diff options
Diffstat (limited to 'rhodecode/model/repos_group.py')
-rw-r--r-- | rhodecode/model/repos_group.py | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/rhodecode/model/repos_group.py b/rhodecode/model/repos_group.py index 2ec9d1d6..625762f2 100644 --- a/rhodecode/model/repos_group.py +++ b/rhodecode/model/repos_group.py @@ -28,8 +28,10 @@ import logging import traceback import shutil import datetime +from grp import getgrnam from rhodecode.lib.utils2 import LazyProperty +from rhodecode.lib.system_command import SystemCommand from rhodecode.model import BaseModel from rhodecode.model.db import RepoGroup, RhodeCodeUi, UserRepoGroupToPerm, \ @@ -41,6 +43,7 @@ log = logging.getLogger(__name__) class ReposGroupModel(BaseModel): cls = RepoGroup + URL_SEPARATOR = RepoGroup.url_sep() def __get_users_group(self, users_group): return self._get_instance(UsersGroup, users_group, @@ -140,6 +143,11 @@ class ReposGroupModel(BaseModel): group.name) shutil.move(rm_path, os.path.join(self.repos_path, _d)) + system_group_name = "%s-%s" % ( + group.group_name.split(self.URL_SEPARATOR)[-1], + group.group_id) + SystemCommand.delete_group(system_group_name) + def create(self, group_name, group_description, parent=None, just_db=False): try: new_repos_group = RepoGroup() @@ -156,6 +164,17 @@ class ReposGroupModel(BaseModel): self.sa.flush() self.__create_group(new_repos_group.group_name) + # Create corresponding system group. + system_group_name = "%s-%s" % ( + group_name.split(self.URL_SEPARATOR)[-1], + new_repos_group.group_id) + SystemCommand.add_group(system_group_name) + create_path = os.path.join(self.repos_path, + new_repos_group.group_name) + os.chmod(create_path, 0775) + SystemCommand.change_ownership(new_repos_group.group_name, + system_group_name) + return new_repos_group except: log.error(traceback.format_exc()) @@ -277,6 +296,14 @@ class ReposGroupModel(BaseModel): self.__rename_group(old_path, new_path) + old_system_name = "%s-%s" % ( + old_path.split(self.URL_SEPARATOR)[-1], + repos_group.group_id) + new_system_name = "%s-%s" % ( + new_path.split(self.URL_SEPARATOR)[-1], + repos_group.group_id) + SystemCommand.rename_group(old_system_name, new_system_name) + return repos_group except: log.error(traceback.format_exc()) @@ -359,6 +386,24 @@ class ReposGroupModel(BaseModel): self.sa.add(obj) log.debug('Granted perm %s to %s on %s' % (perm, user, repos_group)) + system_group_name = "%s-%s" % ( + repos_group.group_name.split(self.URL_SEPARATOR)[-1], + repos_group.group_id) + group_path = os.path.join(self.repos_path, repos_group.group_name) + + if permission.permission_name in ["group.none", "group.read"]: + if user.username=="default": + os.chmod(group_path, 0775) + else: + SystemCommand.remove_user_from_group(system_group_name, + user.username) + else: + if user.username=="default": + os.chmod(group_path, 0777) + else: + SystemCommand.add_user_to_group(system_group_name, + user.username) + def revoke_user_permission(self, repos_group, user): """ Revoke permission for user on given repositories group @@ -379,6 +424,11 @@ class ReposGroupModel(BaseModel): self.sa.delete(obj) log.debug('Revoked perm on %s on %s' % (repos_group, user)) + system_group_name = "%s-%s" % ( + repos_group.group_name.split(self.URL_SEPARATOR)[-1], + repos_group.group_id) + SystemCommand.remove_user_from_group(system_group_name, user.username) + def grant_users_group_permission(self, repos_group, group_name, perm): """ Grant permission for users group on given repositories group, or update @@ -410,6 +460,18 @@ class ReposGroupModel(BaseModel): self.sa.add(obj) log.debug('Granted perm %s to %s on %s' % (perm, group_name, repos_group)) + system_group_name = "%s-%s" % ( + repos_group.group_name.split(self.URL_SEPARATOR)[-1], + repos_group.group_id) + + for member in group_name.members: + if permission.permission_name in ["group.none", "group.read"]: + SystemCommand.remove_user_from_group(system_group_name, + member.user.username) + else: + SystemCommand.add_user_to_group(system_group_name, + member.user.username) + def revoke_users_group_permission(self, repos_group, group_name): """ Revoke permission for users group on given repositories group @@ -429,3 +491,10 @@ class ReposGroupModel(BaseModel): if obj: self.sa.delete(obj) log.debug('Revoked perm to %s on %s' % (repos_group, group_name)) + + system_group_name = "%s-%s" % ( + repos_group.group_name.split(self.URL_SEPARATOR)[-1], + repos_group.group_id) + for member in group_name.members: + SystemCommand.remove_user_from_group(system_group_name, + member.user.username) |