Hi,
As this is an interface change, I'd like to get some feedback on the
following patch, which basically just adds a `get_user_groups` method to
IPermissionStore and therefore to the DefaultPermissionStore, as well as
a `groups` method to the PermissionCache, giving back a set of group
strings for the perm user.
The use case would be for IPermissionPolicy plugins that would need to
ask directly for group membership of a given username (e.g. the
GringottsPlugin on TracHacks).
-- Christian
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Development" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/trac-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
Index: trac/perm.py
===================================================================
--- trac/perm.py (revision 6106)
+++ trac/perm.py (working copy)
@@ -73,6 +73,9 @@
of the permission, and the value is either `True` for granted
permissions or `False` for explicitly denied permissions."""
+ def get_user_groups(username):
+ """Return a set containing the groups to which the user belongs to."""
+
def get_users_with_permissions(self, permissions):
"""Retrieve a list of users that have any of the specified permissions.
@@ -137,9 +140,8 @@
the action column: such a record represents a group and not an actual
permission, and declares that the user is part of that group.
"""
- subjects = set([username])
- for provider in self.group_providers:
- subjects.update(provider.get_permission_groups(username))
+ subjects = self.get_user_groups(username)
+ subjects.update([username])
actions = set([])
db = self.env.get_db_cnx()
@@ -161,6 +163,12 @@
break
return list(actions)
+ def get_user_groups(self, username):
+ groups = set()
+ for provider in self.group_providers:
+ groups.update(provider.get_permission_groups(username))
+ return groups
+
def get_users_with_permissions(self, permissions):
"""Retrieve a list of users that have any of the specified permissions
@@ -432,14 +440,13 @@
permission is missing.
"""
- def __init__(self, env, username=None, resource=None, cache=None):
+ def __init__(self, env, username=None, resource=None, cache=None,
+ groups=None):
self.env = env
self.username = username or 'anonymous'
self.resource = resource
- if cache is None:
- self._cache = {}
- else:
- self._cache = cache
+ self._cache = cache is not None and cache or {}
+ self._groups = groups is not None and groups or set([None])
def _normalize_resource(self, realm_or_resource, id, version):
if realm_or_resource:
@@ -457,7 +464,8 @@
"""
resource = Resource.from_spec(realm_or_resource, id, version)
- return PermissionCache(self.env, self.username, resource, self._cache)
+ return PermissionCache(self.env, self.username, resource, self._cache,
+ self._groups)
def has_permission(self, action, realm_or_resource=None, id=None,
version=None):
@@ -474,7 +482,7 @@
perm = self
if resource is not self.resource:
perm = PermissionCache(self.env, self.username, resource,
- self._cache)
+ self._cache, self._groups)
decision = PermissionSystem(self.env).check_permission(action, perm)
self._cache[key] = decision
return decision
@@ -493,3 +501,10 @@
perm = PermissionSystem(self.env)
actions = perm.get_user_permissions(self.username)
return [action for action in actions if action in self]
+
+ def groups(self):
+ """Return the set of groups to which the user belongs to."""
+ if None in self._groups:
+ store = PermissionSystem(self.env).store
+ self._groups.update(store.get_user_groups(self.username))
+ return self._groups
