rhodecode-enterprise-ce Commit - r2054:0026cc40

user/user-groups: show if users or user groups are a part of review rules....

marcink -

r2054:0026cc40 default

parent child

The requested changes are too big and content was truncated. Show full diff

rhodecode/controllers/admin/user_groups.py

0 +4 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             User Groups crud controller for pylons
             """
             import logging
             import formencode
             import peppercorn
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url, config
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from rhodecode.lib import auth
             from rhodecode.lib import helpers as h
             from rhodecode.lib import audit_logger
             from rhodecode.lib.exceptions import UserGroupAssignedException,\
                 RepoGroupAssignmentError
             from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int
             from rhodecode.lib.auth import (
                 LoginRequired, NotAnonymous, HasUserGroupPermissionAnyDecorator,
                 HasPermissionAnyDecorator)
             from rhodecode.lib.base import BaseController, render
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.user_group import UserGroupModel
             from rhodecode.model.db import User, UserGroup
             from rhodecode.model.forms import (
                 UserGroupForm, UserGroupPermsForm, UserIndividualPermissionsForm,
                 UserPermissionsForm)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             class UserGroupsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 @LoginRequired()
                 def __before__(self):
                     super(UserGroupsController, self).__before__()
                     c.available_permissions = config['available_permissions']
                     PermissionModel().set_global_permission_choices(c, gettext_translator=_)
                 def __load_data(self, user_group_id):
                     c.group_members_obj = [x.user for x in c.user_group.members]
                     c.group_members_obj.sort(key=lambda u: u.username.lower())
                     c.group_members = [(x.user_id, x.username) for x in c.group_members_obj]
                 def __load_defaults(self, user_group_id):
                     """
                     Load defaults settings for edit, and update
                     :param user_group_id:
                     """
                     user_group = UserGroup.get_or_404(user_group_id)
                     data = user_group.get_dict()
                     # fill owner
                     if user_group.user:
                         data.update({'user': user_group.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         data.update({'user': replacement_user})
                     return data
                 def _revoke_perms_on_yourself(self, form_result):
                     _updates = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
                                       form_result['perm_updates'])
                     _additions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
                                         form_result['perm_additions'])
                     _deletions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
                                         form_result['perm_deletions'])
                     admin_perm = 'usergroup.admin'
                     if _updates   and _updates[0][1]   != admin_perm or \
                        _additions and _additions[0][1] != admin_perm or \
                        _deletions and _deletions[0][1] != admin_perm:
                         return True
                     return False
                 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
                 @auth.CSRFRequired()
                 def create(self):
                     users_group_form = UserGroupForm()()
                     try:
                         form_result = users_group_form.to_python(dict(request.POST))
                         user_group = UserGroupModel().create(
                             name=form_result['users_group_name'],
                             description=form_result['user_group_description'],
                             owner=c.rhodecode_user.user_id,
                             active=form_result['users_group_active'])
                         Session().flush()
                         creation_data = user_group.get_api_data()
                         user_group_name = form_result['users_group_name']
                         audit_logger.store_web(
                             'user_group.create', action_data={'data': creation_data},
                             user=c.rhodecode_user)
                         user_group_link = h.link_to(
                             h.escape(user_group_name),
                             url('edit_users_group', user_group_id=user_group.users_group_id))
                         h.flash(h.literal(_('Created user group %(user_group_link)s')
                                           % {'user_group_link': user_group_link}),
                                 category='success')
                         Session().commit()
                     except formencode.Invalid as errors:
                         return htmlfill.render(
                             render('admin/user_groups/user_group_add.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception("Exception creating user group")
                         h.flash(_('Error occurred during creation of user group %s') \
                                 % request.POST.get('users_group_name'), category='error')
                     return redirect(
                         url('edit_users_group', user_group_id=user_group.users_group_id))
                 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
                 def new(self):
                     """GET /user_groups/new: Form to create a new item"""
                     # url('new_users_group')
                     return render('admin/user_groups/user_group_add.mako')
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 @auth.CSRFRequired()
                 def update(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     c.active = 'settings'
                     self.__load_data(user_group_id)
                     users_group_form = UserGroupForm(
                         edit=True, old_data=c.user_group.get_dict(), allow_disabled=True)()
                     old_values = c.user_group.get_api_data()
                     try:
                         form_result = users_group_form.to_python(request.POST)
                         pstruct = peppercorn.parse(request.POST.items())
                         form_result['users_group_members'] = pstruct['user_group_members']
                         user_group, added_members, removed_members = \
                             UserGroupModel().update(c.user_group, form_result)
                         updated_user_group = form_result['users_group_name']
                         audit_logger.store_web(
                             'user_group.edit', action_data={'old_data': old_values},
                             user=c.rhodecode_user)
                         # TODO(marcink): use added/removed to set user_group.edit.member.add
                         h.flash(_('Updated user group %s') % updated_user_group,
                                 category='success')
                         Session().commit()
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         e = errors.error_dict or {}
                         return htmlfill.render(
                             render('admin/user_groups/user_group_edit.mako'),
                             defaults=defaults,
                             errors=e,
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception("Exception during update of user group")
                         h.flash(_('Error occurred during update of user group %s')
                                 % request.POST.get('users_group_name'), category='error')
                     return redirect(url('edit_users_group', user_group_id=user_group_id))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 @auth.CSRFRequired()
                 def delete(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     force = str2bool(request.POST.get('force'))
                     old_values = c.user_group.get_api_data()
                     try:
                         UserGroupModel().delete(c.user_group, force=force)
                         audit_logger.store_web(
                             'user.delete', action_data={'old_data': old_values},
                             user=c.rhodecode_user)
                         Session().commit()
                         h.flash(_('Successfully deleted user group'), category='success')
                     except UserGroupAssignedException as e:
                         h.flash(str(e), category='error')
                     except Exception:
                         log.exception("Exception during deletion of user group")
                         h.flash(_('An error occurred during deletion of user group'),
                                 category='error')
                     return redirect(url('users_groups'))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit(self, user_group_id):
                     """GET /user_groups/user_group_id/edit: Form to edit an existing item"""
                     # url('edit_users_group', user_group_id=ID)
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     c.active = 'settings'
                     self.__load_data(user_group_id)
                     defaults = self.__load_defaults(user_group_id)
                     return htmlfill.render(
                         render('admin/user_groups/user_group_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_perms(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     c.active = 'perms'
                     defaults = {}
                     # fill user group users
                     for p in c.user_group.user_user_group_to_perm:
                         defaults.update({'u_perm_%s' % p.user.user_id:
                                          p.permission.permission_name})
                     for p in c.user_group.user_group_user_group_to_perm:
                         defaults.update({'g_perm_%s' % p.user_group.users_group_id:
                                          p.permission.permission_name})
                     return htmlfill.render(
                         render('admin/user_groups/user_group_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 @auth.CSRFRequired()
                 def update_perms(self, user_group_id):
                     """
                     grant permission for given usergroup
                     :param user_group_id:
                     """
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     form = UserGroupPermsForm()().to_python(request.POST)
                     if not c.rhodecode_user.is_admin:
                         if self._revoke_perms_on_yourself(form):
                             msg = _('Cannot change permission for yourself as admin')
                             h.flash(msg, category='warning')
                             return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
                     try:
                         UserGroupModel().update_permissions(user_group_id,
                             form['perm_additions'], form['perm_updates'], form['perm_deletions'])
                     except RepoGroupAssignmentError:
                         h.flash(_('Target group cannot be the same'), category='error')
                         return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
                     # TODO(marcink): implement global permissions
                     # audit_log.store_web('user_group.edit.permissions')
                     Session().commit()
                     h.flash(_('User Group permissions updated'), category='success')
                     return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_global_perms(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     c.active = 'global_perms'
                     c.default_user = User.get_default_user()
                     defaults = c.user_group.get_dict()
                     defaults.update(c.default_user.get_default_perms(suffix='_inherited'))
                     defaults.update(c.user_group.get_default_perms())
                     return htmlfill.render(
                         render('admin/user_groups/user_group_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 @auth.CSRFRequired()
                 def update_global_perms(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     user_group = UserGroup.get_or_404(user_group_id)
                     c.active = 'global_perms'
                     try:
                         # first stage that verifies the checkbox
                         _form = UserIndividualPermissionsForm()
                         form_result = _form.to_python(dict(request.POST))
                         inherit_perms = form_result['inherit_default_permissions']
                         user_group.inherit_default_permissions = inherit_perms
                         Session().add(user_group)
                         if not inherit_perms:
                             # only update the individual ones if we un check the flag
                             _form = UserPermissionsForm(
                                 [x[0] for x in c.repo_create_choices],
                                 [x[0] for x in c.repo_create_on_write_choices],
                                 [x[0] for x in c.repo_group_create_choices],
                                 [x[0] for x in c.user_group_create_choices],
                                 [x[0] for x in c.fork_choices],
                                 [x[0] for x in c.inherit_default_permission_choices])()
                             form_result = _form.to_python(dict(request.POST))
                             form_result.update({'perm_user_group_id': user_group.users_group_id})
                             PermissionModel().update_user_group_permissions(form_result)
                         Session().commit()
                         h.flash(_('User Group global permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         c.user_group = user_group
                         return htmlfill.render(
                             render('admin/user_groups/user_group_edit.mako'),
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception("Exception during permissions saving")
                         h.flash(_('An error occurred during permissions saving'),
                                 category='error')
                     return redirect(url('edit_user_group_global_perms', user_group_id=user_group_id))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_advanced(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     c.user_group = UserGroup.get_or_404(user_group_id)
                     c.active = 'advanced'
                     c.group_members_obj = sorted(
                         (x.user for x in c.user_group.members),
                         key=lambda u: u.username.lower())
                     c.group_to_repos = sorted(
                         (x.repository for x in c.user_group.users_group_repo_to_perm),
                         key=lambda u: u.repo_name.lower())
                     c.group_to_repo_groups = sorted(
                         (x.group for x in c.user_group.users_group_repo_group_to_perm),
                         key=lambda u: u.group_name.lower())
+                    c.group_to_review_rules = sorted(
+                        (x.users_group for x in c.user_group.user_group_review_rules),
+                        key=lambda u: u.users_group_name.lower())
                     return render('admin/user_groups/user_group_edit.mako')
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_advanced_set_synchronization(self, user_group_id):
                     user_group_id = safe_int(user_group_id)
                     user_group = UserGroup.get_or_404(user_group_id)
                     existing = user_group.group_data.get('extern_type')
                     if existing:
                         new_state = user_group.group_data
                         new_state['extern_type'] = None
                     else:
                         new_state = user_group.group_data
                         new_state['extern_type'] = 'manual'
                         new_state['extern_type_set_by'] = c.rhodecode_user.username
                     try:
                         user_group.group_data = new_state
                         Session().add(user_group)
                         Session().commit()
                         h.flash(_('User Group synchronization updated successfully'),
                                 category='success')
                     except Exception:
                         log.exception("Exception during sync settings saving")
                         h.flash(_('An error occurred during synchronization update'),
                                 category='error')
                     return redirect(
                         url('edit_user_group_advanced', user_group_id=user_group_id))

rhodecode/controllers/admin/users.py

0 +5 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Users crud controller for pylons
             """
             import logging
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url, config
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from rhodecode.authentication.plugins import auth_rhodecode
             from rhodecode.lib import helpers as h
             from rhodecode.lib import auth
             from rhodecode.lib import audit_logger
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, AuthUser)
             from rhodecode.lib.base import BaseController, render
             from rhodecode.lib.exceptions import (
                 DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
                 UserOwnsUserGroupsException, UserCreationError)
             from rhodecode.lib.utils2 import safe_int, AttributeDict
             from rhodecode.model.db import (
                 PullRequestReviewers, User, UserEmailMap, UserIpMap, RepoGroup)
             from rhodecode.model.forms import (
                 UserForm, UserPermissionsForm, UserIndividualPermissionsForm)
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.user import UserModel
             from rhodecode.model.meta import Session
             from rhodecode.model.permission import PermissionModel
             log = logging.getLogger(__name__)
             class UsersController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 @LoginRequired()
                 def __before__(self):
                     super(UsersController, self).__before__()
                     c.available_permissions = config['available_permissions']
                     c.allowed_languages = [
                         ('en', 'English (en)'),
                         ('de', 'German (de)'),
                         ('fr', 'French (fr)'),
                         ('it', 'Italian (it)'),
                         ('ja', 'Japanese (ja)'),
                         ('pl', 'Polish (pl)'),
                         ('pt', 'Portuguese (pt)'),
                         ('ru', 'Russian (ru)'),
                         ('zh', 'Chinese (zh)'),
                     ]
                     PermissionModel().set_global_permission_choices(c, gettext_translator=_)
                 def _get_personal_repo_group_template_vars(self):
                     DummyUser = AttributeDict({
                         'username': '${username}',
                         'user_id': '${user_id}',
                     })
                     c.default_create_repo_group = RepoGroupModel() \
                         .get_default_create_personal_repo_group()
                     c.personal_repo_group_name = RepoGroupModel() \
                         .get_personal_group_name(DummyUser)
                 @HasPermissionAllDecorator('hg.admin')
                 @auth.CSRFRequired()
                 def create(self):
                     c.default_extern_type = auth_rhodecode.RhodeCodeAuthPlugin.name
                     user_model = UserModel()
                     user_form = UserForm()()
                     try:
                         form_result = user_form.to_python(dict(request.POST))
                         user = user_model.create(form_result)
                         Session().flush()
                         creation_data = user.get_api_data()
                         username = form_result['username']
                         audit_logger.store_web(
                             'user.create', action_data={'data': creation_data},
                             user=c.rhodecode_user)
                         user_link = h.link_to(h.escape(username),
                                               url('edit_user',
                                                   user_id=user.user_id))
                         h.flash(h.literal(_('Created user %(user_link)s')
                                           % {'user_link': user_link}), category='success')
                         Session().commit()
                     except formencode.Invalid as errors:
                         self._get_personal_repo_group_template_vars()
                         return htmlfill.render(
                             render('admin/users/user_add.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                     except Exception:
                         log.exception("Exception creation of user")
                         h.flash(_('Error occurred during creation of user %s')
                                 % request.POST.get('username'), category='error')
                     return redirect(h.route_path('users'))
                 @HasPermissionAllDecorator('hg.admin')
                 def new(self):
                     c.default_extern_type = auth_rhodecode.RhodeCodeAuthPlugin.name
                     self._get_personal_repo_group_template_vars()
                     return render('admin/users/user_add.mako')
                 @HasPermissionAllDecorator('hg.admin')
                 @auth.CSRFRequired()
                 def update(self, user_id):
                     user_id = safe_int(user_id)
                     c.user = User.get_or_404(user_id)
                     c.active = 'profile'
                     c.extern_type = c.user.extern_type
                     c.extern_name = c.user.extern_name
                     c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr)
                     available_languages = [x[0] for x in c.allowed_languages]
                     _form = UserForm(edit=True, available_languages=available_languages,
                                      old_data={'user_id': user_id,
                                                'email': c.user.email})()
                     form_result = {}
                     old_values = c.user.get_api_data()
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         skip_attrs = ['extern_type', 'extern_name']
                         # TODO: plugin should define if username can be updated
                         if c.extern_type != "rhodecode":
                             # forbid updating username for external accounts
                             skip_attrs.append('username')
                         UserModel().update_user(
                             user_id, skip_attrs=skip_attrs, **form_result)
                         audit_logger.store_web(
                             'user.edit', action_data={'old_data': old_values},
                             user=c.rhodecode_user)
                         Session().commit()
                         h.flash(_('User updated successfully'), category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         e = errors.error_dict or {}
                         return htmlfill.render(
                             render('admin/users/user_edit.mako'),
                             defaults=defaults,
                             errors=e,
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                     except Exception:
                         log.exception("Exception updating user")
                         h.flash(_('Error occurred during update of user %s')
                                 % form_result.get('username'), category='error')
                     return redirect(url('edit_user', user_id=user_id))
                 @HasPermissionAllDecorator('hg.admin')
                 @auth.CSRFRequired()
                 def delete(self, user_id):
                     user_id = safe_int(user_id)
                     c.user = User.get_or_404(user_id)
                     _repos = c.user.repositories
                     _repo_groups = c.user.repository_groups
                     _user_groups = c.user.user_groups
                     handle_repos = None
                     handle_repo_groups = None
                     handle_user_groups = None
                     # dummy call for flash of handle
                     set_handle_flash_repos = lambda: None
                     set_handle_flash_repo_groups = lambda: None
                     set_handle_flash_user_groups = lambda: None
                     if _repos and request.POST.get('user_repos'):
                         do = request.POST['user_repos']
                         if do == 'detach':
                             handle_repos = 'detach'
                             set_handle_flash_repos = lambda: h.flash(
                                 _('Detached %s repositories') % len(_repos),
                                 category='success')
                         elif do == 'delete':
                             handle_repos = 'delete'
                             set_handle_flash_repos = lambda: h.flash(
                                 _('Deleted %s repositories') % len(_repos),
                                 category='success')
                     if _repo_groups and request.POST.get('user_repo_groups'):
                         do = request.POST['user_repo_groups']
                         if do == 'detach':
                             handle_repo_groups = 'detach'
                             set_handle_flash_repo_groups = lambda: h.flash(
                                 _('Detached %s repository groups') % len(_repo_groups),
                                 category='success')
                         elif do == 'delete':
                             handle_repo_groups = 'delete'
                             set_handle_flash_repo_groups = lambda: h.flash(
                                 _('Deleted %s repository groups') % len(_repo_groups),
                                 category='success')
                     if _user_groups and request.POST.get('user_user_groups'):
                         do = request.POST['user_user_groups']
                         if do == 'detach':
                             handle_user_groups = 'detach'
                             set_handle_flash_user_groups = lambda: h.flash(
                                 _('Detached %s user groups') % len(_user_groups),
                                 category='success')
                         elif do == 'delete':
                             handle_user_groups = 'delete'
                             set_handle_flash_user_groups = lambda: h.flash(
                                 _('Deleted %s user groups') % len(_user_groups),
                                 category='success')
                     old_values = c.user.get_api_data()
                     try:
                         UserModel().delete(c.user, handle_repos=handle_repos,
                                            handle_repo_groups=handle_repo_groups,
                                            handle_user_groups=handle_user_groups)
                         audit_logger.store_web(
                             'user.delete', action_data={'old_data': old_values},
                             user=c.rhodecode_user)
                         Session().commit()
                         set_handle_flash_repos()
                         set_handle_flash_repo_groups()
                         set_handle_flash_user_groups()
                         h.flash(_('Successfully deleted user'), category='success')
                     except (UserOwnsReposException, UserOwnsRepoGroupsException,
                             UserOwnsUserGroupsException, DefaultUserException) as e:
                         h.flash(e, category='warning')
                     except Exception:
                         log.exception("Exception during deletion of user")
                         h.flash(_('An error occurred during deletion of user'),
                                 category='error')
                     return redirect(h.route_path('users'))
                 @HasPermissionAllDecorator('hg.admin')
                 @auth.CSRFRequired()
                 def reset_password(self, user_id):
                     """
                     toggle reset password flag for this user
                     """
                     user_id = safe_int(user_id)
                     c.user = User.get_or_404(user_id)
                     try:
                         old_value = c.user.user_data.get('force_password_change')
                         c.user.update_userdata(force_password_change=not old_value)
                         if old_value:
                             msg = _('Force password change disabled for user')
                             audit_logger.store_web(
                                 'user.edit.password_reset.disabled',
                                 user=c.rhodecode_user)
                         else:
                             msg = _('Force password change enabled for user')
                             audit_logger.store_web(
                                 'user.edit.password_reset.enabled',
                                 user=c.rhodecode_user)
                         Session().commit()
                         h.flash(msg, category='success')
                     except Exception:
                         log.exception("Exception during password reset for user")
                         h.flash(_('An error occurred during password reset for user'),
                                 category='error')
                     return redirect(url('edit_user_advanced', user_id=user_id))
                 @HasPermissionAllDecorator('hg.admin')
                 @auth.CSRFRequired()
                 def create_personal_repo_group(self, user_id):
                     """
                     Create personal repository group for this user
                     """
                     from rhodecode.model.repo_group import RepoGroupModel
                     user_id = safe_int(user_id)
                     c.user = User.get_or_404(user_id)
                     personal_repo_group = RepoGroup.get_user_personal_repo_group(
                         c.user.user_id)
                     if personal_repo_group:
                         return redirect(url('edit_user_advanced', user_id=user_id))
                     personal_repo_group_name = RepoGroupModel().get_personal_group_name(
                         c.user)
                     named_personal_group = RepoGroup.get_by_group_name(
                         personal_repo_group_name)
                     try:
                         if named_personal_group and named_personal_group.user_id == c.user.user_id:
                             # migrate the same named group, and mark it as personal
                             named_personal_group.personal = True
                             Session().add(named_personal_group)
                             Session().commit()
                             msg = _('Linked repository group `%s` as personal' % (
                                 personal_repo_group_name,))
                             h.flash(msg, category='success')
                         elif not named_personal_group:
                             RepoGroupModel().create_personal_repo_group(c.user)
                             msg = _('Created repository group `%s`' % (
                                 personal_repo_group_name,))
                             h.flash(msg, category='success')
                         else:
                             msg = _('Repository group `%s` is already taken' % (
                                 personal_repo_group_name,))
                             h.flash(msg, category='warning')
                     except Exception:
                         log.exception("Exception during repository group creation")
                         msg = _(
                             'An error occurred during repository group creation for user')
                         h.flash(msg, category='error')
                         Session().rollback()
                     return redirect(url('edit_user_advanced', user_id=user_id))
                 @HasPermissionAllDecorator('hg.admin')
                 def show(self, user_id):
                     """GET /users/user_id: Show a specific item"""
                     # url('user', user_id=ID)
                     User.get_or_404(-1)
                 @HasPermissionAllDecorator('hg.admin')
                 def edit(self, user_id):
                     """GET /users/user_id/edit: Form to edit an existing item"""
                     # url('edit_user', user_id=ID)
                     user_id = safe_int(user_id)
                     c.user = User.get_or_404(user_id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(h.route_path('users'))
                     c.active = 'profile'
                     c.extern_type = c.user.extern_type
                     c.extern_name = c.user.extern_name
                     c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr)
                     defaults = c.user.get_dict()
                     defaults.update({'language': c.user.user_data.get('language')})
                     return htmlfill.render(
                         render('admin/users/user_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def edit_advanced(self, user_id):
                     user_id = safe_int(user_id)
                     user = c.user = User.get_or_404(user_id)
                     if user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(h.route_path('users'))
                     c.active = 'advanced'
                     c.personal_repo_group = RepoGroup.get_user_personal_repo_group(user_id)
                     c.personal_repo_group_name = RepoGroupModel()\
                         .get_personal_group_name(user)
+                    c.user_to_review_rules = sorted(
+                        (x.user for x in c.user.user_review_rules),
+                        key=lambda u: u.username.lower())
                     c.first_admin = User.get_first_super_admin()
                     defaults = user.get_dict()
                     # Interim workaround if the user participated on any pull requests as a
                     # reviewer.
                     has_review = len(user.reviewer_pull_requests)
                     c.can_delete_user = not has_review
                     c.can_delete_user_message = ''
                     inactive_link = h.link_to(
                         'inactive', h.url('edit_user', user_id=user_id, anchor='active'))
                     if has_review == 1:
                         c.can_delete_user_message = h.literal(_(
                             'The user participates as reviewer in {} pull request and '
                             'cannot be deleted. \nYou can set the user to '
                             '"{}" instead of deleting it.').format(
                             has_review, inactive_link))
                     elif has_review:
                         c.can_delete_user_message = h.literal(_(
                             'The user participates as reviewer in {} pull requests and '
                             'cannot be deleted. \nYou can set the user to '
                             '"{}" instead of deleting it.').format(
                             has_review, inactive_link))
                     return htmlfill.render(
                         render('admin/users/user_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def edit_global_perms(self, user_id):
                     user_id = safe_int(user_id)
                     c.user = User.get_or_404(user_id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(h.route_path('users'))
                     c.active = 'global_perms'
                     c.default_user = User.get_default_user()
                     defaults = c.user.get_dict()
                     defaults.update(c.default_user.get_default_perms(suffix='_inherited'))
                     defaults.update(c.default_user.get_default_perms())
                     defaults.update(c.user.get_default_perms())
                     return htmlfill.render(
                         render('admin/users/user_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 @auth.CSRFRequired()
                 def update_global_perms(self, user_id):
                     user_id = safe_int(user_id)
                     user = User.get_or_404(user_id)
                     c.active = 'global_perms'
                     try:
                         # first stage that verifies the checkbox
                         _form = UserIndividualPermissionsForm()
                         form_result = _form.to_python(dict(request.POST))
                         inherit_perms = form_result['inherit_default_permissions']
                         user.inherit_default_permissions = inherit_perms
                         Session().add(user)
                         if not inherit_perms:
                             # only update the individual ones if we un check the flag
                             _form = UserPermissionsForm(
                                 [x[0] for x in c.repo_create_choices],
                                 [x[0] for x in c.repo_create_on_write_choices],
                                 [x[0] for x in c.repo_group_create_choices],
                                 [x[0] for x in c.user_group_create_choices],
                                 [x[0] for x in c.fork_choices],
                                 [x[0] for x in c.inherit_default_permission_choices])()
                             form_result = _form.to_python(dict(request.POST))
                             form_result.update({'perm_user_id': user.user_id})
                             PermissionModel().update_user_permissions(form_result)
                         # TODO(marcink): implement global permissions
                         # audit_log.store_web('user.edit.permissions')
                         Session().commit()
                         h.flash(_('User global permissions updated successfully'),
                                 category='success')
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         c.user = user
                         return htmlfill.render(
                             render('admin/users/user_edit.mako'),
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception("Exception during permissions saving")
                         h.flash(_('An error occurred during permissions saving'),
                                 category='error')
                     return redirect(url('edit_user_global_perms', user_id=user_id))

rhodecode/model/db.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/admin/user_groups/user_group_edit_advanced.mako

0 +1 0

             <%namespace name="base" file="/base/base.mako"/>
             <%
              elems = [
                 (_('Owner'), lambda:base.gravatar_with_user(c.user_group.user.email), '', ''),
                 (_('Created on'), h.format_date(c.user_group.created_on), '', '',),
                 (_('Members'), len(c.group_members_obj),'', [x for x in c.group_members_obj]),
                 (_('Automatic member sync'), 'Yes' if c.user_group.group_data.get('extern_type') else 'No', '', '',),
                 (_('Assigned to repositories'), len(c.group_to_repos),'', [x for x in c.group_to_repos]),
                 (_('Assigned to repo groups'), len(c.group_to_repo_groups), '', [x for x in c.group_to_repo_groups]),
+                (_('Assigned to review rules'), len(c.group_to_review_rules), '', [x for x in c.group_to_review_rules]),
              ]
             %>
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('User Group: %s') % c.user_group.users_group_name}</h3>
                 </div>
                 <div class="panel-body">
                     ${base.dt_info_panel(elems)}
                 </div>
             </div>
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('Group members sync')}</h3>
                 </div>
                 <div class="panel-body">
                     <% sync_type = c.user_group.group_data.get('extern_type') %>
                     % if sync_type:
                         <p>
                             ${_('This group is set to be automatically synchronised.')}<br/>
                             ${_('This group synchronization was set by')}: <strong>${sync_type}</strong>
                         </p>
                     % else:
                         <p>
                             ${_('This group is not set to be automatically synchronised')}
                         </p>
                     % endif
                     <div>
                     ${h.secure_form(h.url('edit_user_group_advanced_sync', user_group_id=c.user_group.users_group_id), method='post')}
                         <div class="field">
                             <button class="btn btn-default" type="submit">
                                 %if sync_type:
                                     ${_('Disable synchronization')}
                                 %else:
                                     ${_('Enable synchronization')}
                                 %endif
                             </button>
                         </div>
                         <div class="field">
                             <span class="help-block">
                                 ${_('Users will be added or removed from this group when they authenticate with RhodeCode system, based on LDAP group membership. '
                                     'This requires `LDAP+User group` authentication plugin to be configured and enabled. (EE only feature)')}
                             </span>
                         </div>
                     ${h.end_form()}
                     </div>
                 </div>
             </div>
             <div class="panel panel-danger">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('Delete User Group')}</h3>
                 </div>
                 <div class="panel-body">
                     ${h.secure_form(h.url('delete_users_group', user_group_id=c.user_group.users_group_id),method='delete')}
                         ${h.hidden('force', 1)}
                         <button class="btn btn-small btn-danger" type="submit"
                                 onclick="return confirm('${_('Confirm to delete user group `%(ugroup)s` with all permission assignments') % {'ugroup': c.user_group.users_group_name}}');">
                             <i class="icon-remove-sign"></i>
                             ${_('Delete This User Group')}
                         </button>
                     ${h.end_form()}
                 </div>
             </div>

rhodecode/templates/admin/users/user_edit_advanced.mako

0 +2 0

             <%namespace name="base" file="/base/base.mako"/>
             <%
              elems = [
                 (_('Created on'), h.format_date(c.user.created_on), '', ''),
                 (_('Source of Record'), c.user.extern_type, '', ''),
                 (_('Last login'), c.user.last_login or '-', '', ''),
                 (_('Last activity'), c.user.last_activity, '', ''),
                 (_('Repositories'), len(c.user.repositories), '', [x.repo_name for x in c.user.repositories]),
                 (_('Repository groups'), len(c.user.repository_groups), '', [x.group_name for x in c.user.repository_groups]),
                 (_('User groups'), len(c.user.user_groups), '', [x.users_group_name for x in c.user.user_groups]),
                 (_('Reviewer of pull requests'), len(c.user.reviewer_pull_requests), '', ['Pull Request #{}'.format(x.pull_request.pull_request_id) for x in c.user.reviewer_pull_requests]),
+                (_('Assigned to review rules'), len(c.user_to_review_rules), '', [x for x in c.user_to_review_rules]),
                 (_('Member of User groups'), len(c.user.group_member), '', [x.users_group.users_group_name for x in c.user.group_member]),
                 (_('Force password change'), c.user.user_data.get('force_password_change', 'False'), '', ''),
              ]
             %>
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('User: %s') % c.user.username}</h3>
                 </div>
                 <div class="panel-body">
                     ${base.dt_info_panel(elems)}
                 </div>
             </div>
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('Force Password Reset')}</h3>
                 </div>
                 <div class="panel-body">
                     ${h.secure_form(h.url('force_password_reset_user', user_id=c.user.user_id), method='post')}
                         <div class="field">
                             <button class="btn btn-default" type="submit">
                                 <i class="icon-lock"></i>
                                 %if c.user.user_data.get('force_password_change'):
                                     ${_('Disable forced password reset')}
                                 %else:
                                     ${_('Enable forced password reset')}
                                 %endif
                             </button>
                         </div>
                         <div class="field">
                             <span class="help-block">
                                 ${_("When this is enabled user will have to change they password when they next use RhodeCode system. This will also forbid vcs operations until someone makes a password change in the web interface")}
                             </span>
                         </div>
                     ${h.end_form()}
                 </div>
             </div>
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('Personal Repository Group')}</h3>
                 </div>
                 <div class="panel-body">
                     ${h.secure_form(h.url('create_personal_repo_group', user_id=c.user.user_id), method='post')}
                     %if c.personal_repo_group:
                         <div class="panel-body-title-text">${_('Users personal repository group')} : ${h.link_to(c.personal_repo_group.group_name, h.route_path('repo_group_home', repo_group_name=c.personal_repo_group.group_name))}</div>
                     %else:
                         <div class="panel-body-title-text">
                             ${_('This user currently does not have a personal repository group')}
                             <br/>
                             ${_('New group will be created at: `/%(path)s`') % {'path': c.personal_repo_group_name}}
                         </div>
                     %endif
                         <button class="btn btn-default" type="submit" ${'disabled="disabled"' if c.personal_repo_group else ''}>
                             <i class="icon-folder-close"></i>
                             ${_('Create personal repository group')}
                         </button>
                     ${h.end_form()}
                 </div>
             </div>
             <div class="panel panel-danger">
                 <div class="panel-heading">
                     <h3 class="panel-title">${_('Delete User')}</h3>
                 </div>
                 <div class="panel-body">
                     ${h.secure_form(h.url('delete_user', user_id=c.user.user_id), method='delete')}
                         <table class="display">
                             <tr>
                                 <td>
                                     ${_ungettext('This user owns %s repository.', 'This user owns %s repositories.', len(c.user.repositories)) % len(c.user.repositories)}
                                 </td>
                                 <td>
                                     %if len(c.user.repositories) > 0:
                                         <input type="radio" id="user_repos_1" name="user_repos" value="detach" checked="checked"/> <label for="user_repos_1">${_('Detach repositories')}</label>
                                     %endif
                                 </td>
                                 <td>
                                     %if len(c.user.repositories) > 0:
                                         <input type="radio" id="user_repos_2" name="user_repos" value="delete" /> <label for="user_repos_2">${_('Delete repositories')}</label>
                                     %endif
                                 </td>
                             </tr>
                             <tr>
                                 <td>
                                     ${_ungettext('This user owns %s repository group.', 'This user owns %s repository groups.', len(c.user.repository_groups)) % len(c.user.repository_groups)}
                                 </td>
                                 <td>
                                     %if len(c.user.repository_groups) > 0:
                                         <input type="radio" id="user_repo_groups_1" name="user_repo_groups" value="detach" checked="checked"/> <label for="user_repo_groups_1">${_('Detach repository groups')}</label>
                                     %endif
                                 </td>
                                 <td>
                                     %if len(c.user.repository_groups) > 0:
                                         <input type="radio" id="user_repo_groups_2" name="user_repo_groups" value="delete" /> <label for="user_repo_groups_2">${_('Delete repositories')}</label>
                                     %endif
                                 </td>
                             </tr>
                             <tr>
                                 <td>
                                     ${_ungettext('This user owns %s user group.', 'This user owns %s user groups.', len(c.user.user_groups)) % len(c.user.user_groups)}
                                 </td>
                                 <td>
                                     %if len(c.user.user_groups) > 0:
                                         <input type="radio" id="user_user_groups_1" name="user_user_groups" value="detach" checked="checked"/> <label for="user_user_groups_1">${_('Detach user groups')}</label>
                                     %endif
                                 </td>
                                 <td>
                                     %if len(c.user.user_groups) > 0:
                                         <input type="radio" id="user_user_groups_2" name="user_user_groups" value="delete" /> <label for="user_user_groups_2">${_('Delete repositories')}</label>
                                     %endif
                                 </td>
                             </tr>
                         </table>
                         <div style="margin: 0 0 20px 0" class="fake-space"></div>
                         <div class="field">
                             <button class="btn btn-small btn-danger" type="submit"
                                     onclick="return confirm('${_('Confirm to delete this user: %s') % c.user.username}');"
                                     ${"disabled" if not c.can_delete_user else ""}>
                                 ${_('Delete this user')}
                             </button>
                         </div>
                         % if c.can_delete_user_message:
                         <p class="help-block pre-formatting">${c.can_delete_user_message}</p>
                         % endif
                         <div class="field">
                             <span class="help-block">
                                 %if len(c.user.repositories) > 0 or len(c.user.repository_groups) > 0 or len(c.user.user_groups) > 0:
                                     <p class="help-block">${_("When selecting the detach option, the depending objects owned by this user will be assigned to the `%s` super admin in the system. The delete option will delete the user's repositories!") % (c.first_admin.full_name)}</p>
                                 %endif
                             </span>
                         </div>
                     ${h.end_form()}
                 </div>
             </div>

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages