# HG changeset patch
# User Marcin Kuzminski <marcin@python-works.com>
# Date 2010-12-29 16:50:47
# Node ID 62c04c5cc9710c84d8699ea68c6a45c7f2581e39
# Parent  1fed3c9161bb973b55c291c01a2647ad777cf246

Added some more details into user edit permissions view

diff --git a/rhodecode/controllers/admin/users.py b/rhodecode/controllers/admin/users.py
--- a/rhodecode/controllers/admin/users.py
+++ b/rhodecode/controllers/admin/users.py
@@ -30,13 +30,14 @@ import traceback
 import formencode
 
 from formencode import htmlfill
-from pylons import request, session, tmpl_context as c, url
+from pylons import request, session, tmpl_context as c, url, config
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 
-from rhodecode.lib.exceptions import *
+from rhodecode.lib.exceptions import DefaultUserException, UserOwnsReposException
 from rhodecode.lib import helpers as h
-from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
+from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
+    fill_perms
 from rhodecode.lib.base import BaseController, render
 
 from rhodecode.model.db import User
@@ -57,7 +58,7 @@ class UsersController(BaseController):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(UsersController, self).__before__()
-
+        c.available_permissions = config['available_permissions']
 
     def index(self, format='html'):
         """GET /users: All items in the collection"""
@@ -140,7 +141,7 @@ class UsersController(BaseController):
         user_model = UserModel()
         try:
             user_model.delete(id)
-            h.flash(_('sucessfully deleted user'), category='success')
+            h.flash(_('successfully deleted user'), category='success')
         except (UserOwnsReposException, DefaultUserException), e:
             h.flash(str(e), category='warning')
         except Exception:
@@ -162,8 +163,11 @@ class UsersController(BaseController):
         if c.user.username == 'default':
             h.flash(_("You can't edit this user"), category='warning')
             return redirect(url('users'))
+        c.user.permissions = {}
+        c.granted_permissions = fill_perms(c.user).permissions['global']
 
         defaults = c.user.get_dict()
+
         return htmlfill.render(
             render('admin/users/user_edit.html'),
             defaults=defaults,
diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py
--- a/rhodecode/lib/auth.py
+++ b/rhodecode/lib/auth.py
@@ -1,8 +1,14 @@
-#!/usr/bin/env python
-# encoding: utf-8
-# authentication and permission libraries
-# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
-#
+# -*- coding: utf-8 -*-
+"""
+    rhodecode.lib.auth
+    ~~~~~~~~~~~~~~~~~~
+    
+    authentication and permission libraries
+    
+    :created_on: Apr 4, 2010
+    :copyright: (c) 2010 by marcink.
+    :license: LICENSE_NAME, see LICENSE_FILE for more details.
+"""
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; version 2
@@ -17,26 +23,26 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
-"""
-Created on April 4, 2010
 
-@author: marcink
-"""
+import bcrypt
+import random
+import logging
+import traceback
+
+from decorator import decorator
+
 from pylons import config, session, url, request
 from pylons.controllers.util import abort, redirect
-from rhodecode.lib.exceptions import *
+
+from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError
 from rhodecode.lib.utils import get_repo_slug
 from rhodecode.lib.auth_ldap import AuthLdap
+
 from rhodecode.model import meta
 from rhodecode.model.user import UserModel
-from rhodecode.model.caching_query import FromCache
 from rhodecode.model.db import User, RepoToPerm, Repository, Permission, \
     UserToPerm
-import bcrypt
-from decorator import decorator
-import logging
-import random
-import traceback
+
 
 log = logging.getLogger(__name__)
 
@@ -172,12 +178,13 @@ class  AuthUser(object):
         return "<AuthUser('id:%s:%s')>" % (self.user_id, self.username)
 
 def set_available_permissions(config):
-    """
-    This function will propagate pylons globals with all available defined
+    """This function will propagate pylons globals with all available defined
     permission given in db. We don't wannt to check each time from db for new 
     permissions since adding a new permission also requires application restart
     ie. to decorate new views with the newly created permission
-    :param config:
+    
+    :param config: current pylons config instance
+    
     """
     log.info('getting information about all available permissions')
     try:
@@ -195,9 +202,10 @@ def set_base_path(config):
 
 
 def fill_perms(user):
-    """
-    Fills user permission attribute with permissions taken from database
+    """Fills user permission attribute with permissions taken from database
+    
     :param user:
+    
     """
 
     sa = meta.Session()
diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py
--- a/rhodecode/model/db.py
+++ b/rhodecode/model/db.py
@@ -117,6 +117,11 @@ class User(Base, BaseModel):
     def full_contact(self):
         return '%s %s <%s>' % (self.name, self.lastname, self.email)
 
+
+    @property
+    def is_admin(self):
+        return self.admin
+
     def __repr__(self):
         return "<%s('id:%s:%s')>" % (self.__class__.__name__,
                                      self.user_id, self.username)
diff --git a/rhodecode/templates/admin/users/user_edit.html b/rhodecode/templates/admin/users/user_edit.html
--- a/rhodecode/templates/admin/users/user_edit.html
+++ b/rhodecode/templates/admin/users/user_edit.html
@@ -113,8 +113,122 @@
     <div class="title">
         <h5>${_('Permissions')}</h5>       
     </div>
-    <div class="table">
-    Permissions settings goes here !
-    </div>
+	<form id="map_form" method="post" action="{%url update_permissions %}">
+	<div class="form">
+	  <div class="fields">
+	  
+	  
+	  
+		<table> 
+		        <tr>
+		            <td class="label">${_('Permissions')}:</td>
+		            <td>
+		                <div>
+		                    <div style="float:left">
+		                    <div class="text">${_('Granted permissions')}</div>
+		                        ${h.select('granted_permissions',[],c.granted_permissions,multiple=True,size=8,style="min-width:210px")}
+		                    </div>
+		                    <div style="float:left;width:20px;padding-top:50px">
+		                        <img alt="add" id="add_element" 
+		                            style="padding:2px;cursor:pointer" 
+		                            src="/images/icons/arrow_left.png">
+		                        <br />
+		                        <img alt="remove" id="remove_element" 
+		                            style="padding:2px;cursor:pointer" 
+		                            src="/images/icons/arrow_right.png">
+		                    </div>
+		                    <div style="float:left">
+		                        <div class="text">${_('Available permissions')}</div>
+		                         ${h.select('available_permissions',[],c.available_permissions,multiple=True,size=8,style="min-width:210px")}
+		                    </div>
+		                </div>
+		            </td>           
+		        </tr>       
+
+		</table>
+        <div class="buttons">
+         ${h.submit('Save','Save',class_="ui-button")}    
+        </div>
+	  </div>
+	</div>
+	</form>
+    
+    
+<script type="text/javascript">
+    YAHOO.util.Event.onDOMReady(function(){
+     
+            var D = YAHOO.util.Dom;
+            var E = YAHOO.util.Event;
+        
+            //temp container for storage.
+            var cache = new Array();
+            var c =  D.get('id_granted_permissions');
+            
+            //get only selected options for further fullfilment
+            for(var i = 0;node =c.options[i];i++){
+                if(node.selected){
+                    //push selected to my temp storage left overs :)
+                    cache.push(node);
+                }   
+            }
+            
+            //clear select
+            c.options.length = 0;
+
+            //fill it with remembered options
+            for(var i = 0;node = cache[i];i++){
+                c.options[i]=new Option(node.text, node.value, false, false);
+            }
+            
+            function target_callback(e){
+                window.location='/admin/t4?g='+e.target.value;
+            }
+
+            function prompts_action_callback(e){
+                
+                var choosen = D.get('id_granted_permissions');  
+                var availible = D.get('id_available_permissions');
+        
+                if (this.id=='add_element'){
+                    for(var i=0; node = availible.options[i];i++){
+                        if(node.selected){
+                            choosen.appendChild(new Option(node.text, node.value, false, false));
+                        }
+                    }
+                }
+                else if (this.id=='remove_element'){
+
+                    //temp container for storage.
+                    cache = new Array();
+                    
+                    for(var i = 0;node = choosen.options[i];i++){
+                        if(!node.selected){
+                            //push left overs :)
+                            cache.push(node);
+                        }   
+                    }
+                    //clear select
+                    choosen.options.length = 0;
+                    for(var i = 0;node = cache[i];i++){
+                        choosen.options[i]=new Option(node.text, node.value, false, false);
+                    }               
+                }                   
+                else{
+                    
+                }
+            }
+            
+            E.addListener('id_groups','change',target_callback);
+    
+            E.addListener(['add_element','remove_element'],'click',prompts_action_callback)
+
+            E.addListener('map_form','submit',function(){
+                var choosen = D.get('id_granted_permissions');
+                for (var i = 0; i < choosen.options.length; i++) {
+                    choosen.options[i].selected = 'selected';
+                }
+            })  
+        });
+</script>    
 </div>
 </%def>  
\ No newline at end of file
diff --git a/rhodecode/tests/functional/test_admin_users.py b/rhodecode/tests/functional/test_admin_users.py
--- a/rhodecode/tests/functional/test_admin_users.py
+++ b/rhodecode/tests/functional/test_admin_users.py
@@ -100,7 +100,7 @@ class TestAdminUsersController(TestContr
         new_user = self.sa.query(User).filter(User.username == username).one()
         response = self.app.delete(url('user', id=new_user.user_id))
 
-        assert """sucessfully deleted user""" in response.session['flash'][0], 'No info about user deletion'
+        assert """successfully deleted user""" in response.session['flash'][0], 'No info about user deletion'
 
 
     def test_delete_browser_fakeout(self):