def addpermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') vcs_type = repos.vcs_type default_perm = '' if vcs_type == "git": if path != "/": default_perm = "w" else: default_perm = "r" if type == 'group': name = name.lower() try: group.Group(name) except UnknownGroupError as e: import re if re.findall('[^a-zA-Z0-9_-]', name): return XMLStatusResponse( 'addPermission', False, 'Invalid characters in groupname %s' % name) group.add(name) permissions.add(repos.name, repos.vcs_type, path, name, type, default_perm) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse('addPermission', True, ('User', 'Group')[type == 'group'] + ' %s added to path %s' % (name, path))
def testSaveNotificationsNonAdminAllowed(self): """First set allowed as admin, then set enabled as user""" self.addRepository("repos", "svn") # otherwise, we cannot add notifications permissions.add("repos", "svn", "/", self.u.name, "user", "r") self.u.set_notifications([{"name": "repos", "vcs": "svn", "enabled": True}], self.u) notifications = self.u.notifications() self.assertTrue(notifications["repos"]["enabled"])
def testNotificationWithEmptyGroupPermission(self): self.addRepository("repos", "svn") group.add("untrusted") untrusted = group.Group("untrusted") untrusted.add_member(self.u) permissions.add("repos", "svn", "/", "untrusted", "group", "") self.assertRaises( UserPermissionError, self.u.set_notifications, [{"name": "repos", "vcs": "svn", "enabled": True}], self.u ) n = self.u.notifications() self.assertEquals(n, {})
def addpermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') vcs_type = repos.vcs_type default_perm = '' if vcs_type == "git": if path != "/": default_perm = "w" else: default_perm = "r" permissions.add(repos.name, repos.vcs_type, path, name, type, default_perm) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse('addPermission', True, ('User', 'Group')[type == 'group'] + ' %s added to path %s' % (name, path))
def write_permissions(self, config): from submin.models import permissions # get filename authz_file = config.get('svn', 'authz_file') # read file cp = self.read_ini(authz_file) from submin.models.repository import DoesNotExistError # get all sections for section in cp.sections(): if section == 'groups': continue repository = '' path = '' if ':' in section: repository, path = section.split(':', 2) for name in cp.options(section): permission = cp.get(section, name) if name[0] == '@': name_type = 'group' name = name[1:] elif name == '*': name_type = 'all' else: name_type = 'user' try: permissions.add(repository, "svn", path, name, name_type, permission) except DoesNotExistError: print( "Could not add permissions for repository %s, skipping" % repository)
def write_permissions(self, config): from submin.models import permissions # get filename authz_file = config.get('svn', 'authz_file') # read file cp = self.read_ini(authz_file) from submin.models.repository import DoesNotExistError # get all sections for section in cp.sections(): if section == 'groups': continue repository = '' path = '' if ':' in section: repository, path = section.split(':', 2) for name in cp.options(section): permission = cp.get(section, name) if name[0] == '@': name_type = 'group' name = name[1:] elif name == '*': name_type = 'all' else: name_type = 'user' try: permissions.add(repository, "svn", path, name, name_type, permission) except DoesNotExistError: print "Could not add permissions for repository %s, skipping" % repository
def testListRepositoriesAll(self): """Test listRepositories, which checks for valid permissions of repositories""" self._createRepos([x['name'] for x in self.repositories]) mock_admin = Mock() mock_admin.is_admin = True u = user.add('bar', '[email protected]', send_mail=False) g = group.add('baz') # no members in this group g = group.add('quux') g.add_member(u) permissions.add('foo', 'svn', '/', 'bar', 'user', 'r') permissions.add('subdirs', 'svn', '/trunk', 'quux', 'group', 'rw') # 'bar' is not part of group 'baz', so 'example' should not be listed permissions.add('example', 'svn', '/', 'baz', 'group', 'r') result = repository.Repository.list(u) copy = self.repositories[:] copy = sorted([d for d in self.repositories if d.get('name') == 'foo' or d.get('name') == 'subdirs']) self.assertEquals(result, copy)
def testListRepositoriesAll(self): """Test listRepositories, which checks for valid permissions of repositories""" self._createRepos([x['name'] for x in self.repositories]) mock_admin = Mock() mock_admin.is_admin = True u = user.add('bar', '[email protected]', send_mail=False) g = group.add('baz') # no members in this group g = group.add('quux') g.add_member(u) permissions.add('foo', 'svn', '/', 'bar', 'user', 'r') permissions.add('subdirs', 'svn', '/trunk', 'quux', 'group', 'rw') # 'bar' is not part of group 'baz', so 'example' should not be listed permissions.add('example', 'svn', '/', 'baz', 'group', 'r') result = repository.Repository.list(u) copy = self.repositories[:] copy = sorted([ d for d in self.repositories if d.get('name') == 'foo' or d.get('name') == 'subdirs' ]) self.assertEquals(result, copy)
for member in members: try: correct_group.add_member(user.User(member)) verboseprint("Added %s to group %s" % (member, correct_groupname)) except MemberExistsError: verboseprint("User %s is already a member of group %s" % (member, correct_groupname)) params = [ permission_by_group['repository'], permission_by_group['vcs'], permission_by_group['path'], correct_groupname, 'group', permission_by_group['permission'] ] try: permissions.add(*params) verboseprint("Added permission for group %s" % correct_groupname) except storage.SQLIntegrityError: permissions.change(*params) verboseprint("Changed permission for group %s" % correct_groupname) except DoesNotExistError as e: verboseprint("Path %s does not exist" % e) permissions.remove(permission_by_group['repository'], permission_by_group['vcs'], permission_by_group['path'], groupname, 'group') verboseprint("Removed permission for group %s" % groupname) if not match and last: old_group.remove() verboseprint("Removed group %s" % groupname)
def testNotificationWithEmptyPermission(self): self.addRepository("repos", "svn") permissions.add("repos", "svn", "/", self.u.name, "user", "") self.assertRaises( UserPermissionError, self.u.set_notifications, [{"name": "repos", "vcs": "svn", "enabled": True}], self.u )