import exception
from model.base import ModelItemBase, ModelManagerBase
from model.users import User
class RepositoryRight:
def __init__(self, user, mode):
assert(not user or type(user) is User)
assert(type(mode) is str)
self.all_users = not user
self.user = user
self.mode = mode
class Repository(ModelItemBase):
def __init__(self, repositories, row, user = None):
super().__init__(repositories, row)
self.id = int(row['id'])
self.user_id = int(row['user_id'])
self.name = str(row['name'])
self.type = str(row['type'])
self.title = str(row['title'])
self.description = str(row['description'])
assert(not user or (type(user) is User and user.id == self.user_id))
self.user = user
self.repotype = self.manager.repotypes[self.type]
self.user_rights = None
def get_user(self):
if self.user == None:
self.user = self.model.users.get_by_id(self.user_id)
assert(self.user)
assert(self.user.id == self.user_id)
return self.user
def get_user_rights(self):
if self.user_rights is None:
self.user_rights = list()
rights = self.rights.get_list(target_type = self.table(), target_id = self.id)
if self.can_update():
self.user_rights = rights
else:
for i in rights:
if i.user_id == 0 or i.user_id == self.rights.user_id:
self.user_rights.append(i)
assert(not self.user_rights is None)
return self.user_rights
def reset_cache(self):
self.manager.reset_cache(self.id, self.user_id, self.name)
def gen_subpath(self):
return self.manager.gen_subpath(self.get_user().login, self.name)
def gen_internalurl(self):
return self.repotype.gen_internalurl( self.gen_subpath() )
def can_write(self, user_id):
if user_id:
if self.user_id == self.rights.user_id:
return True
if self.rights.get_superuser(user_id):
return True
if self.rights.get(user_id, self.table(), self.id, self.manager.REPOWRITE):
return True
return False
def can_update(self):
return self.user_id == self.rights.user_id or self.rights.issuperuser()
def update(self, title, description):
if self.can_update():
self.connection.execute(
'UPDATE %T SET `title`=%s, `description`=%s WHERE `id`=%d',
self.table(), title, description, self.id )
self.reset_cache()
else:
raise exception.ModelDeny()
def can_delete(self):
return self.user_id == self.rights.user_id or self.rights.issuperuser()
def delete(self):
if self.can_delete():
self.rights.delete_list(target_type = self.table(), target_id = self.id)
self.connection.execute(
'DELETE FROM %T WHERE `id`=%d',
self.table(), self.id )
self.reset_cache()
self.connection.call_on_commit(self.repotype.delete, self.gen_subpath())
else:
raise exception.ModelDeny()
def set_user_right(self, user_id, mode, allowed, all_users = False):
assert(all_users == (user_id == 0))
assert(type(user_id) is int)
if self.can_update():
if not mode in (self.manager.READ, self.manager.REPOWRITE):
raise exception.ModelWrongData(self.t('Wrong mode'))
if not user_id and mode == self.manager.REPOWRITE:
raise exception.ModelWrongData(self.t('Cannot grant write access for all users'))
self.rights.set(user_id, self.table(), self.id, mode, allowed)
else:
raise exception.ModelDeny()
class Repositories(ModelManagerBase):
READ = 'read'
REPOWRITE = 'repowrite'
def __init__(self, model):
super().__init__(model)
self.repotypes = self.server.repotypes
def table(self):
return 'repositories'
def itemtype(self):
return Repository
def reset_cache(self, id, user_id, name):
super().reset_cache(id)
self.connection.cache.reset(self.table(), {'user_id': user_id, 'name': name})
def verify_name(self, name):
return self.model.verify_identifier(name)
def gen_subpath(self, login, name):
assert( self.model.verify_path_entry(login) )
assert( self.model.verify_path_entry(name) )
return login + '/' + name
def can_read(self, user, id):
assert(type(user) is User)
assert(type(id) is int)
return user.id == self.rights.user_id \
or self.rights.issuperuser() \
or self.rights.isallowed(self.table(), id, self.READ)
def can_create(self, user):
assert(type(user) is User)
return user.id == self.rights.user_id or self.rights.issuperuser()
def create(self, user, name, repotype, title, description):
if not self.can_create(user):
raise exception.ModelDeny()
if not self.verify_name(name):
raise exception.ModelWrongData(self.t('Repository name is incorrect'))
if not type(repotype) is str or not repotype in self.repotypes:
raise exception.ModelWrongData(self.t('Repository type is incorrect'))
if self.get_by_name(user, name):
raise exception.ModelWrongData(self.t('Repository already exists'))
self.connection.execute(
'INSERT INTO %T SET `user_id`=%d, `name`=%s, `type`=%s, `title`=%s, `description`=%s',
self.table(), user.id, name, repotype, title, description )
id = self.connection.insert_id()
self.reset_cache(id, user.id, name)
subpath = self.gen_subpath(user.login, name)
repotype_instance = self.repotypes[repotype]
self.connection.call_on_rollback(repotype_instance.delete, subpath)
repotype_instance.create(subpath)
return self.get_by_id(id, user)
def get_by_id(self, id, user = None):
assert(type(id) is int)
row = self.connection.cache.row(self.table(), id)
if not row:
return None
if not user:
user = self.model.users.get_by_id(row['user_id'])
if not user:
return None
if not self.can_read(user, row['id']):
return None
return Repository(self, row, user)
def get_by_name(self, user, name):
assert(type(user) is User)
assert(type(name) is str)
rows = self.connection.cache.select(self.table(), {'user_id': user.id, 'name': name})
if not rows or len(rows) > 1:
return None
row = rows[0]
if not self.can_read(user, row['id']):
return None
return Repository(self, row, user)
def get_list(self, user):
assert(type(user) is User)
result = list()
rows = self.connection.query_dict('SELECT * FROM %T WHERE `user_id`=%d ORDER BY `name`', self.table(), user.id)
for row in rows:
if self.can_read(user, row['id']):
result.append(Repository(self, row, user))
return result