Edgewall Software

ChristianBoos: is_member_of

File is_member_of, 3.9 KB (added by cboos, 6 years ago)

Add some ways to get the groups of a given user, on top of the source:/sandbox/context-refactoring branch (r6106). Basically, there's now a PermissionSystem.get_user_groups(username) method and a perm.groups() method, both returning a set of groups to which the user belongs. The latter one also caches the result.

Line 
1context-refactoring (experimental): introduce the .groups method on the PermissionCache.
2
3
4Based on a discussion with Colin Guthrie about the Gringott's plugin.
5
6diff -r 7928d8221b71 trac/perm.py
7--- a/trac/perm.py      Fri Oct 26 18:31:02 2007 +0200
8+++ b/trac/perm.py      Fri Oct 26 19:25:51 2007 +0200
9@@ -73,6 +73,9 @@ class IPermissionStore(Interface):
10         of the permission, and the value is either `True` for granted
11         permissions or `False` for explicitly denied permissions."""
12 
13+    def get_user_groups(username):
14+        """Return a set containing the groups to which the user belongs to."""
15+
16     def get_users_with_permissions(self, permissions):
17         """Retrieve a list of users that have any of the specified permissions.
18 
19@@ -137,9 +140,8 @@ class DefaultPermissionStore(Component):
20         the action column: such a record represents a group and not an actual
21         permission, and declares that the user is part of that group.
22         """
23-        subjects = set([username])
24-        for provider in self.group_providers:
25-            subjects.update(provider.get_permission_groups(username))
26+        subjects = self.get_user_groups(username)
27+        subjects.update([username])
28 
29         actions = set([])
30         db = self.env.get_db_cnx()
31@@ -160,6 +162,12 @@ class DefaultPermissionStore(Component):
32             if num_users == len(subjects) and num_actions == len(actions):
33                 break
34         return list(actions)
35+
36+    def get_user_groups(self, username):
37+        groups = set()
38+        for provider in self.group_providers:
39+            groups.update(provider.get_permission_groups(username))
40+        return groups
41 
42     def get_users_with_permissions(self, permissions):
43         """Retrieve a list of users that have any of the specified permissions
44@@ -432,14 +440,13 @@ class PermissionCache(object):
45     permission is missing.
46     """
47 
48-    def __init__(self, env, username=None, resource=None, cache=None):
49+    def __init__(self, env, username=None, resource=None, cache=None,
50+                 groups=None):
51         self.env = env
52         self.username = username or 'anonymous'
53         self.resource = resource
54-        if cache is None:
55-            self._cache = {}
56-        else:
57-            self._cache = cache
58+        self._cache = cache is not None and cache or {}
59+        self._groups = groups is not None and groups or set([None])
60 
61     def _normalize_resource(self, realm_or_resource, id, version):
62         if realm_or_resource:
63@@ -457,7 +464,8 @@ class PermissionCache(object):
64 
65         """
66         resource = Resource.from_spec(realm_or_resource, id, version)
67-        return PermissionCache(self.env, self.username, resource, self._cache)
68+        return PermissionCache(self.env, self.username, resource, self._cache,
69+                               self._groups)
70 
71     def has_permission(self, action, realm_or_resource=None, id=None,
72                        version=None):
73@@ -474,7 +482,7 @@ class PermissionCache(object):
74             perm = self
75             if resource is not self.resource:
76                 perm = PermissionCache(self.env, self.username, resource,
77-                                       self._cache)
78+                                       self._cache, self._groups)
79             decision = PermissionSystem(self.env).check_permission(action, perm)
80             self._cache[key] = decision
81             return decision
82@@ -493,3 +501,10 @@ class PermissionCache(object):
83         perm = PermissionSystem(self.env)
84         actions = perm.get_user_permissions(self.username)
85         return [action for action in actions if action in self]
86+
87+    def groups(self):
88+        """Return the set of groups to which the user belongs to."""
89+        if None in self._groups:
90+            store = PermissionSystem(self.env).store
91+            self._groups.update(store.get_user_groups(self.username))
92+        return self._groups