Edgewall Software

ChristianBoos: is_member_of

File is_member_of, 3.9 KB (added by Christian Boos, 10 years ago)

Add some ways to get the groups of a given user, on top of the source:/sandbox/context-refactoring branch (r6106). Basically, there's now a PermissionSystem.get_user_groups(username) method and a perm.groups() method, both returning a set of groups to which the user belongs. The latter one also caches the result.

Line 
1context-refactoring (experimental): introduce the .groups method on the PermissionCache.
2
3
4Based on a discussion with Colin Guthrie about the Gringott's plugin.
5
6diff -r 7928d8221b71 trac/perm.py
7--- a/trac/perm.py Fri Oct 26 18:31:02 2007 +0200
8+++ b/trac/perm.py Fri Oct 26 19:25:51 2007 +0200
9@@ -73,6 +73,9 @@ class IPermissionStore(Interface):
10 of the permission, and the value is either `True` for granted
11 permissions or `False` for explicitly denied permissions."""
12
13+ def get_user_groups(username):
14+ """Return a set containing the groups to which the user belongs to."""
15+
16 def get_users_with_permissions(self, permissions):
17 """Retrieve a list of users that have any of the specified permissions.
18
19@@ -137,9 +140,8 @@ class DefaultPermissionStore(Component):
20 the action column: such a record represents a group and not an actual
21 permission, and declares that the user is part of that group.
22 """
23- subjects = set([username])
24- for provider in self.group_providers:
25- subjects.update(provider.get_permission_groups(username))
26+ subjects = self.get_user_groups(username)
27+ subjects.update([username])
28
29 actions = set([])
30 db = self.env.get_db_cnx()
31@@ -160,6 +162,12 @@ class DefaultPermissionStore(Component):
32 if num_users == len(subjects) and num_actions == len(actions):
33 break
34 return list(actions)
35+
36+ def get_user_groups(self, username):
37+ groups = set()
38+ for provider in self.group_providers:
39+ groups.update(provider.get_permission_groups(username))
40+ return groups
41
42 def get_users_with_permissions(self, permissions):
43 """Retrieve a list of users that have any of the specified permissions
44@@ -432,14 +440,13 @@ class PermissionCache(object):
45 permission is missing.
46 """
47
48- def __init__(self, env, username=None, resource=None, cache=None):
49+ def __init__(self, env, username=None, resource=None, cache=None,
50+ groups=None):
51 self.env = env
52 self.username = username or 'anonymous'
53 self.resource = resource
54- if cache is None:
55- self._cache = {}
56- else:
57- self._cache = cache
58+ self._cache = cache is not None and cache or {}
59+ self._groups = groups is not None and groups or set([None])
60
61 def _normalize_resource(self, realm_or_resource, id, version):
62 if realm_or_resource:
63@@ -457,7 +464,8 @@ class PermissionCache(object):
64
65 """
66 resource = Resource.from_spec(realm_or_resource, id, version)
67- return PermissionCache(self.env, self.username, resource, self._cache)
68+ return PermissionCache(self.env, self.username, resource, self._cache,
69+ self._groups)
70
71 def has_permission(self, action, realm_or_resource=None, id=None,
72 version=None):
73@@ -474,7 +482,7 @@ class PermissionCache(object):
74 perm = self
75 if resource is not self.resource:
76 perm = PermissionCache(self.env, self.username, resource,
77- self._cache)
78+ self._cache, self._groups)
79 decision = PermissionSystem(self.env).check_permission(action, perm)
80 self._cache[key] = decision
81 return decision
82@@ -493,3 +501,10 @@ class PermissionCache(object):
83 perm = PermissionSystem(self.env)
84 actions = perm.get_user_permissions(self.username)
85 return [action for action in actions if action in self]
86+
87+ def groups(self):
88+ """Return the set of groups to which the user belongs to."""
89+ if None in self._groups:
90+ store = PermissionSystem(self.env).store
91+ self._groups.update(store.get_user_groups(self.username))
92+ return self._groups