Show More
| @@ -1,100 +1,100 b'' | |||
|
|
1 | 1 | # -*- coding: utf-8 -*- |
|
|
2 | 2 | |
|
|
3 | 3 | # Copyright (C) 2011-2017 RhodeCode GmbH |
|
|
4 | 4 | # |
|
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
|
8 | 8 | # |
|
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
|
12 | 12 | # GNU General Public License for more details. |
|
|
13 | 13 | # |
|
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
|
16 | 16 | # |
|
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
|
20 | 20 | |
|
|
21 | 21 | import logging |
|
|
22 | 22 | |
|
|
23 | 23 | from pyramid.view import view_config |
|
|
24 | 24 | from pyramid.httpexceptions import HTTPFound |
|
|
25 | 25 | |
|
|
26 | 26 | from rhodecode.apps._base import RepoGroupAppView |
|
|
27 | 27 | from rhodecode.lib import helpers as h |
|
|
28 | 28 | from rhodecode.lib import audit_logger |
|
|
29 | 29 | from rhodecode.lib.auth import ( |
|
|
30 | 30 | LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired) |
|
|
31 | 31 | from rhodecode.model.repo_group import RepoGroupModel |
|
|
32 | 32 | from rhodecode.model.forms import RepoGroupPermsForm |
|
|
33 | 33 | from rhodecode.model.meta import Session |
|
|
34 | 34 | |
|
|
35 | 35 | log = logging.getLogger(__name__) |
|
|
36 | 36 | |
|
|
37 | 37 | |
|
|
38 | 38 | class RepoGroupPermissionsView(RepoGroupAppView): |
|
|
39 | 39 | def load_default_context(self): |
|
|
40 | 40 | c = self._get_local_tmpl_context() |
|
|
41 | 41 | self._register_global_c(c) |
|
|
42 | 42 | return c |
|
|
43 | 43 | |
|
|
44 | 44 | @LoginRequired() |
|
|
45 | 45 | @HasRepoGroupPermissionAnyDecorator('group.admin') |
|
|
46 | 46 | @view_config( |
|
|
47 | 47 | route_name='edit_repo_group_perms', request_method='GET', |
|
|
48 | 48 | renderer='rhodecode:templates/admin/repo_groups/repo_group_edit.mako') |
|
|
49 | 49 | def edit_repo_group_permissions(self): |
|
|
50 | 50 | c = self.load_default_context() |
|
|
51 | 51 | c.active = 'permissions' |
|
|
52 | 52 | c.repo_group = self.db_repo_group |
|
|
53 | 53 | return self._get_template_context(c) |
|
|
54 | 54 | |
|
|
55 | 55 | @LoginRequired() |
|
|
56 | 56 | @HasRepoGroupPermissionAnyDecorator('group.admin') |
|
|
57 | 57 | @CSRFRequired() |
|
|
58 | 58 | @view_config( |
|
|
59 | 59 | route_name='edit_repo_group_perms_update', request_method='POST', |
|
|
60 | 60 | renderer='rhodecode:templates/admin/repo_groups/repo_group_edit.mako') |
|
|
61 | 61 | def edit_repo_groups_permissions_update(self): |
|
|
62 | 62 | _ = self.request.translate |
|
|
63 | 63 | c = self.load_default_context() |
|
|
64 | 64 | c.active = 'perms' |
|
|
65 | 65 | c.repo_group = self.db_repo_group |
|
|
66 | 66 | |
|
|
67 | 67 | valid_recursive_choices = ['none', 'repos', 'groups', 'all'] |
|
|
68 | 68 | form = RepoGroupPermsForm(valid_recursive_choices)()\ |
|
|
69 | 69 | .to_python(self.request.POST) |
|
|
70 | 70 | |
|
|
71 | 71 | if not c.rhodecode_user.is_admin: |
|
|
72 | 72 | if self._revoke_perms_on_yourself(form): |
|
|
73 | 73 | msg = _('Cannot change permission for yourself as admin') |
|
|
74 | 74 | h.flash(msg, category='warning') |
|
|
75 | 75 | raise HTTPFound( |
|
|
76 | 76 | h.route_path('edit_repo_group_perms', |
|
|
77 | group_name=self.db_repo_group_name)) | |
|
|
77 | repo_group_name=self.db_repo_group_name)) | |
|
|
78 | 78 | |
|
|
79 | 79 | # iterate over all members(if in recursive mode) of this groups and |
|
|
80 | 80 | # set the permissions ! |
|
|
81 | 81 | # this can be potentially heavy operation |
|
|
82 | 82 | changes = RepoGroupModel().update_permissions( |
|
|
83 | 83 | c.repo_group, |
|
|
84 | 84 | form['perm_additions'], form['perm_updates'], form['perm_deletions'], |
|
|
85 | 85 | form['recursive']) |
|
|
86 | 86 | |
|
|
87 | 87 | action_data = { |
|
|
88 | 88 | 'added': changes['added'], |
|
|
89 | 89 | 'updated': changes['updated'], |
|
|
90 | 90 | 'deleted': changes['deleted'], |
|
|
91 | 91 | } |
|
|
92 | 92 | audit_logger.store_web( |
|
|
93 | 93 | 'repo_group.edit.permissions', action_data=action_data, |
|
|
94 | 94 | user=c.rhodecode_user) |
|
|
95 | 95 | |
|
|
96 | 96 | Session().commit() |
|
|
97 | 97 | h.flash(_('Repository Group permissions updated'), category='success') |
|
|
98 | 98 | raise HTTPFound( |
|
|
99 | 99 | h.route_path('edit_repo_group_perms', |
|
|
100 | 100 | repo_group_name=self.db_repo_group_name)) |
General Comments 0
You need to be logged in to leave comments.
Login now