@@ -27,12 +27,13 @@ fixes
- fixed #385 clone by ID url was loosing proxy prefix in URL
- fixed some unicode problems with waitress
- fixed issue with escaping < and > in changeset commits
- fixed error occurring during recursive group creation in API
create_repo function
- fixed #393 py2.5 fixes for routes url generator
- fixed #397 Private repository groups shows up before login
1.3.3 (**2012-03-02**)
----------------------
news
++++
@@ -295,20 +295,21 @@ class UserModel(BaseModel):
def delete(self, user):
user = self.__get_user(user)
try:
if user.username == 'default':
raise DefaultUserException(
_("You can't remove this user since it's"
" crucial for entire application"))
" crucial for entire application")
)
if user.repositories:
raise UserOwnsReposException(_('This user still owns %s '
'repositories and cannot be '
'removed. Switch owners or '
'remove those repositories') \
% user.repositories)
raise UserOwnsReposException(
_('user "%s" still owns %s repositories and cannot be '
'removed. Switch owners or remove those repositories')
% (user.username, user.repositories)
self.sa.delete(user)
except:
log.error(traceback.format_exc())
raise
def reset_password_link(self, data):
@@ -497,22 +498,21 @@ class UserModel(BaseModel):
# user repositories groups
user_repo_groups_perms = \
self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\
.join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
.join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
.filter(UserRepoToPerm.user_id == uid)\
.filter(UserRepoGroupToPerm.user_id == uid)\
.all()
for perm in user_repo_groups_perms:
rg_k = perm.UserRepoGroupToPerm.group.group_name
p = perm.Permission.permission_name
cur_perm = user.permissions[GK][rg_k]
if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
user.permissions[GK][rg_k] = p
return user
def has_perm(self, user, perm):
if not isinstance(perm, Permission):
raise Exception('perm needs to be an instance of Permission class '
'got %s instead' % type(perm))
@@ -427,20 +427,28 @@ class TestPermissions(unittest.TestCase)
def setUp(self):
self.u1 = UserModel().create_or_update(
username=u'u1', password=u'qweqwe',
email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1'
self.u2 = UserModel().create_or_update(
username=u'u2', password=u'qweqwe',
email=u'u2@rhodecode.org', name=u'u2', lastname=u'u2'
self.anon = User.get_by_username('default')
self.a1 = UserModel().create_or_update(
username=u'a1', password=u'qweqwe',
email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True
Session.commit()
def tearDown(self):
if hasattr(self, 'test_repo'):
RepoModel().delete(repo=self.test_repo)
UserModel().delete(self.u1)
UserModel().delete(self.u2)
UserModel().delete(self.a1)
if hasattr(self, 'g1'):
ReposGroupModel().delete(self.g1.group_id)
if hasattr(self, 'g2'):
ReposGroupModel().delete(self.g2.group_id)
@@ -575,6 +583,78 @@ class TestPermissions(unittest.TestCase)
'repositories': {u'vcs_test_hg': u'repository.write'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm_h)
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
def test_repo_in_group_permissions(self):
self.g1 = _make_group('group1', skip_if_exists=True)
self.g2 = _make_group('group2', skip_if_exists=True)
# both perms should be read !
u1_auth = AuthUser(user_id=self.u1.user_id)
{u'group1': u'group.read', u'group2': u'group.read'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
#Change perms to none for both groups
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.anon,
perm='group.none')
ReposGroupModel().grant_user_permission(repos_group=self.g2,
{u'group1': u'group.none', u'group2': u'group.none'})
# add repo to group
form_data = {
'repo_name':HG_REPO,
'repo_name_full':os.path.join(self.g1.group_name,HG_REPO),
'repo_type':'hg',
'clone_uri':'',
'repo_group':self.g1.group_id,
'description':'desc',
'private':False
self.test_repo = RepoModel().create(form_data, cur_user=self.u1)
#grant permission for u2 !
user=self.u2,
perm='group.read')
self.assertNotEqual(self.u1, self.u2)
#u1 and anon should have not change perms while u2 should !
u2_auth = AuthUser(user_id=self.u2.user_id)
self.assertEqual(u2_auth.permissions['repositories_groups'],
Status change: