##// END OF EJS Templates
u » ewong » rhodecode-enterprise-ce-fork
RSS

Fork of rhodecode-enterprise-ce

goto-switcher: optimized performance and query capabilities....
goto-switcher: optimized performance and query capabilities. - Previous implementation had on significant bug. The use of LIMIT 20 was limiting results BEFORE auth checks. In case of large ammount of similarly named repositories user didn't had access too, the result goto search was empty. This was becuase first 20 items fetched didn't pass permission checks and final auth list was empty. To fix this we now use proper filtering for auth using SQL. It means we first check user allowed repositories, and add this as a filter so end result from database is already to only the accessible repositories.
marcink - - Load All Authors

File last commit:

r2011:72acb5fb default
r2038:2bdf9d4d default
Show More
perms_summary.mako
254 lines | 11.6 KiB | application/x-mako | MakoHtmlLexer
/ rhodecode / templates / base / perms_summary.mako
History | Annotation | Raw |Copy content |Copy permalink
## snippet for displaying permissions overview for users
## usage:
## <%namespace name="p" file="/base/perms_summary.mako"/>
## ${p.perms_summary(c.perm_user.permissions)}
<%def name="perms_summary(permissions, show_all=False, actions=True, side_link=None)">
<div id="perms" class="table fields">
%for section in sorted(permissions.keys()):
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">${section.replace("_"," ").capitalize()}</h3>
% if side_link:
<div class="pull-right">
<a href="${side_link}">${_('in JSON format')}</a>
</div>
% endif
</div>
<div class="panel-body">
<div class="perms_section_head field">
<div class="radios">
%if section != 'global':
<span class="permissions_boxes">
<span class="desc">${_('show')}: </span>
${h.checkbox('perms_filter_none_%s' % section, 'none', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_%s' % section}"><span class="perm_tag none">${_('none')}</span></label>
${h.checkbox('perms_filter_read_%s' % section, 'read', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='read')} <label for="${'perms_filter_read_%s' % section}"><span class="perm_tag read">${_('read')}</span></label>
${h.checkbox('perms_filter_write_%s' % section, 'write', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='write')} <label for="${'perms_filter_write_%s' % section}"> <span class="perm_tag write">${_('write')}</span></label>
${h.checkbox('perms_filter_admin_%s' % section, 'admin', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='admin')} <label for="${'perms_filter_admin_%s' % section}"><span class="perm_tag admin">${_('admin')}</span></label>
</span>
%endif
</div>
</div>
<div class="field">
%if not permissions[section]:
<p class="empty_data help-block">${_('No permissions defined')}</p>
%else:
<div id='tbl_list_wrap_${section}'>
<table id="tbl_list_${section}" class="rctable">
## global permission box
%if section == 'global':
<thead>
<tr>
<th colspan="2" class="left">${_('Permission')}</th>
%if actions:
<th colspan="2">${_('Edit Permission')}</th>
%endif
</thead>
<tbody>
<%
def get_section_perms(prefix, opts):
_selected = []
for op in opts:
if op.startswith(prefix) and not op.startswith('hg.create.write_on_repogroup'):
_selected.append(op)
admin = 'hg.admin' in opts
_selected_vals = [x.partition(prefix)[-1] for x in _selected]
return admin, _selected_vals, _selected
%>
<%def name="glob(lbl, val, val_lbl=None, edit_url=None, edit_global_url=None)">
<tr>
<td class="td-tags">
${lbl}
</td>
<td class="td-tags">
%if val[0]:
%if not val_lbl:
## super admin case
True
%else:
<span class="perm_tag admin">${val_lbl}.admin</span>
%endif
%else:
%if not val_lbl:
${
{'false': False,
'true': True,
'none': False,
'repository': True}.get(val[1][0] if 0 < len(val[1]) else 'false')
}
%else:
<span class="perm_tag ${val[1][0]}">${val_lbl}.${val[1][0]}</span>
%endif
%endif
</td>
%if actions:
% if edit_url or edit_global_url:
<td class="td-action">
% if edit_url:
<a href="${edit_url}">${_('edit')}</a>
% else:
-
% endif
</td>
<td class="td-action">
% if edit_global_url:
<a href="${edit_global_url}">${_('edit global')}</a>
% else:
-
% endif
</td>
% else:
<td class="td-action"></td>
<td class="td-action">
<a href="${h.route_path('admin_permissions_global')}">${_('edit global')}</a>
<td class="td-action">
% endif
%endif
</tr>
</%def>
${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository',
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group',
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup',
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Super admin'), get_section_perms('hg.admin', permissions[section]),
edit_url=h.url('edit_user', user_id=c.user.user_id, anchor='admin'), edit_global_url=None)}
${glob(_('Inherit permissions'), get_section_perms('hg.inherit_default_perms.', permissions[section]),
edit_url=h.url('edit_user_global_perms', user_id=c.user.user_id), edit_global_url=None)}
${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]),
edit_url=h.url('edit_user_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]),
edit_url=h.url('edit_user_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]),
edit_url=h.url('edit_user_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]),
edit_url=h.url('edit_user_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
</tbody>
%else:
## none/read/write/admin permissions on groups/repos etc
<thead>
<tr>
<th>${_('Name')}</th>
<th>${_('Permission')}</th>
%if actions:
<th>${_('Edit Permission')}</th>
%endif
</thead>
<tbody class="section_${section}">
<%
def sorter(permissions):
def custom_sorter(item):
## read/write/admin
section = item[1].split('.')[-1]
section_importance = {'none': u'0',
'read': u'1',
'write':u'2',
'admin':u'3'}.get(section)
## sort by group importance+name
return section_importance+item[0]
return sorted(permissions, key=custom_sorter)
%>
%for k, section_perm in sorter(permissions[section].items()):
%if section_perm.split('.')[-1] != 'none' or show_all:
<tr class="perm_row ${'%s_%s' % (section, section_perm.split('.')[-1])}">
<td class="td-name"">
%if section == 'repositories':
<a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a>
%elif section == 'repositories_groups':
<a href="${h.route_path('repo_group_home', repo_group_name=k)}">${k}</a>
%elif section == 'user_groups':
##<a href="${h.url('edit_users_group',user_group_id=k)}">${k}</a>
${k}
%endif
</td>
<td class="td-tags">
%if hasattr(permissions[section], 'perm_origin_stack'):
%for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])):
<span class="${i > 0 and 'perm_overriden' or ''} perm_tag ${perm.split('.')[-1]}">
${perm} (${origin})
</span>
%endfor
%else:
<span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span>
%endif
</td>
%if actions:
<td class="td-action">
%if section == 'repositories':
<a href="${h.route_path('edit_repo_perms',repo_name=k,_anchor='permissions_manage')}">${_('edit')}</a>
%elif section == 'repositories_groups':
<a href="${h.url('edit_repo_group_perms',group_name=k,anchor='permissions_manage')}">${_('edit')}</a>
%elif section == 'user_groups':
##<a href="${h.url('edit_users_group',user_group_id=k)}">${_('edit')}</a>
%endif
</td>
%endif
</tr>
%endif
%endfor
<tr id="empty_${section}" class="noborder" style="display:none;">
<td colspan="6">${_('No permission defined')}</td>
</tr>
</tbody>
%endif
</table>
</div>
%endif
</div>
</div>
</div>
%endfor
</div>
<script>
$(document).ready(function(){
var show_empty = function(section){
var visible = $('.section_{0} tr.perm_row:visible'.format(section)).length;
if(visible == 0){
$('#empty_{0}'.format(section)).show();
}
else{
$('#empty_{0}'.format(section)).hide();
}
};
$('.perm_filter').on('change', function(e){
var self = this;
var section = $(this).attr('section');
var opts = {};
var elems = $('.filter_' + section).each(function(el){
var perm_type = $(this).attr('perm_type');
var checked = this.checked;
opts[perm_type] = checked;
if(checked){
$('.'+section+'_'+perm_type).show();
}
else{
$('.'+section+'_'+perm_type).hide();
}
});
show_empty(section);
})
})
</script>
</%def>