##// END OF EJS Templates
permissions: fixed problem with permissions changes from permission page
marcink -
r4334:b3a3408e default
parent child Browse files
Show More
@@ -1,135 +1,140 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2011-2020 RhodeCode GmbH
3 # Copyright (C) 2011-2020 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import logging
21 import logging
22
22
23 from pyramid.httpexceptions import HTTPFound
23 from pyramid.httpexceptions import HTTPFound
24 from pyramid.view import view_config
24 from pyramid.view import view_config
25
25
26 from rhodecode.apps._base import RepoAppView
26 from rhodecode.apps._base import RepoAppView
27 from rhodecode.lib import helpers as h
27 from rhodecode.lib import helpers as h
28 from rhodecode.lib import audit_logger
28 from rhodecode.lib import audit_logger
29 from rhodecode.lib.auth import (
29 from rhodecode.lib.auth import (
30 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
30 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
31 from rhodecode.lib.utils2 import str2bool
31 from rhodecode.lib.utils2 import str2bool
32 from rhodecode.model.db import User
32 from rhodecode.model.db import User
33 from rhodecode.model.forms import RepoPermsForm
33 from rhodecode.model.forms import RepoPermsForm
34 from rhodecode.model.meta import Session
34 from rhodecode.model.meta import Session
35 from rhodecode.model.permission import PermissionModel
35 from rhodecode.model.permission import PermissionModel
36 from rhodecode.model.repo import RepoModel
36 from rhodecode.model.repo import RepoModel
37
37
38 log = logging.getLogger(__name__)
38 log = logging.getLogger(__name__)
39
39
40
40
41 class RepoSettingsPermissionsView(RepoAppView):
41 class RepoSettingsPermissionsView(RepoAppView):
42
42
43 def load_default_context(self):
43 def load_default_context(self):
44 c = self._get_local_tmpl_context()
44 c = self._get_local_tmpl_context()
45 return c
45 return c
46
46
47 @LoginRequired()
47 @LoginRequired()
48 @HasRepoPermissionAnyDecorator('repository.admin')
48 @HasRepoPermissionAnyDecorator('repository.admin')
49 @view_config(
49 @view_config(
50 route_name='edit_repo_perms', request_method='GET',
50 route_name='edit_repo_perms', request_method='GET',
51 renderer='rhodecode:templates/admin/repos/repo_edit.mako')
51 renderer='rhodecode:templates/admin/repos/repo_edit.mako')
52 def edit_permissions(self):
52 def edit_permissions(self):
53 _ = self.request.translate
53 _ = self.request.translate
54 c = self.load_default_context()
54 c = self.load_default_context()
55 c.active = 'permissions'
55 c.active = 'permissions'
56 if self.request.GET.get('branch_permissions'):
56 if self.request.GET.get('branch_permissions'):
57 h.flash(_('Explicitly add user or user group with write+ '
57 h.flash(_('Explicitly add user or user group with write+ '
58 'permission to modify their branch permissions.'),
58 'permission to modify their branch permissions.'),
59 category='notice')
59 category='notice')
60 return self._get_template_context(c)
60 return self._get_template_context(c)
61
61
62 @LoginRequired()
62 @LoginRequired()
63 @HasRepoPermissionAnyDecorator('repository.admin')
63 @HasRepoPermissionAnyDecorator('repository.admin')
64 @CSRFRequired()
64 @CSRFRequired()
65 @view_config(
65 @view_config(
66 route_name='edit_repo_perms', request_method='POST',
66 route_name='edit_repo_perms', request_method='POST',
67 renderer='rhodecode:templates/admin/repos/repo_edit.mako')
67 renderer='rhodecode:templates/admin/repos/repo_edit.mako')
68 def edit_permissions_update(self):
68 def edit_permissions_update(self):
69 _ = self.request.translate
69 _ = self.request.translate
70 c = self.load_default_context()
70 c = self.load_default_context()
71 c.active = 'permissions'
71 c.active = 'permissions'
72 data = self.request.POST
72 data = self.request.POST
73 # store private flag outside of HTML to verify if we can modify
73 # store private flag outside of HTML to verify if we can modify
74 # default user permissions, prevents submission of FAKE post data
74 # default user permissions, prevents submission of FAKE post data
75 # into the form for private repos
75 # into the form for private repos
76 data['repo_private'] = self.db_repo.private
76 data['repo_private'] = self.db_repo.private
77 form = RepoPermsForm(self.request.translate)().to_python(data)
77 form = RepoPermsForm(self.request.translate)().to_python(data)
78 changes = RepoModel().update_permissions(
78 changes = RepoModel().update_permissions(
79 self.db_repo_name, form['perm_additions'], form['perm_updates'],
79 self.db_repo_name, form['perm_additions'], form['perm_updates'],
80 form['perm_deletions'])
80 form['perm_deletions'])
81
81
82 action_data = {
82 action_data = {
83 'added': changes['added'],
83 'added': changes['added'],
84 'updated': changes['updated'],
84 'updated': changes['updated'],
85 'deleted': changes['deleted'],
85 'deleted': changes['deleted'],
86 }
86 }
87 audit_logger.store_web(
87 audit_logger.store_web(
88 'repo.edit.permissions', action_data=action_data,
88 'repo.edit.permissions', action_data=action_data,
89 user=self._rhodecode_user, repo=self.db_repo)
89 user=self._rhodecode_user, repo=self.db_repo)
90
90
91 Session().commit()
91 Session().commit()
92 h.flash(_('Repository access permissions updated'), category='success')
92 h.flash(_('Repository access permissions updated'), category='success')
93
93
94 affected_user_ids = None
94 affected_user_ids = None
95 if changes.get('default_user_changed', False):
95 if changes.get('default_user_changed', False):
96 # if we change the default user, we need to flush everyone permissions
96 # if we change the default user, we need to flush everyone permissions
97 affected_user_ids = User.get_all_user_ids()
97 affected_user_ids = User.get_all_user_ids()
98 PermissionModel().flush_user_permission_caches(
98 PermissionModel().flush_user_permission_caches(
99 changes, affected_user_ids=affected_user_ids)
99 changes, affected_user_ids=affected_user_ids)
100
100
101 raise HTTPFound(
101 raise HTTPFound(
102 h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
102 h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
103
103
104 @LoginRequired()
104 @LoginRequired()
105 @HasRepoPermissionAnyDecorator('repository.admin')
105 @HasRepoPermissionAnyDecorator('repository.admin')
106 @CSRFRequired()
106 @CSRFRequired()
107 @view_config(
107 @view_config(
108 route_name='edit_repo_perms_set_private', request_method='POST',
108 route_name='edit_repo_perms_set_private', request_method='POST',
109 renderer='json_ext')
109 renderer='json_ext')
110 def edit_permissions_set_private_repo(self):
110 def edit_permissions_set_private_repo(self):
111 _ = self.request.translate
111 _ = self.request.translate
112 self.load_default_context()
112 self.load_default_context()
113
113
114 private_flag = str2bool(self.request.POST.get('private'))
114 private_flag = str2bool(self.request.POST.get('private'))
115
115
116 try:
116 try:
117 RepoModel().update(
117 repo = RepoModel().get(self.db_repo.repo_id)
118 self.db_repo, **{'repo_private': private_flag, 'repo_name': self.db_repo_name})
118 repo.private = private_flag
119 Session().add(repo)
120 RepoModel().grant_user_permission(
121 repo=self.db_repo, user=User.DEFAULT_USER, perm='repository.none'
122 )
123
119 Session().commit()
124 Session().commit()
120
125
121 h.flash(_('Repository `{}` private mode set successfully').format(self.db_repo_name),
126 h.flash(_('Repository `{}` private mode set successfully').format(self.db_repo_name),
122 category='success')
127 category='success')
128 # NOTE(dan): we change repo private mode we need to notify all USERS
129 affected_user_ids = User.get_all_user_ids()
130 PermissionModel().trigger_permission_flush(affected_user_ids)
131
123 except Exception:
132 except Exception:
124 log.exception("Exception during update of repository")
133 log.exception("Exception during update of repository")
125 h.flash(_('Error occurred during update of repository {}').format(
134 h.flash(_('Error occurred during update of repository {}').format(
126 self.db_repo_name), category='error')
135 self.db_repo_name), category='error')
127
136
128 # NOTE(dan): we change repo private mode we need to notify all USERS
129 affected_user_ids = User.get_all_user_ids()
130 PermissionModel().trigger_permission_flush(affected_user_ids)
131
132 return {
137 return {
133 'redirect_url': h.route_path('edit_repo_perms', repo_name=self.db_repo_name),
138 'redirect_url': h.route_path('edit_repo_perms', repo_name=self.db_repo_name),
134 'private': private_flag
139 'private': private_flag
135 }
140 }
@@ -1,232 +1,239 b''
1 <%namespace name="base" file="/base/base.mako"/>
1 <%namespace name="base" file="/base/base.mako"/>
2
2
3 <div class="panel panel-default">
3 <div class="panel panel-default">
4 <div class="panel-heading">
4 <div class="panel-heading">
5 <h3 class="panel-title">${_('Repository Access Permissions')}</h3>
5 <h3 class="panel-title">${_('Repository Access Permissions')}</h3>
6 </div>
6 </div>
7 <div class="panel-body">
7 <div class="panel-body">
8 ${h.secure_form(h.route_path('edit_repo_perms', repo_name=c.repo_name), request=request)}
8 ${h.secure_form(h.route_path('edit_repo_perms', repo_name=c.repo_name), request=request)}
9 <table id="permissions_manage" class="rctable permissions">
9 <table id="permissions_manage" class="rctable permissions">
10 <tr>
10 <tr>
11 <th class="td-radio">${_('None')}</th>
11 <th class="td-radio">${_('None')}</th>
12 <th class="td-radio">${_('Read')}</th>
12 <th class="td-radio">${_('Read')}</th>
13 <th class="td-radio">${_('Write')}</th>
13 <th class="td-radio">${_('Write')}</th>
14 <th class="td-radio">${_('Admin')}</th>
14 <th class="td-radio">${_('Admin')}</th>
15 <th class="td-owner">${_('User/User Group')}</th>
15 <th class="td-owner">${_('User/User Group')}</th>
16 <th class="td-action"></th>
16 <th class="td-action"></th>
17 <th class="td-action"></th>
17 <th class="td-action"></th>
18 </tr>
18 </tr>
19 ## USERS
19 ## USERS
20 %for _user in c.rhodecode_db_repo.permissions():
20 %for _user in c.rhodecode_db_repo.permissions():
21 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
21 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
22 <tr class="perm_admin_row">
22 <tr class="perm_admin_row">
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
26 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
26 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
27 <td class="td-user">
27 <td class="td-user">
28 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
28 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
29 ${h.link_to_user(_user.username)}
29 ${h.link_to_user(_user.username)}
30 %if getattr(_user, 'admin_row', None):
30 %if getattr(_user, 'admin_row', None):
31 (${_('super-admin')})
31 (${_('super-admin')})
32 %endif
32 %endif
33 %if getattr(_user, 'owner_row', None):
33 %if getattr(_user, 'owner_row', None):
34 (${_('owner')})
34 (${_('owner')})
35 %endif
35 %endif
36 </td>
36 </td>
37 <td></td>
37 <td></td>
38 <td class="quick_repo_menu">
38 <td class="quick_repo_menu">
39 % if c.rhodecode_user.is_admin:
39 % if c.rhodecode_user.is_admin:
40 <i class="icon-more"></i>
40 <i class="icon-more"></i>
41 <div class="menu_items_container" style="display: none;">
41 <div class="menu_items_container" style="display: none;">
42 <ul class="menu_items">
42 <ul class="menu_items">
43 <li>
43 <li>
44 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
44 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
45 </li>
45 </li>
46 </ul>
46 </ul>
47 </div>
47 </div>
48 % endif
48 % endif
49 </td>
49 </td>
50 </tr>
50 </tr>
51 %elif _user.username == h.DEFAULT_USER and c.rhodecode_db_repo.private:
51 %elif _user.username == h.DEFAULT_USER and c.rhodecode_db_repo.private:
52 <tr>
52 <tr>
53 <td colspan="4">
53 <td colspan="4">
54 <span class="private_repo_msg">
54 <span class="private_repo_msg">
55 <strong title="${h.tooltip(_user.permission)}">${_('private repository')}</strong>
55 <strong title="${h.tooltip(_user.permission)}">${_('private repository')}</strong>
56 </span>
56 </span>
57 </td>
57 </td>
58 <td class="private_repo_msg">
58 <td class="private_repo_msg">
59 ${base.gravatar(h.DEFAULT_USER_EMAIL, 16)}
59 ${base.gravatar(h.DEFAULT_USER_EMAIL, 16)}
60 ${h.DEFAULT_USER} - ${_('only users/user groups explicitly added here will have access')}</td>
60 ${h.DEFAULT_USER} - ${_('only users/user groups explicitly added here will have access')}</td>
61 <td class="td-action">
61 <td class="td-action">
62 <span class="tooltip btn btn-link btn-default" onclick="setPrivateRepo(false); return false" title="${_('Private repositories are only visible to people explicitly added as collaborators. Default permissions wont apply')}">
62 <span class="noselect tooltip btn btn-link btn-default" onclick="setPrivateRepo(this, false); return false" title="${_('Private repositories are only visible to people explicitly added as collaborators. Default permissions wont apply')}">
63 ${_('un-set private mode')}
63 ${_('un-set private mode')}
64 </span>
64 </span>
65 </td>
65 </td>
66 <td class="quick_repo_menu">
66 <td class="quick_repo_menu">
67 % if c.rhodecode_user.is_admin:
67 % if c.rhodecode_user.is_admin:
68 <i class="icon-more"></i>
68 <i class="icon-more"></i>
69 <div class="menu_items_container" style="display: none;">
69 <div class="menu_items_container" style="display: none;">
70 <ul class="menu_items">
70 <ul class="menu_items">
71 <li>
71 <li>
72 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
72 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
73 </li>
73 </li>
74 </ul>
74 </ul>
75 </div>
75 </div>
76 % endif
76 % endif
77 </td>
77 </td>
78 </tr>
78 </tr>
79 %else:
79 %else:
80 <% used_by_n_rules = len(getattr(_user, 'branch_rules', None) or []) %>
80 <% used_by_n_rules = len(getattr(_user, 'branch_rules', None) or []) %>
81 <tr>
81 <tr>
82 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.none', checked=_user.permission=='repository.none', disabled="disabled" if (used_by_n_rules and _user.username != h.DEFAULT_USER) else None)}</td>
82 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.none', checked=_user.permission=='repository.none', disabled="disabled" if (used_by_n_rules and _user.username != h.DEFAULT_USER) else None)}</td>
83 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.read', checked=_user.permission=='repository.read', disabled="disabled" if (used_by_n_rules and _user.username != h.DEFAULT_USER) else None)}</td>
83 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.read', checked=_user.permission=='repository.read', disabled="disabled" if (used_by_n_rules and _user.username != h.DEFAULT_USER) else None)}</td>
84 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.write', checked=_user.permission=='repository.write')}</td>
84 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.write', checked=_user.permission=='repository.write')}</td>
85 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.admin', checked=_user.permission=='repository.admin')}</td>
85 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.admin', checked=_user.permission=='repository.admin')}</td>
86 <td class="td-user">
86 <td class="td-user">
87 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
87 ${base.gravatar(_user.email, 16, user=_user, tooltip=True)}
88 <span class="user">
88 <span class="user">
89 % if _user.username == h.DEFAULT_USER:
89 % if _user.username == h.DEFAULT_USER:
90 ${h.DEFAULT_USER}
90 ${h.DEFAULT_USER}
91 % if _user.active:
91 % if _user.active:
92 <span class="user-perm-help-text"> - ${_('permission for other logged in and anonymous users')}</span>
92 <span class="user-perm-help-text"> - ${_('permission for other logged in and anonymous users')}</span>
93 % else:
93 % else:
94 <span class="user-perm-help-text"> - ${_('permission for other logged in users')}</span>
94 <span class="user-perm-help-text"> - ${_('permission for other logged in users')}</span>
95 % endif
95 % endif
96 % else:
96 % else:
97 ${h.link_to_user(_user.username)}
97 ${h.link_to_user(_user.username)}
98 %if getattr(_user, 'duplicate_perm', None):
98 %if getattr(_user, 'duplicate_perm', None):
99 (${_('inactive duplicate')})
99 (${_('inactive duplicate')})
100 %endif
100 %endif
101 %if getattr(_user, 'branch_rules', None):
101 %if getattr(_user, 'branch_rules', None):
102 % if used_by_n_rules == 1:
102 % if used_by_n_rules == 1:
103 (${_('used by {} branch rule, requires write+ permissions').format(used_by_n_rules)})
103 (${_('used by {} branch rule, requires write+ permissions').format(used_by_n_rules)})
104 % else:
104 % else:
105 (${_('used by {} branch rules, requires write+ permissions').format(used_by_n_rules)})
105 (${_('used by {} branch rules, requires write+ permissions').format(used_by_n_rules)})
106 % endif
106 % endif
107 %endif
107 %endif
108 % endif
108 % endif
109 </span>
109 </span>
110 </td>
110 </td>
111 <td class="td-action">
111 <td class="td-action">
112 %if _user.username != h.DEFAULT_USER and getattr(_user, 'branch_rules', None) is None:
112 %if _user.username != h.DEFAULT_USER and getattr(_user, 'branch_rules', None) is None:
113 <span class="btn btn-link btn-danger revoke_perm"
113 <span class="btn btn-link btn-danger revoke_perm"
114 member="${_user.user_id}" member_type="user">
114 member="${_user.user_id}" member_type="user">
115 ${_('Remove')}
115 ${_('Remove')}
116 </span>
116 </span>
117 %elif _user.username == h.DEFAULT_USER:
117 %elif _user.username == h.DEFAULT_USER:
118 <span class="tooltip btn btn-link btn-default" onclick="setPrivateRepo(true); return false" title="${_('Private repositories are only visible to people explicitly added as collaborators. Default permissions wont apply')}">
118 <span class="noselect tooltip btn btn-link btn-default" onclick="setPrivateRepo(this, true); return false" title="${_('Private repositories are only visible to people explicitly added as collaborators. Default permissions wont apply')}">
119 ${_('set private mode')}
119 ${_('set private mode')}
120 </span>
120 </span>
121 %endif
121 %endif
122 </td>
122 </td>
123 <td class="quick_repo_menu">
123 <td class="quick_repo_menu">
124 % if c.rhodecode_user.is_admin:
124 % if c.rhodecode_user.is_admin:
125 <i class="icon-more"></i>
125 <i class="icon-more"></i>
126 <div class="menu_items_container" style="display: none;">
126 <div class="menu_items_container" style="display: none;">
127 <ul class="menu_items">
127 <ul class="menu_items">
128 <li>
128 <li>
129 % if _user.username == h.DEFAULT_USER:
129 % if _user.username == h.DEFAULT_USER:
130 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
130 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
131 % else:
131 % else:
132 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
132 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
133 % endif
133 % endif
134 </li>
134 </li>
135 </ul>
135 </ul>
136 </div>
136 </div>
137 % endif
137 % endif
138 </td>
138 </td>
139 </tr>
139 </tr>
140 %endif
140 %endif
141 %endfor
141 %endfor
142
142
143 ## USER GROUPS
143 ## USER GROUPS
144 %for _user_group in c.rhodecode_db_repo.permission_user_groups(with_members=True):
144 %for _user_group in c.rhodecode_db_repo.permission_user_groups(with_members=True):
145 <tr>
145 <tr>
146 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.none', checked=_user_group.permission=='repository.none')}</td>
146 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.none', checked=_user_group.permission=='repository.none')}</td>
147 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.read', checked=_user_group.permission=='repository.read')}</td>
147 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.read', checked=_user_group.permission=='repository.read')}</td>
148 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.write', checked=_user_group.permission=='repository.write')}</td>
148 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.write', checked=_user_group.permission=='repository.write')}</td>
149 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.admin', checked=_user_group.permission=='repository.admin')}</td>
149 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.admin', checked=_user_group.permission=='repository.admin')}</td>
150 <td class="td-componentname">
150 <td class="td-componentname">
151 ${base.user_group_icon(_user_group, tooltip=True)}
151 ${base.user_group_icon(_user_group, tooltip=True)}
152 %if c.is_super_admin:
152 %if c.is_super_admin:
153 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
153 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
154 ${_user_group.users_group_name}
154 ${_user_group.users_group_name}
155 </a>
155 </a>
156 %else:
156 %else:
157 ${h.link_to_group(_user_group.users_group_name)}
157 ${h.link_to_group(_user_group.users_group_name)}
158 %endif
158 %endif
159 (${_('members')}: ${len(_user_group.members)})
159 (${_('members')}: ${len(_user_group.members)})
160 </td>
160 </td>
161 <td class="td-action">
161 <td class="td-action">
162 <span class="btn btn-link btn-danger revoke_perm"
162 <span class="btn btn-link btn-danger revoke_perm"
163 member="${_user_group.users_group_id}" member_type="user_group">
163 member="${_user_group.users_group_id}" member_type="user_group">
164 ${_('Remove')}
164 ${_('Remove')}
165 </span>
165 </span>
166 </td>
166 </td>
167 <td class="quick_repo_menu">
167 <td class="quick_repo_menu">
168 % if c.rhodecode_user.is_admin:
168 % if c.rhodecode_user.is_admin:
169 <i class="icon-more"></i>
169 <i class="icon-more"></i>
170 <div class="menu_items_container" style="display: none;">
170 <div class="menu_items_container" style="display: none;">
171 <ul class="menu_items">
171 <ul class="menu_items">
172 <li>
172 <li>
173 ${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='repositories-permissions'))}
173 ${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='repositories-permissions'))}
174 </li>
174 </li>
175 </ul>
175 </ul>
176 </div>
176 </div>
177 % endif
177 % endif
178 </td>
178 </td>
179 </tr>
179 </tr>
180 %endfor
180 %endfor
181 <tr class="new_members" id="add_perm_input"></tr>
181 <tr class="new_members" id="add_perm_input"></tr>
182
182
183 <tr>
183 <tr>
184 <td></td>
184 <td></td>
185 <td></td>
185 <td></td>
186 <td></td>
186 <td></td>
187 <td></td>
187 <td></td>
188 <td></td>
188 <td></td>
189 <td>
189 <td>
190 <span id="add_perm" class="link">
190 <span id="add_perm" class="link">
191 ${_('Add user/user group')}
191 ${_('Add user/user group')}
192 </span>
192 </span>
193 </td>
193 </td>
194 <td></td>
194 <td></td>
195 </tr>
195 </tr>
196
196
197 </table>
197 </table>
198
198
199 <div class="buttons">
199 <div class="buttons">
200 ${h.submit('save',_('Save'),class_="btn btn-primary")}
200 ${h.submit('save',_('Save'),class_="btn btn-primary")}
201 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
201 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
202 </div>
202 </div>
203 ${h.end_form()}
203 ${h.end_form()}
204 </div>
204 </div>
205 </div>
205 </div>
206
206
207 <script type="text/javascript">
207 <script type="text/javascript">
208 $('#add_perm').on('click', function(e){
208 $('#add_perm').on('click', function(e){
209 addNewPermInput($(this), 'repository');
209 addNewPermInput($(this), 'repository');
210 });
210 });
211 $('.revoke_perm').on('click', function(e){
211 $('.revoke_perm').on('click', function(e){
212 markRevokePermInput($(this), 'repository');
212 markRevokePermInput($(this), 'repository');
213 });
213 });
214 quick_repo_menu();
214 quick_repo_menu();
215
215
216 var setPrivateRepo = function (private) {
216 var setPrivateRepo = function (elem, private) {
217 var $elem = $(elem)
218 if ($elem.hasClass('disabled')) {
219 return
220 }
221 $elem.addClass('disabled');
222 $elem.css({"opacity": 0.3})
223
217 var postData = {
224 var postData = {
218 'csrf_token': CSRF_TOKEN,
225 'csrf_token': CSRF_TOKEN,
219 'private': private
226 'private': private
220 };
227 };
221
228
222 var success = function(o) {
229 var success = function(o) {
223 var defaultUrl = pyroutes.url('edit_repo_perms', {"repo_name": templateContext.repo_name});
230 var defaultUrl = pyroutes.url('edit_repo_perms', {"repo_name": templateContext.repo_name});
224 window.location = o.redirect_url || defaultUrl;
231 window.location = o.redirect_url || defaultUrl;
225 };
232 };
226
233
227 ajaxPOST(
234 ajaxPOST(
228 pyroutes.url('edit_repo_perms_set_private', {"repo_name": templateContext.repo_name}),
235 pyroutes.url('edit_repo_perms_set_private', {"repo_name": templateContext.repo_name}),
229 postData,
236 postData,
230 success);
237 success);
231 }
238 }
232 </script>
239 </script>
General Comments 0
You need to be logged in to leave comments. Login now