[MERGE] Handle groups more gracefully in Django

Mon, 19 Apr 2010 13:59:35 -0700 

This supersedes the patch I sent earlier today.
I tested this by manually modifying the user database and confirming that FAS overrode all settings I made locally, either removing or adding group memberships as appropriate. 


When the groups are unchanged, we will only require a single lookup into 
the database, as opposed to one per group the user was a member of.



It also addresses a bug where users whose group membership was revoked 
would still appear to be a member within Django apps.


--
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/

# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: sgall...@fedoraproject.org-20100419205648-\
#   3dk1bybf81j8hho3
# target_branch: bzr://bzr.fedorahosted.org/bzr/python-fedora/python-\
#   fedora-devel/
# testament_sha1: 60093b7f5710c3234061f0bf5991f5ae0604e748
# timestamp: 2010-04-19 16:56:57 -0400
# base_revision_id: tos...@fedoraproject.org-20100408181520-\
#   7mzxred8mrovqu9m
# 
# Begin patch
=== modified file 'fedora/django/auth/models.py'
--- fedora/django/auth/models.py	2010-03-15 23:22:05 +0000
+++ fedora/django/auth/models.py	2010-04-19 20:56:48 +0000
@@ -83,9 +83,29 @@
         if getattr(settings, 'FAS_GENERICEMAIL', True):
             u.email = u._get_email()
         u.save()
+        known_groups = []
+        for group in u.groups.values():
+            known_groups.append(group['id'])
+
+        fas_groups = []
         for group in user['approved_memberships']:
-            g = _new_group(group)
-            u.groups.add(g)
+            fas_groups.append(group['id'])
+
+        # This user has been added to one or more FAS groups
+        for group in (g for g in user['approved_memberships'] if g['id'] not in known_groups):
+            newgroup = _new_group(group)
+            u.groups.add(newgroup)
+
+        # This user has been removed from one or more FAS groups
+        for id in known_groups:
+            found = False
+            for g in user['approved_memberships']:
+                if g['id'] == id:
+                    found = True
+                    break
+            if not found:
+                u.groups.remove(authmodels.Group.objects.get(id=id))
+
         u.save()
         return u
 

# Begin bundle
IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWdShxTgABNJ/gAVUQABZ4///
d8IOCr////BgCA8t8PvYUAGNrZWm2qlVRsNDRNQIyaGgyaHqAAAAAAAIJRtR6npNqBo0GIaBoDQG
mg0YjQc0xMmTRhMExNMAmAQwRgRgEUSU09Jqep7Rqh+k9JHkNTCbU0GjTBNqaACKSaaSp7ZKfkNF
T2o8qbaMqZ4lP1INGTRgR6gRSCAJkCaam01JPMIKeUe0UNAeoMajREA8KZiOCkdGFZPGXDv0jDaz
PQDQI4JCKbzhTjVgbI+EGEFUf75fPBC4YQysBx08cYtisoKcbNeITaYRSmNVmXtQQyKn1P7+l+8f
g52FiIIn8l+02iZoHYJTBMkCfNjqFiFcVR8xXzIL4Cshknmc7aMPMkqJI8ZMt4XhTZphICFioD4E
xgOVZlSAWIy5EkVAg6AUuJ3PDHbtwL7XGG6AiCOukrKDGcSHG0zIfD2c9nT3e96tXg2udHyjC+/2
3ynFLvy9nBArWyr0aqvwDu2x5PHjDB917JcKV6yOc5Hh6ypxurHpHYJ0er0HZq7RIAMBweLA9wlj
ghK8LJWUxCqm1SX6MtIRKCmYetvv0UB8+a6ZmZnms07yMjCZQozODxtFa0KiUhWwS0hCn4Uo1IuJ
KxTeQNpPEmS+NzchaSGmByPh/ITMuNFIhkkhWUsT3ynp4nV13xdTLOrqa4ckKkspDnow1Eg34MT1
E3HC8whzJ3PnmYCQI7TEpx0HyGmwjIKlTcJxMhvQwdIdyocNAC0gplmhVCdn3Fhnbi8pj11BQSZQ
xLiZ9Teh2oU5FZn11BuQxE36aZlbTQwQ2ky+++KlhghzpXkSMzsG8xEnhwKs6iTQpD6i+5oM7yYj
2FNgkPyEsvPUcC4sN6HNoMids3mOIlxzNBJhXCWgcYMBKbbcx2HK6paBs2F4koJiVMjAK1HQoamp
gQYFxRyC4qcDES0yLjlBbfcbiZhkQNXZYYlDCRmbyhkbFkcC0yJFSw1rdZnOqwVmWND9otuMi3VC
hifgTEzQ7ChgZkiCAzOQ34MGM2mFR0sKUZuo7zQ2CdiUMzAo5t9oXBmbSCh+o2s0M79hFgmxDM2k
xGZpQ4Xl5qalKXFrBOVhaXkjE8fqhBUT4/HykS2mpnAYus4HkhSjuQ2CSqZeY+iHawIfVgbU+Jpe
hyEtY8pTK1MsMtI90EQxDWRre4ehztGtkd1hlo+852ACIU2vjlDBBAERBtxltJCYNkztYxEBlfme
kofQ8V6bbYiIgztjKECa3JU16aamEoG2HmcCrvLAeho9lZ0OhBvMChebTxO1kfw24FN/b07LuDB2
DaJ/FRPSn/dp9bzqgn0OH/Xjubn7bvaaDe1onou1CFh3OmQMLrr1PbX15y4ocJWVGI0m8YmT2D9d
lqmR8vgOwGA6hNoeZ9Tce4mQYn2MfhaWEHAvPty/eex9nnzqSeKk28UsIae+UgiZHSfchI5aGhM7
iBILlqh/hJcLGFAluE4ews3zEdomgqpoEm+/pNBjU5ZjQddeVgD+7L59/j5FrEdJYH9pevt+NrLj
7b+ATnOUjzjlfY1j1HRoC5gtZiWnAwtL9xvLzoKaN+zrBc0YU0AcvIm22iZ7mhI3HQm4IQriVOZd
xozDFuBu4c+4c0J5d8APNxQq2OjHYZDGXElDMSXFQOswDq1ajgLywSDw2eXMdW4PK/4ieo0mI/F5
voc0FuYJLLxkZ3ZhUbUSDegnmAYfLnNRNKFhxgPxLBmTIIboII/V9p7Q3hIBIuBiwnvUjCOJYbRy
D5GSnrGHpXsQn4Icjg3fYPvLerx3Xj+1e/rUePghaNiHT6Cbce5k1uLsxAZJ4gOuXR91bPoPyP2R
OHNDC0MRlzE9BO3hu5x3iaECaoSUT6Ye5ygZWwKlA8/l8BKe9vZd4kqcfnCkIR4rjR0QpUuHS/N9
LeO1sd35tGG1tOx8B5O3q2tHKyJRhD98TB+aQD8shyfUXlokp2Jv6d/0EtsdH8xPMT8kLnamYHJC
sIcrzlsH2oVh39xuE7VTip6v0k2t7CJofzbUdizLnMSETByRKrtP1ohyUht4u2Vjao9hA5aJuEmw
XB4PB8EPxYOhmDzJdTCAG9vGGjQeLCHBD/j7hOr1ExMhghykeaEDN9cCc2AGuM/7uSnkxxsEPxvf
Ro8GEJuKJnfJcu/iidKyB1Q+8IEudwuEgYgeyWYGpLCKb5LMOuHzShgUqZsxhoy7hpmTb49VPIxK
gibBJiqCQRUhnG573VeAzbkPehMvGyGmRSd5W++uk1MPUianQzHg7ho1EmV56y9zDkdQSY5t9gzX
IJlQxzkvNA0hDBw2THr7svxY514eb0hCt8KxvtTsTwqmqGiDeJMJVgkmv5oX/NqhZcE3uQkyYfP+
I/0JW6BLrQ7HU/+LuSKcKEhqUOKcAA==

_______________________________________________
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure













    











					Reply via email to