Mercurial > public > src > rhodecode

comparison pylons_app/lib/db_manage.py @ 453:3ed2d46a2ca7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
permission refactoring, Implemented views for default permissions, fixes #23 user registration is controlled by permission system. Implemented manual registration option websetup fills default permissions
author Marcin Kuzminski <marcin@python-works.com>
date Sat, 21 Aug 2010 16:34:37 +0200
parents b27d32cb3157
children 7c978511c951
comparison
equal deleted inserted replaced
452:25ab66a26975 453:3ed2d46a2ca7
32 sys.path.append(ROOT) 32 sys.path.append(ROOT)
33 33
34 from pylons_app.lib.auth import get_crypt_password 34 from pylons_app.lib.auth import get_crypt_password
35 from pylons_app.lib.utils import ask_ok 35 from pylons_app.lib.utils import ask_ok
36 from pylons_app.model import init_model 36 from pylons_app.model import init_model
37 from pylons_app.model.db import User, Permission, HgAppUi, HgAppSettings 37 from pylons_app.model.db import User, Permission, HgAppUi, HgAppSettings, \
38 UserToPerm
38 from pylons_app.model import meta 39 from pylons_app.model import meta
39 from sqlalchemy.engine import create_engine 40 from sqlalchemy.engine import create_engine
40 import logging 41 import logging
41 42
42 log = logging.getLogger(__name__) 43 log = logging.getLogger(__name__)
187 #module.(read|write|owner) 188 #module.(read|write|owner)
188 perms = [('repository.none', 'Repository no access'), 189 perms = [('repository.none', 'Repository no access'),
189 ('repository.read', 'Repository read access'), 190 ('repository.read', 'Repository read access'),
190 ('repository.write', 'Repository write access'), 191 ('repository.write', 'Repository write access'),
191 ('repository.admin', 'Repository admin access'), 192 ('repository.admin', 'Repository admin access'),
192 ('repository.create', 'Repository create'),
193 ('hg.admin', 'Hg Administrator'), 193 ('hg.admin', 'Hg Administrator'),
194 ('hg.create.repository', 'Repository create'),
195 ('hg.create.none', 'Repository creation disabled'),
196 ('hg.register.none', 'Register disabled'),
197 ('hg.register.manual_activate', 'Register new user with hg-app without manual activation'),
198 ('hg.register.auto_activate', 'Register new user with hg-app without auto activation'),
194 ] 199 ]
195 200
196 for p in perms: 201 for p in perms:
197 new_perm = Permission() 202 new_perm = Permission()
198 new_perm.permission_name = p[0] 203 new_perm.permission_name = p[0]
201 self.sa.add(new_perm) 206 self.sa.add(new_perm)
202 self.sa.commit() 207 self.sa.commit()
203 except: 208 except:
204 self.sa.rollback() 209 self.sa.rollback()
205 raise 210 raise
211
212 def populate_default_permissions(self):
213 log.info('creating default user permissions')
214
215 default_user = self.sa.query(User)\
216 .filter(User.username == 'default').scalar()
217
218 reg_perm = UserToPerm()
219 reg_perm.user = default_user
220 reg_perm.permission = self.sa.query(Permission)\
221 .filter(Permission.permission_name == 'hg.register.manual_activate')\
222 .scalar()
223
224 create_repo_perm = UserToPerm()
225 create_repo_perm.user = default_user
226 create_repo_perm.permission = self.sa.query(Permission)\
227 .filter(Permission.permission_name == 'hg.create.repository')\
228 .scalar()
229
230 default_repo_perm = UserToPerm()
231 default_repo_perm.user = default_user
232 default_repo_perm.permission = self.sa.query(Permission)\
233 .filter(Permission.permission_name == 'repository.read')\
234 .scalar()
235
236 try:
237 self.sa.add(reg_perm)
238 self.sa.add(create_repo_perm)
239 self.sa.add(default_repo_perm)
240 self.sa.commit()
241 except:
242 self.sa.rollback()
243 raise
244