Show More
@@ -233,8 +233,8 b' class TestCreateRepoGroup(object):' | |||||
233 |
|
233 | |||
234 | expected = { |
|
234 | expected = { | |
235 | 'repo_group': |
|
235 | 'repo_group': | |
236 | 'Parent repository group `{}` does not exist'.format( |
|
236 | u"You do not have the permissions to store " | |
237 | repo_group_name)} |
|
237 | u"repository groups inside repository group `{}`".format(repo_group_name)} | |
238 | try: |
|
238 | try: | |
239 | assert_error(id_, expected, given=response.body) |
|
239 | assert_error(id_, expected, given=response.body) | |
240 | finally: |
|
240 | finally: |
@@ -53,7 +53,8 b' def deferred_can_write_to_group_validato' | |||||
53 | # permissions denied we expose as not existing, to prevent |
|
53 | # permissions denied we expose as not existing, to prevent | |
54 | # resource discovery |
|
54 | # resource discovery | |
55 | 'permission_denied_parent_group': |
|
55 | 'permission_denied_parent_group': | |
56 | _(u"Parent repository group `{}` does not exist"), |
|
56 | _(u"You do not have the permissions to store " | |
|
57 | u"repository groups inside repository group `{}`"), | |||
57 | 'permission_denied_root': |
|
58 | 'permission_denied_root': | |
58 | _(u"You do not have the permission to store " |
|
59 | _(u"You do not have the permission to store " | |
59 | u"repository groups in the root location.") |
|
60 | u"repository groups in the root location.") | |
@@ -100,9 +101,15 b' def deferred_can_write_to_group_validato' | |||||
100 | # we want to allow this... |
|
101 | # we want to allow this... | |
101 | forbidden = not (group_admin or (group_write and create_on_write and 0)) |
|
102 | forbidden = not (group_admin or (group_write and create_on_write and 0)) | |
102 |
|
103 | |||
|
104 | old_name = old_values.get('group_name') | |||
|
105 | if old_name and old_name == old_values.get('submitted_repo_group_name'): | |||
|
106 | # we're editing a repository group, we didn't change the name | |||
|
107 | # we skip the check for write into parent group now | |||
|
108 | # this allows changing settings for this repo group | |||
|
109 | return | |||
|
110 | ||||
103 | if parent_group and forbidden: |
|
111 | if parent_group and forbidden: | |
104 | msg = messages['permission_denied_parent_group'].format( |
|
112 | msg = messages['permission_denied_parent_group'].format(parent_group_name) | |
105 | parent_group_name) |
|
|||
106 | raise colander.Invalid(node, msg) |
|
113 | raise colander.Invalid(node, msg) | |
107 |
|
114 | |||
108 | return can_write_group_validator |
|
115 | return can_write_group_validator | |
@@ -248,6 +255,9 b' class RepoGroupSchema(colander.Schema):' | |||||
248 | validated_name = appstruct['repo_group_name'] |
|
255 | validated_name = appstruct['repo_group_name'] | |
249 |
|
256 | |||
250 | # second pass to validate permissions to repo_group |
|
257 | # second pass to validate permissions to repo_group | |
|
258 | if 'old_values' in self.bindings: | |||
|
259 | # save current repo name for name change checks | |||
|
260 | self.bindings['old_values']['submitted_repo_group_name'] = validated_name | |||
251 | second = RepoGroupAccessSchema().bind(**self.bindings) |
|
261 | second = RepoGroupAccessSchema().bind(**self.bindings) | |
252 | appstruct_second = second.deserialize({'repo_group': validated_name}) |
|
262 | appstruct_second = second.deserialize({'repo_group': validated_name}) | |
253 | # save result |
|
263 | # save result | |
@@ -286,6 +296,9 b' class RepoGroupSettingsSchema(RepoGroupS' | |||||
286 | validated_name = separator.join([group.group_name, validated_name]) |
|
296 | validated_name = separator.join([group.group_name, validated_name]) | |
287 |
|
297 | |||
288 | # second pass to validate permissions to repo_group |
|
298 | # second pass to validate permissions to repo_group | |
|
299 | if 'old_values' in self.bindings: | |||
|
300 | # save current repo name for name change checks | |||
|
301 | self.bindings['old_values']['submitted_repo_group_name'] = validated_name | |||
289 | second = RepoGroupAccessSchema().bind(**self.bindings) |
|
302 | second = RepoGroupAccessSchema().bind(**self.bindings) | |
290 | appstruct_second = second.deserialize({'repo_group': validated_name}) |
|
303 | appstruct_second = second.deserialize({'repo_group': validated_name}) | |
291 | # save result |
|
304 | # save result |
General Comments 0
You need to be logged in to leave comments.
Login now