def testRemoveGroup(self): group.add("foo") foo = group.Group("foo") fake_admin = Mock() fake_admin.is_admin = True foo.remove() self.assert_("foo" not in [x.name for x in group.list(fake_admin)])
def write_groups(self, config): from submin.models import group from submin.models import user # get filename authz_file = config.get('svn', 'authz_file') # read file cp = self.read_ini(authz_file) # get groups groups = cp.options('groups') for groupname in groups: members = [ x.strip() for x in cp.get('groups', groupname).split(',') ] try: g = group.add(groupname) except GroupExistsError: g = group.Group(groupname) for member in members: u = user.User(member) try: g.add_member(u) except MemberExistsError: pass if groupname == "submin-admins": u.is_admin = True
def ajaxhandler(self, req, path): success = False error = '' response = None username = '' if len(path) < 2: return XMLStatusResponse('', False, 'Invalid Path') action = path[0] groupname = path[1] if action == 'delete': return self.removeGroup(groupname) if 'removeMember' in req.post: return self.removeMember(req, groupname) if 'addMember' in req.post: return self.addMember(req, groupname) if 'listGroupUsers' in req.post: return self.listGroupUsers(req, group.Group(groupname)) return XMLStatusResponse('', False, 'Unknown command')
def export_authz(**kwargs): """Export authorization/authentication info""" # XXX the import here is to prevent a circular import :( design problem! from .repository import list as list_repos authz_filename = options.env_path("svn_authz_file") authz = codecs.open(str(authz_filename), "w+", "utf-8") # Write all groups authz.write("[groups]\n") for groupname in group.list(FakeAdminUser()): g = group.Group(groupname) authz.write("%s = %s\n" % (groupname, ', '.join(g.members()))) authz.write("\n") # Write all repositories and their permissions for repository in list_repos(): if repository["status"] != "ok": continue for path in permissions.list_paths(repository["name"], "svn"): authz.write("[%s:%s]\n" % (repository["name"], path)) for perm in permissions.list_by_path(repository["name"], "svn", path): if perm["type"] == "group": authz.write("@") authz.write("%s = %s\n" % (perm["name"], perm["permission"])) authz.write("\n") authz.close()
def addpermission(self, req, repos): name = req.post.get('name') type = req.post.get('type') path = req.post.get('path') vcs_type = repos.vcs_type default_perm = '' if vcs_type == "git": if path != "/": default_perm = "w" else: default_perm = "r" if type == 'group': name = name.lower() try: group.Group(name) except UnknownGroupError as e: import re if re.findall('[^a-zA-Z0-9_-]', name): return XMLStatusResponse( 'addPermission', False, 'Invalid characters in groupname %s' % name) group.add(name) permissions.add(repos.name, repos.vcs_type, path, name, type, default_perm) if not repos.has_path_permissions: path = path.lstrip('/') return XMLStatusResponse('addPermission', True, ('User', 'Group')[type == 'group'] + ' %s added to path %s' % (name, path))
def testAddMember(self): from submin.models import user user.add("testUser", email="[email protected]", password="******") group.add("testGroup") u = user.User("testUser") g = group.Group("testGroup") g.add_member(u) self.assert_("testUser" in g.members())
def testRemoveMember(self): from submin.models import user user.add("testUser1", email="[email protected]", password="******") user.add("testUser2", email="[email protected]", password="******") group.add("testGroup") u1 = user.User("testUser1") u2 = user.User("testUser2") g = group.Group("testGroup") g.add_member(u1) g.add_member(u2) g.remove_member(u2) self.assert_("testUser2" not in g.members())
def removeGroup(self, groupname): try: g = group.Group(groupname) g.remove() except IOError: return XMLStatusResponse('removeGroup', False, 'File permisson denied') except UnknownGroupError: return XMLStatusResponse('removeGroup', False, 'Group %s does not exist' % groupname) return XMLStatusResponse('removeGroup', True, 'Group %s deleted' % g)
def removeFromGroup(self, req, u): g = group.Group(req.post.get('removeFromGroup')) success = True try: g.remove_member(u) except: # XXX except what?! succes = False msgs = { True: 'User %s removed from group %s' % (u.name, g.name), False: 'User %s is not a member of %s' % (u.name, g.name) } return XMLStatusResponse('removeFromGroup', success, msgs[success])
def addToGroup(self, req, u): g = group.Group(req.post.get('addToGroup')) success = True try: g.add_member(u) except MemberExistsError: success = False msgs = { True: 'User %s added to group %s' % (u.name, g.name), False: 'User %s already in group %s' % (u.name, g.name) } return XMLStatusResponse('addToGroup', success, msgs[success])
def addMember(self, req, groupname): username = req.post.get('addMember') success = True try: group.Group(groupname).add_member(user.User(username)) except MemberExistsError: success = False msgs = { True: 'User %s added to group %s' % (username, groupname), False: 'User %s already in group %s' % (username, groupname) } return XMLStatusResponse('addMember', success, msgs[success])
def removeMember(self, req, groupname): g = group.Group(groupname) username = req.post.get('removeMember') success = True try: g.remove_member(user.User(username)) except: success = False msgs = { True: 'User %s removed from group %s' % (username, groupname), False: 'User %s is not a member of group %s' % (username, groupname) } return XMLStatusResponse('removeMember', success, msgs[success])
def show(self, req, path, localvars): if len(path) < 1: return ErrorResponse('Invalid path', request=req) is_admin = req.session['user']['is_admin'] try: g = group.Group(path[0]) except (IndexError, UnknownGroupError): if not is_admin: return ErrorResponse('Not permitted', request=req) return ErrorResponse('This group does not exist.', request=req) if not is_admin and req.session['user']['name'] not in g.members(): return ErrorResponse('Not permitted', request=req) localvars['group'] = g formatted = evaluate_main('groups.html', localvars, request=req) return Response(formatted)
path = re.sub('/', '_', path) correct_groupname = '%s_%s' % (path, permission) return correct_groupname for groupname in groups: permissions_by_group = list(permissions.list_by_group(groupname)) if not permissions_by_group: verboseprint("Group %s is not used" % groupname) if report: continue group.Group(groupname).remove() verboseprint("Removed unused group %s" % groupname) continue permissions_to_groupname = [] match = False # Gets True when the name of a group matches its permission for permission_by_group in permissions_by_group: correct_groupname = get_correct_groupname(permission_by_group) if groupname == correct_groupname: match = True permissions_to_groupname.append( (permission_by_group, groupname, correct_groupname)) for ptg in permissions_to_groupname: permission_by_group, groupname, correct_groupname = ptg
def testEmptyMemberList(self): group.add("foo") foo = group.Group("foo") self.assertEquals(list(foo.members()), [])
def testGetGroup(self): group.add("foo") g = group.Group("foo") self.assertEquals(g.name, "foo")