##// END OF EJS Templates
auto-healing of permissions for default user after upgrading from some old versions.
auto-healing of permissions for default user after upgrading from some old versions.

File last commit:

r2776:63e58ef8 merge default
r2798:091e99b2 beta
Show More
users.py
320 lines | 12.3 KiB | text/x-python | PythonLexer
some docs updates on controller
r853 # -*- coding: utf-8 -*-
"""
rhodecode.controllers.admin.users
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Users crud controller for pylons
source code cleanup: remove trailing white space, normalize file endings
r1203
some docs updates on controller
r853 :created_on: Apr 4, 2010
:author: marcink
2012 copyrights
r1824 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
some docs updates on controller
r853 :license: GPLv3, see COPYING for more details.
"""
fixed license issue #149
r1206 # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
renamed project to rhodecode
r547 # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
renamed project to rhodecode
r547 # You should have received a copy of the GNU General Public License
fixed license issue #149
r1206 # along with this program. If not, see <http://www.gnu.org/licenses/>.
some docs updates on controller
r853
import logging
import traceback
import formencode
implemented admin panel Users table with YUI datatable...
r2658 from pylons import response
renamed project to rhodecode
r547
from formencode import htmlfill
Added some more details into user edit permissions view
r895 from pylons import request, session, tmpl_context as c, url, config
2012 copyrights
r1824 from pylons.controllers.util import redirect
renamed project to rhodecode
r547 from pylons.i18n.translation import _
some docs updates on controller
r853
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 import rhodecode
PEP8ify - controllers
r1245 from rhodecode.lib.exceptions import DefaultUserException, \
UserOwnsReposException
renamed project to rhodecode
r547 from rhodecode.lib import helpers as h
implemented admin panel Users table with YUI datatable...
r2658 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
#478 permissions overview for admin in user edit view
r2435 AuthUser
renamed project to rhodecode
r547 from rhodecode.lib.base import BaseController, render
some docs updates on controller
r853
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 from rhodecode.model.db import User, UserEmailMap
renamed project to rhodecode
r547 from rhodecode.model.forms import UserForm
fixed #72 show warning on removal when user still is owner of existing repositories...
r713 from rhodecode.model.user import UserModel
commit less models...
r1749 from rhodecode.model.meta import Session
Implemented #467 Journal logs comments on changesets...
r2375 from rhodecode.lib.utils import action_logger
implemented admin panel Users table with YUI datatable...
r2658 from rhodecode.lib.compat import json
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 from rhodecode.lib.utils2 import datetime_to_time, str2bool
renamed project to rhodecode
r547
log = logging.getLogger(__name__)
PEP8ify - controllers
r1245
renamed project to rhodecode
r547 class UsersController(BaseController):
"""REST Controller styled on the Atom Publishing Protocol"""
# To properly map this controller, ensure your config/routing.py
# file has a resource setup:
# map.resource('user', 'users')
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 @LoginRequired()
@HasPermissionAllDecorator('hg.admin')
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
super(UsersController, self).__before__()
Added some more details into user edit permissions view
r895 c.available_permissions = config['available_permissions']
renamed project to rhodecode
r547
def index(self, format='html'):
"""GET /users: All items in the collection"""
# url('users')
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
implemented admin panel Users table with YUI datatable...
r2658 c.users_list = User.query().order_by(User.username).all()
users_data = []
total_records = len(c.users_list)
No more raw html inside users controller....
r2663 _tmpl_lookup = rhodecode.CONFIG['pylons.app_globals'].mako_lookup
template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
grav_tmpl = lambda user_email, size: (
template.get_def("user_gravatar")
merged + fixed pull request #62: Implemented metatags and visualisation options....
r2674 .render(user_email, size, _=_, h=h, c=c))
No more raw html inside users controller....
r2663
user_lnk = lambda user_id, username: (
template.get_def("user_name")
merged + fixed pull request #62: Implemented metatags and visualisation options....
r2674 .render(user_id, username, _=_, h=h, c=c))
No more raw html inside users controller....
r2663
user_actions = lambda user_id, username: (
template.get_def("user_actions")
merged + fixed pull request #62: Implemented metatags and visualisation options....
r2674 .render(user_id, username, _=_, h=h, c=c))
No more raw html inside users controller....
r2663
implemented admin panel Users table with YUI datatable...
r2658 for user in c.users_list:
fixed sorting by last_login in users admin page
r2699
implemented admin panel Users table with YUI datatable...
r2658 users_data.append({
No more raw html inside users controller....
r2663 "gravatar": grav_tmpl(user. email, 24),
implemented admin panel Users table with YUI datatable...
r2658 "raw_username": user.username,
No more raw html inside users controller....
r2663 "username": user_lnk(user.user_id, user.username),
implemented admin panel Users table with YUI datatable...
r2658 "firstname": user.name,
"lastname": user.lastname,
"last_login": h.fmt_date(user.last_login),
fixed sorting by last_login in users admin page
r2699 "last_login_raw": datetime_to_time(user.last_login),
implemented admin panel Users table with YUI datatable...
r2658 "active": h.bool2icon(user.active),
"admin": h.bool2icon(user.admin),
"ldap": h.bool2icon(bool(user.ldap_dn)),
No more raw html inside users controller....
r2663 "action": user_actions(user.user_id, user.username),
implemented admin panel Users table with YUI datatable...
r2658 })
c.data = json.dumps({
"totalRecords": total_records,
"startIndex": 0,
"sort": None,
"dir": "asc",
"records": users_data
})
renamed project to rhodecode
r547 return render('admin/users/users.html')
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 def create(self):
"""POST /users: Create a new item"""
# url('users')
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 user_model = UserModel()
typo fixes
r1644 user_form = UserForm()()
renamed project to rhodecode
r547 try:
typo fixes
r1644 form_result = user_form.to_python(dict(request.POST))
renamed project to rhodecode
r547 user_model.create(form_result)
Implemented #467 Journal logs comments on changesets...
r2375 usr = form_result['username']
action_logger(self.rhodecode_user, 'admin_created_user:%s' % usr,
None, self.ip_addr, self.sa)
h.flash(_('created user %s') % usr,
renamed project to rhodecode
r547 category='success')
sqlalchemy sessions cleanup in admin...
r2662 Session().commit()
refactor codes and setup for python 2.5...
r564 except formencode.Invalid, errors:
renamed project to rhodecode
r547 return htmlfill.render(
render('admin/users/user_add.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 encoding="UTF-8")
renamed project to rhodecode
r547 except Exception:
log.error(traceback.format_exc())
fixed spelling mistakes, and some minor docs bugs
r860 h.flash(_('error occurred during creation of user %s') \
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 % request.POST.get('username'), category='error')
renamed project to rhodecode
r547 return redirect(url('users'))
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 def new(self, format='html'):
"""GET /users/new: Form to create a new item"""
# url('new_user')
return render('admin/users/user_add.html')
def update(self, id):
"""PUT /users/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
Fixed #161 form saves the create repository permission....
r1266 # h.form(url('update_user', id=ID),
renamed project to rhodecode
r547 # method='put')
# url('user', id=ID)
user_model = UserModel()
Code refactoring,models renames...
r629 c.user = user_model.get(id)
#478 permissions overview for admin in user edit view
r2435 c.perm_user = AuthUser(user_id=id)
PEP8ify - controllers
r1245 _form = UserForm(edit=True, old_data={'user_id': id,
'email': c.user.email})()
renamed project to rhodecode
r547 form_result = {}
try:
form_result = _form.to_python(dict(request.POST))
user_model.update(id, form_result)
Implemented #467 Journal logs comments on changesets...
r2375 usr = form_result['username']
action_logger(self.rhodecode_user, 'admin_updated_user:%s' % usr,
None, self.ip_addr, self.sa)
Fixed #161 form saves the create repository permission....
r1266 h.flash(_('User updated successfully'), category='success')
sqlalchemy sessions cleanup in admin...
r2662 Session().commit()
refactor codes and setup for python 2.5...
r564 except formencode.Invalid, errors:
Added validation into user email map
r2479 c.user_email_map = UserEmailMap.query()\
.filter(UserEmailMap.user == c.user).all()
defaults = errors.value
Fixed #161 form saves the create repository permission....
r1266 e = errors.error_dict or {}
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 defaults.update({
'create_repo_perm': user_model.has_perm(id, 'hg.create.repository'),
'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'),
'_method': 'put'
})
renamed project to rhodecode
r547 return htmlfill.render(
render('admin/users/user_edit.html'),
Added validation into user email map
r2479 defaults=defaults,
Fixed #161 form saves the create repository permission....
r1266 errors=e,
renamed project to rhodecode
r547 prefix_error=False,
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 encoding="UTF-8")
renamed project to rhodecode
r547 except Exception:
log.error(traceback.format_exc())
some docs updates on controller
r853 h.flash(_('error occurred during update of user %s') \
renamed project to rhodecode
r547 % form_result.get('username'), category='error')
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 return redirect(url('edit_user', id=id))
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 def delete(self, id):
"""DELETE /users/id: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="DELETE" />
# Or using helpers:
Fixed #161 form saves the create repository permission....
r1266 # h.form(url('delete_user', id=ID),
renamed project to rhodecode
r547 # method='delete')
# url('user', id=ID)
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 usr = User.get_or_404(id)
renamed project to rhodecode
r547 try:
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 UserModel().delete(usr)
sqlalchemy sessions cleanup in admin...
r2662 Session().commit()
Added some more details into user edit permissions view
r895 h.flash(_('successfully deleted user'), category='success')
fixed #72 show warning on removal when user still is owner of existing repositories...
r713 except (UserOwnsReposException, DefaultUserException), e:
Don't cast to string on warning about deleting an user who still owns repositories
r2155 h.flash(e, category='warning')
renamed project to rhodecode
r547 except Exception:
Don't cast to string on warning about deleting an user who still owns repositories
r2155 log.error(traceback.format_exc())
fixed spelling mistakes, and some minor docs bugs
r860 h.flash(_('An error occurred during deletion of user'),
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 category='error')
renamed project to rhodecode
r547 return redirect(url('users'))
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 def show(self, id, format='html'):
"""GET /users/id: Show a specific item"""
# url('user', id=ID)
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673
renamed project to rhodecode
r547 def edit(self, id, format='html'):
"""GET /users/id/edit: Form to edit an existing item"""
# url('edit_user', id=ID)
use get_or_404 where possible
r2496 c.user = User.get_or_404(id)
renamed project to rhodecode
r547 if c.user.username == 'default':
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 h.flash(_("You can't edit this user"), category='warning')
renamed project to rhodecode
r547 return redirect(url('users'))
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
#478 permissions overview for admin in user edit view
r2435 c.perm_user = AuthUser(user_id=id)
Added some more details into user edit permissions view
r895 c.user.permissions = {}
commit less models...
r1749 c.granted_permissions = UserModel().fill_perms(c.user)\
PEP8ify - controllers
r1245 .permissions['global']
Added simple UI for admin to manage emails map
r2330 c.user_email_map = UserEmailMap.query()\
.filter(UserEmailMap.user == c.user).all()
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 user_model = UserModel()
new improved models with helper functions for easier data fetching
r832 defaults = c.user.get_dict()
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 defaults.update({
'create_repo_perm': user_model.has_perm(id, 'hg.create.repository'),
'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'),
})
Added some more details into user edit permissions view
r895
renamed project to rhodecode
r547 return htmlfill.render(
render('admin/users/user_edit.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=False
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 )
Fixed #161 form saves the create repository permission....
r1266
def update_perm(self, id):
"""PUT /users_perm/id: Update an existing item"""
# url('user_perm', id=ID, method='put')
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 usr = User.get_or_404(id)
grant_create_perm = str2bool(request.POST.get('create_repo_perm'))
grant_fork_perm = str2bool(request.POST.get('fork_repo_perm'))
inherit_perms = str2bool(request.POST.get('inherit_default_permissions'))
Fixed #161 form saves the create repository permission....
r1266
commit less models...
r1749 user_model = UserModel()
auto white-space removal
r1818
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 try:
usr.inherit_default_permissions = inherit_perms
Session().add(usr)
Fixed #161 form saves the create repository permission....
r1266
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 if grant_create_perm:
user_model.revoke_perm(usr, 'hg.create.none')
user_model.grant_perm(usr, 'hg.create.repository')
h.flash(_("Granted 'repository create' permission to user"),
category='success')
else:
user_model.revoke_perm(usr, 'hg.create.repository')
user_model.grant_perm(usr, 'hg.create.none')
h.flash(_("Revoked 'repository create' permission to user"),
category='success')
if grant_fork_perm:
user_model.revoke_perm(usr, 'hg.fork.none')
user_model.grant_perm(usr, 'hg.fork.repository')
h.flash(_("Granted 'repository fork' permission to user"),
category='success')
else:
user_model.revoke_perm(usr, 'hg.fork.repository')
user_model.grant_perm(usr, 'hg.fork.none')
h.flash(_("Revoked 'repository fork' permission to user"),
category='success')
sqlalchemy sessions cleanup in admin...
r2662 Session().commit()
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 except Exception:
log.error(traceback.format_exc())
h.flash(_('An error occurred during permissions saving'),
category='error')
Fixed #161 form saves the create repository permission....
r1266 return redirect(url('edit_user', id=id))
Added simple UI for admin to manage emails map
r2330
def add_email(self, id):
Switched forms to new validators
r2467 """POST /user_emails:Add an existing item"""
Added simple UI for admin to manage emails map
r2330 # url('user_emails', id=ID, method='put')
#TODO: validation and form !!!
email = request.POST.get('new_email')
user_model = UserModel()
try:
user_model.add_extra_email(id, email)
sqlalchemy sessions cleanup in admin...
r2662 Session().commit()
Takumi IINO
i18n improve
r2570 h.flash(_("Added email %s to user") % email, category='success')
Added validation into user email map
r2479 except formencode.Invalid, error:
msg = error.error_dict['email']
h.flash(msg, category='error')
Added simple UI for admin to manage emails map
r2330 except Exception:
log.error(traceback.format_exc())
h.flash(_('An error occurred during email saving'),
category='error')
return redirect(url('edit_user', id=id))
def delete_email(self, id):
"""DELETE /user_emails_delete/id: Delete an existing item"""
# url('user_emails_delete', id=ID, method='delete')
user_model = UserModel()
user_model.delete_extra_email(id, request.POST.get('del_email'))
sqlalchemy sessions cleanup in admin...
r2662 Session().commit()
Added simple UI for admin to manage emails map
r2330 h.flash(_("Removed email from user"), category='success')
return redirect(url('edit_user', id=id))