def add_user_to_group(self, user_name, group_name, validate=True):
"""
Adds user to group.
:param str user_name: User name
:param str group_name: Group name
:param bool validate: Validate the permission group has no too much or little permissions
:raises InvalidPermissionsState: If cannot add user
:raises DatabaseError: Query failure
"""
# Test if we can add the user
ug = self.get_all_user_groups() + [(user_name, group_name)]
if validate:
self.is_valid_group_members(user_groups=ug)
userstore = get_userstore()
user = userstore.getUser(user_name)
if not user:
from multiproject.core.auth.auth import Authentication
auth = Authentication()
auth.sync_user(user_name)
user = userstore.getUser(user_name)
if not user:
raise InvalidPermissionsState('Unknown user %s' % user_name)
# Create group if it doesn't exist
group_name = group_name.encode('utf-8')
group_id = self.get_group_id(group_name)
if group_id is None:
conf.log.info('Creating permission group: %s' % group_name)
self.create_group(group_name)
group_id = self.get_group_id(group_name)
self._cache.clear_user_groups(self.trac_environment_key)
with admin_query() as cursor:
try:
cursor.callproc("add_user_to_group", [user.id, group_id])
# User already exists in the group
except MySQLdb.IntegrityError:
conf.log.warning('User %s already exists in group: %s' % (user_name, group_name))
self.follow_project(user_name, group_name)
def add_user_to_group(self, user_name, group_name):
"""
Adds user to group.
Updates the published time of the project accordingly.
:param str user_name: User name
:param str group_name: Group name
:raises InvalidPermissionsState: If cannot add user
:raises DatabaseError: Query failure
"""
# Test if we can add the user
ug = self.get_all_user_groups() + [(user_name, group_name)]
self.is_valid_group_members(user_groups=ug)
userstore = get_userstore()
user = userstore.getUser(user_name)
if not user:
from multiproject.core.auth.auth import Authentication
auth = Authentication()
auth.sync_user(user_name)
user = userstore.getUser(user_name)
if not user:
raise InvalidPermissionsState('Unknown user %s' % user_name)
# Create group if it doesn't exist
group_name = group_name.encode('utf-8')
group_id = self.get_group_id(group_name)
if group_id is None:
self.create_group(group_name)
group_id = self.get_group_id(group_name)
self._cache.clear_user_groups(self.trac_environment_key)
with admin_query() as cursor:
cursor.callproc("add_user_to_group", [user.id, group_id])
self._update_published_time()
def _add_user(self, req, group_store, membership, username=None):
"""
:param req: Request
:param group_store: CQDEUserGroupStore
:param membership: Membership API
:param username: Override username from the request
"""
req.perm.require("PERMISSION_GRANT")
if username is None:
username = req.args.get("member")
group = req.args.get("group")
if not username or not group:
raise TracError("Invalid arguments while adding user")
# Get/check if user exists
auth = Authentication()
username = auth.get_trac_username(username)
# check if already exists
if username in [e[0] for e in group_store.get_all_user_groups() if e[1] == group]:
add_warning(req, _("User %(user)s already exists in the group %(group)s", group=group, user=username))
return
# User does not yet exists in multiproject database => retrieve and create user from authentication backend(s)
if not username:
# Create user using authentication backends and sync functionality
if not auth.sync_user(username):
# Show warning with possibility to create a local user - if user has enough permissions.
# Otherwise give traditional user cannot be found error
home_perm = PermissionCache(env=self.conf.home_env, username=req.authname)
if "USER_CREATE" in home_perm:
link = Href(self.conf.url_home_path)(
"admin/users/create_local", {"goto": req.abs_href(req.path_info)}
)
create_link = Markup('<a href="%s">%s</a>' % (link, _("create a local user?")))
add_warning(
req, _('User "%(username)s" can not be found. Check name or ', username=username) + create_link
)
else:
add_warning(
req, _('User "%(username)s" can not be found. Please check the name.', username=username)
)
return
add_notice(req, _("Added user %s to service" % username))
# Now, retrieve the username again
username = auth.get_trac_username(username)
# when adding to normal project, accept possible membership requests
if membership is not None:
# If adding user in group it means that membership is accepted
if username in membership.get_membership_requests():
membership.accept_membership(username)
add_notice(req, _("Membership request has been accepted for %(who)s.", who=username))
try:
group_store.add_user_to_group(username, group)
add_notice(req, _("User %(who)s has been added to group %(where)s.", who=username, where=group))
except InvalidPermissionsState, e:
add_warning(
req,
_(
"User %(who)s cannot be added to group %(where)s. %(reason)s",
who=username,
where=group,
reason=e.message,
),
)
def _add_user(self, req, group_store, membership, username=None):
"""
:param req: Request
:param group_store: CQDEUserGroupStore
:param membership: Membership API
:param username: Override username from the request
"""
req.perm.require('PERMISSION_GRANT')
if username is None:
username = req.args.get('member')
group = req.args.get('group')
if not username or not group:
raise TracError('Invalid arguments while adding user')
# Get/check if user exists
auth = Authentication()
username = auth.get_trac_username(username)
# check if already exists
if username in [
e[0] for e in group_store.get_all_user_groups()
if e[1] == group
]:
add_warning(
req,
_('User %(user)s already exists in the group %(group)s',
group=group,
user=username))
return
# User does not yet exists in multiproject database => retrieve and create user from authentication backend(s)
if not username:
username = req.args.get('member')
# Create user using authentication backends and sync functionality
if not auth.sync_user(username):
# Show warning with possibility to create a local user - if user has enough permissions.
# Otherwise give traditional user cannot be found error
home_perm = PermissionCache(env=self.conf.home_env,
username=req.authname)
if 'USER_CREATE' in home_perm:
link = Href(self.conf.url_home_path)(
'admin/users/create_local', {
'goto': req.abs_href(req.path_info)
})
create_link = Markup('<a href="%s">%s</a>' %
(link, _('create a local user?')))
add_warning(
req,
_('User "%(username)s" can not be found. Check name or ',
username=username) + create_link)
else:
add_warning(
req,
_('User "%(username)s" can not be found. Please check the name.',
username=username))
return
add_notice(req, _('Added user %s to service' % username))
# Now, retrieve the username again
username = auth.get_trac_username(username)
# when adding to normal project, accept possible membership requests
if membership is not None:
# If adding user in group it means that membership is accepted
if username in membership.get_membership_requests():
membership.accept_membership(username)
add_notice(
req,
_('Membership request has been accepted for %(who)s.',
who=username))
try:
group_store.add_user_to_group(username, group)
add_notice(
req,
_('User %(who)s has been added to group %(where)s.',
who=username,
where=group))
except InvalidPermissionsState, e:
add_warning(
req,
_('User %(who)s cannot be added to group %(where)s. %(reason)s',
who=username,
where=group,
reason=e.message))
