allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From john...@apache.org
Subject [1/2] git commit: Get ProjectRole from Credentials cache, not query
Date Thu, 03 Oct 2013 20:38:35 GMT
Updated Branches:
  refs/heads/master 6342c8722 -> 11985c6ab


Get ProjectRole from Credentials cache, not query

Signed-off-by: Tim Van Steenburgh <tvansteenburgh@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/def5ad09
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/def5ad09
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/def5ad09

Branch: refs/heads/master
Commit: def5ad093de491581e28029578d36a0a40376faa
Parents: 6342c87
Author: Tim Van Steenburgh <tvansteenburgh@gmail.com>
Authored: Mon Sep 30 20:34:50 2013 +0000
Committer: Cory Johns <cjohns@slashdotmedia.com>
Committed: Thu Oct 3 20:38:03 2013 +0000

----------------------------------------------------------------------
 Allura/allura/lib/security.py        | 7 ++++---
 Allura/allura/tests/test_security.py | 1 +
 2 files changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/def5ad09/Allura/allura/lib/security.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/security.py b/Allura/allura/lib/security.py
index 2a1a827..49d6415 100644
--- a/Allura/allura/lib/security.py
+++ b/Allura/allura/lib/security.py
@@ -302,9 +302,10 @@ def has_access(obj, permission, user=None, project=None):
 
         # TODO: move deny logic into loop below; see ticket [#6715]
         if user != M.User.anonymous():
-            user_role = M.ProjectRole.by_user(user, project)
-            if user_role:
-                deny_user = M.ACE.deny(user_role._id, permission)
+            user_roles = Credentials.get().user_roles(user_id=user._id,
+                    project_id=project.root_project._id)
+            for r in user_roles:
+                deny_user = M.ACE.deny(r['_id'], permission)
                 if M.ACL.contains(deny_user, obj.acl):
                     return False
 

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/def5ad09/Allura/allura/tests/test_security.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/test_security.py b/Allura/allura/tests/test_security.py
index 3cc3a16..0ac8658 100644
--- a/Allura/allura/tests/test_security.py
+++ b/Allura/allura/tests/test_security.py
@@ -164,4 +164,5 @@ class TestSecurity(TestController):
         user = M.User.by_username('test-user')
         assert has_access(wiki, 'read', user)()
         wiki.acl.append(M.ACE.deny(user.project_role()._id, 'read', 'Spammer'))
+        Credentials.get().clear()
         assert not has_access(wiki, 'read', user)()


Mime
View raw message