repo_permissions.py
89 lines
| 3.2 KiB
| text/x-python
|
PythonLexer
| r1734 | # -*- coding: utf-8 -*- | |||
| r2487 | # Copyright (C) 2011-2018 RhodeCode GmbH | |||
| r1734 | # | |||
| # This program is free software: you can redistribute it and/or modify | ||||
| # it under the terms of the GNU Affero General Public License, version 3 | ||||
| # (only), as published by the Free Software Foundation. | ||||
| # | ||||
| # This program is distributed in the hope that it will be useful, | ||||
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
| # GNU General Public License for more details. | ||||
| # | ||||
| # You should have received a copy of the GNU Affero General Public License | ||||
| # along with this program. If not, see <http://www.gnu.org/licenses/>. | ||||
| # | ||||
| # This program is dual-licensed. If you wish to learn more about the | ||||
| # RhodeCode Enterprise Edition, including its added features, Support services, | ||||
| # and proprietary license terms, please see https://rhodecode.com/licenses/ | ||||
| import logging | ||||
| from pyramid.httpexceptions import HTTPFound | ||||
| from pyramid.view import view_config | ||||
| from rhodecode.apps._base import RepoAppView | ||||
| from rhodecode.lib import helpers as h | ||||
| from rhodecode.lib import audit_logger | ||||
| from rhodecode.lib.auth import ( | ||||
| r2014 | LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired) | |||
| r1734 | from rhodecode.model.forms import RepoPermsForm | |||
| from rhodecode.model.meta import Session | ||||
| from rhodecode.model.repo import RepoModel | ||||
| log = logging.getLogger(__name__) | ||||
| class RepoSettingsPermissionsView(RepoAppView): | ||||
| def load_default_context(self): | ||||
| c = self._get_local_tmpl_context() | ||||
| r2351 | ||||
| r1734 | return c | |||
| @LoginRequired() | ||||
| @HasRepoPermissionAnyDecorator('repository.admin') | ||||
| @view_config( | ||||
| route_name='edit_repo_perms', request_method='GET', | ||||
| renderer='rhodecode:templates/admin/repos/repo_edit.mako') | ||||
| def edit_permissions(self): | ||||
| c = self.load_default_context() | ||||
| c.active = 'permissions' | ||||
| return self._get_template_context(c) | ||||
| @LoginRequired() | ||||
| r2014 | @HasRepoPermissionAnyDecorator('repository.admin') | |||
| r1734 | @CSRFRequired() | |||
| @view_config( | ||||
| route_name='edit_repo_perms', request_method='POST', | ||||
| renderer='rhodecode:templates/admin/repos/repo_edit.mako') | ||||
| def edit_permissions_update(self): | ||||
| _ = self.request.translate | ||||
| c = self.load_default_context() | ||||
| c.active = 'permissions' | ||||
| data = self.request.POST | ||||
| # store private flag outside of HTML to verify if we can modify | ||||
| r2014 | # default user permissions, prevents submission of FAKE post data | |||
| r1734 | # into the form for private repos | |||
| data['repo_private'] = self.db_repo.private | ||||
| r2351 | form = RepoPermsForm(self.request.translate)().to_python(data) | |||
| r1734 | changes = RepoModel().update_permissions( | |||
| self.db_repo_name, form['perm_additions'], form['perm_updates'], | ||||
| form['perm_deletions']) | ||||
| action_data = { | ||||
| 'added': changes['added'], | ||||
| 'updated': changes['updated'], | ||||
| 'deleted': changes['deleted'], | ||||
| } | ||||
| r1806 | audit_logger.store_web( | |||
| r1734 | 'repo.edit.permissions', action_data=action_data, | |||
| user=self._rhodecode_user, repo=self.db_repo) | ||||
| Session().commit() | ||||
| h.flash(_('Repository permissions updated'), category='success') | ||||
| raise HTTPFound( | ||||
| r2014 | h.route_path('edit_repo_perms', repo_name=self.db_repo_name)) | |||
