users.py
239 lines
| 9.0 KiB
| text/x-python
|
PythonLexer
| r853 | # -*- coding: utf-8 -*- | |||
| """ | ||||
| rhodecode.controllers.admin.users | ||||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||||
| Users crud controller for pylons | ||||
| r1203 | ||||
| r853 | :created_on: Apr 4, 2010 | |||
| :author: marcink | ||||
| r1824 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |||
| r853 | :license: GPLv3, see COPYING for more details. | |||
| """ | ||||
| r1206 | # This program is free software: you can redistribute it and/or modify | |||
| # it under the terms of the GNU General Public License as published by | ||||
| # the Free Software Foundation, either version 3 of the License, or | ||||
| # (at your option) any later version. | ||||
| r1203 | # | |||
| r547 | # This program is distributed in the hope that it will be useful, | |||
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
| # GNU General Public License for more details. | ||||
| r1203 | # | |||
| r547 | # You should have received a copy of the GNU General Public License | |||
| r1206 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
| r853 | ||||
| import logging | ||||
| import traceback | ||||
| import formencode | ||||
| r547 | ||||
| from formencode import htmlfill | ||||
| r895 | from pylons import request, session, tmpl_context as c, url, config | |||
| r1824 | from pylons.controllers.util import redirect | |||
| r547 | from pylons.i18n.translation import _ | |||
| r853 | ||||
| r1245 | from rhodecode.lib.exceptions import DefaultUserException, \ | |||
| UserOwnsReposException | ||||
| r547 | from rhodecode.lib import helpers as h | |||
| r1117 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator | |||
| r547 | from rhodecode.lib.base import BaseController, render | |||
| r853 | ||||
| r2330 | from rhodecode.model.db import User, Permission, UserEmailMap | |||
| r547 | from rhodecode.model.forms import UserForm | |||
| r713 | from rhodecode.model.user import UserModel | |||
| r1749 | from rhodecode.model.meta import Session | |||
| r547 | ||||
| log = logging.getLogger(__name__) | ||||
| r1245 | ||||
| r547 | class UsersController(BaseController): | |||
| """REST Controller styled on the Atom Publishing Protocol""" | ||||
| # To properly map this controller, ensure your config/routing.py | ||||
| # file has a resource setup: | ||||
| # map.resource('user', 'users') | ||||
| r673 | ||||
| r547 | @LoginRequired() | |||
| @HasPermissionAllDecorator('hg.admin') | ||||
| def __before__(self): | ||||
| c.admin_user = session.get('admin_user') | ||||
| c.admin_username = session.get('admin_username') | ||||
| super(UsersController, self).__before__() | ||||
| r895 | c.available_permissions = config['available_permissions'] | |||
| r547 | ||||
| def index(self, format='html'): | ||||
| """GET /users: All items in the collection""" | ||||
| # url('users') | ||||
| r673 | ||||
| c.users_list = self.sa.query(User).all() | ||||
| r547 | return render('admin/users/users.html') | |||
| r673 | ||||
| r547 | def create(self): | |||
| """POST /users: Create a new item""" | ||||
| # url('users') | ||||
| r673 | ||||
| r547 | user_model = UserModel() | |||
| r1644 | user_form = UserForm()() | |||
| r547 | try: | |||
| r1644 | form_result = user_form.to_python(dict(request.POST)) | |||
| r547 | user_model.create(form_result) | |||
| h.flash(_('created user %s') % form_result['username'], | ||||
| category='success') | ||||
| r1749 | Session.commit() | |||
| r548 | #action_logger(self.rhodecode_user, 'new_user', '', '', self.sa) | |||
| r564 | except formencode.Invalid, errors: | |||
| r547 | return htmlfill.render( | |||
| render('admin/users/user_add.html'), | ||||
| defaults=errors.value, | ||||
| errors=errors.error_dict or {}, | ||||
| prefix_error=False, | ||||
| r673 | encoding="UTF-8") | |||
| r547 | except Exception: | |||
| log.error(traceback.format_exc()) | ||||
| r860 | h.flash(_('error occurred during creation of user %s') \ | |||
| r673 | % request.POST.get('username'), category='error') | |||
| r547 | return redirect(url('users')) | |||
| r673 | ||||
| r547 | def new(self, format='html'): | |||
| """GET /users/new: Form to create a new item""" | ||||
| # url('new_user') | ||||
| return render('admin/users/user_add.html') | ||||
| def update(self, id): | ||||
| """PUT /users/id: Update an existing item""" | ||||
| # Forms posted to this method should contain a hidden field: | ||||
| # <input type="hidden" name="_method" value="PUT" /> | ||||
| # Or using helpers: | ||||
| r1266 | # h.form(url('update_user', id=ID), | |||
| r547 | # method='put') | |||
| # url('user', id=ID) | ||||
| user_model = UserModel() | ||||
| r629 | c.user = user_model.get(id) | |||
| r673 | ||||
| r1245 | _form = UserForm(edit=True, old_data={'user_id': id, | |||
| 'email': c.user.email})() | ||||
| r547 | form_result = {} | |||
| try: | ||||
| form_result = _form.to_python(dict(request.POST)) | ||||
| user_model.update(id, form_result) | ||||
| r1266 | h.flash(_('User updated successfully'), category='success') | |||
| r1749 | Session.commit() | |||
| r564 | except formencode.Invalid, errors: | |||
| r1266 | e = errors.error_dict or {} | |||
| perm = Permission.get_by_key('hg.create.repository') | ||||
| r1749 | e.update({'create_repo_perm': user_model.has_perm(id, perm)}) | |||
| r547 | return htmlfill.render( | |||
| render('admin/users/user_edit.html'), | ||||
| defaults=errors.value, | ||||
| r1266 | errors=e, | |||
| r547 | prefix_error=False, | |||
| r673 | encoding="UTF-8") | |||
| r547 | except Exception: | |||
| log.error(traceback.format_exc()) | ||||
| r853 | h.flash(_('error occurred during update of user %s') \ | |||
| r547 | % form_result.get('username'), category='error') | |||
| r673 | ||||
| r547 | return redirect(url('users')) | |||
| r673 | ||||
| r547 | def delete(self, id): | |||
| """DELETE /users/id: Delete an existing item""" | ||||
| # Forms posted to this method should contain a hidden field: | ||||
| # <input type="hidden" name="_method" value="DELETE" /> | ||||
| # Or using helpers: | ||||
| r1266 | # h.form(url('delete_user', id=ID), | |||
| r547 | # method='delete') | |||
| # url('user', id=ID) | ||||
| user_model = UserModel() | ||||
| try: | ||||
| user_model.delete(id) | ||||
| r2155 | Session.commit() | |||
| r895 | h.flash(_('successfully deleted user'), category='success') | |||
| r713 | except (UserOwnsReposException, DefaultUserException), e: | |||
| r2155 | h.flash(e, category='warning') | |||
| r547 | except Exception: | |||
| r2155 | log.error(traceback.format_exc()) | |||
| r860 | h.flash(_('An error occurred during deletion of user'), | |||
| r673 | category='error') | |||
| r547 | return redirect(url('users')) | |||
| r673 | ||||
| r547 | def show(self, id, format='html'): | |||
| """GET /users/id: Show a specific item""" | ||||
| # url('user', id=ID) | ||||
| r673 | ||||
| r547 | def edit(self, id, format='html'): | |||
| """GET /users/id/edit: Form to edit an existing item""" | ||||
| # url('edit_user', id=ID) | ||||
| r1749 | c.user = User.get(id) | |||
| r547 | if not c.user: | |||
| return redirect(url('users')) | ||||
| if c.user.username == 'default': | ||||
| r673 | h.flash(_("You can't edit this user"), category='warning') | |||
| r547 | return redirect(url('users')) | |||
| r895 | c.user.permissions = {} | |||
| r1749 | c.granted_permissions = UserModel().fill_perms(c.user)\ | |||
| r1245 | .permissions['global'] | |||
| r2330 | c.user_email_map = UserEmailMap.query()\ | |||
| .filter(UserEmailMap.user == c.user).all() | ||||
| r832 | defaults = c.user.get_dict() | |||
| r1266 | perm = Permission.get_by_key('hg.create.repository') | |||
| r1749 | defaults.update({'create_repo_perm': UserModel().has_perm(id, perm)}) | |||
| r895 | ||||
| r547 | return htmlfill.render( | |||
| render('admin/users/user_edit.html'), | ||||
| defaults=defaults, | ||||
| encoding="UTF-8", | ||||
| force_defaults=False | ||||
| r673 | ) | |||
| r1266 | ||||
| def update_perm(self, id): | ||||
| """PUT /users_perm/id: Update an existing item""" | ||||
| # url('user_perm', id=ID, method='put') | ||||
| grant_perm = request.POST.get('create_repo_perm', False) | ||||
| r1749 | user_model = UserModel() | |||
| r1818 | ||||
| r1266 | if grant_perm: | |||
| perm = Permission.get_by_key('hg.create.none') | ||||
| r1749 | user_model.revoke_perm(id, perm) | |||
| r1266 | ||||
| perm = Permission.get_by_key('hg.create.repository') | ||||
| r1749 | user_model.grant_perm(id, perm) | |||
| r1266 | h.flash(_("Granted 'repository create' permission to user"), | |||
| category='success') | ||||
| r1758 | Session.commit() | |||
| r1266 | else: | |||
| perm = Permission.get_by_key('hg.create.repository') | ||||
| r1749 | user_model.revoke_perm(id, perm) | |||
| r1266 | ||||
| perm = Permission.get_by_key('hg.create.none') | ||||
| r1749 | user_model.grant_perm(id, perm) | |||
| r1266 | h.flash(_("Revoked 'repository create' permission to user"), | |||
| category='success') | ||||
| r1758 | Session.commit() | |||
| r1266 | return redirect(url('edit_user', id=id)) | |||
| r2330 | ||||
| def add_email(self, id): | ||||
| """PUT /user_emails/id: Update an existing item""" | ||||
| # url('user_emails', id=ID, method='put') | ||||
| #TODO: validation and form !!! | ||||
| email = request.POST.get('new_email') | ||||
| user_model = UserModel() | ||||
| try: | ||||
| user_model.add_extra_email(id, email) | ||||
| Session.commit() | ||||
| h.flash(_("Added email %s to user" % email), category='success') | ||||
| except Exception: | ||||
| log.error(traceback.format_exc()) | ||||
| h.flash(_('An error occurred during email saving'), | ||||
| category='error') | ||||
| return redirect(url('edit_user', id=id)) | ||||
| def delete_email(self, id): | ||||
| """DELETE /user_emails_delete/id: Delete an existing item""" | ||||
| # url('user_emails_delete', id=ID, method='delete') | ||||
| user_model = UserModel() | ||||
| user_model.delete_extra_email(id, request.POST.get('del_email')) | ||||
| Session.commit() | ||||
| h.flash(_("Removed email from user"), category='success') | ||||
| return redirect(url('edit_user', id=id)) | ||||
