_group) return obj
def grant_user_group_permission(self, target_user_group, user_group, perm): """ Grant user group permission for given target_user_group :param target_user_group: :param user_group: :param perm: """ target_user_group = UserGroup.guess_instance(target_user_group) user_group = UserGroup.guess_instance(user_group) permission = Permission.guess_instance(perm) # forbid assigning same user group to itself if target_user_group == user_group: raise RepoGroupAssignmentError('target repo:%s cannot be ' 'assigned to itself' % target_user_group) # check if we have that permission already obj = UserGroupUserGroupToPerm.query() \ .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group) \ .filter(UserGroupUserGroupToPerm.user_group == user_group) \ .scalar() if obj is None: # create new ! obj = UserGroupUserGroupToPerm() Session().add(obj) obj.user_group = user_group obj.target_user_group = target_user_group obj.permission = permission log.debug('Granted perm %s to %s on %s', perm, target_user_group, user_group) return obj
def grant_user_permission(self, user_group, user, perm): """ Grant permission for user on given user group, or update existing one if found :param user_group: Instance of UserGroup, users_group_id, or users_group_name :param user: Instance of User, user_id or username :param perm: Instance of Permission, or permission_name """ user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) permission = Permission.guess_instance(perm) # check if we have that permission already obj = UserUserGroupToPerm.query() \ .filter(UserUserGroupToPerm.user == user) \ .filter(UserUserGroupToPerm.user_group == user_group) \ .scalar() if obj is None: # create new ! obj = UserUserGroupToPerm() Session().add(obj) obj.user_group = user_group obj.user = user obj.permission = permission log.debug('Granted perm %s to %s on %s', perm, user, user_group) return obj
def has_perm(self, user_group, perm): user_group = UserGroup.guess_instance(user_group) perm = Permission.guess_instance(perm) return UserGroupToPerm.query() \ .filter(UserGroupToPerm.users_group == user_group) \ .filter(UserGroupToPerm.permission == perm).scalar() is not None
def grant_user_permission(self, user_group, user, perm): """ Grant permission for user on given user group, or update existing one if found :param user_group: Instance of UserGroup, users_group_id, or users_group_name :param user: Instance of User, user_id or username :param perm: Instance of Permission, or permission_name """ user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) permission = Permission.guess_instance(perm) # check if we have that permission already obj = UserUserGroupToPerm.query() \ .filter(UserUserGroupToPerm.user == user) \ .filter(UserUserGroupToPerm.user_group == user_group) \ .scalar() if obj is None: # create new ! obj = UserUserGroupToPerm() Session().add(obj) obj.user_group = user_group obj.user = user obj.permission = permission log.debug('Granted perm %s to %s on %s', perm, user, user_group) return obj
def grant_user_group_permission(self, repo, group_name, perm): """ Grant permission for user group on given repository, or update existing one if found :param repo: Instance of Repository, repository_id, or repository name :param group_name: Instance of UserGroup, users_group_id, or user group name :param perm: Instance of Permission, or permission_name """ repo = Repository.guess_instance(repo) group_name = UserGroup.guess_instance(group_name) permission = Permission.guess_instance(perm) # check if we have that permission already obj = UserGroupRepoToPerm.query() \ .filter(UserGroupRepoToPerm.users_group == group_name) \ .filter(UserGroupRepoToPerm.repository == repo) \ .scalar() if obj is None: # create new obj = UserGroupRepoToPerm() Session().add(obj) obj.repository = repo obj.users_group = group_name obj.permission = permission log.debug('Granted perm %s to %s on %s', perm, group_name, repo) return obj
def has_perm(self, user_group, perm): user_group = UserGroup.guess_instance(user_group) perm = Permission.guess_instance(perm) return UserGroupToPerm.query() \ .filter(UserGroupToPerm.users_group == user_group) \ .filter(UserGroupToPerm.permission == perm).scalar() is not None
def grant_user_group_permission(self, repo, group_name, perm): """ Grant permission for user group on given repository, or update existing one if found :param repo: Instance of Repository, repository_id, or repository name :param group_name: Instance of UserGroup, users_group_id, or user group name :param perm: Instance of Permission, or permission_name """ repo = Repository.guess_instance(repo) group_name = UserGroup.guess_instance(group_name) permission = Permission.guess_instance(perm) # check if we have that permission already obj = UserGroupRepoToPerm.query() \ .filter(UserGroupRepoToPerm.users_group == group_name) \ .filter(UserGroupRepoToPerm.repository == repo) \ .scalar() if obj is None: # create new obj = UserGroupRepoToPerm() Session().add(obj) obj.repository = repo obj.users_group = group_name obj.permission = permission log.debug('Granted perm %s to %s on %s', perm, group_name, repo) return obj
def revoke_user_group_permission(self, target_user_group, user_group): """ Revoke user group permission for given target_user_group :param target_user_group: :param user_group: """ target_user_group = UserGroup.guess_instance(target_user_group) user_group = UserGroup.guess_instance(user_group) obj = UserGroupUserGroupToPerm.query() \ .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group) \ .filter(UserGroupUserGroupToPerm.user_group == user_group) \ .scalar() if obj is not None: Session().delete(obj) log.debug('Revoked perm on %s on %s', target_user_group, user_group)
def revoke_perm(self, user_group, perm): user_group = UserGroup.guess_instance(user_group) perm = Permission.guess_instance(perm) obj = UserGroupToPerm.query() \ .filter(UserGroupToPerm.users_group == user_group) \ .filter(UserGroupToPerm.permission == perm).scalar() if obj is not None: Session().delete(obj)
def revoke_perm(self, user_group, perm): user_group = UserGroup.guess_instance(user_group) perm = Permission.guess_instance(perm) obj = UserGroupToPerm.query() \ .filter(UserGroupToPerm.users_group == user_group) \ .filter(UserGroupToPerm.permission == perm).scalar() if obj is not None: Session().delete(obj)
def revoke_user_group_permission(self, target_user_group, user_group): """ Revoke user group permission for given target_user_group :param target_user_group: :param user_group: """ target_user_group = UserGroup.guess_instance(target_user_group) user_group = UserGroup.guess_instance(user_group) obj = UserGroupUserGroupToPerm.query() \ .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group) \ .filter(UserGroupUserGroupToPerm.user_group == user_group) \ .scalar() if obj is not None: Session().delete(obj) log.debug('Revoked perm on %s on %s', target_user_group, user_group)
def grant_perm(self, user_group, perm): user_group = UserGroup.guess_instance(user_group) perm = Permission.guess_instance(perm) # if this permission is already granted skip it _perm = UserGroupToPerm.query() \ .filter(UserGroupToPerm.users_group == user_group) \ .filter(UserGroupToPerm.permission == perm) \ .scalar() if _perm: return new = UserGroupToPerm() new.users_group = user_group new.permission = perm Session().add(new) return new
def grant_perm(self, user_group, perm): user_group = UserGroup.guess_instance(user_group) perm = Permission.guess_instance(perm) # if this permission is already granted skip it _perm = UserGroupToPerm.query() \ .filter(UserGroupToPerm.users_group == user_group) \ .filter(UserGroupToPerm.permission == perm) \ .scalar() if _perm: return new = UserGroupToPerm() new.users_group = user_group new.permission = perm Session().add(new) return new
def revoke_user_group_permission(self, repo, group_name): """ Revoke permission for user group on given repository :param repo: Instance of Repository, repository_id, or repository name :param group_name: Instance of UserGroup, users_group_id, or user group name """ repo = Repository.guess_instance(repo) group_name = UserGroup.guess_instance(group_name) obj = UserGroupRepoToPerm.query() \ .filter(UserGroupRepoToPerm.repository == repo) \ .filter(UserGroupRepoToPerm.users_group == group_name) \ .scalar() if obj is not None: Session().delete(obj) log.debug('Revoked perm to %s on %s', repo, group_name)
def revoke_user_group_permission(self, repo, group_name): """ Revoke permission for user group on given repository :param repo: Instance of Repository, repository_id, or repository name :param group_name: Instance of UserGroup, users_group_id, or user group name """ repo = Repository.guess_instance(repo) group_name = UserGroup.guess_instance(group_name) obj = UserGroupRepoToPerm.query() \ .filter(UserGroupRepoToPerm.repository == repo) \ .filter(UserGroupRepoToPerm.users_group == group_name) \ .scalar() if obj is not None: Session().delete(obj) log.debug('Revoked perm to %s on %s', repo, group_name)
def revoke_user_permission(self, user_group, user): """ Revoke permission for user on given repository group :param user_group: Instance of RepoGroup, repositories_group_id, or repositories_group name :param user: Instance of User, user_id or username """ user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) obj = UserUserGroupToPerm.query() \ .filter(UserUserGroupToPerm.user == user) \ .filter(UserUserGroupToPerm.user_group == user_group) \ .scalar() if obj is not None: Session().delete(obj) log.debug('Revoked perm on %s on %s', user_group, user)
def revoke_user_permission(self, user_group, user): """ Revoke permission for user on given repository group :param user_group: Instance of RepoGroup, repositories_group_id, or repositories_group name :param user: Instance of User, user_id or username """ user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) obj = UserUserGroupToPerm.query() \ .filter(UserUserGroupToPerm.user == user) \ .filter(UserUserGroupToPerm.user_group == user_group) \ .scalar() if obj is not None: Session().delete(obj) log.debug('Revoked perm on %s on %s', user_group, user)
def remove_user_from_group(self, user_group, user): user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) user_group_member = None for m in user_group.members: if m.user_id == user.user_id: # Found this user's membership row user_group_member = m break if user_group_member: try: Session().delete(user_group_member) return True except Exception: log.error(traceback.format_exc()) raise else: # User isn't in that group return False
def remove_user_from_group(self, user_group, user): user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) user_group_member = None for m in user_group.members: if m.user_id == user.user_id: # Found this user's membership row user_group_member = m break if user_group_member: try: Session().delete(user_group_member) return True except Exception: log.error(traceback.format_exc()) raise else: # User isn't in that group return False
def update(self, user_group, form_data): try: user_group = UserGroup.guess_instance(user_group) for k, v in form_data.items(): if k == 'users_group_members': members_list = [] if v: v = [v] if isinstance(v, basestring) else v for u_id in set(v): member = UserGroupMember(user_group.users_group_id, u_id) members_list.append(member) Session().add(member) user_group.members = members_list setattr(user_group, k, v) # Flush to make db assign users_group_member_id to newly # created UserGroupMembers. Session().flush() except Exception: log.error(traceback.format_exc()) raise
def delete(self, user_group, force=False): """ Deletes user group, unless force flag is used raises exception if there are members in that group, else deletes group and users :param user_group: :param force: """ user_group = UserGroup.guess_instance(user_group) try: # check if this group is not assigned to repo assigned_groups = UserGroupRepoToPerm.query() \ .filter(UserGroupRepoToPerm.users_group == user_group).all() assigned_groups = [x.repository.repo_name for x in assigned_groups] if assigned_groups and not force: raise UserGroupsAssignedException( 'User Group assigned to %s' % ", ".join(assigned_groups)) Session().delete(user_group) except Exception: log.error(traceback.format_exc()) raise
def add_user_to_group(self, user_group, user): user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) for m in user_group.members: u = m.user if u.user_id == user.user_id: # user already in the group, skip return True try: user_group_member = UserGroupMember() user_group_member.user = user user_group_member.users_group = user_group user_group.members.append(user_group_member) user.group_member.append(user_group_member) Session().add(user_group_member) return user_group_member except Exception: log.error(traceback.format_exc()) raise
def delete(self, user_group, force=False): """ Deletes user group, unless force flag is used raises exception if there are members in that group, else deletes group and users :param user_group: :param force: """ user_group = UserGroup.guess_instance(user_group) try: # check if this group is not assigned to repo assigned_groups = UserGroupRepoToPerm.query() \ .filter(UserGroupRepoToPerm.users_group == user_group).all() assigned_groups = [x.repository.repo_name for x in assigned_groups] if assigned_groups and not force: raise UserGroupsAssignedException('User Group assigned to %s' % ", ".join(assigned_groups)) Session().delete(user_group) except Exception: log.error(traceback.format_exc()) raise
def add_user_to_group(self, user_group, user): user_group = UserGroup.guess_instance(user_group) user = User.guess_instance(user) for m in user_group.members: u = m.user if u.user_id == user.user_id: # user already in the group, skip return True try: user_group_member = UserGroupMember() user_group_member.user = user user_group_member.users_group = user_group user_group.members.append(user_group_member) user.group_member.append(user_group_member) Session().add(user_group_member) return user_group_member except Exception: log.error(traceback.format_exc()) raise
def update(self, user_group, form_data): try: user_group = UserGroup.guess_instance(user_group) for k, v in form_data.items(): if k == 'users_group_members': members_list = [] if v: v = [v] if isinstance(v, basestring) else v for u_id in set(v): member = UserGroupMember(user_group.users_group_id, u_id) members_list.append(member) Session().add(member) user_group.members = members_list setattr(user_group, k, v) # Flush to make db assign users_group_member_id to newly # created UserGroupMembers. Session().flush() except Exception: log.error(traceback.format_exc()) raise
def get_group(self, user_group): return UserGroup.guess_instance(user_group)
def get_group(self, user_group): return UserGroup.guess_instance(user_group)