##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
user: simplify fetching of personal repository groups....
marcink -
r1691:519ae2cd default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,630 +1,629 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Users crud controller for pylons
23 23 """
24 24
25 25 import logging
26 26 import formencode
27 27
28 28 from formencode import htmlfill
29 29 from pylons import request, tmpl_context as c, url, config
30 30 from pylons.controllers.util import redirect
31 31 from pylons.i18n.translation import _
32 32
33 33 from rhodecode.authentication.plugins import auth_rhodecode
34 34 from rhodecode.lib.exceptions import (
35 35 DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
36 36 UserOwnsUserGroupsException, UserCreationError)
37 37 from rhodecode.lib import helpers as h
38 38 from rhodecode.lib import auth
39 39 from rhodecode.lib.auth import (
40 40 LoginRequired, HasPermissionAllDecorator, AuthUser, generate_auth_token)
41 41 from rhodecode.lib.base import BaseController, render
42 42 from rhodecode.model.auth_token import AuthTokenModel
43 43
44 44 from rhodecode.model.db import (
45 45 PullRequestReviewers, User, UserEmailMap, UserIpMap, RepoGroup)
46 46 from rhodecode.model.forms import (
47 47 UserForm, UserPermissionsForm, UserIndividualPermissionsForm)
48 48 from rhodecode.model.repo_group import RepoGroupModel
49 49 from rhodecode.model.user import UserModel
50 50 from rhodecode.model.meta import Session
51 51 from rhodecode.model.permission import PermissionModel
52 52 from rhodecode.lib.utils import action_logger
53 53 from rhodecode.lib.utils2 import datetime_to_time, safe_int, AttributeDict
54 54
55 55 log = logging.getLogger(__name__)
56 56
57 57
58 58 class UsersController(BaseController):
59 59 """REST Controller styled on the Atom Publishing Protocol"""
60 60
61 61 @LoginRequired()
62 62 def __before__(self):
63 63 super(UsersController, self).__before__()
64 64 c.available_permissions = config['available_permissions']
65 65 c.allowed_languages = [
66 66 ('en', 'English (en)'),
67 67 ('de', 'German (de)'),
68 68 ('fr', 'French (fr)'),
69 69 ('it', 'Italian (it)'),
70 70 ('ja', 'Japanese (ja)'),
71 71 ('pl', 'Polish (pl)'),
72 72 ('pt', 'Portuguese (pt)'),
73 73 ('ru', 'Russian (ru)'),
74 74 ('zh', 'Chinese (zh)'),
75 75 ]
76 76 PermissionModel().set_global_permission_choices(c, gettext_translator=_)
77 77
78 78 def _get_personal_repo_group_template_vars(self):
79 79 DummyUser = AttributeDict({
80 80 'username': '${username}',
81 81 'user_id': '${user_id}',
82 82 })
83 83 c.default_create_repo_group = RepoGroupModel() \
84 84 .get_default_create_personal_repo_group()
85 85 c.personal_repo_group_name = RepoGroupModel() \
86 86 .get_personal_group_name(DummyUser)
87 87
88 88 @HasPermissionAllDecorator('hg.admin')
89 89 @auth.CSRFRequired()
90 90 def create(self):
91 91 """POST /users: Create a new item"""
92 92 c.default_extern_type = auth_rhodecode.RhodeCodeAuthPlugin.name
93 93 user_model = UserModel()
94 94 user_form = UserForm()()
95 95 try:
96 96 form_result = user_form.to_python(dict(request.POST))
97 97 user = user_model.create(form_result)
98 98 Session().flush()
99 99 username = form_result['username']
100 100 action_logger(c.rhodecode_user, 'admin_created_user:%s' % username,
101 101 None, self.ip_addr, self.sa)
102 102
103 103 user_link = h.link_to(h.escape(username),
104 104 url('edit_user',
105 105 user_id=user.user_id))
106 106 h.flash(h.literal(_('Created user %(user_link)s')
107 107 % {'user_link': user_link}), category='success')
108 108 Session().commit()
109 109 except formencode.Invalid as errors:
110 110 self._get_personal_repo_group_template_vars()
111 111 return htmlfill.render(
112 112 render('admin/users/user_add.mako'),
113 113 defaults=errors.value,
114 114 errors=errors.error_dict or {},
115 115 prefix_error=False,
116 116 encoding="UTF-8",
117 117 force_defaults=False)
118 118 except UserCreationError as e:
119 119 h.flash(e, 'error')
120 120 except Exception:
121 121 log.exception("Exception creation of user")
122 122 h.flash(_('Error occurred during creation of user %s')
123 123 % request.POST.get('username'), category='error')
124 124 return redirect(h.route_path('users'))
125 125
126 126 @HasPermissionAllDecorator('hg.admin')
127 127 def new(self):
128 128 """GET /users/new: Form to create a new item"""
129 129 # url('new_user')
130 130 c.default_extern_type = auth_rhodecode.RhodeCodeAuthPlugin.name
131 131 self._get_personal_repo_group_template_vars()
132 132 return render('admin/users/user_add.mako')
133 133
134 134 @HasPermissionAllDecorator('hg.admin')
135 135 @auth.CSRFRequired()
136 136 def update(self, user_id):
137 137 """PUT /users/user_id: Update an existing item"""
138 138 # Forms posted to this method should contain a hidden field:
139 139 # <input type="hidden" name="_method" value="PUT" />
140 140 # Or using helpers:
141 141 # h.form(url('update_user', user_id=ID),
142 142 # method='put')
143 143 # url('user', user_id=ID)
144 144 user_id = safe_int(user_id)
145 145 c.user = User.get_or_404(user_id)
146 146 c.active = 'profile'
147 147 c.extern_type = c.user.extern_type
148 148 c.extern_name = c.user.extern_name
149 149 c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr)
150 150 available_languages = [x[0] for x in c.allowed_languages]
151 151 _form = UserForm(edit=True, available_languages=available_languages,
152 152 old_data={'user_id': user_id,
153 153 'email': c.user.email})()
154 154 form_result = {}
155 155 try:
156 156 form_result = _form.to_python(dict(request.POST))
157 157 skip_attrs = ['extern_type', 'extern_name']
158 158 # TODO: plugin should define if username can be updated
159 159 if c.extern_type != "rhodecode":
160 160 # forbid updating username for external accounts
161 161 skip_attrs.append('username')
162 162
163 163 UserModel().update_user(user_id, skip_attrs=skip_attrs, **form_result)
164 164 usr = form_result['username']
165 165 action_logger(c.rhodecode_user, 'admin_updated_user:%s' % usr,
166 166 None, self.ip_addr, self.sa)
167 167 h.flash(_('User updated successfully'), category='success')
168 168 Session().commit()
169 169 except formencode.Invalid as errors:
170 170 defaults = errors.value
171 171 e = errors.error_dict or {}
172 172
173 173 return htmlfill.render(
174 174 render('admin/users/user_edit.mako'),
175 175 defaults=defaults,
176 176 errors=e,
177 177 prefix_error=False,
178 178 encoding="UTF-8",
179 179 force_defaults=False)
180 180 except UserCreationError as e:
181 181 h.flash(e, 'error')
182 182 except Exception:
183 183 log.exception("Exception updating user")
184 184 h.flash(_('Error occurred during update of user %s')
185 185 % form_result.get('username'), category='error')
186 186 return redirect(url('edit_user', user_id=user_id))
187 187
188 188 @HasPermissionAllDecorator('hg.admin')
189 189 @auth.CSRFRequired()
190 190 def delete(self, user_id):
191 191 """DELETE /users/user_id: Delete an existing item"""
192 192 # Forms posted to this method should contain a hidden field:
193 193 # <input type="hidden" name="_method" value="DELETE" />
194 194 # Or using helpers:
195 195 # h.form(url('delete_user', user_id=ID),
196 196 # method='delete')
197 197 # url('user', user_id=ID)
198 198 user_id = safe_int(user_id)
199 199 c.user = User.get_or_404(user_id)
200 200
201 201 _repos = c.user.repositories
202 202 _repo_groups = c.user.repository_groups
203 203 _user_groups = c.user.user_groups
204 204
205 205 handle_repos = None
206 206 handle_repo_groups = None
207 207 handle_user_groups = None
208 208 # dummy call for flash of handle
209 209 set_handle_flash_repos = lambda: None
210 210 set_handle_flash_repo_groups = lambda: None
211 211 set_handle_flash_user_groups = lambda: None
212 212
213 213 if _repos and request.POST.get('user_repos'):
214 214 do = request.POST['user_repos']
215 215 if do == 'detach':
216 216 handle_repos = 'detach'
217 217 set_handle_flash_repos = lambda: h.flash(
218 218 _('Detached %s repositories') % len(_repos),
219 219 category='success')
220 220 elif do == 'delete':
221 221 handle_repos = 'delete'
222 222 set_handle_flash_repos = lambda: h.flash(
223 223 _('Deleted %s repositories') % len(_repos),
224 224 category='success')
225 225
226 226 if _repo_groups and request.POST.get('user_repo_groups'):
227 227 do = request.POST['user_repo_groups']
228 228 if do == 'detach':
229 229 handle_repo_groups = 'detach'
230 230 set_handle_flash_repo_groups = lambda: h.flash(
231 231 _('Detached %s repository groups') % len(_repo_groups),
232 232 category='success')
233 233 elif do == 'delete':
234 234 handle_repo_groups = 'delete'
235 235 set_handle_flash_repo_groups = lambda: h.flash(
236 236 _('Deleted %s repository groups') % len(_repo_groups),
237 237 category='success')
238 238
239 239 if _user_groups and request.POST.get('user_user_groups'):
240 240 do = request.POST['user_user_groups']
241 241 if do == 'detach':
242 242 handle_user_groups = 'detach'
243 243 set_handle_flash_user_groups = lambda: h.flash(
244 244 _('Detached %s user groups') % len(_user_groups),
245 245 category='success')
246 246 elif do == 'delete':
247 247 handle_user_groups = 'delete'
248 248 set_handle_flash_user_groups = lambda: h.flash(
249 249 _('Deleted %s user groups') % len(_user_groups),
250 250 category='success')
251 251
252 252 try:
253 253 UserModel().delete(c.user, handle_repos=handle_repos,
254 254 handle_repo_groups=handle_repo_groups,
255 255 handle_user_groups=handle_user_groups)
256 256 Session().commit()
257 257 set_handle_flash_repos()
258 258 set_handle_flash_repo_groups()
259 259 set_handle_flash_user_groups()
260 260 h.flash(_('Successfully deleted user'), category='success')
261 261 except (UserOwnsReposException, UserOwnsRepoGroupsException,
262 262 UserOwnsUserGroupsException, DefaultUserException) as e:
263 263 h.flash(e, category='warning')
264 264 except Exception:
265 265 log.exception("Exception during deletion of user")
266 266 h.flash(_('An error occurred during deletion of user'),
267 267 category='error')
268 268 return redirect(h.route_path('users'))
269 269
270 270 @HasPermissionAllDecorator('hg.admin')
271 271 @auth.CSRFRequired()
272 272 def reset_password(self, user_id):
273 273 """
274 274 toggle reset password flag for this user
275 275
276 276 :param user_id:
277 277 """
278 278 user_id = safe_int(user_id)
279 279 c.user = User.get_or_404(user_id)
280 280 try:
281 281 old_value = c.user.user_data.get('force_password_change')
282 282 c.user.update_userdata(force_password_change=not old_value)
283 283 Session().commit()
284 284 if old_value:
285 285 msg = _('Force password change disabled for user')
286 286 else:
287 287 msg = _('Force password change enabled for user')
288 288 h.flash(msg, category='success')
289 289 except Exception:
290 290 log.exception("Exception during password reset for user")
291 291 h.flash(_('An error occurred during password reset for user'),
292 292 category='error')
293 293
294 294 return redirect(url('edit_user_advanced', user_id=user_id))
295 295
296 296 @HasPermissionAllDecorator('hg.admin')
297 297 @auth.CSRFRequired()
298 298 def create_personal_repo_group(self, user_id):
299 299 """
300 300 Create personal repository group for this user
301 301
302 302 :param user_id:
303 303 """
304 304 from rhodecode.model.repo_group import RepoGroupModel
305 305
306 306 user_id = safe_int(user_id)
307 307 c.user = User.get_or_404(user_id)
308 308 personal_repo_group = RepoGroup.get_user_personal_repo_group(
309 309 c.user.user_id)
310 310 if personal_repo_group:
311 311 return redirect(url('edit_user_advanced', user_id=user_id))
312 312
313 313 personal_repo_group_name = RepoGroupModel().get_personal_group_name(
314 314 c.user)
315 315 named_personal_group = RepoGroup.get_by_group_name(
316 316 personal_repo_group_name)
317 317 try:
318 318
319 319 if named_personal_group and named_personal_group.user_id == c.user.user_id:
320 320 # migrate the same named group, and mark it as personal
321 321 named_personal_group.personal = True
322 322 Session().add(named_personal_group)
323 323 Session().commit()
324 324 msg = _('Linked repository group `%s` as personal' % (
325 325 personal_repo_group_name,))
326 326 h.flash(msg, category='success')
327 327 elif not named_personal_group:
328 328 RepoGroupModel().create_personal_repo_group(c.user)
329 329
330 330 msg = _('Created repository group `%s`' % (
331 331 personal_repo_group_name,))
332 332 h.flash(msg, category='success')
333 333 else:
334 334 msg = _('Repository group `%s` is already taken' % (
335 335 personal_repo_group_name,))
336 336 h.flash(msg, category='warning')
337 337 except Exception:
338 338 log.exception("Exception during repository group creation")
339 339 msg = _(
340 340 'An error occurred during repository group creation for user')
341 341 h.flash(msg, category='error')
342 342 Session().rollback()
343 343
344 344 return redirect(url('edit_user_advanced', user_id=user_id))
345 345
346 346 @HasPermissionAllDecorator('hg.admin')
347 347 def show(self, user_id):
348 348 """GET /users/user_id: Show a specific item"""
349 349 # url('user', user_id=ID)
350 350 User.get_or_404(-1)
351 351
352 352 @HasPermissionAllDecorator('hg.admin')
353 353 def edit(self, user_id):
354 354 """GET /users/user_id/edit: Form to edit an existing item"""
355 355 # url('edit_user', user_id=ID)
356 356 user_id = safe_int(user_id)
357 357 c.user = User.get_or_404(user_id)
358 358 if c.user.username == User.DEFAULT_USER:
359 359 h.flash(_("You can't edit this user"), category='warning')
360 360 return redirect(h.route_path('users'))
361 361
362 362 c.active = 'profile'
363 363 c.extern_type = c.user.extern_type
364 364 c.extern_name = c.user.extern_name
365 365 c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr)
366 366
367 367 defaults = c.user.get_dict()
368 368 defaults.update({'language': c.user.user_data.get('language')})
369 369 return htmlfill.render(
370 370 render('admin/users/user_edit.mako'),
371 371 defaults=defaults,
372 372 encoding="UTF-8",
373 373 force_defaults=False)
374 374
375 375 @HasPermissionAllDecorator('hg.admin')
376 376 def edit_advanced(self, user_id):
377 377 user_id = safe_int(user_id)
378 378 user = c.user = User.get_or_404(user_id)
379 379 if user.username == User.DEFAULT_USER:
380 380 h.flash(_("You can't edit this user"), category='warning')
381 381 return redirect(h.route_path('users'))
382 382
383 383 c.active = 'advanced'
384 c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr)
385 c.personal_repo_group = c.perm_user.personal_repo_group
384 c.personal_repo_group = RepoGroup.get_user_personal_repo_group(user_id)
386 385 c.personal_repo_group_name = RepoGroupModel()\
387 386 .get_personal_group_name(user)
388 387 c.first_admin = User.get_first_super_admin()
389 388 defaults = user.get_dict()
390 389
391 390 # Interim workaround if the user participated on any pull requests as a
392 391 # reviewer.
393 392 has_review = bool(PullRequestReviewers.query().filter(
394 393 PullRequestReviewers.user_id == user_id).first())
395 394 c.can_delete_user = not has_review
396 395 c.can_delete_user_message = _(
397 396 'The user participates as reviewer in pull requests and '
398 397 'cannot be deleted. You can set the user to '
399 398 '"inactive" instead of deleting it.') if has_review else ''
400 399
401 400 return htmlfill.render(
402 401 render('admin/users/user_edit.mako'),
403 402 defaults=defaults,
404 403 encoding="UTF-8",
405 404 force_defaults=False)
406 405
407 406 @HasPermissionAllDecorator('hg.admin')
408 407 def edit_global_perms(self, user_id):
409 408 user_id = safe_int(user_id)
410 409 c.user = User.get_or_404(user_id)
411 410 if c.user.username == User.DEFAULT_USER:
412 411 h.flash(_("You can't edit this user"), category='warning')
413 412 return redirect(h.route_path('users'))
414 413
415 414 c.active = 'global_perms'
416 415
417 416 c.default_user = User.get_default_user()
418 417 defaults = c.user.get_dict()
419 418 defaults.update(c.default_user.get_default_perms(suffix='_inherited'))
420 419 defaults.update(c.default_user.get_default_perms())
421 420 defaults.update(c.user.get_default_perms())
422 421
423 422 return htmlfill.render(
424 423 render('admin/users/user_edit.mako'),
425 424 defaults=defaults,
426 425 encoding="UTF-8",
427 426 force_defaults=False)
428 427
429 428 @HasPermissionAllDecorator('hg.admin')
430 429 @auth.CSRFRequired()
431 430 def update_global_perms(self, user_id):
432 431 """PUT /users_perm/user_id: Update an existing item"""
433 432 # url('user_perm', user_id=ID, method='put')
434 433 user_id = safe_int(user_id)
435 434 user = User.get_or_404(user_id)
436 435 c.active = 'global_perms'
437 436 try:
438 437 # first stage that verifies the checkbox
439 438 _form = UserIndividualPermissionsForm()
440 439 form_result = _form.to_python(dict(request.POST))
441 440 inherit_perms = form_result['inherit_default_permissions']
442 441 user.inherit_default_permissions = inherit_perms
443 442 Session().add(user)
444 443
445 444 if not inherit_perms:
446 445 # only update the individual ones if we un check the flag
447 446 _form = UserPermissionsForm(
448 447 [x[0] for x in c.repo_create_choices],
449 448 [x[0] for x in c.repo_create_on_write_choices],
450 449 [x[0] for x in c.repo_group_create_choices],
451 450 [x[0] for x in c.user_group_create_choices],
452 451 [x[0] for x in c.fork_choices],
453 452 [x[0] for x in c.inherit_default_permission_choices])()
454 453
455 454 form_result = _form.to_python(dict(request.POST))
456 455 form_result.update({'perm_user_id': user.user_id})
457 456
458 457 PermissionModel().update_user_permissions(form_result)
459 458
460 459 Session().commit()
461 460 h.flash(_('User global permissions updated successfully'),
462 461 category='success')
463 462
464 463 Session().commit()
465 464 except formencode.Invalid as errors:
466 465 defaults = errors.value
467 466 c.user = user
468 467 return htmlfill.render(
469 468 render('admin/users/user_edit.mako'),
470 469 defaults=defaults,
471 470 errors=errors.error_dict or {},
472 471 prefix_error=False,
473 472 encoding="UTF-8",
474 473 force_defaults=False)
475 474 except Exception:
476 475 log.exception("Exception during permissions saving")
477 476 h.flash(_('An error occurred during permissions saving'),
478 477 category='error')
479 478 return redirect(url('edit_user_global_perms', user_id=user_id))
480 479
481 480 @HasPermissionAllDecorator('hg.admin')
482 481 def edit_perms_summary(self, user_id):
483 482 user_id = safe_int(user_id)
484 483 c.user = User.get_or_404(user_id)
485 484 if c.user.username == User.DEFAULT_USER:
486 485 h.flash(_("You can't edit this user"), category='warning')
487 486 return redirect(h.route_path('users'))
488 487
489 488 c.active = 'perms_summary'
490 489 c.perm_user = AuthUser(user_id=user_id, ip_addr=self.ip_addr)
491 490
492 491 return render('admin/users/user_edit.mako')
493 492
494 493 @HasPermissionAllDecorator('hg.admin')
495 494 def edit_emails(self, user_id):
496 495 user_id = safe_int(user_id)
497 496 c.user = User.get_or_404(user_id)
498 497 if c.user.username == User.DEFAULT_USER:
499 498 h.flash(_("You can't edit this user"), category='warning')
500 499 return redirect(h.route_path('users'))
501 500
502 501 c.active = 'emails'
503 502 c.user_email_map = UserEmailMap.query() \
504 503 .filter(UserEmailMap.user == c.user).all()
505 504
506 505 defaults = c.user.get_dict()
507 506 return htmlfill.render(
508 507 render('admin/users/user_edit.mako'),
509 508 defaults=defaults,
510 509 encoding="UTF-8",
511 510 force_defaults=False)
512 511
513 512 @HasPermissionAllDecorator('hg.admin')
514 513 @auth.CSRFRequired()
515 514 def add_email(self, user_id):
516 515 """POST /user_emails:Add an existing item"""
517 516 # url('user_emails', user_id=ID, method='put')
518 517 user_id = safe_int(user_id)
519 518 c.user = User.get_or_404(user_id)
520 519
521 520 email = request.POST.get('new_email')
522 521 user_model = UserModel()
523 522
524 523 try:
525 524 user_model.add_extra_email(user_id, email)
526 525 Session().commit()
527 526 h.flash(_("Added new email address `%s` for user account") % email,
528 527 category='success')
529 528 except formencode.Invalid as error:
530 529 msg = error.error_dict['email']
531 530 h.flash(msg, category='error')
532 531 except Exception:
533 532 log.exception("Exception during email saving")
534 533 h.flash(_('An error occurred during email saving'),
535 534 category='error')
536 535 return redirect(url('edit_user_emails', user_id=user_id))
537 536
538 537 @HasPermissionAllDecorator('hg.admin')
539 538 @auth.CSRFRequired()
540 539 def delete_email(self, user_id):
541 540 """DELETE /user_emails_delete/user_id: Delete an existing item"""
542 541 # url('user_emails_delete', user_id=ID, method='delete')
543 542 user_id = safe_int(user_id)
544 543 c.user = User.get_or_404(user_id)
545 544 email_id = request.POST.get('del_email_id')
546 545 user_model = UserModel()
547 546 user_model.delete_extra_email(user_id, email_id)
548 547 Session().commit()
549 548 h.flash(_("Removed email address from user account"), category='success')
550 549 return redirect(url('edit_user_emails', user_id=user_id))
551 550
552 551 @HasPermissionAllDecorator('hg.admin')
553 552 def edit_ips(self, user_id):
554 553 user_id = safe_int(user_id)
555 554 c.user = User.get_or_404(user_id)
556 555 if c.user.username == User.DEFAULT_USER:
557 556 h.flash(_("You can't edit this user"), category='warning')
558 557 return redirect(h.route_path('users'))
559 558
560 559 c.active = 'ips'
561 560 c.user_ip_map = UserIpMap.query() \
562 561 .filter(UserIpMap.user == c.user).all()
563 562
564 563 c.inherit_default_ips = c.user.inherit_default_permissions
565 564 c.default_user_ip_map = UserIpMap.query() \
566 565 .filter(UserIpMap.user == User.get_default_user()).all()
567 566
568 567 defaults = c.user.get_dict()
569 568 return htmlfill.render(
570 569 render('admin/users/user_edit.mako'),
571 570 defaults=defaults,
572 571 encoding="UTF-8",
573 572 force_defaults=False)
574 573
575 574 @HasPermissionAllDecorator('hg.admin')
576 575 @auth.CSRFRequired()
577 576 def add_ip(self, user_id):
578 577 """POST /user_ips:Add an existing item"""
579 578 # url('user_ips', user_id=ID, method='put')
580 579
581 580 user_id = safe_int(user_id)
582 581 c.user = User.get_or_404(user_id)
583 582 user_model = UserModel()
584 583 try:
585 584 ip_list = user_model.parse_ip_range(request.POST.get('new_ip'))
586 585 except Exception as e:
587 586 ip_list = []
588 587 log.exception("Exception during ip saving")
589 588 h.flash(_('An error occurred during ip saving:%s' % (e,)),
590 589 category='error')
591 590
592 591 desc = request.POST.get('description')
593 592 added = []
594 593 for ip in ip_list:
595 594 try:
596 595 user_model.add_extra_ip(user_id, ip, desc)
597 596 Session().commit()
598 597 added.append(ip)
599 598 except formencode.Invalid as error:
600 599 msg = error.error_dict['ip']
601 600 h.flash(msg, category='error')
602 601 except Exception:
603 602 log.exception("Exception during ip saving")
604 603 h.flash(_('An error occurred during ip saving'),
605 604 category='error')
606 605 if added:
607 606 h.flash(
608 607 _("Added ips %s to user whitelist") % (', '.join(ip_list), ),
609 608 category='success')
610 609 if 'default_user' in request.POST:
611 610 return redirect(url('admin_permissions_ips'))
612 611 return redirect(url('edit_user_ips', user_id=user_id))
613 612
614 613 @HasPermissionAllDecorator('hg.admin')
615 614 @auth.CSRFRequired()
616 615 def delete_ip(self, user_id):
617 616 """DELETE /user_ips_delete/user_id: Delete an existing item"""
618 617 # url('user_ips_delete', user_id=ID, method='delete')
619 618 user_id = safe_int(user_id)
620 619 c.user = User.get_or_404(user_id)
621 620
622 621 ip_id = request.POST.get('del_ip_id')
623 622 user_model = UserModel()
624 623 user_model.delete_extra_ip(user_id, ip_id)
625 624 Session().commit()
626 625 h.flash(_("Removed ip address from user whitelist"), category='success')
627 626
628 627 if 'default_user' in request.POST:
629 628 return redirect(url('admin_permissions_ips'))
630 629 return redirect(url('edit_user_ips', user_id=user_id))
General Comments 0
You need to be logged in to leave comments. Login now