@@ -314,289 +314,312 @@ OUTPUT::
add_user_to_users_group
-----------------------
Adds a user to a users group. If user exists in that group success will be
`false`. This command can be executed only using api_key
belonging to user with admin rights
INPUT::
api_key : "<api_key>"
method : "add_user_users_group"
args: {
"group_name" : "<groupname>",
"username" : "<username>"
}
OUTPUT::
result: {
"id": "<newusersgroupmemberid>",
"success": True|False # depends on if member is in group
"msg": "added member <username> to users group <groupname> |
User is already in that group"
error: null
remove_user_from_users_group
----------------------------
Removes a user from a users group. If user is not in given group success will
be `false`. This command can be executed only
using api_key belonging to user with admin rights
method : "remove_user_from_users_group"
"success": True|False, # depends on if member is in group
"msg": "removed member <username> from users group <groupname> |
User wasn't in group"
get_repo
--------
Gets an existing repository. This command can be executed only using api_key
method : "get_repo"
"repo_name" : "<reponame>"
result: None if repository does not exist or
{
"id" : "<id>",
"type" : "<type>",
"description" : "<description>",
"members" : [
{ "id" : "<userid>",
"username" : "<username>",
"firstname": "<firstname>",
"lastname" : "<lastname>",
"email" : "<email>",
"active" : "<bool>",
"admin" : "<bool>",
"ldap" : "<ldap_dn>",
"permission" : "repository.(read|write|admin)"
},
…
"id" : "<usersgroupid>",
"name" : "<usersgroupname>",
"active": "<bool>",
]
get_repos
---------
Lists all existing repositories. This command can be executed only using api_key
method : "get_repos"
args: { }
result: [
"description" : "<description>"
get_repo_nodes
--------------
returns a list of nodes and it's children in a flat list for a given path
at given revision. It's possible to specify ret_type to show only `files` or
`dirs`. This command can be executed only using api_key belonging to user
with admin rights
method : "get_repo_nodes"
"repo_name" : "<reponame>",
"revision" : "<revision>",
"root_path" : "<root_path>",
"ret_type" : "<ret_type>" = 'all'
"name" : "<name>"
create_repo
-----------
Creates a repository. This command can be executed only using api_key
belonging to user with admin rights.
If repository name contains "/", all needed repository groups will be created.
For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),
and create "baz" repository with "bar" as group.
method : "create_repo"
"owner_name" : "<ownername>",
"description" : "<description> = ''",
"repo_type" : "<type> = 'hg'",
"private" : "<bool> = False"
"id": "<newrepoid>",
"msg": "Created new repository <reponame>",
delete_repo
Deletes a repository. This command can be executed only using api_key
method : "delete_repo"
"msg": "Deleted repository <reponame>",
grant_user_permission
---------------------
Grant permission for user on given repository, or update existing one
if found. This command can be executed only using api_key belonging to user
with admin rights.
method : "grant_user_permission"
"perm" : "(repository.(none|read|write|admin))",
"msg" : "Granted perm: <perm> for user: <username> in repo: <reponame>"
revoke_user_permission
----------------------
Revoke permission for user on given repository. This command can be executed
only using api_key belonging to user with admin rights.
method : "revoke_user_permission"
"msg" : "Revoked perm for user: <suername> in repo: <reponame>"
grant_users_group_permission
Grant permission for users group on given repository, or update
existing one if found. This command can be executed only using
api_key belonging to user with admin rights.
method : "grant_users_group_permission"
"group_name" : "<usersgroupname>",
"msg" : "Granted perm: <perm> for group: <usersgroupname> in repo: <reponame>"
revoke_users_group_permission
-----------------------------
Revoke permission for users group on given repository.This command can be
executed only using api_key belonging to user with admin rights.
method : "revoke_users_group_permission"
"users_group" : "<usersgroupname>",
"msg" : "Revoked perm for group: <usersgroupname> in repo: <reponame>"
\ No newline at end of file
@@ -304,333 +304,352 @@ class ApiController(JSONRPCController):
id=ugm.users_group_member_id if ugm != True else None,
success=success,
msg=msg
)
except Exception:
log.error(traceback.format_exc())
raise JSONRPCError('failed to add users group member')
@HasPermissionAllDecorator('hg.admin')
def remove_user_from_users_group(self, apiuser, group_name, username):
"""
Remove user from a group
:param apiuser
:param group_name
:param username
try:
users_group = UsersGroup.get_by_group_name(group_name)
if not users_group:
raise JSONRPCError('unknown users group %s' % group_name)
user = User.get_by_username(username)
if user is None:
raise JSONRPCError('unknown user %s' % username)
success = UsersGroupModel().remove_user_from_group(users_group, user)
msg = 'removed member %s from users group %s' % (username, group_name)
msg = msg if success else "User wasn't in group"
Session.commit()
return dict(success=success, msg=msg)
raise JSONRPCError('failed to remove user from group')
@HasPermissionAnyDecorator('hg.admin')
def get_repo(self, apiuser, repo_name):
""""
Get repository by name
:param apiuser:
:param repo_name:
repo = Repository.get_by_repo_name(repo_name)
if repo is None:
raise JSONRPCError('unknown repository %s' % repo)
members = []
for user in repo.repo_to_perm:
perm = user.permission.permission_name
user = user.user
members.append(
dict(
type_="user",
id=user.user_id,
username=user.username,
firstname=user.name,
lastname=user.lastname,
email=user.email,
active=user.active,
admin=user.admin,
ldap=user.ldap_dn,
permission=perm
for users_group in repo.users_group_to_perm:
perm = users_group.permission.permission_name
users_group = users_group.users_group
type_="users_group",
id=users_group.users_group_id,
name=users_group.users_group_name,
active=users_group.users_group_active,
return dict(
id=repo.repo_id,
repo_name=repo.repo_name,
type=repo.repo_type,
description=repo.description,
members=members
def get_repos(self, apiuser):
Get all repositories
result = []
for repository in Repository.getAll():
result.append(
id=repository.repo_id,
repo_name=repository.repo_name,
type=repository.repo_type,
description=repository.description
return result
def get_repo_nodes(self, apiuser, repo_name, revision, root_path,
ret_type='all'):
returns a list of nodes and it's children
for a given path at given revision. It's possible to specify ret_type
to show only files or dirs
:param repo_name: name of repository
:param revision: revision for which listing should be done
:param root_path: path from which start displaying
:param ret_type: return type 'all|files|dirs' nodes
_d, _f = ScmModel().get_nodes(repo_name, revision, root_path,
flat=False)
_map = {
'all': _d + _f,
'files': _f,
'dirs': _d,
return _map[ret_type]
except KeyError:
raise JSONRPCError('ret_type must be one of %s' % _map.keys())
except Exception, e:
raise JSONRPCError(e)
@HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
def create_repo(self, apiuser, repo_name, owner_name, description='',
repo_type='hg', private=False):
Create a repository
:param description:
:param type:
:param private:
:param owner_name:
owner = User.get_by_username(owner_name)
if owner is None:
raise JSONRPCError('unknown user %s' % owner_name)
if Repository.get_by_repo_name(repo_name):
raise JSONRPCError("repo %s already exist" % repo_name)
groups = repo_name.split('/')
real_name = groups[-1]
groups = groups[:-1]
parent_id = None
for g in groups:
group = RepoGroup.get_by_group_name(g)
if not group:
group = ReposGroupModel().create(g, '', parent_id)
parent_id = group.group_id
repo = RepoModel().create(
repo_name=real_name,
repo_name_full=repo_name,
description=description,
private=private,
repo_type=repo_type,
repo_group=parent_id,
clone_uri=None
),
owner
msg="Created new repository %s" % repo.repo_name
raise JSONRPCError('failed to create repository %s' % repo_name)
def delete_repo(self, apiuser, repo_name):
Deletes a given repository
if not Repository.get_by_repo_name(repo_name):
raise JSONRPCError("repo %s does not exist" % repo_name)
RepoModel().delete(repo_name)
msg='Deleted repository %s' % repo_name
raise JSONRPCError('failed to delete repository %s' % repo_name)
def grant_user_permission(self, repo_name, username, perm):
if found
:param username:
:param perm:
RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)
msg='Granted perm: %s for user: %s in repo: %s' % (
perm, username, repo_name
raise JSONRPCError(
'failed to edit permission %(repo)s for %(user)s' % dict(
user=username, repo=repo_name
def revoke_user_permission(self, repo_name, username):
Revoke permission for user on given repository
RepoModel().revoke_user_permission(repo=repo_name, user=username)
msg='Revoked perm for user: %s in repo: %s' % (
username, repo_name
def grant_users_group_permission(self, repo_name, group_name, perm):
existing one if found
:param group_name:
user_group = UsersGroup.get_by_group_name(group_name)
if user_group is None:
raise JSONRPCError('unknown users group %s' % user_group)
RepoModel().grant_users_group_permission(repo=repo_name,
group_name=group_name,
perm=perm)
msg='Granted perm: %s for group: %s in repo: %s' % (
perm, group_name, repo_name
'failed to edit permission %(repo)s for %(usersgr)s' % dict(
usersgr=group_name, repo=repo_name
def revoke_users_group_permission(self, repo_name, group_name):
Revoke permission for users group on given repository
RepoModel().revoke_users_group_permission(repo=repo_name,
group_name=group_name)
msg='Revoked perm for group: %s in repo: %s' % (
group_name, repo_name
@@ -113,379 +113,380 @@ class RepoModel(BaseModel):
return users_groups_array
def _get_defaults(self, repo_name):
Get's information about repository, and returns a dict for
usage in forms
repo_info = Repository.get_by_repo_name(repo_name)
if repo_info is None:
return None
defaults = repo_info.get_dict()
group, repo_name = repo_info.groups_and_repo
defaults['repo_name'] = repo_name
defaults['repo_group'] = getattr(group[-1] if group else None,
'group_id', None)
# fill owner
if repo_info.user:
defaults.update({'user': repo_info.user.username})
else:
replacement_user = User.query().filter(User.admin ==
True).first().username
defaults.update({'user': replacement_user})
# fill repository users
for p in repo_info.repo_to_perm:
defaults.update({'u_perm_%s' % p.user.username:
p.permission.permission_name})
# fill repository groups
for p in repo_info.users_group_to_perm:
defaults.update({'g_perm_%s' % p.users_group.users_group_name:
return defaults
def update(self, repo_name, form_data):
cur_repo = self.get_by_repo_name(repo_name, cache=False)
# update permissions
for member, perm, member_type in form_data['perms_updates']:
if member_type == 'user':
# this updates existing one
RepoModel().grant_user_permission(
repo=cur_repo, user=member, perm=perm
RepoModel().grant_users_group_permission(
repo=cur_repo, group_name=member, perm=perm
# set new permissions
for member, perm, member_type in form_data['perms_new']:
# update current repo
for k, v in form_data.items():
if k == 'user':
cur_repo.user = User.get_by_username(v)
elif k == 'repo_name':
pass
elif k == 'repo_group':
cur_repo.group = RepoGroup.get(v)
setattr(cur_repo, k, v)
new_name = cur_repo.get_new_name(form_data['repo_name'])
cur_repo.repo_name = new_name
self.sa.add(cur_repo)
if repo_name != new_name:
# rename repository
self.__rename_repo(old=repo_name, new=new_name)
return cur_repo
except:
raise
def create(self, form_data, cur_user, just_db=False, fork=False):
from rhodecode.model.scm import ScmModel
if fork:
fork_parent_id = form_data['fork_parent_id']
# repo name is just a name of repository
# while repo_name_full is a full qualified name that is combined
# with name and path of group
repo_name = form_data['repo_name']
repo_name_full = form_data['repo_name_full']
new_repo = Repository()
new_repo.enable_statistics = False
if k == 'repo_name':
v = repo_name_full
if k == 'repo_group':
k = 'group_id'
if k == 'description':
v = v or repo_name
setattr(new_repo, k, v)
parent_repo = Repository.get(fork_parent_id)
new_repo.fork = parent_repo
new_repo.user_id = cur_user.user_id
self.sa.add(new_repo)
def _create_default_perms():
# create default permission
repo_to_perm = UserRepoToPerm()
default = 'repository.read'
for p in User.get_by_username('default').user_perms:
if p.permission.permission_name.startswith('repository.'):
default = p.permission.permission_name
break
default_perm = 'repository.none' if form_data['private'] else default
repo_to_perm.permission_id = self.sa.query(Permission)\
.filter(Permission.permission_name == default_perm)\
.one().permission_id
repo_to_perm.repository = new_repo
repo_to_perm.user_id = User.get_by_username('default').user_id
self.sa.add(repo_to_perm)
if form_data.get('copy_permissions'):
repo = Repository.get(fork_parent_id)
user_perms = UserRepoToPerm.query()\
.filter(UserRepoToPerm.repository == repo).all()
group_perms = UsersGroupRepoToPerm.query()\
.filter(UsersGroupRepoToPerm.repository == repo).all()
for perm in user_perms:
UserRepoToPerm.create(perm.user, new_repo,
perm.permission)
for perm in group_perms:
UsersGroupRepoToPerm.create(perm.users_group, new_repo,
_create_default_perms()
if not just_db:
self.__create_repo(repo_name, form_data['repo_type'],
form_data['repo_group'],
form_data['clone_uri'])
# now automatically start following this repository as owner
ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
cur_user.user_id)
log_create_repository(new_repo.get_dict(),
created_by=cur_user.username)
return new_repo
def create_fork(self, form_data, cur_user):
Simple wrapper into executing celery task for fork creation
:param form_data:
:param cur_user:
from rhodecode.lib.celerylib import tasks, run_task
run_task(tasks.create_repo_fork, form_data, cur_user)
def delete(self, repo):
repo = self.__get_repo(repo)
self.sa.delete(repo)
self.__delete_repo(repo)
def grant_user_permission(self, repo, user, perm):
:param repo: Instance of Repository, repository_id, or repository name
:param user: Instance of User, user_id or username
:param perm: Instance of Permission, or permission_name
user = self.__get_user(user)
permission = self.__get_perm(perm)
# check if we have that permission already
obj = self.sa.query(UserRepoToPerm)\
.filter(UserRepoToPerm.user == user)\
.filter(UserRepoToPerm.repository == repo)\
.scalar()
if obj is None:
# create new !
obj = UserRepoToPerm()
obj.repository = repo
obj.user = user
obj.permission = permission
self.sa.add(obj)
def revoke_user_permission(self, repo, user):
.one()
self.sa.delete(obj)
def grant_users_group_permission(self, repo, group_name, perm):
:param group_name: Instance of UserGroup, users_group_id,
or users group name
group_name = self.__get_users_group(group_name)
obj = self.sa.query(UsersGroupRepoToPerm)\
.filter(UsersGroupRepoToPerm.users_group == group_name)\
.filter(UsersGroupRepoToPerm.repository == repo)\
# create new
obj = UsersGroupRepoToPerm()
obj.users_group = group_name
def revoke_users_group_permission(self, repo, group_name):
def delete_stats(self, repo_name):
removes stats for given repo
obj = self.sa.query(Statistics)\
.filter(Statistics.repository ==
self.get_by_repo_name(repo_name))\
def __create_repo(self, repo_name, alias, new_parent_id, clone_uri=False):
makes repository on filesystem. It's group aware means it'll create
a repository within a group, and alter the paths accordingly of
group location
:param alias:
:param parent_id:
:param clone_uri:
from rhodecode.lib.utils import is_valid_repo, is_valid_repos_group
if new_parent_id:
paths = RepoGroup.get(new_parent_id)\
.full_path.split(RepoGroup.url_sep())
new_parent_path = os.sep.join(paths)
new_parent_path = ''
# we need to make it str for mercurial
repo_path = os.path.join(*map(lambda x: safe_str(x),
[self.repos_path, new_parent_path, repo_name]))
# check if this path is not a repository
if is_valid_repo(repo_path, self.repos_path):
raise Exception('This path %s is a valid repository' % repo_path)
# check if this path is a group
if is_valid_repos_group(repo_path, self.repos_path):
raise Exception('This path %s is a valid group' % repo_path)
log.info('creating repo %s in %s @ %s' % (
repo_name, safe_unicode(repo_path), clone_uri
backend = get_backend(alias)
backend(repo_path, create=True, src_url=clone_uri)
def __rename_repo(self, old, new):
renames repository on filesystem
:param old: old name
:param new: new name
log.info('renaming repo from %s to %s' % (old, new))
old_path = os.path.join(self.repos_path, old)
new_path = os.path.join(self.repos_path, new)
if os.path.isdir(new_path):
raise Exception(
'Was trying to rename to already existing dir %s' % new_path
shutil.move(old_path, new_path)
def __delete_repo(self, repo):
removes repo from filesystem, the removal is acctually made by
added rm__ prefix into dir, and rename internat .hg/.git dirs so this
repository is no longer valid for rhodecode, can be undeleted later on
by reverting the renames on this repository
:param repo: repo object
rm_path = os.path.join(self.repos_path, repo.repo_name)
log.info("Removing %s" % (rm_path))
# disable hg/git
alias = repo.repo_type
shutil.move(os.path.join(rm_path, '.%s' % alias),
os.path.join(rm_path, 'rm__.%s' % alias))
# disable repo
_d = 'rm__%s__%s' % (datetime.now().strftime('%Y%m%d_%H%M%S_%f'),
repo.repo_name)
shutil.move(rm_path, os.path.join(self.repos_path, _d))
Status change: