perms_summary.mako
372 lines
| 17.6 KiB
| application/x-mako
|
MakoHtmlLexer
r1282 | ## snippet for displaying permissions overview for users | |||
## usage: | ||||
## <%namespace name="p" file="/base/perms_summary.mako"/> | ||||
## ${p.perms_summary(c.perm_user.permissions)} | ||||
r1998 | <%def name="perms_summary(permissions, show_all=False, actions=True, side_link=None)"> | |||
r2975 | <% section_to_label = { | |||
'global': 'Global Permissions', | ||||
'repository_branches': 'Repository Branch Rules', | ||||
r3985 | 'repositories': 'Repository Access Permissions', | |||
r2975 | 'user_groups': 'User Group Permissions', | |||
'repositories_groups': 'Repository Group Permissions', | ||||
} %> | ||||
r2991 | ||||
r1282 | <div id="perms" class="table fields"> | |||
r2975 | %for section in sorted(permissions.keys(), key=lambda item: {'global': 0, 'repository_branches': 1}.get(item, 1000)): | |||
r2991 | <% total_counter = 0 %> | |||
r1282 | <div class="panel panel-default"> | |||
r2975 | <div class="panel-heading" id="${section.replace("_","-")}-permissions"> | |||
r2991 | <h3 class="panel-title">${section_to_label.get(section, section)} - <span id="total_count_${section}"></span> | |||
r2975 | <a class="permalink" href="#${section.replace("_","-")}-permissions"> ¶</a> | |||
</h3> | ||||
r1998 | % if side_link: | |||
<div class="pull-right"> | ||||
<a href="${side_link}">${_('in JSON format')}</a> | ||||
</div> | ||||
% endif | ||||
r1282 | </div> | |||
<div class="panel-body"> | ||||
<div class="perms_section_head field"> | ||||
<div class="radios"> | ||||
r2975 | % if section == 'repository_branches': | |||
r1282 | <span class="permissions_boxes"> | |||
<span class="desc">${_('show')}: </span> | ||||
r2975 | ${h.checkbox('perms_filter_none_%s' % section, 'none', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_{}'.format(section)}"><span class="perm_tag none">${_('none')}</span></label> | |||
${h.checkbox('perms_filter_merge_%s' % section, 'merge', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='merge')} <label for="${'perms_filter_merge_{}'.format(section)}"><span class="perm_tag merge">${_('merge')}</span></label> | ||||
${h.checkbox('perms_filter_push_%s' % section, 'push', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='push')} <label for="${'perms_filter_push_{}'.format(section)}"> <span class="perm_tag push">${_('push')}</span></label> | ||||
${h.checkbox('perms_filter_push_force_%s' % section, 'push_force', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='push_force')} <label for="${'perms_filter_push_force_{}'.format(section)}"><span class="perm_tag push_force">${_('push force')}</span></label> | ||||
r1282 | </span> | |||
r2975 | % elif section != 'global': | |||
<span class="permissions_boxes"> | ||||
<span class="desc">${_('show')}: </span> | ||||
${h.checkbox('perms_filter_none_%s' % section, 'none', '', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_{}'.format(section)}"><span class="perm_tag none">${_('none')}</span></label> | ||||
${h.checkbox('perms_filter_read_%s' % section, 'read', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='read')} <label for="${'perms_filter_read_{}'.format(section)}"><span class="perm_tag read">${_('read')}</span></label> | ||||
${h.checkbox('perms_filter_write_%s' % section, 'write', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='write')} <label for="${'perms_filter_write_{}'.format(section)}"> <span class="perm_tag write">${_('write')}</span></label> | ||||
${h.checkbox('perms_filter_admin_%s' % section, 'admin', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='admin')} <label for="${'perms_filter_admin_{}'.format(section)}"><span class="perm_tag admin">${_('admin')}</span></label> | ||||
</span> | ||||
% endif | ||||
r1282 | </div> | |||
</div> | ||||
<div class="field"> | ||||
%if not permissions[section]: | ||||
<p class="empty_data help-block">${_('No permissions defined')}</p> | ||||
%else: | ||||
<div id='tbl_list_wrap_${section}'> | ||||
<table id="tbl_list_${section}" class="rctable"> | ||||
## global permission box | ||||
%if section == 'global': | ||||
<thead> | ||||
<tr> | ||||
<th colspan="2" class="left">${_('Permission')}</th> | ||||
%if actions: | ||||
r2011 | <th colspan="2">${_('Edit Permission')}</th> | |||
r1282 | %endif | |||
</thead> | ||||
<tbody> | ||||
<% | ||||
def get_section_perms(prefix, opts): | ||||
_selected = [] | ||||
for op in opts: | ||||
if op.startswith(prefix) and not op.startswith('hg.create.write_on_repogroup'): | ||||
_selected.append(op) | ||||
admin = 'hg.admin' in opts | ||||
_selected_vals = [x.partition(prefix)[-1] for x in _selected] | ||||
return admin, _selected_vals, _selected | ||||
%> | ||||
r2011 | ||||
<%def name="glob(lbl, val, val_lbl=None, edit_url=None, edit_global_url=None)"> | ||||
r1282 | <tr> | |||
<td class="td-tags"> | ||||
${lbl} | ||||
</td> | ||||
<td class="td-tags"> | ||||
%if val[0]: | ||||
%if not val_lbl: | ||||
r2011 | ## super admin case | |||
True | ||||
r1282 | %else: | |||
<span class="perm_tag admin">${val_lbl}.admin</span> | ||||
%endif | ||||
%else: | ||||
%if not val_lbl: | ||||
r2975 | ${{'false': False, | |||
r2010 | 'true': True, | |||
'none': False, | ||||
r2975 | 'repository': True}.get(val[1][0] if 0 < len(val[1]) else 'false')} | |||
r1282 | %else: | |||
<span class="perm_tag ${val[1][0]}">${val_lbl}.${val[1][0]}</span> | ||||
%endif | ||||
%endif | ||||
</td> | ||||
%if actions: | ||||
r2011 | ||||
% if edit_url or edit_global_url: | ||||
<td class="td-action"> | ||||
% if edit_url: | ||||
<a href="${edit_url}">${_('edit')}</a> | ||||
% else: | ||||
- | ||||
% endif | ||||
</td> | ||||
<td class="td-action"> | ||||
% if edit_global_url: | ||||
<a href="${edit_global_url}">${_('edit global')}</a> | ||||
% else: | ||||
- | ||||
% endif | ||||
</td> | ||||
% else: | ||||
<td class="td-action"></td> | ||||
<td class="td-action"> | ||||
<a href="${h.route_path('admin_permissions_global')}">${_('edit global')}</a> | ||||
<td class="td-action"> | ||||
% endif | ||||
r1282 | %endif | |||
</tr> | ||||
</%def> | ||||
r2011 | ${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository', | |||
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))} | ||||
${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group', | ||||
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))} | ||||
r1282 | ||||
r2011 | ${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup', | |||
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))} | ||||
${glob(_('Super admin'), get_section_perms('hg.admin', permissions[section]), | ||||
r2114 | edit_url=h.route_path('user_edit', user_id=c.user.user_id, _anchor='admin'), edit_global_url=None)} | |||
r1282 | ||||
r2011 | ${glob(_('Inherit permissions'), get_section_perms('hg.inherit_default_perms.', permissions[section]), | |||
r2114 | edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=None)} | |||
r2011 | ||||
${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]), | ||||
r2114 | edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))} | |||
r1282 | ||||
r2011 | ${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]), | |||
r2114 | edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))} | |||
r2011 | ||||
${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]), | ||||
r2114 | edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))} | |||
r2011 | ||||
${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]), | ||||
r2114 | edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))} | |||
r1282 | ||||
</tbody> | ||||
r2975 | ## Branch perms | |||
%elif section == 'repository_branches': | ||||
<thead> | ||||
<tr> | ||||
<th>${_('Name')}</th> | ||||
<th>${_('Pattern')}</th> | ||||
<th>${_('Permission')}</th> | ||||
%if actions: | ||||
<th>${_('Edit Branch Permission')}</th> | ||||
%endif | ||||
</thead> | ||||
<tbody class="section_${section}"> | ||||
<% | ||||
def name_sorter(permissions): | ||||
def custom_sorter(item): | ||||
return item[0] | ||||
return sorted(permissions, key=custom_sorter) | ||||
def branch_sorter(permissions): | ||||
def custom_sorter(item): | ||||
## none, merge, push, push_force | ||||
section = item[1].split('.')[-1] | ||||
section_importance = {'none': u'0', | ||||
'merge': u'1', | ||||
'push': u'2', | ||||
'push_force': u'3'}.get(section) | ||||
## sort by importance + name | ||||
return section_importance + item[0] | ||||
return sorted(permissions, key=custom_sorter) | ||||
%> | ||||
%for k, section_perms in name_sorter(permissions[section].items()): | ||||
r2991 | ## for display purposes, for non super-admins we need to check if shown | |||
## repository is actually accessible for user | ||||
<% repo_perm = permissions['repositories'][k] %> | ||||
% if repo_perm == 'repository.none' and not c.rhodecode_user.is_admin: | ||||
## skip this entry | ||||
<% continue %> | ||||
% endif | ||||
<% total_counter +=1 %> | ||||
r2975 | % for pattern, perm in branch_sorter(section_perms.items()): | |||
<tr class="perm_row ${'{}_{}'.format(section, perm.split('.')[-1])}"> | ||||
<td class="td-name"> | ||||
<a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a> | ||||
</td> | ||||
<td>${pattern}</td> | ||||
<td class="td-tags"> | ||||
## TODO: calculate origin somehow | ||||
## % for i, ((_pat, perm), origin) in enumerate((permissions[section].perm_origin_stack[k])): | ||||
<div> | ||||
<% i = 0 %> | ||||
<% origin = 'unknown' %> | ||||
<% _css_class = i > 0 and 'perm_overriden' or '' %> | ||||
<span class="${_css_class} perm_tag ${perm.split('.')[-1]}"> | ||||
${perm} | ||||
##(${origin}) | ||||
</span> | ||||
</div> | ||||
## % endfor | ||||
</td> | ||||
%if actions: | ||||
<td class="td-action"> | ||||
<a href="${h.route_path('edit_repo_perms_branch',repo_name=k)}">${_('edit')}</a> | ||||
</td> | ||||
%endif | ||||
</tr> | ||||
% endfor | ||||
%endfor | ||||
</tbody> | ||||
## Repos/Repo Groups/users groups perms | ||||
r1282 | %else: | |||
r2975 | ||||
r1282 | ## none/read/write/admin permissions on groups/repos etc | |||
<thead> | ||||
<tr> | ||||
<th>${_('Name')}</th> | ||||
<th>${_('Permission')}</th> | ||||
%if actions: | ||||
<th>${_('Edit Permission')}</th> | ||||
%endif | ||||
</thead> | ||||
<tbody class="section_${section}"> | ||||
<% | ||||
def sorter(permissions): | ||||
def custom_sorter(item): | ||||
## read/write/admin | ||||
section = item[1].split('.')[-1] | ||||
section_importance = {'none': u'0', | ||||
'read': u'1', | ||||
'write':u'2', | ||||
'admin':u'3'}.get(section) | ||||
## sort by group importance+name | ||||
return section_importance+item[0] | ||||
return sorted(permissions, key=custom_sorter) | ||||
%> | ||||
%for k, section_perm in sorter(permissions[section].items()): | ||||
r2975 | <% perm_value = section_perm.split('.')[-1] %> | |||
<% _css_class = 'display:none' if perm_value in ['none'] else '' %> | ||||
%if perm_value != 'none' or show_all: | ||||
<tr class="perm_row ${'{}_{}'.format(section, section_perm.split('.')[-1])}" style="${_css_class}"> | ||||
r2059 | <td class="td-name"> | |||
r1282 | %if section == 'repositories': | |||
r1785 | <a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a> | |||
r1282 | %elif section == 'repositories_groups': | |||
r1774 | <a href="${h.route_path('repo_group_home', repo_group_name=k)}">${k}</a> | |||
r1282 | %elif section == 'user_groups': | |||
r2068 | ##<a href="${h.route_path('edit_user_group',user_group_id=k)}">${k}</a> | |||
r1282 | ${k} | |||
%endif | ||||
</td> | ||||
<td class="td-tags"> | ||||
%if hasattr(permissions[section], 'perm_origin_stack'): | ||||
r2063 | <div> | |||
r1282 | %for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])): | |||
r2975 | <% _css_class = i > 0 and 'perm_overriden' or '' %> | |||
r2063 | % if i > 0: | |||
<div style="color: #979797"> | ||||
<i class="icon-arrow_up"></i> | ||||
${_('overridden by')} | ||||
<i class="icon-arrow_up"></i> | ||||
</div> | ||||
% endif | ||||
<div> | ||||
r2975 | <span class="${_css_class} perm_tag ${perm.split('.')[-1]}"> | |||
r2063 | ${perm} (${origin}) | |||
</span> | ||||
</div> | ||||
r1282 | %endfor | |||
r2063 | </div> | |||
r1282 | %else: | |||
<span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span> | ||||
%endif | ||||
</td> | ||||
%if actions: | ||||
<td class="td-action"> | ||||
%if section == 'repositories': | ||||
r1945 | <a href="${h.route_path('edit_repo_perms',repo_name=k,_anchor='permissions_manage')}">${_('edit')}</a> | |||
r1282 | %elif section == 'repositories_groups': | |||
r2175 | <a href="${h.route_path('edit_repo_group_perms',repo_group_name=k,_anchor='permissions_manage')}">${_('edit')}</a> | |||
r1282 | %elif section == 'user_groups': | |||
r2068 | ##<a href="${h.route_path('edit_user_group',user_group_id=k)}">${_('edit')}</a> | |||
r1282 | %endif | |||
</td> | ||||
%endif | ||||
</tr> | ||||
r2991 | <% total_counter +=1 %> | |||
r1282 | %endif | |||
r2991 | ||||
r1282 | %endfor | |||
<tr id="empty_${section}" class="noborder" style="display:none;"> | ||||
r2975 | <td colspan="6">${_('No matching permission defined')}</td> | |||
r1282 | </tr> | |||
</tbody> | ||||
%endif | ||||
</table> | ||||
</div> | ||||
%endif | ||||
</div> | ||||
</div> | ||||
</div> | ||||
r2991 | ||||
<script> | ||||
$('#total_count_${section}').html(${total_counter}) | ||||
</script> | ||||
r1282 | %endfor | |||
</div> | ||||
<script> | ||||
$(document).ready(function(){ | ||||
r2975 | var showEmpty = function(section){ | |||
r1282 | var visible = $('.section_{0} tr.perm_row:visible'.format(section)).length; | |||
r2975 | if(visible === 0){ | |||
r1282 | $('#empty_{0}'.format(section)).show(); | |||
} | ||||
else{ | ||||
$('#empty_{0}'.format(section)).hide(); | ||||
} | ||||
}; | ||||
r2975 | ||||
r1282 | $('.perm_filter').on('change', function(e){ | |||
var self = this; | ||||
var section = $(this).attr('section'); | ||||
var opts = {}; | ||||
var elems = $('.filter_' + section).each(function(el){ | ||||
var perm_type = $(this).attr('perm_type'); | ||||
var checked = this.checked; | ||||
opts[perm_type] = checked; | ||||
if(checked){ | ||||
$('.'+section+'_'+perm_type).show(); | ||||
} | ||||
else{ | ||||
$('.'+section+'_'+perm_type).hide(); | ||||
} | ||||
}); | ||||
r2975 | showEmpty(section); | |||
r1282 | }) | |||
}) | ||||
</script> | ||||
</%def> | ||||