Show More
| @@ -141,17 +141,23 b' def deferred_can_write_to_group_validato' | |||||
| 141 |
|
141 | |||
| 142 | is_root_location = value is types.RootLocation |
|
142 | is_root_location = value is types.RootLocation | |
| 143 | # NOT initialized validators, we must call them |
|
143 | # NOT initialized validators, we must call them | |
| 144 | can_create_repos_at_root = HasPermissionAny( |
|
144 | can_create_repos_at_root = HasPermissionAny('hg.admin', 'hg.create.repository') | |
| 145 | 'hg.admin', 'hg.create.repository') |
|
|||
| 146 |
|
145 | |||
| 147 | # if values is root location, we simply need to check if we can write |
|
146 | # if values is root location, we simply need to check if we can write | |
| 148 | # to root location ! |
|
147 | # to root location ! | |
| 149 | if is_root_location: |
|
148 | if is_root_location: | |
|
|
149 | ||||
| 150 | if can_create_repos_at_root(user=request_user): |
|
150 | if can_create_repos_at_root(user=request_user): | |
| 151 | # we can create repo group inside tool-level. No more checks |
|
151 | # we can create repo group inside tool-level. No more checks | |
| 152 | # are required |
|
152 | # are required | |
| 153 | return |
|
153 | return | |
| 154 | else: |
|
154 | else: | |
|
|
155 | old_name = old_values.get('repo_name') | |||
|
|
156 | if old_name and old_name == old_values.get('submitted_repo_name'): | |||
|
|
157 | # since we didn't change the name, we can skip validation and | |||
|
|
158 | # allow current users without store-in-root permissions to update | |||
|
|
159 | return | |||
|
|
160 | ||||
| 155 | # "fake" node name as repo_name, otherwise we oddly report |
|
161 | # "fake" node name as repo_name, otherwise we oddly report | |
| 156 | # the error as if it was coming form repo_group |
|
162 | # the error as if it was coming form repo_group | |
| 157 | # however repo_group is empty when using root location. |
|
163 | # however repo_group is empty when using root location. | |
| @@ -372,6 +378,9 b' class RepoSchema(colander.MappingSchema)' | |||||
| 372 | validated_name = appstruct['repo_name'] |
|
378 | validated_name = appstruct['repo_name'] | |
| 373 |
|
379 | |||
| 374 | # second pass to validate permissions to repo_group |
|
380 | # second pass to validate permissions to repo_group | |
|
|
381 | if 'old_values' in self.bindings: | |||
|
|
382 | # save current repo name for name change checks | |||
|
|
383 | self.bindings['old_values']['submitted_repo_name'] = validated_name | |||
| 375 | second = RepoGroupAccessSchema().bind(**self.bindings) |
|
384 | second = RepoGroupAccessSchema().bind(**self.bindings) | |
| 376 | appstruct_second = second.deserialize({'repo_group': validated_name}) |
|
385 | appstruct_second = second.deserialize({'repo_group': validated_name}) | |
| 377 | # save result |
|
386 | # save result | |
| @@ -429,6 +438,9 b' class RepoSettingsSchema(RepoSchema):' | |||||
| 429 | validated_name = separator.join([group.group_name, validated_name]) |
|
438 | validated_name = separator.join([group.group_name, validated_name]) | |
| 430 |
|
439 | |||
| 431 | # second pass to validate permissions to repo_group |
|
440 | # second pass to validate permissions to repo_group | |
|
|
441 | if 'old_values' in self.bindings: | |||
|
|
442 | # save current repo name for name change checks | |||
|
|
443 | self.bindings['old_values']['submitted_repo_name'] = validated_name | |||
| 432 | second = RepoGroupAccessSchema().bind(**self.bindings) |
|
444 | second = RepoGroupAccessSchema().bind(**self.bindings) | |
| 433 | appstruct_second = second.deserialize({'repo_group': validated_name}) |
|
445 | appstruct_second = second.deserialize({'repo_group': validated_name}) | |
| 434 | # save result |
|
446 | # save result | |
General Comments 0
You need to be logged in to leave comments.
Login now