# HG changeset patch # User Marcin Kuzminski # Date 2013-04-22 22:47:22 # Node ID 222e6769e7b50506bdf24c104b84b6498dc06352 # Parent 7d815483717449363fc8c40488b0907891229f07 Added separate default permission for external_auth account activation. This flag allows users to define separate option of how activation of external_accounts should be performed. diff --git a/rhodecode/controllers/admin/permissions.py b/rhodecode/controllers/admin/permissions.py --- a/rhodecode/controllers/admin/permissions.py +++ b/rhodecode/controllers/admin/permissions.py @@ -75,6 +75,11 @@ class PermissionsController(BaseControll ('hg.register.auto_activate', _('Allowed with automatic account activation')), ] + c.extern_activate_choices = [ + ('hg.extern_activate.manual', _('Manual activation of external account')), + ('hg.extern_activate.auto', _('Automatic activation of external account')), + ] + c.repo_create_choices = [('hg.create.none', _('Disabled')), ('hg.create.repository', _('Enabled'))] @@ -121,7 +126,9 @@ class PermissionsController(BaseControll [x[0] for x in c.repo_group_create_choices], [x[0] for x in c.user_group_create_choices], [x[0] for x in c.fork_choices], - [x[0] for x in c.register_choices])() + [x[0] for x in c.register_choices], + [x[0] for x in c.extern_activate_choices], + )() try: form_result = _form.to_python(dict(request.POST)) @@ -194,6 +201,9 @@ class PermissionsController(BaseControll if p.permission.permission_name.startswith('hg.register.'): defaults['default_register'] = p.permission.permission_name + if p.permission.permission_name.startswith('hg.extern_activate.'): + defaults['default_extern_activate'] = p.permission.permission_name + if p.permission.permission_name.startswith('hg.fork.'): defaults['default_fork'] = p.permission.permission_name diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py --- a/rhodecode/lib/auth.py +++ b/rhodecode/lib/auth.py @@ -228,8 +228,8 @@ def authenticate(username, password): 'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')), 'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')), 'email': get_ldap_attr('ldap_attr_email'), - 'active': 'hg.register.auto_activate' in User\ - .get_default_user().AuthUser.permissions['global'] + 'active': 'hg.extern_activate.auto' in User.get_default_user()\ + .AuthUser.permissions['global'] } # don't store LDAP password since we don't need it. Override @@ -258,8 +258,8 @@ def login_container_auth(username): 'name': username, 'lastname': None, 'email': None, - 'active': 'hg.register.auto_activate' in User\ - .get_default_user().AuthUser.permissions['global'] + 'active': 'hg.extern_activate.auto' in User.get_default_user()\ + .AuthUser.permissions['global'] } user = UserModel().create_for_container_auth(username, user_attrs) if not user: diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py --- a/rhodecode/model/db.py +++ b/rhodecode/model/db.py @@ -1424,12 +1424,13 @@ class Permission(Base, BaseModel): ('hg.fork.none', _('Repository forking disabled')), ('hg.fork.repository', _('Repository forking enabled')), - ('hg.register.none', _('Register disabled')), - ('hg.register.manual_activate', _('Register new user with RhodeCode ' - 'with manual activation')), + ('hg.register.none', _('Registration disabled')), + ('hg.register.manual_activate', _('User Registration with manual account activation')), + ('hg.register.auto_activate', _('User Registration with automatic account activation')), - ('hg.register.auto_activate', _('Register new user with RhodeCode ' - 'with auto activation')), + ('hg.extern_activate.manual', _('Manual activation of external account')), + ('hg.extern_activate.auto', _('Automatic activation of external account')), + ] #definition of system default permissions for DEFAULT user @@ -1440,6 +1441,7 @@ class Permission(Base, BaseModel): 'hg.create.repository', 'hg.fork.repository', 'hg.register.manual_activate', + 'hg.extern_activate.auto', ] # defines which permissions are more important higher the more important diff --git a/rhodecode/model/forms.py b/rhodecode/model/forms.py --- a/rhodecode/model/forms.py +++ b/rhodecode/model/forms.py @@ -312,7 +312,7 @@ def ApplicationUiSettingsForm(): def DefaultPermissionsForm(repo_perms_choices, group_perms_choices, user_group_perms_choices, create_choices, repo_group_create_choices, user_group_create_choices, - fork_choices, register_choices): + fork_choices, register_choices, extern_activate_choices): class _DefaultPermissionsForm(formencode.Schema): allow_extra_fields = True filter_extra_fields = True @@ -330,6 +330,7 @@ def DefaultPermissionsForm(repo_perms_ch default_fork = v.OneOf(fork_choices) default_register = v.OneOf(register_choices) + default_extern_activate = v.OneOf(extern_activate_choices) return _DefaultPermissionsForm diff --git a/rhodecode/model/permission.py b/rhodecode/model/permission.py --- a/rhodecode/model/permission.py +++ b/rhodecode/model/permission.py @@ -117,7 +117,8 @@ class PermissionModel(BaseModel): 'default_repo_create', #'default_repo_group_create', #not implemented yet 'default_user_group_create', - 'default_fork', 'default_register']: + 'default_fork', 'default_register', + 'default_extern_activate']: p = _make_new(perm_user, form_result[def_perm_key]) self.sa.add(p) diff --git a/rhodecode/templates/admin/permissions/permissions.html b/rhodecode/templates/admin/permissions/permissions.html --- a/rhodecode/templates/admin/permissions/permissions.html +++ b/rhodecode/templates/admin/permissions/permissions.html @@ -110,6 +110,14 @@ ${h.select('default_register','',c.register_choices)} +
+
+ +
+
+ ${h.select('default_extern_activate','',c.extern_activate_choices)} +
+
${h.submit('save',_('Save'),class_="ui-btn large")} ${h.reset('reset',_('Reset'),class_="ui-btn large")}