Show More
| @@ -35,10 +35,11 b' from sqlalchemy.orm import joinedload' | |||||
| 35 |
|
35 | |||
| 36 | from rhodecode.lib import auth |
|
36 | from rhodecode.lib import auth | |
| 37 | from rhodecode.lib import helpers as h |
|
37 | from rhodecode.lib import helpers as h | |
|
|
38 | from rhodecode.lib import audit_logger | |||
| 38 | from rhodecode.lib.ext_json import json |
|
39 | from rhodecode.lib.ext_json import json | |
| 39 | from rhodecode.lib.exceptions import UserGroupAssignedException,\ |
|
40 | from rhodecode.lib.exceptions import UserGroupAssignedException,\ | |
| 40 | RepoGroupAssignmentError |
|
41 | RepoGroupAssignmentError | |
| 41 |
from rhodecode.lib.utils import jsonify |
|
42 | from rhodecode.lib.utils import jsonify | |
| 42 | from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int |
|
43 | from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int | |
| 43 | from rhodecode.lib.auth import ( |
|
44 | from rhodecode.lib.auth import ( | |
| 44 | LoginRequired, NotAnonymous, HasUserGroupPermissionAnyDecorator, |
|
45 | LoginRequired, NotAnonymous, HasUserGroupPermissionAnyDecorator, | |
| @@ -105,8 +106,6 b' class UserGroupsController(BaseControlle' | |||||
| 105 | # permission check inside |
|
106 | # permission check inside | |
| 106 | @NotAnonymous() |
|
107 | @NotAnonymous() | |
| 107 | def index(self): |
|
108 | def index(self): | |
| 108 | """GET /users_groups: All items in the collection""" |
|
|||
| 109 | # url('users_groups') |
|
|||
| 110 |
|
109 | |||
| 111 | from rhodecode.lib.utils import PartialRenderer |
|
110 | from rhodecode.lib.utils import PartialRenderer | |
| 112 | _render = PartialRenderer('data_table/_dt_elements.mako') |
|
111 | _render = PartialRenderer('data_table/_dt_elements.mako') | |
| @@ -142,8 +141,6 b' class UserGroupsController(BaseControlle' | |||||
| 142 | @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true') |
|
141 | @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true') | |
| 143 | @auth.CSRFRequired() |
|
142 | @auth.CSRFRequired() | |
| 144 | def create(self): |
|
143 | def create(self): | |
| 145 | """POST /users_groups: Create a new item""" |
|
|||
| 146 | # url('users_groups') |
|
|||
| 147 |
|
144 | |||
| 148 | users_group_form = UserGroupForm()() |
|
145 | users_group_form = UserGroupForm()() | |
| 149 | try: |
|
146 | try: | |
| @@ -154,14 +151,16 b' class UserGroupsController(BaseControlle' | |||||
| 154 | owner=c.rhodecode_user.user_id, |
|
151 | owner=c.rhodecode_user.user_id, | |
| 155 | active=form_result['users_group_active']) |
|
152 | active=form_result['users_group_active']) | |
| 156 | Session().flush() |
|
153 | Session().flush() | |
| 157 |
|
154 | creation_data = user_group.get_api_data() | ||
| 158 | user_group_name = form_result['users_group_name'] |
|
155 | user_group_name = form_result['users_group_name'] | |
| 159 | action_logger(c.rhodecode_user, |
|
156 | ||
| 160 | 'admin_created_users_group:%s' % user_group_name, |
|
157 | audit_logger.store_web( | |
| 161 | None, self.ip_addr, self.sa) |
|
158 | 'user_group.create', action_data={'data': creation_data}, | |
| 162 | user_group_link = h.link_to(h.escape(user_group_name), |
|
159 | user=c.rhodecode_user) | |
| 163 | url('edit_users_group', |
|
160 | ||
| 164 | user_group_id=user_group.users_group_id)) |
|
161 | user_group_link = h.link_to( | |
|
|
162 | h.escape(user_group_name), | |||
|
|
163 | url('edit_users_group', user_group_id=user_group.users_group_id)) | |||
| 165 | h.flash(h.literal(_('Created user group %(user_group_link)s') |
|
164 | h.flash(h.literal(_('Created user group %(user_group_link)s') | |
| 166 | % {'user_group_link': user_group_link}), |
|
165 | % {'user_group_link': user_group_link}), | |
| 167 | category='success') |
|
166 | category='success') | |
| @@ -191,13 +190,6 b' class UserGroupsController(BaseControlle' | |||||
| 191 | @HasUserGroupPermissionAnyDecorator('usergroup.admin') |
|
190 | @HasUserGroupPermissionAnyDecorator('usergroup.admin') | |
| 192 | @auth.CSRFRequired() |
|
191 | @auth.CSRFRequired() | |
| 193 | def update(self, user_group_id): |
|
192 | def update(self, user_group_id): | |
| 194 | """PUT /user_groups/user_group_id: Update an existing item""" |
|
|||
| 195 | # Forms posted to this method should contain a hidden field: |
|
|||
| 196 | # <input type="hidden" name="_method" value="PUT" /> |
|
|||
| 197 | # Or using helpers: |
|
|||
| 198 | # h.form(url('users_group', user_group_id=ID), |
|
|||
| 199 | # method='put') |
|
|||
| 200 | # url('users_group', user_group_id=ID) |
|
|||
| 201 |
|
193 | |||
| 202 | user_group_id = safe_int(user_group_id) |
|
194 | user_group_id = safe_int(user_group_id) | |
| 203 | c.user_group = UserGroup.get_or_404(user_group_id) |
|
195 | c.user_group = UserGroup.get_or_404(user_group_id) | |
| @@ -207,6 +199,7 b' class UserGroupsController(BaseControlle' | |||||
| 207 | users_group_form = UserGroupForm( |
|
199 | users_group_form = UserGroupForm( | |
| 208 | edit=True, old_data=c.user_group.get_dict(), allow_disabled=True)() |
|
200 | edit=True, old_data=c.user_group.get_dict(), allow_disabled=True)() | |
| 209 |
|
201 | |||
|
|
202 | old_values = c.user_group.get_api_data() | |||
| 210 | try: |
|
203 | try: | |
| 211 | form_result = users_group_form.to_python(request.POST) |
|
204 | form_result = users_group_form.to_python(request.POST) | |
| 212 | pstruct = peppercorn.parse(request.POST.items()) |
|
205 | pstruct = peppercorn.parse(request.POST.items()) | |
| @@ -214,9 +207,11 b' class UserGroupsController(BaseControlle' | |||||
| 214 |
|
207 | |||
| 215 | UserGroupModel().update(c.user_group, form_result) |
|
208 | UserGroupModel().update(c.user_group, form_result) | |
| 216 | updated_user_group = form_result['users_group_name'] |
|
209 | updated_user_group = form_result['users_group_name'] | |
| 217 | action_logger(c.rhodecode_user, |
|
210 | ||
| 218 | 'admin_updated_users_group:%s' % updated_user_group, |
|
211 | audit_logger.store_web( | |
| 219 | None, self.ip_addr, self.sa) |
|
212 | 'user_group.edit', action_data={'old_data': old_values}, | |
|
|
213 | user=c.rhodecode_user) | |||
|
|
214 | ||||
| 220 | h.flash(_('Updated user group %s') % updated_user_group, |
|
215 | h.flash(_('Updated user group %s') % updated_user_group, | |
| 221 | category='success') |
|
216 | category='success') | |
| 222 | Session().commit() |
|
217 | Session().commit() | |
| @@ -241,19 +236,16 b' class UserGroupsController(BaseControlle' | |||||
| 241 | @HasUserGroupPermissionAnyDecorator('usergroup.admin') |
|
236 | @HasUserGroupPermissionAnyDecorator('usergroup.admin') | |
| 242 | @auth.CSRFRequired() |
|
237 | @auth.CSRFRequired() | |
| 243 | def delete(self, user_group_id): |
|
238 | def delete(self, user_group_id): | |
| 244 | """DELETE /user_groups/user_group_id: Delete an existing item""" |
|
|||
| 245 | # Forms posted to this method should contain a hidden field: |
|
|||
| 246 | # <input type="hidden" name="_method" value="DELETE" /> |
|
|||
| 247 | # Or using helpers: |
|
|||
| 248 | # h.form(url('users_group', user_group_id=ID), |
|
|||
| 249 | # method='delete') |
|
|||
| 250 | # url('users_group', user_group_id=ID) |
|
|||
| 251 | user_group_id = safe_int(user_group_id) |
|
239 | user_group_id = safe_int(user_group_id) | |
| 252 | c.user_group = UserGroup.get_or_404(user_group_id) |
|
240 | c.user_group = UserGroup.get_or_404(user_group_id) | |
| 253 | force = str2bool(request.POST.get('force')) |
|
241 | force = str2bool(request.POST.get('force')) | |
| 254 |
|
242 | |||
|
|
243 | old_values = c.user_group.get_api_data() | |||
| 255 | try: |
|
244 | try: | |
| 256 | UserGroupModel().delete(c.user_group, force=force) |
|
245 | UserGroupModel().delete(c.user_group, force=force) | |
|
|
246 | audit_logger.store_web( | |||
|
|
247 | 'user.delete', action_data={'old_data': old_values}, | |||
|
|
248 | user=c.rhodecode_user) | |||
| 257 | Session().commit() |
|
249 | Session().commit() | |
| 258 | h.flash(_('Successfully deleted user group'), category='success') |
|
250 | h.flash(_('Successfully deleted user group'), category='success') | |
| 259 | except UserGroupAssignedException as e: |
|
251 | except UserGroupAssignedException as e: | |
| @@ -330,9 +322,9 b' class UserGroupsController(BaseControlle' | |||||
| 330 | except RepoGroupAssignmentError: |
|
322 | except RepoGroupAssignmentError: | |
| 331 | h.flash(_('Target group cannot be the same'), category='error') |
|
323 | h.flash(_('Target group cannot be the same'), category='error') | |
| 332 | return redirect(url('edit_user_group_perms', user_group_id=user_group_id)) |
|
324 | return redirect(url('edit_user_group_perms', user_group_id=user_group_id)) | |
| 333 | #TODO: implement this |
|
325 | ||
| 334 | #action_logger(c.rhodecode_user, 'admin_changed_repo_permissions', |
|
326 | # TODO(marcink): implement global permissions | |
| 335 | # repo_name, self.ip_addr, self.sa) |
|
327 | # audit_log.store_web('user_group.edit.permissions') | |
| 336 | Session().commit() |
|
328 | Session().commit() | |
| 337 | h.flash(_('User Group permissions updated'), category='success') |
|
329 | h.flash(_('User Group permissions updated'), category='success') | |
| 338 | return redirect(url('edit_user_group_perms', user_group_id=user_group_id)) |
|
330 | return redirect(url('edit_user_group_perms', user_group_id=user_group_id)) | |
| @@ -389,8 +381,6 b' class UserGroupsController(BaseControlle' | |||||
| 389 | @HasUserGroupPermissionAnyDecorator('usergroup.admin') |
|
381 | @HasUserGroupPermissionAnyDecorator('usergroup.admin') | |
| 390 | @auth.CSRFRequired() |
|
382 | @auth.CSRFRequired() | |
| 391 | def update_global_perms(self, user_group_id): |
|
383 | def update_global_perms(self, user_group_id): | |
| 392 | """PUT /users_perm/user_group_id: Update an existing item""" |
|
|||
| 393 | # url('users_group_perm', user_group_id=ID, method='put') |
|
|||
| 394 | user_group_id = safe_int(user_group_id) |
|
384 | user_group_id = safe_int(user_group_id) | |
| 395 | user_group = UserGroup.get_or_404(user_group_id) |
|
385 | user_group = UserGroup.get_or_404(user_group_id) | |
| 396 | c.active = 'global_perms' |
|
386 | c.active = 'global_perms' | |
| @@ -492,6 +482,9 b' class UserGroupsController(BaseControlle' | |||||
| 492 | @XHRRequired() |
|
482 | @XHRRequired() | |
| 493 | @jsonify |
|
483 | @jsonify | |
| 494 | def user_group_members(self, user_group_id): |
|
484 | def user_group_members(self, user_group_id): | |
|
|
485 | """ | |||
|
|
486 | Return members of given user group | |||
|
|
487 | """ | |||
| 495 | user_group_id = safe_int(user_group_id) |
|
488 | user_group_id = safe_int(user_group_id) | |
| 496 | user_group = UserGroup.get_or_404(user_group_id) |
|
489 | user_group = UserGroup.get_or_404(user_group_id) | |
| 497 | group_members_obj = sorted((x.user for x in user_group.members), |
|
490 | group_members_obj = sorted((x.user for x in user_group.members), | |
| @@ -49,6 +49,13 b' ACTIONS = {' | |||||
| 49 | 'user.edit.password_reset.enabled': {}, |
|
49 | 'user.edit.password_reset.enabled': {}, | |
| 50 | 'user.edit.password_reset.disabled': {}, |
|
50 | 'user.edit.password_reset.disabled': {}, | |
| 51 |
|
51 | |||
|
|
52 | 'user_group.create': {'data': {}}, | |||
|
|
53 | 'user_group.delete': {'old_data': {}}, | |||
|
|
54 | 'user_group.edit': {'old_data': {}}, | |||
|
|
55 | 'user_group.edit.permissions': {}, | |||
|
|
56 | 'user_group.edit.member.add': {}, | |||
|
|
57 | 'user_group.edit.member.delete': {}, | |||
|
|
58 | ||||
| 52 | 'repo.create': {'data': {}}, |
|
59 | 'repo.create': {'data': {}}, | |
| 53 | 'repo.fork': {'data': {}}, |
|
60 | 'repo.fork': {'data': {}}, | |
| 54 | 'repo.edit': {'old_data': {}}, |
|
61 | 'repo.edit': {'old_data': {}}, | |
General Comments 0
You need to be logged in to leave comments.
Login now