# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import logging
from ming.odm import ThreadLocalODMSession
from allura import model as M
from allura.lib import utils
log = logging.getLogger(__name__)
def add(acl, role):
if role not in acl:
acl.append(role)
# migration script for change write permission to create + update
def main():
query = {'tool_name': {'$regex': '^tickets$', '$options': 'i'}}
for chunk in utils.chunked_find(M.AppConfig, query):
for a in chunk:
# change 'deny write' and 'write' permission
role_ids = [(p.role_id, p.access)
for p in a.acl if p.permission == 'write']
for role_id, access in role_ids:
if access == M.ACE.DENY:
add(a.acl, M.ACE.deny(role_id, 'create'))
add(a.acl, M.ACE.deny(role_id, 'update'))
else:
add(a.acl, M.ACE.allow(role_id, 'create'))
add(a.acl, M.ACE.allow(role_id, 'update'))
ThreadLocalODMSession.flush_all()
if __name__ == '__main__':
main()