Show More
| @@ -1,401 +1,401 b'' | |||||
| 1 | # -*- coding: utf-8 -*- |
|
1 | # -*- coding: utf-8 -*- | |
| 2 | """ |
|
2 | """ | |
| 3 | rhodecode.controllers.admin.repos_groups |
|
3 | rhodecode.controllers.admin.repos_groups | |
| 4 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
4 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 5 |
|
5 | |||
| 6 | Repository groups controller for RhodeCode |
|
6 | Repository groups controller for RhodeCode | |
| 7 |
|
7 | |||
| 8 | :created_on: Mar 23, 2010 |
|
8 | :created_on: Mar 23, 2010 | |
| 9 | :author: marcink |
|
9 | :author: marcink | |
| 10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |
| 11 | :license: GPLv3, see COPYING for more details. |
|
11 | :license: GPLv3, see COPYING for more details. | |
| 12 | """ |
|
12 | """ | |
| 13 | # This program is free software: you can redistribute it and/or modify |
|
13 | # This program is free software: you can redistribute it and/or modify | |
| 14 | # it under the terms of the GNU General Public License as published by |
|
14 | # it under the terms of the GNU General Public License as published by | |
| 15 | # the Free Software Foundation, either version 3 of the License, or |
|
15 | # the Free Software Foundation, either version 3 of the License, or | |
| 16 | # (at your option) any later version. |
|
16 | # (at your option) any later version. | |
| 17 | # |
|
17 | # | |
| 18 | # This program is distributed in the hope that it will be useful, |
|
18 | # This program is distributed in the hope that it will be useful, | |
| 19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 21 | # GNU General Public License for more details. |
|
21 | # GNU General Public License for more details. | |
| 22 | # |
|
22 | # | |
| 23 | # You should have received a copy of the GNU General Public License |
|
23 | # You should have received a copy of the GNU General Public License | |
| 24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 25 |
|
25 | |||
| 26 | import logging |
|
26 | import logging | |
| 27 | import traceback |
|
27 | import traceback | |
| 28 | import formencode |
|
28 | import formencode | |
| 29 |
|
29 | |||
| 30 | from formencode import htmlfill |
|
30 | from formencode import htmlfill | |
| 31 |
|
31 | |||
| 32 | from pylons import request, tmpl_context as c, url |
|
32 | from pylons import request, tmpl_context as c, url | |
| 33 | from pylons.controllers.util import abort, redirect |
|
33 | from pylons.controllers.util import abort, redirect | |
| 34 | from pylons.i18n.translation import _ |
|
34 | from pylons.i18n.translation import _ | |
| 35 |
|
35 | |||
| 36 | from sqlalchemy.exc import IntegrityError |
|
36 | from sqlalchemy.exc import IntegrityError | |
| 37 |
|
37 | |||
| 38 | import rhodecode |
|
38 | import rhodecode | |
| 39 | from rhodecode.lib import helpers as h |
|
39 | from rhodecode.lib import helpers as h | |
| 40 | from rhodecode.lib.compat import json |
|
40 | from rhodecode.lib.compat import json | |
| 41 | from rhodecode.lib.auth import LoginRequired, HasPermissionAnyDecorator,\ |
|
41 | from rhodecode.lib.auth import LoginRequired, HasPermissionAnyDecorator,\ | |
| 42 | HasReposGroupPermissionAnyDecorator, HasReposGroupPermissionAll,\ |
|
42 | HasReposGroupPermissionAnyDecorator, HasReposGroupPermissionAll,\ | |
| 43 | HasPermissionAll |
|
43 | HasPermissionAll | |
| 44 | from rhodecode.lib.base import BaseController, render |
|
44 | from rhodecode.lib.base import BaseController, render | |
| 45 | from rhodecode.model.db import RepoGroup, Repository |
|
45 | from rhodecode.model.db import RepoGroup, Repository | |
| 46 | from rhodecode.model.scm import RepoGroupList |
|
46 | from rhodecode.model.scm import RepoGroupList | |
| 47 | from rhodecode.model.repos_group import ReposGroupModel |
|
47 | from rhodecode.model.repos_group import ReposGroupModel | |
| 48 | from rhodecode.model.forms import ReposGroupForm, RepoGroupPermsForm |
|
48 | from rhodecode.model.forms import ReposGroupForm, RepoGroupPermsForm | |
| 49 | from rhodecode.model.meta import Session |
|
49 | from rhodecode.model.meta import Session | |
| 50 | from rhodecode.model.repo import RepoModel |
|
50 | from rhodecode.model.repo import RepoModel | |
| 51 | from webob.exc import HTTPInternalServerError, HTTPNotFound |
|
51 | from webob.exc import HTTPInternalServerError, HTTPNotFound | |
| 52 | from rhodecode.lib.utils2 import str2bool, safe_int |
|
52 | from rhodecode.lib.utils2 import str2bool, safe_int | |
| 53 | from sqlalchemy.sql.expression import func |
|
53 | from sqlalchemy.sql.expression import func | |
| 54 |
|
54 | |||
| 55 |
|
55 | |||
| 56 | log = logging.getLogger(__name__) |
|
56 | log = logging.getLogger(__name__) | |
| 57 |
|
57 | |||
| 58 |
|
58 | |||
| 59 | class ReposGroupsController(BaseController): |
|
59 | class ReposGroupsController(BaseController): | |
| 60 | """REST Controller styled on the Atom Publishing Protocol""" |
|
60 | """REST Controller styled on the Atom Publishing Protocol""" | |
| 61 | # To properly map this controller, ensure your config/routing.py |
|
61 | # To properly map this controller, ensure your config/routing.py | |
| 62 | # file has a resource setup: |
|
62 | # file has a resource setup: | |
| 63 | # map.resource('repos_group', 'repos_groups') |
|
63 | # map.resource('repos_group', 'repos_groups') | |
| 64 |
|
64 | |||
| 65 | @LoginRequired() |
|
65 | @LoginRequired() | |
| 66 | def __before__(self): |
|
66 | def __before__(self): | |
| 67 | super(ReposGroupsController, self).__before__() |
|
67 | super(ReposGroupsController, self).__before__() | |
| 68 |
|
68 | |||
| 69 | def __load_defaults(self, allow_empty_group=False, exclude_group_ids=[]): |
|
69 | def __load_defaults(self, allow_empty_group=False, exclude_group_ids=[]): | |
| 70 | if HasPermissionAll('hg.admin')('group edit'): |
|
70 | if HasPermissionAll('hg.admin')('group edit'): | |
| 71 | #we're global admin, we're ok and we can create TOP level groups |
|
71 | #we're global admin, we're ok and we can create TOP level groups | |
| 72 | allow_empty_group = True |
|
72 | allow_empty_group = True | |
| 73 |
|
73 | |||
| 74 | #override the choices for this form, we need to filter choices |
|
74 | #override the choices for this form, we need to filter choices | |
| 75 | #and display only those we have ADMIN right |
|
75 | #and display only those we have ADMIN right | |
| 76 | groups_with_admin_rights = RepoGroupList(RepoGroup.query().all(), |
|
76 | groups_with_admin_rights = RepoGroupList(RepoGroup.query().all(), | |
| 77 | perm_set=['group.admin']) |
|
77 | perm_set=['group.admin']) | |
| 78 | c.repo_groups = RepoGroup.groups_choices(groups=groups_with_admin_rights, |
|
78 | c.repo_groups = RepoGroup.groups_choices(groups=groups_with_admin_rights, | |
| 79 | show_empty_group=allow_empty_group) |
|
79 | show_empty_group=allow_empty_group) | |
| 80 | # exclude filtered ids |
|
80 | # exclude filtered ids | |
| 81 | c.repo_groups = filter(lambda x: x[0] not in exclude_group_ids, |
|
81 | c.repo_groups = filter(lambda x: x[0] not in exclude_group_ids, | |
| 82 | c.repo_groups) |
|
82 | c.repo_groups) | |
| 83 | c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) |
|
83 | c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) | |
| 84 | repo_model = RepoModel() |
|
84 | repo_model = RepoModel() | |
| 85 | c.users_array = repo_model.get_users_js() |
|
85 | c.users_array = repo_model.get_users_js() | |
| 86 | c.users_groups_array = repo_model.get_users_groups_js() |
|
86 | c.users_groups_array = repo_model.get_users_groups_js() | |
| 87 |
|
87 | |||
| 88 | def __load_data(self, group_id): |
|
88 | def __load_data(self, group_id): | |
| 89 | """ |
|
89 | """ | |
| 90 | Load defaults settings for edit, and update |
|
90 | Load defaults settings for edit, and update | |
| 91 |
|
91 | |||
| 92 | :param group_id: |
|
92 | :param group_id: | |
| 93 | """ |
|
93 | """ | |
| 94 | repo_group = RepoGroup.get_or_404(group_id) |
|
94 | repo_group = RepoGroup.get_or_404(group_id) | |
| 95 | data = repo_group.get_dict() |
|
95 | data = repo_group.get_dict() | |
| 96 | data['group_name'] = repo_group.name |
|
96 | data['group_name'] = repo_group.name | |
| 97 |
|
97 | |||
| 98 | # fill repository group users |
|
98 | # fill repository group users | |
| 99 | for p in repo_group.repo_group_to_perm: |
|
99 | for p in repo_group.repo_group_to_perm: | |
| 100 | data.update({'u_perm_%s' % p.user.username: |
|
100 | data.update({'u_perm_%s' % p.user.username: | |
| 101 | p.permission.permission_name}) |
|
101 | p.permission.permission_name}) | |
| 102 |
|
102 | |||
| 103 | # fill repository group groups |
|
103 | # fill repository group groups | |
| 104 | for p in repo_group.users_group_to_perm: |
|
104 | for p in repo_group.users_group_to_perm: | |
| 105 | data.update({'g_perm_%s' % p.users_group.users_group_name: |
|
105 | data.update({'g_perm_%s' % p.users_group.users_group_name: | |
| 106 | p.permission.permission_name}) |
|
106 | p.permission.permission_name}) | |
| 107 |
|
107 | |||
| 108 | return data |
|
108 | return data | |
| 109 |
|
109 | |||
| 110 | def _revoke_perms_on_yourself(self, form_result): |
|
110 | def _revoke_perms_on_yourself(self, form_result): | |
| 111 | _up = filter(lambda u: c.rhodecode_user.username == u[0], |
|
111 | _up = filter(lambda u: c.rhodecode_user.username == u[0], | |
| 112 | form_result['perms_updates']) |
|
112 | form_result['perms_updates']) | |
| 113 | _new = filter(lambda u: c.rhodecode_user.username == u[0], |
|
113 | _new = filter(lambda u: c.rhodecode_user.username == u[0], | |
| 114 | form_result['perms_new']) |
|
114 | form_result['perms_new']) | |
| 115 | if _new and _new[0][1] != 'group.admin' or _up and _up[0][1] != 'group.admin': |
|
115 | if _new and _new[0][1] != 'group.admin' or _up and _up[0][1] != 'group.admin': | |
| 116 | return True |
|
116 | return True | |
| 117 | return False |
|
117 | return False | |
| 118 |
|
118 | |||
| 119 | def index(self, format='html'): |
|
119 | def index(self, format='html'): | |
| 120 | """GET /repos_groups: All items in the collection""" |
|
120 | """GET /repos_groups: All items in the collection""" | |
| 121 | # url('repos_groups') |
|
121 | # url('repos_groups') | |
| 122 | group_iter = RepoGroupList(RepoGroup.query().all(), |
|
122 | group_iter = RepoGroupList(RepoGroup.query().all(), | |
| 123 | perm_set=['group.admin']) |
|
123 | perm_set=['group.admin']) | |
| 124 | sk = lambda g: g.parents[0].group_name if g.parents else g.group_name |
|
124 | sk = lambda g: g.parents[0].group_name if g.parents else g.group_name | |
| 125 | c.groups = sorted(group_iter, key=sk) |
|
125 | c.groups = sorted(group_iter, key=sk) | |
| 126 | return render('admin/repos_groups/repos_groups_show.html') |
|
126 | return render('admin/repos_groups/repos_groups_show.html') | |
| 127 |
|
127 | |||
| 128 | def create(self): |
|
128 | def create(self): | |
| 129 | """POST /repos_groups: Create a new item""" |
|
129 | """POST /repos_groups: Create a new item""" | |
| 130 | # url('repos_groups') |
|
130 | # url('repos_groups') | |
| 131 |
|
131 | |||
| 132 | self.__load_defaults() |
|
132 | self.__load_defaults() | |
| 133 |
|
133 | |||
| 134 | # permissions for can create group based on parent_id are checked |
|
134 | # permissions for can create group based on parent_id are checked | |
| 135 | # here in the Form |
|
135 | # here in the Form | |
| 136 | repos_group_form = ReposGroupForm(available_groups= |
|
136 | repos_group_form = ReposGroupForm(available_groups= | |
| 137 | map(lambda k: unicode(k[0]), c.repo_groups))() |
|
137 | map(lambda k: unicode(k[0]), c.repo_groups))() | |
| 138 | try: |
|
138 | try: | |
| 139 | form_result = repos_group_form.to_python(dict(request.POST)) |
|
139 | form_result = repos_group_form.to_python(dict(request.POST)) | |
| 140 | ReposGroupModel().create( |
|
140 | ReposGroupModel().create( | |
| 141 | group_name=form_result['group_name'], |
|
141 | group_name=form_result['group_name'], | |
| 142 | group_description=form_result['group_description'], |
|
142 | group_description=form_result['group_description'], | |
| 143 | parent=form_result['group_parent_id'], |
|
143 | parent=form_result['group_parent_id'], | |
| 144 | owner=self.rhodecode_user.user_id |
|
144 | owner=self.rhodecode_user.user_id | |
| 145 | ) |
|
145 | ) | |
| 146 | Session().commit() |
|
146 | Session().commit() | |
| 147 | h.flash(_('Created repository group %s') \ |
|
147 | h.flash(_('Created repository group %s') \ | |
| 148 | % form_result['group_name'], category='success') |
|
148 | % form_result['group_name'], category='success') | |
| 149 | #TODO: in futureaction_logger(, '', '', '', self.sa) |
|
149 | #TODO: in futureaction_logger(, '', '', '', self.sa) | |
| 150 | except formencode.Invalid, errors: |
|
150 | except formencode.Invalid, errors: | |
| 151 | return htmlfill.render( |
|
151 | return htmlfill.render( | |
| 152 | render('admin/repos_groups/repos_groups_add.html'), |
|
152 | render('admin/repos_groups/repos_groups_add.html'), | |
| 153 | defaults=errors.value, |
|
153 | defaults=errors.value, | |
| 154 | errors=errors.error_dict or {}, |
|
154 | errors=errors.error_dict or {}, | |
| 155 | prefix_error=False, |
|
155 | prefix_error=False, | |
| 156 | encoding="UTF-8") |
|
156 | encoding="UTF-8") | |
| 157 | except Exception: |
|
157 | except Exception: | |
| 158 | log.error(traceback.format_exc()) |
|
158 | log.error(traceback.format_exc()) | |
| 159 | h.flash(_('Error occurred during creation of repository group %s') \ |
|
159 | h.flash(_('Error occurred during creation of repository group %s') \ | |
| 160 | % request.POST.get('group_name'), category='error') |
|
160 | % request.POST.get('group_name'), category='error') | |
| 161 | parent_group_id = form_result['group_parent_id'] |
|
161 | parent_group_id = form_result['group_parent_id'] | |
| 162 | #TODO: maybe we should get back to the main view, not the admin one |
|
162 | #TODO: maybe we should get back to the main view, not the admin one | |
| 163 | return redirect(url('repos_groups', parent_group=parent_group_id)) |
|
163 | return redirect(url('repos_groups', parent_group=parent_group_id)) | |
| 164 |
|
164 | |||
| 165 | def new(self, format='html'): |
|
165 | def new(self, format='html'): | |
| 166 | """GET /repos_groups/new: Form to create a new item""" |
|
166 | """GET /repos_groups/new: Form to create a new item""" | |
| 167 | # url('new_repos_group') |
|
167 | # url('new_repos_group') | |
| 168 | if HasPermissionAll('hg.admin')('group create'): |
|
168 | if HasPermissionAll('hg.admin')('group create'): | |
| 169 | #we're global admin, we're ok and we can create TOP level groups |
|
169 | #we're global admin, we're ok and we can create TOP level groups | |
| 170 | pass |
|
170 | pass | |
| 171 | else: |
|
171 | else: | |
| 172 | # we pass in parent group into creation form, thus we know |
|
172 | # we pass in parent group into creation form, thus we know | |
| 173 | # what would be the group, we can check perms here ! |
|
173 | # what would be the group, we can check perms here ! | |
| 174 | group_id = safe_int(request.GET.get('parent_group')) |
|
174 | group_id = safe_int(request.GET.get('parent_group')) | |
| 175 | group = RepoGroup.get(group_id) if group_id else None |
|
175 | group = RepoGroup.get(group_id) if group_id else None | |
| 176 | group_name = group.group_name if group else None |
|
176 | group_name = group.group_name if group else None | |
| 177 | if HasReposGroupPermissionAll('group.admin')(group_name, 'group create'): |
|
177 | if HasReposGroupPermissionAll('group.admin')(group_name, 'group create'): | |
| 178 | pass |
|
178 | pass | |
| 179 | else: |
|
179 | else: | |
| 180 | return abort(403) |
|
180 | return abort(403) | |
| 181 |
|
181 | |||
| 182 | self.__load_defaults() |
|
182 | self.__load_defaults() | |
| 183 | return render('admin/repos_groups/repos_groups_add.html') |
|
183 | return render('admin/repos_groups/repos_groups_add.html') | |
| 184 |
|
184 | |||
| 185 | @HasReposGroupPermissionAnyDecorator('group.admin') |
|
185 | @HasReposGroupPermissionAnyDecorator('group.admin') | |
| 186 | def update(self, group_name): |
|
186 | def update(self, group_name): | |
| 187 | """PUT /repos_groups/group_name: Update an existing item""" |
|
187 | """PUT /repos_groups/group_name: Update an existing item""" | |
| 188 | # Forms posted to this method should contain a hidden field: |
|
188 | # Forms posted to this method should contain a hidden field: | |
| 189 | # <input type="hidden" name="_method" value="PUT" /> |
|
189 | # <input type="hidden" name="_method" value="PUT" /> | |
| 190 | # Or using helpers: |
|
190 | # Or using helpers: | |
| 191 | # h.form(url('repos_group', group_name=GROUP_NAME), |
|
191 | # h.form(url('repos_group', group_name=GROUP_NAME), | |
| 192 | # method='put') |
|
192 | # method='put') | |
| 193 | # url('repos_group', group_name=GROUP_NAME) |
|
193 | # url('repos_group', group_name=GROUP_NAME) | |
| 194 |
|
194 | |||
| 195 | c.repos_group = ReposGroupModel()._get_repo_group(group_name) |
|
195 | c.repos_group = ReposGroupModel()._get_repo_group(group_name) | |
| 196 | if HasPermissionAll('hg.admin')('group edit'): |
|
196 | if HasPermissionAll('hg.admin')('group edit'): | |
| 197 | #we're global admin, we're ok and we can create TOP level groups |
|
197 | #we're global admin, we're ok and we can create TOP level groups | |
| 198 | allow_empty_group = True |
|
198 | allow_empty_group = True | |
| 199 | elif not c.repos_group.parent_group: |
|
199 | elif not c.repos_group.parent_group: | |
| 200 | allow_empty_group = True |
|
200 | allow_empty_group = True | |
| 201 | else: |
|
201 | else: | |
| 202 | allow_empty_group = False |
|
202 | allow_empty_group = False | |
| 203 | self.__load_defaults(allow_empty_group=allow_empty_group, |
|
203 | self.__load_defaults(allow_empty_group=allow_empty_group, | |
| 204 | exclude_group_ids=[c.repos_group.group_id]) |
|
204 | exclude_group_ids=[c.repos_group.group_id]) | |
| 205 |
|
205 | |||
| 206 | repos_group_form = ReposGroupForm( |
|
206 | repos_group_form = ReposGroupForm( | |
| 207 | edit=True, |
|
207 | edit=True, | |
| 208 | old_data=c.repos_group.get_dict(), |
|
208 | old_data=c.repos_group.get_dict(), | |
| 209 | available_groups=c.repo_groups_choices, |
|
209 | available_groups=c.repo_groups_choices, | |
| 210 | can_create_in_root=allow_empty_group, |
|
210 | can_create_in_root=allow_empty_group, | |
| 211 | )() |
|
211 | )() | |
| 212 | try: |
|
212 | try: | |
| 213 | form_result = repos_group_form.to_python(dict(request.POST)) |
|
213 | form_result = repos_group_form.to_python(dict(request.POST)) | |
| 214 |
|
214 | |||
| 215 | new_gr = ReposGroupModel().update(group_name, form_result) |
|
215 | new_gr = ReposGroupModel().update(group_name, form_result) | |
| 216 | Session().commit() |
|
216 | Session().commit() | |
| 217 | h.flash(_('Updated repository group %s') \ |
|
217 | h.flash(_('Updated repository group %s') \ | |
| 218 | % form_result['group_name'], category='success') |
|
218 | % form_result['group_name'], category='success') | |
| 219 | # we now have new name ! |
|
219 | # we now have new name ! | |
| 220 | group_name = new_gr.group_name |
|
220 | group_name = new_gr.group_name | |
| 221 | #TODO: in future action_logger(, '', '', '', self.sa) |
|
221 | #TODO: in future action_logger(, '', '', '', self.sa) | |
| 222 | except formencode.Invalid, errors: |
|
222 | except formencode.Invalid, errors: | |
| 223 |
|
223 | |||
| 224 | return htmlfill.render( |
|
224 | return htmlfill.render( | |
| 225 | render('admin/repos_groups/repos_groups_edit.html'), |
|
225 | render('admin/repos_groups/repos_groups_edit.html'), | |
| 226 | defaults=errors.value, |
|
226 | defaults=errors.value, | |
| 227 | errors=errors.error_dict or {}, |
|
227 | errors=errors.error_dict or {}, | |
| 228 | prefix_error=False, |
|
228 | prefix_error=False, | |
| 229 | encoding="UTF-8") |
|
229 | encoding="UTF-8") | |
| 230 | except Exception: |
|
230 | except Exception: | |
| 231 | log.error(traceback.format_exc()) |
|
231 | log.error(traceback.format_exc()) | |
| 232 | h.flash(_('Error occurred during update of repository group %s') \ |
|
232 | h.flash(_('Error occurred during update of repository group %s') \ | |
| 233 | % request.POST.get('group_name'), category='error') |
|
233 | % request.POST.get('group_name'), category='error') | |
| 234 |
|
234 | |||
| 235 | return redirect(url('edit_repos_group', group_name=group_name)) |
|
235 | return redirect(url('edit_repos_group', group_name=group_name)) | |
| 236 |
|
236 | |||
| 237 | @HasReposGroupPermissionAnyDecorator('group.admin') |
|
237 | @HasReposGroupPermissionAnyDecorator('group.admin') | |
| 238 | def delete(self, group_name): |
|
238 | def delete(self, group_name): | |
| 239 | """DELETE /repos_groups/group_name: Delete an existing item""" |
|
239 | """DELETE /repos_groups/group_name: Delete an existing item""" | |
| 240 | # Forms posted to this method should contain a hidden field: |
|
240 | # Forms posted to this method should contain a hidden field: | |
| 241 | # <input type="hidden" name="_method" value="DELETE" /> |
|
241 | # <input type="hidden" name="_method" value="DELETE" /> | |
| 242 | # Or using helpers: |
|
242 | # Or using helpers: | |
| 243 | # h.form(url('repos_group', group_name=GROUP_NAME), |
|
243 | # h.form(url('repos_group', group_name=GROUP_NAME), | |
| 244 | # method='delete') |
|
244 | # method='delete') | |
| 245 | # url('repos_group', group_name=GROUP_NAME) |
|
245 | # url('repos_group', group_name=GROUP_NAME) | |
| 246 |
|
246 | |||
| 247 | gr = c.repos_group = ReposGroupModel()._get_repo_group(group_name) |
|
247 | gr = c.repos_group = ReposGroupModel()._get_repo_group(group_name) | |
| 248 | repos = gr.repositories.all() |
|
248 | repos = gr.repositories.all() | |
| 249 | if repos: |
|
249 | if repos: | |
| 250 | h.flash(_('This group contains %s repositores and cannot be ' |
|
250 | h.flash(_('This group contains %s repositores and cannot be ' | |
| 251 | 'deleted') % len(repos), category='warning') |
|
251 | 'deleted') % len(repos), category='warning') | |
| 252 | return redirect(url('repos_groups')) |
|
252 | return redirect(url('repos_groups')) | |
| 253 |
|
253 | |||
| 254 | children = gr.children.all() |
|
254 | children = gr.children.all() | |
| 255 | if children: |
|
255 | if children: | |
| 256 | h.flash(_('This group contains %s subgroups and cannot be deleted' |
|
256 | h.flash(_('This group contains %s subgroups and cannot be deleted' | |
| 257 | % (len(children))), category='warning') |
|
257 | % (len(children))), category='warning') | |
| 258 | return redirect(url('repos_groups')) |
|
258 | return redirect(url('repos_groups')) | |
| 259 |
|
259 | |||
| 260 | try: |
|
260 | try: | |
| 261 | ReposGroupModel().delete(group_name) |
|
261 | ReposGroupModel().delete(group_name) | |
| 262 | Session().commit() |
|
262 | Session().commit() | |
| 263 | h.flash(_('Removed repository group %s') % group_name, |
|
263 | h.flash(_('Removed repository group %s') % group_name, | |
| 264 | category='success') |
|
264 | category='success') | |
| 265 | #TODO: in future action_logger(, '', '', '', self.sa) |
|
265 | #TODO: in future action_logger(, '', '', '', self.sa) | |
| 266 | except Exception: |
|
266 | except Exception: | |
| 267 | log.error(traceback.format_exc()) |
|
267 | log.error(traceback.format_exc()) | |
| 268 | h.flash(_('Error occurred during deletion of repos ' |
|
268 | h.flash(_('Error occurred during deletion of repository group %s') | |
| 269 |
|
|
269 | % group_name, category='error') | |
| 270 |
|
270 | |||
| 271 | return redirect(url('repos_groups')) |
|
271 | return redirect(url('repos_groups')) | |
| 272 |
|
272 | |||
| 273 | @HasReposGroupPermissionAnyDecorator('group.admin') |
|
273 | @HasReposGroupPermissionAnyDecorator('group.admin') | |
| 274 | def set_repo_group_perm_member(self, group_name): |
|
274 | def set_repo_group_perm_member(self, group_name): | |
| 275 | c.repos_group = ReposGroupModel()._get_repo_group(group_name) |
|
275 | c.repos_group = ReposGroupModel()._get_repo_group(group_name) | |
| 276 | form_result = RepoGroupPermsForm()().to_python(request.POST) |
|
276 | form_result = RepoGroupPermsForm()().to_python(request.POST) | |
| 277 | if not c.rhodecode_user.is_admin: |
|
277 | if not c.rhodecode_user.is_admin: | |
| 278 | if self._revoke_perms_on_yourself(form_result): |
|
278 | if self._revoke_perms_on_yourself(form_result): | |
| 279 | msg = _('Cannot revoke permission for yourself as admin') |
|
279 | msg = _('Cannot revoke permission for yourself as admin') | |
| 280 | h.flash(msg, category='warning') |
|
280 | h.flash(msg, category='warning') | |
| 281 | return redirect(url('edit_repos_group', group_name=group_name)) |
|
281 | return redirect(url('edit_repos_group', group_name=group_name)) | |
| 282 | recursive = form_result['recursive'] |
|
282 | recursive = form_result['recursive'] | |
| 283 | # iterate over all members(if in recursive mode) of this groups and |
|
283 | # iterate over all members(if in recursive mode) of this groups and | |
| 284 | # set the permissions ! |
|
284 | # set the permissions ! | |
| 285 | # this can be potentially heavy operation |
|
285 | # this can be potentially heavy operation | |
| 286 | ReposGroupModel()._update_permissions(c.repos_group, |
|
286 | ReposGroupModel()._update_permissions(c.repos_group, | |
| 287 | form_result['perms_new'], |
|
287 | form_result['perms_new'], | |
| 288 | form_result['perms_updates'], |
|
288 | form_result['perms_updates'], | |
| 289 | recursive) |
|
289 | recursive) | |
| 290 | #TODO: implement this |
|
290 | #TODO: implement this | |
| 291 | #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions', |
|
291 | #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions', | |
| 292 | # repo_name, self.ip_addr, self.sa) |
|
292 | # repo_name, self.ip_addr, self.sa) | |
| 293 | Session().commit() |
|
293 | Session().commit() | |
| 294 | h.flash(_('Repository Group permissions updated'), category='success') |
|
294 | h.flash(_('Repository Group permissions updated'), category='success') | |
| 295 | return redirect(url('edit_repos_group', group_name=group_name)) |
|
295 | return redirect(url('edit_repos_group', group_name=group_name)) | |
| 296 |
|
296 | |||
| 297 | @HasReposGroupPermissionAnyDecorator('group.admin') |
|
297 | @HasReposGroupPermissionAnyDecorator('group.admin') | |
| 298 | def delete_repo_group_perm_member(self, group_name): |
|
298 | def delete_repo_group_perm_member(self, group_name): | |
| 299 | """ |
|
299 | """ | |
| 300 | DELETE an existing repository group permission user |
|
300 | DELETE an existing repository group permission user | |
| 301 |
|
301 | |||
| 302 | :param group_name: |
|
302 | :param group_name: | |
| 303 | """ |
|
303 | """ | |
| 304 | try: |
|
304 | try: | |
| 305 | obj_type = request.POST.get('obj_type') |
|
305 | obj_type = request.POST.get('obj_type') | |
| 306 | obj_id = None |
|
306 | obj_id = None | |
| 307 | if obj_type == 'user': |
|
307 | if obj_type == 'user': | |
| 308 | obj_id = safe_int(request.POST.get('user_id')) |
|
308 | obj_id = safe_int(request.POST.get('user_id')) | |
| 309 | elif obj_type == 'user_group': |
|
309 | elif obj_type == 'user_group': | |
| 310 | obj_id = safe_int(request.POST.get('user_group_id')) |
|
310 | obj_id = safe_int(request.POST.get('user_group_id')) | |
| 311 |
|
311 | |||
| 312 | if not c.rhodecode_user.is_admin: |
|
312 | if not c.rhodecode_user.is_admin: | |
| 313 | if obj_type == 'user' and c.rhodecode_user.user_id == obj_id: |
|
313 | if obj_type == 'user' and c.rhodecode_user.user_id == obj_id: | |
| 314 | msg = _('Cannot revoke permission for yourself as admin') |
|
314 | msg = _('Cannot revoke permission for yourself as admin') | |
| 315 | h.flash(msg, category='warning') |
|
315 | h.flash(msg, category='warning') | |
| 316 | raise Exception('revoke admin permission on self') |
|
316 | raise Exception('revoke admin permission on self') | |
| 317 | recursive = str2bool(request.POST.get('recursive', False)) |
|
317 | recursive = str2bool(request.POST.get('recursive', False)) | |
| 318 | if obj_type == 'user': |
|
318 | if obj_type == 'user': | |
| 319 | ReposGroupModel().delete_permission( |
|
319 | ReposGroupModel().delete_permission( | |
| 320 | repos_group=group_name, obj=obj_id, |
|
320 | repos_group=group_name, obj=obj_id, | |
| 321 | obj_type='user', recursive=recursive |
|
321 | obj_type='user', recursive=recursive | |
| 322 | ) |
|
322 | ) | |
| 323 | elif obj_type == 'user_group': |
|
323 | elif obj_type == 'user_group': | |
| 324 | ReposGroupModel().delete_permission( |
|
324 | ReposGroupModel().delete_permission( | |
| 325 | repos_group=group_name, obj=obj_id, |
|
325 | repos_group=group_name, obj=obj_id, | |
| 326 | obj_type='users_group', recursive=recursive |
|
326 | obj_type='users_group', recursive=recursive | |
| 327 | ) |
|
327 | ) | |
| 328 |
|
328 | |||
| 329 | Session().commit() |
|
329 | Session().commit() | |
| 330 | except Exception: |
|
330 | except Exception: | |
| 331 | log.error(traceback.format_exc()) |
|
331 | log.error(traceback.format_exc()) | |
| 332 | h.flash(_('An error occurred during revoking of permission'), |
|
332 | h.flash(_('An error occurred during revoking of permission'), | |
| 333 | category='error') |
|
333 | category='error') | |
| 334 | raise HTTPInternalServerError() |
|
334 | raise HTTPInternalServerError() | |
| 335 |
|
335 | |||
| 336 | def show_by_name(self, group_name): |
|
336 | def show_by_name(self, group_name): | |
| 337 | """ |
|
337 | """ | |
| 338 | This is a proxy that does a lookup group_name -> id, and shows |
|
338 | This is a proxy that does a lookup group_name -> id, and shows | |
| 339 | the group by id view instead |
|
339 | the group by id view instead | |
| 340 | """ |
|
340 | """ | |
| 341 | group_name = group_name.rstrip('/') |
|
341 | group_name = group_name.rstrip('/') | |
| 342 | id_ = RepoGroup.get_by_group_name(group_name) |
|
342 | id_ = RepoGroup.get_by_group_name(group_name) | |
| 343 | if id_: |
|
343 | if id_: | |
| 344 | return self.show(id_.group_id) |
|
344 | return self.show(id_.group_id) | |
| 345 | raise HTTPNotFound |
|
345 | raise HTTPNotFound | |
| 346 |
|
346 | |||
| 347 | @HasReposGroupPermissionAnyDecorator('group.read', 'group.write', |
|
347 | @HasReposGroupPermissionAnyDecorator('group.read', 'group.write', | |
| 348 | 'group.admin') |
|
348 | 'group.admin') | |
| 349 | def show(self, group_name, format='html'): |
|
349 | def show(self, group_name, format='html'): | |
| 350 | """GET /repos_groups/group_name: Show a specific item""" |
|
350 | """GET /repos_groups/group_name: Show a specific item""" | |
| 351 | # url('repos_group', group_name=GROUP_NAME) |
|
351 | # url('repos_group', group_name=GROUP_NAME) | |
| 352 |
|
352 | |||
| 353 | c.group = c.repos_group = ReposGroupModel()._get_repo_group(group_name) |
|
353 | c.group = c.repos_group = ReposGroupModel()._get_repo_group(group_name) | |
| 354 | c.group_repos = c.group.repositories.all() |
|
354 | c.group_repos = c.group.repositories.all() | |
| 355 |
|
355 | |||
| 356 | #overwrite our cached list with current filter |
|
356 | #overwrite our cached list with current filter | |
| 357 | gr_filter = c.group_repos |
|
357 | gr_filter = c.group_repos | |
| 358 | c.repo_cnt = 0 |
|
358 | c.repo_cnt = 0 | |
| 359 |
|
359 | |||
| 360 | groups = RepoGroup.query().order_by(RepoGroup.group_name)\ |
|
360 | groups = RepoGroup.query().order_by(RepoGroup.group_name)\ | |
| 361 | .filter(RepoGroup.group_parent_id == c.group.group_id).all() |
|
361 | .filter(RepoGroup.group_parent_id == c.group.group_id).all() | |
| 362 | c.groups = self.scm_model.get_repos_groups(groups) |
|
362 | c.groups = self.scm_model.get_repos_groups(groups) | |
| 363 |
|
363 | |||
| 364 | c.repos_list = Repository.query()\ |
|
364 | c.repos_list = Repository.query()\ | |
| 365 | .filter(Repository.group_id == c.group.group_id)\ |
|
365 | .filter(Repository.group_id == c.group.group_id)\ | |
| 366 | .order_by(func.lower(Repository.repo_name))\ |
|
366 | .order_by(func.lower(Repository.repo_name))\ | |
| 367 | .all() |
|
367 | .all() | |
| 368 |
|
368 | |||
| 369 | repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list, |
|
369 | repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list, | |
| 370 | admin=False) |
|
370 | admin=False) | |
| 371 | #json used to render the grid |
|
371 | #json used to render the grid | |
| 372 | c.data = json.dumps(repos_data) |
|
372 | c.data = json.dumps(repos_data) | |
| 373 |
|
373 | |||
| 374 | return render('admin/repos_groups/repos_groups.html') |
|
374 | return render('admin/repos_groups/repos_groups.html') | |
| 375 |
|
375 | |||
| 376 | @HasReposGroupPermissionAnyDecorator('group.admin') |
|
376 | @HasReposGroupPermissionAnyDecorator('group.admin') | |
| 377 | def edit(self, group_name, format='html'): |
|
377 | def edit(self, group_name, format='html'): | |
| 378 | """GET /repos_groups/group_name/edit: Form to edit an existing item""" |
|
378 | """GET /repos_groups/group_name/edit: Form to edit an existing item""" | |
| 379 | # url('edit_repos_group', group_name=GROUP_NAME) |
|
379 | # url('edit_repos_group', group_name=GROUP_NAME) | |
| 380 |
|
380 | |||
| 381 | c.repos_group = ReposGroupModel()._get_repo_group(group_name) |
|
381 | c.repos_group = ReposGroupModel()._get_repo_group(group_name) | |
| 382 | #we can only allow moving empty group if it's already a top-level |
|
382 | #we can only allow moving empty group if it's already a top-level | |
| 383 | #group, ie has no parents, or we're admin |
|
383 | #group, ie has no parents, or we're admin | |
| 384 | if HasPermissionAll('hg.admin')('group edit'): |
|
384 | if HasPermissionAll('hg.admin')('group edit'): | |
| 385 | #we're global admin, we're ok and we can create TOP level groups |
|
385 | #we're global admin, we're ok and we can create TOP level groups | |
| 386 | allow_empty_group = True |
|
386 | allow_empty_group = True | |
| 387 | elif not c.repos_group.parent_group: |
|
387 | elif not c.repos_group.parent_group: | |
| 388 | allow_empty_group = True |
|
388 | allow_empty_group = True | |
| 389 | else: |
|
389 | else: | |
| 390 | allow_empty_group = False |
|
390 | allow_empty_group = False | |
| 391 |
|
391 | |||
| 392 | self.__load_defaults(allow_empty_group=allow_empty_group, |
|
392 | self.__load_defaults(allow_empty_group=allow_empty_group, | |
| 393 | exclude_group_ids=[c.repos_group.group_id]) |
|
393 | exclude_group_ids=[c.repos_group.group_id]) | |
| 394 | defaults = self.__load_data(c.repos_group.group_id) |
|
394 | defaults = self.__load_data(c.repos_group.group_id) | |
| 395 |
|
395 | |||
| 396 | return htmlfill.render( |
|
396 | return htmlfill.render( | |
| 397 | render('admin/repos_groups/repos_groups_edit.html'), |
|
397 | render('admin/repos_groups/repos_groups_edit.html'), | |
| 398 | defaults=defaults, |
|
398 | defaults=defaults, | |
| 399 | encoding="UTF-8", |
|
399 | encoding="UTF-8", | |
| 400 | force_defaults=False |
|
400 | force_defaults=False | |
| 401 | ) |
|
401 | ) | |
General Comments 0
You need to be logged in to leave comments.
Login now