Exemplo n.º 1
0
    def delete_user(self, apiuser, userid):
        """"
        Deletes an user

        :param apiuser:
        :param userid:
        """
        user = get_user_or_error(userid)

        try:
            UserModel().delete(userid)
            Session().commit()
            return dict(msg='deleted user ID:%s %s' %
                        (user.user_id, user.username),
                        user=None)
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError('failed to delete ID:%s %s' %
                               (user.user_id, user.username))
Exemplo n.º 2
0
    def rescan_repos(self, apiuser, remove_obsolete=Optional(False)):
        """
        Dispatch rescan repositories action. If remove_obsolete is set
        than also delete repos that are in database but not in the filesystem.
        aka "clean zombies"

        :param apiuser:
        :param remove_obsolete:
        """

        try:
            rm_obsolete = Optional.extract(remove_obsolete)
            added, removed = repo2db_mapper(ScmModel().repo_scan(),
                                            remove_obsolete=rm_obsolete)
            return {'added': added, 'removed': removed}
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError(
                'Error occurred during rescan repositories action')
Exemplo n.º 3
0
    def get_user(self, apiuser, userid=Optional(OAttr('apiuser'))):
        """"
        Get a user by username, or userid, if userid is given

        :param apiuser:
        :param userid:
        """
        if not HasPermissionAnyApi('hg.admin')(user=apiuser):
            #make sure normal user does not pass someone else userid,
            #he is not allowed to do that
            if not isinstance(userid, Optional) and userid != apiuser.user_id:
                raise JSONRPCError('userid is not the same as your user')

        if isinstance(userid, Optional):
            userid = apiuser.user_id

        user = get_user_or_error(userid)
        data = user.get_api_data()
        data['permissions'] = AuthUser(user_id=user.user_id).permissions
        return data
Exemplo n.º 4
0
    def get_repo(self, apiuser, repoid):
        """"
        Get repository by name

        :param apiuser:
        :param repoid:
        """
        repo = get_repo_or_error(repoid)

        if HasPermissionAnyApi('hg.admin')(user=apiuser) is False:
            # check if we have admin permission for this repo !
            if HasRepoPermissionAnyApi('repository.admin')(user=apiuser,
                                            repo_name=repo.repo_name) is False:
                raise JSONRPCError('repository `%s` does not exist' % (repoid))

        members = []
        followers = []
        for user in repo.repo_to_perm:
            perm = user.permission.permission_name
            user = user.user
            user_data = user.get_api_data()
            user_data['type'] = "user"
            user_data['permission'] = perm
            members.append(user_data)

        for users_group in repo.users_group_to_perm:
            perm = users_group.permission.permission_name
            users_group = users_group.users_group
            users_group_data = users_group.get_api_data()
            users_group_data['type'] = "users_group"
            users_group_data['permission'] = perm
            members.append(users_group_data)

        for user in repo.followers:
            followers.append(user.user.get_api_data())

        data = repo.get_api_data()
        data['members'] = members
        data['followers'] = followers
        return data
Exemplo n.º 5
0
    def remove_user_from_users_group(self, apiuser, usersgroupid, userid):
        """
        Remove user from a group

        :param apiuser:
        :param usersgroupid:
        :param userid:
        """
        user = get_user_or_error(userid)
        users_group = get_users_group_or_error(usersgroupid)

        try:
            success = UserGroupModel().remove_user_from_group(
                users_group, user)
            msg = 'removed member `%s` from user group `%s`' % (
                user.username, users_group.users_group_name)
            msg = msg if success else "User wasn't in group"
            Session().commit()
            return dict(success=success, msg=msg)
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError('failed to remove member from user group `%s`' %
                               (users_group.users_group_name))
Exemplo n.º 6
0
    def grant_users_group_permission(self, apiuser, repoid, usersgroupid,
                                     perm):
        """
        Grant permission for user group on given repository, or update
        existing one if found

        :param apiuser:
        :param repoid:
        :param usersgroupid:
        :param perm:
        """
        repo = get_repo_or_error(repoid)
        perm = get_perm_or_error(perm)
        users_group = get_users_group_or_error(usersgroupid)

        try:
            RepoModel().grant_users_group_permission(repo=repo,
                                                     group_name=users_group,
                                                     perm=perm)

            Session().commit()
            return dict(
                msg='Granted perm: `%s` for user group: `%s` in '
                    'repo: `%s`' % (
                    perm.permission_name, users_group.users_group_name,
                    repo.repo_name
                ),
                success=True
            )
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError(
                'failed to edit permission for user group: `%s` in '
                'repo: `%s`' % (
                    usersgroupid, repo.repo_name
                )
            )
Exemplo n.º 7
0
    def get_locks(self, apiuser, userid=Optional(OAttr('apiuser'))):
        """
        Get all locks for given userid, if
        this command is runned by non-admin account userid is set to user
        who is calling this method, thus returning locks for himself

        :param apiuser:
        :param userid:
        """
        if HasPermissionAnyApi('hg.admin')(user=apiuser):
            pass
        else:
            #make sure normal user does not pass someone else userid,
            #he is not allowed to do that
            if not isinstance(userid, Optional) and userid != apiuser.user_id:
                raise JSONRPCError(
                    'userid is not the same as your user'
                )
        ret = []
        if isinstance(userid, Optional):
            user = None
        else:
            user = get_user_or_error(userid)

        #show all locks
        for r in Repository.getAll():
            userid, time_ = r.locked
            if time_:
                _api_data = r.get_api_data()
                # if we use userfilter just show the locks for this user
                if user:
                    if safe_int(userid) == user.user_id:
                        ret.append(_api_data)
                else:
                    ret.append(_api_data)

        return ret
Exemplo n.º 8
0
    def add_user_to_users_group(self, apiuser, usersgroupid, userid):
        """"
        Add a user to a user group

        :param apiuser:
        :param usersgroupid:
        :param userid:
        """
        user = get_user_or_error(userid)
        users_group = get_users_group_or_error(usersgroupid)

        try:
            ugm = UserGroupModel().add_user_to_group(users_group, user)
            success = True if ugm != True else False
            msg = 'added member `%s` to user group `%s`' % (
                user.username, users_group.users_group_name)
            msg = msg if success else 'User is already in that group'
            Session().commit()

            return dict(success=success, msg=msg)
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError('failed to add member to user group `%s`' %
                               (users_group.users_group_name))
Exemplo n.º 9
0
    def revoke_users_group_permission(self, apiuser, repoid, usersgroupid):
        """
        Revoke permission for user group on given repository

        :param apiuser:
        :param repoid:
        :param usersgroupid:
        """
        repo = get_repo_or_error(repoid)
        users_group = get_users_group_or_error(usersgroupid)

        try:
            RepoModel().revoke_users_group_permission(repo=repo,
                                                      group_name=users_group)

            Session().commit()
            return dict(msg='Revoked perm for user group: `%s` in repo: `%s`' %
                        (users_group.users_group_name, repo.repo_name),
                        success=True)
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError(
                'failed to edit permission for user group: `%s` in '
                'repo: `%s`' % (users_group.users_group_name, repo.repo_name))
Exemplo n.º 10
0
    def create_repo(self, apiuser, repo_name, owner=Optional(OAttr('apiuser')),
                    repo_type=Optional('hg'),
                    description=Optional(''), private=Optional(False),
                    clone_uri=Optional(None), landing_rev=Optional('tip'),
                    enable_statistics=Optional(False),
                    enable_locking=Optional(False),
                    enable_downloads=Optional(False)):
        """
        Create repository, if clone_url is given it makes a remote clone
        if repo_name is within a group name the groups will be created
        automatically if they aren't present

        :param apiuser:
        :param repo_name:
        :param onwer:
        :param repo_type:
        :param description:
        :param private:
        :param clone_uri:
        :param landing_rev:
        """
        if HasPermissionAnyApi('hg.admin')(user=apiuser) is False:
            if not isinstance(owner, Optional):
                #forbid setting owner for non-admins
                raise JSONRPCError(
                    'Only RhodeCode admin can specify `owner` param'
                )
        if isinstance(owner, Optional):
            owner = apiuser.user_id

        owner = get_user_or_error(owner)

        if RepoModel().get_by_repo_name(repo_name):
            raise JSONRPCError("repo `%s` already exist" % repo_name)

        defs = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True)
        if isinstance(private, Optional):
            private = defs.get('repo_private') or Optional.extract(private)
        if isinstance(repo_type, Optional):
            repo_type = defs.get('repo_type')
        if isinstance(enable_statistics, Optional):
            enable_statistics = defs.get('repo_enable_statistics')
        if isinstance(enable_locking, Optional):
            enable_locking = defs.get('repo_enable_locking')
        if isinstance(enable_downloads, Optional):
            enable_downloads = defs.get('repo_enable_downloads')

        clone_uri = Optional.extract(clone_uri)
        description = Optional.extract(description)
        landing_rev = Optional.extract(landing_rev)

        try:
            # create structure of groups and return the last group
            group = map_groups(repo_name)

            repo = RepoModel().create_repo(
                repo_name=repo_name,
                repo_type=repo_type,
                description=description,
                owner=owner,
                private=private,
                clone_uri=clone_uri,
                repos_group=group,
                landing_rev=landing_rev,
                enable_statistics=enable_statistics,
                enable_downloads=enable_downloads,
                enable_locking=enable_locking
            )

            Session().commit()
            return dict(
                msg="Created new repository `%s`" % (repo.repo_name),
                repo=repo.get_api_data()
            )
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError('failed to create repository `%s`' % repo_name)
Exemplo n.º 11
0
    def lock(self, apiuser, repoid, locked=Optional(None),
             userid=Optional(OAttr('apiuser'))):
        """
        Set locking state on particular repository by given user, if
        this command is runned by non-admin account userid is set to user
        who is calling this method

        :param apiuser:
        :param repoid:
        :param userid:
        :param locked:
        """
        repo = get_repo_or_error(repoid)
        if HasPermissionAnyApi('hg.admin')(user=apiuser):
            pass
        elif HasRepoPermissionAnyApi('repository.admin',
                                     'repository.write')(user=apiuser,
                                                         repo_name=repo.repo_name):
            #make sure normal user does not pass someone else userid,
            #he is not allowed to do that
            if not isinstance(userid, Optional) and userid != apiuser.user_id:
                raise JSONRPCError(
                    'userid is not the same as your user'
                )
        else:
            raise JSONRPCError('repository `%s` does not exist' % (repoid))

        if isinstance(userid, Optional):
            userid = apiuser.user_id

        user = get_user_or_error(userid)

        if isinstance(locked, Optional):
            lockobj = Repository.getlock(repo)

            if lockobj[0] is None:
                return ('Repo `%s` not locked. Locked=`False`.'
                        % (repo.repo_name))
            else:
                userid, time_ = lockobj
                user = get_user_or_error(userid)

                return ('Repo `%s` locked by `%s`. Locked=`True`. '
                        'Locked since: `%s`'
                    % (repo.repo_name, user.username,
                       json.dumps(time_to_datetime(time_))))

        else:
            locked = str2bool(locked)
            try:
                if locked:
                    Repository.lock(repo, user.user_id)
                else:
                    Repository.unlock(repo)

                return ('User `%s` set lock state for repo `%s` to `%s`'
                        % (user.username, repo.repo_name, locked))
            except Exception:
                log.error(traceback.format_exc())
                raise JSONRPCError(
                    'Error occurred locking repository `%s`' % repo.repo_name
                )
Exemplo n.º 12
0
    def fork_repo(self,
                  apiuser,
                  repoid,
                  fork_name,
                  owner=Optional(OAttr('apiuser')),
                  description=Optional(''),
                  copy_permissions=Optional(False),
                  private=Optional(False),
                  landing_rev=Optional('tip')):
        repo = get_repo_or_error(repoid)
        repo_name = repo.repo_name

        _repo = RepoModel().get_by_repo_name(fork_name)
        if _repo:
            type_ = 'fork' if _repo.fork else 'repo'
            raise JSONRPCError("%s `%s` already exist" % (type_, fork_name))

        if HasPermissionAnyApi('hg.admin')(user=apiuser):
            pass
        elif HasRepoPermissionAnyApi('repository.admin', 'repository.write',
                                     'repository.read')(
                                         user=apiuser,
                                         repo_name=repo.repo_name):
            if not isinstance(owner, Optional):
                #forbid setting owner for non-admins
                raise JSONRPCError(
                    'Only RhodeCode admin can specify `owner` param')
        else:
            raise JSONRPCError('repository `%s` does not exist' % (repoid))

        if isinstance(owner, Optional):
            owner = apiuser.user_id

        owner = get_user_or_error(owner)

        try:
            # create structure of groups and return the last group
            group = map_groups(fork_name)

            form_data = dict(
                repo_name=fork_name,
                repo_name_full=fork_name,
                repo_group=group,
                repo_type=repo.repo_type,
                description=Optional.extract(description),
                private=Optional.extract(private),
                copy_permissions=Optional.extract(copy_permissions),
                landing_rev=Optional.extract(landing_rev),
                update_after_clone=False,
                fork_parent_id=repo.repo_id,
            )
            RepoModel().create_fork(form_data, cur_user=owner)
            return dict(
                msg='Created fork of `%s` as `%s`' %
                (repo.repo_name, fork_name),
                success=True  # cannot return the repo data here since fork
                # cann be done async
            )
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError('failed to fork repository `%s` as `%s`' %
                               (repo_name, fork_name))
Exemplo n.º 13
0
    def update_repo(self,
                    apiuser,
                    repoid,
                    name=Optional(None),
                    owner=Optional(OAttr('apiuser')),
                    group=Optional(None),
                    description=Optional(''),
                    private=Optional(False),
                    clone_uri=Optional(None),
                    landing_rev=Optional('tip'),
                    enable_statistics=Optional(False),
                    enable_locking=Optional(False),
                    enable_downloads=Optional(False)):
        """
        Updates repo

        :param apiuser: filled automatically from apikey
        :type apiuser: AuthUser
        :param repoid: repository name or repository id
        :type repoid: str or int
        :param name:
        :param owner:
        :param group:
        :param description:
        :param private:
        :param clone_uri:
        :param landing_rev:
        :param enable_statistics:
        :param enable_locking:
        :param enable_downloads:
        """
        repo = get_repo_or_error(repoid)
        if not HasPermissionAnyApi('hg.admin')(user=apiuser):
            # check if we have admin permission for this repo !
            if not HasRepoPermissionAnyApi('repository.admin')(
                    user=apiuser, repo_name=repo.repo_name):
                raise JSONRPCError('repository `%s` does not exist' %
                                   (repoid, ))

        updates = {
            # update function requires this.
            'repo_name': repo.repo_name
        }
        repo_group = group
        if not isinstance(repo_group, Optional):
            repo_group = get_repo_group_or_error(repo_group)
            repo_group = repo_group.group_id
        try:
            store_update(updates, name, 'repo_name')
            store_update(updates, repo_group, 'repo_group')
            store_update(updates, owner, 'user')
            store_update(updates, description, 'repo_description')
            store_update(updates, private, 'repo_private')
            store_update(updates, clone_uri, 'clone_uri')
            store_update(updates, landing_rev, 'repo_landing_rev')
            store_update(updates, enable_statistics, 'repo_enable_statistics')
            store_update(updates, enable_locking, 'repo_enable_locking')
            store_update(updates, enable_downloads, 'repo_enable_downloads')

            RepoModel().update(repo, **updates)
            Session().commit()
            return dict(msg='updated repo ID:%s %s' %
                        (repo.repo_id, repo.repo_name),
                        repository=repo.get_api_data())
        except Exception:
            log.error(traceback.format_exc())
            raise JSONRPCError('failed to update repo `%s`' % repoid)