kallithea Changeset - ae3d9b4c043e

Changeset - ae3d9b4c043e

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Mads Kiilerich (mads) - 6 years ago 2020-08-23 14:26:21
mads@kiilerich.com

Grafted from: f86af7b1cdaa

auth: compute AuthUser.permissions lazily

Prepare for computing each kind of permissions separately so they can be
skipped in the common case.

This will undo a part of 1ecd6c0e2787 where we took the detour of assigning
permissions in __init__ - now we move it back to a LazyProperty, but in a
better way.

1 file changed with 7 insertions and 2 deletions:

kallithea/lib/auth.py

0 comments (0 inline, 0 general)

kallithea/lib/auth.py

➞

Show inline comments

@@ @@ -34,24 +34,25 @@ import bcrypt @@
 import ipaddr
 from decorator import decorator
 from sqlalchemy.orm import joinedload
 from sqlalchemy.orm.exc import ObjectDeletedError
 from tg import request
 from tg.i18n import ugettext as _
 from webob.exc import HTTPForbidden, HTTPFound
 import kallithea
 from kallithea.config.routing import url
 from kallithea.lib.utils import get_repo_group_slug, get_repo_slug, get_user_group_slug
 from kallithea.lib.utils2 import ascii_bytes, ascii_str, safe_bytes
 from kallithea.lib.vcs.utils.lazy import LazyProperty
 from kallithea.model.db import (Permission, UserApiKeys, UserGroup, UserGroupMember, UserGroupRepoGroupToPerm, UserGroupRepoToPerm, UserGroupToPerm,
                                 UserGroupUserGroupToPerm, UserIpMap, UserToPerm)
 from kallithea.model.meta import Session
 from kallithea.model.user import UserModel
 log = logging.getLogger(__name__)
 class PasswordGenerator(object):
     """
     This is a simple class for generating password from different sets of
@@ @@ -421,30 +422,34 @@ class AuthUser(object): @@
             self.is_default_user = False
         else:
             # copy non-confidential database fields from a `db.User` to this `AuthUser`.
             for k, v in dbuser.get_dict().items():
                 assert k not in ['api_keys', 'permissions']
                 setattr(self, k, v)
             self.is_default_user = dbuser.is_default_user
         log.debug('Auth User is now %s', self)
         log.debug('Getting PERMISSION tree for %s', self)
         (self.repository_permissions, self.repository_group_permissions, self.user_group_permissions, self.global_permissions,
         )= get_user_permissions(self.user_id, self.is_admin)
         self.permissions = {
     @LazyProperty
     def permissions(self):
         """dict with all 4 kind of permissions - mainly for backwards compatibility"""
         return {
             'global': self.global_permissions,
             'repositories': self.repository_permissions,
             'repositories_groups': self.repository_group_permissions,
             'user_groups': self.user_group_permissions,
-        } # backwards compatibility
+        }
     def has_repository_permission_level(self, repo_name, level, purpose=None):
         required_perms = {
             'read': ['repository.read', 'repository.write', 'repository.admin'],
             'write': ['repository.write', 'repository.admin'],
             'admin': ['repository.admin'],
         }[level]
         actual_perm = self.repository_permissions.get(repo_name)
         ok = actual_perm in required_perms
         log.debug('Checking if user %r can %r repo %r (%s): %s (has %r)',
             self.username, level, repo_name, purpose, ok, actual_perm)
         return ok

0 comments (0 inline, 0 general)