def create_repository(self): """GET /_admin/create_repository: Form to create a new item""" new_repo = request.GET.get('repo', '') parent_group = request.GET.get('parent_group') if not HasPermissionAny('hg.admin', 'hg.create.repository')(): #you're not super admin nor have global create permissions, #but maybe you have at least write permission to a parent group ? _gr = RepoGroup.get(parent_group) gr_name = _gr.group_name if _gr else None if not HasReposGroupPermissionAny( 'group.admin', 'group.write')(group_name=gr_name): raise HTTPForbidden acl_groups = GroupList(RepoGroup.query().all(), perm_set=['group.write', 'group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.new_repo = repo_name_slug(new_repo) ## apply the defaults from defaults page defaults = RhodeCodeSetting.get_default_repo_settings( strip_prefix=True) if parent_group: defaults.update({'repo_group': parent_group}) return htmlfill.render(render('admin/repos/repo_add.html'), defaults=defaults, errors={}, prefix_error=False, encoding="UTF-8")
def create(self, group_name, group_description, owner, parent=None, just_db=False): try: new_repos_group = RepoGroup() new_repos_group.group_description = group_description or group_name new_repos_group.parent_group = self._get_repos_group(parent) new_repos_group.group_name = new_repos_group.get_new_name(group_name) self.sa.add(new_repos_group) self._create_default_perms(new_repos_group) #create an ADMIN permission for owner, later owner should go into #the owner field of groups self.grant_user_permission(repos_group=new_repos_group, user=owner, perm='group.admin') if not just_db: # we need to flush here, in order to check if database won't # throw any exceptions, create filesystem dirs at the very end self.sa.flush() self.__create_group(new_repos_group.group_name) return new_repos_group except Exception: log.error(traceback.format_exc()) raise
def create_repository(self): """GET /_admin/create_repository: Form to create a new item""" new_repo = request.GET.get('repo', '') parent_group = request.GET.get('parent_group') if not HasPermissionAny('hg.admin', 'hg.create.repository')(): #you're not super admin nor have global create permissions, #but maybe you have at least write permission to a parent group ? _gr = RepoGroup.get(parent_group) gr_name = _gr.group_name if _gr else None if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name): raise HTTPForbidden acl_groups = GroupList(RepoGroup.query().all(), perm_set=['group.write', 'group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.new_repo = repo_name_slug(new_repo) ## apply the defaults from defaults page defaults = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True) if parent_group: defaults.update({'repo_group': parent_group}) return htmlfill.render( render('admin/repos/repo_add.html'), defaults=defaults, errors={}, prefix_error=False, encoding="UTF-8" )
def __create_repo(self, repo_name, alias, new_parent_id, clone_uri=False): """ makes repository on filesystem. It's group aware means it'll create a repository within a group, and alter the paths accordingly of group location :param repo_name: :param alias: :param parent_id: :param clone_uri: """ from rhodecode.lib.utils import is_valid_repo, is_valid_repos_group if new_parent_id: paths = RepoGroup.get(new_parent_id).full_path.split(RepoGroup.url_sep()) new_parent_path = os.sep.join(paths) else: new_parent_path = "" # we need to make it str for mercurial repo_path = os.path.join(*map(lambda x: safe_str(x), [self.repos_path, new_parent_path, repo_name])) # check if this path is not a repository if is_valid_repo(repo_path, self.repos_path): raise Exception("This path %s is a valid repository" % repo_path) # check if this path is a group if is_valid_repos_group(repo_path, self.repos_path): raise Exception("This path %s is a valid group" % repo_path) log.info("creating repo %s in %s @ %s" % (repo_name, safe_unicode(repo_path), clone_uri)) backend = get_backend(alias) backend(repo_path, create=True, src_url=clone_uri)
def _get_group_name_and_parent(self, group_name_full, repo_in_path=False): """ Get's the group name and a parent group name from given group name. If repo_in_path is set to truth, we asume the full path also includes repo name, in such case we clean the last element. :param group_name_full: """ split_paths = 1 if repo_in_path: split_paths = 2 _parts = group_name_full.rsplit(RepoGroup.url_sep(), split_paths) if repo_in_path and len(_parts) > 1: # such case last element is the repo_name _parts.pop(-1) group_name_cleaned = _parts[-1] # just the group name parent_repo_group_name = None if len(_parts) > 1: parent_repo_group_name = _parts[0] if parent_repo_group_name: parent_group = RepoGroup.get_by_group_name(parent_repo_group_name) return group_name_cleaned, parent_repo_group_name
def map_groups(path): """ Given a full path to a repository, create all nested groups that this repo is inside. This function creates parent-child relationships between groups and creates default perms for all new groups. :param paths: full path to repository """ sa = meta.Session() groups = path.split(Repository.url_sep()) parent = None group = None # last element is repo in nested groups structure groups = groups[:-1] rgm = ReposGroupModel(sa) for lvl, group_name in enumerate(groups): group_name = '/'.join(groups[:lvl] + [group_name]) group = RepoGroup.get_by_group_name(group_name) desc = '%s group' % group_name # skip folders that are now removed repos if REMOVED_REPO_PAT.match(group_name): break if group is None: log.debug('creating group level: %s group_name: %s' % (lvl, group_name)) group = RepoGroup(group_name, parent) group.group_description = desc sa.add(group) rgm._create_default_perms(group) sa.flush() parent = group return group
def __load_defaults(self, allow_empty_group=False, repo_group=None): if self._can_create_repo_group(): # we're global admin, we're ok and we can create TOP level groups allow_empty_group = True # override the choices for this form, we need to filter choices # and display only those we have ADMIN right groups_with_admin_rights = RepoGroupList(RepoGroup.query().all(), perm_set=['group.admin']) c.repo_groups = RepoGroup.groups_choices( groups=groups_with_admin_rights, show_empty_group=allow_empty_group) if repo_group: # exclude filtered ids exclude_group_ids = [repo_group.group_id] c.repo_groups = filter(lambda x: x[0] not in exclude_group_ids, c.repo_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) parent_group = repo_group.parent_group add_parent_group = (parent_group and (unicode( parent_group.group_id) not in c.repo_groups_choices)) if add_parent_group: c.repo_groups_choices.append(unicode(parent_group.group_id)) c.repo_groups.append(RepoGroup._generate_choice(parent_group))
def __load_defaults(self): acl_groups = RepoGroupList(RepoGroup.query().all(), perm_set=['group.write', 'group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.landing_revs_choices = choices c.can_update = RhodeCodeUi.get_by_key(RhodeCodeUi.HOOK_UPDATE).ui_active
def __load_defaults(self): acl_groups = RepoGroupList(RepoGroup.query().all(), perm_set=['group.write', 'group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.landing_revs_choices = choices c.can_update = RhodeCodeUi.get_by_key( RhodeCodeUi.HOOK_UPDATE).ui_active
def __load_defaults(self): acl_groups = RepoGroupList( RepoGroup.query().all(), perm_set=['group.write', 'group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.landing_revs_choices = choices c.personal_repo_group = RepoGroup.get_by_group_name( c.rhodecode_user.username)
def __load_defaults(self): acl_groups = GroupList(RepoGroup.query().all(), perm_set=['group.write', 'group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) repo_model = RepoModel() c.users_array = repo_model.get_users_js() c.users_groups_array = repo_model.get_users_groups_js() choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.landing_revs_choices = choices
def test_remove_group(self): sg1 = _make_group('deleteme') self.__delete_group(sg1.group_id) self.assertEqual(RepoGroup.get(sg1.group_id), None) self.assertFalse(self.__check_path('deteteme')) sg1 = _make_group('deleteme', parent_id=self.g1.group_id) self.__delete_group(sg1.group_id) self.assertEqual(RepoGroup.get(sg1.group_id), None) self.assertFalse(self.__check_path('test1', 'deteteme'))
def test_remove_group(self): sg1 = fixture.create_repo_group('deleteme') self.__delete_group(sg1.group_id) assert RepoGroup.get(sg1.group_id) is None assert not self.__check_path('deteteme') sg1 = fixture.create_repo_group('test1/deleteme') self.__delete_group(sg1.group_id) assert RepoGroup.get(sg1.group_id) is None assert not self.__check_path('test1', 'deteteme')
def test_remove_group(self): sg1 = fixture.create_group("deleteme") self.__delete_group(sg1.group_id) self.assertEqual(RepoGroup.get(sg1.group_id), None) self.assertFalse(self.__check_path("deteteme")) sg1 = fixture.create_group("deleteme", group_parent_id=self.g1.group_id) self.__delete_group(sg1.group_id) self.assertEqual(RepoGroup.get(sg1.group_id), None) self.assertFalse(self.__check_path("test1", "deteteme"))
def update(self, repos_group_id, form_data): try: repos_group = RepoGroup.get(repos_group_id) # update permissions for member, perm, member_type in form_data['perms_updates']: if member_type == 'user': # this updates also current one if found ReposGroupModel().grant_user_permission( repos_group=repos_group, user=member, perm=perm ) else: ReposGroupModel().grant_users_group_permission( repos_group=repos_group, group_name=member, perm=perm ) # set new permissions for member, perm, member_type in form_data['perms_new']: if member_type == 'user': ReposGroupModel().grant_user_permission( repos_group=repos_group, user=member, perm=perm ) else: ReposGroupModel().grant_users_group_permission( repos_group=repos_group, group_name=member, perm=perm ) old_path = repos_group.full_path # change properties repos_group.group_description = form_data['group_description'] repos_group.parent_group = RepoGroup.get(form_data['group_parent_id']) repos_group.group_parent_id = form_data['group_parent_id'] repos_group.group_name = repos_group.get_new_name(form_data['group_name']) new_path = repos_group.full_path self.sa.add(repos_group) # we need to get all repositories from this new group and # rename them accordingly to new group path for r in repos_group.repositories: r.repo_name = r.get_new_name(r.just_name) self.sa.add(r) self.__rename_group(old_path, new_path) return repos_group except: log.error(traceback.format_exc()) raise
def validate_python(self, value, state): # TODO WRITE VALIDATIONS group_name = value.get('group_name') group_parent_id = value.get('group_parent_id') # slugify repo group just in case :) slug = repo_name_slug(group_name) # check for parent of self parent_of_self = lambda: ( old_data['group_id'] == int(group_parent_id) if group_parent_id else False ) if edit and parent_of_self(): e_dict = { 'group_parent_id': _('Cannot assign this group as parent') } raise formencode.Invalid('', value, state, error_dict=e_dict) old_gname = None if edit: old_gname = RepoGroup.get(old_data.get('group_id')).group_name if old_gname != group_name or not edit: # check group gr = RepoGroup.query()\ .filter(RepoGroup.group_name == slug)\ .filter(RepoGroup.group_parent_id == group_parent_id)\ .scalar() if gr: e_dict = { 'group_name': _('This group already exists') } raise formencode.Invalid('', value, state, error_dict=e_dict) # check for same repo repo = Repository.query()\ .filter(Repository.repo_name == slug)\ .scalar() if repo: e_dict = { 'group_name': _('Repository with this name already exists') } raise formencode.Invalid('', value, state, error_dict=e_dict)
def create_group(self, name, **kwargs): if 'skip_if_exists' in kwargs: del kwargs['skip_if_exists'] gr = RepoGroup.get_by_group_name(group_name=name) if gr: return gr form_data = self._get_group_create_params(group_name=name, **kwargs) owner = kwargs.get('cur_user', TEST_USER_ADMIN_LOGIN) gr = ReposGroupModel().create(group_name=form_data['group_name'], group_description=form_data['group_name'], owner=owner, parent=form_data['group_parent_id']) Session().commit() gr = RepoGroup.get_by_group_name(gr.group_name) return gr
def to_python(self, value, state): repo_name = value.get('repo_name') slug = repo_name_slug(repo_name) if slug in [ADMIN_PREFIX, '']: e_dict = {'repo_name': _('This repository name is disallowed')} raise formencode.Invalid('', value, state, error_dict=e_dict) if value.get('repo_group'): gr = RepoGroup.get(value.get('repo_group')) group_path = gr.full_path # value needs to be aware of group name in order to check # db key This is an actual just the name to store in the # database repo_name_full = group_path + RepoGroup.url_sep() + repo_name else: group_path = '' repo_name_full = repo_name value['repo_name_full'] = repo_name_full rename = old_data.get('repo_name') != repo_name_full create = not edit if rename or create: if group_path != '': if Repository.get_by_repo_name(repo_name_full): e_dict = { 'repo_name': _('This repository already exists in ' 'a group "%s"') % gr.group_name } raise formencode.Invalid('', value, state, error_dict=e_dict) elif RepoGroup.get_by_group_name(repo_name_full): e_dict = { 'repo_name': _('There is a group with this name ' 'already "%s"') % repo_name_full } raise formencode.Invalid('', value, state, error_dict=e_dict) elif Repository.get_by_repo_name(repo_name_full): e_dict = {'repo_name': _('This repository ' 'already exists')} raise formencode.Invalid('', value, state, error_dict=e_dict) return value
def create_repo_group(self, name, **kwargs): if 'skip_if_exists' in kwargs: del kwargs['skip_if_exists'] gr = RepoGroup.get_by_group_name(group_name=name) if gr: return gr form_data = self._get_group_create_params(group_name=name, **kwargs) owner = kwargs.get('cur_user', TEST_USER_ADMIN_LOGIN) gr = RepoGroupModel().create( group_name=form_data['group_name'], group_description=form_data['group_name'], owner=owner) Session().commit() gr = RepoGroup.get_by_group_name(gr.group_name) return gr
def update(self, repos_group_id, form_data): try: repos_group = RepoGroup.get(repos_group_id) # update permissions for member, perm, member_type in form_data['perms_updates']: if member_type == 'user': # this updates also current one if found ReposGroupModel().grant_user_permission( repos_group=repos_group, user=member, perm=perm) else: ReposGroupModel().grant_users_group_permission( repos_group=repos_group, group_name=member, perm=perm) # set new permissions for member, perm, member_type in form_data['perms_new']: if member_type == 'user': ReposGroupModel().grant_user_permission( repos_group=repos_group, user=member, perm=perm) else: ReposGroupModel().grant_users_group_permission( repos_group=repos_group, group_name=member, perm=perm) old_path = repos_group.full_path # change properties repos_group.group_description = form_data['group_description'] repos_group.parent_group = RepoGroup.get( form_data['group_parent_id']) repos_group.group_parent_id = form_data['group_parent_id'] repos_group.group_name = repos_group.get_new_name( form_data['group_name']) new_path = repos_group.full_path self.sa.add(repos_group) # we need to get all repositories from this new group and # rename them accordingly to new group path for r in repos_group.repositories: r.repo_name = r.get_new_name(r.just_name) self.sa.add(r) self.__rename_group(old_path, new_path) return repos_group except: log.error(traceback.format_exc()) raise
def validate_python(self, value, state): # TODO WRITE VALIDATIONS group_name = value.get('group_name') group_parent_id = value.get('group_parent_id') # slugify repo group just in case :) slug = repo_name_slug(group_name) # check for parent of self parent_of_self = lambda: (old_data['group_id'] == int( group_parent_id) if group_parent_id else False) if edit and parent_of_self(): msg = M(self, 'group_parent_id', state) raise formencode.Invalid(msg, value, state, error_dict=dict(group_parent_id=msg)) old_gname = None if edit: old_gname = RepoGroup.get(old_data.get('group_id')).group_name if old_gname != group_name or not edit: # check group gr = RepoGroup.query()\ .filter(RepoGroup.group_name == slug)\ .filter(RepoGroup.group_parent_id == group_parent_id)\ .scalar() if gr: msg = M(self, 'group_exists', state, group_name=slug) raise formencode.Invalid(msg, value, state, error_dict=dict(group_name=msg)) # check for same repo repo = Repository.query()\ .filter(Repository.repo_name == slug)\ .scalar() if repo: msg = M(self, 'repo_exists', state, group_name=slug) raise formencode.Invalid(msg, value, state, error_dict=dict(group_name=msg))
def __load_data(self, group_id): """ Load defaults settings for edit, and update :param group_id: """ self.__load_defaults() repo_group = RepoGroup.get(group_id) data = repo_group.get_dict() data['group_name'] = repo_group.name # fill repository users for p in repo_group.repo_group_to_perm: data.update({'u_perm_%s' % p.user.username: p.permission.permission_name}) # fill repository groups for p in repo_group.users_group_to_perm: data.update({'g_perm_%s' % p.users_group.users_group_name: p.permission.permission_name}) return data
def test_subgrouping_with_repo(self): g1 = _make_group('g1') g2 = _make_group('g2') # create new repo form_data = dict(repo_name='john', repo_name_full='john', fork_name=None, description=None, repo_group=None, private=False, repo_type='hg', clone_uri=None) cur_user = User.get_by_username(TEST_USER_ADMIN_LOGIN) r = RepoModel().create(form_data, cur_user) self.assertEqual(r.repo_name, 'john') # put repo into group form_data = form_data form_data['repo_group'] = g1.group_id form_data['perms_new'] = [] form_data['perms_updates'] = [] RepoModel().update(r.repo_name, form_data) self.assertEqual(r.repo_name, 'g1/john') self.__update_group(g1.group_id, 'g1', parent_id=g2.group_id) self.assertTrue(self.__check_path('g2', 'g1')) # test repo self.assertEqual(r.repo_name, RepoGroup.url_sep().join(['g2', 'g1', r.just_name]))
def index(self, format='html'): """GET /repos_groups: All items in the collection""" # url('repos_groups') group_iter = GroupList(RepoGroup.query().all(), perm_set=['group.admin']) sk = lambda g: g.parents[0].group_name if g.parents else g.group_name c.groups = sorted(group_iter, key=sk) return render('admin/repos_groups/repos_groups_show.html')
def test_update_group_parent(self): sg1 = fixture.create_repo_group('test1/initial') _update_group(sg1.group_id, 'after', parent_id=self.g1.group_id) assert self.__check_path('test1', 'after') assert RepoGroup.get_by_group_name('test1/initial') is None _update_group(sg1.group_id, 'after', parent_id=self.g3.group_id) assert self.__check_path('test3', 'after') assert RepoGroup.get_by_group_name('test3/initial') is None new_sg1 = _update_group(sg1.group_id, 'hello') assert self.__check_path('hello') assert RepoGroup.get_by_group_name('hello') == new_sg1
def permissions_setup_func(group_name='g0', perm='group.read', recursive='all', user_id=None): """ Resets all permissions to perm attribute """ if not user_id: user_id = test_u1_id # called by the @with_setup decorator also reset the default user stuff permissions_setup_func(group_name, perm, recursive, user_id=User.get_default_user().user_id) # TODO: DRY, compare test_user_group:permissions_setup_func repo_group = RepoGroup.get_by_group_name(group_name=group_name) if not repo_group: raise Exception('Cannot get group %s' % group_name) perm_updates = [[user_id, perm, 'user']] RepoGroupModel().update_permissions(repo_group, perm_updates=perm_updates, recursive=recursive, check_perms=False) Session().commit()
def __load_data(self, group_id): """ Load defaults settings for edit, and update :param group_id: """ self.__load_defaults() repo_group = RepoGroup.get(group_id) data = repo_group.get_dict() data['group_name'] = repo_group.name # fill repository users for p in repo_group.repo_group_to_perm: data.update( {'u_perm_%s' % p.user.username: p.permission.permission_name}) # fill repository groups for p in repo_group.users_group_to_perm: data.update({ 'g_perm_%s' % p.users_group.users_group_name: p.permission.permission_name }) return data
def update(self, id): """PUT /repos_groups/id: Update an existing item""" # Forms posted to this method should contain a hidden field: # <input type="hidden" name="_method" value="PUT" /> # Or using helpers: # h.form(url('repos_group', id=ID), # method='put') # url('repos_group', id=ID) self.__load_defaults() c.repos_group = RepoGroup.get(id) repos_group_form = ReposGroupForm( edit=True, old_data=c.repos_group.get_dict(), available_groups=c.repo_groups_choices )() try: form_result = repos_group_form.to_python(dict(request.POST)) ReposGroupModel().update(id, form_result) Session().commit() h.flash(_('updated repos group %s') \ % form_result['group_name'], category='success') #TODO: in future action_logger(, '', '', '', self.sa) except formencode.Invalid, errors: return htmlfill.render( render('admin/repos_groups/repos_groups_edit.html'), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8")
def test_update_group_parent(self): sg1 = fixture.create_group("initial", group_parent_id=self.g1.group_id) new_sg1 = _update_group(sg1.group_id, "after", parent_id=self.g1.group_id) self.assertTrue(self.__check_path("test1", "after")) self.assertEqual(RepoGroup.get_by_group_name("test1/initial"), None) new_sg1 = _update_group(sg1.group_id, "after", parent_id=self.g3.group_id) self.assertTrue(self.__check_path("test3", "after")) self.assertEqual(RepoGroup.get_by_group_name("test3/initial"), None) new_sg1 = _update_group(sg1.group_id, "hello") self.assertTrue(self.__check_path("hello")) self.assertEqual(RepoGroup.get_by_group_name("hello"), new_sg1)
def __load_data(self, group_id): """ Load defaults settings for edit, and update :param group_id: """ repo_group = RepoGroup.get_or_404(group_id) data = repo_group.get_dict() data['group_name'] = repo_group.name # fill owner if repo_group.user: data.update({'user': repo_group.user.username}) else: replacement_user = User.get_first_super_admin().username data.update({'user': replacement_user}) # fill repository group users for p in repo_group.repo_group_to_perm: data.update( {'u_perm_%s' % p.user.user_id: p.permission.permission_name}) # fill repository group user groups for p in repo_group.users_group_to_perm: data.update({ 'g_perm_%s' % p.users_group.users_group_id: p.permission.permission_name }) # html and form expects -1 as empty parent group data['group_parent_id'] = data['group_parent_id'] or -1 return data
def test_update_group_parent(self): sg1 = _make_group('initial', parent_id=self.g1.group_id) new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g1.group_id) self.assertTrue(self.__check_path('test1', 'after')) self.assertEqual(RepoGroup.get_by_group_name('test1/initial'), None) new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g3.group_id) self.assertTrue(self.__check_path('test3', 'after')) self.assertEqual(RepoGroup.get_by_group_name('test3/initial'), None) new_sg1 = self.__update_group(sg1.group_id, 'hello') self.assertTrue(self.__check_path('hello')) self.assertEqual(RepoGroup.get_by_group_name('hello'), new_sg1)
def get_repos_groups(self, all_groups=None): if all_groups is None: all_groups = RepoGroup.query()\ .filter(RepoGroup.group_parent_id == None).all() group_iter = GroupList(all_groups) return group_iter
def update(self, repo, **kwargs): try: cur_repo = self._get_repo(repo) source_repo_name = cur_repo.repo_name if 'user' in kwargs: cur_repo.user = User.get_by_username(kwargs['user']) if 'repo_group' in kwargs: cur_repo.group = RepoGroup.get(kwargs['repo_group']) log.debug('Updating repo %s with params:%s', cur_repo, kwargs) update_keys = [(1, 'repo_enable_downloads'), (1, 'repo_description'), (1, 'repo_enable_locking'), (1, 'repo_landing_rev'), (1, 'repo_private'), (1, 'repo_enable_statistics'), (0, 'clone_uri'), (0, 'fork_id')] for strip, k in update_keys: if k in kwargs: val = kwargs[k] if strip: k = remove_prefix(k, 'repo_') if k == 'clone_uri': from rhodecode.model.validators import Missing _change = kwargs.get('clone_uri_change') if _change in [Missing, 'OLD']: # we don't change the value, so use original one val = cur_repo.clone_uri setattr(cur_repo, k, val) new_name = cur_repo.get_new_name(kwargs['repo_name']) cur_repo.repo_name = new_name # if private flag is set, reset default permission to NONE if kwargs.get('repo_private'): EMPTY_PERM = 'repository.none' RepoModel().grant_user_permission(repo=cur_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM) # handle extra fields for field in filter(lambda k: k.startswith(RepositoryField.PREFIX), kwargs): k = RepositoryField.un_prefix_key(field) ex_field = RepositoryField.get_by_key_name(key=k, repo=cur_repo) if ex_field: ex_field.field_value = kwargs[field] self.sa.add(ex_field) self.sa.add(cur_repo) if source_repo_name != new_name: # rename repository self._rename_filesystem_repo(old=source_repo_name, new=new_name) return cur_repo except Exception: log.error(traceback.format_exc()) raise
def delete(self, id): """DELETE /repos_groups/id: Delete an existing item""" # Forms posted to this method should contain a hidden field: # <input type="hidden" name="_method" value="DELETE" /> # Or using helpers: # h.form(url('repos_group', id=ID), # method='delete') # url('repos_group', id=ID) gr = RepoGroup.get(id) repos = gr.repositories.all() if repos: h.flash(_('This group contains %s repositores and cannot be ' 'deleted') % len(repos), category='error') return redirect(url('repos_groups')) try: ReposGroupModel().delete(id) Session().commit() h.flash(_('removed repos group %s') % gr.group_name, category='success') #TODO: in future action_logger(, '', '', '', self.sa) except IntegrityError, e: if str(e.message).find('groups_group_parent_id_fkey') != -1: log.error(traceback.format_exc()) h.flash(_('Cannot delete this group it still contains ' 'subgroups'), category='warning') else: log.error(traceback.format_exc()) h.flash(_('error occurred during deletion of repos ' 'group %s') % gr.group_name, category='error')
def show(self, group_name, format='html'): """GET /repos_groups/group_name: Show a specific item""" # url('repos_group', group_name=GROUP_NAME) c.group = c.repos_group = ReposGroupModel()._get_repo_group(group_name) c.group_repos = c.group.repositories.all() #overwrite our cached list with current filter gr_filter = c.group_repos c.repo_cnt = 0 groups = RepoGroup.query().order_by(RepoGroup.group_name)\ .filter(RepoGroup.group_parent_id == c.group.group_id).all() c.groups = self.scm_model.get_repos_groups(groups) c.repos_list = Repository.query()\ .filter(Repository.group_id == c.group.group_id)\ .order_by(func.lower(Repository.repo_name))\ .all() repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list, admin=False) #json used to render the grid c.data = json.dumps(repos_data) return render('admin/repos_groups/repos_groups.html')
def validate_python(self, value, state): gr = RepoGroup.get(value) gr_name = gr.group_name if gr else None # None means ROOT location # create repositories with write permission on group is set to true create_on_write = HasPermissionAny( 'hg.create.write_on_repogroup.true')() group_admin = HasRepoGroupPermissionAny('group.admin')( gr_name, 'can write into group validator') group_write = HasRepoGroupPermissionAny('group.write')( gr_name, 'can write into group validator') forbidden = not (group_admin or (group_write and create_on_write)) can_create_repos = HasPermissionAny( 'hg.admin', 'hg.create.repository') gid = (old_data['repo_group'].get('group_id') if (old_data and 'repo_group' in old_data) else None) value_changed = gid != safe_int(value) new = not old_data # do check if we changed the value, there's a case that someone got # revoked write permissions to a repository, he still created, we # don't need to check permission if he didn't change the value of # groups in form box if value_changed or new: # parent group need to be existing if gr and forbidden: msg = M(self, 'permission_denied', state) raise formencode.Invalid( msg, value, state, error_dict={'repo_type': msg} ) # check if we can write to root location ! elif gr is None and not can_create_repos(): msg = M(self, 'permission_denied_root', state) raise formencode.Invalid( msg, value, state, error_dict={'repo_type': msg} )
def delete(self, id): """DELETE /repos_groups/id: Delete an existing item""" # Forms posted to this method should contain a hidden field: # <input type="hidden" name="_method" value="DELETE" /> # Or using helpers: # h.form(url('repos_group', id=ID), # method='delete') # url('repos_group', id=ID) gr = RepoGroup.get(id) repos = gr.repositories.all() if repos: h.flash(_('This group contains %s repositores and cannot be ' 'deleted' % len(repos)), category='error') return redirect(url('repos_groups')) try: ReposGroupModel().delete(id) Session.commit() h.flash(_('removed repos group %s' % gr.group_name), category='success') #TODO: in future action_logger(, '', '', '', self.sa) except IntegrityError, e: if e.message.find('groups_group_parent_id_fkey') != -1: log.error(traceback.format_exc()) h.flash(_('Cannot delete this group it still contains ' 'subgroups'), category='warning') else: log.error(traceback.format_exc()) h.flash(_('error occurred during deletion of repos ' 'group %s' % gr.group_name), category='error')
def validate_python(self, value, state): repo_name = value.get("repo_name") repo_name_full = value.get("repo_name_full") group_path = value.get("group_path") group_name = value.get("group_name") if repo_name in [ADMIN_PREFIX, ""]: msg = M(self, "invalid_repo_name", state, repo=repo_name) raise formencode.Invalid(msg, value, state, error_dict=dict(repo_name=msg)) rename = old_data.get("repo_name") != repo_name_full create = not edit if rename or create: if group_path != "": if Repository.get_by_repo_name(repo_name_full): msg = M(self, "repository_in_group_exists", state, repo=repo_name, group=group_name) raise formencode.Invalid(msg, value, state, error_dict=dict(repo_name=msg)) elif RepoGroup.get_by_group_name(repo_name_full): msg = M(self, "same_group_exists", state, repo=repo_name) raise formencode.Invalid(msg, value, state, error_dict=dict(repo_name=msg)) elif Repository.get_by_repo_name(repo_name_full): msg = M(self, "repository_exists", state, repo=repo_name) raise formencode.Invalid(msg, value, state, error_dict=dict(repo_name=msg)) return value
def update(self, id): """PUT /repos_groups/id: Update an existing item""" # Forms posted to this method should contain a hidden field: # <input type="hidden" name="_method" value="PUT" /> # Or using helpers: # h.form(url('repos_group', id=ID), # method='put') # url('repos_group', id=ID) self.__load_defaults() c.repos_group = RepoGroup.get(id) repos_group_form = ReposGroupForm( edit=True, old_data=c.repos_group.get_dict(), available_groups=c.repo_groups_choices)() try: form_result = repos_group_form.to_python(dict(request.POST)) ReposGroupModel().update(id, form_result) Session.commit() h.flash(_('updated repos group %s') \ % form_result['group_name'], category='success') #TODO: in futureaction_logger(, '', '', '', self.sa) except formencode.Invalid, errors: return htmlfill.render( render('admin/repos_groups/repos_groups_edit.html'), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8")
def edit_advanced(self, user_id): user_id = safe_int(user_id) user = c.user = User.get_or_404(user_id) if user.username == User.DEFAULT_USER: h.flash(_("You can't edit this user"), category='warning') return redirect(url('users')) c.active = 'advanced' c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr) c.personal_repo_group = RepoGroup.get_by_group_name(user.username) c.first_admin = User.get_first_super_admin() defaults = user.get_dict() # Interim workaround if the user participated on any pull requests as a # reviewer. has_review = bool(PullRequestReviewers.query().filter( PullRequestReviewers.user_id == user_id).first()) c.can_delete_user = not has_review c.can_delete_user_message = _( 'The user participates as reviewer in pull requests and ' 'cannot be deleted. You can set the user to ' '"inactive" instead of deleting it.') if has_review else '' return htmlfill.render(render('admin/users/user_edit.html'), defaults=defaults, encoding="UTF-8", force_defaults=False)
def create_personal_repo_group(self, user_id): """ Create personal repository group for this user :param user_id: """ from rhodecode.model.repo_group import RepoGroupModel user_id = safe_int(user_id) c.user = User.get_or_404(user_id) try: desc = RepoGroupModel.PERSONAL_GROUP_DESC % { 'username': c.user.username } if not RepoGroup.get_by_group_name(c.user.username): RepoGroupModel().create(group_name=c.user.username, group_description=desc, owner=c.user.username) msg = _('Created repository group `%s`' % (c.user.username, )) h.flash(msg, category='success') except Exception: log.exception("Exception during repository group creation") msg = _( 'An error occurred during repository group creation for user') h.flash(msg, category='error') return redirect(url('edit_user_advanced', user_id=user_id))
def test_subgrouping_with_repo(self): g1 = _make_group('g1') g2 = _make_group('g2') # create new repo form_data = _get_repo_create_params(repo_name='john') cur_user = User.get_by_username(TEST_USER_ADMIN_LOGIN) r = RepoModel().create(form_data, cur_user) self.assertEqual(r.repo_name, 'john') # put repo into group form_data = form_data form_data['repo_group'] = g1.group_id form_data['perms_new'] = [] form_data['perms_updates'] = [] RepoModel().update(r.repo_name, **form_data) self.assertEqual(r.repo_name, 'g1/john') self.__update_group(g1.group_id, 'g1', parent_id=g2.group_id) self.assertTrue(self.__check_path('g2', 'g1')) # test repo self.assertEqual(r.repo_name, RepoGroup.url_sep().join(['g2', 'g1', r.just_name]))
def __load_defaults(self): c.repo_groups = RepoGroup.groups_choices() c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) repo_model = RepoModel() c.users_array = repo_model.get_users_js() c.users_groups_array = repo_model.get_users_groups_js()
def validate_python(self, value, state): # TODO WRITE VALIDATIONS group_name = value.get('group_name') group_parent_id = value.get('group_parent_id') # slugify repo group just in case :) slug = repo_name_slug(group_name) # check for parent of self parent_of_self = lambda: ( old_data['group_id'] == int(group_parent_id) if group_parent_id else False ) if edit and parent_of_self(): msg = M(self, 'group_parent_id', state) raise formencode.Invalid(msg, value, state, error_dict=dict(group_parent_id=msg) ) old_gname = None if edit: old_gname = RepoGroup.get(old_data.get('group_id')).group_name if old_gname != group_name or not edit: # check group gr = RepoGroup.query()\ .filter(RepoGroup.group_name == slug)\ .filter(RepoGroup.group_parent_id == group_parent_id)\ .scalar() if gr: msg = M(self, 'group_exists', state, group_name=slug) raise formencode.Invalid(msg, value, state, error_dict=dict(group_name=msg) ) # check for same repo repo = Repository.query()\ .filter(Repository.repo_name == slug)\ .scalar() if repo: msg = M(self, 'repo_exists', state, group_name=slug) raise formencode.Invalid(msg, value, state, error_dict=dict(group_name=msg) )
def delete(self, users_group_id): try: users_group = RepoGroup.get(users_group_id) self.sa.delete(users_group) self.__delete_group(users_group) except: log.error(traceback.format_exc()) raise
def show_by_name(self, group_name): """ This is a proxy that does a lookup group_name -> id, and shows the group by id view instead """ group_name = group_name.rstrip('/') id_ = RepoGroup.get_by_group_name(group_name).group_id return self.show(id_)
def _make_group(path, desc='desc', parent_id=None, skip_if_exists=False): gr = RepoGroup.get_by_group_name(path) if gr and skip_if_exists: return gr gr = ReposGroupModel().create(path, desc, parent_id) return gr
def __load_defaults(self): c.repo_groups = RepoGroup.groups_choices(check_perms=True) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) repo_model = RepoModel() c.users_array = repo_model.get_users_js() c.users_groups_array = repo_model.get_users_groups_js() choices, c.landing_revs = ScmModel().get_repo_landing_revs() c.landing_revs_choices = choices
def __load_defaults(self, allow_empty_group=False, exclude_group_ids=[]): if HasPermissionAll('hg.admin')('group edit'): #we're global admin, we're ok and we can create TOP level groups allow_empty_group = True #override the choices for this form, we need to filter choices #and display only those we have ADMIN right groups_with_admin_rights = RepoGroupList(RepoGroup.query().all(), perm_set=['group.admin']) c.repo_groups = RepoGroup.groups_choices(groups=groups_with_admin_rights, show_empty_group=allow_empty_group) # exclude filtered ids c.repo_groups = filter(lambda x: x[0] not in exclude_group_ids, c.repo_groups) c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) repo_model = RepoModel() c.users_array = repo_model.get_users_js() c.users_groups_array = repo_model.get_users_groups_js()