##// END OF EJS Templates
security: fixed issues with exposing repository names using global PR redirection link...
security: fixed issues with exposing repository names using global PR redirection link logic. - Since redirect was created to repository which linked to the PR, users who didn't have permissions to those repos could still see the name in the url generated.

File last commit:

r4026:ed756817 default
r4044:573a1043 default
Show More
user_group_edit_perms.mako
207 lines | 11.2 KiB | application/x-mako | MakoHtmlLexer
templating: use .mako as extensions for template files.
r1282 <%namespace name="base" file="/base/base.mako"/>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">${_('User Group Permissions')}</h3>
</div>
<div class="panel-body">
forms: unified usage of h.secure_form. Make sure we ALWAYS pass in...
r2105 ${h.secure_form(h.route_path('edit_user_group_perms_update', user_group_id=c.user_group.users_group_id), request=request)}
templating: use .mako as extensions for template files.
r1282 <table id="permissions_manage" class="rctable permissions">
<tr>
<th class="td-radio">${_('None')}</th>
<th class="td-radio">${_('Read')}</th>
<th class="td-radio">${_('Write')}</th>
<th class="td-radio">${_('Admin')}</th>
<th>${_('User/User Group')}</th>
dan
permissions: unified looks and buttons on permission pages....
r2980 <th class="td-action"></th>
<th class="td-action"></th>
templating: use .mako as extensions for template files.
r1282 </tr>
## USERS
%for _user in c.user_group.permissions():
permissions: add links to permissions summary for each permission pages
r2976 ## super admin/owner row
templating: use .mako as extensions for template files.
r1282 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
<tr class="perm_admin_row">
<td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
<td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
<td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
<td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
<td class="td-user">
hovercacrds: added new tooltips and hovercards to expose certain information for objects shown in UI
r4026 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
templating: use .mako as extensions for template files.
r1282 <span class="user">
${h.link_to_user(_user.username)}
%if getattr(_user, 'admin_row', None):
(${_('super admin')})
%endif
%if getattr(_user, 'owner_row', None):
(${_('owner')})
%endif
</span>
</td>
<td></td>
dan
permissions: unified looks and buttons on permission pages....
r2980 <td class="quick_repo_menu">
permissions: add links to permissions summary for each permission pages
r2976 % if c.rhodecode_user.is_admin:
dan
permissions: unified looks and buttons on permission pages....
r2980 <i class="icon-more"></i>
<div class="menu_items_container" style="display: none;">
<ul class="menu_items">
<li>
${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='user-groups-permissions'))}
</li>
</ul>
</div>
permissions: add links to permissions summary for each permission pages
r2976 % endif
</td>
templating: use .mako as extensions for template files.
r1282 </tr>
%else:
##forbid revoking permission from yourself, except if you're an super admin
<tr>
%if c.rhodecode_user.user_id != _user.user_id or c.rhodecode_user.is_admin:
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none')}</td>
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read')}</td>
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write')}</td>
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.admin')}</td>
<td class="td-user">
hovercacrds: added new tooltips and hovercards to expose certain information for objects shown in UI
r4026 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
templating: use .mako as extensions for template files.
r1282 <span class="user">
% if _user.username == h.DEFAULT_USER:
${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
% else:
${h.link_to_user(_user.username)}
permissions: add links to permissions summary for each permission pages
r2976 %if getattr(_user, 'duplicate_perm', None):
(${_('inactive duplicate')})
%endif
templating: use .mako as extensions for template files.
r1282 % endif
</span>
</td>
<td class="td-action">
%if _user.username != h.DEFAULT_USER:
<span class="btn btn-link btn-danger revoke_perm"
member="${_user.user_id}" member_type="user">
dan
permissions: unified looks and buttons on permission pages....
r2980 ${_('Remove')}
templating: use .mako as extensions for template files.
r1282 </span>
%endif
</td>
dan
permissions: unified looks and buttons on permission pages....
r2980 <td class="quick_repo_menu">
permissions: add links to permissions summary for each permission pages
r2976 % if c.rhodecode_user.is_admin:
dan
permissions: unified looks and buttons on permission pages....
r2980 <i class="icon-more"></i>
<div class="menu_items_container" style="display: none;">
<ul class="menu_items">
<li>
% if _user.username == h.DEFAULT_USER:
${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='user-groups-permissions'))}
% else:
${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='user-groups-permissions'))}
% endif
</li>
</ul>
</div>
permissions: add links to permissions summary for each permission pages
r2976 % endif
</td>
templating: use .mako as extensions for template files.
r1282 %else:
permissions: add links to permissions summary for each permission pages
r2976 ## special case for currently logged-in user permissions, we make sure he cannot take his own permissions
templating: use .mako as extensions for template files.
r1282 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none', disabled="disabled")}</td>
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read', disabled="disabled")}</td>
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write', disabled="disabled")}</td>
<td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.admin', disabled="disabled")}</td>
<td class="td-user">
hovercacrds: added new tooltips and hovercards to expose certain information for objects shown in UI
r4026 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
templating: use .mako as extensions for template files.
r1282 <span class="user">
% if _user.username == h.DEFAULT_USER:
${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
% else:
${h.link_to_user(_user.username)}
permissions: add links to permissions summary for each permission pages
r2976 %if getattr(_user, 'duplicate_perm', None):
(${_('inactive duplicate')})
%endif
templating: use .mako as extensions for template files.
r1282 % endif
<span class="user-perm-help-text">(${_('delegated admin')})</span>
</span>
</td>
<td></td>
dan
permissions: unified looks and buttons on permission pages....
r2980 <td class="quick_repo_menu">
permissions: add links to permissions summary for each permission pages
r2976 % if c.rhodecode_user.is_admin:
dan
permissions: unified looks and buttons on permission pages....
r2980 <i class="icon-more"></i>
<div class="menu_items_container" style="display: none;">
<ul class="menu_items">
<li>
${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='user-groups-permissions'))}
</li>
</ul>
</div>
permissions: add links to permissions summary for each permission pages
r2976 % endif
</td>
templating: use .mako as extensions for template files.
r1282 %endif
</tr>
%endif
%endfor
## USER GROUPS
permissions: show user group count in permissions summary, and unified some text labels.
r3385 %for _user_group in c.user_group.permission_user_groups(with_members=True):
templating: use .mako as extensions for template files.
r1282 <tr>
<td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.none')}</td>
<td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.read')}</td>
<td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.write')}</td>
<td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.admin')}</td>
<td class="td-user">
branch permissions: added logic to define in UI branch permissions....
r2975 <i class="icon-user-group"></i>
auth: reduced usage of raw auth calls inside templates
r3587 %if c.is_super_admin:
user-groups: rewrote the app to pyramid...
r2068 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
templating: use .mako as extensions for template files.
r1282 ${_user_group.users_group_name}
</a>
%else:
Bartłomiej Wołyńczyk
Public user group profile Task #5326
r2638 ${h.link_to_group(_user_group.users_group_name)}
templating: use .mako as extensions for template files.
r1282 %endif
permissions: show user group count in permissions summary, and unified some text labels.
r3385 (${_('members')}: ${len(_user_group.members)})
templating: use .mako as extensions for template files.
r1282 </td>
<td class="td-action">
<span class="btn btn-link btn-danger revoke_perm"
member="${_user_group.users_group_id}" member_type="user_group">
dan
permissions: unified looks and buttons on permission pages....
r2980 ${_('Remove')}
templating: use .mako as extensions for template files.
r1282 </span>
</td>
dan
permissions: unified looks and buttons on permission pages....
r2980 <td class="quick_repo_menu">
permissions: add links to permissions summary for each permission pages
r2976 % if c.rhodecode_user.is_admin:
dan
permissions: unified looks and buttons on permission pages....
r2980 <i class="icon-more"></i>
<div class="menu_items_container" style="display: none;">
<ul class="menu_items">
<li>
${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='user-groups-permissions'))}
</li>
</ul>
</div>
permissions: add links to permissions summary for each permission pages
r2976 % endif
</td>
templating: use .mako as extensions for template files.
r1282 </tr>
%endfor
<tr class="new_members" id="add_perm_input"></tr>
branch permissions: added logic to define in UI branch permissions....
r2975 <tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
<td>
<span id="add_perm" class="link">
${_('Add user/user group')}
</span>
</td>
permissions: add links to permissions summary for each permission pages
r2976 <td></td>
branch permissions: added logic to define in UI branch permissions....
r2975 </tr>
templating: use .mako as extensions for template files.
r1282 </table>
branch permissions: added logic to define in UI branch permissions....
r2975
templating: use .mako as extensions for template files.
r1282 <div class="buttons">
${h.submit('save',_('Save'),class_="btn btn-primary")}
${h.reset('reset',_('Reset'),class_="btn btn-danger")}
</div>
${h.end_form()}
</div>
</div>
<script type="text/javascript">
$('#add_perm').on('click', function(e){
addNewPermInput($(this), 'usergroup');
});
$('.revoke_perm').on('click', function(e){
markRevokePermInput($(this), 'usergroup');
});
dan
permissions: unified looks and buttons on permission pages....
r2980 quick_repo_menu()
templating: use .mako as extensions for template files.
r1282 </script>