##// END OF EJS Templates
permissions: add links to permissions summary for each permission pages
marcink -
r2976:b8a47c7e default
parent child Browse files
Show More
@@ -1376,6 +1376,32 b' class UserGroup(Base, BaseModel):'
1376 1376 return user_group.get(user_group_id)
1377 1377
1378 1378 def permissions(self, with_admins=True, with_owner=True):
1379 """
1380 Permissions for user groups
1381 """
1382 _admin_perm = 'usergroup.admin'
1383
1384 owner_row = []
1385 if with_owner:
1386 usr = AttributeDict(self.user.get_dict())
1387 usr.owner_row = True
1388 usr.permission = _admin_perm
1389 owner_row.append(usr)
1390
1391 super_admin_ids = []
1392 super_admin_rows = []
1393 if with_admins:
1394 for usr in User.get_all_super_admins():
1395 super_admin_ids.append(usr.user_id)
1396 # if this admin is also owner, don't double the record
1397 if usr.user_id == owner_row[0].user_id:
1398 owner_row[0].admin_row = True
1399 else:
1400 usr = AttributeDict(usr.get_dict())
1401 usr.admin_row = True
1402 usr.permission = _admin_perm
1403 super_admin_rows.append(usr)
1404
1379 1405 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1380 1406 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1381 1407 joinedload(UserUserGroupToPerm.user),
@@ -1389,6 +1415,9 b' class UserGroup(Base, BaseModel):'
1389 1415 perm_rows = []
1390 1416 for _usr in q.all():
1391 1417 usr = AttributeDict(_usr.user.get_dict())
1418 # if this user is also owner/admin, mark as duplicate record
1419 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1420 usr.duplicate_perm = True
1392 1421 usr.permission = _usr.permission.permission_name
1393 1422 perm_rows.append(usr)
1394 1423
@@ -1397,26 +1426,6 b' class UserGroup(Base, BaseModel):'
1397 1426 # each group
1398 1427 perm_rows = sorted(perm_rows, key=display_user_sort)
1399 1428
1400 _admin_perm = 'usergroup.admin'
1401 owner_row = []
1402 if with_owner:
1403 usr = AttributeDict(self.user.get_dict())
1404 usr.owner_row = True
1405 usr.permission = _admin_perm
1406 owner_row.append(usr)
1407
1408 super_admin_rows = []
1409 if with_admins:
1410 for usr in User.get_all_super_admins():
1411 # if this admin is also owner, don't double the record
1412 if usr.user_id == owner_row[0].user_id:
1413 owner_row[0].admin_row = True
1414 else:
1415 usr = AttributeDict(usr.get_dict())
1416 usr.admin_row = True
1417 usr.permission = _admin_perm
1418 super_admin_rows.append(usr)
1419
1420 1429 return super_admin_rows + owner_row + perm_rows
1421 1430
1422 1431 def permission_user_groups(self):
@@ -1899,6 +1908,34 b' class Repository(Base, BaseModel):'
1899 1908 return make_db_config(clear_session=False, repo=self)
1900 1909
1901 1910 def permissions(self, with_admins=True, with_owner=True):
1911 """
1912 Permissions for repositories
1913 """
1914 _admin_perm = 'repository.admin'
1915
1916 owner_row = []
1917 if with_owner:
1918 usr = AttributeDict(self.user.get_dict())
1919 usr.owner_row = True
1920 usr.permission = _admin_perm
1921 usr.permission_id = None
1922 owner_row.append(usr)
1923
1924 super_admin_ids = []
1925 super_admin_rows = []
1926 if with_admins:
1927 for usr in User.get_all_super_admins():
1928 super_admin_ids.append(usr.user_id)
1929 # if this admin is also owner, don't double the record
1930 if usr.user_id == owner_row[0].user_id:
1931 owner_row[0].admin_row = True
1932 else:
1933 usr = AttributeDict(usr.get_dict())
1934 usr.admin_row = True
1935 usr.permission = _admin_perm
1936 usr.permission_id = None
1937 super_admin_rows.append(usr)
1938
1902 1939 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1903 1940 q = q.options(joinedload(UserRepoToPerm.repository),
1904 1941 joinedload(UserRepoToPerm.user),
@@ -1912,6 +1949,9 b' class Repository(Base, BaseModel):'
1912 1949 perm_rows = []
1913 1950 for _usr in q.all():
1914 1951 usr = AttributeDict(_usr.user.get_dict())
1952 # if this user is also owner/admin, mark as duplicate record
1953 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1954 usr.duplicate_perm = True
1915 1955 usr.permission = _usr.permission.permission_name
1916 1956 usr.permission_id = _usr.repo_to_perm_id
1917 1957 perm_rows.append(usr)
@@ -1921,28 +1961,6 b' class Repository(Base, BaseModel):'
1921 1961 # each group
1922 1962 perm_rows = sorted(perm_rows, key=display_user_sort)
1923 1963
1924 _admin_perm = 'repository.admin'
1925 owner_row = []
1926 if with_owner:
1927 usr = AttributeDict(self.user.get_dict())
1928 usr.owner_row = True
1929 usr.permission = _admin_perm
1930 usr.permission_id = None
1931 owner_row.append(usr)
1932
1933 super_admin_rows = []
1934 if with_admins:
1935 for usr in User.get_all_super_admins():
1936 # if this admin is also owner, don't double the record
1937 if usr.user_id == owner_row[0].user_id:
1938 owner_row[0].admin_row = True
1939 else:
1940 usr = AttributeDict(usr.get_dict())
1941 usr.admin_row = True
1942 usr.permission = _admin_perm
1943 usr.permission_id = None
1944 super_admin_rows.append(usr)
1945
1946 1964 return super_admin_rows + owner_row + perm_rows
1947 1965
1948 1966 def permission_user_groups(self):
@@ -2597,6 +2615,32 b' class RepoGroup(Base, BaseModel):'
2597 2615 return RepoGroup.url_sep().join(path_prefix + [group_name])
2598 2616
2599 2617 def permissions(self, with_admins=True, with_owner=True):
2618 """
2619 Permissions for repository groups
2620 """
2621 _admin_perm = 'group.admin'
2622
2623 owner_row = []
2624 if with_owner:
2625 usr = AttributeDict(self.user.get_dict())
2626 usr.owner_row = True
2627 usr.permission = _admin_perm
2628 owner_row.append(usr)
2629
2630 super_admin_ids = []
2631 super_admin_rows = []
2632 if with_admins:
2633 for usr in User.get_all_super_admins():
2634 super_admin_ids.append(usr.user_id)
2635 # if this admin is also owner, don't double the record
2636 if usr.user_id == owner_row[0].user_id:
2637 owner_row[0].admin_row = True
2638 else:
2639 usr = AttributeDict(usr.get_dict())
2640 usr.admin_row = True
2641 usr.permission = _admin_perm
2642 super_admin_rows.append(usr)
2643
2600 2644 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2601 2645 q = q.options(joinedload(UserRepoGroupToPerm.group),
2602 2646 joinedload(UserRepoGroupToPerm.user),
@@ -2610,6 +2654,9 b' class RepoGroup(Base, BaseModel):'
2610 2654 perm_rows = []
2611 2655 for _usr in q.all():
2612 2656 usr = AttributeDict(_usr.user.get_dict())
2657 # if this user is also owner/admin, mark as duplicate record
2658 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2659 usr.duplicate_perm = True
2613 2660 usr.permission = _usr.permission.permission_name
2614 2661 perm_rows.append(usr)
2615 2662
@@ -2618,30 +2665,11 b' class RepoGroup(Base, BaseModel):'
2618 2665 # each group
2619 2666 perm_rows = sorted(perm_rows, key=display_user_sort)
2620 2667
2621 _admin_perm = 'group.admin'
2622 owner_row = []
2623 if with_owner:
2624 usr = AttributeDict(self.user.get_dict())
2625 usr.owner_row = True
2626 usr.permission = _admin_perm
2627 owner_row.append(usr)
2628
2629 super_admin_rows = []
2630 if with_admins:
2631 for usr in User.get_all_super_admins():
2632 # if this admin is also owner, don't double the record
2633 if usr.user_id == owner_row[0].user_id:
2634 owner_row[0].admin_row = True
2635 else:
2636 usr = AttributeDict(usr.get_dict())
2637 usr.admin_row = True
2638 usr.permission = _admin_perm
2639 super_admin_rows.append(usr)
2640
2641 2668 return super_admin_rows + owner_row + perm_rows
2642 2669
2643 2670 def permission_user_groups(self):
2644 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2671 q = UserGroupRepoGroupToPerm.query().filter(
2672 UserGroupRepoGroupToPerm.group == self)
2645 2673 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2646 2674 joinedload(UserGroupRepoGroupToPerm.users_group),
2647 2675 joinedload(UserGroupRepoGroupToPerm.permission),)
@@ -32,6 +32,7 b' var addNewPermInput = function(node, per'
32 32 ' </div>'+
33 33 '</td>'+
34 34 '<td></td>'+
35 '<td></td>'+
35 36 '</tr>';
36 37 var _next_id = 'new'+$('.new_members').length;
37 38 _html = _html.format(_next_id, permission_type);
@@ -14,9 +14,11 b''
14 14 <th class="td-radio">${_('Admin')}</th>
15 15 <th class="td-owner">${_('User/User Group')}</th>
16 16 <th></th>
17 <th></th>
17 18 </tr>
18 19 ## USERS
19 20 %for _user in c.repo_group.permissions():
21 ## super admin/owner row
20 22 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
21 23 <tr class="perm_admin_row">
22 24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
@@ -34,6 +36,11 b''
34 36 %endif
35 37 </td>
36 38 <td></td>
39 <td>
40 % if c.rhodecode_user.is_admin:
41 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
42 % endif
43 </td>
37 44 </tr>
38 45 %else:
39 46 <tr>
@@ -50,6 +57,9 b''
50 57 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
51 58 % else:
52 59 ${h.link_to_user(_user.username)}
60 %if getattr(_user, 'duplicate_perm', None):
61 (${_('inactive duplicate')})
62 %endif
53 63 % endif
54 64 </span>
55 65 </td>
@@ -61,8 +71,17 b''
61 71 </span>
62 72 %endif
63 73 </td>
74 <td>
75 % if c.rhodecode_user.is_admin:
76 % if _user.username == h.DEFAULT_USER:
77 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
64 78 %else:
65 ## special case for current user permissions, we make sure he cannot take his own permissions
79 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
80 % endif
81 % endif
82 </td>
83 %else:
84 ## special case for currently logged-in user permissions, we make sure he cannot take his own permissions
66 85 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.none', disabled="disabled")}</td>
67 86 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.read', disabled="disabled")}</td>
68 87 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.write', disabled="disabled")}</td>
@@ -74,11 +93,19 b''
74 93 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
75 94 % else:
76 95 ${h.link_to_user(_user.username)}
96 %if getattr(_user, 'duplicate_perm', None):
97 (${_('inactive duplicate')})
98 %endif
77 99 % endif
78 100 <span class="user-perm-help-text">(${_('delegated admin')})</span>
79 101 </span>
80 102 </td>
81 103 <td></td>
104 <td>
105 % if c.rhodecode_user.is_admin:
106 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
107 % endif
108 </td>
82 109 %endif
83 110 </tr>
84 111 %endif
@@ -107,6 +134,11 b''
107 134 ${_('Revoke')}
108 135 </span>
109 136 </td>
137 <td>
138 % if c.rhodecode_user.is_admin:
139 ${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='repositories-permissions'))}
140 % endif
141 </td>
110 142 </tr>
111 143 %endfor
112 144
@@ -122,6 +154,7 b''
122 154 ${_('Add user/user group')}
123 155 </span>
124 156 </td>
157 <td></td>
125 158 </tr>
126 159 </table>
127 160
@@ -14,6 +14,7 b''
14 14 <th class="td-radio">${_('Admin')}</th>
15 15 <th class="td-owner">${_('User/User Group')}</th>
16 16 <th></th>
17 <th></th>
17 18 </tr>
18 19 ## USERS
19 20 %for _user in c.rhodecode_db_repo.permissions():
@@ -34,6 +35,11 b''
34 35 %endif
35 36 </td>
36 37 <td></td>
38 <td>
39 % if c.rhodecode_user.is_admin:
40 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
41 % endif
42 </td>
37 43 </tr>
38 44 %elif _user.username == h.DEFAULT_USER and c.rhodecode_db_repo.private:
39 45 <tr>
@@ -46,6 +52,11 b''
46 52 ${base.gravatar(h.DEFAULT_USER_EMAIL, 16)}
47 53 ${h.DEFAULT_USER} - ${_('only users/user groups explicitly added here will have access')}</td>
48 54 <td></td>
55 <td>
56 % if c.rhodecode_user.is_admin:
57 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
58 % endif
59 </td>
49 60 </tr>
50 61 %else:
51 62 <tr>
@@ -60,6 +71,9 b''
60 71 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
61 72 % else:
62 73 ${h.link_to_user(_user.username)}
74 %if getattr(_user, 'duplicate_perm', None):
75 (${_('inactive duplicate')})
76 %endif
63 77 % endif
64 78 </span>
65 79 </td>
@@ -71,6 +85,15 b''
71 85 </span>
72 86 %endif
73 87 </td>
88 <td>
89 % if c.rhodecode_user.is_admin:
90 % if _user.username == h.DEFAULT_USER:
91 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
92 % else:
93 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
94 % endif
95 % endif
96 </td>
74 97 </tr>
75 98 %endif
76 99 %endfor
@@ -98,6 +121,11 b''
98 121 ${_('Revoke')}
99 122 </span>
100 123 </td>
124 <td>
125 % if c.rhodecode_user.is_admin:
126 ${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='repositories-permissions'))}
127 % endif
128 </td>
101 129 </tr>
102 130 %endfor
103 131 <tr class="new_members" id="add_perm_input"></tr>
@@ -113,6 +141,7 b''
113 141 ${_('Add user/user group')}
114 142 </span>
115 143 </td>
144 <td></td>
116 145 </tr>
117 146
118 147 </table>
@@ -14,9 +14,11 b''
14 14 <th class="td-radio">${_('Admin')}</th>
15 15 <th>${_('User/User Group')}</th>
16 16 <th></th>
17 <th></th>
17 18 </tr>
18 19 ## USERS
19 20 %for _user in c.user_group.permissions():
21 ## super admin/owner row
20 22 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
21 23 <tr class="perm_admin_row">
22 24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
@@ -36,6 +38,11 b''
36 38 </span>
37 39 </td>
38 40 <td></td>
41 <td>
42 % if c.rhodecode_user.is_admin:
43 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
44 % endif
45 </td>
39 46 </tr>
40 47 %else:
41 48 ##forbid revoking permission from yourself, except if you're an super admin
@@ -52,6 +59,9 b''
52 59 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
53 60 % else:
54 61 ${h.link_to_user(_user.username)}
62 %if getattr(_user, 'duplicate_perm', None):
63 (${_('inactive duplicate')})
64 %endif
55 65 % endif
56 66 </span>
57 67 </td>
@@ -63,8 +73,17 b''
63 73 </span>
64 74 %endif
65 75 </td>
76 <td>
77 % if c.rhodecode_user.is_admin:
78 % if _user.username == h.DEFAULT_USER:
79 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
66 80 %else:
67 ## special case for current user permissions, we make sure he cannot take his own permissions
81 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
82 % endif
83 % endif
84 </td>
85 %else:
86 ## special case for currently logged-in user permissions, we make sure he cannot take his own permissions
68 87 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none', disabled="disabled")}</td>
69 88 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read', disabled="disabled")}</td>
70 89 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write', disabled="disabled")}</td>
@@ -76,11 +95,19 b''
76 95 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
77 96 % else:
78 97 ${h.link_to_user(_user.username)}
98 %if getattr(_user, 'duplicate_perm', None):
99 (${_('inactive duplicate')})
100 %endif
79 101 % endif
80 102 <span class="user-perm-help-text">(${_('delegated admin')})</span>
81 103 </span>
82 104 </td>
83 105 <td></td>
106 <td>
107 % if c.rhodecode_user.is_admin:
108 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
109 % endif
110 </td>
84 111 %endif
85 112 </tr>
86 113 %endif
@@ -109,6 +136,11 b''
109 136 ${_('Revoke')}
110 137 </span>
111 138 </td>
139 <td>
140 % if c.rhodecode_user.is_admin:
141 ${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='repositories-permissions'))}
142 % endif
143 </td>
112 144 </tr>
113 145 %endfor
114 146 <tr class="new_members" id="add_perm_input"></tr>
@@ -123,6 +155,7 b''
123 155 ${_('Add user/user group')}
124 156 </span>
125 157 </td>
158 <td></td>
126 159 </tr>
127 160 </table>
128 161
General Comments 0
You need to be logged in to leave comments. Login now