diff --git a/rhodecode/model/repo.py b/rhodecode/model/repo.py --- a/rhodecode/model/repo.py +++ b/rhodecode/model/repo.py @@ -175,6 +175,7 @@ class RepoModel(BaseModel): def get_repos_as_dict(self, repos_list=None, admin=False, perm_check=True, super_user_actions=False): _render = self._render_datatable + from pylons import tmpl_context as c def quick_menu(repo_name): return _render('quick_menu', repo_name) @@ -198,7 +199,6 @@ class RepoModel(BaseModel): cs_cache.get('message')) def desc(desc): - from pylons import tmpl_context as c if c.visual.stylify_metatags: return h.urlify_text(h.desc_stylize(h.truncate(desc, 60))) else: @@ -460,8 +460,8 @@ class RepoModel(BaseModel): enable_statistics, enable_locking, enable_downloads ) - def _update_permissions(self, repo, perms_new=None, - perms_updates=None): + def _update_permissions(self, repo, perms_new=None, perms_updates=None, + check_perms=True): if not perms_new: perms_new = [] if not perms_updates: @@ -476,8 +476,8 @@ class RepoModel(BaseModel): ) else: #check if we have permissions to alter this usergroup - if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', - 'usergroup.admin')(member): + req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin') + if not check_perms or HasUserGroupPermissionAny(*req_perms)(member): self.grant_users_group_permission( repo=repo, group_name=member, perm=perm ) @@ -489,8 +489,8 @@ class RepoModel(BaseModel): ) else: #check if we have permissions to alter this usergroup - if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', - 'usergroup.admin')(member): + req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin') + if not check_perms or HasUserGroupPermissionAny(*req_perms)(member): self.grant_users_group_permission( repo=repo, group_name=member, perm=perm ) diff --git a/rhodecode/model/repos_group.py b/rhodecode/model/repos_group.py --- a/rhodecode/model/repos_group.py +++ b/rhodecode/model/repos_group.py @@ -167,9 +167,11 @@ class ReposGroupModel(BaseModel): raise def _update_permissions(self, repos_group, perms_new=None, - perms_updates=None, recursive=False): + perms_updates=None, recursive=False, + check_perms=True): from rhodecode.model.repo import RepoModel from rhodecode.lib.auth import HasUserGroupPermissionAny + if not perms_new: perms_new = [] if not perms_updates: @@ -222,8 +224,8 @@ class ReposGroupModel(BaseModel): ## set for user group else: #check if we have permissions to alter this usergroup - if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', - 'usergroup.admin')(member): + req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin') + if not check_perms or HasUserGroupPermissionAny(*req_perms)(member): _set_perm_group(obj, users_group=member, perm=perm) # set new permissions for member, perm, member_type in perms_new: @@ -231,8 +233,8 @@ class ReposGroupModel(BaseModel): _set_perm_user(obj, user=member, perm=perm) else: #check if we have permissions to alter this usergroup - if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', - 'usergroup.admin')(member): + req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin') + if not check_perms or HasUserGroupPermissionAny(*req_perms)(member): _set_perm_group(obj, users_group=member, perm=perm) updates.append(obj) #if it's not recursive call