rhodecode-enterprise-ce Files · rhodecode/controllers/admin/permissions.py

login: Fix recaptcha. There was an error in the retrieval of private/public key from settings model. This leads to `None` as private key and this indicates that recaptcha is not active. Therefore it was never used no matter if private key was set or not.

lisaq - - Load All Authors

File last commit:

r1034:d1b70f85 default


                r1062:f920e065

default

Download file

             permissions.py
        
                    249 lines
            
             | 8.8 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / controllers / admin / permissions.py
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        marcink
    
project: added all source files and assets

              r1
            
      # -*- coding: utf-8 -*-

      # Copyright (C) 2010-2016  RhodeCode GmbH

      #

      # This program is free software: you can redistribute it and/or modify

      # it under the terms of the GNU Affero General Public License, version 3

      # (only), as published by the Free Software Foundation.

      #

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      #

      # You should have received a copy of the GNU Affero General Public License

      # along with this program.  If not, see <http://www.gnu.org/licenses/>.

      #

      # This program is dual-licensed. If you wish to learn more about the

      # RhodeCode Enterprise Edition, including its added features, Support services,

      # and proprietary license terms, please see https://rhodecode.com/licenses/

      """

      permissions controller for RhodeCode Enterprise

      """

      import logging

      import formencode

      from formencode import htmlfill

      from pylons import request, tmpl_context as c, url

      from pylons.controllers.util import redirect

      from pylons.i18n.translation import _

      from rhodecode.lib import helpers as h

      from rhodecode.lib import auth

      from rhodecode.lib.auth import (LoginRequired, HasPermissionAllDecorator)

      from rhodecode.lib.base import BaseController, render

      from rhodecode.model.db import User, UserIpMap

      from rhodecode.model.forms import (

          ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm)

      from rhodecode.model.meta import Session

      from rhodecode.model.permission import PermissionModel

      from rhodecode.model.settings import SettingsModel

      log = logging.getLogger(__name__)

      class PermissionsController(BaseController):

          """REST Controller styled on the Atom Publishing Protocol"""

          # To properly map this controller, ensure your config/routing.py

          # file has a resource setup:

          #     map.resource('permission', 'permissions')

          @LoginRequired()

          def __before__(self):

              super(PermissionsController, self).__before__()

          def __load_data(self):

              PermissionModel().set_global_permission_choices(c, translator=_)

          @HasPermissionAllDecorator('hg.admin')

          def permission_application(self):

              c.active = 'application'

              self.__load_data()

              c.user = User.get_default_user()

              # TODO: johbo: The default user might be based on outdated state which

              # has been loaded from the cache. A call to refresh() ensures that the

              # latest state from the database is used.

              Session().refresh(c.user)

              app_settings = SettingsModel().get_all_settings()

              defaults = {

                  'anonymous': c.user.active,

                  'default_register_message': app_settings.get(

                      'rhodecode_register_message')

              }

              defaults.update(c.user.get_default_perms())

              return htmlfill.render(

                  render('admin/permissions/permissions.html'),

                  defaults=defaults,

                  encoding="UTF-8",

                  force_defaults=False)

          @HasPermissionAllDecorator('hg.admin')

          @auth.CSRFRequired()

          def permission_application_update(self):

              c.active = 'application'

              self.__load_data()

              _form = ApplicationPermissionsForm(

                  [x[0] for x in c.register_choices],

        lisaq
    
settings: fix #3944 add password reset permission

              r1034
            
                  [x[0] for x in c.password_reset_choices],

        marcink
    
project: added all source files and assets

              r1
            
                  [x[0] for x in c.extern_activate_choices])()

              try:

                  form_result = _form.to_python(dict(request.POST))

                  form_result.update({'perm_user_name': User.DEFAULT_USER})

                  PermissionModel().update_application_permissions(form_result)

                  settings = [

                      ('register_message', 'default_register_message'),

                  ]

                  for setting, form_key in settings:

                      sett = SettingsModel().create_or_update_setting(

                          setting, form_result[form_key])

                      Session().add(sett)

                  Session().commit()

                  h.flash(_('Application permissions updated successfully'),

                          category='success')

              except formencode.Invalid as errors:

                  defaults = errors.value

                  return htmlfill.render(

                      render('admin/permissions/permissions.html'),

                      defaults=defaults,

                      errors=errors.error_dict or {},

                      prefix_error=False,

                      encoding="UTF-8",

                      force_defaults=False)

              except Exception:

                  log.exception("Exception during update of permissions")

                  h.flash(_('Error occurred during update of permissions'),

                          category='error')

              return redirect(url('admin_permissions_application'))

          @HasPermissionAllDecorator('hg.admin')

          def permission_objects(self):

              c.active = 'objects'

              self.__load_data()

              c.user = User.get_default_user()

              defaults = {}

              defaults.update(c.user.get_default_perms())

              return htmlfill.render(

                  render('admin/permissions/permissions.html'),

                  defaults=defaults,

                  encoding="UTF-8",

                  force_defaults=False)

          @HasPermissionAllDecorator('hg.admin')

          @auth.CSRFRequired()

          def permission_objects_update(self):

              c.active = 'objects'

              self.__load_data()

              _form = ObjectPermissionsForm(

                  [x[0] for x in c.repo_perms_choices],

                  [x[0] for x in c.group_perms_choices],

                  [x[0] for x in c.user_group_perms_choices])()

              try:

                  form_result = _form.to_python(dict(request.POST))

                  form_result.update({'perm_user_name': User.DEFAULT_USER})

                  PermissionModel().update_object_permissions(form_result)

                  Session().commit()

                  h.flash(_('Object permissions updated successfully'),

                          category='success')

              except formencode.Invalid as errors:

                  defaults = errors.value

                  return htmlfill.render(

                      render('admin/permissions/permissions.html'),

                      defaults=defaults,

                      errors=errors.error_dict or {},

                      prefix_error=False,

                      encoding="UTF-8",

                      force_defaults=False)

              except Exception:

                  log.exception("Exception during update of permissions")

                  h.flash(_('Error occurred during update of permissions'),

                          category='error')

              return redirect(url('admin_permissions_object'))

          @HasPermissionAllDecorator('hg.admin')

          def permission_global(self):

              c.active = 'global'

              self.__load_data()

              c.user = User.get_default_user()

              defaults = {}

              defaults.update(c.user.get_default_perms())

              return htmlfill.render(

                  render('admin/permissions/permissions.html'),

                  defaults=defaults,

                  encoding="UTF-8",

                  force_defaults=False)

          @HasPermissionAllDecorator('hg.admin')

          @auth.CSRFRequired()

          def permission_global_update(self):

              c.active = 'global'

              self.__load_data()

              _form = UserPermissionsForm(

                  [x[0] for x in c.repo_create_choices],

                  [x[0] for x in c.repo_create_on_write_choices],

                  [x[0] for x in c.repo_group_create_choices],

                  [x[0] for x in c.user_group_create_choices],

                  [x[0] for x in c.fork_choices],

                  [x[0] for x in c.inherit_default_permission_choices])()

              try:

                  form_result = _form.to_python(dict(request.POST))

                  form_result.update({'perm_user_name': User.DEFAULT_USER})

                  PermissionModel().update_user_permissions(form_result)

                  Session().commit()

                  h.flash(_('Global permissions updated successfully'),

                          category='success')

              except formencode.Invalid as errors:

                  defaults = errors.value

                  return htmlfill.render(

                      render('admin/permissions/permissions.html'),

                      defaults=defaults,

                      errors=errors.error_dict or {},

                      prefix_error=False,

                      encoding="UTF-8",

                      force_defaults=False)

              except Exception:

                  log.exception("Exception during update of permissions")

                  h.flash(_('Error occurred during update of permissions'),

                          category='error')

              return redirect(url('admin_permissions_global'))

          @HasPermissionAllDecorator('hg.admin')

          def permission_ips(self):

              c.active = 'ips'

              c.user = User.get_default_user()

              c.user_ip_map = (

                  UserIpMap.query().filter(UserIpMap.user == c.user).all())

              return render('admin/permissions/permissions.html')

          @HasPermissionAllDecorator('hg.admin')

          def permission_perms(self):

              c.active = 'perms'

              c.user = User.get_default_user()

              c.perm_user = c.user.AuthUser

              return render('admin/permissions/permissions.html')

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

marcink project: added all source files and assets	r1	# -- coding: utf-8 --

		# Copyright (C) 2010-2016 RhodeCode GmbH
		#
		# This program is free software: you can redistribute it and/or modify
		# it under the terms of the GNU Affero General Public License, version 3
		# (only), as published by the Free Software Foundation.
		#
		# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
		#
		# You should have received a copy of the GNU Affero General Public License
		# along with this program. If not, see <http://www.gnu.org/licenses/>.
		#
		# This program is dual-licensed. If you wish to learn more about the
		# RhodeCode Enterprise Edition, including its added features, Support services,
		# and proprietary license terms, please see https://rhodecode.com/licenses/


		"""
		permissions controller for RhodeCode Enterprise
		"""


		import logging

		import formencode
		from formencode import htmlfill
		from pylons import request, tmpl_context as c, url
		from pylons.controllers.util import redirect
		from pylons.i18n.translation import _

		from rhodecode.lib import helpers as h
		from rhodecode.lib import auth
		from rhodecode.lib.auth import (LoginRequired, HasPermissionAllDecorator)
		from rhodecode.lib.base import BaseController, render
		from rhodecode.model.db import User, UserIpMap
		from rhodecode.model.forms import (
		ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm)
		from rhodecode.model.meta import Session
		from rhodecode.model.permission import PermissionModel
		from rhodecode.model.settings import SettingsModel

		log = logging.getLogger(__name__)


		class PermissionsController(BaseController):
		"""REST Controller styled on the Atom Publishing Protocol"""
		# To properly map this controller, ensure your config/routing.py
		# file has a resource setup:
		# map.resource('permission', 'permissions')

		@LoginRequired()
		def __before__(self):
		super(PermissionsController, self).__before__()

		def __load_data(self):
		PermissionModel().set_global_permission_choices(c, translator=_)

		@HasPermissionAllDecorator('hg.admin')
		def permission_application(self):
		c.active = 'application'
		self.__load_data()

		c.user = User.get_default_user()

		# TODO: johbo: The default user might be based on outdated state which
		# has been loaded from the cache. A call to refresh() ensures that the
		# latest state from the database is used.
		Session().refresh(c.user)

		app_settings = SettingsModel().get_all_settings()
		defaults = {
		'anonymous': c.user.active,
		'default_register_message': app_settings.get(
		'rhodecode_register_message')
		}
		defaults.update(c.user.get_default_perms())

		return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		encoding="UTF-8",
		force_defaults=False)

		@HasPermissionAllDecorator('hg.admin')
		@auth.CSRFRequired()
		def permission_application_update(self):
		c.active = 'application'
		self.__load_data()
		_form = ApplicationPermissionsForm(
		[x[0] for x in c.register_choices],
lisaq settings: fix #3944 add password reset permission	r1034	[x[0] for x in c.password_reset_choices],
marcink project: added all source files and assets	r1	[x[0] for x in c.extern_activate_choices])()

		try:
		form_result = _form.to_python(dict(request.POST))
		form_result.update({'perm_user_name': User.DEFAULT_USER})
		PermissionModel().update_application_permissions(form_result)

		settings = [
		('register_message', 'default_register_message'),
		]
		for setting, form_key in settings:
		sett = SettingsModel().create_or_update_setting(
		setting, form_result[form_key])
		Session().add(sett)

		Session().commit()
		h.flash(_('Application permissions updated successfully'),
		category='success')

		except formencode.Invalid as errors:
		defaults = errors.value

		return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		errors=errors.error_dict or {},
		prefix_error=False,
		encoding="UTF-8",
		force_defaults=False)
		except Exception:
		log.exception("Exception during update of permissions")
		h.flash(_('Error occurred during update of permissions'),
		category='error')

		return redirect(url('admin_permissions_application'))

		@HasPermissionAllDecorator('hg.admin')
		def permission_objects(self):
		c.active = 'objects'
		self.__load_data()
		c.user = User.get_default_user()
		defaults = {}
		defaults.update(c.user.get_default_perms())
		return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		encoding="UTF-8",
		force_defaults=False)

		@HasPermissionAllDecorator('hg.admin')
		@auth.CSRFRequired()
		def permission_objects_update(self):
		c.active = 'objects'
		self.__load_data()
		_form = ObjectPermissionsForm(
		[x[0] for x in c.repo_perms_choices],
		[x[0] for x in c.group_perms_choices],
		[x[0] for x in c.user_group_perms_choices])()

		try:
		form_result = _form.to_python(dict(request.POST))
		form_result.update({'perm_user_name': User.DEFAULT_USER})
		PermissionModel().update_object_permissions(form_result)

		Session().commit()
		h.flash(_('Object permissions updated successfully'),
		category='success')

		except formencode.Invalid as errors:
		defaults = errors.value

		return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		errors=errors.error_dict or {},
		prefix_error=False,
		encoding="UTF-8",
		force_defaults=False)
		except Exception:
		log.exception("Exception during update of permissions")
		h.flash(_('Error occurred during update of permissions'),
		category='error')

		return redirect(url('admin_permissions_object'))

		@HasPermissionAllDecorator('hg.admin')
		def permission_global(self):
		c.active = 'global'
		self.__load_data()

		c.user = User.get_default_user()
		defaults = {}
		defaults.update(c.user.get_default_perms())

		return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		encoding="UTF-8",
		force_defaults=False)

		@HasPermissionAllDecorator('hg.admin')
		@auth.CSRFRequired()
		def permission_global_update(self):
		c.active = 'global'
		self.__load_data()
		_form = UserPermissionsForm(
		[x[0] for x in c.repo_create_choices],
		[x[0] for x in c.repo_create_on_write_choices],
		[x[0] for x in c.repo_group_create_choices],
		[x[0] for x in c.user_group_create_choices],
		[x[0] for x in c.fork_choices],
		[x[0] for x in c.inherit_default_permission_choices])()

		try:
		form_result = _form.to_python(dict(request.POST))
		form_result.update({'perm_user_name': User.DEFAULT_USER})
		PermissionModel().update_user_permissions(form_result)

		Session().commit()
		h.flash(_('Global permissions updated successfully'),
		category='success')

		except formencode.Invalid as errors:
		defaults = errors.value

		return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		errors=errors.error_dict or {},
		prefix_error=False,
		encoding="UTF-8",
		force_defaults=False)
		except Exception:
		log.exception("Exception during update of permissions")
		h.flash(_('Error occurred during update of permissions'),
		category='error')

		return redirect(url('admin_permissions_global'))

		@HasPermissionAllDecorator('hg.admin')
		def permission_ips(self):
		c.active = 'ips'
		c.user = User.get_default_user()
		c.user_ip_map = (
		UserIpMap.query().filter(UserIpMap.user == c.user).all())

		return render('admin/permissions/permissions.html')

		@HasPermissionAllDecorator('hg.admin')
		def permission_perms(self):
		c.active = 'perms'
		c.user = User.get_default_user()
		c.perm_user = c.user.AuthUser
		return render('admin/permissions/permissions.html')