Show More
| @@ -917,12 +917,13 b' def update_repo(' | |||||
| 917 |
|
917 | |||
| 918 | ref_choices, _labels = ScmModel().get_repo_landing_revs(repo=repo) |
|
918 | ref_choices, _labels = ScmModel().get_repo_landing_revs(repo=repo) | |
| 919 |
|
919 | |||
|
|
920 | old_values = repo.get_api_data() | |||
| 920 | schema = repo_schema.RepoSchema().bind( |
|
921 | schema = repo_schema.RepoSchema().bind( | |
| 921 | repo_type_options=rhodecode.BACKENDS.keys(), |
|
922 | repo_type_options=rhodecode.BACKENDS.keys(), | |
| 922 | repo_ref_options=ref_choices, |
|
923 | repo_ref_options=ref_choices, | |
| 923 | # user caller |
|
924 | # user caller | |
| 924 | user=apiuser, |
|
925 | user=apiuser, | |
| 925 |
old_values= |
|
926 | old_values=old_values) | |
| 926 | try: |
|
927 | try: | |
| 927 | schema_data = schema.deserialize(dict( |
|
928 | schema_data = schema.deserialize(dict( | |
| 928 | # we save old value, users cannot change type |
|
929 | # we save old value, users cannot change type | |
| @@ -967,6 +968,9 b' def update_repo(' | |||||
| 967 |
|
968 | |||
| 968 | try: |
|
969 | try: | |
| 969 | RepoModel().update(repo, **validated_updates) |
|
970 | RepoModel().update(repo, **validated_updates) | |
|
|
971 | audit_logger.store_api( | |||
|
|
972 | 'repo.edit', action_data={'old_data': old_values}, | |||
|
|
973 | user=apiuser, repo=repo) | |||
| 970 | Session().commit() |
|
974 | Session().commit() | |
| 971 | return { |
|
975 | return { | |
| 972 | 'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo.repo_name), |
|
976 | 'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo.repo_name), | |
| @@ -1173,15 +1177,14 b' def delete_repo(request, apiuser, repoid' | |||||
| 1173 | 'Cannot delete `%s` it still contains attached forks' % |
|
1177 | 'Cannot delete `%s` it still contains attached forks' % | |
| 1174 | (repo.repo_name,) |
|
1178 | (repo.repo_name,) | |
| 1175 | ) |
|
1179 | ) | |
| 1176 |
|
|
1180 | old_data = repo.get_api_data() | |
| 1177 | RepoModel().delete(repo, forks=forks) |
|
1181 | RepoModel().delete(repo, forks=forks) | |
| 1178 |
|
1182 | |||
| 1179 | repo = audit_logger.RepoWrap(repo_id=None, |
|
1183 | repo = audit_logger.RepoWrap(repo_id=None, | |
| 1180 | repo_name=repo.repo_name) |
|
1184 | repo_name=repo.repo_name) | |
| 1181 |
|
1185 | |||
| 1182 | audit_logger.store_api( |
|
1186 | audit_logger.store_api( | |
| 1183 | action='repo.delete', |
|
1187 | 'repo.delete', action_data={'old_data': old_data}, | |
| 1184 | action_data={'data': repo_data}, |
|
|||
| 1185 | user=apiuser, repo=repo) |
|
1188 | user=apiuser, repo=repo) | |
| 1186 |
|
1189 | |||
| 1187 | ScmModel().mark_for_invalidation(repo_name, delete=True) |
|
1190 | ScmModel().mark_for_invalidation(repo_name, delete=True) | |
| @@ -1472,7 +1475,7 b' def comment_commit(' | |||||
| 1472 | rc_config = SettingsModel().get_all_settings() |
|
1475 | rc_config = SettingsModel().get_all_settings() | |
| 1473 | renderer = rc_config.get('rhodecode_markup_renderer', 'rst') |
|
1476 | renderer = rc_config.get('rhodecode_markup_renderer', 'rst') | |
| 1474 | status_change_label = ChangesetStatus.get_status_lbl(status) |
|
1477 | status_change_label = ChangesetStatus.get_status_lbl(status) | |
| 1475 | comm = CommentsModel().create( |
|
1478 | comment = CommentsModel().create( | |
| 1476 | message, repo, user, commit_id=commit_id, |
|
1479 | message, repo, user, commit_id=commit_id, | |
| 1477 | status_change=status_change_label, |
|
1480 | status_change=status_change_label, | |
| 1478 | status_change_type=status, |
|
1481 | status_change_type=status, | |
| @@ -1484,7 +1487,7 b' def comment_commit(' | |||||
| 1484 | # also do a status change |
|
1487 | # also do a status change | |
| 1485 | try: |
|
1488 | try: | |
| 1486 | ChangesetStatusModel().set_status( |
|
1489 | ChangesetStatusModel().set_status( | |
| 1487 | repo, status, user, comm, revision=commit_id, |
|
1490 | repo, status, user, comment, revision=commit_id, | |
| 1488 | dont_allow_on_closed_pull_request=True |
|
1491 | dont_allow_on_closed_pull_request=True | |
| 1489 | ) |
|
1492 | ) | |
| 1490 | except StatusChangeOnClosedPullRequestError: |
|
1493 | except StatusChangeOnClosedPullRequestError: | |
| @@ -1498,7 +1501,7 b' def comment_commit(' | |||||
| 1498 | return { |
|
1501 | return { | |
| 1499 | 'msg': ( |
|
1502 | 'msg': ( | |
| 1500 | 'Commented on commit `%s` for repository `%s`' % ( |
|
1503 | 'Commented on commit `%s` for repository `%s`' % ( | |
| 1501 | comm.revision, repo.repo_name)), |
|
1504 | comment.revision, repo.repo_name)), | |
| 1502 | 'status_change': status, |
|
1505 | 'status_change': status, | |
| 1503 | 'success': True, |
|
1506 | 'success': True, | |
| 1504 | } |
|
1507 | } | |
| @@ -1879,6 +1882,11 b' def strip(request, apiuser, repoid, revi' | |||||
| 1879 |
|
1882 | |||
| 1880 | try: |
|
1883 | try: | |
| 1881 | ScmModel().strip(repo, revision, branch) |
|
1884 | ScmModel().strip(repo, revision, branch) | |
|
|
1885 | audit_logger.store_api( | |||
|
|
1886 | 'repo.commit.strip', action_data={'commit_id': revision}, | |||
|
|
1887 | repo=repo, | |||
|
|
1888 | user=apiuser, commit=True) | |||
|
|
1889 | ||||
| 1882 | return { |
|
1890 | return { | |
| 1883 | 'msg': 'Stripped commit %s from repo `%s`' % ( |
|
1891 | 'msg': 'Stripped commit %s from repo `%s`' % ( | |
| 1884 | revision, repo.repo_name), |
|
1892 | revision, repo.repo_name), | |
| @@ -27,6 +27,7 b' from rhodecode.api.utils import (' | |||||
| 27 | has_superadmin_permission, Optional, OAttr, get_user_or_error, |
|
27 | has_superadmin_permission, Optional, OAttr, get_user_or_error, | |
| 28 | get_repo_group_or_error, get_perm_or_error, get_user_group_or_error, |
|
28 | get_repo_group_or_error, get_perm_or_error, get_user_group_or_error, | |
| 29 | get_origin, validate_repo_group_permissions, validate_set_owner_permissions) |
|
29 | get_origin, validate_repo_group_permissions, validate_set_owner_permissions) | |
|
|
30 | from rhodecode.lib import audit_logger | |||
| 30 | from rhodecode.lib.auth import ( |
|
31 | from rhodecode.lib.auth import ( | |
| 31 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) |
|
32 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) | |
| 32 | from rhodecode.model.db import Session |
|
33 | from rhodecode.model.db import Session | |
| @@ -222,6 +223,13 b' def create_repo_group(' | |||||
| 222 | group_name=validated_group_name, |
|
223 | group_name=validated_group_name, | |
| 223 | group_description=schema_data['repo_group_name'], |
|
224 | group_description=schema_data['repo_group_name'], | |
| 224 | copy_permissions=schema_data['repo_group_copy_permissions']) |
|
225 | copy_permissions=schema_data['repo_group_copy_permissions']) | |
|
|
226 | Session().flush() | |||
|
|
227 | ||||
|
|
228 | repo_group_data = repo_group.get_api_data() | |||
|
|
229 | audit_logger.store_api( | |||
|
|
230 | 'repo_group.create', action_data={'data': repo_group_data}, | |||
|
|
231 | user=apiuser) | |||
|
|
232 | ||||
| 225 | Session().commit() |
|
233 | Session().commit() | |
| 226 | return { |
|
234 | return { | |
| 227 | 'msg': 'Created new repo group `%s`' % validated_group_name, |
|
235 | 'msg': 'Created new repo group `%s`' % validated_group_name, | |
| @@ -310,8 +318,13 b' def update_repo_group(' | |||||
| 310 | enable_locking=schema_data['repo_group_enable_locking'], |
|
318 | enable_locking=schema_data['repo_group_enable_locking'], | |
| 311 | ) |
|
319 | ) | |
| 312 |
|
320 | |||
|
|
321 | old_data = repo_group.get_api_data() | |||
| 313 | try: |
|
322 | try: | |
| 314 | RepoGroupModel().update(repo_group, validated_updates) |
|
323 | RepoGroupModel().update(repo_group, validated_updates) | |
|
|
324 | audit_logger.store_api( | |||
|
|
325 | 'repo_group.edit', action_data={'old_data': old_data}, | |||
|
|
326 | user=apiuser) | |||
|
|
327 | ||||
| 315 | Session().commit() |
|
328 | Session().commit() | |
| 316 | return { |
|
329 | return { | |
| 317 | 'msg': 'updated repository group ID:%s %s' % ( |
|
330 | 'msg': 'updated repository group ID:%s %s' % ( | |
| @@ -365,8 +378,12 b' def delete_repo_group(request, apiuser, ' | |||||
| 365 | validate_repo_group_permissions( |
|
378 | validate_repo_group_permissions( | |
| 366 | apiuser, repogroupid, repo_group, ('group.admin',)) |
|
379 | apiuser, repogroupid, repo_group, ('group.admin',)) | |
| 367 |
|
380 | |||
|
|
381 | old_data = repo_group.get_api_data() | |||
| 368 | try: |
|
382 | try: | |
| 369 | RepoGroupModel().delete(repo_group) |
|
383 | RepoGroupModel().delete(repo_group) | |
|
|
384 | audit_logger.store_api( | |||
|
|
385 | 'repo_group.delete', action_data={'old_data': old_data}, | |||
|
|
386 | user=apiuser) | |||
| 370 | Session().commit() |
|
387 | Session().commit() | |
| 371 | return { |
|
388 | return { | |
| 372 | 'msg': 'deleted repo group ID:%s %s' % |
|
389 | 'msg': 'deleted repo group ID:%s %s' % | |
| @@ -23,6 +23,7 b' import logging' | |||||
| 23 | from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden |
|
23 | from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden | |
| 24 | from rhodecode.api.utils import ( |
|
24 | from rhodecode.api.utils import ( | |
| 25 | Optional, OAttr, has_superadmin_permission, get_user_or_error, store_update) |
|
25 | Optional, OAttr, has_superadmin_permission, get_user_or_error, store_update) | |
|
|
26 | from rhodecode.lib import audit_logger | |||
| 26 | from rhodecode.lib.auth import AuthUser, PasswordGenerator |
|
27 | from rhodecode.lib.auth import AuthUser, PasswordGenerator | |
| 27 | from rhodecode.lib.exceptions import DefaultUserException |
|
28 | from rhodecode.lib.exceptions import DefaultUserException | |
| 28 | from rhodecode.lib.utils2 import safe_int, str2bool |
|
29 | from rhodecode.lib.utils2 import safe_int, str2bool | |
| @@ -251,6 +252,12 b' def create_user(request, apiuser, userna' | |||||
| 251 | force_password_change=Optional.extract(force_password_change), |
|
252 | force_password_change=Optional.extract(force_password_change), | |
| 252 | create_repo_group=create_repo_group |
|
253 | create_repo_group=create_repo_group | |
| 253 | ) |
|
254 | ) | |
|
|
255 | Session().flush() | |||
|
|
256 | creation_data = user.get_api_data() | |||
|
|
257 | audit_logger.store_api( | |||
|
|
258 | 'user.create', action_data={'data': creation_data}, | |||
|
|
259 | user=apiuser) | |||
|
|
260 | ||||
| 254 | Session().commit() |
|
261 | Session().commit() | |
| 255 | return { |
|
262 | return { | |
| 256 | 'msg': 'created new user `%s`' % username, |
|
263 | 'msg': 'created new user `%s`' % username, | |
| @@ -326,7 +333,7 b' def update_user(request, apiuser, userid' | |||||
| 326 | raise JSONRPCForbidden() |
|
333 | raise JSONRPCForbidden() | |
| 327 |
|
334 | |||
| 328 | user = get_user_or_error(userid) |
|
335 | user = get_user_or_error(userid) | |
| 329 |
|
336 | old_data = user.get_api_data() | ||
| 330 | # only non optional arguments will be stored in updates |
|
337 | # only non optional arguments will be stored in updates | |
| 331 | updates = {} |
|
338 | updates = {} | |
| 332 |
|
339 | |||
| @@ -343,6 +350,9 b' def update_user(request, apiuser, userid' | |||||
| 343 | store_update(updates, extern_type, 'extern_type') |
|
350 | store_update(updates, extern_type, 'extern_type') | |
| 344 |
|
351 | |||
| 345 | user = UserModel().update_user(user, **updates) |
|
352 | user = UserModel().update_user(user, **updates) | |
|
|
353 | audit_logger.store_api( | |||
|
|
354 | 'user.edit', action_data={'old_data': old_data}, | |||
|
|
355 | user=apiuser) | |||
| 346 | Session().commit() |
|
356 | Session().commit() | |
| 347 | return { |
|
357 | return { | |
| 348 | 'msg': 'updated user ID:%s %s' % (user.user_id, user.username), |
|
358 | 'msg': 'updated user ID:%s %s' % (user.user_id, user.username), | |
| @@ -405,9 +415,13 b' def delete_user(request, apiuser, userid' | |||||
| 405 | raise JSONRPCForbidden() |
|
415 | raise JSONRPCForbidden() | |
| 406 |
|
416 | |||
| 407 | user = get_user_or_error(userid) |
|
417 | user = get_user_or_error(userid) | |
| 408 |
|
418 | old_data = user.get_api_data() | ||
| 409 | try: |
|
419 | try: | |
| 410 | UserModel().delete(userid) |
|
420 | UserModel().delete(userid) | |
|
|
421 | audit_logger.store_api( | |||
|
|
422 | 'user.delete', action_data={'old_data': old_data}, | |||
|
|
423 | user=apiuser) | |||
|
|
424 | ||||
| 411 | Session().commit() |
|
425 | Session().commit() | |
| 412 | return { |
|
426 | return { | |
| 413 | 'msg': 'deleted user ID:%s %s' % (user.user_id, user.username), |
|
427 | 'msg': 'deleted user ID:%s %s' % (user.user_id, user.username), | |
| @@ -24,6 +24,7 b' from rhodecode.api import jsonrpc_method' | |||||
| 24 | from rhodecode.api.utils import ( |
|
24 | from rhodecode.api.utils import ( | |
| 25 | Optional, OAttr, store_update, has_superadmin_permission, get_origin, |
|
25 | Optional, OAttr, store_update, has_superadmin_permission, get_origin, | |
| 26 | get_user_or_error, get_user_group_or_error, get_perm_or_error) |
|
26 | get_user_or_error, get_user_group_or_error, get_perm_or_error) | |
|
|
27 | from rhodecode.lib import audit_logger | |||
| 27 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi |
|
28 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi | |
| 28 | from rhodecode.lib.exceptions import UserGroupAssignedException |
|
29 | from rhodecode.lib.exceptions import UserGroupAssignedException | |
| 29 | from rhodecode.model.db import Session |
|
30 | from rhodecode.model.db import Session | |
| @@ -217,13 +218,18 b' def create_user_group(' | |||||
| 217 | owner = get_user_or_error(owner) |
|
218 | owner = get_user_or_error(owner) | |
| 218 | active = Optional.extract(active) |
|
219 | active = Optional.extract(active) | |
| 219 | description = Optional.extract(description) |
|
220 | description = Optional.extract(description) | |
| 220 | ug = UserGroupModel().create( |
|
221 | user_group = UserGroupModel().create( | |
| 221 | name=group_name, description=description, owner=owner, |
|
222 | name=group_name, description=description, owner=owner, | |
| 222 | active=active) |
|
223 | active=active) | |
|
|
224 | Session().flush() | |||
|
|
225 | creation_data = user_group.get_api_data() | |||
|
|
226 | audit_logger.store_api( | |||
|
|
227 | 'user_group.create', action_data={'data': creation_data}, | |||
|
|
228 | user=apiuser) | |||
| 223 | Session().commit() |
|
229 | Session().commit() | |
| 224 | return { |
|
230 | return { | |
| 225 | 'msg': 'created new user group `%s`' % group_name, |
|
231 | 'msg': 'created new user group `%s`' % group_name, | |
| 226 |
'user_group': |
|
232 | 'user_group': creation_data | |
| 227 | } |
|
233 | } | |
| 228 | except Exception: |
|
234 | except Exception: | |
| 229 | log.exception("Error occurred during creation of user group") |
|
235 | log.exception("Error occurred during creation of user group") | |
| @@ -291,6 +297,7 b' def update_user_group(request, apiuser, ' | |||||
| 291 | if not isinstance(owner, Optional): |
|
297 | if not isinstance(owner, Optional): | |
| 292 | owner = get_user_or_error(owner) |
|
298 | owner = get_user_or_error(owner) | |
| 293 |
|
299 | |||
|
|
300 | old_data = user_group.get_api_data() | |||
| 294 | updates = {} |
|
301 | updates = {} | |
| 295 | store_update(updates, group_name, 'users_group_name') |
|
302 | store_update(updates, group_name, 'users_group_name') | |
| 296 | store_update(updates, description, 'user_group_description') |
|
303 | store_update(updates, description, 'user_group_description') | |
| @@ -298,6 +305,9 b' def update_user_group(request, apiuser, ' | |||||
| 298 | store_update(updates, active, 'users_group_active') |
|
305 | store_update(updates, active, 'users_group_active') | |
| 299 | try: |
|
306 | try: | |
| 300 | UserGroupModel().update(user_group, updates) |
|
307 | UserGroupModel().update(user_group, updates) | |
|
|
308 | audit_logger.store_api( | |||
|
|
309 | 'user_group.edit', action_data={'old_data': old_data}, | |||
|
|
310 | user=apiuser) | |||
| 301 | Session().commit() |
|
311 | Session().commit() | |
| 302 | return { |
|
312 | return { | |
| 303 | 'msg': 'updated user group ID:%s %s' % ( |
|
313 | 'msg': 'updated user group ID:%s %s' % ( | |
| @@ -359,8 +369,12 b' def delete_user_group(request, apiuser, ' | |||||
| 359 | raise JSONRPCError( |
|
369 | raise JSONRPCError( | |
| 360 | 'user group `%s` does not exist' % (usergroupid,)) |
|
370 | 'user group `%s` does not exist' % (usergroupid,)) | |
| 361 |
|
371 | |||
|
|
372 | old_data = user_group.get_api_data() | |||
| 362 | try: |
|
373 | try: | |
| 363 | UserGroupModel().delete(user_group) |
|
374 | UserGroupModel().delete(user_group) | |
|
|
375 | audit_logger.store_api( | |||
|
|
376 | 'user_group.delete', action_data={'old_data': old_data}, | |||
|
|
377 | user=apiuser) | |||
| 364 | Session().commit() |
|
378 | Session().commit() | |
| 365 | return { |
|
379 | return { | |
| 366 | 'msg': 'deleted user group ID:%s %s' % ( |
|
380 | 'msg': 'deleted user group ID:%s %s' % ( | |
| @@ -438,6 +452,12 b' def add_user_to_user_group(request, apiu' | |||||
| 438 | user.username, user_group.users_group_name |
|
452 | user.username, user_group.users_group_name | |
| 439 | ) |
|
453 | ) | |
| 440 | msg = msg if success else 'User is already in that group' |
|
454 | msg = msg if success else 'User is already in that group' | |
|
|
455 | if success: | |||
|
|
456 | user_data = user.get_api_data() | |||
|
|
457 | audit_logger.store_api( | |||
|
|
458 | 'user_group.edit.member.add', action_data={'user': user_data}, | |||
|
|
459 | user=apiuser) | |||
|
|
460 | ||||
| 441 | Session().commit() |
|
461 | Session().commit() | |
| 442 |
|
462 | |||
| 443 | return { |
|
463 | return { | |
| @@ -501,6 +521,12 b' def remove_user_from_user_group(request,' | |||||
| 501 | user.username, user_group.users_group_name |
|
521 | user.username, user_group.users_group_name | |
| 502 | ) |
|
522 | ) | |
| 503 | msg = msg if success else "User wasn't in group" |
|
523 | msg = msg if success else "User wasn't in group" | |
|
|
524 | if success: | |||
|
|
525 | user_data = user.get_api_data() | |||
|
|
526 | audit_logger.store_api( | |||
|
|
527 | 'user_group.edit.member.delete', action_data={'user': user_data}, | |||
|
|
528 | user=apiuser) | |||
|
|
529 | ||||
| 504 | Session().commit() |
|
530 | Session().commit() | |
| 505 | return {'success': success, 'msg': msg} |
|
531 | return {'success': success, 'msg': msg} | |
| 506 | except Exception: |
|
532 | except Exception: | |
| @@ -209,8 +209,8 b' class AdminUsersView(BaseAppView, DataGr' | |||||
| 209 |
|
209 | |||
| 210 | self.maybe_attach_token_scope(token) |
|
210 | self.maybe_attach_token_scope(token) | |
| 211 | audit_logger.store_web( |
|
211 | audit_logger.store_web( | |
| 212 |
|
|
212 | 'user.edit.token.add', action_data={ | |
| 213 |
|
|
213 | 'data': {'token': token_data, 'user': user_data}}, | |
| 214 | user=self._rhodecode_user, ) |
|
214 | user=self._rhodecode_user, ) | |
| 215 | Session().commit() |
|
215 | Session().commit() | |
| 216 |
|
216 | |||
| @@ -239,8 +239,8 b' class AdminUsersView(BaseAppView, DataGr' | |||||
| 239 |
|
239 | |||
| 240 | AuthTokenModel().delete(del_auth_token, c.user.user_id) |
|
240 | AuthTokenModel().delete(del_auth_token, c.user.user_id) | |
| 241 | audit_logger.store_web( |
|
241 | audit_logger.store_web( | |
| 242 |
|
|
242 | 'user.edit.token.delete', action_data={ | |
| 243 |
|
|
243 | 'data': {'token': token_data, 'user': user_data}}, | |
| 244 | user=self._rhodecode_user,) |
|
244 | user=self._rhodecode_user,) | |
| 245 | Session().commit() |
|
245 | Session().commit() | |
| 246 | h.flash(_("Auth token successfully deleted"), category='success') |
|
246 | h.flash(_("Auth token successfully deleted"), category='success') | |
| @@ -284,8 +284,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
| 284 | try: |
|
284 | try: | |
| 285 | UserModel().add_extra_email(c.user.user_id, email) |
|
285 | UserModel().add_extra_email(c.user.user_id, email) | |
| 286 | audit_logger.store_web( |
|
286 | audit_logger.store_web( | |
| 287 | 'user.edit.email.add', |
|
287 | 'user.edit.email.add', action_data={'email': email, 'user': user_data}, | |
| 288 | action_data={'email': email, 'user': user_data}, |
|
|||
| 289 | user=self._rhodecode_user) |
|
288 | user=self._rhodecode_user) | |
| 290 | Session().commit() |
|
289 | Session().commit() | |
| 291 | h.flash(_("Added new email address `%s` for user account") % email, |
|
290 | h.flash(_("Added new email address `%s` for user account") % email, | |
| @@ -318,8 +317,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
| 318 | user_data = c.user.get_api_data() |
|
317 | user_data = c.user.get_api_data() | |
| 319 | user_model.delete_extra_email(c.user.user_id, email_id) |
|
318 | user_model.delete_extra_email(c.user.user_id, email_id) | |
| 320 | audit_logger.store_web( |
|
319 | audit_logger.store_web( | |
| 321 | 'user.edit.email.delete', |
|
320 | 'user.edit.email.delete', action_data={'email': email, 'user': user_data}, | |
| 322 | action_data={'email': email, 'user': user_data}, |
|
|||
| 323 | user=self._rhodecode_user) |
|
321 | user=self._rhodecode_user) | |
| 324 | Session().commit() |
|
322 | Session().commit() | |
| 325 | h.flash(_("Removed email address from user account"), |
|
323 | h.flash(_("Removed email address from user account"), | |
| @@ -379,8 +377,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
| 379 | try: |
|
377 | try: | |
| 380 | user_model.add_extra_ip(c.user.user_id, ip, desc) |
|
378 | user_model.add_extra_ip(c.user.user_id, ip, desc) | |
| 381 | audit_logger.store_web( |
|
379 | audit_logger.store_web( | |
| 382 | 'user.edit.ip.add', |
|
380 | 'user.edit.ip.add', action_data={'ip': ip, 'user': user_data}, | |
| 383 | action_data={'ip': ip, 'user': user_data}, |
|
|||
| 384 | user=self._rhodecode_user) |
|
381 | user=self._rhodecode_user) | |
| 385 | Session().commit() |
|
382 | Session().commit() | |
| 386 | added.append(ip) |
|
383 | added.append(ip) | |
| @@ -420,8 +417,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
| 420 | ip = UserIpMap.query().get(ip_id).ip_addr |
|
417 | ip = UserIpMap.query().get(ip_id).ip_addr | |
| 421 | user_model.delete_extra_ip(c.user.user_id, ip_id) |
|
418 | user_model.delete_extra_ip(c.user.user_id, ip_id) | |
| 422 | audit_logger.store_web( |
|
419 | audit_logger.store_web( | |
| 423 | 'user.edit.ip.delete', |
|
420 | 'user.edit.ip.delete', action_data={'ip': ip, 'user': user_data}, | |
| 424 | action_data={'ip': ip, 'user': user_data}, |
|
|||
| 425 | user=self._rhodecode_user) |
|
421 | user=self._rhodecode_user) | |
| 426 | Session().commit() |
|
422 | Session().commit() | |
| 427 | h.flash(_("Removed ip address from user whitelist"), category='success') |
|
423 | h.flash(_("Removed ip address from user whitelist"), category='success') | |
| @@ -173,7 +173,7 b' class LoginView(BaseAppView):' | |||||
| 173 | ip_addr=self.request.remote_addr) |
|
173 | ip_addr=self.request.remote_addr) | |
| 174 | action_data = {'user_agent': self.request.user_agent} |
|
174 | action_data = {'user_agent': self.request.user_agent} | |
| 175 | audit_logger.store_web( |
|
175 | audit_logger.store_web( | |
| 176 |
|
|
176 | 'user.login.success', action_data=action_data, | |
| 177 | user=audit_user, commit=True) |
|
177 | user=audit_user, commit=True) | |
| 178 |
|
178 | |||
| 179 | raise HTTPFound(c.came_from, headers=headers) |
|
179 | raise HTTPFound(c.came_from, headers=headers) | |
| @@ -192,7 +192,7 b' class LoginView(BaseAppView):' | |||||
| 192 | ip_addr=self.request.remote_addr) |
|
192 | ip_addr=self.request.remote_addr) | |
| 193 | action_data = {'user_agent': self.request.user_agent} |
|
193 | action_data = {'user_agent': self.request.user_agent} | |
| 194 | audit_logger.store_web( |
|
194 | audit_logger.store_web( | |
| 195 |
|
|
195 | 'user.login.failure', action_data=action_data, | |
| 196 | user=audit_user, commit=True) |
|
196 | user=audit_user, commit=True) | |
| 197 | return render_ctx |
|
197 | return render_ctx | |
| 198 |
|
198 | |||
| @@ -212,7 +212,7 b' class LoginView(BaseAppView):' | |||||
| 212 |
|
212 | |||
| 213 | action_data = {'user_agent': self.request.user_agent} |
|
213 | action_data = {'user_agent': self.request.user_agent} | |
| 214 | audit_logger.store_web( |
|
214 | audit_logger.store_web( | |
| 215 |
|
|
215 | 'user.logout', action_data=action_data, | |
| 216 | user=auth_user, commit=True) |
|
216 | user=auth_user, commit=True) | |
| 217 | self.session.delete() |
|
217 | self.session.delete() | |
| 218 | return HTTPFound(h.route_path('home')) |
|
218 | return HTTPFound(h.route_path('home')) | |
| @@ -365,8 +365,7 b' class LoginView(BaseAppView):' | |||||
| 365 | action_data = {'email': user_email, |
|
365 | action_data = {'email': user_email, | |
| 366 | 'user_agent': self.request.user_agent} |
|
366 | 'user_agent': self.request.user_agent} | |
| 367 | audit_logger.store_web( |
|
367 | audit_logger.store_web( | |
| 368 |
|
|
368 | 'user.password.reset_request', action_data=action_data, | |
| 369 | action_data=action_data, |
|
|||
| 370 | user=self._rhodecode_user, commit=True) |
|
369 | user=self._rhodecode_user, commit=True) | |
| 371 | return HTTPFound(self.request.route_path('reset_password')) |
|
370 | return HTTPFound(self.request.route_path('reset_password')) | |
| 372 |
|
371 | |||
| @@ -183,8 +183,8 b' class MyAccountView(BaseAppView):' | |||||
| 183 |
|
183 | |||
| 184 | self.maybe_attach_token_scope(token) |
|
184 | self.maybe_attach_token_scope(token) | |
| 185 | audit_logger.store_web( |
|
185 | audit_logger.store_web( | |
| 186 |
|
|
186 | 'user.edit.token.add', action_data={ | |
| 187 |
|
|
187 | 'data': {'token': token_data, 'user': 'self'}}, | |
| 188 | user=self._rhodecode_user, ) |
|
188 | user=self._rhodecode_user, ) | |
| 189 | Session().commit() |
|
189 | Session().commit() | |
| 190 |
|
190 | |||
| @@ -208,8 +208,8 b' class MyAccountView(BaseAppView):' | |||||
| 208 |
|
208 | |||
| 209 | AuthTokenModel().delete(del_auth_token, c.user.user_id) |
|
209 | AuthTokenModel().delete(del_auth_token, c.user.user_id) | |
| 210 | audit_logger.store_web( |
|
210 | audit_logger.store_web( | |
| 211 |
|
|
211 | 'user.edit.token.delete', action_data={ | |
| 212 |
|
|
212 | 'data': {'token': token_data, 'user': 'self'}}, | |
| 213 | user=self._rhodecode_user,) |
|
213 | user=self._rhodecode_user,) | |
| 214 | Session().commit() |
|
214 | Session().commit() | |
| 215 | h.flash(_("Auth token successfully deleted"), category='success') |
|
215 | h.flash(_("Auth token successfully deleted"), category='success') | |
| @@ -245,8 +245,8 b' class MyAccountView(BaseAppView):' | |||||
| 245 | try: |
|
245 | try: | |
| 246 | UserModel().add_extra_email(c.user.user_id, email) |
|
246 | UserModel().add_extra_email(c.user.user_id, email) | |
| 247 | audit_logger.store_web( |
|
247 | audit_logger.store_web( | |
| 248 |
|
|
248 | 'user.edit.email.add', action_data={ | |
| 249 |
|
|
249 | 'data': {'email': email, 'user': 'self'}}, | |
| 250 | user=self._rhodecode_user,) |
|
250 | user=self._rhodecode_user,) | |
| 251 |
|
251 | |||
| 252 | Session().commit() |
|
252 | Session().commit() | |
| @@ -274,8 +274,8 b' class MyAccountView(BaseAppView):' | |||||
| 274 | email = UserEmailMap.get_or_404(del_email_id, pyramid_exc=True).email |
|
274 | email = UserEmailMap.get_or_404(del_email_id, pyramid_exc=True).email | |
| 275 | UserModel().delete_extra_email(c.user.user_id, del_email_id) |
|
275 | UserModel().delete_extra_email(c.user.user_id, del_email_id) | |
| 276 | audit_logger.store_web( |
|
276 | audit_logger.store_web( | |
| 277 |
|
|
277 | 'user.edit.email.delete', action_data={ | |
| 278 |
|
|
278 | 'data': {'email': email, 'user': 'self'}}, | |
| 279 | user=self._rhodecode_user,) |
|
279 | user=self._rhodecode_user,) | |
| 280 | Session().commit() |
|
280 | Session().commit() | |
| 281 | h.flash(_("Email successfully deleted"), |
|
281 | h.flash(_("Email successfully deleted"), | |
| @@ -95,14 +95,13 b' class RepoSettingsView(RepoAppView):' | |||||
| 95 | handle_forks = 'delete' |
|
95 | handle_forks = 'delete' | |
| 96 | h.flash(_('Deleted %s forks') % _forks, category='success') |
|
96 | h.flash(_('Deleted %s forks') % _forks, category='success') | |
| 97 |
|
97 | |||
| 98 |
|
|
98 | old_data = self.db_repo.get_api_data() | |
| 99 | RepoModel().delete(self.db_repo, forks=handle_forks) |
|
99 | RepoModel().delete(self.db_repo, forks=handle_forks) | |
| 100 |
|
100 | |||
| 101 | repo = audit_logger.RepoWrap(repo_id=None, |
|
101 | repo = audit_logger.RepoWrap(repo_id=None, | |
| 102 | repo_name=self.db_repo.repo_name) |
|
102 | repo_name=self.db_repo.repo_name) | |
| 103 | audit_logger.store_web( |
|
103 | audit_logger.store_web( | |
| 104 | action='repo.delete', |
|
104 | 'repo.delete', action_data={'old_data': old_data}, | |
| 105 | action_data={'data': repo_data}, |
|
|||
| 106 | user=self._rhodecode_user, repo=repo) |
|
105 | user=self._rhodecode_user, repo=repo) | |
| 107 |
|
106 | |||
| 108 | ScmModel().mark_for_invalidation(self.db_repo_name, delete=True) |
|
107 | ScmModel().mark_for_invalidation(self.db_repo_name, delete=True) | |
| @@ -106,10 +106,8 b' class StripView(RepoAppView):' | |||||
| 106 | data[commit['rev']] = True |
|
106 | data[commit['rev']] = True | |
| 107 |
|
107 | |||
| 108 | audit_logger.store_web( |
|
108 | audit_logger.store_web( | |
| 109 |
|
|
109 | 'repo.commit.strip', action_data={'commit_id': commit['rev']}, | |
| 110 | action_data={'commit_id': commit['rev']}, |
|
110 | repo=self.db_repo, user=self._rhodecode_user, commit=True) | |
| 111 | repo=self.db_repo, |
|
|||
| 112 | user=self._rhodecode_user, commit=True) |
|
|||
| 113 |
|
111 | |||
| 114 | except Exception as e: |
|
112 | except Exception as e: | |
| 115 | data[commit['rev']] = False |
|
113 | data[commit['rev']] = False | |
| @@ -185,14 +185,16 b' class RepoGroupsController(BaseControlle' | |||||
| 185 | owner=owner.user_id, |
|
185 | owner=owner.user_id, | |
| 186 | copy_permissions=form_result['group_copy_permissions'] |
|
186 | copy_permissions=form_result['group_copy_permissions'] | |
| 187 | ) |
|
187 | ) | |
| 188 |
Session(). |
|
188 | Session().flush() | |
| 189 | repo_group_data = repo_group.get_api_data() |
|
|||
| 190 | _new_group_name = form_result['group_name_full'] |
|
|||
| 191 |
|
189 | |||
|
|
190 | repo_group_data = repo_group.get_api_data() | |||
| 192 | audit_logger.store_web( |
|
191 | audit_logger.store_web( | |
| 193 |
|
|
192 | 'repo_group.create', action_data={'data': repo_group_data}, | |
| 194 | action_data={'data': repo_group_data}, |
|
193 | user=c.rhodecode_user) | |
| 195 | user=c.rhodecode_user, commit=True) |
|
194 | ||
|
|
195 | Session().commit() | |||
|
|
196 | ||||
|
|
197 | _new_group_name = form_result['group_name_full'] | |||
| 196 |
|
198 | |||
| 197 | repo_group_url = h.link_to( |
|
199 | repo_group_url = h.link_to( | |
| 198 | _new_group_name, |
|
200 | _new_group_name, | |
| @@ -304,8 +306,7 b' class RepoGroupsController(BaseControlle' | |||||
| 304 | RepoGroupModel().delete(group_name) |
|
306 | RepoGroupModel().delete(group_name) | |
| 305 |
|
307 | |||
| 306 | audit_logger.store_web( |
|
308 | audit_logger.store_web( | |
| 307 | 'repo_group.delete', |
|
309 | 'repo_group.delete', action_data={'old_data': old_values}, | |
| 308 | action_data={'old_data': old_values}, |
|
|||
| 309 | user=c.rhodecode_user) |
|
310 | user=c.rhodecode_user) | |
| 310 |
|
311 | |||
| 311 | Session().commit() |
|
312 | Session().commit() | |
| @@ -205,13 +205,16 b' class UserGroupsController(BaseControlle' | |||||
| 205 | pstruct = peppercorn.parse(request.POST.items()) |
|
205 | pstruct = peppercorn.parse(request.POST.items()) | |
| 206 | form_result['users_group_members'] = pstruct['user_group_members'] |
|
206 | form_result['users_group_members'] = pstruct['user_group_members'] | |
| 207 |
|
207 | |||
| 208 | UserGroupModel().update(c.user_group, form_result) |
|
208 | user_group, added_members, removed_members = \ | |
|
|
209 | UserGroupModel().update(c.user_group, form_result) | |||
| 209 | updated_user_group = form_result['users_group_name'] |
|
210 | updated_user_group = form_result['users_group_name'] | |
| 210 |
|
211 | |||
| 211 | audit_logger.store_web( |
|
212 | audit_logger.store_web( | |
| 212 | 'user_group.edit', action_data={'old_data': old_values}, |
|
213 | 'user_group.edit', action_data={'old_data': old_values}, | |
| 213 | user=c.rhodecode_user) |
|
214 | user=c.rhodecode_user) | |
| 214 |
|
215 | |||
|
|
216 | # TODO(marcink): use added/removed to set user_group.edit.member.add | |||
|
|
217 | ||||
| 215 | h.flash(_('Updated user group %s') % updated_user_group, |
|
218 | h.flash(_('Updated user group %s') % updated_user_group, | |
| 216 | category='success') |
|
219 | category='success') | |
| 217 | Session().commit() |
|
220 | Session().commit() | |
| @@ -815,11 +815,11 b' class FilesController(BaseRepoController' | |||||
| 815 |
|
815 | |||
| 816 | # store download action |
|
816 | # store download action | |
| 817 | audit_logger.store_web( |
|
817 | audit_logger.store_web( | |
| 818 |
|
|
818 | 'repo.archive.download', action_data={ | |
| 819 |
|
|
819 | 'user_agent': request.user_agent, | |
| 820 |
|
|
820 | 'archive_name': archive_name, | |
| 821 |
|
|
821 | 'archive_spec': fname, | |
| 822 |
|
|
822 | 'archive_cached': use_cached_archive}, | |
| 823 | user=c.rhodecode_user, |
|
823 | user=c.rhodecode_user, | |
| 824 | repo=dbrepo, |
|
824 | repo=dbrepo, | |
| 825 | commit=True |
|
825 | commit=True | |
| @@ -53,8 +53,8 b' ACTIONS_V1 = {' | |||||
| 53 | 'user_group.delete': {'old_data': {}}, |
|
53 | 'user_group.delete': {'old_data': {}}, | |
| 54 | 'user_group.edit': {'old_data': {}}, |
|
54 | 'user_group.edit': {'old_data': {}}, | |
| 55 | 'user_group.edit.permissions': {}, |
|
55 | 'user_group.edit.permissions': {}, | |
| 56 | 'user_group.edit.member.add': {}, |
|
56 | 'user_group.edit.member.add': {'user': {}}, | |
| 57 | 'user_group.edit.member.delete': {}, |
|
57 | 'user_group.edit.member.delete': {'user': {}}, | |
| 58 |
|
58 | |||
| 59 | 'repo.create': {'data': {}}, |
|
59 | 'repo.create': {'data': {}}, | |
| 60 | 'repo.fork': {'data': {}}, |
|
60 | 'repo.fork': {'data': {}}, | |
| @@ -76,8 +76,8 b' ACTIONS_V1 = {' | |||||
| 76 | 'repo.pull_request.reviewer.add': '', |
|
76 | 'repo.pull_request.reviewer.add': '', | |
| 77 | 'repo.pull_request.reviewer.delete': '', |
|
77 | 'repo.pull_request.reviewer.delete': '', | |
| 78 |
|
78 | |||
| 79 | 'repo.commit.comment.create': '', |
|
79 | 'repo.commit.comment.create': {'data': {}}, | |
| 80 | 'repo.commit.comment.delete': '', |
|
80 | 'repo.commit.comment.delete': {'data': {}}, | |
| 81 | 'repo.commit.vote': '', |
|
81 | 'repo.commit.vote': '', | |
| 82 |
|
82 | |||
| 83 | 'repo_group.create': {'data': {}}, |
|
83 | 'repo_group.create': {'data': {}}, | |
| @@ -164,34 +164,32 b' def store(action, user, action_data=None' | |||||
| 164 | from rhodecode.lib import audit_logger |
|
164 | from rhodecode.lib import audit_logger | |
| 165 |
|
165 | |||
| 166 | audit_logger.store( |
|
166 | audit_logger.store( | |
| 167 |
|
|
167 | 'repo.edit', user=self._rhodecode_user) | |
| 168 | audit_logger.store( |
|
168 | audit_logger.store( | |
| 169 |
|
|
169 | 'repo.delete', action_data={'data': repo_data}, | |
| 170 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8')) |
|
170 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8')) | |
| 171 |
|
171 | |||
| 172 | # repo action |
|
172 | # repo action | |
| 173 | audit_logger.store( |
|
173 | audit_logger.store( | |
| 174 |
|
|
174 | 'repo.delete', | |
| 175 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8'), |
|
175 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8'), | |
| 176 | repo=audit_logger.RepoWrap(repo_name='some-repo')) |
|
176 | repo=audit_logger.RepoWrap(repo_name='some-repo')) | |
| 177 |
|
177 | |||
| 178 | # repo action, when we know and have the repository object already |
|
178 | # repo action, when we know and have the repository object already | |
| 179 | audit_logger.store( |
|
179 | audit_logger.store( | |
| 180 | action='repo.delete', |
|
180 | 'repo.delete', action_data={'source': audit_logger.SOURCE_WEB, }, | |
| 181 | action_data={'source': audit_logger.SOURCE_WEB, }, |
|
|||
| 182 | user=self._rhodecode_user, |
|
181 | user=self._rhodecode_user, | |
| 183 | repo=repo_object) |
|
182 | repo=repo_object) | |
| 184 |
|
183 | |||
| 185 | # alternative wrapper to the above |
|
184 | # alternative wrapper to the above | |
| 186 | audit_logger.store_web( |
|
185 | audit_logger.store_web( | |
| 187 |
|
|
186 | 'repo.delete', action_data={}, | |
| 188 | action_data={}, |
|
|||
| 189 | user=self._rhodecode_user, |
|
187 | user=self._rhodecode_user, | |
| 190 | repo=repo_object) |
|
188 | repo=repo_object) | |
| 191 |
|
189 | |||
| 192 | # without an user ? |
|
190 | # without an user ? | |
| 193 | audit_logger.store( |
|
191 | audit_logger.store( | |
| 194 |
|
|
192 | 'user.login.failure', | |
| 195 | user=audit_logger.UserWrap( |
|
193 | user=audit_logger.UserWrap( | |
| 196 | username=self.request.params.get('username'), |
|
194 | username=self.request.params.get('username'), | |
| 197 | ip_addr=self.request.remote_addr)) |
|
195 | ip_addr=self.request.remote_addr)) | |
| @@ -179,9 +179,8 b' def create_repo(form_data, cur_user):' | |||||
| 179 | repo_id = repo.repo_id |
|
179 | repo_id = repo.repo_id | |
| 180 | repo_data = repo.get_api_data() |
|
180 | repo_data = repo.get_api_data() | |
| 181 |
|
181 | |||
| 182 |
audit_logger.store |
|
182 | audit_logger.store( | |
| 183 | action='repo.create', |
|
183 | 'repo.create', action_data={'data': repo_data}, | |
| 184 | action_data={'data': repo_data}, |
|
|||
| 185 | user=cur_user, |
|
184 | user=cur_user, | |
| 186 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) |
|
185 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) | |
| 187 |
|
186 | |||
| @@ -274,9 +273,8 b' def create_repo_fork(form_data, cur_user' | |||||
| 274 |
|
273 | |||
| 275 | repo_id = repo.repo_id |
|
274 | repo_id = repo.repo_id | |
| 276 | repo_data = repo.get_api_data() |
|
275 | repo_data = repo.get_api_data() | |
| 277 |
audit_logger.store |
|
276 | audit_logger.store( | |
| 278 | action='repo.fork', |
|
277 | 'repo.fork', action_data={'data': repo_data}, | |
| 279 | action_data={'data': repo_data}, |
|
|||
| 280 | user=cur_user, |
|
278 | user=cur_user, | |
| 281 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) |
|
279 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) | |
| 282 |
|
280 | |||
| @@ -158,7 +158,7 b' def post_pull(extras):' | |||||
| 158 | ip_addr=extras.ip) |
|
158 | ip_addr=extras.ip) | |
| 159 | repo = audit_logger.RepoWrap(repo_name=extras.repository) |
|
159 | repo = audit_logger.RepoWrap(repo_name=extras.repository) | |
| 160 | audit_logger.store( |
|
160 | audit_logger.store( | |
| 161 |
|
|
161 | 'user.pull', action_data={ | |
| 162 | 'user_agent': extras.user_agent}, |
|
162 | 'user_agent': extras.user_agent}, | |
| 163 | user=audit_user, repo=repo, commit=True) |
|
163 | user=audit_user, repo=repo, commit=True) | |
| 164 |
|
164 | |||
| @@ -199,7 +199,7 b' def post_push(extras):' | |||||
| 199 | username=extras.username, ip_addr=extras.ip) |
|
199 | username=extras.username, ip_addr=extras.ip) | |
| 200 | repo = audit_logger.RepoWrap(repo_name=extras.repository) |
|
200 | repo = audit_logger.RepoWrap(repo_name=extras.repository) | |
| 201 | audit_logger.store( |
|
201 | audit_logger.store( | |
| 202 |
|
|
202 | 'user.push', action_data={ | |
| 203 | 'user_agent': extras.user_agent, |
|
203 | 'user_agent': extras.user_agent, | |
| 204 | 'commit_ids': commit_ids[:10000]}, |
|
204 | 'commit_ids': commit_ids[:10000]}, | |
| 205 | user=audit_user, repo=repo, commit=True) |
|
205 | user=audit_user, repo=repo, commit=True) | |
| @@ -175,7 +175,7 b' class UserGroupModel(BaseModel):' | |||||
| 175 | user_id for user_id in current_members_ids |
|
175 | user_id for user_id in current_members_ids | |
| 176 | if user_id not in user_id_list] |
|
176 | if user_id not in user_id_list] | |
| 177 |
|
177 | |||
| 178 |
return |
|
178 | return added_members, deleted_members | |
| 179 |
|
179 | |||
| 180 | def _set_users_as_members(self, user_group, user_ids): |
|
180 | def _set_users_as_members(self, user_group, user_ids): | |
| 181 | user_group.members = [] |
|
181 | user_group.members = [] | |
| @@ -191,6 +191,7 b' class UserGroupModel(BaseModel):' | |||||
| 191 | self._set_users_as_members(user_group, user_ids) |
|
191 | self._set_users_as_members(user_group, user_ids) | |
| 192 | self._log_user_changes('added to', user_group, added) |
|
192 | self._log_user_changes('added to', user_group, added) | |
| 193 | self._log_user_changes('removed from', user_group, removed) |
|
193 | self._log_user_changes('removed from', user_group, removed) | |
|
|
194 | return added, removed | |||
| 194 |
|
195 | |||
| 195 | def _clean_members_data(self, members_data): |
|
196 | def _clean_members_data(self, members_data): | |
| 196 | if not members_data: |
|
197 | if not members_data: | |
| @@ -225,12 +226,16 b' class UserGroupModel(BaseModel):' | |||||
| 225 |
|
226 | |||
| 226 | user_group.user = owner |
|
227 | user_group.user = owner | |
| 227 |
|
228 | |||
|
|
229 | added_user_ids = [] | |||
|
|
230 | removed_user_ids = [] | |||
| 228 | if 'users_group_members' in form_data: |
|
231 | if 'users_group_members' in form_data: | |
| 229 | members_id_list = self._clean_members_data( |
|
232 | members_id_list = self._clean_members_data( | |
| 230 | form_data['users_group_members']) |
|
233 | form_data['users_group_members']) | |
| 231 | self._update_members_from_user_ids(user_group, members_id_list) |
|
234 | added_user_ids, removed_user_ids = \ | |
|
|
235 | self._update_members_from_user_ids(user_group, members_id_list) | |||
| 232 |
|
236 | |||
| 233 | self.sa.add(user_group) |
|
237 | self.sa.add(user_group) | |
|
|
238 | return user_group, added_user_ids, removed_user_ids | |||
| 234 |
|
239 | |||
| 235 | def delete(self, user_group, force=False): |
|
240 | def delete(self, user_group, force=False): | |
| 236 | """ |
|
241 | """ | |
General Comments 0
You need to be logged in to leave comments.
Login now