[Patch] New users do not appear in members-list

[anonymous]

After adding a few new users with the accountmanagers plugin these new users do not appear in the list of groupsmembers in the svnauthz plugin.

[Chris Heller]

The list of users that is shown comes from the list of users (or groups) in Trac that have been assigned at least one permission.

So, if you want to give one person specific access in svn authz, they need to have at least one permission explicitly granted to them in the Trac permissions; they can't have their only permissions come from Trac group membership.

[rupert thurner]

added comment to #4832. see also ​here for the implementation to get all users.

[Jay Xie]

This's my solution to get all users from session, this will list all users that exists in the session table in the trac database.

I don't think this is the best way, but it works for me.

svnauthz/admin_ui.py

@@ -310 +310 @@
 
     def _get_all_users(self):
       """
-      Fetches all users/groups from PermissionSystem
+      Fetches all users/groups from session
       """
-      perm = PermissionSystem(self.env)
+      db = self.env.get_db_cnx()
+      cursor = db.cursor()
+      cursor.execute("SELECT sid "
+                     "FROM session "
+                     "WHERE authenticated=1")
       users = ["*"]
-      data = perm.get_all_permissions()
-      if not data:
-        return [] # we abort here
+      for username in cursor:
+        users.append(username)
+      return users
 
-      for (subject, action) in data:
-        if subject not in users and subject not in ["anonymous", "authenticated"]:
-          users.append(subject)
-      return users
-
     def _get_candidate_subjects(self, not_in_list = []):
         candidates = []
         users = [user for user in self._get_all_users()

[till]

my proposal:

svnauthz/

@@ -310 +310 @@
 
     def _get_all_users(self):
       """
-      Fetches all users/groups from PermissionSystem
+      Fetches all users/groups
       """
-      perm = PermissionSystem(self.env)
       users = ["*"]
-      data = perm.get_all_permissions()
+      data = self.env.get_known_users()
       if not data:
         return [] # we abort here
 
-      for (subject, action) in data:
+      for (subject, name, email) in data:
         if subject not in users and subject not in ["anonymous", "authenticated"]:
           users.append(subject)
       return users  

[Tim Niemueller]

I'm using the patch from comment 6. Works just fine and is really useful e.g. when using the account manager plugin and most users do not have special permissions. I'd vote for applying it (and please make a release to ease packaging).

[anonymous]

I'm using the patch in comment 7 posted by till and it works perfectly. Makes more sense as well as there's no guarantee that a user will be in the session table.

[Ryan J Ollos]

Patch in comment:6 looks correct. Any objects by kisg that I commit this patch?

[Steffen Hoffmann]

Replying to rjollos:

Patch in comment:6 looks correct. Any objects by kisg that I commit this patch?

Anonymous in comment:8 seems reminds me of the temporary nature of the session table (autopurge after some time of inactivity), while self.env.get_known_users() will take information from session_attribute table, that is guaranteed to last. Just my 2 ct.

[Ryan J Ollos]

Replying to hasienda:

Anonymous in comment:8 seems reminds me of the temporary nature of the session table (autopurge after some time of inactivity), while self.env.get_known_users() will take information from session_attribute table, that is guaranteed to last. Just my 2 ct.

I went ahead and pushed the changes from Dennis in #8165 since kisg seems to have disappeared. I'm thinking we have enough positive feedback to apply this patch as well.