% if section == 'repository_branches':
${_('show')}:
${h.checkbox('perms_filter_none_%s' % section, 'none', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} ${_('none')}
${h.checkbox('perms_filter_merge_%s' % section, 'merge', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='merge')} ${_('merge')}
${h.checkbox('perms_filter_push_%s' % section, 'push', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='push')} ${_('push')}
${h.checkbox('perms_filter_push_force_%s' % section, 'push_force', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='push_force')} ${_('push force')}
% elif section != 'global':
${_('show')}:
${h.checkbox('perms_filter_none_%s' % section, 'none', '', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} ${_('none')}
${h.checkbox('perms_filter_read_%s' % section, 'read', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='read')} ${_('read')}
${h.checkbox('perms_filter_write_%s' % section, 'write', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='write')} ${_('write')}
${h.checkbox('perms_filter_admin_%s' % section, 'admin', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='admin')} ${_('admin')}
% endif
%if not permissions[section]:
${_('No permissions defined')}
%else:
## global permission box
%if section == 'global':
${_('Permission')}
%if actions:
${_('Edit Permission')}
%endif
<%
def get_section_perms(prefix, opts):
_selected = []
for op in opts:
if op.startswith(prefix) and not op.startswith('hg.create.write_on_repogroup'):
_selected.append(op)
admin = 'hg.admin' in opts
_selected_vals = [x.partition(prefix)[-1] for x in _selected]
return admin, _selected_vals, _selected
%>
<%def name="glob(lbl, val, val_lbl=None, edit_url=None, edit_global_url=None)">
${lbl}
%if val[0]:
%if not val_lbl:
## super admin case
True
%else:
${val_lbl}.admin
%endif
%else:
%if not val_lbl:
${{'false': False,
'true': True,
'none': False,
'repository': True}.get(val[1][0] if 0 < len(val[1]) else 'false')}
%else:
${val_lbl}.${val[1][0]}
%endif
%endif
%if actions:
% if edit_url or edit_global_url:
% if edit_url:
${_('edit')}
% else:
-
% endif
% if edit_global_url:
${_('edit global')}
% else:
-
% endif
% else:
${_('edit global')}
% endif
%endif
%def>
${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository',
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group',
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup',
edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Super admin'), get_section_perms('hg.admin', permissions[section]),
edit_url=h.route_path('user_edit', user_id=c.user.user_id, _anchor='admin'), edit_global_url=None)}
${glob(_('Inherit permissions'), get_section_perms('hg.inherit_default_perms.', permissions[section]),
edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=None)}
${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]),
edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]),
edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]),
edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]),
edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
## Branch perms
%elif section == 'repository_branches':
${_('Name')}
${_('Pattern')}
${_('Permission')}
%if actions:
${_('Edit Branch Permission')}
%endif
<%
def name_sorter(permissions):
def custom_sorter(item):
return item[0]
return sorted(permissions, key=custom_sorter)
def branch_sorter(permissions):
def custom_sorter(item):
## none, merge, push, push_force
section = item[1].split('.')[-1]
section_importance = {'none': u'0',
'merge': u'1',
'push': u'2',
'push_force': u'3'}.get(section)
## sort by importance + name
return section_importance + item[0]
return sorted(permissions, key=custom_sorter)
%>
%for k, section_perms in name_sorter(permissions[section].items()):
## for display purposes, for non super-admins we need to check if shown
## repository is actually accessible for user
<% repo_perm = permissions['repositories'][k] %>
% if repo_perm == 'repository.none' and not c.rhodecode_user.is_admin:
## skip this entry
<% continue %>
% endif
<% total_counter +=1 %>
% for pattern, perm in branch_sorter(section_perms.items()):
${k}
${pattern}
## TODO: calculate origin somehow
## % for i, ((_pat, perm), origin) in enumerate((permissions[section].perm_origin_stack[k])):
<% i = 0 %>
<% origin = 'unknown' %>
<% _css_class = i > 0 and 'perm_overriden' or '' %>
${perm}
##(${origin})
## % endfor
%if actions:
${_('edit')}
%endif
% endfor
%endfor
## Repos/Repo Groups/users groups perms
%else:
## none/read/write/admin permissions on groups/repos etc
${_('Name')}
${_('Permission')}
%if actions:
${_('Edit Permission')}
%endif
<%
def sorter(permissions):
def custom_sorter(item):
## read/write/admin
section = item[1].split('.')[-1]
section_importance = {'none': u'0',
'read': u'1',
'write':u'2',
'admin':u'3'}.get(section)
## sort by group importance+name
return section_importance+item[0]
return sorted(permissions, key=custom_sorter)
%>
%for k, section_perm in sorter(permissions[section].items()):
<% perm_value = section_perm.split('.')[-1] %>
<% _css_class = 'display:none' if perm_value in ['none'] else '' %>
%if perm_value != 'none' or show_all:
%if section == 'repositories':
${k}
%elif section == 'repositories_groups':
${k}
%elif section == 'user_groups':
##${k}
${k}
%endif
%if hasattr(permissions[section], 'perm_origin_stack'):
%for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])):
<% _css_class = i > 0 and 'perm_overriden' or '' %>
% if i > 0:
${_('overridden by')}
% endif
${perm} (${origin})
%endfor
%else:
${section_perm}
%endif
%if actions:
%if section == 'repositories':
${_('edit')}
%elif section == 'repositories_groups':
${_('edit')}
%elif section == 'user_groups':
##${_('edit')}
%endif
%endif
<% total_counter +=1 %>
%endif
%endfor
${_('No matching permission defined')}
%endif
%endif