Changeset 1216

Timestamp:

08/30/06 23:54:25 (2 years ago)

Author:

coderanger

Message:

TracForgePlugin:

Central permission system!!!

Files:

• tracforgeplugin/0.10/tracforge/admin/api.py (modified) (1 diff)
• tracforgeplugin/0.10/tracforge/admin/db_default.py (modified) (2 diffs)
• tracforgeplugin/0.10/tracforge/admin/perm.py (modified) (1 diff)

tracforgeplugin/0.10/tracforge/admin/api.py

@@ -57 +57 @@
-            for tbl in db_default.tables:
-                try:
-,(tbl.name,)
+%tbl.name,
-                except:
-                    pass

tracforgeplugin/0.10/tracforge/admin/db_default.py

@@ -1 +1 @@
-from trac.db import Table, Column
-
-2
+3
-tables = [
-    Table('tracforge_projects', key='name')[
@@ -7 +7 @@
-        Column('env_path'),
-    ],
-['project', 'user']
+('project', 'user')
-        Column('project'),
-        Column('user'),
-        Column('role'),
-    ],
+    Table('tracforge_permission', key=('username', 'action'))[
+        Column('username'),
+        Column('action'),
+    ],
-]

tracforgeplugin/0.10/tracforge/admin/perm.py

@@ -1 +1 @@
-from trac.core import *
-from trac.config import Option
-
+, DefaultPermissionStore
-from trac.env import Environment
-
-from model import Project
-
+class TracForgePermissionModule(DefaultPermissionStore):
+    """Enhanced permission module to allow for central management."""
+
+    master_path = Option('tracforge', 'master_path',
+                         doc='Path to master Trac')
+                         
+    def get_user_permissions(self, username):
+        subjects = [username]
+        for provider in self.group_providers:
+            subjects += list(provider.get_permission_groups(username))
+
+        actions = []
+        db = self.env.get_db_cnx()
+        cursor = db.cursor()
+        cursor.execute("SELECT username,action FROM permission")
+        rows = cursor.fetchall()
+        master_cursor = Environment(self.master_path).get_db_cnx().cursor()
+        master_cursor.execute("SELECT username,action FROM tracforge_permission")
+        rows += master_cursor.fetchall()
+        while True:
+            num_users = len(subjects)
+            num_actions = len(actions)
+            for user, action in rows:
+                if user in subjects:
+                    if not action.islower() and action not in actions:
+                        actions.append(action)
+                    if action.islower() and action not in subjects:
+                        # action is actually the name of the permission group
+                        # here
+                        subjects.append(action)
+            if num_users == len(subjects) and num_actions == len(actions):
+                break
+        return [action for action in actions if not action.islower()]
+
+    def get_all_permissions(self):
+        """Return all permissions for all users.
+
+        The permissions are returned as a list of (subject, action)
+        formatted tuples."""
+        db = self.env.get_db_cnx()
+        cursor = db.cursor()
+        cursor.execute("SELECT username,action FROM permission")
+        rows = cursor.fetchall()
+        if not self._extract_req().path_info.startswith('/admin/general/perm'):
+            master_cursor = Environment(self.master_path).get_db_cnx().cursor()
+            master_cursor.execute("SELECT username,action FROM tracforge_permission")
+            rows += master_cursor.fetchall()
+        return [(row[0], row[1]) for row in rows]
+
+    def _extract_req(self):
+        """Truly evil magic to scan for a variable called req in the stack."""
+        import inspect
+        for record in inspect.stack():
+            locals = record[0].f_locals
+            if 'req' in locals:
+                return locals['req']
+        raise Exception, "Error: Penguins On Fire. Can't isolate a req."
-
-class TracForgeGroupsModule(Component):