# HG changeset patch # User Marcin Kuzminski # Date 2013-04-10 21:45:04 # Node ID 46b17730ca32ff960d0052cf0ff94da302b909f7 # Parent 87e6960e250bcd08c622a18e7eeca59284ae48cf implemented usergroup permissions checks. - each user who has now explicit or inherited permissions can create usersgrous - user is automatically an admin of that usergroup, and can manage it diff --git a/rhodecode/controllers/admin/users_groups.py b/rhodecode/controllers/admin/users_groups.py --- a/rhodecode/controllers/admin/users_groups.py +++ b/rhodecode/controllers/admin/users_groups.py @@ -36,7 +36,7 @@ from rhodecode.lib import helpers as h from rhodecode.lib.exceptions import UserGroupsAssignedException from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\ - HasUserGroupPermissionAnyDecorator + HasUserGroupPermissionAnyDecorator, HasPermissionAnyDecorator from rhodecode.lib.base import BaseController, render from rhodecode.model.scm import UserGroupList from rhodecode.model.users_group import UserGroupModel @@ -137,7 +137,7 @@ class UsersGroupsController(BaseControll c.users_groups_list = sorted(group_iter, key=sk) return render('admin/users_groups/users_groups.html') - @HasPermissionAllDecorator('hg.admin') + @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true') def create(self): """POST /users_groups: Create a new item""" # url('users_groups') @@ -169,7 +169,7 @@ class UsersGroupsController(BaseControll return redirect(url('users_groups')) - @HasPermissionAllDecorator('hg.admin') + @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true') def new(self, format='html'): """GET /users_groups/new: Form to create a new item""" # url('new_users_group') diff --git a/rhodecode/model/users_group.py b/rhodecode/model/users_group.py --- a/rhodecode/model/users_group.py +++ b/rhodecode/model/users_group.py @@ -106,6 +106,10 @@ class UserGroupModel(BaseModel): self.sa.add(new_user_group) perm_obj = self._create_default_perms(new_user_group) self.sa.add(perm_obj) + + self.grant_user_permission(user_group=new_user_group, + user=owner, perm='usergroup.admin') + return new_user_group except Exception: log.error(traceback.format_exc()) diff --git a/rhodecode/templates/admin/users_groups/users_groups.html b/rhodecode/templates/admin/users_groups/users_groups.html --- a/rhodecode/templates/admin/users_groups/users_groups.html +++ b/rhodecode/templates/admin/users_groups/users_groups.html @@ -21,10 +21,11 @@
${self.breadcrumbs()}