def addpermission(self, req, repos):
name = req.post.get('name')
type = req.post.get('type')
path = req.post.get('path')
vcs_type = repos.vcs_type
default_perm = ''
if vcs_type == "git":
if path != "/":
default_perm = "w"
else:
default_perm = "r"
if type == 'group':
name = name.lower()
try:
group.Group(name)
except UnknownGroupError as e:
import re
if re.findall('[^a-zA-Z0-9_-]', name):
return XMLStatusResponse(
'addPermission', False,
'Invalid characters in groupname %s' % name)
group.add(name)
permissions.add(repos.name, repos.vcs_type, path, name, type,
default_perm)
if not repos.has_path_permissions:
path = path.lstrip('/')
return XMLStatusResponse('addPermission', True,
('User', 'Group')[type == 'group'] +
' %s added to path %s' % (name, path))
def testSaveNotificationsNonAdminAllowed(self):
"""First set allowed as admin, then set enabled as user"""
self.addRepository("repos", "svn") # otherwise, we cannot add notifications
permissions.add("repos", "svn", "/", self.u.name, "user", "r")
self.u.set_notifications([{"name": "repos", "vcs": "svn", "enabled": True}], self.u)
notifications = self.u.notifications()
self.assertTrue(notifications["repos"]["enabled"])
def testNotificationWithEmptyGroupPermission(self):
self.addRepository("repos", "svn")
group.add("untrusted")
untrusted = group.Group("untrusted")
untrusted.add_member(self.u)
permissions.add("repos", "svn", "/", "untrusted", "group", "")
self.assertRaises(
UserPermissionError, self.u.set_notifications, [{"name": "repos", "vcs": "svn", "enabled": True}], self.u
)
n = self.u.notifications()
self.assertEquals(n, {})
def addpermission(self, req, repos):
name = req.post.get('name')
type = req.post.get('type')
path = req.post.get('path')
vcs_type = repos.vcs_type
default_perm = ''
if vcs_type == "git":
if path != "/":
default_perm = "w"
else:
default_perm = "r"
permissions.add(repos.name, repos.vcs_type, path, name,
type, default_perm)
if not repos.has_path_permissions:
path = path.lstrip('/')
return XMLStatusResponse('addPermission', True, ('User', 'Group')[type == 'group'] + ' %s added to path %s' % (name, path))
def addpermission(self, req, repos):
name = req.post.get('name')
type = req.post.get('type')
path = req.post.get('path')
vcs_type = repos.vcs_type
default_perm = ''
if vcs_type == "git":
if path != "/":
default_perm = "w"
else:
default_perm = "r"
permissions.add(repos.name, repos.vcs_type, path, name, type,
default_perm)
if not repos.has_path_permissions:
path = path.lstrip('/')
return XMLStatusResponse('addPermission', True,
('User', 'Group')[type == 'group'] +
' %s added to path %s' % (name, path))
def write_permissions(self, config):
from submin.models import permissions
# get filename
authz_file = config.get('svn', 'authz_file')
# read file
cp = self.read_ini(authz_file)
from submin.models.repository import DoesNotExistError
# get all sections
for section in cp.sections():
if section == 'groups':
continue
repository = ''
path = ''
if ':' in section:
repository, path = section.split(':', 2)
for name in cp.options(section):
permission = cp.get(section, name)
if name[0] == '@':
name_type = 'group'
name = name[1:]
elif name == '*':
name_type = 'all'
else:
name_type = 'user'
try:
permissions.add(repository, "svn", path, name, name_type,
permission)
except DoesNotExistError:
print(
"Could not add permissions for repository %s, skipping"
% repository)
def write_permissions(self, config):
from submin.models import permissions
# get filename
authz_file = config.get('svn', 'authz_file')
# read file
cp = self.read_ini(authz_file)
from submin.models.repository import DoesNotExistError
# get all sections
for section in cp.sections():
if section == 'groups':
continue
repository = ''
path = ''
if ':' in section:
repository, path = section.split(':', 2)
for name in cp.options(section):
permission = cp.get(section, name)
if name[0] == '@':
name_type = 'group'
name = name[1:]
elif name == '*':
name_type = 'all'
else:
name_type = 'user'
try:
permissions.add(repository, "svn", path, name,
name_type, permission)
except DoesNotExistError:
print "Could not add permissions for repository %s, skipping" % repository
def testListRepositoriesAll(self):
"""Test listRepositories, which checks for valid permissions of repositories"""
self._createRepos([x['name'] for x in self.repositories])
mock_admin = Mock()
mock_admin.is_admin = True
u = user.add('bar', '[email protected]', send_mail=False)
g = group.add('baz') # no members in this group
g = group.add('quux')
g.add_member(u)
permissions.add('foo', 'svn', '/', 'bar', 'user', 'r')
permissions.add('subdirs', 'svn', '/trunk', 'quux', 'group', 'rw')
# 'bar' is not part of group 'baz', so 'example' should not be listed
permissions.add('example', 'svn', '/', 'baz', 'group', 'r')
result = repository.Repository.list(u)
copy = self.repositories[:]
copy = sorted([d for d in self.repositories if d.get('name') == 'foo' or d.get('name') == 'subdirs'])
self.assertEquals(result, copy)
def testListRepositoriesAll(self):
"""Test listRepositories, which checks for valid permissions of repositories"""
self._createRepos([x['name'] for x in self.repositories])
mock_admin = Mock()
mock_admin.is_admin = True
u = user.add('bar', '[email protected]', send_mail=False)
g = group.add('baz') # no members in this group
g = group.add('quux')
g.add_member(u)
permissions.add('foo', 'svn', '/', 'bar', 'user', 'r')
permissions.add('subdirs', 'svn', '/trunk', 'quux', 'group', 'rw')
# 'bar' is not part of group 'baz', so 'example' should not be listed
permissions.add('example', 'svn', '/', 'baz', 'group', 'r')
result = repository.Repository.list(u)
copy = self.repositories[:]
copy = sorted([
d for d in self.repositories
if d.get('name') == 'foo' or d.get('name') == 'subdirs'
])
self.assertEquals(result, copy)
for member in members:
try:
correct_group.add_member(user.User(member))
verboseprint("Added %s to group %s" %
(member, correct_groupname))
except MemberExistsError:
verboseprint("User %s is already a member of group %s" %
(member, correct_groupname))
params = [
permission_by_group['repository'], permission_by_group['vcs'],
permission_by_group['path'], correct_groupname, 'group',
permission_by_group['permission']
]
try:
permissions.add(*params)
verboseprint("Added permission for group %s" % correct_groupname)
except storage.SQLIntegrityError:
permissions.change(*params)
verboseprint("Changed permission for group %s" % correct_groupname)
except DoesNotExistError as e:
verboseprint("Path %s does not exist" % e)
permissions.remove(permission_by_group['repository'],
permission_by_group['vcs'],
permission_by_group['path'], groupname, 'group')
verboseprint("Removed permission for group %s" % groupname)
if not match and last:
old_group.remove()
verboseprint("Removed group %s" % groupname)
def testNotificationWithEmptyPermission(self):
self.addRepository("repos", "svn")
permissions.add("repos", "svn", "/", self.u.name, "user", "")
self.assertRaises(
UserPermissionError, self.u.set_notifications, [{"name": "repos", "vcs": "svn", "enabled": True}], self.u
)
