users.py
361 lines
| 14.0 KiB
| text/x-python
|
PythonLexer
r853 | # -*- coding: utf-8 -*- | |||
""" | ||||
rhodecode.controllers.admin.users | ||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||||
Users crud controller for pylons | ||||
r1203 | ||||
r853 | :created_on: Apr 4, 2010 | |||
:author: marcink | ||||
r1824 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |||
r853 | :license: GPLv3, see COPYING for more details. | |||
""" | ||||
r1206 | # This program is free software: you can redistribute it and/or modify | |||
# it under the terms of the GNU General Public License as published by | ||||
# the Free Software Foundation, either version 3 of the License, or | ||||
# (at your option) any later version. | ||||
r1203 | # | |||
r547 | # This program is distributed in the hope that it will be useful, | |||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
# GNU General Public License for more details. | ||||
r1203 | # | |||
r547 | # You should have received a copy of the GNU General Public License | |||
r1206 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
r853 | ||||
import logging | ||||
import traceback | ||||
import formencode | ||||
r2658 | from pylons import response | |||
r547 | ||||
from formencode import htmlfill | ||||
r895 | from pylons import request, session, tmpl_context as c, url, config | |||
r1824 | from pylons.controllers.util import redirect | |||
r547 | from pylons.i18n.translation import _ | |||
r853 | ||||
r2709 | import rhodecode | |||
r1245 | from rhodecode.lib.exceptions import DefaultUserException, \ | |||
UserOwnsReposException | ||||
r547 | from rhodecode.lib import helpers as h | |||
r2658 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \ | |||
r2435 | AuthUser | |||
r547 | from rhodecode.lib.base import BaseController, render | |||
r853 | ||||
r3125 | from rhodecode.model.db import User, UserEmailMap, UserIpMap | |||
r547 | from rhodecode.model.forms import UserForm | |||
r713 | from rhodecode.model.user import UserModel | |||
r1749 | from rhodecode.model.meta import Session | |||
r2375 | from rhodecode.lib.utils import action_logger | |||
r2658 | from rhodecode.lib.compat import json | |||
r2709 | from rhodecode.lib.utils2 import datetime_to_time, str2bool | |||
r547 | ||||
log = logging.getLogger(__name__) | ||||
r1245 | ||||
r547 | class UsersController(BaseController): | |||
"""REST Controller styled on the Atom Publishing Protocol""" | ||||
# To properly map this controller, ensure your config/routing.py | ||||
# file has a resource setup: | ||||
# map.resource('user', 'users') | ||||
r673 | ||||
r547 | @LoginRequired() | |||
@HasPermissionAllDecorator('hg.admin') | ||||
def __before__(self): | ||||
super(UsersController, self).__before__() | ||||
r895 | c.available_permissions = config['available_permissions'] | |||
r547 | ||||
def index(self, format='html'): | ||||
"""GET /users: All items in the collection""" | ||||
# url('users') | ||||
r673 | ||||
r2658 | c.users_list = User.query().order_by(User.username).all() | |||
users_data = [] | ||||
total_records = len(c.users_list) | ||||
r2663 | _tmpl_lookup = rhodecode.CONFIG['pylons.app_globals'].mako_lookup | |||
template = _tmpl_lookup.get_template('data_table/_dt_elements.html') | ||||
grav_tmpl = lambda user_email, size: ( | ||||
template.get_def("user_gravatar") | ||||
r2674 | .render(user_email, size, _=_, h=h, c=c)) | |||
r2663 | ||||
user_lnk = lambda user_id, username: ( | ||||
template.get_def("user_name") | ||||
r2674 | .render(user_id, username, _=_, h=h, c=c)) | |||
r2663 | ||||
user_actions = lambda user_id, username: ( | ||||
template.get_def("user_actions") | ||||
r2674 | .render(user_id, username, _=_, h=h, c=c)) | |||
r2663 | ||||
r2658 | for user in c.users_list: | |||
r2699 | ||||
r2658 | users_data.append({ | |||
r2663 | "gravatar": grav_tmpl(user. email, 24), | |||
r2658 | "raw_username": user.username, | |||
r2663 | "username": user_lnk(user.user_id, user.username), | |||
r2658 | "firstname": user.name, | |||
"lastname": user.lastname, | ||||
"last_login": h.fmt_date(user.last_login), | ||||
r2699 | "last_login_raw": datetime_to_time(user.last_login), | |||
Mads Kiilerich
|
r3627 | "active": h.boolicon(user.active), | ||
"admin": h.boolicon(user.admin), | ||||
"ldap": h.boolicon(bool(user.ldap_dn)), | ||||
r2663 | "action": user_actions(user.user_id, user.username), | |||
r2658 | }) | |||
c.data = json.dumps({ | ||||
"totalRecords": total_records, | ||||
"startIndex": 0, | ||||
"sort": None, | ||||
"dir": "asc", | ||||
"records": users_data | ||||
}) | ||||
r547 | return render('admin/users/users.html') | |||
r673 | ||||
r547 | def create(self): | |||
"""POST /users: Create a new item""" | ||||
# url('users') | ||||
r673 | ||||
r547 | user_model = UserModel() | |||
r1644 | user_form = UserForm()() | |||
r547 | try: | |||
r1644 | form_result = user_form.to_python(dict(request.POST)) | |||
r547 | user_model.create(form_result) | |||
r2375 | usr = form_result['username'] | |||
action_logger(self.rhodecode_user, 'admin_created_user:%s' % usr, | ||||
None, self.ip_addr, self.sa) | ||||
Mads Kiilerich
|
r3565 | h.flash(_('Created user %s') % usr, | ||
r547 | category='success') | |||
r2662 | Session().commit() | |||
r564 | except formencode.Invalid, errors: | |||
r547 | return htmlfill.render( | |||
render('admin/users/user_add.html'), | ||||
defaults=errors.value, | ||||
errors=errors.error_dict or {}, | ||||
prefix_error=False, | ||||
r673 | encoding="UTF-8") | |||
r547 | except Exception: | |||
log.error(traceback.format_exc()) | ||||
Mads Kiilerich
|
r3565 | h.flash(_('Error occurred during creation of user %s') \ | ||
r673 | % request.POST.get('username'), category='error') | |||
r547 | return redirect(url('users')) | |||
r673 | ||||
r547 | def new(self, format='html'): | |||
"""GET /users/new: Form to create a new item""" | ||||
# url('new_user') | ||||
return render('admin/users/user_add.html') | ||||
def update(self, id): | ||||
"""PUT /users/id: Update an existing item""" | ||||
# Forms posted to this method should contain a hidden field: | ||||
# <input type="hidden" name="_method" value="PUT" /> | ||||
# Or using helpers: | ||||
r1266 | # h.form(url('update_user', id=ID), | |||
r547 | # method='put') | |||
# url('user', id=ID) | ||||
user_model = UserModel() | ||||
r629 | c.user = user_model.get(id) | |||
r3021 | c.ldap_dn = c.user.ldap_dn | |||
r3125 | c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr) | |||
r1245 | _form = UserForm(edit=True, old_data={'user_id': id, | |||
'email': c.user.email})() | ||||
r547 | form_result = {} | |||
try: | ||||
form_result = _form.to_python(dict(request.POST)) | ||||
r3021 | skip_attrs = [] | |||
if c.ldap_dn: | ||||
#forbid updating username for ldap accounts | ||||
skip_attrs = ['username'] | ||||
user_model.update(id, form_result, skip_attrs=skip_attrs) | ||||
r2375 | usr = form_result['username'] | |||
action_logger(self.rhodecode_user, 'admin_updated_user:%s' % usr, | ||||
None, self.ip_addr, self.sa) | ||||
r1266 | h.flash(_('User updated successfully'), category='success') | |||
r2662 | Session().commit() | |||
r564 | except formencode.Invalid, errors: | |||
r2479 | c.user_email_map = UserEmailMap.query()\ | |||
.filter(UserEmailMap.user == c.user).all() | ||||
r3125 | c.user_ip_map = UserIpMap.query()\ | |||
.filter(UserIpMap.user == c.user).all() | ||||
r2479 | defaults = errors.value | |||
r1266 | e = errors.error_dict or {} | |||
r2709 | defaults.update({ | |||
'create_repo_perm': user_model.has_perm(id, 'hg.create.repository'), | ||||
'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'), | ||||
'_method': 'put' | ||||
}) | ||||
r547 | return htmlfill.render( | |||
render('admin/users/user_edit.html'), | ||||
r2479 | defaults=defaults, | |||
r1266 | errors=e, | |||
r547 | prefix_error=False, | |||
r673 | encoding="UTF-8") | |||
r547 | except Exception: | |||
log.error(traceback.format_exc()) | ||||
Mads Kiilerich
|
r3565 | h.flash(_('Error occurred during update of user %s') \ | ||
r547 | % form_result.get('username'), category='error') | |||
r2709 | return redirect(url('edit_user', id=id)) | |||
r673 | ||||
r547 | def delete(self, id): | |||
"""DELETE /users/id: Delete an existing item""" | ||||
# Forms posted to this method should contain a hidden field: | ||||
# <input type="hidden" name="_method" value="DELETE" /> | ||||
# Or using helpers: | ||||
r1266 | # h.form(url('delete_user', id=ID), | |||
r547 | # method='delete') | |||
# url('user', id=ID) | ||||
r2709 | usr = User.get_or_404(id) | |||
r547 | try: | |||
r2709 | UserModel().delete(usr) | |||
r2662 | Session().commit() | |||
Mads Kiilerich
|
r3565 | h.flash(_('Successfully deleted user'), category='success') | ||
r713 | except (UserOwnsReposException, DefaultUserException), e: | |||
r2155 | h.flash(e, category='warning') | |||
r547 | except Exception: | |||
r2155 | log.error(traceback.format_exc()) | |||
r860 | h.flash(_('An error occurred during deletion of user'), | |||
r673 | category='error') | |||
r547 | return redirect(url('users')) | |||
r673 | ||||
r547 | def show(self, id, format='html'): | |||
"""GET /users/id: Show a specific item""" | ||||
# url('user', id=ID) | ||||
r3731 | User.get_or_404(-1) | |||
r673 | ||||
r547 | def edit(self, id, format='html'): | |||
"""GET /users/id/edit: Form to edit an existing item""" | ||||
# url('edit_user', id=ID) | ||||
r2496 | c.user = User.get_or_404(id) | |||
r547 | if c.user.username == 'default': | |||
r673 | h.flash(_("You can't edit this user"), category='warning') | |||
r547 | return redirect(url('users')) | |||
r2709 | ||||
r3125 | c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr) | |||
r895 | c.user.permissions = {} | |||
r1749 | c.granted_permissions = UserModel().fill_perms(c.user)\ | |||
r1245 | .permissions['global'] | |||
r2330 | c.user_email_map = UserEmailMap.query()\ | |||
.filter(UserEmailMap.user == c.user).all() | ||||
r3125 | c.user_ip_map = UserIpMap.query()\ | |||
.filter(UserIpMap.user == c.user).all() | ||||
r2709 | user_model = UserModel() | |||
r3021 | c.ldap_dn = c.user.ldap_dn | |||
r832 | defaults = c.user.get_dict() | |||
r2709 | defaults.update({ | |||
'create_repo_perm': user_model.has_perm(id, 'hg.create.repository'), | ||||
'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'), | ||||
}) | ||||
r895 | ||||
r547 | return htmlfill.render( | |||
render('admin/users/user_edit.html'), | ||||
defaults=defaults, | ||||
encoding="UTF-8", | ||||
force_defaults=False | ||||
r673 | ) | |||
r1266 | ||||
def update_perm(self, id): | ||||
"""PUT /users_perm/id: Update an existing item""" | ||||
# url('user_perm', id=ID, method='put') | ||||
r2709 | usr = User.get_or_404(id) | |||
grant_create_perm = str2bool(request.POST.get('create_repo_perm')) | ||||
grant_fork_perm = str2bool(request.POST.get('fork_repo_perm')) | ||||
inherit_perms = str2bool(request.POST.get('inherit_default_permissions')) | ||||
r1266 | ||||
r1749 | user_model = UserModel() | |||
r1818 | ||||
r2709 | try: | |||
usr.inherit_default_permissions = inherit_perms | ||||
Session().add(usr) | ||||
r1266 | ||||
r2709 | if grant_create_perm: | |||
user_model.revoke_perm(usr, 'hg.create.none') | ||||
user_model.grant_perm(usr, 'hg.create.repository') | ||||
h.flash(_("Granted 'repository create' permission to user"), | ||||
category='success') | ||||
else: | ||||
user_model.revoke_perm(usr, 'hg.create.repository') | ||||
user_model.grant_perm(usr, 'hg.create.none') | ||||
h.flash(_("Revoked 'repository create' permission to user"), | ||||
category='success') | ||||
if grant_fork_perm: | ||||
user_model.revoke_perm(usr, 'hg.fork.none') | ||||
user_model.grant_perm(usr, 'hg.fork.repository') | ||||
h.flash(_("Granted 'repository fork' permission to user"), | ||||
category='success') | ||||
else: | ||||
user_model.revoke_perm(usr, 'hg.fork.repository') | ||||
user_model.grant_perm(usr, 'hg.fork.none') | ||||
h.flash(_("Revoked 'repository fork' permission to user"), | ||||
category='success') | ||||
r2662 | Session().commit() | |||
r2709 | except Exception: | |||
log.error(traceback.format_exc()) | ||||
h.flash(_('An error occurred during permissions saving'), | ||||
category='error') | ||||
r1266 | return redirect(url('edit_user', id=id)) | |||
r2330 | ||||
def add_email(self, id): | ||||
r2467 | """POST /user_emails:Add an existing item""" | |||
r2330 | # url('user_emails', id=ID, method='put') | |||
email = request.POST.get('new_email') | ||||
user_model = UserModel() | ||||
try: | ||||
user_model.add_extra_email(id, email) | ||||
r2662 | Session().commit() | |||
Takumi IINO
|
r2570 | h.flash(_("Added email %s to user") % email, category='success') | ||
r2479 | except formencode.Invalid, error: | |||
msg = error.error_dict['email'] | ||||
h.flash(msg, category='error') | ||||
r2330 | except Exception: | |||
log.error(traceback.format_exc()) | ||||
h.flash(_('An error occurred during email saving'), | ||||
category='error') | ||||
return redirect(url('edit_user', id=id)) | ||||
def delete_email(self, id): | ||||
"""DELETE /user_emails_delete/id: Delete an existing item""" | ||||
# url('user_emails_delete', id=ID, method='delete') | ||||
user_model = UserModel() | ||||
user_model.delete_extra_email(id, request.POST.get('del_email')) | ||||
r2662 | Session().commit() | |||
r2330 | h.flash(_("Removed email from user"), category='success') | |||
return redirect(url('edit_user', id=id)) | ||||
r3125 | ||||
def add_ip(self, id): | ||||
"""POST /user_ips:Add an existing item""" | ||||
# url('user_ips', id=ID, method='put') | ||||
ip = request.POST.get('new_ip') | ||||
user_model = UserModel() | ||||
try: | ||||
user_model.add_extra_ip(id, ip) | ||||
Session().commit() | ||||
h.flash(_("Added ip %s to user") % ip, category='success') | ||||
except formencode.Invalid, error: | ||||
msg = error.error_dict['ip'] | ||||
h.flash(msg, category='error') | ||||
except Exception: | ||||
log.error(traceback.format_exc()) | ||||
h.flash(_('An error occurred during ip saving'), | ||||
category='error') | ||||
if 'default_user' in request.POST: | ||||
return redirect(url('edit_permission', id='default')) | ||||
return redirect(url('edit_user', id=id)) | ||||
def delete_ip(self, id): | ||||
"""DELETE /user_ips_delete/id: Delete an existing item""" | ||||
# url('user_ips_delete', id=ID, method='delete') | ||||
user_model = UserModel() | ||||
user_model.delete_extra_ip(id, request.POST.get('del_ip')) | ||||
Session().commit() | ||||
h.flash(_("Removed ip from user"), category='success') | ||||
if 'default_user' in request.POST: | ||||
return redirect(url('edit_permission', id='default')) | ||||
return redirect(url('edit_user', id=id)) | ||||