Show More
@@ -71,6 +71,7 b' class ChannelstreamView(object):' | |||
|
71 | 71 | except Exception: |
|
72 | 72 | log.exception('Failed to decode json from request') |
|
73 | 73 | raise HTTPBadRequest() |
|
74 | ||
|
74 | 75 | try: |
|
75 | 76 | channels = check_channel_permissions( |
|
76 | 77 | json_body.get('channels'), |
@@ -92,7 +93,7 b' class ChannelstreamView(object):' | |||
|
92 | 93 | 'display_name': None, |
|
93 | 94 | 'display_link': None, |
|
94 | 95 | } |
|
95 | user_data['permissions'] = self._rhodecode_user.permissions | |
|
96 | user_data['permissions'] = self._rhodecode_user.permissions_safe | |
|
96 | 97 | payload = { |
|
97 | 98 | 'username': user.username, |
|
98 | 99 | 'user_state': user_data, |
@@ -944,6 +944,24 b' class AuthUser(object):' | |||
|
944 | 944 | return self.get_perms(user=self, cache=False) |
|
945 | 945 | |
|
946 | 946 | @LazyProperty |
|
947 | def permissions_safe(self): | |
|
948 | """ | |
|
949 | Filtered permissions excluding not allowed repositories | |
|
950 | """ | |
|
951 | perms = self.get_perms(user=self, cache=False) | |
|
952 | ||
|
953 | perms['repositories'] = { | |
|
954 | k: v for k, v in perms['repositories'].iteritems() | |
|
955 | if v != 'repository.none'} | |
|
956 | perms['repositories_groups'] = { | |
|
957 | k: v for k, v in perms['repositories_groups'].iteritems() | |
|
958 | if v != 'group.none'} | |
|
959 | perms['user_groups'] = { | |
|
960 | k: v for k, v in perms['user_groups'].iteritems() | |
|
961 | if v != 'usergroup.none'} | |
|
962 | return perms | |
|
963 | ||
|
964 | @LazyProperty | |
|
947 | 965 | def permissions_full_details(self): |
|
948 | 966 | return self.get_perms( |
|
949 | 967 | user=self, cache=False, calculate_super_admin=True) |
General Comments 0
You need to be logged in to leave comments.
Login now