Show More
| @@ -311,17 +311,20 b' class PermOrigin(object):' | |||
|
|
311 | 311 | REPO_USERGROUP = 'usergroup:%s' |
|
|
312 | 312 | REPO_OWNER = 'repo.owner' |
|
|
313 | 313 | REPO_DEFAULT = 'repo.default' |
|
|
314 | REPO_DEFAULT_NO_INHERIT = 'repo.default.no.inherit' | |
|
|
314 | 315 | REPO_PRIVATE = 'repo.private' |
|
|
315 | 316 | |
|
|
316 | 317 | REPOGROUP_USER = 'user:%s' |
|
|
317 | 318 | REPOGROUP_USERGROUP = 'usergroup:%s' |
|
|
318 | 319 | REPOGROUP_OWNER = 'group.owner' |
|
|
319 | 320 | REPOGROUP_DEFAULT = 'group.default' |
|
|
321 | REPOGROUP_DEFAULT_NO_INHERIT = 'group.default.no.inherit' | |
|
|
320 | 322 | |
|
|
321 | 323 | USERGROUP_USER = 'user:%s' |
|
|
322 | 324 | USERGROUP_USERGROUP = 'usergroup:%s' |
|
|
323 | 325 | USERGROUP_OWNER = 'usergroup.owner' |
|
|
324 | 326 | USERGROUP_DEFAULT = 'usergroup.default' |
|
|
327 | USERGROUP_DEFAULT_NO_INHERIT = 'usergroup.default.no.inherit' | |
|
|
325 | 328 | |
|
|
326 | 329 | |
|
|
327 | 330 | class PermOriginDict(dict): |
| @@ -345,7 +348,7 b' class PermOriginDict(dict):' | |||
|
|
345 | 348 | |
|
|
346 | 349 | def __init__(self, *args, **kw): |
|
|
347 | 350 | dict.__init__(self, *args, **kw) |
|
|
348 |
self.perm_origin_stack = |
|
|
|
351 | self.perm_origin_stack = collections.OrderedDict() | |
|
|
349 | 352 | |
|
|
350 | 353 | def __setitem__(self, key, (perm, origin)): |
|
|
351 | 354 | self.perm_origin_stack.setdefault(key, []).append((perm, origin)) |
| @@ -529,60 +532,73 b' class PermissionCalculator(object):' | |||
|
|
529 | 532 | # on given repo |
|
|
530 | 533 | for perm in self.default_repo_perms: |
|
|
531 | 534 | r_k = perm.UserRepoToPerm.repository.repo_name |
|
|
535 | p = perm.Permission.permission_name | |
|
|
532 | 536 | o = PermOrigin.REPO_DEFAULT |
|
|
537 | self.permissions_repositories[r_k] = p, o | |
|
|
538 | ||
|
|
539 | # if we decide this user isn't inheriting permissions from | |
|
|
540 | # default user we set him to .none so only explicit | |
|
|
541 | # permissions work | |
|
|
542 | if not user_inherit_object_permissions: | |
|
|
543 | p = 'repository.none' | |
|
|
544 | o = PermOrigin.REPO_DEFAULT_NO_INHERIT | |
|
|
545 | ||
|
|
546 | self.permissions_repositories[r_k] = p, o | |
|
|
547 | ||
|
|
533 | 548 | if perm.Repository.private and not ( |
|
|
534 | 549 | perm.Repository.user_id == self.user_id): |
|
|
535 | 550 | # disable defaults for private repos, |
|
|
536 | 551 | p = 'repository.none' |
|
|
537 | 552 | o = PermOrigin.REPO_PRIVATE |
|
|
553 | self.permissions_repositories[r_k] = p, o | |
|
|
554 | ||
|
|
538 | 555 | elif perm.Repository.user_id == self.user_id: |
|
|
539 | 556 | # set admin if owner |
|
|
540 | 557 | p = 'repository.admin' |
|
|
541 | 558 | o = PermOrigin.REPO_OWNER |
|
|
542 | else: | |
|
|
543 | p = perm.Permission.permission_name | |
|
|
544 | # if we decide this user isn't inheriting permissions from | |
|
|
545 | # default user we set him to .none so only explicit | |
|
|
546 | # permissions work | |
|
|
547 | if not user_inherit_object_permissions: | |
|
|
548 | p = 'repository.none' | |
|
|
549 | self.permissions_repositories[r_k] = p, o | |
|
|
559 | self.permissions_repositories[r_k] = p, o | |
|
|
550 | 560 | |
|
|
551 | 561 | # defaults for repository groups taken from `default` user permission |
|
|
552 | 562 | # on given group |
|
|
553 | 563 | for perm in self.default_repo_groups_perms: |
|
|
554 | 564 | rg_k = perm.UserRepoGroupToPerm.group.group_name |
|
|
565 | p = perm.Permission.permission_name | |
|
|
555 | 566 | o = PermOrigin.REPOGROUP_DEFAULT |
|
|
556 | if perm.RepoGroup.user_id == self.user_id: | |
|
|
557 | # set admin if owner | |
|
|
558 | p = 'group.admin' | |
|
|
559 | o = PermOrigin.REPOGROUP_OWNER | |
|
|
560 | else: | |
|
|
561 | p = perm.Permission.permission_name | |
|
|
567 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
562 | 568 | |
|
|
563 | 569 | # if we decide this user isn't inheriting permissions from default |
|
|
564 | 570 | # user we set him to .none so only explicit permissions work |
|
|
565 | 571 | if not user_inherit_object_permissions: |
|
|
566 | 572 | p = 'group.none' |
|
|
567 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
573 | o = PermOrigin.REPOGROUP_DEFAULT_NO_INHERIT | |
|
|
574 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
575 | ||
|
|
576 | if perm.RepoGroup.user_id == self.user_id: | |
|
|
577 | # set admin if owner | |
|
|
578 | p = 'group.admin' | |
|
|
579 | o = PermOrigin.REPOGROUP_OWNER | |
|
|
580 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
568 | 581 | |
|
|
569 | 582 | # defaults for user groups taken from `default` user permission |
|
|
570 | 583 | # on given user group |
|
|
571 | 584 | for perm in self.default_user_group_perms: |
|
|
572 | 585 | u_k = perm.UserUserGroupToPerm.user_group.users_group_name |
|
|
586 | p = perm.Permission.permission_name | |
|
|
573 | 587 | o = PermOrigin.USERGROUP_DEFAULT |
|
|
574 | if perm.UserGroup.user_id == self.user_id: | |
|
|
575 | # set admin if owner | |
|
|
576 | p = 'usergroup.admin' | |
|
|
577 | o = PermOrigin.USERGROUP_OWNER | |
|
|
578 | else: | |
|
|
579 | p = perm.Permission.permission_name | |
|
|
588 | self.permissions_user_groups[u_k] = p, o | |
|
|
580 | 589 | |
|
|
581 | 590 | # if we decide this user isn't inheriting permissions from default |
|
|
582 | 591 | # user we set him to .none so only explicit permissions work |
|
|
583 | 592 | if not user_inherit_object_permissions: |
|
|
584 | 593 | p = 'usergroup.none' |
|
|
585 | self.permissions_user_groups[u_k] = p, o | |
|
|
594 | o = PermOrigin.USERGROUP_DEFAULT_NO_INHERIT | |
|
|
595 | self.permissions_user_groups[u_k] = p, o | |
|
|
596 | ||
|
|
597 | if perm.UserGroup.user_id == self.user_id: | |
|
|
598 | # set admin if owner | |
|
|
599 | p = 'usergroup.admin' | |
|
|
600 | o = PermOrigin.USERGROUP_OWNER | |
|
|
601 | self.permissions_user_groups[u_k] = p, o | |
|
|
586 | 602 | |
|
|
587 | 603 | def _calculate_repository_permissions(self): |
|
|
588 | 604 | """ |
| @@ -603,18 +619,20 b' class PermissionCalculator(object):' | |||
|
|
603 | 619 | r_k = perm.UserGroupRepoToPerm.repository.repo_name |
|
|
604 | 620 | ug_k = perm.UserGroupRepoToPerm.users_group.users_group_name |
|
|
605 | 621 | multiple_counter[r_k] += 1 |
|
|
622 | ||
|
|
606 | 623 | p = perm.Permission.permission_name |
|
|
607 | 624 | o = PermOrigin.REPO_USERGROUP % ug_k |
|
|
625 | if multiple_counter[r_k] > 1: | |
|
|
626 | cur_perm = self.permissions_repositories[r_k] | |
|
|
627 | p = self._choose_permission(p, cur_perm) | |
|
|
628 | ||
|
|
629 | self.permissions_repositories[r_k] = p, o | |
|
|
608 | 630 | |
|
|
609 | 631 | if perm.Repository.user_id == self.user_id: |
|
|
610 | 632 | # set admin if owner |
|
|
611 | 633 | p = 'repository.admin' |
|
|
612 | 634 | o = PermOrigin.REPO_OWNER |
|
|
613 | else: | |
|
|
614 | if multiple_counter[r_k] > 1: | |
|
|
615 | cur_perm = self.permissions_repositories[r_k] | |
|
|
616 | p = self._choose_permission(p, cur_perm) | |
|
|
617 | self.permissions_repositories[r_k] = p, o | |
|
|
635 | self.permissions_repositories[r_k] = p, o | |
|
|
618 | 636 | |
|
|
619 | 637 | # user explicit permissions for repositories, overrides any specified |
|
|
620 | 638 | # by the group permission |
| @@ -622,25 +640,28 b' class PermissionCalculator(object):' | |||
|
|
622 | 640 | self.user_id, self.scope_repo_id) |
|
|
623 | 641 | for perm in user_repo_perms: |
|
|
624 | 642 | r_k = perm.UserRepoToPerm.repository.repo_name |
|
|
643 | p = perm.Permission.permission_name | |
|
|
625 | 644 | o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username |
|
|
626 | # set admin if owner | |
|
|
645 | ||
|
|
646 | if not self.explicit: | |
|
|
647 | cur_perm = self.permissions_repositories.get( | |
|
|
648 | r_k, 'repository.none') | |
|
|
649 | p = self._choose_permission(p, cur_perm) | |
|
|
650 | ||
|
|
651 | self.permissions_repositories[r_k] = p, o | |
|
|
652 | ||
|
|
627 | 653 | if perm.Repository.user_id == self.user_id: |
|
|
654 | # set admin if owner | |
|
|
628 | 655 | p = 'repository.admin' |
|
|
629 | 656 | o = PermOrigin.REPO_OWNER |
|
|
630 | else: | |
|
|
631 | p = perm.Permission.permission_name | |
|
|
632 | if not self.explicit: | |
|
|
633 | cur_perm = self.permissions_repositories.get( | |
|
|
634 | r_k, 'repository.none') | |
|
|
635 | p = self._choose_permission(p, cur_perm) | |
|
|
636 | self.permissions_repositories[r_k] = p, o | |
|
|
657 | self.permissions_repositories[r_k] = p, o | |
|
|
637 | 658 | |
|
|
638 | 659 | def _calculate_repository_group_permissions(self): |
|
|
639 | 660 | """ |
|
|
640 | 661 | Repository group permissions for the current user. |
|
|
641 | 662 | |
|
|
642 | 663 | Check if the user is part of user groups for repository groups and |
|
|
643 |
fill in the permissions from it. `_choose_perm |
|
|
|
664 | fill in the permissions from it. `_choose_permission` decides of which | |
|
|
644 | 665 | permission should be selected based on selected method. |
|
|
645 | 666 | """ |
|
|
646 | 667 | # user group for repo groups permissions |
| @@ -652,18 +673,20 b' class PermissionCalculator(object):' | |||
|
|
652 | 673 | for perm in user_repo_group_perms_from_user_group: |
|
|
653 | 674 | g_k = perm.UserGroupRepoGroupToPerm.group.group_name |
|
|
654 | 675 | ug_k = perm.UserGroupRepoGroupToPerm.users_group.users_group_name |
|
|
676 | multiple_counter[g_k] += 1 | |
|
|
655 | 677 | o = PermOrigin.REPOGROUP_USERGROUP % ug_k |
|
|
656 | multiple_counter[g_k] += 1 | |
|
|
657 | 678 | p = perm.Permission.permission_name |
|
|
679 | ||
|
|
680 | if multiple_counter[g_k] > 1: | |
|
|
681 | cur_perm = self.permissions_repository_groups[g_k] | |
|
|
682 | p = self._choose_permission(p, cur_perm) | |
|
|
683 | self.permissions_repository_groups[g_k] = p, o | |
|
|
684 | ||
|
|
658 | 685 | if perm.RepoGroup.user_id == self.user_id: |
|
|
659 | 686 | # set admin if owner, even for member of other user group |
|
|
660 | 687 | p = 'group.admin' |
|
|
661 | 688 | o = PermOrigin.REPOGROUP_OWNER |
|
|
662 | else: | |
|
|
663 | if multiple_counter[g_k] > 1: | |
|
|
664 | cur_perm = self.permissions_repository_groups[g_k] | |
|
|
665 | p = self._choose_permission(p, cur_perm) | |
|
|
666 | self.permissions_repository_groups[g_k] = p, o | |
|
|
689 | self.permissions_repository_groups[g_k] = p, o | |
|
|
667 | 690 | |
|
|
668 | 691 | # user explicit permissions for repository groups |
|
|
669 | 692 | user_repo_groups_perms = Permission.get_default_group_perms( |
| @@ -672,18 +695,20 b' class PermissionCalculator(object):' | |||
|
|
672 | 695 | rg_k = perm.UserRepoGroupToPerm.group.group_name |
|
|
673 | 696 | u_k = perm.UserRepoGroupToPerm.user.username |
|
|
674 | 697 | o = PermOrigin.REPOGROUP_USER % u_k |
|
|
698 | p = perm.Permission.permission_name | |
|
|
699 | ||
|
|
700 | if not self.explicit: | |
|
|
701 | cur_perm = self.permissions_repository_groups.get( | |
|
|
702 | rg_k, 'group.none') | |
|
|
703 | p = self._choose_permission(p, cur_perm) | |
|
|
704 | ||
|
|
705 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
675 | 706 | |
|
|
676 | 707 | if perm.RepoGroup.user_id == self.user_id: |
|
|
677 | 708 | # set admin if owner |
|
|
678 | 709 | p = 'group.admin' |
|
|
679 | 710 | o = PermOrigin.REPOGROUP_OWNER |
|
|
680 | else: | |
|
|
681 | p = perm.Permission.permission_name | |
|
|
682 | if not self.explicit: | |
|
|
683 | cur_perm = self.permissions_repository_groups.get( | |
|
|
684 | rg_k, 'group.none') | |
|
|
685 | p = self._choose_permission(p, cur_perm) | |
|
|
686 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
711 | self.permissions_repository_groups[rg_k] = p, o | |
|
|
687 | 712 | |
|
|
688 | 713 | def _calculate_user_group_permissions(self): |
|
|
689 | 714 | """ |
| @@ -700,19 +725,21 b' class PermissionCalculator(object):' | |||
|
|
700 | 725 | .target_user_group.users_group_name |
|
|
701 | 726 | u_k = perm.UserGroupUserGroupToPerm\ |
|
|
702 | 727 | .user_group.users_group_name |
|
|
728 | multiple_counter[g_k] += 1 | |
|
|
703 | 729 | o = PermOrigin.USERGROUP_USERGROUP % u_k |
|
|
704 | multiple_counter[g_k] += 1 | |
|
|
705 | 730 | p = perm.Permission.permission_name |
|
|
706 | 731 | |
|
|
732 | if multiple_counter[g_k] > 1: | |
|
|
733 | cur_perm = self.permissions_user_groups[g_k] | |
|
|
734 | p = self._choose_permission(p, cur_perm) | |
|
|
735 | ||
|
|
736 | self.permissions_user_groups[g_k] = p, o | |
|
|
737 | ||
|
|
707 | 738 | if perm.UserGroup.user_id == self.user_id: |
|
|
708 | 739 | # set admin if owner, even for member of other user group |
|
|
709 | 740 | p = 'usergroup.admin' |
|
|
710 | 741 | o = PermOrigin.USERGROUP_OWNER |
|
|
711 | else: | |
|
|
712 | if multiple_counter[g_k] > 1: | |
|
|
713 | cur_perm = self.permissions_user_groups[g_k] | |
|
|
714 | p = self._choose_permission(p, cur_perm) | |
|
|
715 | self.permissions_user_groups[g_k] = p, o | |
|
|
742 | self.permissions_user_groups[g_k] = p, o | |
|
|
716 | 743 | |
|
|
717 | 744 | # user explicit permission for user groups |
|
|
718 | 745 | user_user_groups_perms = Permission.get_default_user_group_perms( |
| @@ -721,18 +748,20 b' class PermissionCalculator(object):' | |||
|
|
721 | 748 | ug_k = perm.UserUserGroupToPerm.user_group.users_group_name |
|
|
722 | 749 | u_k = perm.UserUserGroupToPerm.user.username |
|
|
723 | 750 | o = PermOrigin.USERGROUP_USER % u_k |
|
|
751 | p = perm.Permission.permission_name | |
|
|
752 | ||
|
|
753 | if not self.explicit: | |
|
|
754 | cur_perm = self.permissions_user_groups.get( | |
|
|
755 | ug_k, 'usergroup.none') | |
|
|
756 | p = self._choose_permission(p, cur_perm) | |
|
|
757 | ||
|
|
758 | self.permissions_user_groups[ug_k] = p, o | |
|
|
724 | 759 | |
|
|
725 | 760 | if perm.UserGroup.user_id == self.user_id: |
|
|
726 | 761 | # set admin if owner |
|
|
727 | 762 | p = 'usergroup.admin' |
|
|
728 | 763 | o = PermOrigin.USERGROUP_OWNER |
|
|
729 | else: | |
|
|
730 | p = perm.Permission.permission_name | |
|
|
731 | if not self.explicit: | |
|
|
732 | cur_perm = self.permissions_user_groups.get( | |
|
|
733 | ug_k, 'usergroup.none') | |
|
|
734 | p = self._choose_permission(p, cur_perm) | |
|
|
735 | self.permissions_user_groups[ug_k] = p, o | |
|
|
764 | self.permissions_user_groups[ug_k] = p, o | |
|
|
736 | 765 | |
|
|
737 | 766 | def _choose_permission(self, new_perm, cur_perm): |
|
|
738 | 767 | new_perm_val = Permission.PERM_WEIGHTS[new_perm] |
| @@ -181,11 +181,25 b'' | |||
|
|
181 | 181 | </td> |
|
|
182 | 182 | <td class="td-tags"> |
|
|
183 | 183 | %if hasattr(permissions[section], 'perm_origin_stack'): |
|
|
184 | <div> | |
|
|
184 | 185 | %for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])): |
|
|
185 | <span class="${i > 0 and 'perm_overriden' or ''} perm_tag ${perm.split('.')[-1]}"> | |
|
|
186 |
|
|
|
|
187 |
< |
|
|
|
186 | ||
|
|
187 | % if i > 0: | |
|
|
188 | <div style="color: #979797"> | |
|
|
189 | <i class="icon-arrow_up"></i> | |
|
|
190 | ${_('overridden by')} | |
|
|
191 | <i class="icon-arrow_up"></i> | |
|
|
192 | </div> | |
|
|
193 | % endif | |
|
|
194 | ||
|
|
195 | <div> | |
|
|
196 | <span class="${i > 0 and 'perm_overriden' or ''} perm_tag ${perm.split('.')[-1]}"> | |
|
|
197 | ${perm} (${origin}) | |
|
|
198 | </span> | |
|
|
199 | </div> | |
|
|
200 | ||
|
|
188 | 201 |
|
|
|
202 | </div> | |
|
|
189 | 203 | %else: |
|
|
190 | 204 | <span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span> |
|
|
191 | 205 | %endif |
General Comments 0
You need to be logged in to leave comments.
Login now