##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

Pass in old groups data to CanWriteToGroup validator for later skipping group checks....
marcink -
r3525:0cef54d3 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -231,8 +231,10 b' class ReposController(BaseController):'
231 231 #override the choices with extracted revisions !
232 232 choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo_name)
233 233 c.landing_revs_choices = choices
234
235 _form = RepoForm(edit=True, old_data={'repo_name': repo_name},
234 repo = Repository.get_by_repo_name(repo_name)
235 _form = RepoForm(edit=True, old_data={'repo_name': repo_name,
236 'repo_group': repo.group.get_dict() \
237 if repo.group else {}},
236 238 repo_groups=c.repo_groups_choices,
237 239 landing_revs=c.landing_revs_choices)()
238 240 try:
Show file before | Show file after | Hide comments
@@ -107,9 +107,11 b' class SettingsController(BaseRepoControl'
107 107 #override the choices with extracted revisions !
108 108 choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo_name)
109 109 c.landing_revs_choices = choices
110
110 repo = Repository.get_by_repo_name(repo_name)
111 111 _form = RepoSettingsForm(edit=True,
112 old_data={'repo_name': repo_name},
112 old_data={'repo_name': repo_name,
113 'repo_group': repo.group.get_dict() \
114 if repo.group else {}},
113 115 repo_groups=c.repo_groups_choices,
114 116 landing_revs=c.landing_revs_choices)()
115 117 try:
Show file before | Show file after | Hide comments
@@ -176,7 +176,7 b' def RepoForm(edit=False, old_data={}, su'
176 176 filter_extra_fields = False
177 177 repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
178 178 v.SlugifyName())
179 repo_group = All(v.CanWriteGroup(),
179 repo_group = All(v.CanWriteGroup(old_data),
180 180 v.OneOf(repo_groups, hideList=True))
181 181 repo_type = v.OneOf(supported_backends)
182 182 repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
@@ -205,7 +205,7 b' def RepoSettingsForm(edit=False, old_dat'
205 205 filter_extra_fields = False
206 206 repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
207 207 v.SlugifyName())
208 repo_group = All(v.CanWriteGroup(),
208 repo_group = All(v.CanWriteGroup(old_data),
209 209 v.OneOf(repo_groups, hideList=True))
210 210 repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
211 211 repo_private = v.StringBoolean(if_missing=False)
Show file before | Show file after | Hide comments
@@ -16,11 +16,12 b' from formencode.validators import ('
16 16 from rhodecode.lib.compat import OrderedSet
17 17 from rhodecode.lib import ipaddr
18 18 from rhodecode.lib.utils import repo_name_slug
19 from rhodecode.lib.utils2 import safe_int
19 20 from rhodecode.model.db import RepoGroup, Repository, UsersGroup, User,\
20 21 ChangesetStatus
21 22 from rhodecode.lib.exceptions import LdapImportError
22 23 from rhodecode.config.routing import ADMIN_PREFIX
23 from rhodecode.lib.auth import HasReposGroupPermissionAny
24 from rhodecode.lib.auth import HasReposGroupPermissionAny, HasPermissionAny
24 25
25 26 # silence warnings and pylint
26 27 UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \
@@ -472,7 +473,7 b' def ValidForkType(old_data={}):'
472 473 return _validator
473 474
474 475
475 def CanWriteGroup():
476 def CanWriteGroup(old_data=None):
476 477 class _validator(formencode.validators.FancyValidator):
477 478 messages = {
478 479 'permission_denied': _(u"You don't have permissions "
@@ -481,13 +482,58 b' def CanWriteGroup():'
481 482
482 483 def validate_python(self, value, state):
483 484 gr = RepoGroup.get(value)
484 if not HasReposGroupPermissionAny(
485 'group.write', 'group.admin'
486 )(gr.group_name, 'get group of repo form'):
485 gr_name = gr.group_name if gr else None # None means ROOT location
486 val = HasReposGroupPermissionAny('group.write', 'group.admin')
487 can_create_repos = HasPermissionAny('hg.admin', 'hg.create.repository')
488 forbidden = not val(gr_name, 'can write into group validator')
489 value_changed = old_data['repo_group'].get('group_id') != safe_int(value)
490 if value_changed: # do check if we changed the value
491 #parent group need to be existing
492 if gr and forbidden:
493 msg = M(self, 'permission_denied', state)
494 raise formencode.Invalid(msg, value, state,
495 error_dict=dict(repo_type=msg)
496 )
497 ## check if we can write to root location !
498 elif gr is None and can_create_repos() is False:
499 msg = M(self, 'permission_denied_root', state)
500 raise formencode.Invalid(msg, value, state,
501 error_dict=dict(repo_type=msg)
502 )
503
504 return _validator
505
506
507 def CanCreateGroup(can_create_in_root=False):
508 class _validator(formencode.validators.FancyValidator):
509 messages = {
510 'permission_denied': _(u"You don't have permissions "
511 "to create a group in this location")
512 }
513
514 def to_python(self, value, state):
515 #root location
516 if value in [-1, "-1"]:
517 return None
518 return value
519
520 def validate_python(self, value, state):
521 gr = RepoGroup.get(value)
522 gr_name = gr.group_name if gr else None # None means ROOT location
523
524 if can_create_in_root and gr is None:
525 #we can create in root, we're fine no validations required
526 return
527
528 forbidden_in_root = gr is None and can_create_in_root is False
529 val = HasReposGroupPermissionAny('group.admin')
530 forbidden = not val(gr_name, 'can create group validator')
531 if forbidden_in_root or forbidden:
487 532 msg = M(self, 'permission_denied', state)
488 533 raise formencode.Invalid(msg, value, state,
489 error_dict=dict(repo_type=msg)
534 error_dict=dict(group_parent_id=msg)
490 535 )
536
491 537 return _validator
492 538
493 539
General Comments 0
You need to be logged in to leave comments. Login now