def has_perm(self, users_group, perm): users_group = self.__get_users_group(users_group) perm = self.__get_perm(perm) return UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == users_group)\ .filter(UsersGroupToPerm.permission == perm).scalar() is not None
def grant_perm(self, users_group, perm): users_group = self.__get_users_group(users_group) perm = self._get_perm(perm) # if this permission is already granted skip it _perm = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == users_group)\ .filter(UsersGroupToPerm.permission == perm)\ .scalar() if _perm: return new = UsersGroupToPerm() new.users_group = users_group new.permission = perm self.sa.add(new)
def test_enable_repository_read_on_group(self): self.log_user() users_group_name = TEST_USERS_GROUP + 'another2' response = self.app.post(url('users_groups'), {'users_group_name': users_group_name, 'active':True}) response.follow() ug = UsersGroup.get_by_group_name(users_group_name) self.checkSessionFlash(response, 'created users group %s' % users_group_name) response = self.app.put(url('users_group_perm', id=ug.users_group_id), {'create_repo_perm': True}) response.follow() ug = UsersGroup.get_by_group_name(users_group_name) p = Permission.get_by_key('hg.create.repository') # check if user has this perm perms = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == ug).all() perms = [[x.__dict__['users_group_id'], x.__dict__['permission_id'],] for x in perms] self.assertEqual( perms, [[ug.users_group_id, p.permission_id]] ) # DELETE ! ug = UsersGroup.get_by_group_name(users_group_name) ugid = ug.users_group_id response = self.app.delete(url('users_group', id=ug.users_group_id)) response = response.follow() gr = self.Session.query(UsersGroup)\ .filter(UsersGroup.users_group_name == users_group_name).scalar() self.assertEqual(gr, None) p = Permission.get_by_key('hg.create.repository') perms = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group_id == ugid).all() perms = [[x.__dict__['users_group_id'], x.__dict__['permission_id'],] for x in perms] self.assertEqual( perms, [] )
def revoke_perm(self, users_group, perm): users_group = self.__get_users_group(users_group) perm = self.__get_perm(perm) obj = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == users_group)\ .filter(UsersGroupToPerm.permission == perm).scalar() if obj: self.sa.delete(obj)
def grant_perm(self, users_group, perm): if not isinstance(perm, Permission): raise Exception('perm needs to be an instance of Permission class') users_group = self.__get_users_group(users_group) # if this permission is already granted skip it _perm = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == users_group)\ .filter(UsersGroupToPerm.permission == perm)\ .scalar() if _perm: return new = UsersGroupToPerm() new.users_group = users_group new.permission = perm self.sa.add(new)
def test_enable_repository_read_on_group(self): self.log_user() users_group_name = TEST_USERS_GROUP + 'another2' response = self.app.post(url('users_groups'), {'users_group_name': users_group_name, 'active': True}) response.follow() ug = UsersGroup.get_by_group_name(users_group_name) self.checkSessionFlash(response, 'created users group %s' % users_group_name) ## ENABLE REPO CREATE ON A GROUP response = self.app.put(url('users_group_perm', id=ug.users_group_id), {'create_repo_perm': True}) response.follow() ug = UsersGroup.get_by_group_name(users_group_name) p = Permission.get_by_key('hg.create.repository') p2 = Permission.get_by_key('hg.fork.none') # check if user has this perms, they should be here since # defaults are on perms = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == ug).all() self.assertEqual( [[x.users_group_id, x.permission_id, ] for x in perms], [[ug.users_group_id, p.permission_id], [ug.users_group_id, p2.permission_id]] ) ## DISABLE REPO CREATE ON A GROUP response = self.app.put(url('users_group_perm', id=ug.users_group_id), {}) response.follow() ug = UsersGroup.get_by_group_name(users_group_name) p = Permission.get_by_key('hg.create.none') p2 = Permission.get_by_key('hg.fork.none') # check if user has this perms, they should be here since # defaults are on perms = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group == ug).all() self.assertEqual( sorted([[x.users_group_id, x.permission_id, ] for x in perms]), sorted([[ug.users_group_id, p.permission_id], [ug.users_group_id, p2.permission_id]]) ) # DELETE ! ug = UsersGroup.get_by_group_name(users_group_name) ugid = ug.users_group_id response = self.app.delete(url('users_group', id=ug.users_group_id)) response = response.follow() gr = self.Session.query(UsersGroup)\ .filter(UsersGroup.users_group_name == users_group_name).scalar() self.assertEqual(gr, None) p = Permission.get_by_key('hg.create.repository') perms = UsersGroupToPerm.query()\ .filter(UsersGroupToPerm.users_group_id == ugid).all() perms = [[x.users_group_id, x.permission_id, ] for x in perms] self.assertEqual( perms, [] )