def delete(self, group, user):
group = self.get(group)
user = api.users.get(user)
if not user.has_perm('delete', obj=group):
raise PermissionError("You do not have permission to delete this group")
group.delete()
def delete(self, username, request_user, perm='user.delete'):
req_user = self.get(request_user)
if not req_user.has_perm(perm):
raise PermissionError("User: %s, does not have perm: %s" %
(req_user, perm))
user = self.get(username)
user.delete()
def delete(self, project, user):
project = self.get(project)
user = api.users.get(user)
if not user.has_perm('delete', obj=project):
raise PermissionError(
"You do not have permission to delete this project")
project.delete()
def _create(self, name, user, description, **kwargs):
if not user.has_perm('add_projectgroup'):
raise PermissionError("You are not allowed to add Groups!")
valid_name(name)
group, created = self.model.objects.get_or_create(name=name,
defaults={'description':description})
if not created:
raise DuplicateObject('Group already exists!')
return group
def _revoke(self, user, group, req_user, perm):
if not req_user.has_perm('can_modify', group):
raise PermissionError("Insufficient permissions.")
if perm is None:
# Revoke all perms (delete group membership)
# TODO: do it!
return True
# TODO: remove single permission
return True
def initialize(self, name, user):
"""
Utility to create a project on the filesystem.
#. Create a unix user for the project.
#. Create home directory for code.
#. Create a bare git repository for code.
"""
from cannula.utils import shell
project = self.get(name)
user = api.users.get(user)
if not user.has_perm('add', project.group):
raise PermissionError("You can not create projects in this group")
# TODO: Create unix user for project
log.info("Creating project directories for: %s", project)
if not os.path.isdir(project.repo_dir):
os.makedirs(project.repo_dir)
if not os.path.isdir(project.project_dir):
os.makedirs(project.project_dir)
# Create the git repo
args = {'git_cmd': CANNULA_GIT_CMD, 'repo': project.repo_dir}
shell(self.git_init_cmd % args)
ctx = {
'project': project,
'cannula_admin': CANNULA_CMD,
# The current setting file
'settings': os.environ['DJANGO_SETTINGS_MODULE'],
# The current python executable (could be in a virtualenv)
'python': sys.executable
}
# Update git config in new repo
write_file(project.git_config, 'git/git-config.txt', ctx)
# Write out post-recieve hook and make it executable
write_file(project.post_receive, 'git/post-receive.sh', ctx)
shell('chmod 755 %s' % project.post_receive)
# Write out a description file
write_file(project.git_description, 'git/description.txt', ctx)
log.info("Project %s initialized", project)
api.log.create("Project %s initialized" % project,
user=user,
group=project.group,
project=project)
def grant(self, user, perms, group, req_user):
"""
Grant permissions to user. If project is specified, grant
permissions only to that project, otherwise by default it
will grant permissions for the group.
"""
user = api.users.get(user)
req_user = api.users.get(req_user)
group = api.groups.get(group)
if not self.has_perm(user, 'modify', group=group):
raise PermissionError(
"You don't have permission to modify this group!")
perms = set([self.get(perm) for perm in perms])
return self._grant(user, perms, group)
def create(self, user, group, name, description=''):
"""
Create a project and return its project object.
This requires permission to create project in the group and a unique
string identifier for the project. If the project is not unique, a
DuplicateObject Exception is raised.
Required Arguments:
* user: (String) User attempting the create function.
* group: (String) Name of project group to put project under.
* name: (String) Name of project to create.
Optional Arguments:
* desc: Text description of the project.
Returns:
On successful create:
The newly created project object
On failure:
Exception
"""
user = api.users.get(user)
group = api.groups.get(group)
if not user.has_perm('add', group):
raise PermissionError("You can not create projects in this group")
# Create the Project object.
project = self._create(group=group, name=name, description=description)
log.info("Project %s created in %s" % (project, group))
api.log.create("Project %s created" % project,
user=user,
group=group,
project=project)
return project