Show More
| @@ -71,6 +71,7 b' class ChannelstreamView(object):' | |||
|
|
71 | 71 | except Exception: |
|
|
72 | 72 | log.exception('Failed to decode json from request') |
|
|
73 | 73 | raise HTTPBadRequest() |
|
|
74 | ||
|
|
74 | 75 | try: |
|
|
75 | 76 | channels = check_channel_permissions( |
|
|
76 | 77 | json_body.get('channels'), |
| @@ -92,7 +93,7 b' class ChannelstreamView(object):' | |||
|
|
92 | 93 | 'display_name': None, |
|
|
93 | 94 | 'display_link': None, |
|
|
94 | 95 | } |
|
|
95 | user_data['permissions'] = self._rhodecode_user.permissions | |
|
|
96 | user_data['permissions'] = self._rhodecode_user.permissions_safe | |
|
|
96 | 97 | payload = { |
|
|
97 | 98 | 'username': user.username, |
|
|
98 | 99 | 'user_state': user_data, |
| @@ -824,6 +824,24 b' class AuthUser(object):' | |||
|
|
824 | 824 | def permissions(self): |
|
|
825 | 825 | return self.get_perms(user=self, cache=False) |
|
|
826 | 826 | |
|
|
827 | @LazyProperty | |
|
|
828 | def permissions_safe(self): | |
|
|
829 | """ | |
|
|
830 | Filtered permissions excluding not allowed repositories | |
|
|
831 | """ | |
|
|
832 | perms = self.get_perms(user=self, cache=False) | |
|
|
833 | ||
|
|
834 | perms['repositories'] = { | |
|
|
835 | k: v for k, v in perms['repositories'].iteritems() | |
|
|
836 | if v != 'repository.none'} | |
|
|
837 | perms['repositories_groups'] = { | |
|
|
838 | k: v for k, v in perms['repositories_groups'].iteritems() | |
|
|
839 | if v != 'group.none'} | |
|
|
840 | perms['user_groups'] = { | |
|
|
841 | k: v for k, v in perms['user_groups'].iteritems() | |
|
|
842 | if v != 'usergroup.none'} | |
|
|
843 | return perms | |
|
|
844 | ||
|
|
827 | 845 | def permissions_with_scope(self, scope): |
|
|
828 | 846 | """ |
|
|
829 | 847 | Call the get_perms function with scoped data. The scope in that function |
General Comments 0
You need to be logged in to leave comments.
Login now