def add_user_to_group(self, user_name, group_name, validate=True): """ Adds user to group. :param str user_name: User name :param str group_name: Group name :param bool validate: Validate the permission group has no too much or little permissions :raises InvalidPermissionsState: If cannot add user :raises DatabaseError: Query failure """ # Test if we can add the user ug = self.get_all_user_groups() + [(user_name, group_name)] if validate: self.is_valid_group_members(user_groups=ug) userstore = get_userstore() user = userstore.getUser(user_name) if not user: from multiproject.core.auth.auth import Authentication auth = Authentication() auth.sync_user(user_name) user = userstore.getUser(user_name) if not user: raise InvalidPermissionsState('Unknown user %s' % user_name) # Create group if it doesn't exist group_name = group_name.encode('utf-8') group_id = self.get_group_id(group_name) if group_id is None: conf.log.info('Creating permission group: %s' % group_name) self.create_group(group_name) group_id = self.get_group_id(group_name) self._cache.clear_user_groups(self.trac_environment_key) with admin_query() as cursor: try: cursor.callproc("add_user_to_group", [user.id, group_id]) # User already exists in the group except MySQLdb.IntegrityError: conf.log.warning('User %s already exists in group: %s' % (user_name, group_name)) self.follow_project(user_name, group_name)
def add_user_to_group(self, user_name, group_name): """ Adds user to group. Updates the published time of the project accordingly. :param str user_name: User name :param str group_name: Group name :raises InvalidPermissionsState: If cannot add user :raises DatabaseError: Query failure """ # Test if we can add the user ug = self.get_all_user_groups() + [(user_name, group_name)] self.is_valid_group_members(user_groups=ug) userstore = get_userstore() user = userstore.getUser(user_name) if not user: from multiproject.core.auth.auth import Authentication auth = Authentication() auth.sync_user(user_name) user = userstore.getUser(user_name) if not user: raise InvalidPermissionsState('Unknown user %s' % user_name) # Create group if it doesn't exist group_name = group_name.encode('utf-8') group_id = self.get_group_id(group_name) if group_id is None: self.create_group(group_name) group_id = self.get_group_id(group_name) self._cache.clear_user_groups(self.trac_environment_key) with admin_query() as cursor: cursor.callproc("add_user_to_group", [user.id, group_id]) self._update_published_time()
def _add_user(self, req, group_store, membership, username=None): """ :param req: Request :param group_store: CQDEUserGroupStore :param membership: Membership API :param username: Override username from the request """ req.perm.require("PERMISSION_GRANT") if username is None: username = req.args.get("member") group = req.args.get("group") if not username or not group: raise TracError("Invalid arguments while adding user") # Get/check if user exists auth = Authentication() username = auth.get_trac_username(username) # check if already exists if username in [e[0] for e in group_store.get_all_user_groups() if e[1] == group]: add_warning(req, _("User %(user)s already exists in the group %(group)s", group=group, user=username)) return # User does not yet exists in multiproject database => retrieve and create user from authentication backend(s) if not username: # Create user using authentication backends and sync functionality if not auth.sync_user(username): # Show warning with possibility to create a local user - if user has enough permissions. # Otherwise give traditional user cannot be found error home_perm = PermissionCache(env=self.conf.home_env, username=req.authname) if "USER_CREATE" in home_perm: link = Href(self.conf.url_home_path)( "admin/users/create_local", {"goto": req.abs_href(req.path_info)} ) create_link = Markup('<a href="%s">%s</a>' % (link, _("create a local user?"))) add_warning( req, _('User "%(username)s" can not be found. Check name or ', username=username) + create_link ) else: add_warning( req, _('User "%(username)s" can not be found. Please check the name.', username=username) ) return add_notice(req, _("Added user %s to service" % username)) # Now, retrieve the username again username = auth.get_trac_username(username) # when adding to normal project, accept possible membership requests if membership is not None: # If adding user in group it means that membership is accepted if username in membership.get_membership_requests(): membership.accept_membership(username) add_notice(req, _("Membership request has been accepted for %(who)s.", who=username)) try: group_store.add_user_to_group(username, group) add_notice(req, _("User %(who)s has been added to group %(where)s.", who=username, where=group)) except InvalidPermissionsState, e: add_warning( req, _( "User %(who)s cannot be added to group %(where)s. %(reason)s", who=username, where=group, reason=e.message, ), )
def _add_user(self, req, group_store, membership, username=None): """ :param req: Request :param group_store: CQDEUserGroupStore :param membership: Membership API :param username: Override username from the request """ req.perm.require('PERMISSION_GRANT') if username is None: username = req.args.get('member') group = req.args.get('group') if not username or not group: raise TracError('Invalid arguments while adding user') # Get/check if user exists auth = Authentication() username = auth.get_trac_username(username) # check if already exists if username in [ e[0] for e in group_store.get_all_user_groups() if e[1] == group ]: add_warning( req, _('User %(user)s already exists in the group %(group)s', group=group, user=username)) return # User does not yet exists in multiproject database => retrieve and create user from authentication backend(s) if not username: username = req.args.get('member') # Create user using authentication backends and sync functionality if not auth.sync_user(username): # Show warning with possibility to create a local user - if user has enough permissions. # Otherwise give traditional user cannot be found error home_perm = PermissionCache(env=self.conf.home_env, username=req.authname) if 'USER_CREATE' in home_perm: link = Href(self.conf.url_home_path)( 'admin/users/create_local', { 'goto': req.abs_href(req.path_info) }) create_link = Markup('<a href="%s">%s</a>' % (link, _('create a local user?'))) add_warning( req, _('User "%(username)s" can not be found. Check name or ', username=username) + create_link) else: add_warning( req, _('User "%(username)s" can not be found. Please check the name.', username=username)) return add_notice(req, _('Added user %s to service' % username)) # Now, retrieve the username again username = auth.get_trac_username(username) # when adding to normal project, accept possible membership requests if membership is not None: # If adding user in group it means that membership is accepted if username in membership.get_membership_requests(): membership.accept_membership(username) add_notice( req, _('Membership request has been accepted for %(who)s.', who=username)) try: group_store.add_user_to_group(username, group) add_notice( req, _('User %(who)s has been added to group %(where)s.', who=username, where=group)) except InvalidPermissionsState, e: add_warning( req, _('User %(who)s cannot be added to group %(where)s. %(reason)s', who=username, where=group, reason=e.message))