##// END OF EJS Templates
changelog: use unknown branch names as revisions...
changelog: use unknown branch names as revisions Makes the system more resilient

File last commit:

r3960:5293d4bb merge default
r4022:4a0bce84 default
Show More
permissions.py
217 lines | 9.1 KiB | text/x-python | PythonLexer
Cleaned up scm model codes,Admin/admin permissions controller codes
r760 # -*- coding: utf-8 -*-
"""
some docs updates on controller
r853 rhodecode.controllers.admin.permissions
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source code cleanup: remove trailing white space, normalize file endings
r1203
Cleaned up scm model codes,Admin/admin permissions controller codes
r760 permissions controller for Rhodecode
source code cleanup: remove trailing white space, normalize file endings
r1203
Cleaned up scm model codes,Admin/admin permissions controller codes
r760 :created_on: Apr 27, 2010
:author: marcink
2012 copyrights
r1824 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
Cleaned up scm model codes,Admin/admin permissions controller codes
r760 :license: GPLv3, see COPYING for more details.
"""
fixed license issue #149
r1206 # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
renamed project to rhodecode
r547 # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
source code cleanup: remove trailing white space, normalize file endings
r1203 #
renamed project to rhodecode
r547 # You should have received a copy of the GNU General Public License
fixed license issue #149
r1206 # along with this program. If not, see <http://www.gnu.org/licenses/>.
renamed project to rhodecode
r547
Deprecated UserModel removals...
r1501 import logging
import traceback
import formencode
renamed project to rhodecode
r547 from formencode import htmlfill
Deprecated UserModel removals...
r1501
renamed project to rhodecode
r547 from pylons import request, session, tmpl_context as c, url
from pylons.controllers.util import abort, redirect
from pylons.i18n.translation import _
Deprecated UserModel removals...
r1501
renamed project to rhodecode
r547 from rhodecode.lib import helpers as h
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
AuthUser
renamed project to rhodecode
r547 from rhodecode.lib.base import BaseController, render
Deprecated UserModel removals...
r1501 from rhodecode.model.forms import DefaultPermissionsForm
#50 on point cache invalidation changes....
r692 from rhodecode.model.permission import PermissionModel
throw 404s on empty show functions in ADMIN controllers
r3731 from rhodecode.model.db import User, UserIpMap, Permission
another major refactoring with session management
r1734 from rhodecode.model.meta import Session
renamed project to rhodecode
r547
log = logging.getLogger(__name__)
PEP8ify - controllers
r1245
renamed project to rhodecode
r547 class PermissionsController(BaseController):
"""REST Controller styled on the Atom Publishing Protocol"""
# To properly map this controller, ensure your config/routing.py
# file has a resource setup:
# map.resource('permission', 'permissions')
Code refactoring,models renames...
r629
renamed project to rhodecode
r547 @LoginRequired()
@HasPermissionAllDecorator('hg.admin')
def __before__(self):
super(PermissionsController, self).__before__()
Code refactoring,models renames...
r629
New default permissions definition for user group create
r3734 c.repo_perms_choices = [('repository.none', _('None'),),
implemented #663 Admin/permission: specify default repogroup perms...
r3052 ('repository.read', _('Read'),),
('repository.write', _('Write'),),
('repository.admin', _('Admin'),)]
New default permissions definition for user group create
r3734 c.group_perms_choices = [('group.none', _('None'),),
('group.read', _('Read'),),
('group.write', _('Write'),),
('group.admin', _('Admin'),)]
c.user_group_perms_choices = [('usergroup.none', _('None'),),
('usergroup.read', _('Read'),),
('usergroup.write', _('Write'),),
('usergroup.admin', _('Admin'),)]
c.register_choices = [
#49 Enabled anonymous access for web interface controllable from permissions pannel
r673 ('hg.register.none',
Mads Kiilerich
Fix a lot of casings - use standard casing in most places
r3654 _('Disabled')),
renamed project to rhodecode
r547 ('hg.register.manual_activate',
Mads Kiilerich
Fix a lot of casings - use standard casing in most places
r3654 _('Allowed with manual account activation')),
renamed project to rhodecode
r547 ('hg.register.auto_activate',
Mads Kiilerich
Fix a lot of casings - use standard casing in most places
r3654 _('Allowed with automatic account activation')), ]
Code refactoring,models renames...
r629
Added separate default permission for external_auth account...
r3786 c.extern_activate_choices = [
('hg.extern_activate.manual', _('Manual activation of external account')),
('hg.extern_activate.auto', _('Automatic activation of external account')),
]
New default permissions definition for user group create
r3734 c.repo_create_choices = [('hg.create.none', _('Disabled')),
('hg.create.repository', _('Enabled'))]
renamed project to rhodecode
r547
New default permissions definition for user group create
r3734 c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')),
('hg.usergroup.create.true', _('Enabled'))]
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
New default permissions definition for user group create
r3734 c.repo_group_create_choices = [('hg.repogroup.create.false', _('Disabled')),
('hg.repogroup.create.true', _('Enabled'))]
c.fork_choices = [('hg.fork.none', _('Disabled')),
('hg.fork.repository', _('Enabled'))]
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
renamed project to rhodecode
r547 def index(self, format='html'):
"""GET /permissions: All items in the collection"""
# url('permissions')
def create(self):
"""POST /permissions: Create a new item"""
# url('permissions')
def new(self, format='html'):
"""GET /permissions/new: Form to create a new item"""
# url('new_permission')
def update(self, id):
"""PUT /permissions/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('permission', id=ID),
# method='put')
# url('permission', id=ID)
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 if id == 'default':
New default permissions definition for user group create
r3734 c.user = default_user = User.get_default_user()
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 c.perm_user = AuthUser(user_id=default_user.user_id)
c.user_ip_map = UserIpMap.query()\
.filter(UserIpMap.user == default_user).all()
Code refactoring,models renames...
r629
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 _form = DefaultPermissionsForm(
New default permissions definition for user group create
r3734 [x[0] for x in c.repo_perms_choices],
[x[0] for x in c.group_perms_choices],
[x[0] for x in c.user_group_perms_choices],
[x[0] for x in c.repo_create_choices],
[x[0] for x in c.repo_group_create_choices],
[x[0] for x in c.user_group_create_choices],
[x[0] for x in c.fork_choices],
Added separate default permission for external_auth account...
r3786 [x[0] for x in c.register_choices],
[x[0] for x in c.extern_activate_choices],
)()
Code refactoring,models renames...
r629
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 try:
form_result = _form.to_python(dict(request.POST))
form_result.update({'perm_user_name': id})
New default permissions definition for user group create
r3734 PermissionModel().update(form_result)
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 Session().commit()
h.flash(_('Default permissions updated successfully'),
category='success')
Code refactoring,models renames...
r629
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 except formencode.Invalid, errors:
defaults = errors.value
Code refactoring,models renames...
r629
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 return htmlfill.render(
render('admin/permissions/permissions.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
except Exception:
log.error(traceback.format_exc())
Mads Kiilerich
consistently capitalize initial letter in flash messages
r3565 h.flash(_('Error occurred during update of permissions'),
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 category='error')
Code refactoring,models renames...
r629
renamed project to rhodecode
r547 return redirect(url('edit_permission', id=id))
Code refactoring,models renames...
r629
renamed project to rhodecode
r547 def delete(self, id):
"""DELETE /permissions/id: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="DELETE" />
# Or using helpers:
# h.form(url('permission', id=ID),
# method='delete')
# url('permission', id=ID)
def show(self, id, format='html'):
"""GET /permissions/id: Show a specific item"""
# url('permission', id=ID)
throw 404s on empty show functions in ADMIN controllers
r3731 Permission.get_or_404(-1)
renamed project to rhodecode
r547
def edit(self, id, format='html'):
"""GET /permissions/id/edit: Form to edit an existing item"""
#url('edit_permission', id=ID)
Code refactoring,models renames...
r629
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 #this form can only edit default user permissions
renamed project to rhodecode
r547 if id == 'default':
New default permissions definition for user group create
r3734 c.user = User.get_default_user()
defaults = {'anonymous': c.user.active}
c.perm_user = c.user.AuthUser
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 c.user_ip_map = UserIpMap.query()\
New default permissions definition for user group create
r3734 .filter(UserIpMap.user == c.user).all()
for p in c.user.user_perms:
renamed project to rhodecode
r547 if p.permission.permission_name.startswith('repository.'):
implemented #663 Admin/permission: specify default repogroup perms...
r3052 defaults['default_repo_perm'] = p.permission.permission_name
if p.permission.permission_name.startswith('group.'):
defaults['default_group_perm'] = p.permission.permission_name
Code refactoring,models renames...
r629
New default permissions definition for user group create
r3734 if p.permission.permission_name.startswith('usergroup.'):
defaults['default_user_group_perm'] = p.permission.permission_name
if p.permission.permission_name.startswith('hg.create.'):
defaults['default_repo_create'] = p.permission.permission_name
if p.permission.permission_name.startswith('hg.repogroup.'):
defaults['default_repo_group_create'] = p.permission.permission_name
if p.permission.permission_name.startswith('hg.usergroup.'):
defaults['default_user_group_create'] = p.permission.permission_name
renamed project to rhodecode
r547 if p.permission.permission_name.startswith('hg.register.'):
defaults['default_register'] = p.permission.permission_name
Code refactoring,models renames...
r629
Added separate default permission for external_auth account...
r3786 if p.permission.permission_name.startswith('hg.extern_activate.'):
defaults['default_extern_activate'] = p.permission.permission_name
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 if p.permission.permission_name.startswith('hg.fork.'):
defaults['default_fork'] = p.permission.permission_name
renamed project to rhodecode
r547 return htmlfill.render(
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 render('admin/permissions/permissions.html'),
defaults=defaults,
encoding="UTF-8",
Added UserIpMap interface for allowed IP addresses and IP restriction access...
r3125 force_defaults=False
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 )
renamed project to rhodecode
r547 else:
return redirect(url('admin_home'))