First stab at applying prototypes.

2014-01-20 19:05:26 -05:00 · 2014-01-20 19:05:26 -05:00 · 330051f7d9
commit 330051f7d9
parent 3f67ff77a4
3 changed files with 92 additions and 27 deletions
--- a/data/model.py
+++ b/data/model.py
@ -737,15 +737,57 @@ def set_repository_visibility(repo, visibility):
  repo.save()


-def create_repository(namespace, name, owner, visibility='private'):
+def create_repository(namespace, name, creating_user, visibility='private'):
  private = Visibility.get(name=visibility)
  repo = Repository.create(namespace=namespace, name=name,
                           visibility=private)
  admin = Role.get(name='admin')

-  if owner and not owner.organization:
-    permission = RepositoryPermission.create(user=owner, repository=repo,
-                                             role=admin)
+  if creating_user and not creating_user.organization:
+    permission = RepositoryPermission.create(user=creating_user,
+                                             repository=repo, role=admin)
+
+    if creating_user.username != namespace:
+      # Permission prototypes only work for orgs
+      org = get_organization(namespace)
+      user_clause = (PermissionPrototype.activating_user == creating_user |
+                     PermissionPrototype >> None)
+
+      team_protos = (PermissionPrototype
+                      .select()
+                      .where(PermissionPrototype.org == org, user_clause,
+                             PermissionPrototype.delegate_user >> None))
+
+      final_protos = {}
+      for proto in team_protos:
+        # We will skip the proto if it is pre-empted by a more important proto
+        if (proto.delegate_team.name in final_protos and
+            proto.activating_user is None):
+          continue
+
+        # By this point, it is either a user specific proto, or there is no
+        # proto yet, so we can safely assume it applies
+        final_protos[proto.delegate_team.name] = (proto.delegate_team,
+                                                  proto.role)
+
+      for team, role in final_protos.values():
+        RepositoryPermission.create(team=team, repository=repo, role=role)
+
+      final_user_protos = {}
+      for proto in team_protos:
+        # We will skip the proto if it is pre-empted by a more important proto
+        if (proto.delegate_user.username in final_user_protos and
+            proto.activating_user is None):
+          continue
+
+        # By this point, it is either a user specific proto, or there is no
+        # proto yet, so we can safely assume it applies
+        final_user_protos[proto.delegate_user.username] = (proto.delegate_user,
+                                                           proto.role)
+
+      for user, role in final_user_protos.values():
+        RepositoryPermission.create(user=user, repository=repo, role=role)
+
  return repo


@ -763,7 +805,8 @@ def set_image_checksum(docker_image_id, repository, checksum):
  return fetched


-def set_image_size(docker_image_id, namespace_name, repository_name, image_size):
+def set_image_size(docker_image_id, namespace_name, repository_name,
+                   image_size):
  joined = Image.select().join(Repository)
  image_list = list(joined.where(Repository.name == repository_name,
                                 Repository.namespace == namespace_name,