Show More
@@ -0,0 +1,310 b'' | |||
|
1 | # -*- coding: utf-8 -*- | |
|
2 | ||
|
3 | # Copyright (C) 2016-2017 RhodeCode GmbH | |
|
4 | # | |
|
5 | # This program is free software: you can redistribute it and/or modify | |
|
6 | # it under the terms of the GNU Affero General Public License, version 3 | |
|
7 | # (only), as published by the Free Software Foundation. | |
|
8 | # | |
|
9 | # This program is distributed in the hope that it will be useful, | |
|
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
|
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
|
12 | # GNU General Public License for more details. | |
|
13 | # | |
|
14 | # You should have received a copy of the GNU Affero General Public License | |
|
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
|
16 | # | |
|
17 | # This program is dual-licensed. If you wish to learn more about the | |
|
18 | # RhodeCode Enterprise Edition, including its added features, Support services, | |
|
19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ | |
|
20 | ||
|
21 | import logging | |
|
22 | import formencode | |
|
23 | ||
|
24 | from pyramid.view import view_config | |
|
25 | from pyramid.httpexceptions import HTTPFound | |
|
26 | from pyramid.renderers import render | |
|
27 | from pyramid.response import Response | |
|
28 | ||
|
29 | from rhodecode.apps._base import BaseAppView | |
|
30 | ||
|
31 | from rhodecode.lib import helpers as h | |
|
32 | from rhodecode.lib.auth import ( | |
|
33 | LoginRequired, HasPermissionAllDecorator, CSRFRequired) | |
|
34 | from rhodecode.model.db import User, UserIpMap | |
|
35 | from rhodecode.model.forms import ( | |
|
36 | ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm) | |
|
37 | from rhodecode.model.meta import Session | |
|
38 | from rhodecode.model.permission import PermissionModel | |
|
39 | from rhodecode.model.settings import SettingsModel | |
|
40 | ||
|
41 | ||
|
42 | log = logging.getLogger(__name__) | |
|
43 | ||
|
44 | ||
|
45 | class AdminPermissionsView(BaseAppView): | |
|
46 | def load_default_context(self): | |
|
47 | c = self._get_local_tmpl_context() | |
|
48 | ||
|
49 | self._register_global_c(c) | |
|
50 | PermissionModel().set_global_permission_choices( | |
|
51 | c, gettext_translator=self.request.translate) | |
|
52 | return c | |
|
53 | ||
|
54 | @LoginRequired() | |
|
55 | @HasPermissionAllDecorator('hg.admin') | |
|
56 | @view_config( | |
|
57 | route_name='admin_permissions_application', request_method='GET', | |
|
58 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
59 | def permissions_application(self): | |
|
60 | c = self.load_default_context() | |
|
61 | c.active = 'application' | |
|
62 | ||
|
63 | c.user = User.get_default_user(refresh=True) | |
|
64 | ||
|
65 | app_settings = SettingsModel().get_all_settings() | |
|
66 | defaults = { | |
|
67 | 'anonymous': c.user.active, | |
|
68 | 'default_register_message': app_settings.get( | |
|
69 | 'rhodecode_register_message') | |
|
70 | } | |
|
71 | defaults.update(c.user.get_default_perms()) | |
|
72 | ||
|
73 | data = render('rhodecode:templates/admin/permissions/permissions.mako', | |
|
74 | self._get_template_context(c), self.request) | |
|
75 | html = formencode.htmlfill.render( | |
|
76 | data, | |
|
77 | defaults=defaults, | |
|
78 | encoding="UTF-8", | |
|
79 | force_defaults=False | |
|
80 | ) | |
|
81 | return Response(html) | |
|
82 | ||
|
83 | @LoginRequired() | |
|
84 | @HasPermissionAllDecorator('hg.admin') | |
|
85 | @CSRFRequired() | |
|
86 | @view_config( | |
|
87 | route_name='admin_permissions_application_update', request_method='POST', | |
|
88 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
89 | def permissions_application_update(self): | |
|
90 | _ = self.request.translate | |
|
91 | c = self.load_default_context() | |
|
92 | c.active = 'application' | |
|
93 | ||
|
94 | _form = ApplicationPermissionsForm( | |
|
95 | [x[0] for x in c.register_choices], | |
|
96 | [x[0] for x in c.password_reset_choices], | |
|
97 | [x[0] for x in c.extern_activate_choices])() | |
|
98 | ||
|
99 | try: | |
|
100 | form_result = _form.to_python(dict(self.request.POST)) | |
|
101 | form_result.update({'perm_user_name': User.DEFAULT_USER}) | |
|
102 | PermissionModel().update_application_permissions(form_result) | |
|
103 | ||
|
104 | settings = [ | |
|
105 | ('register_message', 'default_register_message'), | |
|
106 | ] | |
|
107 | for setting, form_key in settings: | |
|
108 | sett = SettingsModel().create_or_update_setting( | |
|
109 | setting, form_result[form_key]) | |
|
110 | Session().add(sett) | |
|
111 | ||
|
112 | Session().commit() | |
|
113 | h.flash(_('Application permissions updated successfully'), | |
|
114 | category='success') | |
|
115 | ||
|
116 | except formencode.Invalid as errors: | |
|
117 | defaults = errors.value | |
|
118 | ||
|
119 | data = render( | |
|
120 | 'rhodecode:templates/admin/permissions/permissions.mako', | |
|
121 | self._get_template_context(c), self.request) | |
|
122 | html = formencode.htmlfill.render( | |
|
123 | data, | |
|
124 | defaults=defaults, | |
|
125 | errors=errors.error_dict or {}, | |
|
126 | prefix_error=False, | |
|
127 | encoding="UTF-8", | |
|
128 | force_defaults=False | |
|
129 | ) | |
|
130 | return Response(html) | |
|
131 | ||
|
132 | except Exception: | |
|
133 | log.exception("Exception during update of permissions") | |
|
134 | h.flash(_('Error occurred during update of permissions'), | |
|
135 | category='error') | |
|
136 | ||
|
137 | raise HTTPFound(h.route_path('admin_permissions_application')) | |
|
138 | ||
|
139 | @LoginRequired() | |
|
140 | @HasPermissionAllDecorator('hg.admin') | |
|
141 | @view_config( | |
|
142 | route_name='admin_permissions_object', request_method='GET', | |
|
143 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
144 | def permissions_objects(self): | |
|
145 | c = self.load_default_context() | |
|
146 | c.active = 'objects' | |
|
147 | ||
|
148 | c.user = User.get_default_user(refresh=True) | |
|
149 | defaults = {} | |
|
150 | defaults.update(c.user.get_default_perms()) | |
|
151 | ||
|
152 | data = render( | |
|
153 | 'rhodecode:templates/admin/permissions/permissions.mako', | |
|
154 | self._get_template_context(c), self.request) | |
|
155 | html = formencode.htmlfill.render( | |
|
156 | data, | |
|
157 | defaults=defaults, | |
|
158 | encoding="UTF-8", | |
|
159 | force_defaults=False | |
|
160 | ) | |
|
161 | return Response(html) | |
|
162 | ||
|
163 | @LoginRequired() | |
|
164 | @HasPermissionAllDecorator('hg.admin') | |
|
165 | @CSRFRequired() | |
|
166 | @view_config( | |
|
167 | route_name='admin_permissions_object_update', request_method='POST', | |
|
168 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
169 | def permissions_objects_update(self): | |
|
170 | _ = self.request.translate | |
|
171 | c = self.load_default_context() | |
|
172 | c.active = 'objects' | |
|
173 | ||
|
174 | _form = ObjectPermissionsForm( | |
|
175 | [x[0] for x in c.repo_perms_choices], | |
|
176 | [x[0] for x in c.group_perms_choices], | |
|
177 | [x[0] for x in c.user_group_perms_choices])() | |
|
178 | ||
|
179 | try: | |
|
180 | form_result = _form.to_python(dict(self.request.POST)) | |
|
181 | form_result.update({'perm_user_name': User.DEFAULT_USER}) | |
|
182 | PermissionModel().update_object_permissions(form_result) | |
|
183 | ||
|
184 | Session().commit() | |
|
185 | h.flash(_('Object permissions updated successfully'), | |
|
186 | category='success') | |
|
187 | ||
|
188 | except formencode.Invalid as errors: | |
|
189 | defaults = errors.value | |
|
190 | ||
|
191 | data = render( | |
|
192 | 'rhodecode:templates/admin/permissions/permissions.mako', | |
|
193 | self._get_template_context(c), self.request) | |
|
194 | html = formencode.htmlfill.render( | |
|
195 | data, | |
|
196 | defaults=defaults, | |
|
197 | errors=errors.error_dict or {}, | |
|
198 | prefix_error=False, | |
|
199 | encoding="UTF-8", | |
|
200 | force_defaults=False | |
|
201 | ) | |
|
202 | return Response(html) | |
|
203 | except Exception: | |
|
204 | log.exception("Exception during update of permissions") | |
|
205 | h.flash(_('Error occurred during update of permissions'), | |
|
206 | category='error') | |
|
207 | ||
|
208 | raise HTTPFound(h.route_path('admin_permissions_object')) | |
|
209 | ||
|
210 | @LoginRequired() | |
|
211 | @HasPermissionAllDecorator('hg.admin') | |
|
212 | @view_config( | |
|
213 | route_name='admin_permissions_global', request_method='GET', | |
|
214 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
215 | def permissions_global(self): | |
|
216 | c = self.load_default_context() | |
|
217 | c.active = 'global' | |
|
218 | ||
|
219 | c.user = User.get_default_user(refresh=True) | |
|
220 | defaults = {} | |
|
221 | defaults.update(c.user.get_default_perms()) | |
|
222 | ||
|
223 | data = render( | |
|
224 | 'rhodecode:templates/admin/permissions/permissions.mako', | |
|
225 | self._get_template_context(c), self.request) | |
|
226 | html = formencode.htmlfill.render( | |
|
227 | data, | |
|
228 | defaults=defaults, | |
|
229 | encoding="UTF-8", | |
|
230 | force_defaults=False | |
|
231 | ) | |
|
232 | return Response(html) | |
|
233 | ||
|
234 | @LoginRequired() | |
|
235 | @HasPermissionAllDecorator('hg.admin') | |
|
236 | @CSRFRequired() | |
|
237 | @view_config( | |
|
238 | route_name='admin_permissions_global_update', request_method='POST', | |
|
239 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
240 | def permissions_global_update(self): | |
|
241 | _ = self.request.translate | |
|
242 | c = self.load_default_context() | |
|
243 | c.active = 'global' | |
|
244 | ||
|
245 | _form = UserPermissionsForm( | |
|
246 | [x[0] for x in c.repo_create_choices], | |
|
247 | [x[0] for x in c.repo_create_on_write_choices], | |
|
248 | [x[0] for x in c.repo_group_create_choices], | |
|
249 | [x[0] for x in c.user_group_create_choices], | |
|
250 | [x[0] for x in c.fork_choices], | |
|
251 | [x[0] for x in c.inherit_default_permission_choices])() | |
|
252 | ||
|
253 | try: | |
|
254 | form_result = _form.to_python(dict(self.request.POST)) | |
|
255 | form_result.update({'perm_user_name': User.DEFAULT_USER}) | |
|
256 | PermissionModel().update_user_permissions(form_result) | |
|
257 | ||
|
258 | Session().commit() | |
|
259 | h.flash(_('Global permissions updated successfully'), | |
|
260 | category='success') | |
|
261 | ||
|
262 | except formencode.Invalid as errors: | |
|
263 | defaults = errors.value | |
|
264 | ||
|
265 | data = render( | |
|
266 | 'rhodecode:templates/admin/permissions/permissions.mako', | |
|
267 | self._get_template_context(c), self.request) | |
|
268 | html = formencode.htmlfill.render( | |
|
269 | data, | |
|
270 | defaults=defaults, | |
|
271 | errors=errors.error_dict or {}, | |
|
272 | prefix_error=False, | |
|
273 | encoding="UTF-8", | |
|
274 | force_defaults=False | |
|
275 | ) | |
|
276 | return Response(html) | |
|
277 | except Exception: | |
|
278 | log.exception("Exception during update of permissions") | |
|
279 | h.flash(_('Error occurred during update of permissions'), | |
|
280 | category='error') | |
|
281 | ||
|
282 | raise HTTPFound(h.route_path('admin_permissions_global')) | |
|
283 | ||
|
284 | @LoginRequired() | |
|
285 | @HasPermissionAllDecorator('hg.admin') | |
|
286 | @view_config( | |
|
287 | route_name='admin_permissions_ips', request_method='GET', | |
|
288 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
289 | def permissions_ips(self): | |
|
290 | c = self.load_default_context() | |
|
291 | c.active = 'ips' | |
|
292 | ||
|
293 | c.user = User.get_default_user(refresh=True) | |
|
294 | c.user_ip_map = ( | |
|
295 | UserIpMap.query().filter(UserIpMap.user == c.user).all()) | |
|
296 | ||
|
297 | return self._get_template_context(c) | |
|
298 | ||
|
299 | @LoginRequired() | |
|
300 | @HasPermissionAllDecorator('hg.admin') | |
|
301 | @view_config( | |
|
302 | route_name='admin_permissions_overview', request_method='GET', | |
|
303 | renderer='rhodecode:templates/admin/permissions/permissions.mako') | |
|
304 | def permissions_overview(self): | |
|
305 | c = self.load_default_context() | |
|
306 | c.active = 'perms' | |
|
307 | ||
|
308 | c.user = User.get_default_user(refresh=True) | |
|
309 | c.perm_user = c.user.AuthUser | |
|
310 | return self._get_template_context(c) |
@@ -1,149 +1,175 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2016-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | |
|
22 | 22 | from rhodecode.apps.admin.navigation import NavigationRegistry |
|
23 | 23 | from rhodecode.config.routing import ADMIN_PREFIX |
|
24 | 24 | from rhodecode.lib.utils2 import str2bool |
|
25 | 25 | |
|
26 | 26 | |
|
27 | 27 | def admin_routes(config): |
|
28 | 28 | """ |
|
29 | 29 | Admin prefixed routes |
|
30 | 30 | """ |
|
31 | 31 | |
|
32 | 32 | config.add_route( |
|
33 | 33 | name='admin_audit_logs', |
|
34 | 34 | pattern='/audit_logs') |
|
35 | 35 | |
|
36 | 36 | config.add_route( |
|
37 | 37 | name='pull_requests_global_0', # backward compat |
|
38 | 38 | pattern='/pull_requests/{pull_request_id:[0-9]+}') |
|
39 | 39 | config.add_route( |
|
40 | 40 | name='pull_requests_global_1', # backward compat |
|
41 | 41 | pattern='/pull-requests/{pull_request_id:[0-9]+}') |
|
42 | 42 | config.add_route( |
|
43 | 43 | name='pull_requests_global', |
|
44 | 44 | pattern='/pull-request/{pull_request_id:[0-9]+}') |
|
45 | 45 | |
|
46 | 46 | config.add_route( |
|
47 | 47 | name='admin_settings_open_source', |
|
48 | 48 | pattern='/settings/open_source') |
|
49 | 49 | config.add_route( |
|
50 | 50 | name='admin_settings_vcs_svn_generate_cfg', |
|
51 | 51 | pattern='/settings/vcs/svn_generate_cfg') |
|
52 | 52 | |
|
53 | 53 | config.add_route( |
|
54 | 54 | name='admin_settings_system', |
|
55 | 55 | pattern='/settings/system') |
|
56 | 56 | config.add_route( |
|
57 | 57 | name='admin_settings_system_update', |
|
58 | 58 | pattern='/settings/system/updates') |
|
59 | 59 | |
|
60 | 60 | config.add_route( |
|
61 | 61 | name='admin_settings_sessions', |
|
62 | 62 | pattern='/settings/sessions') |
|
63 | 63 | config.add_route( |
|
64 | 64 | name='admin_settings_sessions_cleanup', |
|
65 | 65 | pattern='/settings/sessions/cleanup') |
|
66 | 66 | |
|
67 | 67 | config.add_route( |
|
68 | 68 | name='admin_settings_process_management', |
|
69 | 69 | pattern='/settings/process_management') |
|
70 | 70 | config.add_route( |
|
71 | 71 | name='admin_settings_process_management_signal', |
|
72 | 72 | pattern='/settings/process_management/signal') |
|
73 | 73 | |
|
74 | 74 | # global permissions |
|
75 | ||
|
76 | config.add_route( | |
|
77 | name='admin_permissions_application', | |
|
78 | pattern='/permissions/application') | |
|
79 | config.add_route( | |
|
80 | name='admin_permissions_application_update', | |
|
81 | pattern='/permissions/application/update') | |
|
82 | ||
|
83 | config.add_route( | |
|
84 | name='admin_permissions_global', | |
|
85 | pattern='/permissions/global') | |
|
86 | config.add_route( | |
|
87 | name='admin_permissions_global_update', | |
|
88 | pattern='/permissions/global/update') | |
|
89 | ||
|
90 | config.add_route( | |
|
91 | name='admin_permissions_object', | |
|
92 | pattern='/permissions/object') | |
|
93 | config.add_route( | |
|
94 | name='admin_permissions_object_update', | |
|
95 | pattern='/permissions/object/update') | |
|
96 | ||
|
75 | 97 | config.add_route( |
|
76 | 98 | name='admin_permissions_ips', |
|
77 | 99 | pattern='/permissions/ips') |
|
78 | 100 | |
|
101 | config.add_route( | |
|
102 | name='admin_permissions_overview', | |
|
103 | pattern='/permissions/overview') | |
|
104 | ||
|
79 | 105 | # users admin |
|
80 | 106 | config.add_route( |
|
81 | 107 | name='users', |
|
82 | 108 | pattern='/users') |
|
83 | 109 | |
|
84 | 110 | config.add_route( |
|
85 | 111 | name='users_data', |
|
86 | 112 | pattern='/users_data') |
|
87 | 113 | |
|
88 | 114 | # user auth tokens |
|
89 | 115 | config.add_route( |
|
90 | 116 | name='edit_user_auth_tokens', |
|
91 | 117 | pattern='/users/{user_id:\d+}/edit/auth_tokens') |
|
92 | 118 | config.add_route( |
|
93 | 119 | name='edit_user_auth_tokens_add', |
|
94 | 120 | pattern='/users/{user_id:\d+}/edit/auth_tokens/new') |
|
95 | 121 | config.add_route( |
|
96 | 122 | name='edit_user_auth_tokens_delete', |
|
97 | 123 | pattern='/users/{user_id:\d+}/edit/auth_tokens/delete') |
|
98 | 124 | |
|
99 | 125 | # user emails |
|
100 | 126 | config.add_route( |
|
101 | 127 | name='edit_user_emails', |
|
102 | 128 | pattern='/users/{user_id:\d+}/edit/emails') |
|
103 | 129 | config.add_route( |
|
104 | 130 | name='edit_user_emails_add', |
|
105 | 131 | pattern='/users/{user_id:\d+}/edit/emails/new') |
|
106 | 132 | config.add_route( |
|
107 | 133 | name='edit_user_emails_delete', |
|
108 | 134 | pattern='/users/{user_id:\d+}/edit/emails/delete') |
|
109 | 135 | |
|
110 | 136 | # user IPs |
|
111 | 137 | config.add_route( |
|
112 | 138 | name='edit_user_ips', |
|
113 | 139 | pattern='/users/{user_id:\d+}/edit/ips') |
|
114 | 140 | config.add_route( |
|
115 | 141 | name='edit_user_ips_add', |
|
116 | 142 | pattern='/users/{user_id:\d+}/edit/ips/new') |
|
117 | 143 | config.add_route( |
|
118 | 144 | name='edit_user_ips_delete', |
|
119 | 145 | pattern='/users/{user_id:\d+}/edit/ips/delete') |
|
120 | 146 | |
|
121 | 147 | # user groups management |
|
122 | 148 | config.add_route( |
|
123 | 149 | name='edit_user_groups_management', |
|
124 | 150 | pattern='/users/{user_id:\d+}/edit/groups_management') |
|
125 | 151 | |
|
126 | 152 | config.add_route( |
|
127 | 153 | name='edit_user_groups_management_updates', |
|
128 | 154 | pattern='/users/{user_id:\d+}/edit/edit_user_groups_management/updates') |
|
129 | 155 | |
|
130 | 156 | # user audit logs |
|
131 | 157 | config.add_route( |
|
132 | 158 | name='edit_user_audit_logs', |
|
133 | 159 | pattern='/users/{user_id:\d+}/edit/audit') |
|
134 | 160 | |
|
135 | 161 | |
|
136 | 162 | def includeme(config): |
|
137 | 163 | settings = config.get_settings() |
|
138 | 164 | |
|
139 | 165 | # Create admin navigation registry and add it to the pyramid registry. |
|
140 | 166 | labs_active = str2bool(settings.get('labs_settings_active', False)) |
|
141 | 167 | navigation_registry = NavigationRegistry(labs_active=labs_active) |
|
142 | 168 | config.registry.registerUtility(navigation_registry) |
|
143 | 169 | |
|
144 | 170 | # main admin routes |
|
145 | 171 | config.add_route(name='admin_home', pattern=ADMIN_PREFIX) |
|
146 | 172 | config.include(admin_routes, route_prefix=ADMIN_PREFIX) |
|
147 | 173 | |
|
148 | 174 | # Scan module for configuration decorators. |
|
149 | 175 | config.scan() |
@@ -1,229 +1,250 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import pytest |
|
22 | 22 | from rhodecode.model.db import User, UserIpMap |
|
23 | 23 | from rhodecode.model.permission import PermissionModel |
|
24 | 24 | from rhodecode.tests import ( |
|
25 |
TestController |
|
|
25 | TestController, clear_all_caches, assert_session_flash) | |
|
26 | 26 | |
|
27 | 27 | |
|
28 | 28 | def route_path(name, params=None, **kwargs): |
|
29 | 29 | import urllib |
|
30 | 30 | from rhodecode.apps._base import ADMIN_PREFIX |
|
31 | 31 | |
|
32 | 32 | base_url = { |
|
33 | 33 | 'edit_user_ips': |
|
34 | 34 | ADMIN_PREFIX + '/users/{user_id}/edit/ips', |
|
35 | 35 | 'edit_user_ips_add': |
|
36 | 36 | ADMIN_PREFIX + '/users/{user_id}/edit/ips/new', |
|
37 | 37 | 'edit_user_ips_delete': |
|
38 | 38 | ADMIN_PREFIX + '/users/{user_id}/edit/ips/delete', |
|
39 | ||
|
40 | 'admin_permissions_application': | |
|
41 | ADMIN_PREFIX + '/permissions/application', | |
|
42 | 'admin_permissions_application_update': | |
|
43 | ADMIN_PREFIX + '/permissions/application/update', | |
|
44 | ||
|
45 | 'admin_permissions_global': | |
|
46 | ADMIN_PREFIX + '/permissions/global', | |
|
47 | 'admin_permissions_global_update': | |
|
48 | ADMIN_PREFIX + '/permissions/global/update', | |
|
49 | ||
|
50 | 'admin_permissions_object': | |
|
51 | ADMIN_PREFIX + '/permissions/object', | |
|
52 | 'admin_permissions_object_update': | |
|
53 | ADMIN_PREFIX + '/permissions/object/update', | |
|
54 | ||
|
55 | 'admin_permissions_ips': | |
|
56 | ADMIN_PREFIX + '/permissions/ips', | |
|
57 | 'admin_permissions_overview': | |
|
58 | ADMIN_PREFIX + '/permissions/overview' | |
|
59 | ||
|
39 | 60 | }[name].format(**kwargs) |
|
40 | 61 | |
|
41 | 62 | if params: |
|
42 | 63 | base_url = '{}?{}'.format(base_url, urllib.urlencode(params)) |
|
43 | 64 | return base_url |
|
44 | 65 | |
|
45 | 66 | |
|
46 | 67 | class TestAdminPermissionsController(TestController): |
|
47 | 68 | |
|
48 | 69 | @pytest.fixture(scope='class', autouse=True) |
|
49 | 70 | def prepare(self, request): |
|
50 | 71 | # cleanup and reset to default permissions after |
|
51 | 72 | @request.addfinalizer |
|
52 | 73 | def cleanup(): |
|
53 | 74 | PermissionModel().create_default_user_permissions( |
|
54 | 75 | User.get_default_user(), force=True) |
|
55 | 76 | |
|
56 | 77 | def test_index_application(self): |
|
57 | 78 | self.log_user() |
|
58 |
self.app.get( |
|
|
79 | self.app.get(route_path('admin_permissions_application')) | |
|
59 | 80 | |
|
60 | 81 | @pytest.mark.parametrize( |
|
61 | 82 | 'anonymous, default_register, default_register_message, default_password_reset,' |
|
62 | 83 | 'default_extern_activate, expect_error, expect_form_error', [ |
|
63 | 84 | (True, 'hg.register.none', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
64 | 85 | False, False), |
|
65 | 86 | (True, 'hg.register.manual_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.auto', |
|
66 | 87 | False, False), |
|
67 | 88 | (True, 'hg.register.auto_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
68 | 89 | False, False), |
|
69 | 90 | (True, 'hg.register.auto_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
70 | 91 | False, False), |
|
71 | 92 | (True, 'hg.register.XXX', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
72 | 93 | False, True), |
|
73 | 94 | (True, '', '', 'hg.password_reset.enabled', '', True, False), |
|
74 | 95 | ]) |
|
75 | 96 | def test_update_application_permissions( |
|
76 | 97 | self, anonymous, default_register, default_register_message, default_password_reset, |
|
77 | 98 | default_extern_activate, expect_error, expect_form_error): |
|
78 | 99 | |
|
79 | 100 | self.log_user() |
|
80 | 101 | |
|
81 | 102 | # TODO: anonymous access set here to False, breaks some other tests |
|
82 | 103 | params = { |
|
83 | 104 | 'csrf_token': self.csrf_token, |
|
84 | 105 | 'anonymous': anonymous, |
|
85 | 106 | 'default_register': default_register, |
|
86 | 107 | 'default_register_message': default_register_message, |
|
87 | 108 | 'default_password_reset': default_password_reset, |
|
88 | 109 | 'default_extern_activate': default_extern_activate, |
|
89 | 110 | } |
|
90 |
response = self.app.post( |
|
|
111 | response = self.app.post(route_path('admin_permissions_application_update'), | |
|
91 | 112 | params=params) |
|
92 | 113 | if expect_form_error: |
|
93 | 114 | assert response.status_int == 200 |
|
94 | 115 | response.mustcontain('Value must be one of') |
|
95 | 116 | else: |
|
96 | 117 | if expect_error: |
|
97 | 118 | msg = 'Error occurred during update of permissions' |
|
98 | 119 | else: |
|
99 | 120 | msg = 'Application permissions updated successfully' |
|
100 | 121 | assert_session_flash(response, msg) |
|
101 | 122 | |
|
102 | 123 | def test_index_object(self): |
|
103 | 124 | self.log_user() |
|
104 |
self.app.get( |
|
|
125 | self.app.get(route_path('admin_permissions_object')) | |
|
105 | 126 | |
|
106 | 127 | @pytest.mark.parametrize( |
|
107 | 128 | 'repo, repo_group, user_group, expect_error, expect_form_error', [ |
|
108 | 129 | ('repository.none', 'group.none', 'usergroup.none', False, False), |
|
109 | 130 | ('repository.read', 'group.read', 'usergroup.read', False, False), |
|
110 | 131 | ('repository.write', 'group.write', 'usergroup.write', |
|
111 | 132 | False, False), |
|
112 | 133 | ('repository.admin', 'group.admin', 'usergroup.admin', |
|
113 | 134 | False, False), |
|
114 | 135 | ('repository.XXX', 'group.admin', 'usergroup.admin', False, True), |
|
115 | 136 | ('', '', '', True, False), |
|
116 | 137 | ]) |
|
117 | 138 | def test_update_object_permissions(self, repo, repo_group, user_group, |
|
118 | 139 | expect_error, expect_form_error): |
|
119 | 140 | self.log_user() |
|
120 | 141 | |
|
121 | 142 | params = { |
|
122 | 143 | 'csrf_token': self.csrf_token, |
|
123 | 144 | 'default_repo_perm': repo, |
|
124 | 145 | 'overwrite_default_repo': False, |
|
125 | 146 | 'default_group_perm': repo_group, |
|
126 | 147 | 'overwrite_default_group': False, |
|
127 | 148 | 'default_user_group_perm': user_group, |
|
128 | 149 | 'overwrite_default_user_group': False, |
|
129 | 150 | } |
|
130 |
response = self.app.post( |
|
|
151 | response = self.app.post(route_path('admin_permissions_object_update'), | |
|
131 | 152 | params=params) |
|
132 | 153 | if expect_form_error: |
|
133 | 154 | assert response.status_int == 200 |
|
134 | 155 | response.mustcontain('Value must be one of') |
|
135 | 156 | else: |
|
136 | 157 | if expect_error: |
|
137 | 158 | msg = 'Error occurred during update of permissions' |
|
138 | 159 | else: |
|
139 | 160 | msg = 'Object permissions updated successfully' |
|
140 | 161 | assert_session_flash(response, msg) |
|
141 | 162 | |
|
142 | 163 | def test_index_global(self): |
|
143 | 164 | self.log_user() |
|
144 |
self.app.get( |
|
|
165 | self.app.get(route_path('admin_permissions_global')) | |
|
145 | 166 | |
|
146 | 167 | @pytest.mark.parametrize( |
|
147 | 168 | 'repo_create, repo_create_write, user_group_create, repo_group_create,' |
|
148 | 169 | 'fork_create, inherit_default_permissions, expect_error,' |
|
149 | 170 | 'expect_form_error', [ |
|
150 | 171 | ('hg.create.none', 'hg.create.write_on_repogroup.false', |
|
151 | 172 | 'hg.usergroup.create.false', 'hg.repogroup.create.false', |
|
152 | 173 | 'hg.fork.none', 'hg.inherit_default_perms.false', False, False), |
|
153 | 174 | ('hg.create.repository', 'hg.create.write_on_repogroup.true', |
|
154 | 175 | 'hg.usergroup.create.true', 'hg.repogroup.create.true', |
|
155 | 176 | 'hg.fork.repository', 'hg.inherit_default_perms.false', |
|
156 | 177 | False, False), |
|
157 | 178 | ('hg.create.XXX', 'hg.create.write_on_repogroup.true', |
|
158 | 179 | 'hg.usergroup.create.true', 'hg.repogroup.create.true', |
|
159 | 180 | 'hg.fork.repository', 'hg.inherit_default_perms.false', |
|
160 | 181 | False, True), |
|
161 | 182 | ('', '', '', '', '', '', True, False), |
|
162 | 183 | ]) |
|
163 | 184 | def test_update_global_permissions( |
|
164 | 185 | self, repo_create, repo_create_write, user_group_create, |
|
165 | 186 | repo_group_create, fork_create, inherit_default_permissions, |
|
166 | 187 | expect_error, expect_form_error): |
|
167 | 188 | self.log_user() |
|
168 | 189 | |
|
169 | 190 | params = { |
|
170 | 191 | 'csrf_token': self.csrf_token, |
|
171 | 192 | 'default_repo_create': repo_create, |
|
172 | 193 | 'default_repo_create_on_write': repo_create_write, |
|
173 | 194 | 'default_user_group_create': user_group_create, |
|
174 | 195 | 'default_repo_group_create': repo_group_create, |
|
175 | 196 | 'default_fork_create': fork_create, |
|
176 | 197 | 'default_inherit_default_permissions': inherit_default_permissions |
|
177 | 198 | } |
|
178 |
response = self.app.post( |
|
|
199 | response = self.app.post(route_path('admin_permissions_global_update'), | |
|
179 | 200 | params=params) |
|
180 | 201 | if expect_form_error: |
|
181 | 202 | assert response.status_int == 200 |
|
182 | 203 | response.mustcontain('Value must be one of') |
|
183 | 204 | else: |
|
184 | 205 | if expect_error: |
|
185 | 206 | msg = 'Error occurred during update of permissions' |
|
186 | 207 | else: |
|
187 | 208 | msg = 'Global permissions updated successfully' |
|
188 | 209 | assert_session_flash(response, msg) |
|
189 | 210 | |
|
190 | 211 | def test_index_ips(self): |
|
191 | 212 | self.log_user() |
|
192 |
response = self.app.get( |
|
|
213 | response = self.app.get(route_path('admin_permissions_ips')) | |
|
193 | 214 | # TODO: Test response... |
|
194 | 215 | response.mustcontain('All IP addresses are allowed') |
|
195 | 216 | |
|
196 | 217 | def test_add_delete_ips(self): |
|
197 | 218 | self.log_user() |
|
198 | 219 | clear_all_caches() |
|
199 | 220 | |
|
200 | 221 | # ADD |
|
201 | 222 | default_user_id = User.get_default_user().user_id |
|
202 | 223 | self.app.post( |
|
203 | 224 | route_path('edit_user_ips_add', user_id=default_user_id), |
|
204 | 225 | params={'new_ip': '127.0.0.0/24', 'csrf_token': self.csrf_token}) |
|
205 | 226 | |
|
206 |
response = self.app.get( |
|
|
227 | response = self.app.get(route_path('admin_permissions_ips')) | |
|
207 | 228 | response.mustcontain('127.0.0.0/24') |
|
208 | 229 | response.mustcontain('127.0.0.0 - 127.0.0.255') |
|
209 | 230 | |
|
210 | 231 | # DELETE |
|
211 | 232 | default_user_id = User.get_default_user().user_id |
|
212 | 233 | del_ip_id = UserIpMap.query().filter(UserIpMap.user_id == |
|
213 | 234 | default_user_id).first().ip_id |
|
214 | 235 | |
|
215 | 236 | response = self.app.post( |
|
216 | 237 | route_path('edit_user_ips_delete', user_id=default_user_id), |
|
217 | 238 | params={'del_ip_id': del_ip_id, 'csrf_token': self.csrf_token}) |
|
218 | 239 | |
|
219 | 240 | assert_session_flash(response, 'Removed ip address from user whitelist') |
|
220 | 241 | |
|
221 | 242 | clear_all_caches() |
|
222 |
response = self.app.get( |
|
|
243 | response = self.app.get(route_path('admin_permissions_ips')) | |
|
223 | 244 | response.mustcontain('All IP addresses are allowed') |
|
224 | 245 | response.mustcontain(no=['127.0.0.0/24']) |
|
225 | 246 | response.mustcontain(no=['127.0.0.0 - 127.0.0.255']) |
|
226 | 247 | |
|
227 | 248 | def test_index_overview(self): |
|
228 | 249 | self.log_user() |
|
229 |
self.app.get( |
|
|
250 | self.app.get(route_path('admin_permissions_overview')) |
@@ -1,513 +1,530 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import urlparse |
|
22 | 22 | |
|
23 | 23 | import mock |
|
24 | 24 | import pytest |
|
25 | 25 | |
|
26 | from rhodecode.config.routing import ADMIN_PREFIX | |
|
27 | 26 | from rhodecode.tests import ( |
|
28 |
assert_session_flash |
|
|
27 | assert_session_flash, HG_REPO, TEST_USER_ADMIN_LOGIN, | |
|
29 | 28 | no_newline_id_generator) |
|
30 | 29 | from rhodecode.tests.fixture import Fixture |
|
31 | 30 | from rhodecode.lib.auth import check_password |
|
32 | 31 | from rhodecode.lib import helpers as h |
|
33 | 32 | from rhodecode.model.auth_token import AuthTokenModel |
|
34 | 33 | from rhodecode.model import validators |
|
35 | 34 | from rhodecode.model.db import User, Notification, UserApiKeys |
|
36 | 35 | from rhodecode.model.meta import Session |
|
37 | 36 | |
|
38 | 37 | fixture = Fixture() |
|
39 | 38 | |
|
40 | # Hardcode URLs because we don't have a request object to use | |
|
41 | # pyramids URL generation methods. | |
|
42 | index_url = '/' | |
|
43 | login_url = ADMIN_PREFIX + '/login' | |
|
44 | logut_url = ADMIN_PREFIX + '/logout' | |
|
45 | register_url = ADMIN_PREFIX + '/register' | |
|
46 | pwd_reset_url = ADMIN_PREFIX + '/password_reset' | |
|
47 | pwd_reset_confirm_url = ADMIN_PREFIX + '/password_reset_confirmation' | |
|
39 | ||
|
40 | def route_path(name, params=None, **kwargs): | |
|
41 | import urllib | |
|
42 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
43 | ||
|
44 | base_url = { | |
|
45 | 'login': ADMIN_PREFIX + '/login', | |
|
46 | 'logout': ADMIN_PREFIX + '/logout', | |
|
47 | 'register': ADMIN_PREFIX + '/register', | |
|
48 | 'reset_password': | |
|
49 | ADMIN_PREFIX + '/password_reset', | |
|
50 | 'reset_password_confirmation': | |
|
51 | ADMIN_PREFIX + '/password_reset_confirmation', | |
|
52 | ||
|
53 | 'admin_permissions_application': | |
|
54 | ADMIN_PREFIX + '/permissions/application', | |
|
55 | 'admin_permissions_application_update': | |
|
56 | ADMIN_PREFIX + '/permissions/application/update', | |
|
57 | ||
|
58 | 'repo_commit_raw': '/{repo_name}/raw-changeset/{commit_id}' | |
|
59 | ||
|
60 | }[name].format(**kwargs) | |
|
61 | ||
|
62 | if params: | |
|
63 | base_url = '{}?{}'.format(base_url, urllib.urlencode(params)) | |
|
64 | return base_url | |
|
48 | 65 | |
|
49 | 66 | |
|
50 | 67 | @pytest.mark.usefixtures('app') |
|
51 | 68 | class TestLoginController(object): |
|
52 | 69 | destroy_users = set() |
|
53 | 70 | |
|
54 | 71 | @classmethod |
|
55 | 72 | def teardown_class(cls): |
|
56 | 73 | fixture.destroy_users(cls.destroy_users) |
|
57 | 74 | |
|
58 | 75 | def teardown_method(self, method): |
|
59 | 76 | for n in Notification.query().all(): |
|
60 | 77 | Session().delete(n) |
|
61 | 78 | |
|
62 | 79 | Session().commit() |
|
63 | 80 | assert Notification.query().all() == [] |
|
64 | 81 | |
|
65 | 82 | def test_index(self): |
|
66 |
response = self.app.get( |
|
|
83 | response = self.app.get(route_path('login')) | |
|
67 | 84 | assert response.status == '200 OK' |
|
68 | 85 | # Test response... |
|
69 | 86 | |
|
70 | 87 | def test_login_admin_ok(self): |
|
71 |
response = self.app.post( |
|
|
88 | response = self.app.post(route_path('login'), | |
|
72 | 89 | {'username': 'test_admin', |
|
73 | 90 | 'password': 'test12'}) |
|
74 | 91 | assert response.status == '302 Found' |
|
75 | 92 | session = response.get_session_from_response() |
|
76 | 93 | username = session['rhodecode_user'].get('username') |
|
77 | 94 | assert username == 'test_admin' |
|
78 | 95 | response = response.follow() |
|
79 | 96 | response.mustcontain('/%s' % HG_REPO) |
|
80 | 97 | |
|
81 | 98 | def test_login_regular_ok(self): |
|
82 |
response = self.app.post( |
|
|
99 | response = self.app.post(route_path('login'), | |
|
83 | 100 | {'username': 'test_regular', |
|
84 | 101 | 'password': 'test12'}) |
|
85 | 102 | |
|
86 | 103 | assert response.status == '302 Found' |
|
87 | 104 | session = response.get_session_from_response() |
|
88 | 105 | username = session['rhodecode_user'].get('username') |
|
89 | 106 | assert username == 'test_regular' |
|
90 | 107 | response = response.follow() |
|
91 | 108 | response.mustcontain('/%s' % HG_REPO) |
|
92 | 109 | |
|
93 | 110 | def test_login_ok_came_from(self): |
|
94 | 111 | test_came_from = '/_admin/users?branch=stable' |
|
95 |
_url = '{}?came_from={}'.format( |
|
|
112 | _url = '{}?came_from={}'.format(route_path('login'), test_came_from) | |
|
96 | 113 | response = self.app.post( |
|
97 | 114 | _url, {'username': 'test_admin', 'password': 'test12'}) |
|
98 | 115 | assert response.status == '302 Found' |
|
99 | 116 | assert 'branch=stable' in response.location |
|
100 | 117 | response = response.follow() |
|
101 | 118 | |
|
102 | 119 | assert response.status == '200 OK' |
|
103 | 120 | response.mustcontain('Users administration') |
|
104 | 121 | |
|
105 | 122 | def test_redirect_to_login_with_get_args(self): |
|
106 | 123 | with fixture.anon_access(False): |
|
107 | 124 | kwargs = {'branch': 'stable'} |
|
108 | 125 | response = self.app.get( |
|
109 | 126 | h.route_path('repo_summary', repo_name=HG_REPO, _query=kwargs)) |
|
110 | 127 | assert response.status == '302 Found' |
|
111 | 128 | |
|
112 | 129 | response_query = urlparse.parse_qsl(response.location) |
|
113 | 130 | assert 'branch=stable' in response_query[0][1] |
|
114 | 131 | |
|
115 | 132 | def test_login_form_with_get_args(self): |
|
116 |
_url = '{}?came_from=/_admin/users,branch=stable'.format( |
|
|
133 | _url = '{}?came_from=/_admin/users,branch=stable'.format(route_path('login')) | |
|
117 | 134 | response = self.app.get(_url) |
|
118 | 135 | assert 'branch%3Dstable' in response.form.action |
|
119 | 136 | |
|
120 | 137 | @pytest.mark.parametrize("url_came_from", [ |
|
121 | 138 | 'data:text/html,<script>window.alert("xss")</script>', |
|
122 | 139 | 'mailto:test@rhodecode.org', |
|
123 | 140 | 'file:///etc/passwd', |
|
124 | 141 | 'ftp://some.ftp.server', |
|
125 | 142 | 'http://other.domain', |
|
126 | 143 | '/\r\nX-Forwarded-Host: http://example.org', |
|
127 | 144 | ], ids=no_newline_id_generator) |
|
128 | 145 | def test_login_bad_came_froms(self, url_came_from): |
|
129 |
_url = '{}?came_from={}'.format( |
|
|
146 | _url = '{}?came_from={}'.format(route_path('login'), url_came_from) | |
|
130 | 147 | response = self.app.post( |
|
131 | 148 | _url, |
|
132 | 149 | {'username': 'test_admin', 'password': 'test12'}) |
|
133 | 150 | assert response.status == '302 Found' |
|
134 | 151 | response = response.follow() |
|
135 | 152 | assert response.status == '200 OK' |
|
136 | 153 | assert response.request.path == '/' |
|
137 | 154 | |
|
138 | 155 | def test_login_short_password(self): |
|
139 |
response = self.app.post( |
|
|
156 | response = self.app.post(route_path('login'), | |
|
140 | 157 | {'username': 'test_admin', |
|
141 | 158 | 'password': 'as'}) |
|
142 | 159 | assert response.status == '200 OK' |
|
143 | 160 | |
|
144 | 161 | response.mustcontain('Enter 3 characters or more') |
|
145 | 162 | |
|
146 | 163 | def test_login_wrong_non_ascii_password(self, user_regular): |
|
147 | 164 | response = self.app.post( |
|
148 |
|
|
|
165 | route_path('login'), | |
|
149 | 166 | {'username': user_regular.username, |
|
150 | 167 | 'password': u'invalid-non-asci\xe4'.encode('utf8')}) |
|
151 | 168 | |
|
152 | 169 | response.mustcontain('invalid user name') |
|
153 | 170 | response.mustcontain('invalid password') |
|
154 | 171 | |
|
155 | 172 | def test_login_with_non_ascii_password(self, user_util): |
|
156 | 173 | password = u'valid-non-ascii\xe4' |
|
157 | 174 | user = user_util.create_user(password=password) |
|
158 | 175 | response = self.app.post( |
|
159 |
|
|
|
176 | route_path('login'), | |
|
160 | 177 | {'username': user.username, |
|
161 | 178 | 'password': password.encode('utf-8')}) |
|
162 | 179 | assert response.status_code == 302 |
|
163 | 180 | |
|
164 | 181 | def test_login_wrong_username_password(self): |
|
165 |
response = self.app.post( |
|
|
182 | response = self.app.post(route_path('login'), | |
|
166 | 183 | {'username': 'error', |
|
167 | 184 | 'password': 'test12'}) |
|
168 | 185 | |
|
169 | 186 | response.mustcontain('invalid user name') |
|
170 | 187 | response.mustcontain('invalid password') |
|
171 | 188 | |
|
172 | 189 | def test_login_admin_ok_password_migration(self, real_crypto_backend): |
|
173 | 190 | from rhodecode.lib import auth |
|
174 | 191 | |
|
175 | 192 | # create new user, with sha256 password |
|
176 | 193 | temp_user = 'test_admin_sha256' |
|
177 | 194 | user = fixture.create_user(temp_user) |
|
178 | 195 | user.password = auth._RhodeCodeCryptoSha256().hash_create( |
|
179 | 196 | b'test123') |
|
180 | 197 | Session().add(user) |
|
181 | 198 | Session().commit() |
|
182 | 199 | self.destroy_users.add(temp_user) |
|
183 |
response = self.app.post( |
|
|
200 | response = self.app.post(route_path('login'), | |
|
184 | 201 | {'username': temp_user, |
|
185 | 202 | 'password': 'test123'}) |
|
186 | 203 | |
|
187 | 204 | assert response.status == '302 Found' |
|
188 | 205 | session = response.get_session_from_response() |
|
189 | 206 | username = session['rhodecode_user'].get('username') |
|
190 | 207 | assert username == temp_user |
|
191 | 208 | response = response.follow() |
|
192 | 209 | response.mustcontain('/%s' % HG_REPO) |
|
193 | 210 | |
|
194 | 211 | # new password should be bcrypted, after log-in and transfer |
|
195 | 212 | user = User.get_by_username(temp_user) |
|
196 | 213 | assert user.password.startswith('$') |
|
197 | 214 | |
|
198 | 215 | # REGISTRATIONS |
|
199 | 216 | def test_register(self): |
|
200 |
response = self.app.get(register |
|
|
217 | response = self.app.get(route_path('register')) | |
|
201 | 218 | response.mustcontain('Create an Account') |
|
202 | 219 | |
|
203 | 220 | def test_register_err_same_username(self): |
|
204 | 221 | uname = 'test_admin' |
|
205 | 222 | response = self.app.post( |
|
206 |
register |
|
|
223 | route_path('register'), | |
|
207 | 224 | { |
|
208 | 225 | 'username': uname, |
|
209 | 226 | 'password': 'test12', |
|
210 | 227 | 'password_confirmation': 'test12', |
|
211 | 228 | 'email': 'goodmail@domain.com', |
|
212 | 229 | 'firstname': 'test', |
|
213 | 230 | 'lastname': 'test' |
|
214 | 231 | } |
|
215 | 232 | ) |
|
216 | 233 | |
|
217 | 234 | assertr = response.assert_response() |
|
218 | 235 | msg = validators.ValidUsername()._messages['username_exists'] |
|
219 | 236 | msg = msg % {'username': uname} |
|
220 | 237 | assertr.element_contains('#username+.error-message', msg) |
|
221 | 238 | |
|
222 | 239 | def test_register_err_same_email(self): |
|
223 | 240 | response = self.app.post( |
|
224 |
register |
|
|
241 | route_path('register'), | |
|
225 | 242 | { |
|
226 | 243 | 'username': 'test_admin_0', |
|
227 | 244 | 'password': 'test12', |
|
228 | 245 | 'password_confirmation': 'test12', |
|
229 | 246 | 'email': 'test_admin@mail.com', |
|
230 | 247 | 'firstname': 'test', |
|
231 | 248 | 'lastname': 'test' |
|
232 | 249 | } |
|
233 | 250 | ) |
|
234 | 251 | |
|
235 | 252 | assertr = response.assert_response() |
|
236 | 253 | msg = validators.UniqSystemEmail()()._messages['email_taken'] |
|
237 | 254 | assertr.element_contains('#email+.error-message', msg) |
|
238 | 255 | |
|
239 | 256 | def test_register_err_same_email_case_sensitive(self): |
|
240 | 257 | response = self.app.post( |
|
241 |
register |
|
|
258 | route_path('register'), | |
|
242 | 259 | { |
|
243 | 260 | 'username': 'test_admin_1', |
|
244 | 261 | 'password': 'test12', |
|
245 | 262 | 'password_confirmation': 'test12', |
|
246 | 263 | 'email': 'TesT_Admin@mail.COM', |
|
247 | 264 | 'firstname': 'test', |
|
248 | 265 | 'lastname': 'test' |
|
249 | 266 | } |
|
250 | 267 | ) |
|
251 | 268 | assertr = response.assert_response() |
|
252 | 269 | msg = validators.UniqSystemEmail()()._messages['email_taken'] |
|
253 | 270 | assertr.element_contains('#email+.error-message', msg) |
|
254 | 271 | |
|
255 | 272 | def test_register_err_wrong_data(self): |
|
256 | 273 | response = self.app.post( |
|
257 |
register |
|
|
274 | route_path('register'), | |
|
258 | 275 | { |
|
259 | 276 | 'username': 'xs', |
|
260 | 277 | 'password': 'test', |
|
261 | 278 | 'password_confirmation': 'test', |
|
262 | 279 | 'email': 'goodmailm', |
|
263 | 280 | 'firstname': 'test', |
|
264 | 281 | 'lastname': 'test' |
|
265 | 282 | } |
|
266 | 283 | ) |
|
267 | 284 | assert response.status == '200 OK' |
|
268 | 285 | response.mustcontain('An email address must contain a single @') |
|
269 | 286 | response.mustcontain('Enter a value 6 characters long or more') |
|
270 | 287 | |
|
271 | 288 | def test_register_err_username(self): |
|
272 | 289 | response = self.app.post( |
|
273 |
register |
|
|
290 | route_path('register'), | |
|
274 | 291 | { |
|
275 | 292 | 'username': 'error user', |
|
276 | 293 | 'password': 'test12', |
|
277 | 294 | 'password_confirmation': 'test12', |
|
278 | 295 | 'email': 'goodmailm', |
|
279 | 296 | 'firstname': 'test', |
|
280 | 297 | 'lastname': 'test' |
|
281 | 298 | } |
|
282 | 299 | ) |
|
283 | 300 | |
|
284 | 301 | response.mustcontain('An email address must contain a single @') |
|
285 | 302 | response.mustcontain( |
|
286 | 303 | 'Username may only contain ' |
|
287 | 304 | 'alphanumeric characters underscores, ' |
|
288 | 305 | 'periods or dashes and must begin with ' |
|
289 | 306 | 'alphanumeric character') |
|
290 | 307 | |
|
291 | 308 | def test_register_err_case_sensitive(self): |
|
292 | 309 | usr = 'Test_Admin' |
|
293 | 310 | response = self.app.post( |
|
294 |
register |
|
|
311 | route_path('register'), | |
|
295 | 312 | { |
|
296 | 313 | 'username': usr, |
|
297 | 314 | 'password': 'test12', |
|
298 | 315 | 'password_confirmation': 'test12', |
|
299 | 316 | 'email': 'goodmailm', |
|
300 | 317 | 'firstname': 'test', |
|
301 | 318 | 'lastname': 'test' |
|
302 | 319 | } |
|
303 | 320 | ) |
|
304 | 321 | |
|
305 | 322 | assertr = response.assert_response() |
|
306 | 323 | msg = validators.ValidUsername()._messages['username_exists'] |
|
307 | 324 | msg = msg % {'username': usr} |
|
308 | 325 | assertr.element_contains('#username+.error-message', msg) |
|
309 | 326 | |
|
310 | 327 | def test_register_special_chars(self): |
|
311 | 328 | response = self.app.post( |
|
312 |
register |
|
|
329 | route_path('register'), | |
|
313 | 330 | { |
|
314 | 331 | 'username': 'xxxaxn', |
|
315 | 332 | 'password': 'ąćźżąśśśś', |
|
316 | 333 | 'password_confirmation': 'ąćźżąśśśś', |
|
317 | 334 | 'email': 'goodmailm@test.plx', |
|
318 | 335 | 'firstname': 'test', |
|
319 | 336 | 'lastname': 'test' |
|
320 | 337 | } |
|
321 | 338 | ) |
|
322 | 339 | |
|
323 | 340 | msg = validators.ValidPassword()._messages['invalid_password'] |
|
324 | 341 | response.mustcontain(msg) |
|
325 | 342 | |
|
326 | 343 | def test_register_password_mismatch(self): |
|
327 | 344 | response = self.app.post( |
|
328 |
register |
|
|
345 | route_path('register'), | |
|
329 | 346 | { |
|
330 | 347 | 'username': 'xs', |
|
331 | 348 | 'password': '123qwe', |
|
332 | 349 | 'password_confirmation': 'qwe123', |
|
333 | 350 | 'email': 'goodmailm@test.plxa', |
|
334 | 351 | 'firstname': 'test', |
|
335 | 352 | 'lastname': 'test' |
|
336 | 353 | } |
|
337 | 354 | ) |
|
338 | 355 | msg = validators.ValidPasswordsMatch()._messages['password_mismatch'] |
|
339 | 356 | response.mustcontain(msg) |
|
340 | 357 | |
|
341 | 358 | def test_register_ok(self): |
|
342 | 359 | username = 'test_regular4' |
|
343 | 360 | password = 'qweqwe' |
|
344 | 361 | email = 'marcin@test.com' |
|
345 | 362 | name = 'testname' |
|
346 | 363 | lastname = 'testlastname' |
|
347 | 364 | |
|
348 | 365 | response = self.app.post( |
|
349 |
register |
|
|
366 | route_path('register'), | |
|
350 | 367 | { |
|
351 | 368 | 'username': username, |
|
352 | 369 | 'password': password, |
|
353 | 370 | 'password_confirmation': password, |
|
354 | 371 | 'email': email, |
|
355 | 372 | 'firstname': name, |
|
356 | 373 | 'lastname': lastname, |
|
357 | 374 | 'admin': True |
|
358 | 375 | } |
|
359 | 376 | ) # This should be overriden |
|
360 | 377 | assert response.status == '302 Found' |
|
361 | 378 | assert_session_flash( |
|
362 | 379 | response, 'You have successfully registered with RhodeCode') |
|
363 | 380 | |
|
364 | 381 | ret = Session().query(User).filter( |
|
365 | 382 | User.username == 'test_regular4').one() |
|
366 | 383 | assert ret.username == username |
|
367 | 384 | assert check_password(password, ret.password) |
|
368 | 385 | assert ret.email == email |
|
369 | 386 | assert ret.name == name |
|
370 | 387 | assert ret.lastname == lastname |
|
371 | 388 | assert ret.auth_tokens is not None |
|
372 | 389 | assert not ret.admin |
|
373 | 390 | |
|
374 | 391 | def test_forgot_password_wrong_mail(self): |
|
375 | 392 | bad_email = 'marcin@wrongmail.org' |
|
376 | 393 | response = self.app.post( |
|
377 |
|
|
|
394 | route_path('reset_password'), {'email': bad_email, } | |
|
378 | 395 | ) |
|
379 | 396 | assert_session_flash(response, |
|
380 | 397 | 'If such email exists, a password reset link was sent to it.') |
|
381 | 398 | |
|
382 | 399 | def test_forgot_password(self, user_util): |
|
383 |
response = self.app.get( |
|
|
400 | response = self.app.get(route_path('reset_password')) | |
|
384 | 401 | assert response.status == '200 OK' |
|
385 | 402 | |
|
386 | 403 | user = user_util.create_user() |
|
387 | 404 | user_id = user.user_id |
|
388 | 405 | email = user.email |
|
389 | 406 | |
|
390 |
response = self.app.post( |
|
|
407 | response = self.app.post(route_path('reset_password'), {'email': email, }) | |
|
391 | 408 | |
|
392 | 409 | assert_session_flash(response, |
|
393 | 410 | 'If such email exists, a password reset link was sent to it.') |
|
394 | 411 | |
|
395 | 412 | # BAD KEY |
|
396 |
confirm_url = '{}?key={}'.format( |
|
|
413 | confirm_url = '{}?key={}'.format(route_path('reset_password_confirmation'), 'badkey') | |
|
397 | 414 | response = self.app.get(confirm_url) |
|
398 | 415 | assert response.status == '302 Found' |
|
399 |
assert response.location.endswith( |
|
|
416 | assert response.location.endswith(route_path('reset_password')) | |
|
400 | 417 | assert_session_flash(response, 'Given reset token is invalid') |
|
401 | 418 | |
|
402 | 419 | response.follow() # cleanup flash |
|
403 | 420 | |
|
404 | 421 | # GOOD KEY |
|
405 | 422 | key = UserApiKeys.query()\ |
|
406 | 423 | .filter(UserApiKeys.user_id == user_id)\ |
|
407 | 424 | .filter(UserApiKeys.role == UserApiKeys.ROLE_PASSWORD_RESET)\ |
|
408 | 425 | .first() |
|
409 | 426 | |
|
410 | 427 | assert key |
|
411 | 428 | |
|
412 |
confirm_url = '{}?key={}'.format( |
|
|
429 | confirm_url = '{}?key={}'.format(route_path('reset_password_confirmation'), key.api_key) | |
|
413 | 430 | response = self.app.get(confirm_url) |
|
414 | 431 | assert response.status == '302 Found' |
|
415 |
assert response.location.endswith( |
|
|
432 | assert response.location.endswith(route_path('login')) | |
|
416 | 433 | |
|
417 | 434 | assert_session_flash( |
|
418 | 435 | response, |
|
419 | 436 | 'Your password reset was successful, ' |
|
420 | 437 | 'a new password has been sent to your email') |
|
421 | 438 | |
|
422 | 439 | response.follow() |
|
423 | 440 | |
|
424 | 441 | def _get_api_whitelist(self, values=None): |
|
425 | 442 | config = {'api_access_controllers_whitelist': values or []} |
|
426 | 443 | return config |
|
427 | 444 | |
|
428 | 445 | @pytest.mark.parametrize("test_name, auth_token", [ |
|
429 | 446 | ('none', None), |
|
430 | 447 | ('empty_string', ''), |
|
431 | 448 | ('fake_number', '123456'), |
|
432 | 449 | ('proper_auth_token', None) |
|
433 | 450 | ]) |
|
434 | 451 | def test_access_not_whitelisted_page_via_auth_token( |
|
435 | 452 | self, test_name, auth_token, user_admin): |
|
436 | 453 | |
|
437 | 454 | whitelist = self._get_api_whitelist([]) |
|
438 | 455 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
439 | 456 | assert [] == whitelist['api_access_controllers_whitelist'] |
|
440 | 457 | if test_name == 'proper_auth_token': |
|
441 | 458 | # use builtin if api_key is None |
|
442 | 459 | auth_token = user_admin.api_key |
|
443 | 460 | |
|
444 | 461 | with fixture.anon_access(False): |
|
445 |
self.app.get( |
|
|
446 | action='changeset_raw', | |
|
447 |
|
|
|
448 |
|
|
|
462 | self.app.get( | |
|
463 | route_path('repo_commit_raw', | |
|
464 | repo_name=HG_REPO, commit_id='tip', | |
|
465 | params=dict(api_key=auth_token)), | |
|
449 | 466 |
|
|
450 | 467 | |
|
451 | 468 | @pytest.mark.parametrize("test_name, auth_token, code", [ |
|
452 | 469 | ('none', None, 302), |
|
453 | 470 | ('empty_string', '', 302), |
|
454 | 471 | ('fake_number', '123456', 302), |
|
455 | 472 | ('proper_auth_token', None, 200) |
|
456 | 473 | ]) |
|
457 | 474 | def test_access_whitelisted_page_via_auth_token( |
|
458 | 475 | self, test_name, auth_token, code, user_admin): |
|
459 | 476 | |
|
460 | 477 | whitelist_entry = ['ChangesetController:changeset_raw'] |
|
461 | 478 | whitelist = self._get_api_whitelist(whitelist_entry) |
|
462 | 479 | |
|
463 | 480 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
464 | 481 | assert whitelist_entry == whitelist['api_access_controllers_whitelist'] |
|
465 | 482 | |
|
466 | 483 | if test_name == 'proper_auth_token': |
|
467 | 484 | auth_token = user_admin.api_key |
|
468 | 485 | assert auth_token |
|
469 | 486 | |
|
470 | 487 | with fixture.anon_access(False): |
|
471 |
self.app.get( |
|
|
472 | action='changeset_raw', | |
|
473 |
|
|
|
474 |
|
|
|
488 | self.app.get( | |
|
489 | route_path('repo_commit_raw', | |
|
490 | repo_name=HG_REPO, commit_id='tip', | |
|
491 | params=dict(api_key=auth_token)), | |
|
475 | 492 |
|
|
476 | 493 | |
|
477 | 494 | def test_access_page_via_extra_auth_token(self): |
|
478 | 495 | whitelist = self._get_api_whitelist( |
|
479 | 496 | ['ChangesetController:changeset_raw']) |
|
480 | 497 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
481 | 498 | assert ['ChangesetController:changeset_raw'] == \ |
|
482 | 499 | whitelist['api_access_controllers_whitelist'] |
|
483 | 500 | |
|
484 | 501 | new_auth_token = AuthTokenModel().create( |
|
485 | 502 | TEST_USER_ADMIN_LOGIN, 'test') |
|
486 | 503 | Session().commit() |
|
487 | 504 | with fixture.anon_access(False): |
|
488 |
self.app.get( |
|
|
489 | action='changeset_raw', | |
|
490 |
|
|
|
491 |
|
|
|
505 | self.app.get( | |
|
506 | route_path('repo_commit_raw', | |
|
507 | repo_name=HG_REPO, commit_id='tip', | |
|
508 | params=dict(api_key=new_auth_token.api_key)), | |
|
492 | 509 |
|
|
493 | 510 | |
|
494 | 511 | def test_access_page_via_expired_auth_token(self): |
|
495 | 512 | whitelist = self._get_api_whitelist( |
|
496 | 513 | ['ChangesetController:changeset_raw']) |
|
497 | 514 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
498 | 515 | assert ['ChangesetController:changeset_raw'] == \ |
|
499 | 516 | whitelist['api_access_controllers_whitelist'] |
|
500 | 517 | |
|
501 | 518 | new_auth_token = AuthTokenModel().create( |
|
502 | 519 | TEST_USER_ADMIN_LOGIN, 'test') |
|
503 | 520 | Session().commit() |
|
504 | 521 | # patch the api key and make it expired |
|
505 | 522 | new_auth_token.expires = 0 |
|
506 | 523 | Session().add(new_auth_token) |
|
507 | 524 | Session().commit() |
|
508 | 525 | with fixture.anon_access(False): |
|
509 |
self.app.get( |
|
|
510 | action='changeset_raw', | |
|
511 |
|
|
|
512 |
|
|
|
526 | self.app.get( | |
|
527 | route_path('repo_commit_raw', | |
|
528 | repo_name=HG_REPO, commit_id='tip', | |
|
529 | params=dict(api_key=new_auth_token.api_key)), | |
|
513 | 530 |
|
@@ -1,106 +1,121 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import pytest |
|
22 | 22 | |
|
23 | from rhodecode.config.routing import ADMIN_PREFIX | |
|
23 | from rhodecode.lib import helpers as h | |
|
24 | 24 | from rhodecode.tests import ( |
|
25 |
TestController, clear_all_caches, |
|
|
25 | TestController, clear_all_caches, | |
|
26 | 26 | TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
27 | 27 | from rhodecode.tests.fixture import Fixture |
|
28 | 28 | from rhodecode.tests.utils import AssertResponse |
|
29 | 29 | |
|
30 | 30 | fixture = Fixture() |
|
31 | 31 | |
|
32 | # Hardcode URLs because we don't have a request object to use | |
|
33 | # pyramids URL generation methods. | |
|
34 | index_url = '/' | |
|
35 | login_url = ADMIN_PREFIX + '/login' | |
|
36 | logut_url = ADMIN_PREFIX + '/logout' | |
|
37 | register_url = ADMIN_PREFIX + '/register' | |
|
38 | pwd_reset_url = ADMIN_PREFIX + '/password_reset' | |
|
39 | pwd_reset_confirm_url = ADMIN_PREFIX + '/password_reset_confirmation' | |
|
32 | ||
|
33 | def route_path(name, params=None, **kwargs): | |
|
34 | import urllib | |
|
35 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
36 | ||
|
37 | base_url = { | |
|
38 | 'login': ADMIN_PREFIX + '/login', | |
|
39 | 'logout': ADMIN_PREFIX + '/logout', | |
|
40 | 'register': ADMIN_PREFIX + '/register', | |
|
41 | 'reset_password': | |
|
42 | ADMIN_PREFIX + '/password_reset', | |
|
43 | 'reset_password_confirmation': | |
|
44 | ADMIN_PREFIX + '/password_reset_confirmation', | |
|
45 | ||
|
46 | 'admin_permissions_application': | |
|
47 | ADMIN_PREFIX + '/permissions/application', | |
|
48 | 'admin_permissions_application_update': | |
|
49 | ADMIN_PREFIX + '/permissions/application/update', | |
|
50 | }[name].format(**kwargs) | |
|
51 | ||
|
52 | if params: | |
|
53 | base_url = '{}?{}'.format(base_url, urllib.urlencode(params)) | |
|
54 | return base_url | |
|
40 | 55 | |
|
41 | 56 | |
|
42 | 57 | class TestPasswordReset(TestController): |
|
43 | 58 | |
|
44 | 59 | @pytest.mark.parametrize( |
|
45 | 60 | 'pwd_reset_setting, show_link, show_reset', [ |
|
46 | 61 | ('hg.password_reset.enabled', True, True), |
|
47 | 62 | ('hg.password_reset.hidden', False, True), |
|
48 | 63 | ('hg.password_reset.disabled', False, False), |
|
49 | 64 | ]) |
|
50 | 65 | def test_password_reset_settings( |
|
51 | 66 | self, pwd_reset_setting, show_link, show_reset): |
|
52 | 67 | clear_all_caches() |
|
53 | 68 | self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
54 | 69 | params = { |
|
55 | 70 | 'csrf_token': self.csrf_token, |
|
56 | 71 | 'anonymous': 'True', |
|
57 | 72 | 'default_register': 'hg.register.auto_activate', |
|
58 | 73 | 'default_register_message': '', |
|
59 | 74 | 'default_password_reset': pwd_reset_setting, |
|
60 | 75 | 'default_extern_activate': 'hg.extern_activate.auto', |
|
61 | 76 | } |
|
62 |
resp = self.app.post( |
|
|
77 | resp = self.app.post(route_path('admin_permissions_application_update'), params=params) | |
|
63 | 78 | self.logout_user() |
|
64 | 79 | |
|
65 |
login_page = self.app.get( |
|
|
80 | login_page = self.app.get(route_path('login')) | |
|
66 | 81 | asr_login = AssertResponse(login_page) |
|
67 |
index_page = self.app.get( |
|
|
82 | index_page = self.app.get(h.route_path('home')) | |
|
68 | 83 | asr_index = AssertResponse(index_page) |
|
69 | 84 | |
|
70 | 85 | if show_link: |
|
71 | 86 | asr_login.one_element_exists('a.pwd_reset') |
|
72 | 87 | asr_index.one_element_exists('a.pwd_reset') |
|
73 | 88 | else: |
|
74 | 89 | asr_login.no_element_exists('a.pwd_reset') |
|
75 | 90 | asr_index.no_element_exists('a.pwd_reset') |
|
76 | 91 | |
|
77 |
response = self.app.get( |
|
|
92 | response = self.app.get(route_path('reset_password')) | |
|
78 | 93 | |
|
79 | 94 | assert_response = AssertResponse(response) |
|
80 | 95 | if show_reset: |
|
81 | 96 | response.mustcontain('Send password reset email') |
|
82 | 97 | assert_response.one_element_exists('#email') |
|
83 | 98 | assert_response.one_element_exists('#send') |
|
84 | 99 | else: |
|
85 | 100 | response.mustcontain('Password reset is disabled.') |
|
86 | 101 | assert_response.no_element_exists('#email') |
|
87 | 102 | assert_response.no_element_exists('#send') |
|
88 | 103 | |
|
89 | 104 | def test_password_form_disabled(self): |
|
90 | 105 | self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
91 | 106 | params = { |
|
92 | 107 | 'csrf_token': self.csrf_token, |
|
93 | 108 | 'anonymous': 'True', |
|
94 | 109 | 'default_register': 'hg.register.auto_activate', |
|
95 | 110 | 'default_register_message': '', |
|
96 | 111 | 'default_password_reset': 'hg.password_reset.disabled', |
|
97 | 112 | 'default_extern_activate': 'hg.extern_activate.auto', |
|
98 | 113 | } |
|
99 |
self.app.post( |
|
|
114 | self.app.post(route_path('admin_permissions_application_update'), params=params) | |
|
100 | 115 | self.logout_user() |
|
101 | 116 | |
|
102 | 117 | response = self.app.post( |
|
103 |
|
|
|
118 | route_path('reset_password'), {'email': 'lisa@rhodecode.com',} | |
|
104 | 119 | ) |
|
105 | 120 | response = response.follow() |
|
106 | 121 | response.mustcontain('Password reset is disabled.') |
@@ -1,686 +1,660 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | """ |
|
22 | 22 | Routes configuration |
|
23 | 23 | |
|
24 | 24 | The more specific and detailed routes should be defined first so they |
|
25 | 25 | may take precedent over the more generic routes. For more information |
|
26 | 26 | refer to the routes manual at http://routes.groovie.org/docs/ |
|
27 | 27 | |
|
28 | 28 | IMPORTANT: if you change any routing here, make sure to take a look at lib/base.py |
|
29 | 29 | and _route_name variable which uses some of stored naming here to do redirects. |
|
30 | 30 | """ |
|
31 | 31 | import os |
|
32 | 32 | import re |
|
33 | 33 | from routes import Mapper |
|
34 | 34 | |
|
35 | 35 | # prefix for non repository related links needs to be prefixed with `/` |
|
36 | 36 | ADMIN_PREFIX = '/_admin' |
|
37 | 37 | STATIC_FILE_PREFIX = '/_static' |
|
38 | 38 | |
|
39 | 39 | # Default requirements for URL parts |
|
40 | 40 | URL_NAME_REQUIREMENTS = { |
|
41 | 41 | # group name can have a slash in them, but they must not end with a slash |
|
42 | 42 | 'group_name': r'.*?[^/]', |
|
43 | 43 | 'repo_group_name': r'.*?[^/]', |
|
44 | 44 | # repo names can have a slash in them, but they must not end with a slash |
|
45 | 45 | 'repo_name': r'.*?[^/]', |
|
46 | 46 | # file path eats up everything at the end |
|
47 | 47 | 'f_path': r'.*', |
|
48 | 48 | # reference types |
|
49 | 49 | 'source_ref_type': '(branch|book|tag|rev|\%\(source_ref_type\)s)', |
|
50 | 50 | 'target_ref_type': '(branch|book|tag|rev|\%\(target_ref_type\)s)', |
|
51 | 51 | } |
|
52 | 52 | |
|
53 | 53 | |
|
54 | 54 | class JSRoutesMapper(Mapper): |
|
55 | 55 | """ |
|
56 | 56 | Wrapper for routes.Mapper to make pyroutes compatible url definitions |
|
57 | 57 | """ |
|
58 | 58 | _named_route_regex = re.compile(r'^[a-z-_0-9A-Z]+$') |
|
59 | 59 | _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)') |
|
60 | 60 | def __init__(self, *args, **kw): |
|
61 | 61 | super(JSRoutesMapper, self).__init__(*args, **kw) |
|
62 | 62 | self._jsroutes = [] |
|
63 | 63 | |
|
64 | 64 | def connect(self, *args, **kw): |
|
65 | 65 | """ |
|
66 | 66 | Wrapper for connect to take an extra argument jsroute=True |
|
67 | 67 | |
|
68 | 68 | :param jsroute: boolean, if True will add the route to the pyroutes list |
|
69 | 69 | """ |
|
70 | 70 | if kw.pop('jsroute', False): |
|
71 | 71 | if not self._named_route_regex.match(args[0]): |
|
72 | 72 | raise Exception('only named routes can be added to pyroutes') |
|
73 | 73 | self._jsroutes.append(args[0]) |
|
74 | 74 | |
|
75 | 75 | super(JSRoutesMapper, self).connect(*args, **kw) |
|
76 | 76 | |
|
77 | 77 | def _extract_route_information(self, route): |
|
78 | 78 | """ |
|
79 | 79 | Convert a route into tuple(name, path, args), eg: |
|
80 | 80 | ('show_user', '/profile/%(username)s', ['username']) |
|
81 | 81 | """ |
|
82 | 82 | routepath = route.routepath |
|
83 | 83 | def replace(matchobj): |
|
84 | 84 | if matchobj.group(1): |
|
85 | 85 | return "%%(%s)s" % matchobj.group(1).split(':')[0] |
|
86 | 86 | else: |
|
87 | 87 | return "%%(%s)s" % matchobj.group(2) |
|
88 | 88 | |
|
89 | 89 | routepath = self._argument_prog.sub(replace, routepath) |
|
90 | 90 | return ( |
|
91 | 91 | route.name, |
|
92 | 92 | routepath, |
|
93 | 93 | [(arg[0].split(':')[0] if arg[0] != '' else arg[1]) |
|
94 | 94 | for arg in self._argument_prog.findall(route.routepath)] |
|
95 | 95 | ) |
|
96 | 96 | |
|
97 | 97 | def jsroutes(self): |
|
98 | 98 | """ |
|
99 | 99 | Return a list of pyroutes.js compatible routes |
|
100 | 100 | """ |
|
101 | 101 | for route_name in self._jsroutes: |
|
102 | 102 | yield self._extract_route_information(self._routenames[route_name]) |
|
103 | 103 | |
|
104 | 104 | |
|
105 | 105 | def make_map(config): |
|
106 | 106 | """Create, configure and return the routes Mapper""" |
|
107 | 107 | rmap = JSRoutesMapper( |
|
108 | 108 | directory=config['pylons.paths']['controllers'], |
|
109 | 109 | always_scan=config['debug']) |
|
110 | 110 | rmap.minimization = False |
|
111 | 111 | rmap.explicit = False |
|
112 | 112 | |
|
113 | 113 | from rhodecode.lib.utils2 import str2bool |
|
114 | 114 | from rhodecode.model import repo, repo_group |
|
115 | 115 | |
|
116 | 116 | def check_repo(environ, match_dict): |
|
117 | 117 | """ |
|
118 | 118 | check for valid repository for proper 404 handling |
|
119 | 119 | |
|
120 | 120 | :param environ: |
|
121 | 121 | :param match_dict: |
|
122 | 122 | """ |
|
123 | 123 | repo_name = match_dict.get('repo_name') |
|
124 | 124 | |
|
125 | 125 | if match_dict.get('f_path'): |
|
126 | 126 | # fix for multiple initial slashes that causes errors |
|
127 | 127 | match_dict['f_path'] = match_dict['f_path'].lstrip('/') |
|
128 | 128 | repo_model = repo.RepoModel() |
|
129 | 129 | by_name_match = repo_model.get_by_repo_name(repo_name) |
|
130 | 130 | # if we match quickly from database, short circuit the operation, |
|
131 | 131 | # and validate repo based on the type. |
|
132 | 132 | if by_name_match: |
|
133 | 133 | return True |
|
134 | 134 | |
|
135 | 135 | by_id_match = repo_model.get_repo_by_id(repo_name) |
|
136 | 136 | if by_id_match: |
|
137 | 137 | repo_name = by_id_match.repo_name |
|
138 | 138 | match_dict['repo_name'] = repo_name |
|
139 | 139 | return True |
|
140 | 140 | |
|
141 | 141 | return False |
|
142 | 142 | |
|
143 | 143 | def check_group(environ, match_dict): |
|
144 | 144 | """ |
|
145 | 145 | check for valid repository group path for proper 404 handling |
|
146 | 146 | |
|
147 | 147 | :param environ: |
|
148 | 148 | :param match_dict: |
|
149 | 149 | """ |
|
150 | 150 | repo_group_name = match_dict.get('group_name') |
|
151 | 151 | repo_group_model = repo_group.RepoGroupModel() |
|
152 | 152 | by_name_match = repo_group_model.get_by_group_name(repo_group_name) |
|
153 | 153 | if by_name_match: |
|
154 | 154 | return True |
|
155 | 155 | |
|
156 | 156 | return False |
|
157 | 157 | |
|
158 | 158 | def check_user_group(environ, match_dict): |
|
159 | 159 | """ |
|
160 | 160 | check for valid user group for proper 404 handling |
|
161 | 161 | |
|
162 | 162 | :param environ: |
|
163 | 163 | :param match_dict: |
|
164 | 164 | """ |
|
165 | 165 | return True |
|
166 | 166 | |
|
167 | 167 | def check_int(environ, match_dict): |
|
168 | 168 | return match_dict.get('id').isdigit() |
|
169 | 169 | |
|
170 | 170 | |
|
171 | 171 | #========================================================================== |
|
172 | 172 | # CUSTOM ROUTES HERE |
|
173 | 173 | #========================================================================== |
|
174 | 174 | |
|
175 | 175 | # ping and pylons error test |
|
176 | 176 | rmap.connect('ping', '%s/ping' % (ADMIN_PREFIX,), controller='home', action='ping') |
|
177 | 177 | rmap.connect('error_test', '%s/error_test' % (ADMIN_PREFIX,), controller='home', action='error_test') |
|
178 | 178 | |
|
179 | 179 | # ADMIN REPOSITORY ROUTES |
|
180 | 180 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
181 | 181 | controller='admin/repos') as m: |
|
182 | 182 | m.connect('repos', '/repos', |
|
183 | 183 | action='create', conditions={'method': ['POST']}) |
|
184 | 184 | m.connect('repos', '/repos', |
|
185 | 185 | action='index', conditions={'method': ['GET']}) |
|
186 | 186 | m.connect('new_repo', '/create_repository', jsroute=True, |
|
187 | 187 | action='create_repository', conditions={'method': ['GET']}) |
|
188 | 188 | m.connect('delete_repo', '/repos/{repo_name}', |
|
189 | 189 | action='delete', conditions={'method': ['DELETE']}, |
|
190 | 190 | requirements=URL_NAME_REQUIREMENTS) |
|
191 | 191 | m.connect('repo', '/repos/{repo_name}', |
|
192 | 192 | action='show', conditions={'method': ['GET'], |
|
193 | 193 | 'function': check_repo}, |
|
194 | 194 | requirements=URL_NAME_REQUIREMENTS) |
|
195 | 195 | |
|
196 | 196 | # ADMIN REPOSITORY GROUPS ROUTES |
|
197 | 197 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
198 | 198 | controller='admin/repo_groups') as m: |
|
199 | 199 | m.connect('repo_groups', '/repo_groups', |
|
200 | 200 | action='create', conditions={'method': ['POST']}) |
|
201 | 201 | m.connect('repo_groups', '/repo_groups', |
|
202 | 202 | action='index', conditions={'method': ['GET']}) |
|
203 | 203 | m.connect('new_repo_group', '/repo_groups/new', |
|
204 | 204 | action='new', conditions={'method': ['GET']}) |
|
205 | 205 | m.connect('update_repo_group', '/repo_groups/{group_name}', |
|
206 | 206 | action='update', conditions={'method': ['PUT'], |
|
207 | 207 | 'function': check_group}, |
|
208 | 208 | requirements=URL_NAME_REQUIREMENTS) |
|
209 | 209 | |
|
210 | 210 | # EXTRAS REPO GROUP ROUTES |
|
211 | 211 | m.connect('edit_repo_group', '/repo_groups/{group_name}/edit', |
|
212 | 212 | action='edit', |
|
213 | 213 | conditions={'method': ['GET'], 'function': check_group}, |
|
214 | 214 | requirements=URL_NAME_REQUIREMENTS) |
|
215 | 215 | m.connect('edit_repo_group', '/repo_groups/{group_name}/edit', |
|
216 | 216 | action='edit', |
|
217 | 217 | conditions={'method': ['PUT'], 'function': check_group}, |
|
218 | 218 | requirements=URL_NAME_REQUIREMENTS) |
|
219 | 219 | |
|
220 | 220 | m.connect('edit_repo_group_advanced', '/repo_groups/{group_name}/edit/advanced', |
|
221 | 221 | action='edit_repo_group_advanced', |
|
222 | 222 | conditions={'method': ['GET'], 'function': check_group}, |
|
223 | 223 | requirements=URL_NAME_REQUIREMENTS) |
|
224 | 224 | m.connect('edit_repo_group_advanced', '/repo_groups/{group_name}/edit/advanced', |
|
225 | 225 | action='edit_repo_group_advanced', |
|
226 | 226 | conditions={'method': ['PUT'], 'function': check_group}, |
|
227 | 227 | requirements=URL_NAME_REQUIREMENTS) |
|
228 | 228 | |
|
229 | 229 | m.connect('edit_repo_group_perms', '/repo_groups/{group_name}/edit/permissions', |
|
230 | 230 | action='edit_repo_group_perms', |
|
231 | 231 | conditions={'method': ['GET'], 'function': check_group}, |
|
232 | 232 | requirements=URL_NAME_REQUIREMENTS) |
|
233 | 233 | m.connect('edit_repo_group_perms', '/repo_groups/{group_name}/edit/permissions', |
|
234 | 234 | action='update_perms', |
|
235 | 235 | conditions={'method': ['PUT'], 'function': check_group}, |
|
236 | 236 | requirements=URL_NAME_REQUIREMENTS) |
|
237 | 237 | |
|
238 | 238 | m.connect('delete_repo_group', '/repo_groups/{group_name}', |
|
239 | 239 | action='delete', conditions={'method': ['DELETE'], |
|
240 | 240 | 'function': check_group}, |
|
241 | 241 | requirements=URL_NAME_REQUIREMENTS) |
|
242 | 242 | |
|
243 | 243 | # ADMIN USER ROUTES |
|
244 | 244 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
245 | 245 | controller='admin/users') as m: |
|
246 | 246 | m.connect('users', '/users', |
|
247 | 247 | action='create', conditions={'method': ['POST']}) |
|
248 | 248 | m.connect('new_user', '/users/new', |
|
249 | 249 | action='new', conditions={'method': ['GET']}) |
|
250 | 250 | m.connect('update_user', '/users/{user_id}', |
|
251 | 251 | action='update', conditions={'method': ['PUT']}) |
|
252 | 252 | m.connect('delete_user', '/users/{user_id}', |
|
253 | 253 | action='delete', conditions={'method': ['DELETE']}) |
|
254 | 254 | m.connect('edit_user', '/users/{user_id}/edit', |
|
255 | 255 | action='edit', conditions={'method': ['GET']}, jsroute=True) |
|
256 | 256 | m.connect('user', '/users/{user_id}', |
|
257 | 257 | action='show', conditions={'method': ['GET']}) |
|
258 | 258 | m.connect('force_password_reset_user', '/users/{user_id}/password_reset', |
|
259 | 259 | action='reset_password', conditions={'method': ['POST']}) |
|
260 | 260 | m.connect('create_personal_repo_group', '/users/{user_id}/create_repo_group', |
|
261 | 261 | action='create_personal_repo_group', conditions={'method': ['POST']}) |
|
262 | 262 | |
|
263 | 263 | # EXTRAS USER ROUTES |
|
264 | 264 | m.connect('edit_user_advanced', '/users/{user_id}/edit/advanced', |
|
265 | 265 | action='edit_advanced', conditions={'method': ['GET']}) |
|
266 | 266 | m.connect('edit_user_advanced', '/users/{user_id}/edit/advanced', |
|
267 | 267 | action='update_advanced', conditions={'method': ['PUT']}) |
|
268 | 268 | |
|
269 | 269 | m.connect('edit_user_global_perms', '/users/{user_id}/edit/global_permissions', |
|
270 | 270 | action='edit_global_perms', conditions={'method': ['GET']}) |
|
271 | 271 | m.connect('edit_user_global_perms', '/users/{user_id}/edit/global_permissions', |
|
272 | 272 | action='update_global_perms', conditions={'method': ['PUT']}) |
|
273 | 273 | |
|
274 | 274 | m.connect('edit_user_perms_summary', '/users/{user_id}/edit/permissions_summary', |
|
275 | 275 | action='edit_perms_summary', conditions={'method': ['GET']}) |
|
276 | 276 | |
|
277 | 277 | # ADMIN USER GROUPS REST ROUTES |
|
278 | 278 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
279 | 279 | controller='admin/user_groups') as m: |
|
280 | 280 | m.connect('users_groups', '/user_groups', |
|
281 | 281 | action='create', conditions={'method': ['POST']}) |
|
282 | 282 | m.connect('users_groups', '/user_groups', |
|
283 | 283 | action='index', conditions={'method': ['GET']}) |
|
284 | 284 | m.connect('new_users_group', '/user_groups/new', |
|
285 | 285 | action='new', conditions={'method': ['GET']}) |
|
286 | 286 | m.connect('update_users_group', '/user_groups/{user_group_id}', |
|
287 | 287 | action='update', conditions={'method': ['PUT']}) |
|
288 | 288 | m.connect('delete_users_group', '/user_groups/{user_group_id}', |
|
289 | 289 | action='delete', conditions={'method': ['DELETE']}) |
|
290 | 290 | m.connect('edit_users_group', '/user_groups/{user_group_id}/edit', |
|
291 | 291 | action='edit', conditions={'method': ['GET']}, |
|
292 | 292 | function=check_user_group) |
|
293 | 293 | |
|
294 | 294 | # EXTRAS USER GROUP ROUTES |
|
295 | 295 | m.connect('edit_user_group_global_perms', |
|
296 | 296 | '/user_groups/{user_group_id}/edit/global_permissions', |
|
297 | 297 | action='edit_global_perms', conditions={'method': ['GET']}) |
|
298 | 298 | m.connect('edit_user_group_global_perms', |
|
299 | 299 | '/user_groups/{user_group_id}/edit/global_permissions', |
|
300 | 300 | action='update_global_perms', conditions={'method': ['PUT']}) |
|
301 | 301 | m.connect('edit_user_group_perms_summary', |
|
302 | 302 | '/user_groups/{user_group_id}/edit/permissions_summary', |
|
303 | 303 | action='edit_perms_summary', conditions={'method': ['GET']}) |
|
304 | 304 | |
|
305 | 305 | m.connect('edit_user_group_perms', |
|
306 | 306 | '/user_groups/{user_group_id}/edit/permissions', |
|
307 | 307 | action='edit_perms', conditions={'method': ['GET']}) |
|
308 | 308 | m.connect('edit_user_group_perms', |
|
309 | 309 | '/user_groups/{user_group_id}/edit/permissions', |
|
310 | 310 | action='update_perms', conditions={'method': ['PUT']}) |
|
311 | 311 | |
|
312 | 312 | m.connect('edit_user_group_advanced', |
|
313 | 313 | '/user_groups/{user_group_id}/edit/advanced', |
|
314 | 314 | action='edit_advanced', conditions={'method': ['GET']}) |
|
315 | 315 | |
|
316 | 316 | m.connect('edit_user_group_advanced_sync', |
|
317 | 317 | '/user_groups/{user_group_id}/edit/advanced/sync', |
|
318 | 318 | action='edit_advanced_set_synchronization', conditions={'method': ['POST']}) |
|
319 | 319 | |
|
320 | 320 | m.connect('edit_user_group_members', |
|
321 | 321 | '/user_groups/{user_group_id}/edit/members', jsroute=True, |
|
322 | 322 | action='user_group_members', conditions={'method': ['GET']}) |
|
323 | 323 | |
|
324 | # ADMIN PERMISSIONS ROUTES | |
|
325 | with rmap.submapper(path_prefix=ADMIN_PREFIX, | |
|
326 | controller='admin/permissions') as m: | |
|
327 | m.connect('admin_permissions_application', '/permissions/application', | |
|
328 | action='permission_application_update', conditions={'method': ['POST']}) | |
|
329 | m.connect('admin_permissions_application', '/permissions/application', | |
|
330 | action='permission_application', conditions={'method': ['GET']}) | |
|
331 | ||
|
332 | m.connect('admin_permissions_global', '/permissions/global', | |
|
333 | action='permission_global_update', conditions={'method': ['POST']}) | |
|
334 | m.connect('admin_permissions_global', '/permissions/global', | |
|
335 | action='permission_global', conditions={'method': ['GET']}) | |
|
336 | ||
|
337 | m.connect('admin_permissions_object', '/permissions/object', | |
|
338 | action='permission_objects_update', conditions={'method': ['POST']}) | |
|
339 | m.connect('admin_permissions_object', '/permissions/object', | |
|
340 | action='permission_objects', conditions={'method': ['GET']}) | |
|
341 | ||
|
342 | m.connect('admin_permissions_ips', '/permissions/ips', | |
|
343 | action='permission_ips', conditions={'method': ['POST']}) | |
|
344 | m.connect('admin_permissions_ips', '/permissions/ips', | |
|
345 | action='permission_ips', conditions={'method': ['GET']}) | |
|
346 | ||
|
347 | m.connect('admin_permissions_overview', '/permissions/overview', | |
|
348 | action='permission_perms', conditions={'method': ['GET']}) | |
|
349 | ||
|
350 | 324 | # ADMIN DEFAULTS REST ROUTES |
|
351 | 325 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
352 | 326 | controller='admin/defaults') as m: |
|
353 | 327 | m.connect('admin_defaults_repositories', '/defaults/repositories', |
|
354 | 328 | action='update_repository_defaults', conditions={'method': ['POST']}) |
|
355 | 329 | m.connect('admin_defaults_repositories', '/defaults/repositories', |
|
356 | 330 | action='index', conditions={'method': ['GET']}) |
|
357 | 331 | |
|
358 | 332 | # ADMIN SETTINGS ROUTES |
|
359 | 333 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
360 | 334 | controller='admin/settings') as m: |
|
361 | 335 | |
|
362 | 336 | # default |
|
363 | 337 | m.connect('admin_settings', '/settings', |
|
364 | 338 | action='settings_global_update', |
|
365 | 339 | conditions={'method': ['POST']}) |
|
366 | 340 | m.connect('admin_settings', '/settings', |
|
367 | 341 | action='settings_global', conditions={'method': ['GET']}) |
|
368 | 342 | |
|
369 | 343 | m.connect('admin_settings_vcs', '/settings/vcs', |
|
370 | 344 | action='settings_vcs_update', |
|
371 | 345 | conditions={'method': ['POST']}) |
|
372 | 346 | m.connect('admin_settings_vcs', '/settings/vcs', |
|
373 | 347 | action='settings_vcs', |
|
374 | 348 | conditions={'method': ['GET']}) |
|
375 | 349 | m.connect('admin_settings_vcs', '/settings/vcs', |
|
376 | 350 | action='delete_svn_pattern', |
|
377 | 351 | conditions={'method': ['DELETE']}) |
|
378 | 352 | |
|
379 | 353 | m.connect('admin_settings_mapping', '/settings/mapping', |
|
380 | 354 | action='settings_mapping_update', |
|
381 | 355 | conditions={'method': ['POST']}) |
|
382 | 356 | m.connect('admin_settings_mapping', '/settings/mapping', |
|
383 | 357 | action='settings_mapping', conditions={'method': ['GET']}) |
|
384 | 358 | |
|
385 | 359 | m.connect('admin_settings_global', '/settings/global', |
|
386 | 360 | action='settings_global_update', |
|
387 | 361 | conditions={'method': ['POST']}) |
|
388 | 362 | m.connect('admin_settings_global', '/settings/global', |
|
389 | 363 | action='settings_global', conditions={'method': ['GET']}) |
|
390 | 364 | |
|
391 | 365 | m.connect('admin_settings_visual', '/settings/visual', |
|
392 | 366 | action='settings_visual_update', |
|
393 | 367 | conditions={'method': ['POST']}) |
|
394 | 368 | m.connect('admin_settings_visual', '/settings/visual', |
|
395 | 369 | action='settings_visual', conditions={'method': ['GET']}) |
|
396 | 370 | |
|
397 | 371 | m.connect('admin_settings_issuetracker', |
|
398 | 372 | '/settings/issue-tracker', action='settings_issuetracker', |
|
399 | 373 | conditions={'method': ['GET']}) |
|
400 | 374 | m.connect('admin_settings_issuetracker_save', |
|
401 | 375 | '/settings/issue-tracker/save', |
|
402 | 376 | action='settings_issuetracker_save', |
|
403 | 377 | conditions={'method': ['POST']}) |
|
404 | 378 | m.connect('admin_issuetracker_test', '/settings/issue-tracker/test', |
|
405 | 379 | action='settings_issuetracker_test', |
|
406 | 380 | conditions={'method': ['POST']}) |
|
407 | 381 | m.connect('admin_issuetracker_delete', |
|
408 | 382 | '/settings/issue-tracker/delete', |
|
409 | 383 | action='settings_issuetracker_delete', |
|
410 | 384 | conditions={'method': ['DELETE']}) |
|
411 | 385 | |
|
412 | 386 | m.connect('admin_settings_email', '/settings/email', |
|
413 | 387 | action='settings_email_update', |
|
414 | 388 | conditions={'method': ['POST']}) |
|
415 | 389 | m.connect('admin_settings_email', '/settings/email', |
|
416 | 390 | action='settings_email', conditions={'method': ['GET']}) |
|
417 | 391 | |
|
418 | 392 | m.connect('admin_settings_hooks', '/settings/hooks', |
|
419 | 393 | action='settings_hooks_update', |
|
420 | 394 | conditions={'method': ['POST', 'DELETE']}) |
|
421 | 395 | m.connect('admin_settings_hooks', '/settings/hooks', |
|
422 | 396 | action='settings_hooks', conditions={'method': ['GET']}) |
|
423 | 397 | |
|
424 | 398 | m.connect('admin_settings_search', '/settings/search', |
|
425 | 399 | action='settings_search', conditions={'method': ['GET']}) |
|
426 | 400 | |
|
427 | 401 | m.connect('admin_settings_supervisor', '/settings/supervisor', |
|
428 | 402 | action='settings_supervisor', conditions={'method': ['GET']}) |
|
429 | 403 | m.connect('admin_settings_supervisor_log', '/settings/supervisor/{procid}/log', |
|
430 | 404 | action='settings_supervisor_log', conditions={'method': ['GET']}) |
|
431 | 405 | |
|
432 | 406 | m.connect('admin_settings_labs', '/settings/labs', |
|
433 | 407 | action='settings_labs_update', |
|
434 | 408 | conditions={'method': ['POST']}) |
|
435 | 409 | m.connect('admin_settings_labs', '/settings/labs', |
|
436 | 410 | action='settings_labs', conditions={'method': ['GET']}) |
|
437 | 411 | |
|
438 | 412 | # ADMIN MY ACCOUNT |
|
439 | 413 | with rmap.submapper(path_prefix=ADMIN_PREFIX, |
|
440 | 414 | controller='admin/my_account') as m: |
|
441 | 415 | |
|
442 | 416 | # NOTE(marcink): this needs to be kept for password force flag to be |
|
443 | 417 | # handled in pylons controllers, remove after full migration to pyramid |
|
444 | 418 | m.connect('my_account_password', '/my_account/password', |
|
445 | 419 | action='my_account_password', conditions={'method': ['GET']}) |
|
446 | 420 | |
|
447 | 421 | #========================================================================== |
|
448 | 422 | # REPOSITORY ROUTES |
|
449 | 423 | #========================================================================== |
|
450 | 424 | |
|
451 | 425 | rmap.connect('repo_creating_home', '/{repo_name}/repo_creating', |
|
452 | 426 | controller='admin/repos', action='repo_creating', |
|
453 | 427 | requirements=URL_NAME_REQUIREMENTS) |
|
454 | 428 | rmap.connect('repo_check_home', '/{repo_name}/crepo_check', |
|
455 | 429 | controller='admin/repos', action='repo_check', |
|
456 | 430 | requirements=URL_NAME_REQUIREMENTS) |
|
457 | 431 | |
|
458 | 432 | rmap.connect('changeset_home', '/{repo_name}/changeset/{revision}', |
|
459 | 433 | controller='changeset', revision='tip', |
|
460 | 434 | conditions={'function': check_repo}, |
|
461 | 435 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
462 | 436 | rmap.connect('changeset_children', '/{repo_name}/changeset_children/{revision}', |
|
463 | 437 | controller='changeset', revision='tip', action='changeset_children', |
|
464 | 438 | conditions={'function': check_repo}, |
|
465 | 439 | requirements=URL_NAME_REQUIREMENTS) |
|
466 | 440 | rmap.connect('changeset_parents', '/{repo_name}/changeset_parents/{revision}', |
|
467 | 441 | controller='changeset', revision='tip', action='changeset_parents', |
|
468 | 442 | conditions={'function': check_repo}, |
|
469 | 443 | requirements=URL_NAME_REQUIREMENTS) |
|
470 | 444 | |
|
471 | 445 | # repo edit options |
|
472 | 446 | rmap.connect('edit_repo_fields', '/{repo_name}/settings/fields', |
|
473 | 447 | controller='admin/repos', action='edit_fields', |
|
474 | 448 | conditions={'method': ['GET'], 'function': check_repo}, |
|
475 | 449 | requirements=URL_NAME_REQUIREMENTS) |
|
476 | 450 | rmap.connect('create_repo_fields', '/{repo_name}/settings/fields/new', |
|
477 | 451 | controller='admin/repos', action='create_repo_field', |
|
478 | 452 | conditions={'method': ['PUT'], 'function': check_repo}, |
|
479 | 453 | requirements=URL_NAME_REQUIREMENTS) |
|
480 | 454 | rmap.connect('delete_repo_fields', '/{repo_name}/settings/fields/{field_id}', |
|
481 | 455 | controller='admin/repos', action='delete_repo_field', |
|
482 | 456 | conditions={'method': ['DELETE'], 'function': check_repo}, |
|
483 | 457 | requirements=URL_NAME_REQUIREMENTS) |
|
484 | 458 | |
|
485 | 459 | rmap.connect('toggle_locking', '/{repo_name}/settings/advanced/locking_toggle', |
|
486 | 460 | controller='admin/repos', action='toggle_locking', |
|
487 | 461 | conditions={'method': ['GET'], 'function': check_repo}, |
|
488 | 462 | requirements=URL_NAME_REQUIREMENTS) |
|
489 | 463 | |
|
490 | 464 | rmap.connect('edit_repo_remote', '/{repo_name}/settings/remote', |
|
491 | 465 | controller='admin/repos', action='edit_remote_form', |
|
492 | 466 | conditions={'method': ['GET'], 'function': check_repo}, |
|
493 | 467 | requirements=URL_NAME_REQUIREMENTS) |
|
494 | 468 | rmap.connect('edit_repo_remote', '/{repo_name}/settings/remote', |
|
495 | 469 | controller='admin/repos', action='edit_remote', |
|
496 | 470 | conditions={'method': ['PUT'], 'function': check_repo}, |
|
497 | 471 | requirements=URL_NAME_REQUIREMENTS) |
|
498 | 472 | |
|
499 | 473 | rmap.connect('edit_repo_statistics', '/{repo_name}/settings/statistics', |
|
500 | 474 | controller='admin/repos', action='edit_statistics_form', |
|
501 | 475 | conditions={'method': ['GET'], 'function': check_repo}, |
|
502 | 476 | requirements=URL_NAME_REQUIREMENTS) |
|
503 | 477 | rmap.connect('edit_repo_statistics', '/{repo_name}/settings/statistics', |
|
504 | 478 | controller='admin/repos', action='edit_statistics', |
|
505 | 479 | conditions={'method': ['PUT'], 'function': check_repo}, |
|
506 | 480 | requirements=URL_NAME_REQUIREMENTS) |
|
507 | 481 | rmap.connect('repo_settings_issuetracker', |
|
508 | 482 | '/{repo_name}/settings/issue-tracker', |
|
509 | 483 | controller='admin/repos', action='repo_issuetracker', |
|
510 | 484 | conditions={'method': ['GET'], 'function': check_repo}, |
|
511 | 485 | requirements=URL_NAME_REQUIREMENTS) |
|
512 | 486 | rmap.connect('repo_issuetracker_test', |
|
513 | 487 | '/{repo_name}/settings/issue-tracker/test', |
|
514 | 488 | controller='admin/repos', action='repo_issuetracker_test', |
|
515 | 489 | conditions={'method': ['POST'], 'function': check_repo}, |
|
516 | 490 | requirements=URL_NAME_REQUIREMENTS) |
|
517 | 491 | rmap.connect('repo_issuetracker_delete', |
|
518 | 492 | '/{repo_name}/settings/issue-tracker/delete', |
|
519 | 493 | controller='admin/repos', action='repo_issuetracker_delete', |
|
520 | 494 | conditions={'method': ['DELETE'], 'function': check_repo}, |
|
521 | 495 | requirements=URL_NAME_REQUIREMENTS) |
|
522 | 496 | rmap.connect('repo_issuetracker_save', |
|
523 | 497 | '/{repo_name}/settings/issue-tracker/save', |
|
524 | 498 | controller='admin/repos', action='repo_issuetracker_save', |
|
525 | 499 | conditions={'method': ['POST'], 'function': check_repo}, |
|
526 | 500 | requirements=URL_NAME_REQUIREMENTS) |
|
527 | 501 | rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs', |
|
528 | 502 | controller='admin/repos', action='repo_settings_vcs_update', |
|
529 | 503 | conditions={'method': ['POST'], 'function': check_repo}, |
|
530 | 504 | requirements=URL_NAME_REQUIREMENTS) |
|
531 | 505 | rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs', |
|
532 | 506 | controller='admin/repos', action='repo_settings_vcs', |
|
533 | 507 | conditions={'method': ['GET'], 'function': check_repo}, |
|
534 | 508 | requirements=URL_NAME_REQUIREMENTS) |
|
535 | 509 | rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs', |
|
536 | 510 | controller='admin/repos', action='repo_delete_svn_pattern', |
|
537 | 511 | conditions={'method': ['DELETE'], 'function': check_repo}, |
|
538 | 512 | requirements=URL_NAME_REQUIREMENTS) |
|
539 | 513 | rmap.connect('repo_pullrequest_settings', '/{repo_name}/settings/pullrequest', |
|
540 | 514 | controller='admin/repos', action='repo_settings_pullrequest', |
|
541 | 515 | conditions={'method': ['GET', 'POST'], 'function': check_repo}, |
|
542 | 516 | requirements=URL_NAME_REQUIREMENTS) |
|
543 | 517 | |
|
544 | 518 | # still working url for backward compat. |
|
545 | 519 | rmap.connect('raw_changeset_home_depraced', |
|
546 | 520 | '/{repo_name}/raw-changeset/{revision}', |
|
547 | 521 | controller='changeset', action='changeset_raw', |
|
548 | 522 | revision='tip', conditions={'function': check_repo}, |
|
549 | 523 | requirements=URL_NAME_REQUIREMENTS) |
|
550 | 524 | |
|
551 | 525 | # new URLs |
|
552 | 526 | rmap.connect('changeset_raw_home', |
|
553 | 527 | '/{repo_name}/changeset-diff/{revision}', |
|
554 | 528 | controller='changeset', action='changeset_raw', |
|
555 | 529 | revision='tip', conditions={'function': check_repo}, |
|
556 | 530 | requirements=URL_NAME_REQUIREMENTS) |
|
557 | 531 | |
|
558 | 532 | rmap.connect('changeset_patch_home', |
|
559 | 533 | '/{repo_name}/changeset-patch/{revision}', |
|
560 | 534 | controller='changeset', action='changeset_patch', |
|
561 | 535 | revision='tip', conditions={'function': check_repo}, |
|
562 | 536 | requirements=URL_NAME_REQUIREMENTS) |
|
563 | 537 | |
|
564 | 538 | rmap.connect('changeset_download_home', |
|
565 | 539 | '/{repo_name}/changeset-download/{revision}', |
|
566 | 540 | controller='changeset', action='changeset_download', |
|
567 | 541 | revision='tip', conditions={'function': check_repo}, |
|
568 | 542 | requirements=URL_NAME_REQUIREMENTS) |
|
569 | 543 | |
|
570 | 544 | rmap.connect('changeset_comment', |
|
571 | 545 | '/{repo_name}/changeset/{revision}/comment', jsroute=True, |
|
572 | 546 | controller='changeset', revision='tip', action='comment', |
|
573 | 547 | conditions={'function': check_repo}, |
|
574 | 548 | requirements=URL_NAME_REQUIREMENTS) |
|
575 | 549 | |
|
576 | 550 | rmap.connect('changeset_comment_preview', |
|
577 | 551 | '/{repo_name}/changeset/comment/preview', jsroute=True, |
|
578 | 552 | controller='changeset', action='preview_comment', |
|
579 | 553 | conditions={'function': check_repo, 'method': ['POST']}, |
|
580 | 554 | requirements=URL_NAME_REQUIREMENTS) |
|
581 | 555 | |
|
582 | 556 | rmap.connect('changeset_comment_delete', |
|
583 | 557 | '/{repo_name}/changeset/comment/{comment_id}/delete', |
|
584 | 558 | controller='changeset', action='delete_comment', |
|
585 | 559 | conditions={'function': check_repo, 'method': ['DELETE']}, |
|
586 | 560 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
587 | 561 | |
|
588 | 562 | rmap.connect('changeset_info', '/{repo_name}/changeset_info/{revision}', |
|
589 | 563 | controller='changeset', action='changeset_info', |
|
590 | 564 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
591 | 565 | |
|
592 | 566 | rmap.connect('compare_home', |
|
593 | 567 | '/{repo_name}/compare', |
|
594 | 568 | controller='compare', action='index', |
|
595 | 569 | conditions={'function': check_repo}, |
|
596 | 570 | requirements=URL_NAME_REQUIREMENTS) |
|
597 | 571 | |
|
598 | 572 | rmap.connect('compare_url', |
|
599 | 573 | '/{repo_name}/compare/{source_ref_type}@{source_ref:.*?}...{target_ref_type}@{target_ref:.*?}', |
|
600 | 574 | controller='compare', action='compare', |
|
601 | 575 | conditions={'function': check_repo}, |
|
602 | 576 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
603 | 577 | |
|
604 | 578 | rmap.connect('pullrequest_home', |
|
605 | 579 | '/{repo_name}/pull-request/new', controller='pullrequests', |
|
606 | 580 | action='index', conditions={'function': check_repo, |
|
607 | 581 | 'method': ['GET']}, |
|
608 | 582 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
609 | 583 | |
|
610 | 584 | rmap.connect('pullrequest', |
|
611 | 585 | '/{repo_name}/pull-request/new', controller='pullrequests', |
|
612 | 586 | action='create', conditions={'function': check_repo, |
|
613 | 587 | 'method': ['POST']}, |
|
614 | 588 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
615 | 589 | |
|
616 | 590 | rmap.connect('pullrequest_repo_refs', |
|
617 | 591 | '/{repo_name}/pull-request/refs/{target_repo_name:.*?[^/]}', |
|
618 | 592 | controller='pullrequests', |
|
619 | 593 | action='get_repo_refs', |
|
620 | 594 | conditions={'function': check_repo, 'method': ['GET']}, |
|
621 | 595 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
622 | 596 | |
|
623 | 597 | rmap.connect('pullrequest_repo_destinations', |
|
624 | 598 | '/{repo_name}/pull-request/repo-destinations', |
|
625 | 599 | controller='pullrequests', |
|
626 | 600 | action='get_repo_destinations', |
|
627 | 601 | conditions={'function': check_repo, 'method': ['GET']}, |
|
628 | 602 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
629 | 603 | |
|
630 | 604 | rmap.connect('pullrequest_show', |
|
631 | 605 | '/{repo_name}/pull-request/{pull_request_id}', |
|
632 | 606 | controller='pullrequests', |
|
633 | 607 | action='show', conditions={'function': check_repo, |
|
634 | 608 | 'method': ['GET']}, |
|
635 | 609 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
636 | 610 | |
|
637 | 611 | rmap.connect('pullrequest_update', |
|
638 | 612 | '/{repo_name}/pull-request/{pull_request_id}', |
|
639 | 613 | controller='pullrequests', |
|
640 | 614 | action='update', conditions={'function': check_repo, |
|
641 | 615 | 'method': ['PUT']}, |
|
642 | 616 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
643 | 617 | |
|
644 | 618 | rmap.connect('pullrequest_merge', |
|
645 | 619 | '/{repo_name}/pull-request/{pull_request_id}', |
|
646 | 620 | controller='pullrequests', |
|
647 | 621 | action='merge', conditions={'function': check_repo, |
|
648 | 622 | 'method': ['POST']}, |
|
649 | 623 | requirements=URL_NAME_REQUIREMENTS) |
|
650 | 624 | |
|
651 | 625 | rmap.connect('pullrequest_delete', |
|
652 | 626 | '/{repo_name}/pull-request/{pull_request_id}', |
|
653 | 627 | controller='pullrequests', |
|
654 | 628 | action='delete', conditions={'function': check_repo, |
|
655 | 629 | 'method': ['DELETE']}, |
|
656 | 630 | requirements=URL_NAME_REQUIREMENTS) |
|
657 | 631 | |
|
658 | 632 | rmap.connect('pullrequest_comment', |
|
659 | 633 | '/{repo_name}/pull-request-comment/{pull_request_id}', |
|
660 | 634 | controller='pullrequests', |
|
661 | 635 | action='comment', conditions={'function': check_repo, |
|
662 | 636 | 'method': ['POST']}, |
|
663 | 637 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
664 | 638 | |
|
665 | 639 | rmap.connect('pullrequest_comment_delete', |
|
666 | 640 | '/{repo_name}/pull-request-comment/{comment_id}/delete', |
|
667 | 641 | controller='pullrequests', action='delete_comment', |
|
668 | 642 | conditions={'function': check_repo, 'method': ['DELETE']}, |
|
669 | 643 | requirements=URL_NAME_REQUIREMENTS, jsroute=True) |
|
670 | 644 | |
|
671 | 645 | rmap.connect('repo_fork_create_home', '/{repo_name}/fork', |
|
672 | 646 | controller='forks', action='fork_create', |
|
673 | 647 | conditions={'function': check_repo, 'method': ['POST']}, |
|
674 | 648 | requirements=URL_NAME_REQUIREMENTS) |
|
675 | 649 | |
|
676 | 650 | rmap.connect('repo_fork_home', '/{repo_name}/fork', |
|
677 | 651 | controller='forks', action='fork', |
|
678 | 652 | conditions={'function': check_repo}, |
|
679 | 653 | requirements=URL_NAME_REQUIREMENTS) |
|
680 | 654 | |
|
681 | 655 | rmap.connect('repo_forks_home', '/{repo_name}/forks', |
|
682 | 656 | controller='forks', action='forks', |
|
683 | 657 | conditions={'function': check_repo}, |
|
684 | 658 | requirements=URL_NAME_REQUIREMENTS) |
|
685 | 659 | |
|
686 | 660 | return rmap |
@@ -1,483 +1,484 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | """ |
|
22 | 22 | permissions model for RhodeCode |
|
23 | 23 | """ |
|
24 | 24 | |
|
25 | 25 | |
|
26 | 26 | import logging |
|
27 | 27 | import traceback |
|
28 | 28 | |
|
29 | 29 | from sqlalchemy.exc import DatabaseError |
|
30 | 30 | |
|
31 | 31 | from rhodecode.model import BaseModel |
|
32 | 32 | from rhodecode.model.db import ( |
|
33 | 33 | User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm, |
|
34 | 34 | UserUserGroupToPerm, UserGroup, UserGroupToPerm) |
|
35 | 35 | from rhodecode.lib.utils2 import str2bool, safe_int |
|
36 | 36 | |
|
37 | 37 | log = logging.getLogger(__name__) |
|
38 | 38 | |
|
39 | 39 | |
|
40 | 40 | class PermissionModel(BaseModel): |
|
41 | 41 | """ |
|
42 | 42 | Permissions model for RhodeCode |
|
43 | 43 | """ |
|
44 | 44 | |
|
45 | 45 | cls = Permission |
|
46 | 46 | global_perms = { |
|
47 | 47 | 'default_repo_create': None, |
|
48 | 48 | # special case for create repos on write access to group |
|
49 | 49 | 'default_repo_create_on_write': None, |
|
50 | 50 | 'default_repo_group_create': None, |
|
51 | 51 | 'default_user_group_create': None, |
|
52 | 52 | 'default_fork_create': None, |
|
53 | 53 | 'default_inherit_default_permissions': None, |
|
54 | 54 | 'default_register': None, |
|
55 | 55 | 'default_password_reset': None, |
|
56 | 56 | 'default_extern_activate': None, |
|
57 | 57 | |
|
58 | 58 | # object permissions below |
|
59 | 59 | 'default_repo_perm': None, |
|
60 | 60 | 'default_group_perm': None, |
|
61 | 61 | 'default_user_group_perm': None, |
|
62 | 62 | } |
|
63 | 63 | |
|
64 | 64 | def set_global_permission_choices(self, c_obj, gettext_translator): |
|
65 | _ = gettext_translator | |
|
65 | 66 | |
|
66 | 67 | c_obj.repo_perms_choices = [ |
|
67 |
('repository.none', |
|
|
68 |
('repository.read', |
|
|
69 |
('repository.write', |
|
|
70 |
('repository.admin', |
|
|
68 | ('repository.none', _('None'),), | |
|
69 | ('repository.read', _('Read'),), | |
|
70 | ('repository.write', _('Write'),), | |
|
71 | ('repository.admin', _('Admin'),)] | |
|
71 | 72 | |
|
72 | 73 | c_obj.group_perms_choices = [ |
|
73 |
('group.none', |
|
|
74 |
('group.read', |
|
|
75 |
('group.write', |
|
|
76 |
('group.admin', |
|
|
74 | ('group.none', _('None'),), | |
|
75 | ('group.read', _('Read'),), | |
|
76 | ('group.write', _('Write'),), | |
|
77 | ('group.admin', _('Admin'),)] | |
|
77 | 78 | |
|
78 | 79 | c_obj.user_group_perms_choices = [ |
|
79 |
('usergroup.none', |
|
|
80 |
('usergroup.read', |
|
|
81 |
('usergroup.write', |
|
|
82 |
('usergroup.admin', |
|
|
80 | ('usergroup.none', _('None'),), | |
|
81 | ('usergroup.read', _('Read'),), | |
|
82 | ('usergroup.write', _('Write'),), | |
|
83 | ('usergroup.admin', _('Admin'),)] | |
|
83 | 84 | |
|
84 | 85 | c_obj.register_choices = [ |
|
85 |
('hg.register.none', |
|
|
86 |
('hg.register.manual_activate', |
|
|
87 |
('hg.register.auto_activate', |
|
|
86 | ('hg.register.none', _('Disabled')), | |
|
87 | ('hg.register.manual_activate', _('Allowed with manual account activation')), | |
|
88 | ('hg.register.auto_activate', _('Allowed with automatic account activation')),] | |
|
88 | 89 | |
|
89 | 90 | c_obj.password_reset_choices = [ |
|
90 |
('hg.password_reset.enabled', |
|
|
91 |
('hg.password_reset.hidden', |
|
|
92 |
('hg.password_reset.disabled', |
|
|
91 | ('hg.password_reset.enabled', _('Allow password recovery')), | |
|
92 | ('hg.password_reset.hidden', _('Hide password recovery link')), | |
|
93 | ('hg.password_reset.disabled', _('Disable password recovery')),] | |
|
93 | 94 | |
|
94 | 95 | c_obj.extern_activate_choices = [ |
|
95 |
('hg.extern_activate.manual', |
|
|
96 |
('hg.extern_activate.auto', |
|
|
96 | ('hg.extern_activate.manual', _('Manual activation of external account')), | |
|
97 | ('hg.extern_activate.auto', _('Automatic activation of external account')),] | |
|
97 | 98 | |
|
98 | 99 | c_obj.repo_create_choices = [ |
|
99 |
('hg.create.none', |
|
|
100 |
('hg.create.repository', |
|
|
100 | ('hg.create.none', _('Disabled')), | |
|
101 | ('hg.create.repository', _('Enabled'))] | |
|
101 | 102 | |
|
102 | 103 | c_obj.repo_create_on_write_choices = [ |
|
103 |
('hg.create.write_on_repogroup.false', |
|
|
104 |
('hg.create.write_on_repogroup.true', |
|
|
104 | ('hg.create.write_on_repogroup.false', _('Disabled')), | |
|
105 | ('hg.create.write_on_repogroup.true', _('Enabled'))] | |
|
105 | 106 | |
|
106 | 107 | c_obj.user_group_create_choices = [ |
|
107 |
('hg.usergroup.create.false', |
|
|
108 |
('hg.usergroup.create.true', |
|
|
108 | ('hg.usergroup.create.false', _('Disabled')), | |
|
109 | ('hg.usergroup.create.true', _('Enabled'))] | |
|
109 | 110 | |
|
110 | 111 | c_obj.repo_group_create_choices = [ |
|
111 |
('hg.repogroup.create.false', |
|
|
112 |
('hg.repogroup.create.true', |
|
|
112 | ('hg.repogroup.create.false', _('Disabled')), | |
|
113 | ('hg.repogroup.create.true', _('Enabled'))] | |
|
113 | 114 | |
|
114 | 115 | c_obj.fork_choices = [ |
|
115 |
('hg.fork.none', |
|
|
116 |
('hg.fork.repository', |
|
|
116 | ('hg.fork.none', _('Disabled')), | |
|
117 | ('hg.fork.repository', _('Enabled'))] | |
|
117 | 118 | |
|
118 | 119 | c_obj.inherit_default_permission_choices = [ |
|
119 |
('hg.inherit_default_perms.false', |
|
|
120 |
('hg.inherit_default_perms.true', |
|
|
120 | ('hg.inherit_default_perms.false', _('Disabled')), | |
|
121 | ('hg.inherit_default_perms.true', _('Enabled'))] | |
|
121 | 122 | |
|
122 | 123 | def get_default_perms(self, object_perms, suffix): |
|
123 | 124 | defaults = {} |
|
124 | 125 | for perm in object_perms: |
|
125 | 126 | # perms |
|
126 | 127 | if perm.permission.permission_name.startswith('repository.'): |
|
127 | 128 | defaults['default_repo_perm' + suffix] = perm.permission.permission_name |
|
128 | 129 | |
|
129 | 130 | if perm.permission.permission_name.startswith('group.'): |
|
130 | 131 | defaults['default_group_perm' + suffix] = perm.permission.permission_name |
|
131 | 132 | |
|
132 | 133 | if perm.permission.permission_name.startswith('usergroup.'): |
|
133 | 134 | defaults['default_user_group_perm' + suffix] = perm.permission.permission_name |
|
134 | 135 | |
|
135 | 136 | # creation of objects |
|
136 | 137 | if perm.permission.permission_name.startswith('hg.create.write_on_repogroup'): |
|
137 | 138 | defaults['default_repo_create_on_write' + suffix] = perm.permission.permission_name |
|
138 | 139 | |
|
139 | 140 | elif perm.permission.permission_name.startswith('hg.create.'): |
|
140 | 141 | defaults['default_repo_create' + suffix] = perm.permission.permission_name |
|
141 | 142 | |
|
142 | 143 | if perm.permission.permission_name.startswith('hg.fork.'): |
|
143 | 144 | defaults['default_fork_create' + suffix] = perm.permission.permission_name |
|
144 | 145 | |
|
145 | 146 | if perm.permission.permission_name.startswith('hg.inherit_default_perms.'): |
|
146 | 147 | defaults['default_inherit_default_permissions' + suffix] = perm.permission.permission_name |
|
147 | 148 | |
|
148 | 149 | if perm.permission.permission_name.startswith('hg.repogroup.'): |
|
149 | 150 | defaults['default_repo_group_create' + suffix] = perm.permission.permission_name |
|
150 | 151 | |
|
151 | 152 | if perm.permission.permission_name.startswith('hg.usergroup.'): |
|
152 | 153 | defaults['default_user_group_create' + suffix] = perm.permission.permission_name |
|
153 | 154 | |
|
154 | 155 | # registration and external account activation |
|
155 | 156 | if perm.permission.permission_name.startswith('hg.register.'): |
|
156 | 157 | defaults['default_register' + suffix] = perm.permission.permission_name |
|
157 | 158 | |
|
158 | 159 | if perm.permission.permission_name.startswith('hg.password_reset.'): |
|
159 | 160 | defaults['default_password_reset' + suffix] = perm.permission.permission_name |
|
160 | 161 | |
|
161 | 162 | if perm.permission.permission_name.startswith('hg.extern_activate.'): |
|
162 | 163 | defaults['default_extern_activate' + suffix] = perm.permission.permission_name |
|
163 | 164 | |
|
164 | 165 | return defaults |
|
165 | 166 | |
|
166 | 167 | def _make_new_user_perm(self, user, perm_name): |
|
167 | 168 | log.debug('Creating new user permission:%s', perm_name) |
|
168 | 169 | new = UserToPerm() |
|
169 | 170 | new.user = user |
|
170 | 171 | new.permission = Permission.get_by_key(perm_name) |
|
171 | 172 | return new |
|
172 | 173 | |
|
173 | 174 | def _make_new_user_group_perm(self, user_group, perm_name): |
|
174 | 175 | log.debug('Creating new user group permission:%s', perm_name) |
|
175 | 176 | new = UserGroupToPerm() |
|
176 | 177 | new.users_group = user_group |
|
177 | 178 | new.permission = Permission.get_by_key(perm_name) |
|
178 | 179 | return new |
|
179 | 180 | |
|
180 | 181 | def _keep_perm(self, perm_name, keep_fields): |
|
181 | 182 | def get_pat(field_name): |
|
182 | 183 | return { |
|
183 | 184 | # global perms |
|
184 | 185 | 'default_repo_create': 'hg.create.', |
|
185 | 186 | # special case for create repos on write access to group |
|
186 | 187 | 'default_repo_create_on_write': 'hg.create.write_on_repogroup.', |
|
187 | 188 | 'default_repo_group_create': 'hg.repogroup.create.', |
|
188 | 189 | 'default_user_group_create': 'hg.usergroup.create.', |
|
189 | 190 | 'default_fork_create': 'hg.fork.', |
|
190 | 191 | 'default_inherit_default_permissions': 'hg.inherit_default_perms.', |
|
191 | 192 | |
|
192 | 193 | # application perms |
|
193 | 194 | 'default_register': 'hg.register.', |
|
194 | 195 | 'default_password_reset': 'hg.password_reset.', |
|
195 | 196 | 'default_extern_activate': 'hg.extern_activate.', |
|
196 | 197 | |
|
197 | 198 | # object permissions below |
|
198 | 199 | 'default_repo_perm': 'repository.', |
|
199 | 200 | 'default_group_perm': 'group.', |
|
200 | 201 | 'default_user_group_perm': 'usergroup.', |
|
201 | 202 | }[field_name] |
|
202 | 203 | for field in keep_fields: |
|
203 | 204 | pat = get_pat(field) |
|
204 | 205 | if perm_name.startswith(pat): |
|
205 | 206 | return True |
|
206 | 207 | return False |
|
207 | 208 | |
|
208 | 209 | def _clear_object_perm(self, object_perms, preserve=None): |
|
209 | 210 | preserve = preserve or [] |
|
210 | 211 | _deleted = [] |
|
211 | 212 | for perm in object_perms: |
|
212 | 213 | perm_name = perm.permission.permission_name |
|
213 | 214 | if not self._keep_perm(perm_name, keep_fields=preserve): |
|
214 | 215 | _deleted.append(perm_name) |
|
215 | 216 | self.sa.delete(perm) |
|
216 | 217 | return _deleted |
|
217 | 218 | |
|
218 | 219 | def _clear_user_perms(self, user_id, preserve=None): |
|
219 | 220 | perms = self.sa.query(UserToPerm)\ |
|
220 | 221 | .filter(UserToPerm.user_id == user_id)\ |
|
221 | 222 | .all() |
|
222 | 223 | return self._clear_object_perm(perms, preserve=preserve) |
|
223 | 224 | |
|
224 | 225 | def _clear_user_group_perms(self, user_group_id, preserve=None): |
|
225 | 226 | perms = self.sa.query(UserGroupToPerm)\ |
|
226 | 227 | .filter(UserGroupToPerm.users_group_id == user_group_id)\ |
|
227 | 228 | .all() |
|
228 | 229 | return self._clear_object_perm(perms, preserve=preserve) |
|
229 | 230 | |
|
230 | 231 | def _set_new_object_perms(self, obj_type, object, form_result, preserve=None): |
|
231 | 232 | # clear current entries, to make this function idempotent |
|
232 | 233 | # it will fix even if we define more permissions or permissions |
|
233 | 234 | # are somehow missing |
|
234 | 235 | preserve = preserve or [] |
|
235 | 236 | _global_perms = self.global_perms.copy() |
|
236 | 237 | if obj_type not in ['user', 'user_group']: |
|
237 | 238 | raise ValueError("obj_type must be on of 'user' or 'user_group'") |
|
238 | 239 | if len(_global_perms) != len(Permission.DEFAULT_USER_PERMISSIONS): |
|
239 | 240 | raise Exception('Inconsistent permissions definition') |
|
240 | 241 | |
|
241 | 242 | if obj_type == 'user': |
|
242 | 243 | self._clear_user_perms(object.user_id, preserve) |
|
243 | 244 | if obj_type == 'user_group': |
|
244 | 245 | self._clear_user_group_perms(object.users_group_id, preserve) |
|
245 | 246 | |
|
246 | 247 | # now kill the keys that we want to preserve from the form. |
|
247 | 248 | for key in preserve: |
|
248 | 249 | del _global_perms[key] |
|
249 | 250 | |
|
250 | 251 | for k in _global_perms.copy(): |
|
251 | 252 | _global_perms[k] = form_result[k] |
|
252 | 253 | |
|
253 | 254 | # at that stage we validate all are passed inside form_result |
|
254 | 255 | for _perm_key, perm_value in _global_perms.items(): |
|
255 | 256 | if perm_value is None: |
|
256 | 257 | raise ValueError('Missing permission for %s' % (_perm_key,)) |
|
257 | 258 | |
|
258 | 259 | if obj_type == 'user': |
|
259 | 260 | p = self._make_new_user_perm(object, perm_value) |
|
260 | 261 | self.sa.add(p) |
|
261 | 262 | if obj_type == 'user_group': |
|
262 | 263 | p = self._make_new_user_group_perm(object, perm_value) |
|
263 | 264 | self.sa.add(p) |
|
264 | 265 | |
|
265 | 266 | def _set_new_user_perms(self, user, form_result, preserve=None): |
|
266 | 267 | return self._set_new_object_perms( |
|
267 | 268 | 'user', user, form_result, preserve) |
|
268 | 269 | |
|
269 | 270 | def _set_new_user_group_perms(self, user_group, form_result, preserve=None): |
|
270 | 271 | return self._set_new_object_perms( |
|
271 | 272 | 'user_group', user_group, form_result, preserve) |
|
272 | 273 | |
|
273 | 274 | def set_new_user_perms(self, user, form_result): |
|
274 | 275 | # calculate what to preserve from what is given in form_result |
|
275 | 276 | preserve = set(self.global_perms.keys()).difference(set(form_result.keys())) |
|
276 | 277 | return self._set_new_user_perms(user, form_result, preserve) |
|
277 | 278 | |
|
278 | 279 | def set_new_user_group_perms(self, user_group, form_result): |
|
279 | 280 | # calculate what to preserve from what is given in form_result |
|
280 | 281 | preserve = set(self.global_perms.keys()).difference(set(form_result.keys())) |
|
281 | 282 | return self._set_new_user_group_perms(user_group, form_result, preserve) |
|
282 | 283 | |
|
283 | 284 | def create_permissions(self): |
|
284 | 285 | """ |
|
285 | 286 | Create permissions for whole system |
|
286 | 287 | """ |
|
287 | 288 | for p in Permission.PERMS: |
|
288 | 289 | if not Permission.get_by_key(p[0]): |
|
289 | 290 | new_perm = Permission() |
|
290 | 291 | new_perm.permission_name = p[0] |
|
291 | 292 | new_perm.permission_longname = p[0] # translation err with p[1] |
|
292 | 293 | self.sa.add(new_perm) |
|
293 | 294 | |
|
294 | 295 | def _create_default_object_permission(self, obj_type, obj, obj_perms, |
|
295 | 296 | force=False): |
|
296 | 297 | if obj_type not in ['user', 'user_group']: |
|
297 | 298 | raise ValueError("obj_type must be on of 'user' or 'user_group'") |
|
298 | 299 | |
|
299 | 300 | def _get_group(perm_name): |
|
300 | 301 | return '.'.join(perm_name.split('.')[:1]) |
|
301 | 302 | |
|
302 | 303 | defined_perms_groups = map( |
|
303 | 304 | _get_group, (x.permission.permission_name for x in obj_perms)) |
|
304 | 305 | log.debug('GOT ALREADY DEFINED:%s', obj_perms) |
|
305 | 306 | |
|
306 | 307 | if force: |
|
307 | 308 | self._clear_object_perm(obj_perms) |
|
308 | 309 | self.sa.commit() |
|
309 | 310 | defined_perms_groups = [] |
|
310 | 311 | # for every default permission that needs to be created, we check if |
|
311 | 312 | # it's group is already defined, if it's not we create default perm |
|
312 | 313 | for perm_name in Permission.DEFAULT_USER_PERMISSIONS: |
|
313 | 314 | gr = _get_group(perm_name) |
|
314 | 315 | if gr not in defined_perms_groups: |
|
315 | 316 | log.debug('GR:%s not found, creating permission %s', |
|
316 | 317 | gr, perm_name) |
|
317 | 318 | if obj_type == 'user': |
|
318 | 319 | new_perm = self._make_new_user_perm(obj, perm_name) |
|
319 | 320 | self.sa.add(new_perm) |
|
320 | 321 | if obj_type == 'user_group': |
|
321 | 322 | new_perm = self._make_new_user_group_perm(obj, perm_name) |
|
322 | 323 | self.sa.add(new_perm) |
|
323 | 324 | |
|
324 | 325 | def create_default_user_permissions(self, user, force=False): |
|
325 | 326 | """ |
|
326 | 327 | Creates only missing default permissions for user, if force is set it |
|
327 | 328 | resets the default permissions for that user |
|
328 | 329 | |
|
329 | 330 | :param user: |
|
330 | 331 | :param force: |
|
331 | 332 | """ |
|
332 | 333 | user = self._get_user(user) |
|
333 | 334 | obj_perms = UserToPerm.query().filter(UserToPerm.user == user).all() |
|
334 | 335 | return self._create_default_object_permission( |
|
335 | 336 | 'user', user, obj_perms, force) |
|
336 | 337 | |
|
337 | 338 | def create_default_user_group_permissions(self, user_group, force=False): |
|
338 | 339 | """ |
|
339 | 340 | Creates only missing default permissions for user group, if force is set it |
|
340 | 341 | resets the default permissions for that user group |
|
341 | 342 | |
|
342 | 343 | :param user_group: |
|
343 | 344 | :param force: |
|
344 | 345 | """ |
|
345 | 346 | user_group = self._get_user_group(user_group) |
|
346 | 347 | obj_perms = UserToPerm.query().filter(UserGroupToPerm.users_group == user_group).all() |
|
347 | 348 | return self._create_default_object_permission( |
|
348 | 349 | 'user_group', user_group, obj_perms, force) |
|
349 | 350 | |
|
350 | 351 | def update_application_permissions(self, form_result): |
|
351 | 352 | if 'perm_user_id' in form_result: |
|
352 | 353 | perm_user = User.get(safe_int(form_result['perm_user_id'])) |
|
353 | 354 | else: |
|
354 | 355 | # used mostly to do lookup for default user |
|
355 | 356 | perm_user = User.get_by_username(form_result['perm_user_name']) |
|
356 | 357 | |
|
357 | 358 | try: |
|
358 | 359 | # stage 1 set anonymous access |
|
359 | 360 | if perm_user.username == User.DEFAULT_USER: |
|
360 | 361 | perm_user.active = str2bool(form_result['anonymous']) |
|
361 | 362 | self.sa.add(perm_user) |
|
362 | 363 | |
|
363 | 364 | # stage 2 reset defaults and set them from form data |
|
364 | 365 | self._set_new_user_perms(perm_user, form_result, preserve=[ |
|
365 | 366 | 'default_repo_perm', |
|
366 | 367 | 'default_group_perm', |
|
367 | 368 | 'default_user_group_perm', |
|
368 | 369 | |
|
369 | 370 | 'default_repo_group_create', |
|
370 | 371 | 'default_user_group_create', |
|
371 | 372 | 'default_repo_create_on_write', |
|
372 | 373 | 'default_repo_create', |
|
373 | 374 | 'default_fork_create', |
|
374 | 375 | 'default_inherit_default_permissions',]) |
|
375 | 376 | |
|
376 | 377 | self.sa.commit() |
|
377 | 378 | except (DatabaseError,): |
|
378 | 379 | log.error(traceback.format_exc()) |
|
379 | 380 | self.sa.rollback() |
|
380 | 381 | raise |
|
381 | 382 | |
|
382 | 383 | def update_user_permissions(self, form_result): |
|
383 | 384 | if 'perm_user_id' in form_result: |
|
384 | 385 | perm_user = User.get(safe_int(form_result['perm_user_id'])) |
|
385 | 386 | else: |
|
386 | 387 | # used mostly to do lookup for default user |
|
387 | 388 | perm_user = User.get_by_username(form_result['perm_user_name']) |
|
388 | 389 | try: |
|
389 | 390 | # stage 2 reset defaults and set them from form data |
|
390 | 391 | self._set_new_user_perms(perm_user, form_result, preserve=[ |
|
391 | 392 | 'default_repo_perm', |
|
392 | 393 | 'default_group_perm', |
|
393 | 394 | 'default_user_group_perm', |
|
394 | 395 | |
|
395 | 396 | 'default_register', |
|
396 | 397 | 'default_password_reset', |
|
397 | 398 | 'default_extern_activate']) |
|
398 | 399 | self.sa.commit() |
|
399 | 400 | except (DatabaseError,): |
|
400 | 401 | log.error(traceback.format_exc()) |
|
401 | 402 | self.sa.rollback() |
|
402 | 403 | raise |
|
403 | 404 | |
|
404 | 405 | def update_user_group_permissions(self, form_result): |
|
405 | 406 | if 'perm_user_group_id' in form_result: |
|
406 | 407 | perm_user_group = UserGroup.get(safe_int(form_result['perm_user_group_id'])) |
|
407 | 408 | else: |
|
408 | 409 | # used mostly to do lookup for default user |
|
409 | 410 | perm_user_group = UserGroup.get_by_group_name(form_result['perm_user_group_name']) |
|
410 | 411 | try: |
|
411 | 412 | # stage 2 reset defaults and set them from form data |
|
412 | 413 | self._set_new_user_group_perms(perm_user_group, form_result, preserve=[ |
|
413 | 414 | 'default_repo_perm', |
|
414 | 415 | 'default_group_perm', |
|
415 | 416 | 'default_user_group_perm', |
|
416 | 417 | |
|
417 | 418 | 'default_register', |
|
418 | 419 | 'default_password_reset', |
|
419 | 420 | 'default_extern_activate']) |
|
420 | 421 | self.sa.commit() |
|
421 | 422 | except (DatabaseError,): |
|
422 | 423 | log.error(traceback.format_exc()) |
|
423 | 424 | self.sa.rollback() |
|
424 | 425 | raise |
|
425 | 426 | |
|
426 | 427 | def update_object_permissions(self, form_result): |
|
427 | 428 | if 'perm_user_id' in form_result: |
|
428 | 429 | perm_user = User.get(safe_int(form_result['perm_user_id'])) |
|
429 | 430 | else: |
|
430 | 431 | # used mostly to do lookup for default user |
|
431 | 432 | perm_user = User.get_by_username(form_result['perm_user_name']) |
|
432 | 433 | try: |
|
433 | 434 | |
|
434 | 435 | # stage 2 reset defaults and set them from form data |
|
435 | 436 | self._set_new_user_perms(perm_user, form_result, preserve=[ |
|
436 | 437 | 'default_repo_group_create', |
|
437 | 438 | 'default_user_group_create', |
|
438 | 439 | 'default_repo_create_on_write', |
|
439 | 440 | 'default_repo_create', |
|
440 | 441 | 'default_fork_create', |
|
441 | 442 | 'default_inherit_default_permissions', |
|
442 | 443 | |
|
443 | 444 | 'default_register', |
|
444 | 445 | 'default_password_reset', |
|
445 | 446 | 'default_extern_activate']) |
|
446 | 447 | |
|
447 | 448 | # overwrite default repo permissions |
|
448 | 449 | if form_result['overwrite_default_repo']: |
|
449 | 450 | _def_name = form_result['default_repo_perm'].split('repository.')[-1] |
|
450 | 451 | _def = Permission.get_by_key('repository.' + _def_name) |
|
451 | 452 | for r2p in self.sa.query(UserRepoToPerm)\ |
|
452 | 453 | .filter(UserRepoToPerm.user == perm_user)\ |
|
453 | 454 | .all(): |
|
454 | 455 | # don't reset PRIVATE repositories |
|
455 | 456 | if not r2p.repository.private: |
|
456 | 457 | r2p.permission = _def |
|
457 | 458 | self.sa.add(r2p) |
|
458 | 459 | |
|
459 | 460 | # overwrite default repo group permissions |
|
460 | 461 | if form_result['overwrite_default_group']: |
|
461 | 462 | _def_name = form_result['default_group_perm'].split('group.')[-1] |
|
462 | 463 | _def = Permission.get_by_key('group.' + _def_name) |
|
463 | 464 | for g2p in self.sa.query(UserRepoGroupToPerm)\ |
|
464 | 465 | .filter(UserRepoGroupToPerm.user == perm_user)\ |
|
465 | 466 | .all(): |
|
466 | 467 | g2p.permission = _def |
|
467 | 468 | self.sa.add(g2p) |
|
468 | 469 | |
|
469 | 470 | # overwrite default user group permissions |
|
470 | 471 | if form_result['overwrite_default_user_group']: |
|
471 | 472 | _def_name = form_result['default_user_group_perm'].split('usergroup.')[-1] |
|
472 | 473 | # user groups |
|
473 | 474 | _def = Permission.get_by_key('usergroup.' + _def_name) |
|
474 | 475 | for g2p in self.sa.query(UserUserGroupToPerm)\ |
|
475 | 476 | .filter(UserUserGroupToPerm.user == perm_user)\ |
|
476 | 477 | .all(): |
|
477 | 478 | g2p.permission = _def |
|
478 | 479 | self.sa.add(g2p) |
|
479 | 480 | self.sa.commit() |
|
480 | 481 | except (DatabaseError,): |
|
481 | 482 | log.exception('Failed to set default object permissions') |
|
482 | 483 | self.sa.rollback() |
|
483 | 484 | raise |
@@ -1,206 +1,213 b'' | |||
|
1 | 1 | |
|
2 | 2 | /****************************************************************************** |
|
3 | 3 | * * |
|
4 | 4 | * DO NOT CHANGE THIS FILE MANUALLY * |
|
5 | 5 | * * |
|
6 | 6 | * * |
|
7 | 7 | * This file is automatically generated when the app starts up with * |
|
8 | 8 | * generate_js_files = true * |
|
9 | 9 | * * |
|
10 | 10 | * To add a route here pass jsroute=True to the route definition in the app * |
|
11 | 11 | * * |
|
12 | 12 | ******************************************************************************/ |
|
13 | 13 | function registerRCRoutes() { |
|
14 | 14 | // routes registration |
|
15 | 15 | pyroutes.register('new_repo', '/_admin/create_repository', []); |
|
16 | 16 | pyroutes.register('edit_user', '/_admin/users/%(user_id)s/edit', ['user_id']); |
|
17 | 17 | pyroutes.register('edit_user_group_members', '/_admin/user_groups/%(user_group_id)s/edit/members', ['user_group_id']); |
|
18 | 18 | pyroutes.register('changeset_home', '/%(repo_name)s/changeset/%(revision)s', ['repo_name', 'revision']); |
|
19 | 19 | pyroutes.register('changeset_comment', '/%(repo_name)s/changeset/%(revision)s/comment', ['repo_name', 'revision']); |
|
20 | 20 | pyroutes.register('changeset_comment_preview', '/%(repo_name)s/changeset/comment/preview', ['repo_name']); |
|
21 | 21 | pyroutes.register('changeset_comment_delete', '/%(repo_name)s/changeset/comment/%(comment_id)s/delete', ['repo_name', 'comment_id']); |
|
22 | 22 | pyroutes.register('changeset_info', '/%(repo_name)s/changeset_info/%(revision)s', ['repo_name', 'revision']); |
|
23 | 23 | pyroutes.register('compare_url', '/%(repo_name)s/compare/%(source_ref_type)s@%(source_ref)s...%(target_ref_type)s@%(target_ref)s', ['repo_name', 'source_ref_type', 'source_ref', 'target_ref_type', 'target_ref']); |
|
24 | 24 | pyroutes.register('pullrequest_home', '/%(repo_name)s/pull-request/new', ['repo_name']); |
|
25 | 25 | pyroutes.register('pullrequest', '/%(repo_name)s/pull-request/new', ['repo_name']); |
|
26 | 26 | pyroutes.register('pullrequest_repo_refs', '/%(repo_name)s/pull-request/refs/%(target_repo_name)s', ['repo_name', 'target_repo_name']); |
|
27 | 27 | pyroutes.register('pullrequest_repo_destinations', '/%(repo_name)s/pull-request/repo-destinations', ['repo_name']); |
|
28 | 28 | pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']); |
|
29 | 29 | pyroutes.register('pullrequest_update', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']); |
|
30 | 30 | pyroutes.register('pullrequest_comment', '/%(repo_name)s/pull-request-comment/%(pull_request_id)s', ['repo_name', 'pull_request_id']); |
|
31 | 31 | pyroutes.register('pullrequest_comment_delete', '/%(repo_name)s/pull-request-comment/%(comment_id)s/delete', ['repo_name', 'comment_id']); |
|
32 | 32 | pyroutes.register('favicon', '/favicon.ico', []); |
|
33 | 33 | pyroutes.register('robots', '/robots.txt', []); |
|
34 | 34 | pyroutes.register('auth_home', '/_admin/auth*traverse', []); |
|
35 | 35 | pyroutes.register('global_integrations_new', '/_admin/integrations/new', []); |
|
36 | 36 | pyroutes.register('global_integrations_home', '/_admin/integrations', []); |
|
37 | 37 | pyroutes.register('global_integrations_list', '/_admin/integrations/%(integration)s', ['integration']); |
|
38 | 38 | pyroutes.register('global_integrations_create', '/_admin/integrations/%(integration)s/new', ['integration']); |
|
39 | 39 | pyroutes.register('global_integrations_edit', '/_admin/integrations/%(integration)s/%(integration_id)s', ['integration', 'integration_id']); |
|
40 | 40 | pyroutes.register('repo_group_integrations_home', '/%(repo_group_name)s/settings/integrations', ['repo_group_name']); |
|
41 | 41 | pyroutes.register('repo_group_integrations_list', '/%(repo_group_name)s/settings/integrations/%(integration)s', ['repo_group_name', 'integration']); |
|
42 | 42 | pyroutes.register('repo_group_integrations_new', '/%(repo_group_name)s/settings/integrations/new', ['repo_group_name']); |
|
43 | 43 | pyroutes.register('repo_group_integrations_create', '/%(repo_group_name)s/settings/integrations/%(integration)s/new', ['repo_group_name', 'integration']); |
|
44 | 44 | pyroutes.register('repo_group_integrations_edit', '/%(repo_group_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_group_name', 'integration', 'integration_id']); |
|
45 | 45 | pyroutes.register('repo_integrations_home', '/%(repo_name)s/settings/integrations', ['repo_name']); |
|
46 | 46 | pyroutes.register('repo_integrations_list', '/%(repo_name)s/settings/integrations/%(integration)s', ['repo_name', 'integration']); |
|
47 | 47 | pyroutes.register('repo_integrations_new', '/%(repo_name)s/settings/integrations/new', ['repo_name']); |
|
48 | 48 | pyroutes.register('repo_integrations_create', '/%(repo_name)s/settings/integrations/%(integration)s/new', ['repo_name', 'integration']); |
|
49 | 49 | pyroutes.register('repo_integrations_edit', '/%(repo_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_name', 'integration', 'integration_id']); |
|
50 | 50 | pyroutes.register('ops_ping', '/_admin/ops/ping', []); |
|
51 | 51 | pyroutes.register('ops_error_test', '/_admin/ops/error', []); |
|
52 | 52 | pyroutes.register('ops_redirect_test', '/_admin/ops/redirect', []); |
|
53 | 53 | pyroutes.register('admin_home', '/_admin', []); |
|
54 | 54 | pyroutes.register('admin_audit_logs', '/_admin/audit_logs', []); |
|
55 | 55 | pyroutes.register('pull_requests_global_0', '/_admin/pull_requests/%(pull_request_id)s', ['pull_request_id']); |
|
56 | 56 | pyroutes.register('pull_requests_global_1', '/_admin/pull-requests/%(pull_request_id)s', ['pull_request_id']); |
|
57 | 57 | pyroutes.register('pull_requests_global', '/_admin/pull-request/%(pull_request_id)s', ['pull_request_id']); |
|
58 | 58 | pyroutes.register('admin_settings_open_source', '/_admin/settings/open_source', []); |
|
59 | 59 | pyroutes.register('admin_settings_vcs_svn_generate_cfg', '/_admin/settings/vcs/svn_generate_cfg', []); |
|
60 | 60 | pyroutes.register('admin_settings_system', '/_admin/settings/system', []); |
|
61 | 61 | pyroutes.register('admin_settings_system_update', '/_admin/settings/system/updates', []); |
|
62 | 62 | pyroutes.register('admin_settings_sessions', '/_admin/settings/sessions', []); |
|
63 | 63 | pyroutes.register('admin_settings_sessions_cleanup', '/_admin/settings/sessions/cleanup', []); |
|
64 | 64 | pyroutes.register('admin_settings_process_management', '/_admin/settings/process_management', []); |
|
65 | 65 | pyroutes.register('admin_settings_process_management_signal', '/_admin/settings/process_management/signal', []); |
|
66 | pyroutes.register('admin_permissions_application', '/_admin/permissions/application', []); | |
|
67 | pyroutes.register('admin_permissions_application_update', '/_admin/permissions/application/update', []); | |
|
68 | pyroutes.register('admin_permissions_global', '/_admin/permissions/global', []); | |
|
69 | pyroutes.register('admin_permissions_global_update', '/_admin/permissions/global/update', []); | |
|
70 | pyroutes.register('admin_permissions_object', '/_admin/permissions/object', []); | |
|
71 | pyroutes.register('admin_permissions_object_update', '/_admin/permissions/object/update', []); | |
|
66 | 72 | pyroutes.register('admin_permissions_ips', '/_admin/permissions/ips', []); |
|
73 | pyroutes.register('admin_permissions_overview', '/_admin/permissions/overview', []); | |
|
67 | 74 | pyroutes.register('users', '/_admin/users', []); |
|
68 | 75 | pyroutes.register('users_data', '/_admin/users_data', []); |
|
69 | 76 | pyroutes.register('edit_user_auth_tokens', '/_admin/users/%(user_id)s/edit/auth_tokens', ['user_id']); |
|
70 | 77 | pyroutes.register('edit_user_auth_tokens_add', '/_admin/users/%(user_id)s/edit/auth_tokens/new', ['user_id']); |
|
71 | 78 | pyroutes.register('edit_user_auth_tokens_delete', '/_admin/users/%(user_id)s/edit/auth_tokens/delete', ['user_id']); |
|
72 | 79 | pyroutes.register('edit_user_emails', '/_admin/users/%(user_id)s/edit/emails', ['user_id']); |
|
73 | 80 | pyroutes.register('edit_user_emails_add', '/_admin/users/%(user_id)s/edit/emails/new', ['user_id']); |
|
74 | 81 | pyroutes.register('edit_user_emails_delete', '/_admin/users/%(user_id)s/edit/emails/delete', ['user_id']); |
|
75 | 82 | pyroutes.register('edit_user_ips', '/_admin/users/%(user_id)s/edit/ips', ['user_id']); |
|
76 | 83 | pyroutes.register('edit_user_ips_add', '/_admin/users/%(user_id)s/edit/ips/new', ['user_id']); |
|
77 | 84 | pyroutes.register('edit_user_ips_delete', '/_admin/users/%(user_id)s/edit/ips/delete', ['user_id']); |
|
78 | 85 | pyroutes.register('edit_user_groups_management', '/_admin/users/%(user_id)s/edit/groups_management', ['user_id']); |
|
79 | 86 | pyroutes.register('edit_user_groups_management_updates', '/_admin/users/%(user_id)s/edit/edit_user_groups_management/updates', ['user_id']); |
|
80 | 87 | pyroutes.register('edit_user_audit_logs', '/_admin/users/%(user_id)s/edit/audit', ['user_id']); |
|
81 | 88 | pyroutes.register('channelstream_connect', '/_admin/channelstream/connect', []); |
|
82 | 89 | pyroutes.register('channelstream_subscribe', '/_admin/channelstream/subscribe', []); |
|
83 | 90 | pyroutes.register('channelstream_proxy', '/_channelstream', []); |
|
84 | 91 | pyroutes.register('login', '/_admin/login', []); |
|
85 | 92 | pyroutes.register('logout', '/_admin/logout', []); |
|
86 | 93 | pyroutes.register('register', '/_admin/register', []); |
|
87 | 94 | pyroutes.register('reset_password', '/_admin/password_reset', []); |
|
88 | 95 | pyroutes.register('reset_password_confirmation', '/_admin/password_reset_confirmation', []); |
|
89 | 96 | pyroutes.register('home', '/', []); |
|
90 | 97 | pyroutes.register('user_autocomplete_data', '/_users', []); |
|
91 | 98 | pyroutes.register('user_group_autocomplete_data', '/_user_groups', []); |
|
92 | 99 | pyroutes.register('repo_list_data', '/_repos', []); |
|
93 | 100 | pyroutes.register('goto_switcher_data', '/_goto_data', []); |
|
94 | 101 | pyroutes.register('journal', '/_admin/journal', []); |
|
95 | 102 | pyroutes.register('journal_rss', '/_admin/journal/rss', []); |
|
96 | 103 | pyroutes.register('journal_atom', '/_admin/journal/atom', []); |
|
97 | 104 | pyroutes.register('journal_public', '/_admin/public_journal', []); |
|
98 | 105 | pyroutes.register('journal_public_atom', '/_admin/public_journal/atom', []); |
|
99 | 106 | pyroutes.register('journal_public_atom_old', '/_admin/public_journal_atom', []); |
|
100 | 107 | pyroutes.register('journal_public_rss', '/_admin/public_journal/rss', []); |
|
101 | 108 | pyroutes.register('journal_public_rss_old', '/_admin/public_journal_rss', []); |
|
102 | 109 | pyroutes.register('toggle_following', '/_admin/toggle_following', []); |
|
103 | 110 | pyroutes.register('repo_summary_explicit', '/%(repo_name)s/summary', ['repo_name']); |
|
104 | 111 | pyroutes.register('repo_summary_commits', '/%(repo_name)s/summary-commits', ['repo_name']); |
|
105 | 112 | pyroutes.register('repo_commit', '/%(repo_name)s/changeset/%(commit_id)s', ['repo_name', 'commit_id']); |
|
106 | 113 | pyroutes.register('repo_archivefile', '/%(repo_name)s/archive/%(fname)s', ['repo_name', 'fname']); |
|
107 | 114 | pyroutes.register('repo_files_diff', '/%(repo_name)s/diff/%(f_path)s', ['repo_name', 'f_path']); |
|
108 | 115 | pyroutes.register('repo_files_diff_2way_redirect', '/%(repo_name)s/diff-2way/%(f_path)s', ['repo_name', 'f_path']); |
|
109 | 116 | pyroutes.register('repo_files', '/%(repo_name)s/files/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
110 | 117 | pyroutes.register('repo_files:default_path', '/%(repo_name)s/files/%(commit_id)s/', ['repo_name', 'commit_id']); |
|
111 | 118 | pyroutes.register('repo_files:default_commit', '/%(repo_name)s/files', ['repo_name']); |
|
112 | 119 | pyroutes.register('repo_files:rendered', '/%(repo_name)s/render/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
113 | 120 | pyroutes.register('repo_files:annotated', '/%(repo_name)s/annotate/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
114 | 121 | pyroutes.register('repo_files:annotated_previous', '/%(repo_name)s/annotate-previous/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
115 | 122 | pyroutes.register('repo_nodetree_full', '/%(repo_name)s/nodetree_full/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
116 | 123 | pyroutes.register('repo_nodetree_full:default_path', '/%(repo_name)s/nodetree_full/%(commit_id)s/', ['repo_name', 'commit_id']); |
|
117 | 124 | pyroutes.register('repo_files_nodelist', '/%(repo_name)s/nodelist/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
118 | 125 | pyroutes.register('repo_file_raw', '/%(repo_name)s/raw/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
119 | 126 | pyroutes.register('repo_file_download', '/%(repo_name)s/download/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
120 | 127 | pyroutes.register('repo_file_download:legacy', '/%(repo_name)s/rawfile/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
121 | 128 | pyroutes.register('repo_file_history', '/%(repo_name)s/history/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
122 | 129 | pyroutes.register('repo_file_authors', '/%(repo_name)s/authors/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
123 | 130 | pyroutes.register('repo_files_remove_file', '/%(repo_name)s/remove_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
124 | 131 | pyroutes.register('repo_files_delete_file', '/%(repo_name)s/delete_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
125 | 132 | pyroutes.register('repo_files_edit_file', '/%(repo_name)s/edit_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
126 | 133 | pyroutes.register('repo_files_update_file', '/%(repo_name)s/update_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
127 | 134 | pyroutes.register('repo_files_add_file', '/%(repo_name)s/add_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
128 | 135 | pyroutes.register('repo_files_create_file', '/%(repo_name)s/create_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
129 | 136 | pyroutes.register('repo_refs_data', '/%(repo_name)s/refs-data', ['repo_name']); |
|
130 | 137 | pyroutes.register('repo_refs_changelog_data', '/%(repo_name)s/refs-data-changelog', ['repo_name']); |
|
131 | 138 | pyroutes.register('repo_stats', '/%(repo_name)s/repo_stats/%(commit_id)s', ['repo_name', 'commit_id']); |
|
132 | 139 | pyroutes.register('repo_changelog', '/%(repo_name)s/changelog', ['repo_name']); |
|
133 | 140 | pyroutes.register('repo_changelog_file', '/%(repo_name)s/changelog/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']); |
|
134 | 141 | pyroutes.register('repo_changelog_elements', '/%(repo_name)s/changelog_elements', ['repo_name']); |
|
135 | 142 | pyroutes.register('tags_home', '/%(repo_name)s/tags', ['repo_name']); |
|
136 | 143 | pyroutes.register('branches_home', '/%(repo_name)s/branches', ['repo_name']); |
|
137 | 144 | pyroutes.register('bookmarks_home', '/%(repo_name)s/bookmarks', ['repo_name']); |
|
138 | 145 | pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']); |
|
139 | 146 | pyroutes.register('pullrequest_show_all', '/%(repo_name)s/pull-request', ['repo_name']); |
|
140 | 147 | pyroutes.register('pullrequest_show_all_data', '/%(repo_name)s/pull-request-data', ['repo_name']); |
|
141 | 148 | pyroutes.register('changeset_home', '/%(repo_name)s/changeset/%(revision)s', ['repo_name', 'revision']); |
|
142 | 149 | pyroutes.register('changeset_children', '/%(repo_name)s/changeset_children/%(revision)s', ['repo_name', 'revision']); |
|
143 | 150 | pyroutes.register('changeset_parents', '/%(repo_name)s/changeset_parents/%(revision)s', ['repo_name', 'revision']); |
|
144 | 151 | pyroutes.register('edit_repo', '/%(repo_name)s/settings', ['repo_name']); |
|
145 | 152 | pyroutes.register('edit_repo_advanced', '/%(repo_name)s/settings/advanced', ['repo_name']); |
|
146 | 153 | pyroutes.register('edit_repo_advanced_delete', '/%(repo_name)s/settings/advanced/delete', ['repo_name']); |
|
147 | 154 | pyroutes.register('edit_repo_advanced_locking', '/%(repo_name)s/settings/advanced/locking', ['repo_name']); |
|
148 | 155 | pyroutes.register('edit_repo_advanced_journal', '/%(repo_name)s/settings/advanced/journal', ['repo_name']); |
|
149 | 156 | pyroutes.register('edit_repo_advanced_fork', '/%(repo_name)s/settings/advanced/fork', ['repo_name']); |
|
150 | 157 | pyroutes.register('edit_repo_caches', '/%(repo_name)s/settings/caches', ['repo_name']); |
|
151 | 158 | pyroutes.register('edit_repo_perms', '/%(repo_name)s/settings/permissions', ['repo_name']); |
|
152 | 159 | pyroutes.register('repo_reviewers', '/%(repo_name)s/settings/review/rules', ['repo_name']); |
|
153 | 160 | pyroutes.register('repo_default_reviewers_data', '/%(repo_name)s/settings/review/default-reviewers', ['repo_name']); |
|
154 | 161 | pyroutes.register('repo_maintenance', '/%(repo_name)s/settings/maintenance', ['repo_name']); |
|
155 | 162 | pyroutes.register('repo_maintenance_execute', '/%(repo_name)s/settings/maintenance/execute', ['repo_name']); |
|
156 | 163 | pyroutes.register('strip', '/%(repo_name)s/settings/strip', ['repo_name']); |
|
157 | 164 | pyroutes.register('strip_check', '/%(repo_name)s/settings/strip_check', ['repo_name']); |
|
158 | 165 | pyroutes.register('strip_execute', '/%(repo_name)s/settings/strip_execute', ['repo_name']); |
|
159 | 166 | pyroutes.register('rss_feed_home', '/%(repo_name)s/feed/rss', ['repo_name']); |
|
160 | 167 | pyroutes.register('atom_feed_home', '/%(repo_name)s/feed/atom', ['repo_name']); |
|
161 | 168 | pyroutes.register('repo_summary', '/%(repo_name)s', ['repo_name']); |
|
162 | 169 | pyroutes.register('repo_summary_slash', '/%(repo_name)s/', ['repo_name']); |
|
163 | 170 | pyroutes.register('repo_group_home', '/%(repo_group_name)s', ['repo_group_name']); |
|
164 | 171 | pyroutes.register('repo_group_home_slash', '/%(repo_group_name)s/', ['repo_group_name']); |
|
165 | 172 | pyroutes.register('search', '/_admin/search', []); |
|
166 | 173 | pyroutes.register('search_repo', '/%(repo_name)s/search', ['repo_name']); |
|
167 | 174 | pyroutes.register('user_profile', '/_profiles/%(username)s', ['username']); |
|
168 | 175 | pyroutes.register('my_account_profile', '/_admin/my_account/profile', []); |
|
169 | 176 | pyroutes.register('my_account_edit', '/_admin/my_account/edit', []); |
|
170 | 177 | pyroutes.register('my_account_update', '/_admin/my_account/update', []); |
|
171 | 178 | pyroutes.register('my_account_password', '/_admin/my_account/password', []); |
|
172 | 179 | pyroutes.register('my_account_password_update', '/_admin/my_account/password', []); |
|
173 | 180 | pyroutes.register('my_account_auth_tokens', '/_admin/my_account/auth_tokens', []); |
|
174 | 181 | pyroutes.register('my_account_auth_tokens_add', '/_admin/my_account/auth_tokens/new', []); |
|
175 | 182 | pyroutes.register('my_account_auth_tokens_delete', '/_admin/my_account/auth_tokens/delete', []); |
|
176 | 183 | pyroutes.register('my_account_emails', '/_admin/my_account/emails', []); |
|
177 | 184 | pyroutes.register('my_account_emails_add', '/_admin/my_account/emails/new', []); |
|
178 | 185 | pyroutes.register('my_account_emails_delete', '/_admin/my_account/emails/delete', []); |
|
179 | 186 | pyroutes.register('my_account_repos', '/_admin/my_account/repos', []); |
|
180 | 187 | pyroutes.register('my_account_watched', '/_admin/my_account/watched', []); |
|
181 | 188 | pyroutes.register('my_account_perms', '/_admin/my_account/perms', []); |
|
182 | 189 | pyroutes.register('my_account_notifications', '/_admin/my_account/notifications', []); |
|
183 | 190 | pyroutes.register('my_account_notifications_toggle_visibility', '/_admin/my_account/toggle_visibility', []); |
|
184 | 191 | pyroutes.register('my_account_pullrequests', '/_admin/my_account/pull_requests', []); |
|
185 | 192 | pyroutes.register('my_account_pullrequests_data', '/_admin/my_account/pull_requests/data', []); |
|
186 | 193 | pyroutes.register('notifications_show_all', '/_admin/notifications', []); |
|
187 | 194 | pyroutes.register('notifications_mark_all_read', '/_admin/notifications/mark_all_read', []); |
|
188 | 195 | pyroutes.register('notifications_show', '/_admin/notifications/%(notification_id)s', ['notification_id']); |
|
189 | 196 | pyroutes.register('notifications_update', '/_admin/notifications/%(notification_id)s/update', ['notification_id']); |
|
190 | 197 | pyroutes.register('notifications_delete', '/_admin/notifications/%(notification_id)s/delete', ['notification_id']); |
|
191 | 198 | pyroutes.register('my_account_notifications_test_channelstream', '/_admin/my_account/test_channelstream', []); |
|
192 | 199 | pyroutes.register('gists_show', '/_admin/gists', []); |
|
193 | 200 | pyroutes.register('gists_new', '/_admin/gists/new', []); |
|
194 | 201 | pyroutes.register('gists_create', '/_admin/gists/create', []); |
|
195 | 202 | pyroutes.register('gist_show', '/_admin/gists/%(gist_id)s', ['gist_id']); |
|
196 | 203 | pyroutes.register('gist_delete', '/_admin/gists/%(gist_id)s/delete', ['gist_id']); |
|
197 | 204 | pyroutes.register('gist_edit', '/_admin/gists/%(gist_id)s/edit', ['gist_id']); |
|
198 | 205 | pyroutes.register('gist_edit_check_revision', '/_admin/gists/%(gist_id)s/edit/check_revision', ['gist_id']); |
|
199 | 206 | pyroutes.register('gist_update', '/_admin/gists/%(gist_id)s/update', ['gist_id']); |
|
200 | 207 | pyroutes.register('gist_show_rev', '/_admin/gists/%(gist_id)s/%(revision)s', ['gist_id', 'revision']); |
|
201 | 208 | pyroutes.register('gist_show_formatted', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s', ['gist_id', 'revision', 'format']); |
|
202 | 209 | pyroutes.register('gist_show_formatted_path', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s/%(f_path)s', ['gist_id', 'revision', 'format', 'f_path']); |
|
203 | 210 | pyroutes.register('debug_style_home', '/_admin/debug_style', []); |
|
204 | 211 | pyroutes.register('debug_style_template', '/_admin/debug_style/t/%(t_path)s', ['t_path']); |
|
205 | 212 | pyroutes.register('apiv2', '/_admin/api', []); |
|
206 | 213 | } |
@@ -1,56 +1,56 b'' | |||
|
1 | 1 | ## -*- coding: utf-8 -*- |
|
2 | 2 | <%inherit file="/base/base.mako"/> |
|
3 | 3 | |
|
4 | 4 | <%def name="title()"> |
|
5 | 5 | ${_('Permissions Administration')} |
|
6 | 6 | %if c.rhodecode_name: |
|
7 | 7 | · ${h.branding(c.rhodecode_name)} |
|
8 | 8 | %endif |
|
9 | 9 | </%def> |
|
10 | 10 | |
|
11 | 11 | <%def name="breadcrumbs_links()"> |
|
12 | 12 | ${h.link_to(_('Admin'),h.route_path('admin_home'))} |
|
13 | 13 | » |
|
14 | 14 | ${_('Permissions')} |
|
15 | 15 | </%def> |
|
16 | 16 | |
|
17 | 17 | <%def name="menu_bar_nav()"> |
|
18 | 18 | ${self.menu_items(active='admin')} |
|
19 | 19 | </%def> |
|
20 | 20 | |
|
21 | 21 | |
|
22 | 22 | <%def name="main()"> |
|
23 | 23 | <div class="box"> |
|
24 | 24 | <div class="title"> |
|
25 | 25 | ${self.breadcrumbs()} |
|
26 | 26 | </div> |
|
27 | 27 | |
|
28 | 28 | <div class="sidebar-col-wrapper scw-small"> |
|
29 | 29 | ##main |
|
30 | 30 | <div class="sidebar"> |
|
31 | 31 | <ul class="nav nav-pills nav-stacked"> |
|
32 | 32 | <li class="${'active' if c.active=='application' else ''}"> |
|
33 |
<a href="${h. |
|
|
33 | <a href="${h.route_path('admin_permissions_application')}">${_('Application')}</a> | |
|
34 | 34 | </li> |
|
35 | 35 | <li class="${'active' if c.active=='global' else ''}"> |
|
36 |
<a href="${h. |
|
|
36 | <a href="${h.route_path('admin_permissions_global')}">${_('Global')}</a> | |
|
37 | 37 | </li> |
|
38 | 38 | <li class="${'active' if c.active=='objects' else ''}"> |
|
39 |
<a href="${h. |
|
|
39 | <a href="${h.route_path('admin_permissions_object')}">${_('Object')}</a> | |
|
40 | 40 | </li> |
|
41 | 41 | <li class="${'active' if c.active=='ips' else ''}"> |
|
42 |
<a href="${h. |
|
|
42 | <a href="${h.route_path('admin_permissions_ips')}">${_('IP Whitelist')}</a> | |
|
43 | 43 | </li> |
|
44 | 44 | <li class="${'active' if c.active=='perms' else ''}"> |
|
45 |
<a href="${h. |
|
|
45 | <a href="${h.route_path('admin_permissions_overview')}">${_('Overview')}</a> | |
|
46 | 46 | </li> |
|
47 | 47 | </ul> |
|
48 | 48 | </div> |
|
49 | 49 | |
|
50 | 50 | <div class="main-content-full-width"> |
|
51 | 51 | <%include file="/admin/permissions/permissions_${c.active}.mako"/> |
|
52 | 52 | </div> |
|
53 | 53 | </div> |
|
54 | 54 | </div> |
|
55 | 55 | |
|
56 | 56 | </%def> |
@@ -1,81 +1,81 b'' | |||
|
1 | 1 | <div class="panel panel-default"> |
|
2 | 2 | <div class="panel-heading"> |
|
3 | 3 | <h3 class="panel-title">${_('System Wide Application Permissions')}</h3> |
|
4 | 4 | </div> |
|
5 | 5 | <div class="panel-body"> |
|
6 |
${h.secure_form(h. |
|
|
6 | ${h.secure_form(h.route_path('admin_permissions_application_update'), method='POST', request=request)} | |
|
7 | 7 | <div class="form"> |
|
8 | 8 | <!-- fields --> |
|
9 | 9 | <div class="fields"> |
|
10 | 10 | <div class="field"> |
|
11 | 11 | <div class="label label-checkbox"> |
|
12 | 12 | <label for="anonymous">${_('Anonymous Access')}:</label> |
|
13 | 13 | </div> |
|
14 | 14 | <div class="checkboxes"> |
|
15 | 15 | <div class="checkbox"> |
|
16 | 16 | ${h.checkbox('anonymous',True)} Allow Anonymous Access |
|
17 | 17 | </div> |
|
18 |
<span class="help-block">${h.literal(_('Allow access to RhodeCode Enterprise without requiring users to login. Anonymous users get the %s permission settings.' % (h.link_to('"default user"',h. |
|
|
18 | <span class="help-block">${h.literal(_('Allow access to RhodeCode Enterprise without requiring users to login. Anonymous users get the %s permission settings.' % (h.link_to('"default user"',h.route_path('admin_permissions_object')))))}</span> | |
|
19 | 19 | </div> |
|
20 | 20 | </div> |
|
21 | 21 | |
|
22 | 22 | <div class="field"> |
|
23 | 23 | <div class="label label-select"> |
|
24 | 24 | <label for="default_register">${_('Registration')}:</label> |
|
25 | 25 | </div> |
|
26 | 26 | <div class="select"> |
|
27 | 27 | ${h.select('default_register','',c.register_choices)} |
|
28 | 28 | </div> |
|
29 | 29 | </div> |
|
30 | 30 | |
|
31 | 31 | <div class="field"> |
|
32 | 32 | <div class="label label-select"> |
|
33 | 33 | <label for="default_password_reset">${_('Password Reset')}:</label> |
|
34 | 34 | </div> |
|
35 | 35 | <div class="select"> |
|
36 | 36 | ${h.select('default_password_reset','',c.password_reset_choices)} |
|
37 | 37 | </div> |
|
38 | 38 | </div> |
|
39 | 39 | |
|
40 | 40 | <div class="field"> |
|
41 | 41 | <div class="label label-textarea"> |
|
42 | 42 | <label for="default_register_message">${_('Registration Page Message')}:</label> |
|
43 | 43 | </div> |
|
44 | 44 | <div class="textarea text-area editor" > |
|
45 | 45 | ${h.textarea('default_register_message', class_="medium", )} |
|
46 | 46 | <span class="help-block">${_('Custom message to be displayed on the registration page. HTML syntax is supported.')}</span> |
|
47 | 47 | </div> |
|
48 | 48 | </div> |
|
49 | 49 | |
|
50 | 50 | <div class="field"> |
|
51 | 51 | <div class="label"> |
|
52 | 52 | <label for="default_extern_activate">${_('External Authentication Account Activation')}:</label> |
|
53 | 53 | </div> |
|
54 | 54 | <div class="select"> |
|
55 | 55 | ${h.select('default_extern_activate','',c.extern_activate_choices)} |
|
56 | 56 | </div> |
|
57 | 57 | </div> |
|
58 | 58 | <div class="buttons"> |
|
59 | 59 | ${h.submit('save',_('Save'),class_="btn")} |
|
60 | 60 | ${h.reset('reset',_('Reset'),class_="btn")} |
|
61 | 61 | </div> |
|
62 | 62 | </div> |
|
63 | 63 | </div> |
|
64 | 64 | ${h.end_form()} |
|
65 | 65 | </div> |
|
66 | 66 | </div> |
|
67 | 67 | |
|
68 | 68 | <script> |
|
69 | 69 | $(document).ready(function(){ |
|
70 | 70 | var select2Options = { |
|
71 | 71 | containerCssClass: 'drop-menu', |
|
72 | 72 | dropdownCssClass: 'drop-menu-dropdown', |
|
73 | 73 | dropdownAutoWidth: true, |
|
74 | 74 | minimumResultsForSearch: -1 |
|
75 | 75 | }; |
|
76 | 76 | |
|
77 | 77 | $("#default_register").select2(select2Options); |
|
78 | 78 | $("#default_password_reset").select2(select2Options); |
|
79 | 79 | $("#default_extern_activate").select2(select2Options); |
|
80 | 80 | }); |
|
81 | 81 | </script> |
@@ -1,10 +1,10 b'' | |||
|
1 | 1 | |
|
2 |
${h.secure_form(h. |
|
|
2 | ${h.secure_form(h.route_path('admin_permissions_global_update'), method='POST', request=request)} | |
|
3 | 3 | <div class="form permissions-global"> |
|
4 | 4 | <!-- fields --> |
|
5 | 5 | <div class="fields"> |
|
6 | 6 | <%namespace name="dpb" file="/base/default_perms_box.mako"/> |
|
7 | 7 | ${dpb.default_perms_radios(global_permissions_template = True)} |
|
8 | 8 | </div> |
|
9 | 9 | </div> |
|
10 | 10 | ${h.end_form()} |
@@ -1,67 +1,70 b'' | |||
|
1 | 1 | |
|
2 | 2 | |
|
3 | 3 | <div class="panel panel-default"> |
|
4 | 4 | <div class="panel-heading"> |
|
5 | 5 | <h3 class="panel-title">${_('Default IP Whitelist For All Users')}</h3> |
|
6 | 6 | </div> |
|
7 | 7 | <div class="panel-body"> |
|
8 | 8 | <div class="ips_wrap"> |
|
9 | <h5>${_('Current IP address')}: <code>${c.rhodecode_user.ip_addr}</code></h5> | |
|
10 | ||
|
11 | ||
|
9 | 12 | <table class="rctable ip-whitelist"> |
|
10 | 13 | <tr> |
|
11 | 14 | <th>IP Address</th> |
|
12 | 15 | <th>IP Range</th> |
|
13 | 16 | <th>Description</th> |
|
14 | 17 | <th></th> |
|
15 | 18 | </tr> |
|
16 | 19 | %if c.user_ip_map: |
|
17 | 20 | %for ip in c.user_ip_map: |
|
18 | 21 | <tr> |
|
19 | 22 | <td class="td-ip"><div class="ip">${ip.ip_addr}</div></td> |
|
20 | 23 | <td class="td-iprange"><div class="ip">${h.ip_range(ip.ip_addr)}</div></td> |
|
21 | 24 | <td class="td-description"><div class="ip">${ip.description}</div></td> |
|
22 | 25 | <td class="td-action"> |
|
23 | 26 | ${h.secure_form(h.route_path('edit_user_ips_delete', user_id=c.user.user_id), method='POST', request=request)} |
|
24 | 27 | ${h.hidden('del_ip_id',ip.ip_id)} |
|
25 | 28 | ${h.hidden('default_user', 'True')} |
|
26 | 29 | ${h.submit('remove_',_('Delete'),id="remove_ip_%s" % ip.ip_id, |
|
27 | 30 | class_="btn btn-link btn-danger", onclick="return confirm('"+_('Confirm to delete this ip: %s') % ip.ip_addr+"');")} |
|
28 | 31 | ${h.end_form()} |
|
29 | 32 | </td> |
|
30 | 33 | </tr> |
|
31 | 34 | %endfor |
|
32 | 35 | %else: |
|
33 | 36 | <tr> |
|
34 | 37 | <td class="ip">${_('All IP addresses are allowed')}</td> |
|
35 | 38 | <td></td> |
|
36 | 39 | <td></td> |
|
37 | 40 | <td></td> |
|
38 | 41 | </tr> |
|
39 | 42 | %endif |
|
40 | 43 | </table> |
|
41 | 44 | </div> |
|
42 | 45 | |
|
43 | 46 | ${h.secure_form(h.route_path('edit_user_ips_add', user_id=c.user.user_id), method='POST', request=request)} |
|
44 | 47 | <div class="form"> |
|
45 | 48 | <!-- fields --> |
|
46 | 49 | <div class="fields"> |
|
47 | 50 | <div class="field"> |
|
48 | 51 | <div class="label"> |
|
49 | 52 | <label for="new_ip">${_('New IP Address')}:</label> |
|
50 | 53 | </div> |
|
51 | 54 | <div class="input"> |
|
52 | 55 | ${h.hidden('default_user', 'True')} |
|
53 | 56 | ${h.text('new_ip')} ${h.text('description', placeholder=_('Description...'))} |
|
54 | 57 | <span class="help-block">${_('Enter a comma separated list of IP Addresses like 127.0.0.1,\n' |
|
55 | 58 | 'or use an IP Address with a mask 127.0.0.1/24, to create a network range.\n' |
|
56 | 59 | 'To specify multiple addresses in a range, use the 127.0.0.1-127.0.0.10 syntax')}</span> |
|
57 | 60 | </div> |
|
58 | 61 | </div> |
|
59 | 62 | <div class="buttons"> |
|
60 | 63 | ${h.submit('save',_('Add'),class_="btn")} |
|
61 | 64 | ${h.reset('reset',_('Reset'),class_="btn")} |
|
62 | 65 | </div> |
|
63 | 66 | </div> |
|
64 | 67 | </div> |
|
65 | 68 | ${h.end_form()} |
|
66 | 69 | </div> |
|
67 | 70 | </div> |
@@ -1,77 +1,77 b'' | |||
|
1 | 1 | <div class="panel panel-default"> |
|
2 | 2 | <div class="panel-heading"> |
|
3 | 3 | <h3 class="panel-title">${_('Default Permissions for Repositories, User Groups and Repository Groups.')}</h3> |
|
4 | 4 | </div> |
|
5 | 5 | <div class="panel-body"> |
|
6 | 6 | <p>${_('Default system permissions. Each permissions management entity will be created with the following default settings. Check the overwrite checkbox to force any permission changes on already existing settings.')} |
|
7 | 7 | </p> |
|
8 |
${h.secure_form(h. |
|
|
8 | ${h.secure_form(h.route_path('admin_permissions_object_update'), method='POST', request=request)} | |
|
9 | 9 | <div class="form"> |
|
10 | 10 | <div class="fields"> |
|
11 | 11 | <div class="field"> |
|
12 | 12 | <div class="label"> |
|
13 | 13 | <label for="default_repo_perm">${_('Repository')}:</label> |
|
14 | 14 | </div> |
|
15 | 15 | <div class="select"> |
|
16 | 16 | ${h.select('default_repo_perm','',c.repo_perms_choices)} |
|
17 | 17 | |
|
18 | 18 | ${h.checkbox('overwrite_default_repo','true')} |
|
19 | 19 | <label for="overwrite_default_repo"> |
|
20 | 20 | <span class="tooltip" title="${h.tooltip(_('All default permissions on each repository will be reset to chosen permission, note that all custom default permission on repositories will be lost'))}"> |
|
21 | 21 | ${_('Overwrite Existing Settings')} |
|
22 | 22 | </span> |
|
23 | 23 | </label> |
|
24 | 24 | </div> |
|
25 | 25 | </div> |
|
26 | 26 | <div class="field"> |
|
27 | 27 | <div class="label"> |
|
28 | 28 | <label for="default_group_perm">${_('Repository Groups')}:</label> |
|
29 | 29 | </div> |
|
30 | 30 | <div class="select"> |
|
31 | 31 | ${h.select('default_group_perm','',c.group_perms_choices)} |
|
32 | 32 | ${h.checkbox('overwrite_default_group','true')} |
|
33 | 33 | <label for="overwrite_default_group"> |
|
34 | 34 | <span class="tooltip" title="${h.tooltip(_('All default permissions on each repository group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}"> |
|
35 | 35 | ${_('Overwrite Existing Settings')} |
|
36 | 36 | </span> |
|
37 | 37 | </label> |
|
38 | 38 | </div> |
|
39 | 39 | </div> |
|
40 | 40 | <div class="field"> |
|
41 | 41 | <div class="label"> |
|
42 | 42 | <label for="default_group_perm">${_('User Groups')}:</label> |
|
43 | 43 | </div> |
|
44 | 44 | <div class="select"> |
|
45 | 45 | ${h.select('default_user_group_perm','',c.user_group_perms_choices)} |
|
46 | 46 | ${h.checkbox('overwrite_default_user_group','true')} |
|
47 | 47 | <label for="overwrite_default_user_group"> |
|
48 | 48 | <span class="tooltip" title="${h.tooltip(_('All default permissions on each user group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}"> |
|
49 | 49 | ${_('Overwrite Existing Settings')} |
|
50 | 50 | </span> |
|
51 | 51 | </label> |
|
52 | 52 | </div> |
|
53 | 53 | </div> |
|
54 | 54 | |
|
55 | 55 | <div class="buttons"> |
|
56 | 56 | ${h.submit('save',_('Save'),class_="btn")} |
|
57 | 57 | ${h.reset('reset',_('Reset'),class_="btn")} |
|
58 | 58 | </div> |
|
59 | 59 | </div> |
|
60 | 60 | </div> |
|
61 | 61 | ${h.end_form()} |
|
62 | 62 | </div> |
|
63 | 63 | </div> |
|
64 | 64 | |
|
65 | 65 | <script> |
|
66 | 66 | $(document).ready(function(){ |
|
67 | 67 | var select2Options = { |
|
68 | 68 | containerCssClass: 'drop-menu', |
|
69 | 69 | dropdownCssClass: 'drop-menu-dropdown', |
|
70 | 70 | dropdownAutoWidth: true, |
|
71 | 71 | minimumResultsForSearch: -1 |
|
72 | 72 | }; |
|
73 | 73 | $("#default_repo_perm").select2(select2Options); |
|
74 | 74 | $("#default_group_perm").select2(select2Options); |
|
75 | 75 | $("#default_user_group_perm").select2(select2Options); |
|
76 | 76 | }); |
|
77 | 77 | </script> |
@@ -1,78 +1,78 b'' | |||
|
1 | 1 | <div class="panel panel-default"> |
|
2 | 2 | <div class="panel-heading"> |
|
3 | 3 | <h3 class="panel-title">${_('Custom IP Whitelist')}</h3> |
|
4 | 4 | </div> |
|
5 | 5 | <div class="panel-body"> |
|
6 | 6 | <div class="ips_wrap"> |
|
7 | 7 | <h5>${_('Current IP address')}: <code>${c.rhodecode_user.ip_addr}</code></h5> |
|
8 | 8 | <table class="rctable ip-whitelist"> |
|
9 | 9 | <tr> |
|
10 | 10 | <th>${_('IP Address')}</th> |
|
11 | 11 | <th>${_('IP Range')}</th> |
|
12 | 12 | <th>${_('Description')}</th> |
|
13 | 13 | <th></th> |
|
14 | 14 | </tr> |
|
15 | 15 | %if c.default_user_ip_map and c.inherit_default_ips: |
|
16 | 16 | %for ip in c.default_user_ip_map: |
|
17 | 17 | <tr> |
|
18 | 18 | <td class="td-ip"><div class="ip">${ip.ip_addr}</div></td> |
|
19 | 19 | <td class="td-iprange"><div class="ip">${h.ip_range(ip.ip_addr)}</div></td> |
|
20 |
<td class="td-description">${h.literal(_('Inherited from %s') % h.link_to('*default*',h. |
|
|
20 | <td class="td-description">${h.literal(_('Inherited from %s') % h.link_to('*default*',h.route_path('admin_permissions_ips')))}</td> | |
|
21 | 21 | <td></td> |
|
22 | 22 | </tr> |
|
23 | 23 | %endfor |
|
24 | 24 | %endif |
|
25 | 25 | |
|
26 | 26 | %if c.user_ip_map: |
|
27 | 27 | %for ip in c.user_ip_map: |
|
28 | 28 | <tr> |
|
29 | 29 | <td class="td-ip"><div class="ip">${ip.ip_addr}</div></td> |
|
30 | 30 | <td class="td-iprange"><div class="ip">${h.ip_range(ip.ip_addr)}</div></td> |
|
31 | 31 | <td class="td-description"><div class="ip">${ip.description}</div></td> |
|
32 | 32 | <td class="td-action"> |
|
33 | 33 | ${h.secure_form(h.route_path('edit_user_ips_delete', user_id=c.user.user_id), method='POST', request=request)} |
|
34 | 34 | ${h.hidden('del_ip_id', ip.ip_id)} |
|
35 | 35 | ${h.submit('remove_', _('Delete'),id="remove_ip_%s" % ip.ip_id, |
|
36 | 36 | class_="btn btn-link btn-danger", onclick="return confirm('"+_('Confirm to delete this ip: %s') % ip.ip_addr+"');")} |
|
37 | 37 | ${h.end_form()} |
|
38 | 38 | </td> |
|
39 | 39 | </tr> |
|
40 | 40 | %endfor |
|
41 | 41 | %endif |
|
42 | 42 | %if not c.default_user_ip_map and not c.user_ip_map: |
|
43 | 43 | <tr> |
|
44 | 44 | <td><h2 class="ip">${_('All IP addresses are allowed')}</h2></td> |
|
45 | 45 | <td></td> |
|
46 | 46 | <td></td> |
|
47 | 47 | <td></td> |
|
48 | 48 | </tr> |
|
49 | 49 | %endif |
|
50 | 50 | </table> |
|
51 | 51 | </div> |
|
52 | 52 | |
|
53 | 53 | <div> |
|
54 | 54 | ${h.secure_form(h.route_path('edit_user_ips_add', user_id=c.user.user_id), method='POST', request=request)} |
|
55 | 55 | <div class="form"> |
|
56 | 56 | <!-- fields --> |
|
57 | 57 | <div class="fields"> |
|
58 | 58 | <div class="field"> |
|
59 | 59 | <div class="label"> |
|
60 | 60 | <label for="new_ip">${_('New IP Address')}:</label> |
|
61 | 61 | </div> |
|
62 | 62 | <div class="input"> |
|
63 | 63 | ${h.text('new_ip')} ${h.text('description', placeholder=_('Description...'))} |
|
64 | 64 | <span class="help-block">${_('Enter comma separated list of ip addresses like 127.0.0.1,\n' |
|
65 | 65 | 'or use a ip address with a mask 127.0.0.1/24, to create a network range.\n' |
|
66 | 66 | 'To specify multiple address range use 127.0.0.1-127.0.0.10 syntax')}</span> |
|
67 | 67 | </div> |
|
68 | 68 | </div> |
|
69 | 69 | <div class="buttons"> |
|
70 | 70 | ${h.submit('save',_('Add'),class_="btn btn-small")} |
|
71 | 71 | ${h.reset('reset',_('Reset'),class_="btn btn-small")} |
|
72 | 72 | </div> |
|
73 | 73 | </div> |
|
74 | 74 | </div> |
|
75 | 75 | ${h.end_form()} |
|
76 | 76 | </div> |
|
77 | 77 | </div> |
|
78 | 78 | </div> |
@@ -1,600 +1,600 b'' | |||
|
1 | 1 | ## -*- coding: utf-8 -*- |
|
2 | 2 | <%inherit file="root.mako"/> |
|
3 | 3 | |
|
4 | 4 | <div class="outerwrapper"> |
|
5 | 5 | <!-- HEADER --> |
|
6 | 6 | <div class="header"> |
|
7 | 7 | <div id="header-inner" class="wrapper"> |
|
8 | 8 | <div id="logo"> |
|
9 | 9 | <div class="logo-wrapper"> |
|
10 | 10 | <a href="${h.route_path('home')}"><img src="${h.asset('images/rhodecode-logo-white-216x60.png')}" alt="RhodeCode"/></a> |
|
11 | 11 | </div> |
|
12 | 12 | %if c.rhodecode_name: |
|
13 | 13 | <div class="branding">- ${h.branding(c.rhodecode_name)}</div> |
|
14 | 14 | %endif |
|
15 | 15 | </div> |
|
16 | 16 | <!-- MENU BAR NAV --> |
|
17 | 17 | ${self.menu_bar_nav()} |
|
18 | 18 | <!-- END MENU BAR NAV --> |
|
19 | 19 | </div> |
|
20 | 20 | </div> |
|
21 | 21 | ${self.menu_bar_subnav()} |
|
22 | 22 | <!-- END HEADER --> |
|
23 | 23 | |
|
24 | 24 | <!-- CONTENT --> |
|
25 | 25 | <div id="content" class="wrapper"> |
|
26 | 26 | |
|
27 | 27 | <rhodecode-toast id="notifications"></rhodecode-toast> |
|
28 | 28 | |
|
29 | 29 | <div class="main"> |
|
30 | 30 | ${next.main()} |
|
31 | 31 | </div> |
|
32 | 32 | </div> |
|
33 | 33 | <!-- END CONTENT --> |
|
34 | 34 | |
|
35 | 35 | </div> |
|
36 | 36 | <!-- FOOTER --> |
|
37 | 37 | <div id="footer"> |
|
38 | 38 | <div id="footer-inner" class="title wrapper"> |
|
39 | 39 | <div> |
|
40 | 40 | <p class="footer-link-right"> |
|
41 | 41 | % if c.visual.show_version: |
|
42 | 42 | RhodeCode Enterprise ${c.rhodecode_version} ${c.rhodecode_edition} |
|
43 | 43 | % endif |
|
44 | 44 | © 2010-${h.datetime.today().year}, <a href="${h.route_url('rhodecode_official')}" target="_blank">RhodeCode GmbH</a>. All rights reserved. |
|
45 | 45 | % if c.visual.rhodecode_support_url: |
|
46 | 46 | <a href="${c.visual.rhodecode_support_url}" target="_blank">${_('Support')}</a> |
|
47 | 47 | % endif |
|
48 | 48 | </p> |
|
49 | 49 | <% sid = 'block' if request.GET.get('showrcid') else 'none' %> |
|
50 | 50 | <p class="server-instance" style="display:${sid}"> |
|
51 | 51 | ## display hidden instance ID if specially defined |
|
52 | 52 | % if c.rhodecode_instanceid: |
|
53 | 53 | ${_('RhodeCode instance id: %s') % c.rhodecode_instanceid} |
|
54 | 54 | % endif |
|
55 | 55 | </p> |
|
56 | 56 | </div> |
|
57 | 57 | </div> |
|
58 | 58 | </div> |
|
59 | 59 | |
|
60 | 60 | <!-- END FOOTER --> |
|
61 | 61 | |
|
62 | 62 | ### MAKO DEFS ### |
|
63 | 63 | |
|
64 | 64 | <%def name="menu_bar_subnav()"> |
|
65 | 65 | </%def> |
|
66 | 66 | |
|
67 | 67 | <%def name="breadcrumbs(class_='breadcrumbs')"> |
|
68 | 68 | <div class="${class_}"> |
|
69 | 69 | ${self.breadcrumbs_links()} |
|
70 | 70 | </div> |
|
71 | 71 | </%def> |
|
72 | 72 | |
|
73 | 73 | <%def name="admin_menu()"> |
|
74 | 74 | <ul class="admin_menu submenu"> |
|
75 | 75 | <li><a href="${h.route_path('admin_audit_logs')}">${_('Admin audit logs')}</a></li> |
|
76 | 76 | <li><a href="${h.url('repos')}">${_('Repositories')}</a></li> |
|
77 | 77 | <li><a href="${h.url('repo_groups')}">${_('Repository groups')}</a></li> |
|
78 | 78 | <li><a href="${h.route_path('users')}">${_('Users')}</a></li> |
|
79 | 79 | <li><a href="${h.url('users_groups')}">${_('User groups')}</a></li> |
|
80 |
<li><a href="${h. |
|
|
80 | <li><a href="${h.route_path('admin_permissions_application')}">${_('Permissions')}</a></li> | |
|
81 | 81 | <li><a href="${h.route_path('auth_home', traverse='')}">${_('Authentication')}</a></li> |
|
82 | 82 | <li><a href="${h.route_path('global_integrations_home')}">${_('Integrations')}</a></li> |
|
83 | 83 | <li><a href="${h.url('admin_defaults_repositories')}">${_('Defaults')}</a></li> |
|
84 | 84 | <li class="last"><a href="${h.url('admin_settings')}">${_('Settings')}</a></li> |
|
85 | 85 | </ul> |
|
86 | 86 | </%def> |
|
87 | 87 | |
|
88 | 88 | |
|
89 | 89 | <%def name="dt_info_panel(elements)"> |
|
90 | 90 | <dl class="dl-horizontal"> |
|
91 | 91 | %for dt, dd, title, show_items in elements: |
|
92 | 92 | <dt>${dt}:</dt> |
|
93 | 93 | <dd title="${h.tooltip(title)}"> |
|
94 | 94 | %if callable(dd): |
|
95 | 95 | ## allow lazy evaluation of elements |
|
96 | 96 | ${dd()} |
|
97 | 97 | %else: |
|
98 | 98 | ${dd} |
|
99 | 99 | %endif |
|
100 | 100 | %if show_items: |
|
101 | 101 | <span class="btn-collapse" data-toggle="item-${h.md5_safe(dt)[:6]}-details">${_('Show More')} </span> |
|
102 | 102 | %endif |
|
103 | 103 | </dd> |
|
104 | 104 | |
|
105 | 105 | %if show_items: |
|
106 | 106 | <div class="collapsable-content" data-toggle="item-${h.md5_safe(dt)[:6]}-details" style="display: none"> |
|
107 | 107 | %for item in show_items: |
|
108 | 108 | <dt></dt> |
|
109 | 109 | <dd>${item}</dd> |
|
110 | 110 | %endfor |
|
111 | 111 | </div> |
|
112 | 112 | %endif |
|
113 | 113 | |
|
114 | 114 | %endfor |
|
115 | 115 | </dl> |
|
116 | 116 | </%def> |
|
117 | 117 | |
|
118 | 118 | |
|
119 | 119 | <%def name="gravatar(email, size=16)"> |
|
120 | 120 | <% |
|
121 | 121 | if (size > 16): |
|
122 | 122 | gravatar_class = 'gravatar gravatar-large' |
|
123 | 123 | else: |
|
124 | 124 | gravatar_class = 'gravatar' |
|
125 | 125 | %> |
|
126 | 126 | <%doc> |
|
127 | 127 | TODO: johbo: For now we serve double size images to make it smooth |
|
128 | 128 | for retina. This is how it worked until now. Should be replaced |
|
129 | 129 | with a better solution at some point. |
|
130 | 130 | </%doc> |
|
131 | 131 | <img class="${gravatar_class}" src="${h.gravatar_url(email, size * 2)}" height="${size}" width="${size}"> |
|
132 | 132 | </%def> |
|
133 | 133 | |
|
134 | 134 | |
|
135 | 135 | <%def name="gravatar_with_user(contact, size=16, show_disabled=False)"> |
|
136 | 136 | <% email = h.email_or_none(contact) %> |
|
137 | 137 | <div class="rc-user tooltip" title="${h.tooltip(h.author_string(email))}"> |
|
138 | 138 | ${self.gravatar(email, size)} |
|
139 | 139 | <span class="${'user user-disabled' if show_disabled else 'user'}"> ${h.link_to_user(contact)}</span> |
|
140 | 140 | </div> |
|
141 | 141 | </%def> |
|
142 | 142 | |
|
143 | 143 | |
|
144 | 144 | ## admin menu used for people that have some admin resources |
|
145 | 145 | <%def name="admin_menu_simple(repositories=None, repository_groups=None, user_groups=None)"> |
|
146 | 146 | <ul class="submenu"> |
|
147 | 147 | %if repositories: |
|
148 | 148 | <li class="local-admin-repos"><a href="${h.url('repos')}">${_('Repositories')}</a></li> |
|
149 | 149 | %endif |
|
150 | 150 | %if repository_groups: |
|
151 | 151 | <li class="local-admin-repo-groups"><a href="${h.url('repo_groups')}">${_('Repository groups')}</a></li> |
|
152 | 152 | %endif |
|
153 | 153 | %if user_groups: |
|
154 | 154 | <li class="local-admin-user-groups"><a href="${h.url('users_groups')}">${_('User groups')}</a></li> |
|
155 | 155 | %endif |
|
156 | 156 | </ul> |
|
157 | 157 | </%def> |
|
158 | 158 | |
|
159 | 159 | <%def name="repo_page_title(repo_instance)"> |
|
160 | 160 | <div class="title-content"> |
|
161 | 161 | <div class="title-main"> |
|
162 | 162 | ## SVN/HG/GIT icons |
|
163 | 163 | %if h.is_hg(repo_instance): |
|
164 | 164 | <i class="icon-hg"></i> |
|
165 | 165 | %endif |
|
166 | 166 | %if h.is_git(repo_instance): |
|
167 | 167 | <i class="icon-git"></i> |
|
168 | 168 | %endif |
|
169 | 169 | %if h.is_svn(repo_instance): |
|
170 | 170 | <i class="icon-svn"></i> |
|
171 | 171 | %endif |
|
172 | 172 | |
|
173 | 173 | ## public/private |
|
174 | 174 | %if repo_instance.private: |
|
175 | 175 | <i class="icon-repo-private"></i> |
|
176 | 176 | %else: |
|
177 | 177 | <i class="icon-repo-public"></i> |
|
178 | 178 | %endif |
|
179 | 179 | |
|
180 | 180 | ## repo name with group name |
|
181 | 181 | ${h.breadcrumb_repo_link(c.rhodecode_db_repo)} |
|
182 | 182 | |
|
183 | 183 | </div> |
|
184 | 184 | |
|
185 | 185 | ## FORKED |
|
186 | 186 | %if repo_instance.fork: |
|
187 | 187 | <p> |
|
188 | 188 | <i class="icon-code-fork"></i> ${_('Fork of')} |
|
189 | 189 | <a href="${h.route_path('repo_summary',repo_name=repo_instance.fork.repo_name)}">${repo_instance.fork.repo_name}</a> |
|
190 | 190 | </p> |
|
191 | 191 | %endif |
|
192 | 192 | |
|
193 | 193 | ## IMPORTED FROM REMOTE |
|
194 | 194 | %if repo_instance.clone_uri: |
|
195 | 195 | <p> |
|
196 | 196 | <i class="icon-code-fork"></i> ${_('Clone from')} |
|
197 | 197 | <a href="${h.url(h.safe_str(h.hide_credentials(repo_instance.clone_uri)))}">${h.hide_credentials(repo_instance.clone_uri)}</a> |
|
198 | 198 | </p> |
|
199 | 199 | %endif |
|
200 | 200 | |
|
201 | 201 | ## LOCKING STATUS |
|
202 | 202 | %if repo_instance.locked[0]: |
|
203 | 203 | <p class="locking_locked"> |
|
204 | 204 | <i class="icon-repo-lock"></i> |
|
205 | 205 | ${_('Repository locked by %(user)s') % {'user': h.person_by_id(repo_instance.locked[0])}} |
|
206 | 206 | </p> |
|
207 | 207 | %elif repo_instance.enable_locking: |
|
208 | 208 | <p class="locking_unlocked"> |
|
209 | 209 | <i class="icon-repo-unlock"></i> |
|
210 | 210 | ${_('Repository not locked. Pull repository to lock it.')} |
|
211 | 211 | </p> |
|
212 | 212 | %endif |
|
213 | 213 | |
|
214 | 214 | </div> |
|
215 | 215 | </%def> |
|
216 | 216 | |
|
217 | 217 | <%def name="repo_menu(active=None)"> |
|
218 | 218 | <% |
|
219 | 219 | def is_active(selected): |
|
220 | 220 | if selected == active: |
|
221 | 221 | return "active" |
|
222 | 222 | %> |
|
223 | 223 | |
|
224 | 224 | <!--- CONTEXT BAR --> |
|
225 | 225 | <div id="context-bar"> |
|
226 | 226 | <div class="wrapper"> |
|
227 | 227 | <ul id="context-pages" class="horizontal-list navigation"> |
|
228 | 228 | <li class="${is_active('summary')}"><a class="menulink" href="${h.route_path('repo_summary', repo_name=c.repo_name)}"><div class="menulabel">${_('Summary')}</div></a></li> |
|
229 | 229 | <li class="${is_active('changelog')}"><a class="menulink" href="${h.route_path('repo_changelog', repo_name=c.repo_name)}"><div class="menulabel">${_('Changelog')}</div></a></li> |
|
230 | 230 | <li class="${is_active('files')}"><a class="menulink" href="${h.route_path('repo_files', repo_name=c.repo_name, commit_id=c.rhodecode_db_repo.landing_rev[1], f_path='')}"><div class="menulabel">${_('Files')}</div></a></li> |
|
231 | 231 | <li class="${is_active('compare')}"> |
|
232 | 232 | <a class="menulink" href="${h.url('compare_home',repo_name=c.repo_name)}"><div class="menulabel">${_('Compare')}</div></a> |
|
233 | 233 | </li> |
|
234 | 234 | ## TODO: anderson: ideally it would have a function on the scm_instance "enable_pullrequest() and enable_fork()" |
|
235 | 235 | %if c.rhodecode_db_repo.repo_type in ['git','hg']: |
|
236 | 236 | <li class="${is_active('showpullrequest')}"> |
|
237 | 237 | <a class="menulink" href="${h.route_path('pullrequest_show_all', repo_name=c.repo_name)}" title="${h.tooltip(_('Show Pull Requests for %s') % c.repo_name)}"> |
|
238 | 238 | %if c.repository_pull_requests: |
|
239 | 239 | <span class="pr_notifications">${c.repository_pull_requests}</span> |
|
240 | 240 | %endif |
|
241 | 241 | <div class="menulabel">${_('Pull Requests')}</div> |
|
242 | 242 | </a> |
|
243 | 243 | </li> |
|
244 | 244 | %endif |
|
245 | 245 | <li class="${is_active('options')}"> |
|
246 | 246 | <a class="menulink dropdown"> |
|
247 | 247 | <div class="menulabel">${_('Options')} <div class="show_more"></div></div> |
|
248 | 248 | </a> |
|
249 | 249 | <ul class="submenu"> |
|
250 | 250 | %if h.HasRepoPermissionAll('repository.admin')(c.repo_name): |
|
251 | 251 | <li><a href="${h.route_path('edit_repo',repo_name=c.repo_name)}">${_('Settings')}</a></li> |
|
252 | 252 | %endif |
|
253 | 253 | %if c.rhodecode_db_repo.fork: |
|
254 | 254 | <li><a href="${h.url('compare_url',repo_name=c.rhodecode_db_repo.fork.repo_name,source_ref_type=c.rhodecode_db_repo.landing_rev[0],source_ref=c.rhodecode_db_repo.landing_rev[1], target_repo=c.repo_name,target_ref_type='branch' if request.GET.get('branch') else c.rhodecode_db_repo.landing_rev[0],target_ref=request.GET.get('branch') or c.rhodecode_db_repo.landing_rev[1], merge=1)}"> |
|
255 | 255 | ${_('Compare fork')}</a></li> |
|
256 | 256 | %endif |
|
257 | 257 | |
|
258 | 258 | <li><a href="${h.route_path('search_repo',repo_name=c.repo_name)}">${_('Search')}</a></li> |
|
259 | 259 | |
|
260 | 260 | %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name) and c.rhodecode_db_repo.enable_locking: |
|
261 | 261 | %if c.rhodecode_db_repo.locked[0]: |
|
262 | 262 | <li><a class="locking_del" href="${h.url('toggle_locking',repo_name=c.repo_name)}">${_('Unlock')}</a></li> |
|
263 | 263 | %else: |
|
264 | 264 | <li><a class="locking_add" href="${h.url('toggle_locking',repo_name=c.repo_name)}">${_('Lock')}</a></li> |
|
265 | 265 | %endif |
|
266 | 266 | %endif |
|
267 | 267 | %if c.rhodecode_user.username != h.DEFAULT_USER: |
|
268 | 268 | %if c.rhodecode_db_repo.repo_type in ['git','hg']: |
|
269 | 269 | <li><a href="${h.url('repo_fork_home',repo_name=c.repo_name)}">${_('Fork')}</a></li> |
|
270 | 270 | <li><a href="${h.url('pullrequest_home',repo_name=c.repo_name)}">${_('Create Pull Request')}</a></li> |
|
271 | 271 | %endif |
|
272 | 272 | %endif |
|
273 | 273 | </ul> |
|
274 | 274 | </li> |
|
275 | 275 | </ul> |
|
276 | 276 | </div> |
|
277 | 277 | <div class="clear"></div> |
|
278 | 278 | </div> |
|
279 | 279 | <!--- END CONTEXT BAR --> |
|
280 | 280 | |
|
281 | 281 | </%def> |
|
282 | 282 | |
|
283 | 283 | <%def name="usermenu(active=False)"> |
|
284 | 284 | ## USER MENU |
|
285 | 285 | <li id="quick_login_li" class="${'active' if active else ''}"> |
|
286 | 286 | <a id="quick_login_link" class="menulink childs"> |
|
287 | 287 | ${gravatar(c.rhodecode_user.email, 20)} |
|
288 | 288 | <span class="user"> |
|
289 | 289 | %if c.rhodecode_user.username != h.DEFAULT_USER: |
|
290 | 290 | <span class="menu_link_user">${c.rhodecode_user.username}</span><div class="show_more"></div> |
|
291 | 291 | %else: |
|
292 | 292 | <span>${_('Sign in')}</span> |
|
293 | 293 | %endif |
|
294 | 294 | </span> |
|
295 | 295 | </a> |
|
296 | 296 | |
|
297 | 297 | <div class="user-menu submenu"> |
|
298 | 298 | <div id="quick_login"> |
|
299 | 299 | %if c.rhodecode_user.username == h.DEFAULT_USER: |
|
300 | 300 | <h4>${_('Sign in to your account')}</h4> |
|
301 | 301 | ${h.form(h.route_path('login', _query={'came_from': h.url.current()}), needs_csrf_token=False)} |
|
302 | 302 | <div class="form form-vertical"> |
|
303 | 303 | <div class="fields"> |
|
304 | 304 | <div class="field"> |
|
305 | 305 | <div class="label"> |
|
306 | 306 | <label for="username">${_('Username')}:</label> |
|
307 | 307 | </div> |
|
308 | 308 | <div class="input"> |
|
309 | 309 | ${h.text('username',class_='focus',tabindex=1)} |
|
310 | 310 | </div> |
|
311 | 311 | |
|
312 | 312 | </div> |
|
313 | 313 | <div class="field"> |
|
314 | 314 | <div class="label"> |
|
315 | 315 | <label for="password">${_('Password')}:</label> |
|
316 | 316 | %if h.HasPermissionAny('hg.password_reset.enabled')(): |
|
317 | 317 | <span class="forgot_password">${h.link_to(_('(Forgot password?)'),h.route_path('reset_password'), class_='pwd_reset')}</span> |
|
318 | 318 | %endif |
|
319 | 319 | </div> |
|
320 | 320 | <div class="input"> |
|
321 | 321 | ${h.password('password',class_='focus',tabindex=2)} |
|
322 | 322 | </div> |
|
323 | 323 | </div> |
|
324 | 324 | <div class="buttons"> |
|
325 | 325 | <div class="register"> |
|
326 | 326 | %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')(): |
|
327 | 327 | ${h.link_to(_("Don't have an account?"),h.route_path('register'))} <br/> |
|
328 | 328 | %endif |
|
329 | 329 | ${h.link_to(_("Using external auth? Sign In here."),h.route_path('login'))} |
|
330 | 330 | </div> |
|
331 | 331 | <div class="submit"> |
|
332 | 332 | ${h.submit('sign_in',_('Sign In'),class_="btn btn-small",tabindex=3)} |
|
333 | 333 | </div> |
|
334 | 334 | </div> |
|
335 | 335 | </div> |
|
336 | 336 | </div> |
|
337 | 337 | ${h.end_form()} |
|
338 | 338 | %else: |
|
339 | 339 | <div class=""> |
|
340 | 340 | <div class="big_gravatar">${gravatar(c.rhodecode_user.email, 48)}</div> |
|
341 | 341 | <div class="full_name">${c.rhodecode_user.full_name_or_username}</div> |
|
342 | 342 | <div class="email">${c.rhodecode_user.email}</div> |
|
343 | 343 | </div> |
|
344 | 344 | <div class=""> |
|
345 | 345 | <ol class="links"> |
|
346 | 346 | <li>${h.link_to(_(u'My account'),h.route_path('my_account_profile'))}</li> |
|
347 | 347 | % if c.rhodecode_user.personal_repo_group: |
|
348 | 348 | <li>${h.link_to(_(u'My personal group'), h.route_path('repo_group_home', repo_group_name=c.rhodecode_user.personal_repo_group.group_name))}</li> |
|
349 | 349 | % endif |
|
350 | 350 | <li class="logout"> |
|
351 | 351 | ${h.secure_form(h.route_path('logout'), request=request)} |
|
352 | 352 | ${h.submit('log_out', _(u'Sign Out'),class_="btn btn-primary")} |
|
353 | 353 | ${h.end_form()} |
|
354 | 354 | </li> |
|
355 | 355 | </ol> |
|
356 | 356 | </div> |
|
357 | 357 | %endif |
|
358 | 358 | </div> |
|
359 | 359 | </div> |
|
360 | 360 | %if c.rhodecode_user.username != h.DEFAULT_USER: |
|
361 | 361 | <div class="pill_container"> |
|
362 | 362 | <a class="menu_link_notifications ${'empty' if c.unread_notifications == 0 else ''}" href="${h.route_path('notifications_show_all')}">${c.unread_notifications}</a> |
|
363 | 363 | </div> |
|
364 | 364 | % endif |
|
365 | 365 | </li> |
|
366 | 366 | </%def> |
|
367 | 367 | |
|
368 | 368 | <%def name="menu_items(active=None)"> |
|
369 | 369 | <% |
|
370 | 370 | def is_active(selected): |
|
371 | 371 | if selected == active: |
|
372 | 372 | return "active" |
|
373 | 373 | return "" |
|
374 | 374 | %> |
|
375 | 375 | <ul id="quick" class="main_nav navigation horizontal-list"> |
|
376 | 376 | <!-- repo switcher --> |
|
377 | 377 | <li class="${is_active('repositories')} repo_switcher_li has_select2"> |
|
378 | 378 | <input id="repo_switcher" name="repo_switcher" type="hidden"> |
|
379 | 379 | </li> |
|
380 | 380 | |
|
381 | 381 | ## ROOT MENU |
|
382 | 382 | %if c.rhodecode_user.username != h.DEFAULT_USER: |
|
383 | 383 | <li class="${is_active('journal')}"> |
|
384 | 384 | <a class="menulink" title="${_('Show activity journal')}" href="${h.route_path('journal')}"> |
|
385 | 385 | <div class="menulabel">${_('Journal')}</div> |
|
386 | 386 | </a> |
|
387 | 387 | </li> |
|
388 | 388 | %else: |
|
389 | 389 | <li class="${is_active('journal')}"> |
|
390 | 390 | <a class="menulink" title="${_('Show Public activity journal')}" href="${h.route_path('journal_public')}"> |
|
391 | 391 | <div class="menulabel">${_('Public journal')}</div> |
|
392 | 392 | </a> |
|
393 | 393 | </li> |
|
394 | 394 | %endif |
|
395 | 395 | <li class="${is_active('gists')}"> |
|
396 | 396 | <a class="menulink childs" title="${_('Show Gists')}" href="${h.route_path('gists_show')}"> |
|
397 | 397 | <div class="menulabel">${_('Gists')}</div> |
|
398 | 398 | </a> |
|
399 | 399 | </li> |
|
400 | 400 | <li class="${is_active('search')}"> |
|
401 | 401 | <a class="menulink" title="${_('Search in repositories you have access to')}" href="${h.route_path('search')}"> |
|
402 | 402 | <div class="menulabel">${_('Search')}</div> |
|
403 | 403 | </a> |
|
404 | 404 | </li> |
|
405 | 405 | % if h.HasPermissionAll('hg.admin')('access admin main page'): |
|
406 | 406 | <li class="${is_active('admin')}"> |
|
407 | 407 | <a class="menulink childs" title="${_('Admin settings')}" href="#" onclick="return false;"> |
|
408 | 408 | <div class="menulabel">${_('Admin')} <div class="show_more"></div></div> |
|
409 | 409 | </a> |
|
410 | 410 | ${admin_menu()} |
|
411 | 411 | </li> |
|
412 | 412 | % elif c.rhodecode_user.repositories_admin or c.rhodecode_user.repository_groups_admin or c.rhodecode_user.user_groups_admin: |
|
413 | 413 | <li class="${is_active('admin')}"> |
|
414 | 414 | <a class="menulink childs" title="${_('Delegated Admin settings')}"> |
|
415 | 415 | <div class="menulabel">${_('Admin')} <div class="show_more"></div></div> |
|
416 | 416 | </a> |
|
417 | 417 | ${admin_menu_simple(c.rhodecode_user.repositories_admin, |
|
418 | 418 | c.rhodecode_user.repository_groups_admin, |
|
419 | 419 | c.rhodecode_user.user_groups_admin or h.HasPermissionAny('hg.usergroup.create.true')())} |
|
420 | 420 | </li> |
|
421 | 421 | % endif |
|
422 | 422 | % if c.debug_style: |
|
423 | 423 | <li class="${is_active('debug_style')}"> |
|
424 | 424 | <a class="menulink" title="${_('Style')}" href="${h.route_path('debug_style_home')}"> |
|
425 | 425 | <div class="menulabel">${_('Style')}</div> |
|
426 | 426 | </a> |
|
427 | 427 | </li> |
|
428 | 428 | % endif |
|
429 | 429 | ## render extra user menu |
|
430 | 430 | ${usermenu(active=(active=='my_account'))} |
|
431 | 431 | </ul> |
|
432 | 432 | |
|
433 | 433 | <script type="text/javascript"> |
|
434 | 434 | var visual_show_public_icon = "${c.visual.show_public_icon}" == "True"; |
|
435 | 435 | |
|
436 | 436 | /*format the look of items in the list*/ |
|
437 | 437 | var format = function(state, escapeMarkup){ |
|
438 | 438 | if (!state.id){ |
|
439 | 439 | return state.text; // optgroup |
|
440 | 440 | } |
|
441 | 441 | var obj_dict = state.obj; |
|
442 | 442 | var tmpl = ''; |
|
443 | 443 | |
|
444 | 444 | if(obj_dict && state.type == 'repo'){ |
|
445 | 445 | if(obj_dict['repo_type'] === 'hg'){ |
|
446 | 446 | tmpl += '<i class="icon-hg"></i> '; |
|
447 | 447 | } |
|
448 | 448 | else if(obj_dict['repo_type'] === 'git'){ |
|
449 | 449 | tmpl += '<i class="icon-git"></i> '; |
|
450 | 450 | } |
|
451 | 451 | else if(obj_dict['repo_type'] === 'svn'){ |
|
452 | 452 | tmpl += '<i class="icon-svn"></i> '; |
|
453 | 453 | } |
|
454 | 454 | if(obj_dict['private']){ |
|
455 | 455 | tmpl += '<i class="icon-lock" ></i> '; |
|
456 | 456 | } |
|
457 | 457 | else if(visual_show_public_icon){ |
|
458 | 458 | tmpl += '<i class="icon-unlock-alt"></i> '; |
|
459 | 459 | } |
|
460 | 460 | } |
|
461 | 461 | if(obj_dict && state.type == 'commit') { |
|
462 | 462 | tmpl += '<i class="icon-tag"></i>'; |
|
463 | 463 | } |
|
464 | 464 | if(obj_dict && state.type == 'group'){ |
|
465 | 465 | tmpl += '<i class="icon-folder-close"></i> '; |
|
466 | 466 | } |
|
467 | 467 | tmpl += escapeMarkup(state.text); |
|
468 | 468 | return tmpl; |
|
469 | 469 | }; |
|
470 | 470 | |
|
471 | 471 | var formatResult = function(result, container, query, escapeMarkup) { |
|
472 | 472 | return format(result, escapeMarkup); |
|
473 | 473 | }; |
|
474 | 474 | |
|
475 | 475 | var formatSelection = function(data, container, escapeMarkup) { |
|
476 | 476 | return format(data, escapeMarkup); |
|
477 | 477 | }; |
|
478 | 478 | |
|
479 | 479 | $("#repo_switcher").select2({ |
|
480 | 480 | cachedDataSource: {}, |
|
481 | 481 | minimumInputLength: 2, |
|
482 | 482 | placeholder: '<div class="menulabel">${_('Go to')} <div class="show_more"></div></div>', |
|
483 | 483 | dropdownAutoWidth: true, |
|
484 | 484 | formatResult: formatResult, |
|
485 | 485 | formatSelection: formatSelection, |
|
486 | 486 | containerCssClass: "repo-switcher", |
|
487 | 487 | dropdownCssClass: "repo-switcher-dropdown", |
|
488 | 488 | escapeMarkup: function(m){ |
|
489 | 489 | // don't escape our custom placeholder |
|
490 | 490 | if(m.substr(0,23) == '<div class="menulabel">'){ |
|
491 | 491 | return m; |
|
492 | 492 | } |
|
493 | 493 | |
|
494 | 494 | return Select2.util.escapeMarkup(m); |
|
495 | 495 | }, |
|
496 | 496 | query: $.debounce(250, function(query){ |
|
497 | 497 | self = this; |
|
498 | 498 | var cacheKey = query.term; |
|
499 | 499 | var cachedData = self.cachedDataSource[cacheKey]; |
|
500 | 500 | |
|
501 | 501 | if (cachedData) { |
|
502 | 502 | query.callback({results: cachedData.results}); |
|
503 | 503 | } else { |
|
504 | 504 | $.ajax({ |
|
505 | 505 | url: pyroutes.url('goto_switcher_data'), |
|
506 | 506 | data: {'query': query.term}, |
|
507 | 507 | dataType: 'json', |
|
508 | 508 | type: 'GET', |
|
509 | 509 | success: function(data) { |
|
510 | 510 | self.cachedDataSource[cacheKey] = data; |
|
511 | 511 | query.callback({results: data.results}); |
|
512 | 512 | }, |
|
513 | 513 | error: function(data, textStatus, errorThrown) { |
|
514 | 514 | alert("Error while fetching entries.\nError code {0} ({1}).".format(data.status, data.statusText)); |
|
515 | 515 | } |
|
516 | 516 | }) |
|
517 | 517 | } |
|
518 | 518 | }) |
|
519 | 519 | }); |
|
520 | 520 | |
|
521 | 521 | $("#repo_switcher").on('select2-selecting', function(e){ |
|
522 | 522 | e.preventDefault(); |
|
523 | 523 | window.location = e.choice.url; |
|
524 | 524 | }); |
|
525 | 525 | |
|
526 | 526 | </script> |
|
527 | 527 | <script src="${h.asset('js/rhodecode/base/keyboard-bindings.js', ver=c.rhodecode_version_hash)}"></script> |
|
528 | 528 | </%def> |
|
529 | 529 | |
|
530 | 530 | <div class="modal" id="help_kb" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> |
|
531 | 531 | <div class="modal-dialog"> |
|
532 | 532 | <div class="modal-content"> |
|
533 | 533 | <div class="modal-header"> |
|
534 | 534 | <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> |
|
535 | 535 | <h4 class="modal-title" id="myModalLabel">${_('Keyboard shortcuts')}</h4> |
|
536 | 536 | </div> |
|
537 | 537 | <div class="modal-body"> |
|
538 | 538 | <div class="block-left"> |
|
539 | 539 | <table class="keyboard-mappings"> |
|
540 | 540 | <tbody> |
|
541 | 541 | <tr> |
|
542 | 542 | <th></th> |
|
543 | 543 | <th>${_('Site-wide shortcuts')}</th> |
|
544 | 544 | </tr> |
|
545 | 545 | <% |
|
546 | 546 | elems = [ |
|
547 | 547 | ('/', 'Open quick search box'), |
|
548 | 548 | ('g h', 'Goto home page'), |
|
549 | 549 | ('g g', 'Goto my private gists page'), |
|
550 | 550 | ('g G', 'Goto my public gists page'), |
|
551 | 551 | ('n r', 'New repository page'), |
|
552 | 552 | ('n g', 'New gist page'), |
|
553 | 553 | ] |
|
554 | 554 | %> |
|
555 | 555 | %for key, desc in elems: |
|
556 | 556 | <tr> |
|
557 | 557 | <td class="keys"> |
|
558 | 558 | <span class="key tag">${key}</span> |
|
559 | 559 | </td> |
|
560 | 560 | <td>${desc}</td> |
|
561 | 561 | </tr> |
|
562 | 562 | %endfor |
|
563 | 563 | </tbody> |
|
564 | 564 | </table> |
|
565 | 565 | </div> |
|
566 | 566 | <div class="block-left"> |
|
567 | 567 | <table class="keyboard-mappings"> |
|
568 | 568 | <tbody> |
|
569 | 569 | <tr> |
|
570 | 570 | <th></th> |
|
571 | 571 | <th>${_('Repositories')}</th> |
|
572 | 572 | </tr> |
|
573 | 573 | <% |
|
574 | 574 | elems = [ |
|
575 | 575 | ('g s', 'Goto summary page'), |
|
576 | 576 | ('g c', 'Goto changelog page'), |
|
577 | 577 | ('g f', 'Goto files page'), |
|
578 | 578 | ('g F', 'Goto files page with file search activated'), |
|
579 | 579 | ('g p', 'Goto pull requests page'), |
|
580 | 580 | ('g o', 'Goto repository settings'), |
|
581 | 581 | ('g O', 'Goto repository permissions settings'), |
|
582 | 582 | ] |
|
583 | 583 | %> |
|
584 | 584 | %for key, desc in elems: |
|
585 | 585 | <tr> |
|
586 | 586 | <td class="keys"> |
|
587 | 587 | <span class="key tag">${key}</span> |
|
588 | 588 | </td> |
|
589 | 589 | <td>${desc}</td> |
|
590 | 590 | </tr> |
|
591 | 591 | %endfor |
|
592 | 592 | </tbody> |
|
593 | 593 | </table> |
|
594 | 594 | </div> |
|
595 | 595 | </div> |
|
596 | 596 | <div class="modal-footer"> |
|
597 | 597 | </div> |
|
598 | 598 | </div><!-- /.modal-content --> |
|
599 | 599 | </div><!-- /.modal-dialog --> |
|
600 | 600 | </div><!-- /.modal --> |
@@ -1,156 +1,156 b'' | |||
|
1 | 1 | ## snippet for displaying default permission box |
|
2 | 2 | ## usage: |
|
3 | 3 | ## <%namespace name="dpb" file="/base/default_perms_box.mako"/> |
|
4 | 4 | ## ${dpb.default_perms_box(<url_to_form>)} |
|
5 | 5 | ## ${dpb.default_perms_radios()} |
|
6 | 6 | |
|
7 | 7 | <%def name="default_perms_radios(global_permissions_template = False, suffix='', **kwargs)"> |
|
8 | 8 | <div class="main-content-full-width"> |
|
9 | 9 | <div class="panel panel-default"> |
|
10 | 10 | |
|
11 | 11 | ## displayed according to checkbox selection |
|
12 | 12 | <div class="panel-heading"> |
|
13 | 13 | %if not global_permissions_template: |
|
14 | 14 | <h3 class="inherit_overlay_default panel-title">${_('Inherited Permissions')}</h3> |
|
15 | 15 | <h3 class="inherit_overlay panel-title">${_('Custom Permissions')}</h3> |
|
16 | 16 | %else: |
|
17 | 17 | <h3 class="panel-title">${_('Default Global Permissions')}</h3> |
|
18 | 18 | %endif |
|
19 | 19 | </div> |
|
20 | 20 | |
|
21 | 21 | <div class="panel-body"> |
|
22 | 22 | %if global_permissions_template: |
|
23 | 23 | <p>${_('The following options configure the default permissions each user or group will inherit. You can override these permissions for each individual user or user group using individual permissions settings.')}</p> |
|
24 | 24 | %endif |
|
25 | 25 | <div class="field"> |
|
26 | 26 | <div class="label"> |
|
27 | 27 | <label for="default_repo_create${suffix}">${_('Repository Creation')}:</label> |
|
28 | 28 | </div> |
|
29 | 29 | <div class="radios"> |
|
30 | 30 | ${h.radio('default_repo_create' + suffix, c.repo_create_choices[1][0], label=c.repo_create_choices[1][1], **kwargs)} |
|
31 | 31 | ${h.radio('default_repo_create' + suffix, c.repo_create_choices[0][0], label=c.repo_create_choices[0][1], **kwargs)} |
|
32 | 32 | <span class="help-block">${_('Permission to create root level repositories. When disabled, users can still create repositories inside their own repository groups.')}</span> |
|
33 | 33 | </div> |
|
34 | 34 | </div> |
|
35 | 35 | <div class="field"> |
|
36 | 36 | <div class="label"> |
|
37 | 37 | <label for="default_repo_create_on_write${suffix}">${_('Repository Creation With Group Write Access')}:</label> |
|
38 | 38 | </div> |
|
39 | 39 | <div class="radios"> |
|
40 | 40 | ${h.radio('default_repo_create_on_write' + suffix, c.repo_create_on_write_choices[1][0], label=c.repo_create_on_write_choices[1][1], **kwargs)} |
|
41 | 41 | ${h.radio('default_repo_create_on_write' + suffix, c.repo_create_on_write_choices[0][0], label=c.repo_create_on_write_choices[0][1], **kwargs)} |
|
42 | 42 | <span class="help-block">${_('Write permission given on a repository group will allow creating repositories inside that group.')}</span> |
|
43 | 43 | </div> |
|
44 | 44 | </div> |
|
45 | 45 | <div class="field"> |
|
46 | 46 | <div class="label"> |
|
47 | 47 | <label for="default_fork_create${suffix}">${_('Repository Forking')}:</label> |
|
48 | 48 | </div> |
|
49 | 49 | <div class="radios"> |
|
50 | 50 | ${h.radio('default_fork_create' + suffix, c.fork_choices[1][0], label=c.fork_choices[1][1], **kwargs)} |
|
51 | 51 | ${h.radio('default_fork_create' + suffix, c.fork_choices[0][0], label=c.fork_choices[0][1], **kwargs)} |
|
52 | 52 | <span class="help-block">${_('Permission to create root level repository forks. When disabled, users can still fork repositories inside their own repository groups.')}</span> |
|
53 | 53 | </div> |
|
54 | 54 | </div> |
|
55 | 55 | <div class="field"> |
|
56 | 56 | <div class="label"> |
|
57 | 57 | <label for="default_repo_group_create${suffix}">${_('Repository Group Creation')}:</label> |
|
58 | 58 | </div> |
|
59 | 59 | <div class="radios"> |
|
60 | 60 | ${h.radio('default_repo_group_create' + suffix, c.repo_group_create_choices[1][0], label=c.repo_group_create_choices[1][1], **kwargs)} |
|
61 | 61 | ${h.radio('default_repo_group_create' + suffix, c.repo_group_create_choices[0][0], label=c.repo_group_create_choices[0][1], **kwargs)} |
|
62 | 62 | <span class="help-block">${_('Permission to create root level repository groups. When disabled, repository group admins can still create repository subgroups within their repository groups.')}</span> |
|
63 | 63 | </div> |
|
64 | 64 | </div> |
|
65 | 65 | <div class="field"> |
|
66 | 66 | <div class="label"> |
|
67 | 67 | <label for="default_user_group_create${suffix}">${_('User Group Creation')}:</label> |
|
68 | 68 | </div> |
|
69 | 69 | <div class="radios"> |
|
70 | 70 | ${h.radio('default_user_group_create' + suffix, c.user_group_create_choices[1][0], label=c.user_group_create_choices[1][1], **kwargs)} |
|
71 | 71 | ${h.radio('default_user_group_create' + suffix, c.user_group_create_choices[0][0], label=c.user_group_create_choices[0][1], **kwargs)} |
|
72 | 72 | <span class="help-block">${_('Permission to allow user group creation.')}</span> |
|
73 | 73 | </div> |
|
74 | 74 | </div> |
|
75 | 75 | |
|
76 | 76 | <div class="field"> |
|
77 | 77 | <div class="label"> |
|
78 | 78 | <label for="default_inherit_default_permissions${suffix}">${_('Inherit Permissions From The Default User')}:</label> |
|
79 | 79 | </div> |
|
80 | 80 | <div class="radios"> |
|
81 | 81 | ${h.radio('default_inherit_default_permissions' + suffix, c.inherit_default_permission_choices[1][0], label=c.inherit_default_permission_choices[1][1], **kwargs)} |
|
82 | 82 | ${h.radio('default_inherit_default_permissions' + suffix, c.inherit_default_permission_choices[0][0], label=c.inherit_default_permission_choices[0][1], **kwargs)} |
|
83 | 83 | <span class="help-block">${_('Inherit default permissions from the default user. Turn off this option to force explicit permissions for users, even if they are more restrictive than the default user permissions.')}</span> |
|
84 | 84 | </div> |
|
85 | 85 | </div> |
|
86 | 86 | |
|
87 | 87 | <div class="buttons"> |
|
88 | 88 | ${h.submit('save',_('Save'),class_="btn")} |
|
89 | 89 | ${h.reset('reset',_('Reset'),class_="btn")} |
|
90 | 90 | </div> |
|
91 | 91 | </div> |
|
92 | 92 | </div> |
|
93 | 93 | </div> |
|
94 | 94 | </%def> |
|
95 | 95 | |
|
96 | 96 | <%def name="default_perms_box(form_url)"> |
|
97 | 97 | ${h.secure_form(form_url, method='put')} |
|
98 | 98 | <div class="form"> |
|
99 | 99 | <div class="fields"> |
|
100 | 100 | <div class="field panel panel-default panel-body"> |
|
101 | 101 | <div class="label label-checkbox"> |
|
102 | 102 | <label for="inherit_default_permissions">${_('Inherit from default settings')}:</label> |
|
103 | 103 | </div> |
|
104 | 104 | <div class="checkboxes"> |
|
105 | 105 | ${h.checkbox('inherit_default_permissions',value=True)} |
|
106 | 106 | <span class="help-block"> |
|
107 | 107 | ${h.literal(_('Select to inherit permissions from %s permissions settings, ' |
|
108 | 108 | 'including default IP address whitelist and inheritance of \npermission by members of user groups.') |
|
109 |
% h.link_to('default user', h. |
|
|
109 | % h.link_to('default user', h.route_path('admin_permissions_global')))} | |
|
110 | 110 | </span> |
|
111 | 111 | </div> |
|
112 | 112 | </div> |
|
113 | 113 | |
|
114 | 114 | ## INHERITED permissions == the user permissions in admin |
|
115 | 115 | ## if inherit checkbox is set this is displayed in non-edit mode |
|
116 | 116 | <div class="inherit_overlay_default"> |
|
117 | 117 | ${default_perms_radios(global_permissions_template = False, suffix='_inherited', disabled="disabled")} |
|
118 | 118 | </div> |
|
119 | 119 | |
|
120 | 120 | ## CUSTOM permissions |
|
121 | 121 | <div class="inherit_overlay"> |
|
122 | 122 | ${default_perms_radios(global_permissions_template = False)} |
|
123 | 123 | </div> |
|
124 | 124 | </div> |
|
125 | 125 | </div> |
|
126 | 126 | ${h.end_form()} |
|
127 | 127 | |
|
128 | 128 | |
|
129 | 129 | ## JS |
|
130 | 130 | <script> |
|
131 | 131 | var show_custom_perms = function(inherit_default){ |
|
132 | 132 | if(inherit_default) { |
|
133 | 133 | $('.inherit_overlay_default').show(); |
|
134 | 134 | $('.inherit_overlay').hide(); |
|
135 | 135 | } |
|
136 | 136 | else { |
|
137 | 137 | $('.inherit_overlay').show(); |
|
138 | 138 | $('.inherit_overlay_default').hide(); |
|
139 | 139 | } |
|
140 | 140 | }; |
|
141 | 141 | $(document).ready(function(e){ |
|
142 | 142 | var inherit_checkbox = $('#inherit_default_permissions'); |
|
143 | 143 | var defaults = inherit_checkbox.prop('checked'); |
|
144 | 144 | show_custom_perms(defaults); |
|
145 | 145 | inherit_checkbox.on('change', function(){ |
|
146 | 146 | if($(this).prop('checked')){ |
|
147 | 147 | show_custom_perms(true); |
|
148 | 148 | } |
|
149 | 149 | else{ |
|
150 | 150 | show_custom_perms(false); |
|
151 | 151 | } |
|
152 | 152 | }) |
|
153 | 153 | }) |
|
154 | 154 | </script> |
|
155 | 155 | |
|
156 | 156 | </%def> |
@@ -1,207 +1,207 b'' | |||
|
1 | 1 | ## snippet for displaying permissions overview for users |
|
2 | 2 | ## usage: |
|
3 | 3 | ## <%namespace name="p" file="/base/perms_summary.mako"/> |
|
4 | 4 | ## ${p.perms_summary(c.perm_user.permissions)} |
|
5 | 5 | |
|
6 | 6 | <%def name="perms_summary(permissions, show_all=False, actions=True)"> |
|
7 | 7 | <div id="perms" class="table fields"> |
|
8 | 8 | %for section in sorted(permissions.keys()): |
|
9 | 9 | <div class="panel panel-default"> |
|
10 | 10 | <div class="panel-heading"> |
|
11 | 11 | <h3 class="panel-title">${section.replace("_"," ").capitalize()}</h3> |
|
12 | 12 | </div> |
|
13 | 13 | <div class="panel-body"> |
|
14 | 14 | <div class="perms_section_head field"> |
|
15 | 15 | <div class="radios"> |
|
16 | 16 | %if section != 'global': |
|
17 | 17 | <span class="permissions_boxes"> |
|
18 | 18 | <span class="desc">${_('show')}: </span> |
|
19 | 19 | ${h.checkbox('perms_filter_none_%s' % section, 'none', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_%s' % section}"><span class="perm_tag none">${_('none')}</span></label> |
|
20 | 20 | ${h.checkbox('perms_filter_read_%s' % section, 'read', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='read')} <label for="${'perms_filter_read_%s' % section}"><span class="perm_tag read">${_('read')}</span></label> |
|
21 | 21 | ${h.checkbox('perms_filter_write_%s' % section, 'write', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='write')} <label for="${'perms_filter_write_%s' % section}"> <span class="perm_tag write">${_('write')}</span></label> |
|
22 | 22 | ${h.checkbox('perms_filter_admin_%s' % section, 'admin', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='admin')} <label for="${'perms_filter_admin_%s' % section}"><span class="perm_tag admin">${_('admin')}</span></label> |
|
23 | 23 | </span> |
|
24 | 24 | %endif |
|
25 | 25 | </div> |
|
26 | 26 | </div> |
|
27 | 27 | <div class="field"> |
|
28 | 28 | %if not permissions[section]: |
|
29 | 29 | <p class="empty_data help-block">${_('No permissions defined')}</p> |
|
30 | 30 | %else: |
|
31 | 31 | <div id='tbl_list_wrap_${section}'> |
|
32 | 32 | <table id="tbl_list_${section}" class="rctable"> |
|
33 | 33 | ## global permission box |
|
34 | 34 | %if section == 'global': |
|
35 | 35 | <thead> |
|
36 | 36 | <tr> |
|
37 | 37 | <th colspan="2" class="left">${_('Permission')}</th> |
|
38 | 38 | %if actions: |
|
39 | 39 | <th>${_('Edit Permission')}</th> |
|
40 | 40 | %endif |
|
41 | 41 | </thead> |
|
42 | 42 | <tbody> |
|
43 | 43 | |
|
44 | 44 | <% |
|
45 | 45 | def get_section_perms(prefix, opts): |
|
46 | 46 | _selected = [] |
|
47 | 47 | for op in opts: |
|
48 | 48 | if op.startswith(prefix) and not op.startswith('hg.create.write_on_repogroup'): |
|
49 | 49 | _selected.append(op) |
|
50 | 50 | admin = 'hg.admin' in opts |
|
51 | 51 | _selected_vals = [x.partition(prefix)[-1] for x in _selected] |
|
52 | 52 | return admin, _selected_vals, _selected |
|
53 | 53 | %> |
|
54 | 54 | <%def name="glob(lbl, val, val_lbl=None, custom_url=None)"> |
|
55 | 55 | <tr> |
|
56 | 56 | <td class="td-tags"> |
|
57 | 57 | ${lbl} |
|
58 | 58 | </td> |
|
59 | 59 | <td class="td-tags"> |
|
60 | 60 | %if val[0]: |
|
61 | 61 | %if not val_lbl: |
|
62 | 62 | ${h.bool2icon(True)} |
|
63 | 63 | %else: |
|
64 | 64 | <span class="perm_tag admin">${val_lbl}.admin</span> |
|
65 | 65 | %endif |
|
66 | 66 | %else: |
|
67 | 67 | %if not val_lbl: |
|
68 | 68 | ${h.bool2icon({'false': False, |
|
69 | 69 | 'true': True, |
|
70 | 70 | 'none': False, |
|
71 | 71 | 'repository': True}.get(val[1][0] if 0 < len(val[1]) else 'false'))} |
|
72 | 72 | %else: |
|
73 | 73 | <span class="perm_tag ${val[1][0]}">${val_lbl}.${val[1][0]}</span> |
|
74 | 74 | %endif |
|
75 | 75 | %endif |
|
76 | 76 | </td> |
|
77 | 77 | %if actions: |
|
78 | 78 | <td class="td-action"> |
|
79 |
<a href="${custom_url or h. |
|
|
79 | <a href="${custom_url or h.route_path('admin_permissions_global')}">${_('edit')}</a> | |
|
80 | 80 | </td> |
|
81 | 81 | %endif |
|
82 | 82 | </tr> |
|
83 | 83 | </%def> |
|
84 | 84 | |
|
85 | 85 | ${glob(_('Super admin'), get_section_perms('hg.admin', permissions[section]))} |
|
86 | 86 | |
|
87 |
${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository', h. |
|
|
88 |
${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group', h. |
|
|
89 |
${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup', h. |
|
|
87 | ${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository', h.route_path('admin_permissions_object'))} | |
|
88 | ${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group', h.route_path('admin_permissions_object'))} | |
|
89 | ${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup', h.route_path('admin_permissions_object'))} | |
|
90 | 90 | |
|
91 |
${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]), custom_url=h. |
|
|
92 |
${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]), custom_url=h. |
|
|
93 |
${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]), custom_url=h. |
|
|
94 |
${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]), custom_url=h. |
|
|
91 | ${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]), custom_url=h.route_path('admin_permissions_global'))} | |
|
92 | ${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]), custom_url=h.route_path('admin_permissions_global'))} | |
|
93 | ${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]), custom_url=h.route_path('admin_permissions_global'))} | |
|
94 | ${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]), custom_url=h.route_path('admin_permissions_global'))} | |
|
95 | 95 | |
|
96 | 96 | |
|
97 | 97 | </tbody> |
|
98 | 98 | %else: |
|
99 | 99 | ## none/read/write/admin permissions on groups/repos etc |
|
100 | 100 | <thead> |
|
101 | 101 | <tr> |
|
102 | 102 | <th>${_('Name')}</th> |
|
103 | 103 | <th>${_('Permission')}</th> |
|
104 | 104 | %if actions: |
|
105 | 105 | <th>${_('Edit Permission')}</th> |
|
106 | 106 | %endif |
|
107 | 107 | </thead> |
|
108 | 108 | <tbody class="section_${section}"> |
|
109 | 109 | <% |
|
110 | 110 | def sorter(permissions): |
|
111 | 111 | def custom_sorter(item): |
|
112 | 112 | ## read/write/admin |
|
113 | 113 | section = item[1].split('.')[-1] |
|
114 | 114 | section_importance = {'none': u'0', |
|
115 | 115 | 'read': u'1', |
|
116 | 116 | 'write':u'2', |
|
117 | 117 | 'admin':u'3'}.get(section) |
|
118 | 118 | ## sort by group importance+name |
|
119 | 119 | return section_importance+item[0] |
|
120 | 120 | return sorted(permissions, key=custom_sorter) |
|
121 | 121 | %> |
|
122 | 122 | %for k, section_perm in sorter(permissions[section].items()): |
|
123 | 123 | %if section_perm.split('.')[-1] != 'none' or show_all: |
|
124 | 124 | <tr class="perm_row ${'%s_%s' % (section, section_perm.split('.')[-1])}"> |
|
125 | 125 | <td class="td-componentname"> |
|
126 | 126 | %if section == 'repositories': |
|
127 | 127 | <a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a> |
|
128 | 128 | %elif section == 'repositories_groups': |
|
129 | 129 | <a href="${h.route_path('repo_group_home', repo_group_name=k)}">${k}</a> |
|
130 | 130 | %elif section == 'user_groups': |
|
131 | 131 | ##<a href="${h.url('edit_users_group',user_group_id=k)}">${k}</a> |
|
132 | 132 | ${k} |
|
133 | 133 | %endif |
|
134 | 134 | </td> |
|
135 | 135 | <td class="td-tags"> |
|
136 | 136 | %if hasattr(permissions[section], 'perm_origin_stack'): |
|
137 | 137 | %for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])): |
|
138 | 138 | <span class="${i > 0 and 'perm_overriden' or ''} perm_tag ${perm.split('.')[-1]}"> |
|
139 | 139 | ${perm} (${origin}) |
|
140 | 140 | </span> |
|
141 | 141 | %endfor |
|
142 | 142 | %else: |
|
143 | 143 | <span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span> |
|
144 | 144 | %endif |
|
145 | 145 | </td> |
|
146 | 146 | %if actions: |
|
147 | 147 | <td class="td-action"> |
|
148 | 148 | %if section == 'repositories': |
|
149 | 149 | <a href="${h.route_path('edit_repo_perms',repo_name=k,anchor='permissions_manage')}">${_('edit')}</a> |
|
150 | 150 | %elif section == 'repositories_groups': |
|
151 | 151 | <a href="${h.url('edit_repo_group_perms',group_name=k,anchor='permissions_manage')}">${_('edit')}</a> |
|
152 | 152 | %elif section == 'user_groups': |
|
153 | 153 | ##<a href="${h.url('edit_users_group',user_group_id=k)}">${_('edit')}</a> |
|
154 | 154 | %endif |
|
155 | 155 | </td> |
|
156 | 156 | %endif |
|
157 | 157 | </tr> |
|
158 | 158 | %endif |
|
159 | 159 | %endfor |
|
160 | 160 | |
|
161 | 161 | <tr id="empty_${section}" class="noborder" style="display:none;"> |
|
162 | 162 | <td colspan="6">${_('No permission defined')}</td> |
|
163 | 163 | </tr> |
|
164 | 164 | |
|
165 | 165 | </tbody> |
|
166 | 166 | %endif |
|
167 | 167 | </table> |
|
168 | 168 | </div> |
|
169 | 169 | %endif |
|
170 | 170 | </div> |
|
171 | 171 | </div> |
|
172 | 172 | </div> |
|
173 | 173 | %endfor |
|
174 | 174 | </div> |
|
175 | 175 | |
|
176 | 176 | <script> |
|
177 | 177 | $(document).ready(function(){ |
|
178 | 178 | var show_empty = function(section){ |
|
179 | 179 | var visible = $('.section_{0} tr.perm_row:visible'.format(section)).length; |
|
180 | 180 | if(visible == 0){ |
|
181 | 181 | $('#empty_{0}'.format(section)).show(); |
|
182 | 182 | } |
|
183 | 183 | else{ |
|
184 | 184 | $('#empty_{0}'.format(section)).hide(); |
|
185 | 185 | } |
|
186 | 186 | }; |
|
187 | 187 | $('.perm_filter').on('change', function(e){ |
|
188 | 188 | var self = this; |
|
189 | 189 | var section = $(this).attr('section'); |
|
190 | 190 | |
|
191 | 191 | var opts = {}; |
|
192 | 192 | var elems = $('.filter_' + section).each(function(el){ |
|
193 | 193 | var perm_type = $(this).attr('perm_type'); |
|
194 | 194 | var checked = this.checked; |
|
195 | 195 | opts[perm_type] = checked; |
|
196 | 196 | if(checked){ |
|
197 | 197 | $('.'+section+'_'+perm_type).show(); |
|
198 | 198 | } |
|
199 | 199 | else{ |
|
200 | 200 | $('.'+section+'_'+perm_type).hide(); |
|
201 | 201 | } |
|
202 | 202 | }); |
|
203 | 203 | show_empty(section); |
|
204 | 204 | }) |
|
205 | 205 | }) |
|
206 | 206 | </script> |
|
207 | 207 | </%def> |
@@ -1,265 +1,265 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import os |
|
22 | 22 | import time |
|
23 | 23 | import logging |
|
24 | 24 | import datetime |
|
25 | 25 | import hashlib |
|
26 | 26 | import tempfile |
|
27 | 27 | from os.path import join as jn |
|
28 | 28 | |
|
29 | 29 | from tempfile import _RandomNameSequence |
|
30 | 30 | |
|
31 | 31 | from paste.deploy import loadapp |
|
32 | 32 | from paste.script.appinstall import SetupCommand |
|
33 | 33 | |
|
34 | 34 | import pylons |
|
35 | 35 | import pylons.test |
|
36 | 36 | from pylons import config, url |
|
37 | 37 | from pylons.i18n.translation import _get_translator |
|
38 | 38 | from pylons.util import ContextObj |
|
39 | 39 | |
|
40 | 40 | from routes.util import URLGenerator |
|
41 | 41 | from nose.plugins.skip import SkipTest |
|
42 | 42 | import pytest |
|
43 | 43 | |
|
44 | 44 | from rhodecode import is_windows |
|
45 | 45 | from rhodecode.config.routing import ADMIN_PREFIX |
|
46 | 46 | from rhodecode.model.meta import Session |
|
47 | 47 | from rhodecode.model.db import User |
|
48 | 48 | from rhodecode.lib import auth |
|
49 | from rhodecode.lib import helpers as h | |
|
49 | 50 | from rhodecode.lib.helpers import flash, link_to |
|
50 | 51 | from rhodecode.lib.utils2 import safe_unicode, safe_str |
|
51 | 52 | |
|
52 | 53 | |
|
53 | 54 | log = logging.getLogger(__name__) |
|
54 | 55 | |
|
55 | 56 | __all__ = [ |
|
56 | 57 | 'get_new_dir', 'TestController', 'SkipTest', |
|
57 | 58 | 'url', 'link_to', 'ldap_lib_installed', 'clear_all_caches', |
|
58 | 59 | 'assert_session_flash', 'login_user', 'no_newline_id_generator', |
|
59 | 60 | 'TESTS_TMP_PATH', 'HG_REPO', 'GIT_REPO', 'SVN_REPO', |
|
60 | 61 | 'NEW_HG_REPO', 'NEW_GIT_REPO', |
|
61 | 62 | 'HG_FORK', 'GIT_FORK', 'TEST_USER_ADMIN_LOGIN', 'TEST_USER_ADMIN_PASS', |
|
62 | 63 | 'TEST_USER_REGULAR_LOGIN', 'TEST_USER_REGULAR_PASS', |
|
63 | 64 | 'TEST_USER_REGULAR_EMAIL', 'TEST_USER_REGULAR2_LOGIN', |
|
64 | 65 | 'TEST_USER_REGULAR2_PASS', 'TEST_USER_REGULAR2_EMAIL', 'TEST_HG_REPO', |
|
65 | 66 | 'TEST_HG_REPO_CLONE', 'TEST_HG_REPO_PULL', 'TEST_GIT_REPO', |
|
66 | 67 | 'TEST_GIT_REPO_CLONE', 'TEST_GIT_REPO_PULL', 'SCM_TESTS', |
|
67 | 68 | ] |
|
68 | 69 | |
|
69 | 70 | # Invoke websetup with the current config file |
|
70 | 71 | # SetupCommand('setup-app').run([config_file]) |
|
71 | 72 | |
|
72 | 73 | # SOME GLOBALS FOR TESTS |
|
73 | 74 | TEST_DIR = tempfile.gettempdir() |
|
74 | 75 | |
|
75 | 76 | TESTS_TMP_PATH = jn(TEST_DIR, 'rc_test_%s' % _RandomNameSequence().next()) |
|
76 | 77 | TEST_USER_ADMIN_LOGIN = 'test_admin' |
|
77 | 78 | TEST_USER_ADMIN_PASS = 'test12' |
|
78 | 79 | TEST_USER_ADMIN_EMAIL = 'test_admin@mail.com' |
|
79 | 80 | |
|
80 | 81 | TEST_USER_REGULAR_LOGIN = 'test_regular' |
|
81 | 82 | TEST_USER_REGULAR_PASS = 'test12' |
|
82 | 83 | TEST_USER_REGULAR_EMAIL = 'test_regular@mail.com' |
|
83 | 84 | |
|
84 | 85 | TEST_USER_REGULAR2_LOGIN = 'test_regular2' |
|
85 | 86 | TEST_USER_REGULAR2_PASS = 'test12' |
|
86 | 87 | TEST_USER_REGULAR2_EMAIL = 'test_regular2@mail.com' |
|
87 | 88 | |
|
88 | 89 | HG_REPO = 'vcs_test_hg' |
|
89 | 90 | GIT_REPO = 'vcs_test_git' |
|
90 | 91 | SVN_REPO = 'vcs_test_svn' |
|
91 | 92 | |
|
92 | 93 | NEW_HG_REPO = 'vcs_test_hg_new' |
|
93 | 94 | NEW_GIT_REPO = 'vcs_test_git_new' |
|
94 | 95 | |
|
95 | 96 | HG_FORK = 'vcs_test_hg_fork' |
|
96 | 97 | GIT_FORK = 'vcs_test_git_fork' |
|
97 | 98 | |
|
98 | 99 | ## VCS |
|
99 | 100 | SCM_TESTS = ['hg', 'git'] |
|
100 | 101 | uniq_suffix = str(int(time.mktime(datetime.datetime.now().timetuple()))) |
|
101 | 102 | |
|
102 | 103 | TEST_GIT_REPO = jn(TESTS_TMP_PATH, GIT_REPO) |
|
103 | 104 | TEST_GIT_REPO_CLONE = jn(TESTS_TMP_PATH, 'vcsgitclone%s' % uniq_suffix) |
|
104 | 105 | TEST_GIT_REPO_PULL = jn(TESTS_TMP_PATH, 'vcsgitpull%s' % uniq_suffix) |
|
105 | 106 | |
|
106 | 107 | TEST_HG_REPO = jn(TESTS_TMP_PATH, HG_REPO) |
|
107 | 108 | TEST_HG_REPO_CLONE = jn(TESTS_TMP_PATH, 'vcshgclone%s' % uniq_suffix) |
|
108 | 109 | TEST_HG_REPO_PULL = jn(TESTS_TMP_PATH, 'vcshgpull%s' % uniq_suffix) |
|
109 | 110 | |
|
110 | 111 | TEST_REPO_PREFIX = 'vcs-test' |
|
111 | 112 | |
|
112 | 113 | |
|
113 | 114 | # skip ldap tests if LDAP lib is not installed |
|
114 | 115 | ldap_lib_installed = False |
|
115 | 116 | try: |
|
116 | 117 | import ldap |
|
117 | 118 | ldap_lib_installed = True |
|
118 | 119 | except ImportError: |
|
119 | 120 | # means that python-ldap is not installed |
|
120 | 121 | pass |
|
121 | 122 | |
|
122 | 123 | |
|
123 | 124 | def clear_all_caches(): |
|
124 | 125 | from beaker.cache import cache_managers |
|
125 | 126 | for _cache in cache_managers.values(): |
|
126 | 127 | _cache.clear() |
|
127 | 128 | |
|
128 | 129 | |
|
129 | 130 | def get_new_dir(title): |
|
130 | 131 | """ |
|
131 | 132 | Returns always new directory path. |
|
132 | 133 | """ |
|
133 | 134 | from rhodecode.tests.vcs.utils import get_normalized_path |
|
134 | 135 | name_parts = [TEST_REPO_PREFIX] |
|
135 | 136 | if title: |
|
136 | 137 | name_parts.append(title) |
|
137 | 138 | hex_str = hashlib.sha1('%s %s' % (os.getpid(), time.time())).hexdigest() |
|
138 | 139 | name_parts.append(hex_str) |
|
139 | 140 | name = '-'.join(name_parts) |
|
140 | 141 | path = os.path.join(TEST_DIR, name) |
|
141 | 142 | return get_normalized_path(path) |
|
142 | 143 | |
|
143 | 144 | |
|
144 | 145 | @pytest.mark.usefixtures('app', 'index_location') |
|
145 | 146 | class TestController(object): |
|
146 | 147 | |
|
147 | 148 | maxDiff = None |
|
148 | 149 | |
|
149 | 150 | def log_user(self, username=TEST_USER_ADMIN_LOGIN, |
|
150 | 151 | password=TEST_USER_ADMIN_PASS): |
|
151 | 152 | self._logged_username = username |
|
152 | 153 | self._session = login_user_session(self.app, username, password) |
|
153 | 154 | self.csrf_token = auth.get_csrf_token(self._session) |
|
154 | 155 | |
|
155 | 156 | return self._session['rhodecode_user'] |
|
156 | 157 | |
|
157 | 158 | def logout_user(self): |
|
158 | 159 | logout_user_session(self.app, auth.get_csrf_token(self._session)) |
|
159 | 160 | self.csrf_token = None |
|
160 | 161 | self._logged_username = None |
|
161 | 162 | self._session = None |
|
162 | 163 | |
|
163 | 164 | def _get_logged_user(self): |
|
164 | 165 | return User.get_by_username(self._logged_username) |
|
165 | 166 | |
|
166 | 167 | |
|
167 | 168 | def login_user_session( |
|
168 | 169 | app, username=TEST_USER_ADMIN_LOGIN, password=TEST_USER_ADMIN_PASS): |
|
169 | from rhodecode.tests.functional.test_login import login_url | |
|
170 | ||
|
170 | 171 | response = app.post( |
|
171 | login_url, | |
|
172 | h.route_path('login'), | |
|
172 | 173 | {'username': username, 'password': password}) |
|
173 | 174 | if 'invalid user name' in response.body: |
|
174 | 175 | pytest.fail('could not login using %s %s' % (username, password)) |
|
175 | 176 | |
|
176 | 177 | assert response.status == '302 Found' |
|
177 | 178 | response = response.follow() |
|
178 | 179 | assert response.status == '200 OK' |
|
179 | 180 | |
|
180 | 181 | session = response.get_session_from_response() |
|
181 | 182 | assert 'rhodecode_user' in session |
|
182 | 183 | rc_user = session['rhodecode_user'] |
|
183 | 184 | assert rc_user.get('username') == username |
|
184 | 185 | assert rc_user.get('is_authenticated') |
|
185 | 186 | |
|
186 | 187 | return session |
|
187 | 188 | |
|
188 | 189 | |
|
189 | 190 | def logout_user_session(app, csrf_token): |
|
190 | from rhodecode.tests.functional.test_login import logut_url | |
|
191 | app.post(logut_url, {'csrf_token': csrf_token}, status=302) | |
|
191 | app.post(h.route_path('logout'), {'csrf_token': csrf_token}, status=302) | |
|
192 | 192 | |
|
193 | 193 | |
|
194 | 194 | def login_user(app, username=TEST_USER_ADMIN_LOGIN, |
|
195 | 195 | password=TEST_USER_ADMIN_PASS): |
|
196 | 196 | return login_user_session(app, username, password)['rhodecode_user'] |
|
197 | 197 | |
|
198 | 198 | |
|
199 | 199 | def assert_session_flash(response=None, msg=None, category=None, no_=None): |
|
200 | 200 | """ |
|
201 | 201 | Assert on a flash message in the current session. |
|
202 | 202 | |
|
203 | 203 | :param msg: Required. The expected message. Will be evaluated if a |
|
204 | 204 | :class:`LazyString` is passed in. |
|
205 | 205 | :param response: Optional. For functional testing, pass in the response |
|
206 | 206 | object. Otherwise don't pass in any value. |
|
207 | 207 | :param category: Optional. If passed, the message category will be |
|
208 | 208 | checked as well. |
|
209 | 209 | :param no_: Optional. If passed, the message will be checked to NOT be in the |
|
210 | 210 | flash session |
|
211 | 211 | """ |
|
212 | 212 | if msg is None and no_ is None: |
|
213 | 213 | raise ValueError("Parameter msg or no_ is required.") |
|
214 | 214 | |
|
215 | 215 | if msg and no_: |
|
216 | 216 | raise ValueError("Please specify either msg or no_, but not both") |
|
217 | 217 | |
|
218 | 218 | messages = flash.pop_messages() |
|
219 | 219 | msg = _eval_if_lazy(msg) |
|
220 | 220 | |
|
221 | 221 | assert messages, 'unable to find message `%s` in empty flash list' % msg |
|
222 | 222 | message = messages[0] |
|
223 | 223 | |
|
224 | 224 | message_text = _eval_if_lazy(message.message) or '' |
|
225 | 225 | |
|
226 | 226 | if no_: |
|
227 | 227 | if no_ in message_text: |
|
228 | 228 | msg = u'msg `%s` found in session flash.' % (no_,) |
|
229 | 229 | pytest.fail(safe_str(msg)) |
|
230 | 230 | else: |
|
231 | 231 | if msg not in message_text: |
|
232 | 232 | fail_msg = u'msg `%s` not found in session ' \ |
|
233 | 233 | u'flash: got `%s` (type:%s) instead' % ( |
|
234 | 234 | msg, message_text, type(message_text)) |
|
235 | 235 | |
|
236 | 236 | pytest.fail(safe_str(fail_msg)) |
|
237 | 237 | if category: |
|
238 | 238 | assert category == message.category |
|
239 | 239 | |
|
240 | 240 | |
|
241 | 241 | def _eval_if_lazy(value): |
|
242 | 242 | return value.eval() if hasattr(value, 'eval') else value |
|
243 | 243 | |
|
244 | 244 | |
|
245 | 245 | def assert_session_flash_is_empty(response): |
|
246 | 246 | assert 'flash' in response.session, 'Response session has no flash key' |
|
247 | 247 | |
|
248 | 248 | msg = 'flash messages are present in session:%s' % \ |
|
249 | 249 | response.session['flash'][0] |
|
250 | 250 | pytest.fail(safe_str(msg)) |
|
251 | 251 | |
|
252 | 252 | |
|
253 | 253 | def no_newline_id_generator(test_name): |
|
254 | 254 | """ |
|
255 | 255 | Generates a test name without spaces or newlines characters. Used for |
|
256 | 256 | nicer output of progress of test |
|
257 | 257 | """ |
|
258 | 258 | org_name = test_name |
|
259 | 259 | test_name = test_name\ |
|
260 | 260 | .replace('\n', '_N') \ |
|
261 | 261 | .replace('\r', '_N') \ |
|
262 | 262 | .replace('\t', '_T') \ |
|
263 | 263 | .replace(' ', '_S') |
|
264 | 264 | |
|
265 | 265 | return test_name or 'test-with-empty-name' |
@@ -1,1107 +1,1106 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import mock |
|
22 | 22 | import pytest |
|
23 | 23 | from webob.exc import HTTPNotFound |
|
24 | 24 | |
|
25 | 25 | import rhodecode |
|
26 | 26 | from rhodecode.lib.vcs.nodes import FileNode |
|
27 | 27 | from rhodecode.lib import helpers as h |
|
28 | 28 | from rhodecode.model.changeset_status import ChangesetStatusModel |
|
29 | 29 | from rhodecode.model.db import ( |
|
30 | 30 | PullRequest, ChangesetStatus, UserLog, Notification, ChangesetComment) |
|
31 | 31 | from rhodecode.model.meta import Session |
|
32 | 32 | from rhodecode.model.pull_request import PullRequestModel |
|
33 | 33 | from rhodecode.model.user import UserModel |
|
34 | 34 | from rhodecode.tests import ( |
|
35 | 35 | assert_session_flash, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_LOGIN) |
|
36 | 36 | from rhodecode.tests.utils import AssertResponse |
|
37 | 37 | |
|
38 | 38 | |
|
39 | 39 | def route_path(name, params=None, **kwargs): |
|
40 | 40 | import urllib |
|
41 | 41 | |
|
42 | 42 | base_url = { |
|
43 | 43 | 'repo_changelog':'/{repo_name}/changelog', |
|
44 | 44 | 'repo_changelog_file':'/{repo_name}/changelog/{commit_id}/{f_path}', |
|
45 | 45 | }[name].format(**kwargs) |
|
46 | 46 | |
|
47 | 47 | if params: |
|
48 | 48 | base_url = '{}?{}'.format(base_url, urllib.urlencode(params)) |
|
49 | 49 | return base_url |
|
50 | 50 | |
|
51 | 51 | |
|
52 | 52 | @pytest.mark.usefixtures('app', 'autologin_user') |
|
53 | 53 | @pytest.mark.backends("git", "hg") |
|
54 | 54 | class TestPullrequestsController(object): |
|
55 | 55 | |
|
56 | 56 | def test_index(self, backend): |
|
57 | 57 | self.app.get(url( |
|
58 | 58 | controller='pullrequests', action='index', |
|
59 | 59 | repo_name=backend.repo_name)) |
|
60 | 60 | |
|
61 | 61 | def test_option_menu_create_pull_request_exists(self, backend): |
|
62 | 62 | repo_name = backend.repo_name |
|
63 | 63 | response = self.app.get(h.route_path('repo_summary', repo_name=repo_name)) |
|
64 | 64 | |
|
65 | 65 | create_pr_link = '<a href="%s">Create Pull Request</a>' % url( |
|
66 | 66 | 'pullrequest', repo_name=repo_name) |
|
67 | 67 | response.mustcontain(create_pr_link) |
|
68 | 68 | |
|
69 | 69 | def test_create_pr_form_with_raw_commit_id(self, backend): |
|
70 | 70 | repo = backend.repo |
|
71 | 71 | |
|
72 | 72 | self.app.get( |
|
73 | 73 | url(controller='pullrequests', action='index', |
|
74 | 74 | repo_name=repo.repo_name, |
|
75 | 75 | commit=repo.get_commit().raw_id), |
|
76 | 76 | status=200) |
|
77 | 77 | |
|
78 | 78 | @pytest.mark.parametrize('pr_merge_enabled', [True, False]) |
|
79 | 79 | def test_show(self, pr_util, pr_merge_enabled): |
|
80 | 80 | pull_request = pr_util.create_pull_request( |
|
81 | 81 | mergeable=pr_merge_enabled, enable_notifications=False) |
|
82 | 82 | |
|
83 | 83 | response = self.app.get(url( |
|
84 | 84 | controller='pullrequests', action='show', |
|
85 | 85 | repo_name=pull_request.target_repo.scm_instance().name, |
|
86 | 86 | pull_request_id=str(pull_request.pull_request_id))) |
|
87 | 87 | |
|
88 | 88 | for commit_id in pull_request.revisions: |
|
89 | 89 | response.mustcontain(commit_id) |
|
90 | 90 | |
|
91 | 91 | assert pull_request.target_ref_parts.type in response |
|
92 | 92 | assert pull_request.target_ref_parts.name in response |
|
93 | 93 | target_clone_url = pull_request.target_repo.clone_url() |
|
94 | 94 | assert target_clone_url in response |
|
95 | 95 | |
|
96 | 96 | assert 'class="pull-request-merge"' in response |
|
97 | 97 | assert ( |
|
98 | 98 | 'Server-side pull request merging is disabled.' |
|
99 | 99 | in response) != pr_merge_enabled |
|
100 | 100 | |
|
101 | 101 | def test_close_status_visibility(self, pr_util, user_util, csrf_token): |
|
102 | from rhodecode.tests.functional.test_login import login_url, logut_url | |
|
103 | 102 | # Logout |
|
104 | 103 | response = self.app.post( |
|
105 |
|
|
|
104 | h.route_path('logout'), | |
|
106 | 105 | params={'csrf_token': csrf_token}) |
|
107 | 106 | # Login as regular user |
|
108 |
response = self.app.post( |
|
|
107 | response = self.app.post(h.route_path('login'), | |
|
109 | 108 | {'username': TEST_USER_REGULAR_LOGIN, |
|
110 | 109 | 'password': 'test12'}) |
|
111 | 110 | |
|
112 | 111 | pull_request = pr_util.create_pull_request( |
|
113 | 112 | author=TEST_USER_REGULAR_LOGIN) |
|
114 | 113 | |
|
115 | 114 | response = self.app.get(url( |
|
116 | 115 | controller='pullrequests', action='show', |
|
117 | 116 | repo_name=pull_request.target_repo.scm_instance().name, |
|
118 | 117 | pull_request_id=str(pull_request.pull_request_id))) |
|
119 | 118 | |
|
120 | 119 | response.mustcontain('Server-side pull request merging is disabled.') |
|
121 | 120 | |
|
122 | 121 | assert_response = response.assert_response() |
|
123 | 122 | # for regular user without a merge permissions, we don't see it |
|
124 | 123 | assert_response.no_element_exists('#close-pull-request-action') |
|
125 | 124 | |
|
126 | 125 | user_util.grant_user_permission_to_repo( |
|
127 | 126 | pull_request.target_repo, |
|
128 | 127 | UserModel().get_by_username(TEST_USER_REGULAR_LOGIN), |
|
129 | 128 | 'repository.write') |
|
130 | 129 | response = self.app.get(url( |
|
131 | 130 | controller='pullrequests', action='show', |
|
132 | 131 | repo_name=pull_request.target_repo.scm_instance().name, |
|
133 | 132 | pull_request_id=str(pull_request.pull_request_id))) |
|
134 | 133 | |
|
135 | 134 | response.mustcontain('Server-side pull request merging is disabled.') |
|
136 | 135 | |
|
137 | 136 | assert_response = response.assert_response() |
|
138 | 137 | # now regular user has a merge permissions, we have CLOSE button |
|
139 | 138 | assert_response.one_element_exists('#close-pull-request-action') |
|
140 | 139 | |
|
141 | 140 | def test_show_invalid_commit_id(self, pr_util): |
|
142 | 141 | # Simulating invalid revisions which will cause a lookup error |
|
143 | 142 | pull_request = pr_util.create_pull_request() |
|
144 | 143 | pull_request.revisions = ['invalid'] |
|
145 | 144 | Session().add(pull_request) |
|
146 | 145 | Session().commit() |
|
147 | 146 | |
|
148 | 147 | response = self.app.get(url( |
|
149 | 148 | controller='pullrequests', action='show', |
|
150 | 149 | repo_name=pull_request.target_repo.scm_instance().name, |
|
151 | 150 | pull_request_id=str(pull_request.pull_request_id))) |
|
152 | 151 | |
|
153 | 152 | for commit_id in pull_request.revisions: |
|
154 | 153 | response.mustcontain(commit_id) |
|
155 | 154 | |
|
156 | 155 | def test_show_invalid_source_reference(self, pr_util): |
|
157 | 156 | pull_request = pr_util.create_pull_request() |
|
158 | 157 | pull_request.source_ref = 'branch:b:invalid' |
|
159 | 158 | Session().add(pull_request) |
|
160 | 159 | Session().commit() |
|
161 | 160 | |
|
162 | 161 | self.app.get(url( |
|
163 | 162 | controller='pullrequests', action='show', |
|
164 | 163 | repo_name=pull_request.target_repo.scm_instance().name, |
|
165 | 164 | pull_request_id=str(pull_request.pull_request_id))) |
|
166 | 165 | |
|
167 | 166 | def test_edit_title_description(self, pr_util, csrf_token): |
|
168 | 167 | pull_request = pr_util.create_pull_request() |
|
169 | 168 | pull_request_id = pull_request.pull_request_id |
|
170 | 169 | |
|
171 | 170 | response = self.app.post( |
|
172 | 171 | url(controller='pullrequests', action='update', |
|
173 | 172 | repo_name=pull_request.target_repo.repo_name, |
|
174 | 173 | pull_request_id=str(pull_request_id)), |
|
175 | 174 | params={ |
|
176 | 175 | 'edit_pull_request': 'true', |
|
177 | 176 | '_method': 'put', |
|
178 | 177 | 'title': 'New title', |
|
179 | 178 | 'description': 'New description', |
|
180 | 179 | 'csrf_token': csrf_token}) |
|
181 | 180 | |
|
182 | 181 | assert_session_flash( |
|
183 | 182 | response, u'Pull request title & description updated.', |
|
184 | 183 | category='success') |
|
185 | 184 | |
|
186 | 185 | pull_request = PullRequest.get(pull_request_id) |
|
187 | 186 | assert pull_request.title == 'New title' |
|
188 | 187 | assert pull_request.description == 'New description' |
|
189 | 188 | |
|
190 | 189 | def test_edit_title_description_closed(self, pr_util, csrf_token): |
|
191 | 190 | pull_request = pr_util.create_pull_request() |
|
192 | 191 | pull_request_id = pull_request.pull_request_id |
|
193 | 192 | pr_util.close() |
|
194 | 193 | |
|
195 | 194 | response = self.app.post( |
|
196 | 195 | url(controller='pullrequests', action='update', |
|
197 | 196 | repo_name=pull_request.target_repo.repo_name, |
|
198 | 197 | pull_request_id=str(pull_request_id)), |
|
199 | 198 | params={ |
|
200 | 199 | 'edit_pull_request': 'true', |
|
201 | 200 | '_method': 'put', |
|
202 | 201 | 'title': 'New title', |
|
203 | 202 | 'description': 'New description', |
|
204 | 203 | 'csrf_token': csrf_token}) |
|
205 | 204 | |
|
206 | 205 | assert_session_flash( |
|
207 | 206 | response, u'Cannot update closed pull requests.', |
|
208 | 207 | category='error') |
|
209 | 208 | |
|
210 | 209 | def test_update_invalid_source_reference(self, pr_util, csrf_token): |
|
211 | 210 | from rhodecode.lib.vcs.backends.base import UpdateFailureReason |
|
212 | 211 | |
|
213 | 212 | pull_request = pr_util.create_pull_request() |
|
214 | 213 | pull_request.source_ref = 'branch:invalid-branch:invalid-commit-id' |
|
215 | 214 | Session().add(pull_request) |
|
216 | 215 | Session().commit() |
|
217 | 216 | |
|
218 | 217 | pull_request_id = pull_request.pull_request_id |
|
219 | 218 | |
|
220 | 219 | response = self.app.post( |
|
221 | 220 | url(controller='pullrequests', action='update', |
|
222 | 221 | repo_name=pull_request.target_repo.repo_name, |
|
223 | 222 | pull_request_id=str(pull_request_id)), |
|
224 | 223 | params={'update_commits': 'true', '_method': 'put', |
|
225 | 224 | 'csrf_token': csrf_token}) |
|
226 | 225 | |
|
227 | 226 | expected_msg = PullRequestModel.UPDATE_STATUS_MESSAGES[ |
|
228 | 227 | UpdateFailureReason.MISSING_SOURCE_REF] |
|
229 | 228 | assert_session_flash(response, expected_msg, category='error') |
|
230 | 229 | |
|
231 | 230 | def test_missing_target_reference(self, pr_util, csrf_token): |
|
232 | 231 | from rhodecode.lib.vcs.backends.base import MergeFailureReason |
|
233 | 232 | pull_request = pr_util.create_pull_request( |
|
234 | 233 | approved=True, mergeable=True) |
|
235 | 234 | pull_request.target_ref = 'branch:invalid-branch:invalid-commit-id' |
|
236 | 235 | Session().add(pull_request) |
|
237 | 236 | Session().commit() |
|
238 | 237 | |
|
239 | 238 | pull_request_id = pull_request.pull_request_id |
|
240 | 239 | pull_request_url = url( |
|
241 | 240 | controller='pullrequests', action='show', |
|
242 | 241 | repo_name=pull_request.target_repo.repo_name, |
|
243 | 242 | pull_request_id=str(pull_request_id)) |
|
244 | 243 | |
|
245 | 244 | response = self.app.get(pull_request_url) |
|
246 | 245 | |
|
247 | 246 | assertr = AssertResponse(response) |
|
248 | 247 | expected_msg = PullRequestModel.MERGE_STATUS_MESSAGES[ |
|
249 | 248 | MergeFailureReason.MISSING_TARGET_REF] |
|
250 | 249 | assertr.element_contains( |
|
251 | 250 | 'span[data-role="merge-message"]', str(expected_msg)) |
|
252 | 251 | |
|
253 | 252 | def test_comment_and_close_pull_request_custom_message_approved( |
|
254 | 253 | self, pr_util, csrf_token, xhr_header): |
|
255 | 254 | |
|
256 | 255 | pull_request = pr_util.create_pull_request(approved=True) |
|
257 | 256 | pull_request_id = pull_request.pull_request_id |
|
258 | 257 | author = pull_request.user_id |
|
259 | 258 | repo = pull_request.target_repo.repo_id |
|
260 | 259 | |
|
261 | 260 | self.app.post( |
|
262 | 261 | url(controller='pullrequests', |
|
263 | 262 | action='comment', |
|
264 | 263 | repo_name=pull_request.target_repo.scm_instance().name, |
|
265 | 264 | pull_request_id=str(pull_request_id)), |
|
266 | 265 | params={ |
|
267 | 266 | 'close_pull_request': '1', |
|
268 | 267 | 'text': 'Closing a PR', |
|
269 | 268 | 'csrf_token': csrf_token}, |
|
270 | 269 | extra_environ=xhr_header,) |
|
271 | 270 | |
|
272 | 271 | journal = UserLog.query()\ |
|
273 | 272 | .filter(UserLog.user_id == author)\ |
|
274 | 273 | .filter(UserLog.repository_id == repo) \ |
|
275 | 274 | .order_by('user_log_id') \ |
|
276 | 275 | .all() |
|
277 | 276 | assert journal[-1].action == 'repo.pull_request.close' |
|
278 | 277 | |
|
279 | 278 | pull_request = PullRequest.get(pull_request_id) |
|
280 | 279 | assert pull_request.is_closed() |
|
281 | 280 | |
|
282 | 281 | status = ChangesetStatusModel().get_status( |
|
283 | 282 | pull_request.source_repo, pull_request=pull_request) |
|
284 | 283 | assert status == ChangesetStatus.STATUS_APPROVED |
|
285 | 284 | comments = ChangesetComment().query() \ |
|
286 | 285 | .filter(ChangesetComment.pull_request == pull_request) \ |
|
287 | 286 | .order_by(ChangesetComment.comment_id.asc())\ |
|
288 | 287 | .all() |
|
289 | 288 | assert comments[-1].text == 'Closing a PR' |
|
290 | 289 | |
|
291 | 290 | def test_comment_force_close_pull_request_rejected( |
|
292 | 291 | self, pr_util, csrf_token, xhr_header): |
|
293 | 292 | pull_request = pr_util.create_pull_request() |
|
294 | 293 | pull_request_id = pull_request.pull_request_id |
|
295 | 294 | PullRequestModel().update_reviewers( |
|
296 | 295 | pull_request_id, [(1, ['reason'], False), (2, ['reason2'], False)], |
|
297 | 296 | pull_request.author) |
|
298 | 297 | author = pull_request.user_id |
|
299 | 298 | repo = pull_request.target_repo.repo_id |
|
300 | 299 | |
|
301 | 300 | self.app.post( |
|
302 | 301 | url(controller='pullrequests', |
|
303 | 302 | action='comment', |
|
304 | 303 | repo_name=pull_request.target_repo.scm_instance().name, |
|
305 | 304 | pull_request_id=str(pull_request_id)), |
|
306 | 305 | params={ |
|
307 | 306 | 'close_pull_request': '1', |
|
308 | 307 | 'csrf_token': csrf_token}, |
|
309 | 308 | extra_environ=xhr_header) |
|
310 | 309 | |
|
311 | 310 | pull_request = PullRequest.get(pull_request_id) |
|
312 | 311 | |
|
313 | 312 | journal = UserLog.query()\ |
|
314 | 313 | .filter(UserLog.user_id == author, UserLog.repository_id == repo) \ |
|
315 | 314 | .order_by('user_log_id') \ |
|
316 | 315 | .all() |
|
317 | 316 | assert journal[-1].action == 'repo.pull_request.close' |
|
318 | 317 | |
|
319 | 318 | # check only the latest status, not the review status |
|
320 | 319 | status = ChangesetStatusModel().get_status( |
|
321 | 320 | pull_request.source_repo, pull_request=pull_request) |
|
322 | 321 | assert status == ChangesetStatus.STATUS_REJECTED |
|
323 | 322 | |
|
324 | 323 | def test_comment_and_close_pull_request( |
|
325 | 324 | self, pr_util, csrf_token, xhr_header): |
|
326 | 325 | pull_request = pr_util.create_pull_request() |
|
327 | 326 | pull_request_id = pull_request.pull_request_id |
|
328 | 327 | |
|
329 | 328 | response = self.app.post( |
|
330 | 329 | url(controller='pullrequests', |
|
331 | 330 | action='comment', |
|
332 | 331 | repo_name=pull_request.target_repo.scm_instance().name, |
|
333 | 332 | pull_request_id=str(pull_request.pull_request_id)), |
|
334 | 333 | params={ |
|
335 | 334 | 'close_pull_request': 'true', |
|
336 | 335 | 'csrf_token': csrf_token}, |
|
337 | 336 | extra_environ=xhr_header) |
|
338 | 337 | |
|
339 | 338 | assert response.json |
|
340 | 339 | |
|
341 | 340 | pull_request = PullRequest.get(pull_request_id) |
|
342 | 341 | assert pull_request.is_closed() |
|
343 | 342 | |
|
344 | 343 | # check only the latest status, not the review status |
|
345 | 344 | status = ChangesetStatusModel().get_status( |
|
346 | 345 | pull_request.source_repo, pull_request=pull_request) |
|
347 | 346 | assert status == ChangesetStatus.STATUS_REJECTED |
|
348 | 347 | |
|
349 | 348 | def test_create_pull_request(self, backend, csrf_token): |
|
350 | 349 | commits = [ |
|
351 | 350 | {'message': 'ancestor'}, |
|
352 | 351 | {'message': 'change'}, |
|
353 | 352 | {'message': 'change2'}, |
|
354 | 353 | ] |
|
355 | 354 | commit_ids = backend.create_master_repo(commits) |
|
356 | 355 | target = backend.create_repo(heads=['ancestor']) |
|
357 | 356 | source = backend.create_repo(heads=['change2']) |
|
358 | 357 | |
|
359 | 358 | response = self.app.post( |
|
360 | 359 | url( |
|
361 | 360 | controller='pullrequests', |
|
362 | 361 | action='create', |
|
363 | 362 | repo_name=source.repo_name |
|
364 | 363 | ), |
|
365 | 364 | [ |
|
366 | 365 | ('source_repo', source.repo_name), |
|
367 | 366 | ('source_ref', 'branch:default:' + commit_ids['change2']), |
|
368 | 367 | ('target_repo', target.repo_name), |
|
369 | 368 | ('target_ref', 'branch:default:' + commit_ids['ancestor']), |
|
370 | 369 | ('common_ancestor', commit_ids['ancestor']), |
|
371 | 370 | ('pullrequest_desc', 'Description'), |
|
372 | 371 | ('pullrequest_title', 'Title'), |
|
373 | 372 | ('__start__', 'review_members:sequence'), |
|
374 | 373 | ('__start__', 'reviewer:mapping'), |
|
375 | 374 | ('user_id', '1'), |
|
376 | 375 | ('__start__', 'reasons:sequence'), |
|
377 | 376 | ('reason', 'Some reason'), |
|
378 | 377 | ('__end__', 'reasons:sequence'), |
|
379 | 378 | ('mandatory', 'False'), |
|
380 | 379 | ('__end__', 'reviewer:mapping'), |
|
381 | 380 | ('__end__', 'review_members:sequence'), |
|
382 | 381 | ('__start__', 'revisions:sequence'), |
|
383 | 382 | ('revisions', commit_ids['change']), |
|
384 | 383 | ('revisions', commit_ids['change2']), |
|
385 | 384 | ('__end__', 'revisions:sequence'), |
|
386 | 385 | ('user', ''), |
|
387 | 386 | ('csrf_token', csrf_token), |
|
388 | 387 | ], |
|
389 | 388 | status=302) |
|
390 | 389 | |
|
391 | 390 | location = response.headers['Location'] |
|
392 | 391 | pull_request_id = location.rsplit('/', 1)[1] |
|
393 | 392 | assert pull_request_id != 'new' |
|
394 | 393 | pull_request = PullRequest.get(int(pull_request_id)) |
|
395 | 394 | |
|
396 | 395 | # check that we have now both revisions |
|
397 | 396 | assert pull_request.revisions == [commit_ids['change2'], commit_ids['change']] |
|
398 | 397 | assert pull_request.source_ref == 'branch:default:' + commit_ids['change2'] |
|
399 | 398 | expected_target_ref = 'branch:default:' + commit_ids['ancestor'] |
|
400 | 399 | assert pull_request.target_ref == expected_target_ref |
|
401 | 400 | |
|
402 | 401 | def test_reviewer_notifications(self, backend, csrf_token): |
|
403 | 402 | # We have to use the app.post for this test so it will create the |
|
404 | 403 | # notifications properly with the new PR |
|
405 | 404 | commits = [ |
|
406 | 405 | {'message': 'ancestor', |
|
407 | 406 | 'added': [FileNode('file_A', content='content_of_ancestor')]}, |
|
408 | 407 | {'message': 'change', |
|
409 | 408 | 'added': [FileNode('file_a', content='content_of_change')]}, |
|
410 | 409 | {'message': 'change-child'}, |
|
411 | 410 | {'message': 'ancestor-child', 'parents': ['ancestor'], |
|
412 | 411 | 'added': [ |
|
413 | 412 | FileNode('file_B', content='content_of_ancestor_child')]}, |
|
414 | 413 | {'message': 'ancestor-child-2'}, |
|
415 | 414 | ] |
|
416 | 415 | commit_ids = backend.create_master_repo(commits) |
|
417 | 416 | target = backend.create_repo(heads=['ancestor-child']) |
|
418 | 417 | source = backend.create_repo(heads=['change']) |
|
419 | 418 | |
|
420 | 419 | response = self.app.post( |
|
421 | 420 | url( |
|
422 | 421 | controller='pullrequests', |
|
423 | 422 | action='create', |
|
424 | 423 | repo_name=source.repo_name |
|
425 | 424 | ), |
|
426 | 425 | [ |
|
427 | 426 | ('source_repo', source.repo_name), |
|
428 | 427 | ('source_ref', 'branch:default:' + commit_ids['change']), |
|
429 | 428 | ('target_repo', target.repo_name), |
|
430 | 429 | ('target_ref', 'branch:default:' + commit_ids['ancestor-child']), |
|
431 | 430 | ('common_ancestor', commit_ids['ancestor']), |
|
432 | 431 | ('pullrequest_desc', 'Description'), |
|
433 | 432 | ('pullrequest_title', 'Title'), |
|
434 | 433 | ('__start__', 'review_members:sequence'), |
|
435 | 434 | ('__start__', 'reviewer:mapping'), |
|
436 | 435 | ('user_id', '2'), |
|
437 | 436 | ('__start__', 'reasons:sequence'), |
|
438 | 437 | ('reason', 'Some reason'), |
|
439 | 438 | ('__end__', 'reasons:sequence'), |
|
440 | 439 | ('mandatory', 'False'), |
|
441 | 440 | ('__end__', 'reviewer:mapping'), |
|
442 | 441 | ('__end__', 'review_members:sequence'), |
|
443 | 442 | ('__start__', 'revisions:sequence'), |
|
444 | 443 | ('revisions', commit_ids['change']), |
|
445 | 444 | ('__end__', 'revisions:sequence'), |
|
446 | 445 | ('user', ''), |
|
447 | 446 | ('csrf_token', csrf_token), |
|
448 | 447 | ], |
|
449 | 448 | status=302) |
|
450 | 449 | |
|
451 | 450 | location = response.headers['Location'] |
|
452 | 451 | |
|
453 | 452 | pull_request_id = location.rsplit('/', 1)[1] |
|
454 | 453 | assert pull_request_id != 'new' |
|
455 | 454 | pull_request = PullRequest.get(int(pull_request_id)) |
|
456 | 455 | |
|
457 | 456 | # Check that a notification was made |
|
458 | 457 | notifications = Notification.query()\ |
|
459 | 458 | .filter(Notification.created_by == pull_request.author.user_id, |
|
460 | 459 | Notification.type_ == Notification.TYPE_PULL_REQUEST, |
|
461 | 460 | Notification.subject.contains( |
|
462 | 461 | "wants you to review pull request #%s" % pull_request_id)) |
|
463 | 462 | assert len(notifications.all()) == 1 |
|
464 | 463 | |
|
465 | 464 | # Change reviewers and check that a notification was made |
|
466 | 465 | PullRequestModel().update_reviewers( |
|
467 | 466 | pull_request.pull_request_id, [(1, [], False)], |
|
468 | 467 | pull_request.author) |
|
469 | 468 | assert len(notifications.all()) == 2 |
|
470 | 469 | |
|
471 | 470 | def test_create_pull_request_stores_ancestor_commit_id(self, backend, |
|
472 | 471 | csrf_token): |
|
473 | 472 | commits = [ |
|
474 | 473 | {'message': 'ancestor', |
|
475 | 474 | 'added': [FileNode('file_A', content='content_of_ancestor')]}, |
|
476 | 475 | {'message': 'change', |
|
477 | 476 | 'added': [FileNode('file_a', content='content_of_change')]}, |
|
478 | 477 | {'message': 'change-child'}, |
|
479 | 478 | {'message': 'ancestor-child', 'parents': ['ancestor'], |
|
480 | 479 | 'added': [ |
|
481 | 480 | FileNode('file_B', content='content_of_ancestor_child')]}, |
|
482 | 481 | {'message': 'ancestor-child-2'}, |
|
483 | 482 | ] |
|
484 | 483 | commit_ids = backend.create_master_repo(commits) |
|
485 | 484 | target = backend.create_repo(heads=['ancestor-child']) |
|
486 | 485 | source = backend.create_repo(heads=['change']) |
|
487 | 486 | |
|
488 | 487 | response = self.app.post( |
|
489 | 488 | url( |
|
490 | 489 | controller='pullrequests', |
|
491 | 490 | action='create', |
|
492 | 491 | repo_name=source.repo_name |
|
493 | 492 | ), |
|
494 | 493 | [ |
|
495 | 494 | ('source_repo', source.repo_name), |
|
496 | 495 | ('source_ref', 'branch:default:' + commit_ids['change']), |
|
497 | 496 | ('target_repo', target.repo_name), |
|
498 | 497 | ('target_ref', 'branch:default:' + commit_ids['ancestor-child']), |
|
499 | 498 | ('common_ancestor', commit_ids['ancestor']), |
|
500 | 499 | ('pullrequest_desc', 'Description'), |
|
501 | 500 | ('pullrequest_title', 'Title'), |
|
502 | 501 | ('__start__', 'review_members:sequence'), |
|
503 | 502 | ('__start__', 'reviewer:mapping'), |
|
504 | 503 | ('user_id', '1'), |
|
505 | 504 | ('__start__', 'reasons:sequence'), |
|
506 | 505 | ('reason', 'Some reason'), |
|
507 | 506 | ('__end__', 'reasons:sequence'), |
|
508 | 507 | ('mandatory', 'False'), |
|
509 | 508 | ('__end__', 'reviewer:mapping'), |
|
510 | 509 | ('__end__', 'review_members:sequence'), |
|
511 | 510 | ('__start__', 'revisions:sequence'), |
|
512 | 511 | ('revisions', commit_ids['change']), |
|
513 | 512 | ('__end__', 'revisions:sequence'), |
|
514 | 513 | ('user', ''), |
|
515 | 514 | ('csrf_token', csrf_token), |
|
516 | 515 | ], |
|
517 | 516 | status=302) |
|
518 | 517 | |
|
519 | 518 | location = response.headers['Location'] |
|
520 | 519 | |
|
521 | 520 | pull_request_id = location.rsplit('/', 1)[1] |
|
522 | 521 | assert pull_request_id != 'new' |
|
523 | 522 | pull_request = PullRequest.get(int(pull_request_id)) |
|
524 | 523 | |
|
525 | 524 | # target_ref has to point to the ancestor's commit_id in order to |
|
526 | 525 | # show the correct diff |
|
527 | 526 | expected_target_ref = 'branch:default:' + commit_ids['ancestor'] |
|
528 | 527 | assert pull_request.target_ref == expected_target_ref |
|
529 | 528 | |
|
530 | 529 | # Check generated diff contents |
|
531 | 530 | response = response.follow() |
|
532 | 531 | assert 'content_of_ancestor' not in response.body |
|
533 | 532 | assert 'content_of_ancestor-child' not in response.body |
|
534 | 533 | assert 'content_of_change' in response.body |
|
535 | 534 | |
|
536 | 535 | def test_merge_pull_request_enabled(self, pr_util, csrf_token): |
|
537 | 536 | # Clear any previous calls to rcextensions |
|
538 | 537 | rhodecode.EXTENSIONS.calls.clear() |
|
539 | 538 | |
|
540 | 539 | pull_request = pr_util.create_pull_request( |
|
541 | 540 | approved=True, mergeable=True) |
|
542 | 541 | pull_request_id = pull_request.pull_request_id |
|
543 | 542 | repo_name = pull_request.target_repo.scm_instance().name, |
|
544 | 543 | |
|
545 | 544 | response = self.app.post( |
|
546 | 545 | url(controller='pullrequests', |
|
547 | 546 | action='merge', |
|
548 | 547 | repo_name=str(repo_name[0]), |
|
549 | 548 | pull_request_id=str(pull_request_id)), |
|
550 | 549 | params={'csrf_token': csrf_token}).follow() |
|
551 | 550 | |
|
552 | 551 | pull_request = PullRequest.get(pull_request_id) |
|
553 | 552 | |
|
554 | 553 | assert response.status_int == 200 |
|
555 | 554 | assert pull_request.is_closed() |
|
556 | 555 | assert_pull_request_status( |
|
557 | 556 | pull_request, ChangesetStatus.STATUS_APPROVED) |
|
558 | 557 | |
|
559 | 558 | # Check the relevant log entries were added |
|
560 | 559 | user_logs = UserLog.query().order_by('-user_log_id').limit(3) |
|
561 | 560 | actions = [log.action for log in user_logs] |
|
562 | 561 | pr_commit_ids = PullRequestModel()._get_commit_ids(pull_request) |
|
563 | 562 | expected_actions = [ |
|
564 | 563 | u'repo.pull_request.close', |
|
565 | 564 | u'repo.pull_request.merge', |
|
566 | 565 | u'repo.pull_request.comment.create' |
|
567 | 566 | ] |
|
568 | 567 | assert actions == expected_actions |
|
569 | 568 | |
|
570 | 569 | user_logs = UserLog.query().order_by('-user_log_id').limit(4) |
|
571 | 570 | actions = [log for log in user_logs] |
|
572 | 571 | assert actions[-1].action == 'user.push' |
|
573 | 572 | assert actions[-1].action_data['commit_ids'] == pr_commit_ids |
|
574 | 573 | |
|
575 | 574 | # Check post_push rcextension was really executed |
|
576 | 575 | push_calls = rhodecode.EXTENSIONS.calls['post_push'] |
|
577 | 576 | assert len(push_calls) == 1 |
|
578 | 577 | unused_last_call_args, last_call_kwargs = push_calls[0] |
|
579 | 578 | assert last_call_kwargs['action'] == 'push' |
|
580 | 579 | assert last_call_kwargs['pushed_revs'] == pr_commit_ids |
|
581 | 580 | |
|
582 | 581 | def test_merge_pull_request_disabled(self, pr_util, csrf_token): |
|
583 | 582 | pull_request = pr_util.create_pull_request(mergeable=False) |
|
584 | 583 | pull_request_id = pull_request.pull_request_id |
|
585 | 584 | pull_request = PullRequest.get(pull_request_id) |
|
586 | 585 | |
|
587 | 586 | response = self.app.post( |
|
588 | 587 | url(controller='pullrequests', |
|
589 | 588 | action='merge', |
|
590 | 589 | repo_name=pull_request.target_repo.scm_instance().name, |
|
591 | 590 | pull_request_id=str(pull_request.pull_request_id)), |
|
592 | 591 | params={'csrf_token': csrf_token}).follow() |
|
593 | 592 | |
|
594 | 593 | assert response.status_int == 200 |
|
595 | 594 | response.mustcontain( |
|
596 | 595 | 'Merge is not currently possible because of below failed checks.') |
|
597 | 596 | response.mustcontain('Server-side pull request merging is disabled.') |
|
598 | 597 | |
|
599 | 598 | @pytest.mark.skip_backends('svn') |
|
600 | 599 | def test_merge_pull_request_not_approved(self, pr_util, csrf_token): |
|
601 | 600 | pull_request = pr_util.create_pull_request(mergeable=True) |
|
602 | 601 | pull_request_id = pull_request.pull_request_id |
|
603 | 602 | repo_name = pull_request.target_repo.scm_instance().name, |
|
604 | 603 | |
|
605 | 604 | response = self.app.post( |
|
606 | 605 | url(controller='pullrequests', |
|
607 | 606 | action='merge', |
|
608 | 607 | repo_name=str(repo_name[0]), |
|
609 | 608 | pull_request_id=str(pull_request_id)), |
|
610 | 609 | params={'csrf_token': csrf_token}).follow() |
|
611 | 610 | |
|
612 | 611 | assert response.status_int == 200 |
|
613 | 612 | |
|
614 | 613 | response.mustcontain( |
|
615 | 614 | 'Merge is not currently possible because of below failed checks.') |
|
616 | 615 | response.mustcontain('Pull request reviewer approval is pending.') |
|
617 | 616 | |
|
618 | 617 | def test_update_source_revision(self, backend, csrf_token): |
|
619 | 618 | commits = [ |
|
620 | 619 | {'message': 'ancestor'}, |
|
621 | 620 | {'message': 'change'}, |
|
622 | 621 | {'message': 'change-2'}, |
|
623 | 622 | ] |
|
624 | 623 | commit_ids = backend.create_master_repo(commits) |
|
625 | 624 | target = backend.create_repo(heads=['ancestor']) |
|
626 | 625 | source = backend.create_repo(heads=['change']) |
|
627 | 626 | |
|
628 | 627 | # create pr from a in source to A in target |
|
629 | 628 | pull_request = PullRequest() |
|
630 | 629 | pull_request.source_repo = source |
|
631 | 630 | # TODO: johbo: Make sure that we write the source ref this way! |
|
632 | 631 | pull_request.source_ref = 'branch:{branch}:{commit_id}'.format( |
|
633 | 632 | branch=backend.default_branch_name, commit_id=commit_ids['change']) |
|
634 | 633 | pull_request.target_repo = target |
|
635 | 634 | |
|
636 | 635 | pull_request.target_ref = 'branch:{branch}:{commit_id}'.format( |
|
637 | 636 | branch=backend.default_branch_name, |
|
638 | 637 | commit_id=commit_ids['ancestor']) |
|
639 | 638 | pull_request.revisions = [commit_ids['change']] |
|
640 | 639 | pull_request.title = u"Test" |
|
641 | 640 | pull_request.description = u"Description" |
|
642 | 641 | pull_request.author = UserModel().get_by_username( |
|
643 | 642 | TEST_USER_ADMIN_LOGIN) |
|
644 | 643 | Session().add(pull_request) |
|
645 | 644 | Session().commit() |
|
646 | 645 | pull_request_id = pull_request.pull_request_id |
|
647 | 646 | |
|
648 | 647 | # source has ancestor - change - change-2 |
|
649 | 648 | backend.pull_heads(source, heads=['change-2']) |
|
650 | 649 | |
|
651 | 650 | # update PR |
|
652 | 651 | self.app.post( |
|
653 | 652 | url(controller='pullrequests', action='update', |
|
654 | 653 | repo_name=target.repo_name, |
|
655 | 654 | pull_request_id=str(pull_request_id)), |
|
656 | 655 | params={'update_commits': 'true', '_method': 'put', |
|
657 | 656 | 'csrf_token': csrf_token}) |
|
658 | 657 | |
|
659 | 658 | # check that we have now both revisions |
|
660 | 659 | pull_request = PullRequest.get(pull_request_id) |
|
661 | 660 | assert pull_request.revisions == [ |
|
662 | 661 | commit_ids['change-2'], commit_ids['change']] |
|
663 | 662 | |
|
664 | 663 | # TODO: johbo: this should be a test on its own |
|
665 | 664 | response = self.app.get(url( |
|
666 | 665 | controller='pullrequests', action='index', |
|
667 | 666 | repo_name=target.repo_name)) |
|
668 | 667 | assert response.status_int == 200 |
|
669 | 668 | assert 'Pull request updated to' in response.body |
|
670 | 669 | assert 'with 1 added, 0 removed commits.' in response.body |
|
671 | 670 | |
|
672 | 671 | def test_update_target_revision(self, backend, csrf_token): |
|
673 | 672 | commits = [ |
|
674 | 673 | {'message': 'ancestor'}, |
|
675 | 674 | {'message': 'change'}, |
|
676 | 675 | {'message': 'ancestor-new', 'parents': ['ancestor']}, |
|
677 | 676 | {'message': 'change-rebased'}, |
|
678 | 677 | ] |
|
679 | 678 | commit_ids = backend.create_master_repo(commits) |
|
680 | 679 | target = backend.create_repo(heads=['ancestor']) |
|
681 | 680 | source = backend.create_repo(heads=['change']) |
|
682 | 681 | |
|
683 | 682 | # create pr from a in source to A in target |
|
684 | 683 | pull_request = PullRequest() |
|
685 | 684 | pull_request.source_repo = source |
|
686 | 685 | # TODO: johbo: Make sure that we write the source ref this way! |
|
687 | 686 | pull_request.source_ref = 'branch:{branch}:{commit_id}'.format( |
|
688 | 687 | branch=backend.default_branch_name, commit_id=commit_ids['change']) |
|
689 | 688 | pull_request.target_repo = target |
|
690 | 689 | # TODO: johbo: Target ref should be branch based, since tip can jump |
|
691 | 690 | # from branch to branch |
|
692 | 691 | pull_request.target_ref = 'branch:{branch}:{commit_id}'.format( |
|
693 | 692 | branch=backend.default_branch_name, |
|
694 | 693 | commit_id=commit_ids['ancestor']) |
|
695 | 694 | pull_request.revisions = [commit_ids['change']] |
|
696 | 695 | pull_request.title = u"Test" |
|
697 | 696 | pull_request.description = u"Description" |
|
698 | 697 | pull_request.author = UserModel().get_by_username( |
|
699 | 698 | TEST_USER_ADMIN_LOGIN) |
|
700 | 699 | Session().add(pull_request) |
|
701 | 700 | Session().commit() |
|
702 | 701 | pull_request_id = pull_request.pull_request_id |
|
703 | 702 | |
|
704 | 703 | # target has ancestor - ancestor-new |
|
705 | 704 | # source has ancestor - ancestor-new - change-rebased |
|
706 | 705 | backend.pull_heads(target, heads=['ancestor-new']) |
|
707 | 706 | backend.pull_heads(source, heads=['change-rebased']) |
|
708 | 707 | |
|
709 | 708 | # update PR |
|
710 | 709 | self.app.post( |
|
711 | 710 | url(controller='pullrequests', action='update', |
|
712 | 711 | repo_name=target.repo_name, |
|
713 | 712 | pull_request_id=str(pull_request_id)), |
|
714 | 713 | params={'update_commits': 'true', '_method': 'put', |
|
715 | 714 | 'csrf_token': csrf_token}, |
|
716 | 715 | status=200) |
|
717 | 716 | |
|
718 | 717 | # check that we have now both revisions |
|
719 | 718 | pull_request = PullRequest.get(pull_request_id) |
|
720 | 719 | assert pull_request.revisions == [commit_ids['change-rebased']] |
|
721 | 720 | assert pull_request.target_ref == 'branch:{branch}:{commit_id}'.format( |
|
722 | 721 | branch=backend.default_branch_name, |
|
723 | 722 | commit_id=commit_ids['ancestor-new']) |
|
724 | 723 | |
|
725 | 724 | # TODO: johbo: This should be a test on its own |
|
726 | 725 | response = self.app.get(url( |
|
727 | 726 | controller='pullrequests', action='index', |
|
728 | 727 | repo_name=target.repo_name)) |
|
729 | 728 | assert response.status_int == 200 |
|
730 | 729 | assert 'Pull request updated to' in response.body |
|
731 | 730 | assert 'with 1 added, 1 removed commits.' in response.body |
|
732 | 731 | |
|
733 | 732 | def test_update_of_ancestor_reference(self, backend, csrf_token): |
|
734 | 733 | commits = [ |
|
735 | 734 | {'message': 'ancestor'}, |
|
736 | 735 | {'message': 'change'}, |
|
737 | 736 | {'message': 'change-2'}, |
|
738 | 737 | {'message': 'ancestor-new', 'parents': ['ancestor']}, |
|
739 | 738 | {'message': 'change-rebased'}, |
|
740 | 739 | ] |
|
741 | 740 | commit_ids = backend.create_master_repo(commits) |
|
742 | 741 | target = backend.create_repo(heads=['ancestor']) |
|
743 | 742 | source = backend.create_repo(heads=['change']) |
|
744 | 743 | |
|
745 | 744 | # create pr from a in source to A in target |
|
746 | 745 | pull_request = PullRequest() |
|
747 | 746 | pull_request.source_repo = source |
|
748 | 747 | # TODO: johbo: Make sure that we write the source ref this way! |
|
749 | 748 | pull_request.source_ref = 'branch:{branch}:{commit_id}'.format( |
|
750 | 749 | branch=backend.default_branch_name, |
|
751 | 750 | commit_id=commit_ids['change']) |
|
752 | 751 | pull_request.target_repo = target |
|
753 | 752 | # TODO: johbo: Target ref should be branch based, since tip can jump |
|
754 | 753 | # from branch to branch |
|
755 | 754 | pull_request.target_ref = 'branch:{branch}:{commit_id}'.format( |
|
756 | 755 | branch=backend.default_branch_name, |
|
757 | 756 | commit_id=commit_ids['ancestor']) |
|
758 | 757 | pull_request.revisions = [commit_ids['change']] |
|
759 | 758 | pull_request.title = u"Test" |
|
760 | 759 | pull_request.description = u"Description" |
|
761 | 760 | pull_request.author = UserModel().get_by_username( |
|
762 | 761 | TEST_USER_ADMIN_LOGIN) |
|
763 | 762 | Session().add(pull_request) |
|
764 | 763 | Session().commit() |
|
765 | 764 | pull_request_id = pull_request.pull_request_id |
|
766 | 765 | |
|
767 | 766 | # target has ancestor - ancestor-new |
|
768 | 767 | # source has ancestor - ancestor-new - change-rebased |
|
769 | 768 | backend.pull_heads(target, heads=['ancestor-new']) |
|
770 | 769 | backend.pull_heads(source, heads=['change-rebased']) |
|
771 | 770 | |
|
772 | 771 | # update PR |
|
773 | 772 | self.app.post( |
|
774 | 773 | url(controller='pullrequests', action='update', |
|
775 | 774 | repo_name=target.repo_name, |
|
776 | 775 | pull_request_id=str(pull_request_id)), |
|
777 | 776 | params={'update_commits': 'true', '_method': 'put', |
|
778 | 777 | 'csrf_token': csrf_token}, |
|
779 | 778 | status=200) |
|
780 | 779 | |
|
781 | 780 | # Expect the target reference to be updated correctly |
|
782 | 781 | pull_request = PullRequest.get(pull_request_id) |
|
783 | 782 | assert pull_request.revisions == [commit_ids['change-rebased']] |
|
784 | 783 | expected_target_ref = 'branch:{branch}:{commit_id}'.format( |
|
785 | 784 | branch=backend.default_branch_name, |
|
786 | 785 | commit_id=commit_ids['ancestor-new']) |
|
787 | 786 | assert pull_request.target_ref == expected_target_ref |
|
788 | 787 | |
|
789 | 788 | def test_remove_pull_request_branch(self, backend_git, csrf_token): |
|
790 | 789 | branch_name = 'development' |
|
791 | 790 | commits = [ |
|
792 | 791 | {'message': 'initial-commit'}, |
|
793 | 792 | {'message': 'old-feature'}, |
|
794 | 793 | {'message': 'new-feature', 'branch': branch_name}, |
|
795 | 794 | ] |
|
796 | 795 | repo = backend_git.create_repo(commits) |
|
797 | 796 | commit_ids = backend_git.commit_ids |
|
798 | 797 | |
|
799 | 798 | pull_request = PullRequest() |
|
800 | 799 | pull_request.source_repo = repo |
|
801 | 800 | pull_request.target_repo = repo |
|
802 | 801 | pull_request.source_ref = 'branch:{branch}:{commit_id}'.format( |
|
803 | 802 | branch=branch_name, commit_id=commit_ids['new-feature']) |
|
804 | 803 | pull_request.target_ref = 'branch:{branch}:{commit_id}'.format( |
|
805 | 804 | branch=backend_git.default_branch_name, |
|
806 | 805 | commit_id=commit_ids['old-feature']) |
|
807 | 806 | pull_request.revisions = [commit_ids['new-feature']] |
|
808 | 807 | pull_request.title = u"Test" |
|
809 | 808 | pull_request.description = u"Description" |
|
810 | 809 | pull_request.author = UserModel().get_by_username( |
|
811 | 810 | TEST_USER_ADMIN_LOGIN) |
|
812 | 811 | Session().add(pull_request) |
|
813 | 812 | Session().commit() |
|
814 | 813 | |
|
815 | 814 | vcs = repo.scm_instance() |
|
816 | 815 | vcs.remove_ref('refs/heads/{}'.format(branch_name)) |
|
817 | 816 | |
|
818 | 817 | response = self.app.get(url( |
|
819 | 818 | controller='pullrequests', action='show', |
|
820 | 819 | repo_name=repo.repo_name, |
|
821 | 820 | pull_request_id=str(pull_request.pull_request_id))) |
|
822 | 821 | |
|
823 | 822 | assert response.status_int == 200 |
|
824 | 823 | assert_response = AssertResponse(response) |
|
825 | 824 | assert_response.element_contains( |
|
826 | 825 | '#changeset_compare_view_content .alert strong', |
|
827 | 826 | 'Missing commits') |
|
828 | 827 | assert_response.element_contains( |
|
829 | 828 | '#changeset_compare_view_content .alert', |
|
830 | 829 | 'This pull request cannot be displayed, because one or more' |
|
831 | 830 | ' commits no longer exist in the source repository.') |
|
832 | 831 | |
|
833 | 832 | def test_strip_commits_from_pull_request( |
|
834 | 833 | self, backend, pr_util, csrf_token): |
|
835 | 834 | commits = [ |
|
836 | 835 | {'message': 'initial-commit'}, |
|
837 | 836 | {'message': 'old-feature'}, |
|
838 | 837 | {'message': 'new-feature', 'parents': ['initial-commit']}, |
|
839 | 838 | ] |
|
840 | 839 | pull_request = pr_util.create_pull_request( |
|
841 | 840 | commits, target_head='initial-commit', source_head='new-feature', |
|
842 | 841 | revisions=['new-feature']) |
|
843 | 842 | |
|
844 | 843 | vcs = pr_util.source_repository.scm_instance() |
|
845 | 844 | if backend.alias == 'git': |
|
846 | 845 | vcs.strip(pr_util.commit_ids['new-feature'], branch_name='master') |
|
847 | 846 | else: |
|
848 | 847 | vcs.strip(pr_util.commit_ids['new-feature']) |
|
849 | 848 | |
|
850 | 849 | response = self.app.get(url( |
|
851 | 850 | controller='pullrequests', action='show', |
|
852 | 851 | repo_name=pr_util.target_repository.repo_name, |
|
853 | 852 | pull_request_id=str(pull_request.pull_request_id))) |
|
854 | 853 | |
|
855 | 854 | assert response.status_int == 200 |
|
856 | 855 | assert_response = AssertResponse(response) |
|
857 | 856 | assert_response.element_contains( |
|
858 | 857 | '#changeset_compare_view_content .alert strong', |
|
859 | 858 | 'Missing commits') |
|
860 | 859 | assert_response.element_contains( |
|
861 | 860 | '#changeset_compare_view_content .alert', |
|
862 | 861 | 'This pull request cannot be displayed, because one or more' |
|
863 | 862 | ' commits no longer exist in the source repository.') |
|
864 | 863 | assert_response.element_contains( |
|
865 | 864 | '#update_commits', |
|
866 | 865 | 'Update commits') |
|
867 | 866 | |
|
868 | 867 | def test_strip_commits_and_update( |
|
869 | 868 | self, backend, pr_util, csrf_token): |
|
870 | 869 | commits = [ |
|
871 | 870 | {'message': 'initial-commit'}, |
|
872 | 871 | {'message': 'old-feature'}, |
|
873 | 872 | {'message': 'new-feature', 'parents': ['old-feature']}, |
|
874 | 873 | ] |
|
875 | 874 | pull_request = pr_util.create_pull_request( |
|
876 | 875 | commits, target_head='old-feature', source_head='new-feature', |
|
877 | 876 | revisions=['new-feature'], mergeable=True) |
|
878 | 877 | |
|
879 | 878 | vcs = pr_util.source_repository.scm_instance() |
|
880 | 879 | if backend.alias == 'git': |
|
881 | 880 | vcs.strip(pr_util.commit_ids['new-feature'], branch_name='master') |
|
882 | 881 | else: |
|
883 | 882 | vcs.strip(pr_util.commit_ids['new-feature']) |
|
884 | 883 | |
|
885 | 884 | response = self.app.post( |
|
886 | 885 | url(controller='pullrequests', action='update', |
|
887 | 886 | repo_name=pull_request.target_repo.repo_name, |
|
888 | 887 | pull_request_id=str(pull_request.pull_request_id)), |
|
889 | 888 | params={'update_commits': 'true', '_method': 'put', |
|
890 | 889 | 'csrf_token': csrf_token}) |
|
891 | 890 | |
|
892 | 891 | assert response.status_int == 200 |
|
893 | 892 | assert response.body == 'true' |
|
894 | 893 | |
|
895 | 894 | # Make sure that after update, it won't raise 500 errors |
|
896 | 895 | response = self.app.get(url( |
|
897 | 896 | controller='pullrequests', action='show', |
|
898 | 897 | repo_name=pr_util.target_repository.repo_name, |
|
899 | 898 | pull_request_id=str(pull_request.pull_request_id))) |
|
900 | 899 | |
|
901 | 900 | assert response.status_int == 200 |
|
902 | 901 | assert_response = AssertResponse(response) |
|
903 | 902 | assert_response.element_contains( |
|
904 | 903 | '#changeset_compare_view_content .alert strong', |
|
905 | 904 | 'Missing commits') |
|
906 | 905 | |
|
907 | 906 | def test_branch_is_a_link(self, pr_util): |
|
908 | 907 | pull_request = pr_util.create_pull_request() |
|
909 | 908 | pull_request.source_ref = 'branch:origin:1234567890abcdef' |
|
910 | 909 | pull_request.target_ref = 'branch:target:abcdef1234567890' |
|
911 | 910 | Session().add(pull_request) |
|
912 | 911 | Session().commit() |
|
913 | 912 | |
|
914 | 913 | response = self.app.get(url( |
|
915 | 914 | controller='pullrequests', action='show', |
|
916 | 915 | repo_name=pull_request.target_repo.scm_instance().name, |
|
917 | 916 | pull_request_id=str(pull_request.pull_request_id))) |
|
918 | 917 | assert response.status_int == 200 |
|
919 | 918 | assert_response = AssertResponse(response) |
|
920 | 919 | |
|
921 | 920 | origin = assert_response.get_element('.pr-origininfo .tag') |
|
922 | 921 | origin_children = origin.getchildren() |
|
923 | 922 | assert len(origin_children) == 1 |
|
924 | 923 | target = assert_response.get_element('.pr-targetinfo .tag') |
|
925 | 924 | target_children = target.getchildren() |
|
926 | 925 | assert len(target_children) == 1 |
|
927 | 926 | |
|
928 | 927 | expected_origin_link = route_path( |
|
929 | 928 | 'repo_changelog', |
|
930 | 929 | repo_name=pull_request.source_repo.scm_instance().name, |
|
931 | 930 | params=dict(branch='origin')) |
|
932 | 931 | expected_target_link = route_path( |
|
933 | 932 | 'repo_changelog', |
|
934 | 933 | repo_name=pull_request.target_repo.scm_instance().name, |
|
935 | 934 | params=dict(branch='target')) |
|
936 | 935 | assert origin_children[0].attrib['href'] == expected_origin_link |
|
937 | 936 | assert origin_children[0].text == 'branch: origin' |
|
938 | 937 | assert target_children[0].attrib['href'] == expected_target_link |
|
939 | 938 | assert target_children[0].text == 'branch: target' |
|
940 | 939 | |
|
941 | 940 | def test_bookmark_is_not_a_link(self, pr_util): |
|
942 | 941 | pull_request = pr_util.create_pull_request() |
|
943 | 942 | pull_request.source_ref = 'bookmark:origin:1234567890abcdef' |
|
944 | 943 | pull_request.target_ref = 'bookmark:target:abcdef1234567890' |
|
945 | 944 | Session().add(pull_request) |
|
946 | 945 | Session().commit() |
|
947 | 946 | |
|
948 | 947 | response = self.app.get(url( |
|
949 | 948 | controller='pullrequests', action='show', |
|
950 | 949 | repo_name=pull_request.target_repo.scm_instance().name, |
|
951 | 950 | pull_request_id=str(pull_request.pull_request_id))) |
|
952 | 951 | assert response.status_int == 200 |
|
953 | 952 | assert_response = AssertResponse(response) |
|
954 | 953 | |
|
955 | 954 | origin = assert_response.get_element('.pr-origininfo .tag') |
|
956 | 955 | assert origin.text.strip() == 'bookmark: origin' |
|
957 | 956 | assert origin.getchildren() == [] |
|
958 | 957 | |
|
959 | 958 | target = assert_response.get_element('.pr-targetinfo .tag') |
|
960 | 959 | assert target.text.strip() == 'bookmark: target' |
|
961 | 960 | assert target.getchildren() == [] |
|
962 | 961 | |
|
963 | 962 | def test_tag_is_not_a_link(self, pr_util): |
|
964 | 963 | pull_request = pr_util.create_pull_request() |
|
965 | 964 | pull_request.source_ref = 'tag:origin:1234567890abcdef' |
|
966 | 965 | pull_request.target_ref = 'tag:target:abcdef1234567890' |
|
967 | 966 | Session().add(pull_request) |
|
968 | 967 | Session().commit() |
|
969 | 968 | |
|
970 | 969 | response = self.app.get(url( |
|
971 | 970 | controller='pullrequests', action='show', |
|
972 | 971 | repo_name=pull_request.target_repo.scm_instance().name, |
|
973 | 972 | pull_request_id=str(pull_request.pull_request_id))) |
|
974 | 973 | assert response.status_int == 200 |
|
975 | 974 | assert_response = AssertResponse(response) |
|
976 | 975 | |
|
977 | 976 | origin = assert_response.get_element('.pr-origininfo .tag') |
|
978 | 977 | assert origin.text.strip() == 'tag: origin' |
|
979 | 978 | assert origin.getchildren() == [] |
|
980 | 979 | |
|
981 | 980 | target = assert_response.get_element('.pr-targetinfo .tag') |
|
982 | 981 | assert target.text.strip() == 'tag: target' |
|
983 | 982 | assert target.getchildren() == [] |
|
984 | 983 | |
|
985 | 984 | @pytest.mark.parametrize('mergeable', [True, False]) |
|
986 | 985 | def test_shadow_repository_link( |
|
987 | 986 | self, mergeable, pr_util, http_host_only_stub): |
|
988 | 987 | """ |
|
989 | 988 | Check that the pull request summary page displays a link to the shadow |
|
990 | 989 | repository if the pull request is mergeable. If it is not mergeable |
|
991 | 990 | the link should not be displayed. |
|
992 | 991 | """ |
|
993 | 992 | pull_request = pr_util.create_pull_request( |
|
994 | 993 | mergeable=mergeable, enable_notifications=False) |
|
995 | 994 | target_repo = pull_request.target_repo.scm_instance() |
|
996 | 995 | pr_id = pull_request.pull_request_id |
|
997 | 996 | shadow_url = '{host}/{repo}/pull-request/{pr_id}/repository'.format( |
|
998 | 997 | host=http_host_only_stub, repo=target_repo.name, pr_id=pr_id) |
|
999 | 998 | |
|
1000 | 999 | response = self.app.get(url( |
|
1001 | 1000 | controller='pullrequests', action='show', |
|
1002 | 1001 | repo_name=target_repo.name, |
|
1003 | 1002 | pull_request_id=str(pr_id))) |
|
1004 | 1003 | |
|
1005 | 1004 | assertr = AssertResponse(response) |
|
1006 | 1005 | if mergeable: |
|
1007 | 1006 | assertr.element_value_contains( |
|
1008 | 1007 | 'div.pr-mergeinfo input', shadow_url) |
|
1009 | 1008 | assertr.element_value_contains( |
|
1010 | 1009 | 'div.pr-mergeinfo input', 'pr-merge') |
|
1011 | 1010 | else: |
|
1012 | 1011 | assertr.no_element_exists('div.pr-mergeinfo') |
|
1013 | 1012 | |
|
1014 | 1013 | |
|
1015 | 1014 | @pytest.mark.usefixtures('app') |
|
1016 | 1015 | @pytest.mark.backends("git", "hg") |
|
1017 | 1016 | class TestPullrequestsControllerDelete(object): |
|
1018 | 1017 | def test_pull_request_delete_button_permissions_admin( |
|
1019 | 1018 | self, autologin_user, user_admin, pr_util): |
|
1020 | 1019 | pull_request = pr_util.create_pull_request( |
|
1021 | 1020 | author=user_admin.username, enable_notifications=False) |
|
1022 | 1021 | |
|
1023 | 1022 | response = self.app.get(url( |
|
1024 | 1023 | controller='pullrequests', action='show', |
|
1025 | 1024 | repo_name=pull_request.target_repo.scm_instance().name, |
|
1026 | 1025 | pull_request_id=str(pull_request.pull_request_id))) |
|
1027 | 1026 | |
|
1028 | 1027 | response.mustcontain('id="delete_pullrequest"') |
|
1029 | 1028 | response.mustcontain('Confirm to delete this pull request') |
|
1030 | 1029 | |
|
1031 | 1030 | def test_pull_request_delete_button_permissions_owner( |
|
1032 | 1031 | self, autologin_regular_user, user_regular, pr_util): |
|
1033 | 1032 | pull_request = pr_util.create_pull_request( |
|
1034 | 1033 | author=user_regular.username, enable_notifications=False) |
|
1035 | 1034 | |
|
1036 | 1035 | response = self.app.get(url( |
|
1037 | 1036 | controller='pullrequests', action='show', |
|
1038 | 1037 | repo_name=pull_request.target_repo.scm_instance().name, |
|
1039 | 1038 | pull_request_id=str(pull_request.pull_request_id))) |
|
1040 | 1039 | |
|
1041 | 1040 | response.mustcontain('id="delete_pullrequest"') |
|
1042 | 1041 | response.mustcontain('Confirm to delete this pull request') |
|
1043 | 1042 | |
|
1044 | 1043 | def test_pull_request_delete_button_permissions_forbidden( |
|
1045 | 1044 | self, autologin_regular_user, user_regular, user_admin, pr_util): |
|
1046 | 1045 | pull_request = pr_util.create_pull_request( |
|
1047 | 1046 | author=user_admin.username, enable_notifications=False) |
|
1048 | 1047 | |
|
1049 | 1048 | response = self.app.get(url( |
|
1050 | 1049 | controller='pullrequests', action='show', |
|
1051 | 1050 | repo_name=pull_request.target_repo.scm_instance().name, |
|
1052 | 1051 | pull_request_id=str(pull_request.pull_request_id))) |
|
1053 | 1052 | response.mustcontain(no=['id="delete_pullrequest"']) |
|
1054 | 1053 | response.mustcontain(no=['Confirm to delete this pull request']) |
|
1055 | 1054 | |
|
1056 | 1055 | def test_pull_request_delete_button_permissions_can_update_cannot_delete( |
|
1057 | 1056 | self, autologin_regular_user, user_regular, user_admin, pr_util, |
|
1058 | 1057 | user_util): |
|
1059 | 1058 | |
|
1060 | 1059 | pull_request = pr_util.create_pull_request( |
|
1061 | 1060 | author=user_admin.username, enable_notifications=False) |
|
1062 | 1061 | |
|
1063 | 1062 | user_util.grant_user_permission_to_repo( |
|
1064 | 1063 | pull_request.target_repo, user_regular, |
|
1065 | 1064 | 'repository.write') |
|
1066 | 1065 | |
|
1067 | 1066 | response = self.app.get(url( |
|
1068 | 1067 | controller='pullrequests', action='show', |
|
1069 | 1068 | repo_name=pull_request.target_repo.scm_instance().name, |
|
1070 | 1069 | pull_request_id=str(pull_request.pull_request_id))) |
|
1071 | 1070 | |
|
1072 | 1071 | response.mustcontain('id="open_edit_pullrequest"') |
|
1073 | 1072 | response.mustcontain('id="delete_pullrequest"') |
|
1074 | 1073 | response.mustcontain(no=['Confirm to delete this pull request']) |
|
1075 | 1074 | |
|
1076 | 1075 | def test_delete_comment_returns_404_if_comment_does_not_exist( |
|
1077 | 1076 | self, autologin_user, pr_util, user_admin): |
|
1078 | 1077 | |
|
1079 | 1078 | pull_request = pr_util.create_pull_request( |
|
1080 | 1079 | author=user_admin.username, enable_notifications=False) |
|
1081 | 1080 | |
|
1082 | 1081 | self.app.get(url( |
|
1083 | 1082 | controller='pullrequests', action='delete_comment', |
|
1084 | 1083 | repo_name=pull_request.target_repo.scm_instance().name, |
|
1085 | 1084 | comment_id=1024404), status=404) |
|
1086 | 1085 | |
|
1087 | 1086 | |
|
1088 | 1087 | def assert_pull_request_status(pull_request, expected_status): |
|
1089 | 1088 | status = ChangesetStatusModel().calculated_review_status( |
|
1090 | 1089 | pull_request=pull_request) |
|
1091 | 1090 | assert status == expected_status |
|
1092 | 1091 | |
|
1093 | 1092 | |
|
1094 | 1093 | @pytest.mark.parametrize('action', ['index', 'create']) |
|
1095 | 1094 | @pytest.mark.usefixtures("autologin_user") |
|
1096 | 1095 | def test_redirects_to_repo_summary_for_svn_repositories(backend_svn, app, action): |
|
1097 | 1096 | response = app.get(url( |
|
1098 | 1097 | controller='pullrequests', action=action, |
|
1099 | 1098 | repo_name=backend_svn.repo_name)) |
|
1100 | 1099 | assert response.status_int == 302 |
|
1101 | 1100 | |
|
1102 | 1101 | # Not allowed, redirect to the summary |
|
1103 | 1102 | redirected = response.follow() |
|
1104 | 1103 | summary_url = h.route_path('repo_summary', repo_name=backend_svn.repo_name) |
|
1105 | 1104 | |
|
1106 | 1105 | # URL adds leading slash and path doesn't have it |
|
1107 | 1106 | assert redirected.request.path == summary_url |
@@ -1,426 +1,431 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2017 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import threading |
|
22 | 22 | import time |
|
23 | 23 | import logging |
|
24 | 24 | import os.path |
|
25 | 25 | import subprocess32 |
|
26 | 26 | import tempfile |
|
27 | 27 | import urllib2 |
|
28 | 28 | from lxml.html import fromstring, tostring |
|
29 | 29 | from lxml.cssselect import CSSSelector |
|
30 | 30 | from urlparse import urlparse, parse_qsl |
|
31 | 31 | from urllib import unquote_plus |
|
32 | 32 | import webob |
|
33 | 33 | |
|
34 | 34 | from webtest.app import TestResponse, TestApp, string_types |
|
35 | 35 | from webtest.compat import print_stderr |
|
36 | 36 | |
|
37 | 37 | import pytest |
|
38 | 38 | import rc_testdata |
|
39 | 39 | |
|
40 | 40 | from rhodecode.model.db import User, Repository |
|
41 | 41 | from rhodecode.model.meta import Session |
|
42 | 42 | from rhodecode.model.scm import ScmModel |
|
43 | 43 | from rhodecode.lib.vcs.backends.svn.repository import SubversionRepository |
|
44 | 44 | from rhodecode.lib.vcs.backends.base import EmptyCommit |
|
45 | 45 | |
|
46 | 46 | |
|
47 | 47 | log = logging.getLogger(__name__) |
|
48 | 48 | |
|
49 | 49 | |
|
50 | 50 | class CustomTestResponse(TestResponse): |
|
51 | 51 | def _save_output(self, out): |
|
52 | 52 | f = tempfile.NamedTemporaryFile( |
|
53 | 53 | delete=False, prefix='rc-test-', suffix='.html') |
|
54 | 54 | f.write(out) |
|
55 | 55 | return f.name |
|
56 | 56 | |
|
57 | 57 | def mustcontain(self, *strings, **kw): |
|
58 | 58 | """ |
|
59 | 59 | Assert that the response contains all of the strings passed |
|
60 | 60 | in as arguments. |
|
61 | 61 | |
|
62 | 62 | Equivalent to:: |
|
63 | 63 | |
|
64 | 64 | assert string in res |
|
65 | 65 | """ |
|
66 | 66 | if 'no' in kw: |
|
67 | 67 | no = kw['no'] |
|
68 | 68 | del kw['no'] |
|
69 | 69 | if isinstance(no, string_types): |
|
70 | 70 | no = [no] |
|
71 | 71 | else: |
|
72 | 72 | no = [] |
|
73 | 73 | if kw: |
|
74 | 74 | raise TypeError( |
|
75 | 75 | "The only keyword argument allowed is 'no'") |
|
76 | 76 | |
|
77 | 77 | f = self._save_output(str(self)) |
|
78 | 78 | |
|
79 | 79 | for s in strings: |
|
80 | 80 | if not s in self: |
|
81 | 81 | print_stderr("Actual response (no %r):" % s) |
|
82 | 82 | print_stderr(str(self)) |
|
83 | 83 | raise IndexError( |
|
84 | 84 | "Body does not contain string %r, output saved as %s" % ( |
|
85 | 85 | s, f)) |
|
86 | 86 | |
|
87 | 87 | for no_s in no: |
|
88 | 88 | if no_s in self: |
|
89 | 89 | print_stderr("Actual response (has %r)" % no_s) |
|
90 | 90 | print_stderr(str(self)) |
|
91 | 91 | raise IndexError( |
|
92 | 92 | "Body contains bad string %r, output saved as %s" % ( |
|
93 | 93 | no_s, f)) |
|
94 | 94 | |
|
95 | 95 | def assert_response(self): |
|
96 | 96 | return AssertResponse(self) |
|
97 | 97 | |
|
98 | 98 | def get_session_from_response(self): |
|
99 | 99 | """ |
|
100 | 100 | This returns the session from a response object. Pylons has some magic |
|
101 | 101 | to make the session available as `response.session`. But pyramid |
|
102 | 102 | doesn't expose it. |
|
103 | 103 | """ |
|
104 | 104 | return self.request.environ['beaker.session'] |
|
105 | 105 | |
|
106 | 106 | |
|
107 | 107 | class TestRequest(webob.BaseRequest): |
|
108 | 108 | |
|
109 | 109 | # for py.test |
|
110 | 110 | disabled = True |
|
111 | 111 | ResponseClass = CustomTestResponse |
|
112 | 112 | |
|
113 | 113 | |
|
114 | 114 | class CustomTestApp(TestApp): |
|
115 | 115 | """ |
|
116 | 116 | Custom app to make mustcontain more usefull |
|
117 | 117 | """ |
|
118 | 118 | RequestClass = TestRequest |
|
119 | 119 | |
|
120 | 120 | |
|
121 | 121 | def set_anonymous_access(enabled): |
|
122 | 122 | """(Dis)allows anonymous access depending on parameter `enabled`""" |
|
123 | 123 | user = User.get_default_user() |
|
124 | 124 | user.active = enabled |
|
125 | 125 | Session().add(user) |
|
126 | 126 | Session().commit() |
|
127 | 127 | time.sleep(1.5) # must sleep for cache (1s to expire) |
|
128 | 128 | log.info('anonymous access is now: %s', enabled) |
|
129 | 129 | assert enabled == User.get_default_user().active, ( |
|
130 | 130 | 'Cannot set anonymous access') |
|
131 | 131 | |
|
132 | 132 | |
|
133 | 133 | def check_xfail_backends(node, backend_alias): |
|
134 | 134 | # Using "xfail_backends" here intentionally, since this marks work |
|
135 | 135 | # which is "to be done" soon. |
|
136 | 136 | skip_marker = node.get_marker('xfail_backends') |
|
137 | 137 | if skip_marker and backend_alias in skip_marker.args: |
|
138 | 138 | msg = "Support for backend %s to be developed." % (backend_alias, ) |
|
139 | 139 | msg = skip_marker.kwargs.get('reason', msg) |
|
140 | 140 | pytest.xfail(msg) |
|
141 | 141 | |
|
142 | 142 | |
|
143 | 143 | def check_skip_backends(node, backend_alias): |
|
144 | 144 | # Using "skip_backends" here intentionally, since this marks work which is |
|
145 | 145 | # not supported. |
|
146 | 146 | skip_marker = node.get_marker('skip_backends') |
|
147 | 147 | if skip_marker and backend_alias in skip_marker.args: |
|
148 | 148 | msg = "Feature not supported for backend %s." % (backend_alias, ) |
|
149 | 149 | msg = skip_marker.kwargs.get('reason', msg) |
|
150 | 150 | pytest.skip(msg) |
|
151 | 151 | |
|
152 | 152 | |
|
153 | 153 | def extract_git_repo_from_dump(dump_name, repo_name): |
|
154 | 154 | """Create git repo `repo_name` from dump `dump_name`.""" |
|
155 | 155 | repos_path = ScmModel().repos_path |
|
156 | 156 | target_path = os.path.join(repos_path, repo_name) |
|
157 | 157 | rc_testdata.extract_git_dump(dump_name, target_path) |
|
158 | 158 | return target_path |
|
159 | 159 | |
|
160 | 160 | |
|
161 | 161 | def extract_hg_repo_from_dump(dump_name, repo_name): |
|
162 | 162 | """Create hg repo `repo_name` from dump `dump_name`.""" |
|
163 | 163 | repos_path = ScmModel().repos_path |
|
164 | 164 | target_path = os.path.join(repos_path, repo_name) |
|
165 | 165 | rc_testdata.extract_hg_dump(dump_name, target_path) |
|
166 | 166 | return target_path |
|
167 | 167 | |
|
168 | 168 | |
|
169 | 169 | def extract_svn_repo_from_dump(dump_name, repo_name): |
|
170 | 170 | """Create a svn repo `repo_name` from dump `dump_name`.""" |
|
171 | 171 | repos_path = ScmModel().repos_path |
|
172 | 172 | target_path = os.path.join(repos_path, repo_name) |
|
173 | 173 | SubversionRepository(target_path, create=True) |
|
174 | 174 | _load_svn_dump_into_repo(dump_name, target_path) |
|
175 | 175 | return target_path |
|
176 | 176 | |
|
177 | 177 | |
|
178 | 178 | def assert_message_in_log(log_records, message, levelno, module): |
|
179 | 179 | messages = [ |
|
180 | 180 | r.message for r in log_records |
|
181 | 181 | if r.module == module and r.levelno == levelno |
|
182 | 182 | ] |
|
183 | 183 | assert message in messages |
|
184 | 184 | |
|
185 | 185 | |
|
186 | 186 | def _load_svn_dump_into_repo(dump_name, repo_path): |
|
187 | 187 | """ |
|
188 | 188 | Utility to populate a svn repository with a named dump |
|
189 | 189 | |
|
190 | 190 | Currently the dumps are in rc_testdata. They might later on be |
|
191 | 191 | integrated with the main repository once they stabilize more. |
|
192 | 192 | """ |
|
193 | 193 | dump = rc_testdata.load_svn_dump(dump_name) |
|
194 | 194 | load_dump = subprocess32.Popen( |
|
195 | 195 | ['svnadmin', 'load', repo_path], |
|
196 | 196 | stdin=subprocess32.PIPE, stdout=subprocess32.PIPE, |
|
197 | 197 | stderr=subprocess32.PIPE) |
|
198 | 198 | out, err = load_dump.communicate(dump) |
|
199 | 199 | if load_dump.returncode != 0: |
|
200 | 200 | log.error("Output of load_dump command: %s", out) |
|
201 | 201 | log.error("Error output of load_dump command: %s", err) |
|
202 | 202 | raise Exception( |
|
203 | 203 | 'Failed to load dump "%s" into repository at path "%s".' |
|
204 | 204 | % (dump_name, repo_path)) |
|
205 | 205 | |
|
206 | 206 | |
|
207 | 207 | class AssertResponse(object): |
|
208 | 208 | """ |
|
209 | 209 | Utility that helps to assert things about a given HTML response. |
|
210 | 210 | """ |
|
211 | 211 | |
|
212 | 212 | def __init__(self, response): |
|
213 | 213 | self.response = response |
|
214 | 214 | |
|
215 | 215 | def get_imports(self): |
|
216 | 216 | return fromstring, tostring, CSSSelector |
|
217 | 217 | |
|
218 | 218 | def one_element_exists(self, css_selector): |
|
219 | 219 | self.get_element(css_selector) |
|
220 | 220 | |
|
221 | 221 | def no_element_exists(self, css_selector): |
|
222 | 222 | assert not self._get_elements(css_selector) |
|
223 | 223 | |
|
224 | 224 | def element_equals_to(self, css_selector, expected_content): |
|
225 | 225 | element = self.get_element(css_selector) |
|
226 | 226 | element_text = self._element_to_string(element) |
|
227 | 227 | assert expected_content in element_text |
|
228 | 228 | |
|
229 | 229 | def element_contains(self, css_selector, expected_content): |
|
230 | 230 | element = self.get_element(css_selector) |
|
231 | 231 | assert expected_content in element.text_content() |
|
232 | 232 | |
|
233 | 233 | def element_value_contains(self, css_selector, expected_content): |
|
234 | 234 | element = self.get_element(css_selector) |
|
235 | 235 | assert expected_content in element.value |
|
236 | 236 | |
|
237 | 237 | def contains_one_link(self, link_text, href): |
|
238 | 238 | fromstring, tostring, CSSSelector = self.get_imports() |
|
239 | 239 | doc = fromstring(self.response.body) |
|
240 | 240 | sel = CSSSelector('a[href]') |
|
241 | 241 | elements = [ |
|
242 | 242 | e for e in sel(doc) if e.text_content().strip() == link_text] |
|
243 | 243 | assert len(elements) == 1, "Did not find link or found multiple links" |
|
244 | 244 | self._ensure_url_equal(elements[0].attrib.get('href'), href) |
|
245 | 245 | |
|
246 | 246 | def contains_one_anchor(self, anchor_id): |
|
247 | 247 | fromstring, tostring, CSSSelector = self.get_imports() |
|
248 | 248 | doc = fromstring(self.response.body) |
|
249 | 249 | sel = CSSSelector('#' + anchor_id) |
|
250 | 250 | elements = sel(doc) |
|
251 | 251 | assert len(elements) == 1, 'cannot find 1 element {}'.format(anchor_id) |
|
252 | 252 | |
|
253 | 253 | def _ensure_url_equal(self, found, expected): |
|
254 | 254 | assert _Url(found) == _Url(expected) |
|
255 | 255 | |
|
256 | 256 | def get_element(self, css_selector): |
|
257 | 257 | elements = self._get_elements(css_selector) |
|
258 | 258 | assert len(elements) == 1, 'cannot find 1 element {}'.format(css_selector) |
|
259 | 259 | return elements[0] |
|
260 | 260 | |
|
261 | 261 | def get_elements(self, css_selector): |
|
262 | 262 | return self._get_elements(css_selector) |
|
263 | 263 | |
|
264 | 264 | def _get_elements(self, css_selector): |
|
265 | 265 | fromstring, tostring, CSSSelector = self.get_imports() |
|
266 | 266 | doc = fromstring(self.response.body) |
|
267 | 267 | sel = CSSSelector(css_selector) |
|
268 | 268 | elements = sel(doc) |
|
269 | 269 | return elements |
|
270 | 270 | |
|
271 | 271 | def _element_to_string(self, element): |
|
272 | 272 | fromstring, tostring, CSSSelector = self.get_imports() |
|
273 | 273 | return tostring(element) |
|
274 | 274 | |
|
275 | 275 | |
|
276 | 276 | class _Url(object): |
|
277 | 277 | """ |
|
278 | 278 | A url object that can be compared with other url orbjects |
|
279 | 279 | without regard to the vagaries of encoding, escaping, and ordering |
|
280 | 280 | of parameters in query strings. |
|
281 | 281 | |
|
282 | 282 | Inspired by |
|
283 | 283 | http://stackoverflow.com/questions/5371992/comparing-two-urls-in-python |
|
284 | 284 | """ |
|
285 | 285 | |
|
286 | 286 | def __init__(self, url): |
|
287 | 287 | parts = urlparse(url) |
|
288 | 288 | _query = frozenset(parse_qsl(parts.query)) |
|
289 | 289 | _path = unquote_plus(parts.path) |
|
290 | 290 | parts = parts._replace(query=_query, path=_path) |
|
291 | 291 | self.parts = parts |
|
292 | 292 | |
|
293 | 293 | def __eq__(self, other): |
|
294 | 294 | return self.parts == other.parts |
|
295 | 295 | |
|
296 | 296 | def __hash__(self): |
|
297 | 297 | return hash(self.parts) |
|
298 | 298 | |
|
299 | 299 | |
|
300 | 300 | def run_test_concurrently(times, raise_catched_exc=True): |
|
301 | 301 | """ |
|
302 | 302 | Add this decorator to small pieces of code that you want to test |
|
303 | 303 | concurrently |
|
304 | 304 | |
|
305 | 305 | ex: |
|
306 | 306 | |
|
307 | 307 | @test_concurrently(25) |
|
308 | 308 | def my_test_function(): |
|
309 | 309 | ... |
|
310 | 310 | """ |
|
311 | 311 | def test_concurrently_decorator(test_func): |
|
312 | 312 | def wrapper(*args, **kwargs): |
|
313 | 313 | exceptions = [] |
|
314 | 314 | |
|
315 | 315 | def call_test_func(): |
|
316 | 316 | try: |
|
317 | 317 | test_func(*args, **kwargs) |
|
318 | 318 | except Exception as e: |
|
319 | 319 | exceptions.append(e) |
|
320 | 320 | if raise_catched_exc: |
|
321 | 321 | raise |
|
322 | 322 | threads = [] |
|
323 | 323 | for i in range(times): |
|
324 | 324 | threads.append(threading.Thread(target=call_test_func)) |
|
325 | 325 | for t in threads: |
|
326 | 326 | t.start() |
|
327 | 327 | for t in threads: |
|
328 | 328 | t.join() |
|
329 | 329 | if exceptions: |
|
330 | 330 | raise Exception( |
|
331 | 331 | 'test_concurrently intercepted %s exceptions: %s' % ( |
|
332 | 332 | len(exceptions), exceptions)) |
|
333 | 333 | return wrapper |
|
334 | 334 | return test_concurrently_decorator |
|
335 | 335 | |
|
336 | 336 | |
|
337 | 337 | def wait_for_url(url, timeout=10): |
|
338 | 338 | """ |
|
339 | 339 | Wait until URL becomes reachable. |
|
340 | 340 | |
|
341 | 341 | It polls the URL until the timeout is reached or it became reachable. |
|
342 | 342 | If will call to `py.test.fail` in case the URL is not reachable. |
|
343 | 343 | """ |
|
344 | 344 | timeout = time.time() + timeout |
|
345 | 345 | last = 0 |
|
346 | 346 | wait = 0.1 |
|
347 | 347 | |
|
348 | 348 | while timeout > last: |
|
349 | 349 | last = time.time() |
|
350 | 350 | if is_url_reachable(url): |
|
351 | 351 | break |
|
352 | 352 | elif (last + wait) > time.time(): |
|
353 | 353 | # Go to sleep because not enough time has passed since last check. |
|
354 | 354 | time.sleep(wait) |
|
355 | 355 | else: |
|
356 | 356 | pytest.fail("Timeout while waiting for URL {}".format(url)) |
|
357 | 357 | |
|
358 | 358 | |
|
359 | 359 | def is_url_reachable(url): |
|
360 | 360 | try: |
|
361 | 361 | urllib2.urlopen(url) |
|
362 | 362 | except urllib2.URLError: |
|
363 | 363 | return False |
|
364 | 364 | return True |
|
365 | 365 | |
|
366 | 366 | |
|
367 | 367 | def repo_on_filesystem(repo_name): |
|
368 | 368 | from rhodecode.lib import vcs |
|
369 | 369 | from rhodecode.tests import TESTS_TMP_PATH |
|
370 | 370 | repo = vcs.get_vcs_instance( |
|
371 | 371 | os.path.join(TESTS_TMP_PATH, repo_name), create=False) |
|
372 | 372 | return repo is not None |
|
373 | 373 | |
|
374 | 374 | |
|
375 | 375 | def commit_change( |
|
376 | 376 | repo, filename, content, message, vcs_type, parent=None, newfile=False): |
|
377 | 377 | from rhodecode.tests import TEST_USER_ADMIN_LOGIN |
|
378 | 378 | |
|
379 | 379 | repo = Repository.get_by_repo_name(repo) |
|
380 | 380 | _commit = parent |
|
381 | 381 | if not parent: |
|
382 | 382 | _commit = EmptyCommit(alias=vcs_type) |
|
383 | 383 | |
|
384 | 384 | if newfile: |
|
385 | 385 | nodes = { |
|
386 | 386 | filename: { |
|
387 | 387 | 'content': content |
|
388 | 388 | } |
|
389 | 389 | } |
|
390 | 390 | commit = ScmModel().create_nodes( |
|
391 | 391 | user=TEST_USER_ADMIN_LOGIN, repo=repo, |
|
392 | 392 | message=message, |
|
393 | 393 | nodes=nodes, |
|
394 | 394 | parent_commit=_commit, |
|
395 | 395 | author=TEST_USER_ADMIN_LOGIN, |
|
396 | 396 | ) |
|
397 | 397 | else: |
|
398 | 398 | commit = ScmModel().commit_change( |
|
399 | 399 | repo=repo.scm_instance(), repo_name=repo.repo_name, |
|
400 | 400 | commit=parent, user=TEST_USER_ADMIN_LOGIN, |
|
401 | 401 | author=TEST_USER_ADMIN_LOGIN, |
|
402 | 402 | message=message, |
|
403 | 403 | content=content, |
|
404 | 404 | f_path=filename |
|
405 | 405 | ) |
|
406 | 406 | return commit |
|
407 | 407 | |
|
408 | 408 | |
|
409 | 409 | def add_test_routes(config): |
|
410 | 410 | """ |
|
411 | 411 | Adds test routing that can be used in different functional tests |
|
412 | 412 | """ |
|
413 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
414 | ||
|
413 | 415 | config.add_route(name='home', pattern='/') |
|
416 | ||
|
417 | config.add_route(name='login', pattern=ADMIN_PREFIX + '/login') | |
|
418 | config.add_route(name='logout', pattern=ADMIN_PREFIX + '/logout') | |
|
414 | 419 | config.add_route(name='repo_summary', pattern='/{repo_name}') |
|
415 | 420 | config.add_route(name='repo_summary_explicit', pattern='/{repo_name}/summary') |
|
416 | 421 | config.add_route(name='repo_group_home', pattern='/{repo_group_name}') |
|
417 | 422 | |
|
418 | 423 | config.add_route(name='pullrequest_show', |
|
419 | 424 | pattern='/{repo_name}/pull-request/{pull_request_id}') |
|
420 | 425 | config.add_route(name='pull_requests_global', |
|
421 | 426 | pattern='/pull-request/{pull_request_id}') |
|
422 | 427 | config.add_route(name='repo_commit', |
|
423 | 428 | pattern='/{repo_name}/changeset/{commit_id}') |
|
424 | 429 | |
|
425 | 430 | config.add_route(name='repo_files', |
|
426 | 431 | pattern='/{repo_name}/files/{commit_id}/{f_path}') |
|
1 | NO CONTENT: file was removed |
General Comments 0
You need to be logged in to leave comments.
Login now