##// END OF EJS Templates
auth: don't expose full set of permissions into channelstream payload....
auth: don't expose full set of permissions into channelstream payload. This leads to resource discovery security vulnerability

File last commit:

r2156:ea1af41c default
r2157:aefa7aac default
Show More
user_edit.mako
57 lines | 2.7 KiB | application/x-mako | MakoHtmlLexer
templating: use .mako as extensions for template files.
r1282 ## -*- coding: utf-8 -*-
<%inherit file="/base/base.mako"/>
<%def name="title()">
${_('%s user settings') % c.user.username}
%if c.rhodecode_name:
&middot; ${h.branding(c.rhodecode_name)}
%endif
</%def>
<%def name="breadcrumbs_links()">
audit-logs: introduced new view to replace admin journal....
r1758 ${h.link_to(_('Admin'),h.route_path('admin_home'))}
templating: use .mako as extensions for template files.
r1282 &raquo;
admin-users: moved grid browsing to pyramid....
r1520 ${h.link_to(_('Users'),h.route_path('users'))}
templating: use .mako as extensions for template files.
r1282 &raquo;
ux: show that user is disabled when editing him.
r1693 % if c.user.active:
templating: use .mako as extensions for template files.
r1282 ${c.user.username}
ux: show that user is disabled when editing him.
r1693 % else:
<strike title="${_('This user is set as disabled')}">${c.user.username}</strike>
% endif
templating: use .mako as extensions for template files.
r1282 </%def>
<%def name="menu_bar_nav()">
${self.menu_items(active='admin')}
</%def>
<%def name="main()">
<div class="box user_settings">
<div class="title">
${self.breadcrumbs()}
</div>
##main
<div class="sidebar-col-wrapper">
<div class="sidebar">
<ul class="nav nav-pills nav-stacked">
users: ported controllers from pylons into pyramid views.
r2114 <li class="${'active' if c.active=='profile' else ''}"><a href="${h.route_path('user_edit', user_id=c.user.user_id)}">${_('User Profile')}</a></li>
admin: moved auth tokens into pyramid view....
r1518 <li class="${'active' if c.active=='auth_tokens' else ''}"><a href="${h.route_path('edit_user_auth_tokens', user_id=c.user.user_id)}">${_('Auth tokens')}</a></li>
users: added SSH key management for user admin pages
r1993 <li class="${'active' if c.active in ['ssh_keys','ssh_keys_generate'] else ''}"><a href="${h.route_path('edit_user_ssh_keys', user_id=c.user.user_id)}">${_('SSH Keys')}</a></li>
users: ported controllers from pylons into pyramid views.
r2114 <li class="${'active' if c.active=='advanced' else ''}"><a href="${h.route_path('user_edit_advanced', user_id=c.user.user_id)}">${_('Advanced')}</a></li>
<li class="${'active' if c.active=='global_perms' else ''}"><a href="${h.route_path('user_edit_global_perms', user_id=c.user.user_id)}">${_('Global permissions')}</a></li>
users/user_groups: ported permission summary pages into pyramid....
r1998 <li class="${'active' if c.active=='perms_summary' else ''}"><a href="${h.route_path('edit_user_perms_summary', user_id=c.user.user_id)}">${_('Permissions summary')}</a></li>
users-admin: moved views into pyramid for editing emails and ips....
r1821 <li class="${'active' if c.active=='emails' else ''}"><a href="${h.route_path('edit_user_emails', user_id=c.user.user_id)}">${_('Emails')}</a></li>
<li class="${'active' if c.active=='ips' else ''}"><a href="${h.route_path('edit_user_ips', user_id=c.user.user_id)}">${_('Ip Whitelist')}</a></li>
admin-users: add audit page to allow showing user actions in RhodeCode....
r1559 <li class="${'active' if c.active=='groups' else ''}"><a href="${h.route_path('edit_user_groups_management', user_id=c.user.user_id)}">${_('User Groups Management')}</a></li>
audit-logs: expose tailoed audit logs in repository view
r2156 <li class="${'active' if c.active=='audit' else ''}"><a href="${h.route_path('edit_user_audit_logs', user_id=c.user.user_id)}">${_('Audit logs')}</a></li>
templating: use .mako as extensions for template files.
r1282 </ul>
</div>
<div class="main-content-full-width">
<%include file="/admin/users/user_edit_${c.active}.mako"/>
</div>
</div>
</div>
</%def>