upstream/kallithea Files · rhodecode/controllers/admin/permissions.py

further cleanup of UsersGroup...

further cleanup of UsersGroup Renaming some names ... but trying not to change API or database scheme.

marcink - - Load All Authors

File last commit:

r3179:cd50d1b5 default


                r3417:fa6ba672

beta

Download file

             permissions.py
        
                    194 lines
            
             | 7.9 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / controllers / admin / permissions.py
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        marcink
    
Cleaned up scm model codes,Admin/admin permissions controller codes

              r760
            
      # -*- coding: utf-8 -*-

      """

        marcink
    
some docs updates on controller

              r853
            
          rhodecode.controllers.admin.permissions

          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        marcink
    
source code cleanup: remove trailing white space, normalize file endings

              r1203
            
        marcink
    
Cleaned up scm model codes,Admin/admin permissions controller codes

              r760
            
          permissions controller for Rhodecode

        marcink
    
source code cleanup: remove trailing white space, normalize file endings

              r1203
            
        marcink
    
Cleaned up scm model codes,Admin/admin permissions controller codes

              r760
            
          :created_on: Apr 27, 2010

          :author: marcink

        marcink
    
2012 copyrights

              r1824
            
          :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

        marcink
    
Cleaned up scm model codes,Admin/admin permissions controller codes

              r760
            
          :license: GPLv3, see COPYING for more details.

      """

        marcink
    
fixed license  issue #149

              r1206
            
      # This program is free software: you can redistribute it and/or modify

      # it under the terms of the GNU General Public License as published by

      # the Free Software Foundation, either version 3 of the License, or

      # (at your option) any later version.

        marcink
    
source code cleanup: remove trailing white space, normalize file endings

              r1203
            
      #

        marcink
    
renamed project to rhodecode

              r547
            
      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

        marcink
    
source code cleanup: remove trailing white space, normalize file endings

              r1203
            
      #

        marcink
    
renamed project to rhodecode

              r547
            
      # You should have received a copy of the GNU General Public License

        marcink
    
fixed license  issue #149

              r1206
            
      # along with this program.  If not, see <http://www.gnu.org/licenses/>.

        marcink
    
renamed project to rhodecode

              r547
            
        marcink
    
Deprecated UserModel removals...

              r1501
            
      import logging

      import traceback

      import formencode

        marcink
    
renamed project to rhodecode

              r547
            
      from formencode import htmlfill

        marcink
    
Deprecated UserModel removals...

              r1501
            
        marcink
    
renamed project to rhodecode

              r547
            
      from pylons import request, session, tmpl_context as c, url

      from pylons.controllers.util import abort, redirect

      from pylons.i18n.translation import _

        marcink
    
Deprecated UserModel removals...

              r1501
            
        marcink
    
renamed project to rhodecode

              r547
            
      from rhodecode.lib import helpers as h

        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
      from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\

          AuthUser

        marcink
    
renamed project to rhodecode

              r547
            
      from rhodecode.lib.base import BaseController, render

        marcink
    
Deprecated UserModel removals...

              r1501
            
      from rhodecode.model.forms import DefaultPermissionsForm

        marcink
    
#50 on point cache invalidation changes....

              r692
            
      from rhodecode.model.permission import PermissionModel

        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
      from rhodecode.model.db import User, UserIpMap

        marcink
    
another major refactoring with session management

              r1734
            
      from rhodecode.model.meta import Session

        marcink
    
renamed project to rhodecode

              r547
            
      log = logging.getLogger(__name__)

        marcink
    
PEP8ify - controllers

              r1245
            
        marcink
    
renamed project to rhodecode

              r547
            
      class PermissionsController(BaseController):

          """REST Controller styled on the Atom Publishing Protocol"""

          # To properly map this controller, ensure your config/routing.py

          # file has a resource setup:

          #     map.resource('permission', 'permissions')

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
renamed project to rhodecode

              r547
            
          @LoginRequired()

          @HasPermissionAllDecorator('hg.admin')

          def __before__(self):

              c.admin_user = session.get('admin_user')

              c.admin_username = session.get('admin_username')

              super(PermissionsController, self).__before__()

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
implemented #663 Admin/permission: specify default repogroup perms...

              r3052
            
              self.repo_perms_choices = [('repository.none', _('None'),),

                                         ('repository.read', _('Read'),),

                                         ('repository.write', _('Write'),),

                                         ('repository.admin', _('Admin'),)]

              self.group_perms_choices = [('group.none', _('None'),),

                                          ('group.read', _('Read'),),

                                          ('group.write', _('Write'),),

                                          ('group.admin', _('Admin'),)]

        marcink
    
renamed project to rhodecode

              r547
            
              self.register_choices = [

        marcink
    
#49 Enabled anonymous access for web interface controllable from permissions pannel

              r673
            
                  ('hg.register.none',

                      _('disabled')),

        marcink
    
renamed project to rhodecode

              r547
            
                  ('hg.register.manual_activate',

        marcink
    
#49 Enabled anonymous access for web interface controllable from permissions pannel

              r673
            
                      _('allowed with manual account activation')),

        marcink
    
renamed project to rhodecode

              r547
            
                  ('hg.register.auto_activate',

        marcink
    
#49 Enabled anonymous access for web interface controllable from permissions pannel

              r673
            
                      _('allowed with automatic account activation')), ]

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
renamed project to rhodecode

              r547
            
              self.create_choices = [('hg.create.none', _('Disabled')),

        marcink
    
Code refactoring,models renames...

              r629
            
                                     ('hg.create.repository', _('Enabled'))]

        marcink
    
renamed project to rhodecode

              r547
            
        marcink
    
RhodeCode now has a option to explicitly set forking permissions. ref #508...

              r2709
            
              self.fork_choices = [('hg.fork.none', _('Disabled')),

                                   ('hg.fork.repository', _('Enabled'))]

              # set the global template variables

        marcink
    
implemented #663 Admin/permission: specify default repogroup perms...

              r3052
            
              c.repo_perms_choices = self.repo_perms_choices

              c.group_perms_choices = self.group_perms_choices

        marcink
    
RhodeCode now has a option to explicitly set forking permissions. ref #508...

              r2709
            
              c.register_choices = self.register_choices

              c.create_choices = self.create_choices

              c.fork_choices = self.fork_choices

        marcink
    
renamed project to rhodecode

              r547
            
          def index(self, format='html'):

              """GET /permissions: All items in the collection"""

              # url('permissions')

          def create(self):

              """POST /permissions: Create a new item"""

              # url('permissions')

          def new(self, format='html'):

              """GET /permissions/new: Form to create a new item"""

              # url('new_permission')

          def update(self, id):

              """PUT /permissions/id: Update an existing item"""

              # Forms posted to this method should contain a hidden field:

              #    <input type="hidden" name="_method" value="PUT" />

              # Or using helpers:

              #    h.form(url('permission', id=ID),

              #           method='put')

              # url('permission', id=ID)

        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
              if id == 'default':

                  c.user = default_user = User.get_by_username('default')

                  c.perm_user = AuthUser(user_id=default_user.user_id)

                  c.user_ip_map = UserIpMap.query()\

                                  .filter(UserIpMap.user == default_user).all()

                  permission_model = PermissionModel()

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
                  _form = DefaultPermissionsForm(

                          [x[0] for x in self.repo_perms_choices],

                          [x[0] for x in self.group_perms_choices],

                          [x[0] for x in self.register_choices],

                          [x[0] for x in self.create_choices],

                          [x[0] for x in self.fork_choices])()

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
                  try:

                      form_result = _form.to_python(dict(request.POST))

                      form_result.update({'perm_user_name': id})

                      permission_model.update(form_result)

                      Session().commit()

                      h.flash(_('Default permissions updated successfully'),

                              category='success')

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
                  except formencode.Invalid, errors:

                      defaults = errors.value

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
                      return htmlfill.render(

                          render('admin/permissions/permissions.html'),

                          defaults=defaults,

                          errors=errors.error_dict or {},

                          prefix_error=False,

                          encoding="UTF-8")

                  except Exception:

                      log.error(traceback.format_exc())

                      h.flash(_('error occurred during update of permissions'),

                              category='error')

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
renamed project to rhodecode

              r547
            
              return redirect(url('edit_permission', id=id))

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
renamed project to rhodecode

              r547
            
          def delete(self, id):

              """DELETE /permissions/id: Delete an existing item"""

              # Forms posted to this method should contain a hidden field:

              #    <input type="hidden" name="_method" value="DELETE" />

              # Or using helpers:

              #    h.form(url('permission', id=ID),

              #           method='delete')

              # url('permission', id=ID)

          def show(self, id, format='html'):

              """GET /permissions/id: Show a specific item"""

              # url('permission', id=ID)

          def edit(self, id, format='html'):

              """GET /permissions/id/edit: Form to edit an existing item"""

              #url('edit_permission', id=ID)

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
RhodeCode now has a option to explicitly set forking permissions. ref #508...

              r2709
            
              #this form can only edit default user permissions

        marcink
    
renamed project to rhodecode

              r547
            
              if id == 'default':

        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
                  c.user = default_user = User.get_by_username('default')

                  defaults = {'anonymous': default_user.active}

                  c.perm_user = AuthUser(user_id=default_user.user_id)

                  c.user_ip_map = UserIpMap.query()\

                                  .filter(UserIpMap.user == default_user).all()

        marcink
    
#49 Enabled anonymous access for web interface controllable from permissions pannel

              r673
            
                  for p in default_user.user_perms:

        marcink
    
renamed project to rhodecode

              r547
            
                      if p.permission.permission_name.startswith('repository.'):

        marcink
    
implemented #663 Admin/permission: specify default repogroup perms...

              r3052
            
                          defaults['default_repo_perm'] = p.permission.permission_name

                      if p.permission.permission_name.startswith('group.'):

                          defaults['default_group_perm'] = p.permission.permission_name

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
renamed project to rhodecode

              r547
            
                      if p.permission.permission_name.startswith('hg.register.'):

                          defaults['default_register'] = p.permission.permission_name

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
renamed project to rhodecode

              r547
            
                      if p.permission.permission_name.startswith('hg.create.'):

                          defaults['default_create'] = p.permission.permission_name

        marcink
    
Code refactoring,models renames...

              r629
            
        marcink
    
RhodeCode now has a option to explicitly set forking permissions. ref #508...

              r2709
            
                      if p.permission.permission_name.startswith('hg.fork.'):

                          defaults['default_fork'] = p.permission.permission_name

        marcink
    
renamed project to rhodecode

              r547
            
                  return htmlfill.render(

        marcink
    
RhodeCode now has a option to explicitly set forking permissions. ref #508...

              r2709
            
                      render('admin/permissions/permissions.html'),

                      defaults=defaults,

                      encoding="UTF-8",

        marcink
    
Added UserIpMap interface for allowed IP addresses and IP restriction access...

              r3125
            
                      force_defaults=False

        marcink
    
RhodeCode now has a option to explicitly set forking permissions. ref #508...

              r2709
            
                  )

        marcink
    
renamed project to rhodecode

              r547
            
              else:

                  return redirect(url('admin_home'))

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

marcink Cleaned up scm model codes,Admin/admin permissions controller codes	r760	# -- coding: utf-8 --
		"""
marcink some docs updates on controller	r853	rhodecode.controllers.admin.permissions
		~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
marcink source code cleanup: remove trailing white space, normalize file endings	r1203
marcink Cleaned up scm model codes,Admin/admin permissions controller codes	r760	permissions controller for Rhodecode
marcink source code cleanup: remove trailing white space, normalize file endings	r1203
marcink Cleaned up scm model codes,Admin/admin permissions controller codes	r760	:created_on: Apr 27, 2010
		:author: marcink
marcink 2012 copyrights	r1824	:copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
marcink Cleaned up scm model codes,Admin/admin permissions controller codes	r760	:license: GPLv3, see COPYING for more details.
		"""
marcink fixed license issue #149	r1206	# This program is free software: you can redistribute it and/or modify
		# it under the terms of the GNU General Public License as published by
		# the Free Software Foundation, either version 3 of the License, or
		# (at your option) any later version.
marcink source code cleanup: remove trailing white space, normalize file endings	r1203	#
marcink renamed project to rhodecode	r547	# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
marcink source code cleanup: remove trailing white space, normalize file endings	r1203	#
marcink renamed project to rhodecode	r547	# You should have received a copy of the GNU General Public License
marcink fixed license issue #149	r1206	# along with this program. If not, see <http://www.gnu.org/licenses/>.
marcink renamed project to rhodecode	r547
marcink Deprecated UserModel removals...	r1501	import logging
		import traceback
		import formencode
marcink renamed project to rhodecode	r547	from formencode import htmlfill
marcink Deprecated UserModel removals...	r1501
marcink renamed project to rhodecode	r547	from pylons import request, session, tmpl_context as c, url
		from pylons.controllers.util import abort, redirect
		from pylons.i18n.translation import _
marcink Deprecated UserModel removals...	r1501
marcink renamed project to rhodecode	r547	from rhodecode.lib import helpers as h
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
		AuthUser
marcink renamed project to rhodecode	r547	from rhodecode.lib.base import BaseController, render
marcink Deprecated UserModel removals...	r1501	from rhodecode.model.forms import DefaultPermissionsForm
marcink #50 on point cache invalidation changes....	r692	from rhodecode.model.permission import PermissionModel
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	from rhodecode.model.db import User, UserIpMap
marcink another major refactoring with session management	r1734	from rhodecode.model.meta import Session
marcink renamed project to rhodecode	r547
		log = logging.getLogger(__name__)

marcink PEP8ify - controllers	r1245
marcink renamed project to rhodecode	r547	class PermissionsController(BaseController):
		"""REST Controller styled on the Atom Publishing Protocol"""
		# To properly map this controller, ensure your config/routing.py
		# file has a resource setup:
		# map.resource('permission', 'permissions')
marcink Code refactoring,models renames...	r629
marcink renamed project to rhodecode	r547	@LoginRequired()
		@HasPermissionAllDecorator('hg.admin')
		def __before__(self):
		c.admin_user = session.get('admin_user')
		c.admin_username = session.get('admin_username')
		super(PermissionsController, self).__before__()
marcink Code refactoring,models renames...	r629
marcink implemented #663 Admin/permission: specify default repogroup perms...	r3052	self.repo_perms_choices = [('repository.none', _('None'),),
		('repository.read', _('Read'),),
		('repository.write', _('Write'),),
		('repository.admin', _('Admin'),)]
		self.group_perms_choices = [('group.none', _('None'),),
		('group.read', _('Read'),),
		('group.write', _('Write'),),
		('group.admin', _('Admin'),)]
marcink renamed project to rhodecode	r547	self.register_choices = [
marcink #49 Enabled anonymous access for web interface controllable from permissions pannel	r673	('hg.register.none',
		_('disabled')),
marcink renamed project to rhodecode	r547	('hg.register.manual_activate',
marcink #49 Enabled anonymous access for web interface controllable from permissions pannel	r673	_('allowed with manual account activation')),
marcink renamed project to rhodecode	r547	('hg.register.auto_activate',
marcink #49 Enabled anonymous access for web interface controllable from permissions pannel	r673	_('allowed with automatic account activation')), ]
marcink Code refactoring,models renames...	r629
marcink renamed project to rhodecode	r547	self.create_choices = [('hg.create.none', _('Disabled')),
marcink Code refactoring,models renames...	r629	('hg.create.repository', _('Enabled'))]
marcink renamed project to rhodecode	r547
marcink RhodeCode now has a option to explicitly set forking permissions. ref #508...	r2709	self.fork_choices = [('hg.fork.none', _('Disabled')),
		('hg.fork.repository', _('Enabled'))]

		# set the global template variables
marcink implemented #663 Admin/permission: specify default repogroup perms...	r3052	c.repo_perms_choices = self.repo_perms_choices
		c.group_perms_choices = self.group_perms_choices
marcink RhodeCode now has a option to explicitly set forking permissions. ref #508...	r2709	c.register_choices = self.register_choices
		c.create_choices = self.create_choices
		c.fork_choices = self.fork_choices

marcink renamed project to rhodecode	r547	def index(self, format='html'):
		"""GET /permissions: All items in the collection"""
		# url('permissions')

		def create(self):
		"""POST /permissions: Create a new item"""
		# url('permissions')

		def new(self, format='html'):
		"""GET /permissions/new: Form to create a new item"""
		# url('new_permission')

		def update(self, id):
		"""PUT /permissions/id: Update an existing item"""
		# Forms posted to this method should contain a hidden field:
		# <input type="hidden" name="_method" value="PUT" />
		# Or using helpers:
		# h.form(url('permission', id=ID),
		# method='put')
		# url('permission', id=ID)
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	if id == 'default':
		c.user = default_user = User.get_by_username('default')
		c.perm_user = AuthUser(user_id=default_user.user_id)
		c.user_ip_map = UserIpMap.query()\
		.filter(UserIpMap.user == default_user).all()
		permission_model = PermissionModel()
marcink Code refactoring,models renames...	r629
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	_form = DefaultPermissionsForm(
		[x[0] for x in self.repo_perms_choices],
		[x[0] for x in self.group_perms_choices],
		[x[0] for x in self.register_choices],
		[x[0] for x in self.create_choices],
		[x[0] for x in self.fork_choices])()
marcink Code refactoring,models renames...	r629
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	try:
		form_result = _form.to_python(dict(request.POST))
		form_result.update({'perm_user_name': id})
		permission_model.update(form_result)
		Session().commit()
		h.flash(_('Default permissions updated successfully'),
		category='success')
marcink Code refactoring,models renames...	r629
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	except formencode.Invalid, errors:
		defaults = errors.value
marcink Code refactoring,models renames...	r629
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	return htmlfill.render(
		render('admin/permissions/permissions.html'),
		defaults=defaults,
		errors=errors.error_dict or {},
		prefix_error=False,
		encoding="UTF-8")
		except Exception:
		log.error(traceback.format_exc())
		h.flash(_('error occurred during update of permissions'),
		category='error')
marcink Code refactoring,models renames...	r629
marcink renamed project to rhodecode	r547	return redirect(url('edit_permission', id=id))
marcink Code refactoring,models renames...	r629
marcink renamed project to rhodecode	r547	def delete(self, id):
		"""DELETE /permissions/id: Delete an existing item"""
		# Forms posted to this method should contain a hidden field:
		# <input type="hidden" name="_method" value="DELETE" />
		# Or using helpers:
		# h.form(url('permission', id=ID),
		# method='delete')
		# url('permission', id=ID)

		def show(self, id, format='html'):
		"""GET /permissions/id: Show a specific item"""
		# url('permission', id=ID)

		def edit(self, id, format='html'):
		"""GET /permissions/id/edit: Form to edit an existing item"""
		#url('edit_permission', id=ID)
marcink Code refactoring,models renames...	r629
marcink RhodeCode now has a option to explicitly set forking permissions. ref #508...	r2709	#this form can only edit default user permissions
marcink renamed project to rhodecode	r547	if id == 'default':
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	c.user = default_user = User.get_by_username('default')
		defaults = {'anonymous': default_user.active}
		c.perm_user = AuthUser(user_id=default_user.user_id)
		c.user_ip_map = UserIpMap.query()\
		.filter(UserIpMap.user == default_user).all()
marcink #49 Enabled anonymous access for web interface controllable from permissions pannel	r673	for p in default_user.user_perms:
marcink renamed project to rhodecode	r547	if p.permission.permission_name.startswith('repository.'):
marcink implemented #663 Admin/permission: specify default repogroup perms...	r3052	defaults['default_repo_perm'] = p.permission.permission_name

		if p.permission.permission_name.startswith('group.'):
		defaults['default_group_perm'] = p.permission.permission_name
marcink Code refactoring,models renames...	r629
marcink renamed project to rhodecode	r547	if p.permission.permission_name.startswith('hg.register.'):
		defaults['default_register'] = p.permission.permission_name
marcink Code refactoring,models renames...	r629
marcink renamed project to rhodecode	r547	if p.permission.permission_name.startswith('hg.create.'):
		defaults['default_create'] = p.permission.permission_name
marcink Code refactoring,models renames...	r629
marcink RhodeCode now has a option to explicitly set forking permissions. ref #508...	r2709	if p.permission.permission_name.startswith('hg.fork.'):
		defaults['default_fork'] = p.permission.permission_name

marcink renamed project to rhodecode	r547	return htmlfill.render(
marcink RhodeCode now has a option to explicitly set forking permissions. ref #508...	r2709	render('admin/permissions/permissions.html'),
		defaults=defaults,
		encoding="UTF-8",
marcink Added UserIpMap interface for allowed IP addresses and IP restriction access...	r3125	force_defaults=False
marcink RhodeCode now has a option to explicitly set forking permissions. ref #508...	r2709	)
marcink renamed project to rhodecode	r547	else:
		return redirect(url('admin_home'))