@@ -30,6 +30,7 @@ fixes
- fixed error occurring during recursive group creation in API
create_repo function
- fixed #393 py2.5 fixes for routes url generator
- fixed #397 Private repository groups shows up before login
1.3.3 (**2012-03-02**)
----------------------
@@ -298,14 +298,15 @@ class UserModel(BaseModel):
try:
if user.username == 'default':
raise DefaultUserException(
_("You can't remove this user since it's"
" crucial for entire application"))
" crucial for entire application")
)
if user.repositories:
raise UserOwnsReposException(_('This user still owns %s '
'repositories and cannot be '
'removed. Switch owners or '
'remove those repositories') \
% user.repositories)
raise UserOwnsReposException(
_('user "%s" still owns %s repositories and cannot be '
'removed. Switch owners or remove those repositories')
% (user.username, user.repositories)
self.sa.delete(user)
except:
log.error(traceback.format_exc())
@@ -500,7 +501,7 @@ class UserModel(BaseModel):
self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\
.join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
.join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
.filter(UserRepoToPerm.user_id == uid)\
.filter(UserRepoGroupToPerm.user_id == uid)\
.all()
for perm in user_repo_groups_perms:
@@ -509,7 +510,6 @@ class UserModel(BaseModel):
cur_perm = user.permissions[GK][rg_k]
if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
user.permissions[GK][rg_k] = p
return user
def has_perm(self, user, perm):
@@ -430,6 +430,11 @@ class TestPermissions(unittest.TestCase)
username=u'u1', password=u'qweqwe',
email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1'
self.u2 = UserModel().create_or_update(
username=u'u2', password=u'qweqwe',
email=u'u2@rhodecode.org', name=u'u2', lastname=u'u2'
self.anon = User.get_by_username('default')
self.a1 = UserModel().create_or_update(
username=u'a1', password=u'qweqwe',
email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True
@@ -437,7 +442,10 @@ class TestPermissions(unittest.TestCase)
Session.commit()
def tearDown(self):
if hasattr(self, 'test_repo'):
RepoModel().delete(repo=self.test_repo)
UserModel().delete(self.u1)
UserModel().delete(self.u2)
UserModel().delete(self.a1)
if hasattr(self, 'g1'):
ReposGroupModel().delete(self.g1.group_id)
@@ -578,3 +586,75 @@ class TestPermissions(unittest.TestCase)
new_perm_h)
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
def test_repo_in_group_permissions(self):
self.g1 = _make_group('group1', skip_if_exists=True)
self.g2 = _make_group('group2', skip_if_exists=True)
# both perms should be read !
u1_auth = AuthUser(user_id=self.u1.user_id)
{u'group1': u'group.read', u'group2': u'group.read'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
#Change perms to none for both groups
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.anon,
perm='group.none')
ReposGroupModel().grant_user_permission(repos_group=self.g2,
{u'group1': u'group.none', u'group2': u'group.none'})
# add repo to group
form_data = {
'repo_name':HG_REPO,
'repo_name_full':os.path.join(self.g1.group_name,HG_REPO),
'repo_type':'hg',
'clone_uri':'',
'repo_group':self.g1.group_id,
'description':'desc',
'private':False
}
self.test_repo = RepoModel().create(form_data, cur_user=self.u1)
#grant permission for u2 !
user=self.u2,
perm='group.read')
self.assertNotEqual(self.u1, self.u2)
#u1 and anon should have not change perms while u2 should !
u2_auth = AuthUser(user_id=self.u2.user_id)
self.assertEqual(u2_auth.permissions['repositories_groups'],
Status change: