Show More
| @@ -41,8 +41,9 b' from rhodecode.model.db import Repositor' | |||||
| 41 | Statistics, UserGroup, UserGroupRepoToPerm, RhodeCodeUi, RepoGroup,\ |
|
41 | Statistics, UserGroup, UserGroupRepoToPerm, RhodeCodeUi, RepoGroup,\ | |
| 42 | RhodeCodeSetting, RepositoryField |
|
42 | RhodeCodeSetting, RepositoryField | |
| 43 | from rhodecode.lib import helpers as h |
|
43 | from rhodecode.lib import helpers as h | |
| 44 | from rhodecode.lib.auth import HasRepoPermissionAny |
|
44 | from rhodecode.lib.auth import HasRepoPermissionAny, HasUserGroupPermissionAny | |
| 45 | from rhodecode.lib.exceptions import AttachedForksError |
|
45 | from rhodecode.lib.exceptions import AttachedForksError | |
|
|
46 | from rhodecode.model.scm import UserGroupList | |||
| 46 |
|
47 | |||
| 47 | log = logging.getLogger(__name__) |
|
48 | log = logging.getLogger(__name__) | |
| 48 |
|
49 | |||
| @@ -140,7 +141,9 b' class RepoModel(BaseModel):' | |||||
| 140 | def get_users_groups_js(self): |
|
141 | def get_users_groups_js(self): | |
| 141 | users_groups = self.sa.query(UserGroup)\ |
|
142 | users_groups = self.sa.query(UserGroup)\ | |
| 142 | .filter(UserGroup.users_group_active == True).all() |
|
143 | .filter(UserGroup.users_group_active == True).all() | |
| 143 |
|
144 | users_groups = UserGroupList(users_groups, perm_set=['usergroup.read', | ||
|
|
145 | 'usergroup.write', | |||
|
|
146 | 'usergroup.admin']) | |||
| 144 | return json.dumps([ |
|
147 | return json.dumps([ | |
| 145 | { |
|
148 | { | |
| 146 | 'id': gr.users_group_id, |
|
149 | 'id': gr.users_group_id, | |
| @@ -472,9 +475,12 b' class RepoModel(BaseModel):' | |||||
| 472 | repo=repo, user=member, perm=perm |
|
475 | repo=repo, user=member, perm=perm | |
| 473 | ) |
|
476 | ) | |
| 474 | else: |
|
477 | else: | |
| 475 | self.grant_users_group_permission( |
|
478 | #check if we have permissions to alter this usergroup | |
| 476 | repo=repo, group_name=member, perm=perm |
|
479 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
| 477 | ) |
|
480 | 'usergroup.admin')(member): | |
|
|
481 | self.grant_users_group_permission( | |||
|
|
482 | repo=repo, group_name=member, perm=perm | |||
|
|
483 | ) | |||
| 478 | # set new permissions |
|
484 | # set new permissions | |
| 479 | for member, perm, member_type in perms_new: |
|
485 | for member, perm, member_type in perms_new: | |
| 480 | if member_type == 'user': |
|
486 | if member_type == 'user': | |
| @@ -482,9 +488,12 b' class RepoModel(BaseModel):' | |||||
| 482 | repo=repo, user=member, perm=perm |
|
488 | repo=repo, user=member, perm=perm | |
| 483 | ) |
|
489 | ) | |
| 484 | else: |
|
490 | else: | |
| 485 | self.grant_users_group_permission( |
|
491 | #check if we have permissions to alter this usergroup | |
| 486 | repo=repo, group_name=member, perm=perm |
|
492 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
| 487 | ) |
|
493 | 'usergroup.admin')(member): | |
|
|
494 | self.grant_users_group_permission( | |||
|
|
495 | repo=repo, group_name=member, perm=perm | |||
|
|
496 | ) | |||
| 488 |
|
497 | |||
| 489 | def create_fork(self, form_data, cur_user): |
|
498 | def create_fork(self, form_data, cur_user): | |
| 490 | """ |
|
499 | """ | |
| @@ -169,6 +169,7 b' class ReposGroupModel(BaseModel):' | |||||
| 169 | def _update_permissions(self, repos_group, perms_new=None, |
|
169 | def _update_permissions(self, repos_group, perms_new=None, | |
| 170 | perms_updates=None, recursive=False): |
|
170 | perms_updates=None, recursive=False): | |
| 171 | from rhodecode.model.repo import RepoModel |
|
171 | from rhodecode.model.repo import RepoModel | |
|
|
172 | from rhodecode.lib.auth import HasUserGroupPermissionAny | |||
| 172 | if not perms_new: |
|
173 | if not perms_new: | |
| 173 | perms_new = [] |
|
174 | perms_new = [] | |
| 174 | if not perms_updates: |
|
175 | if not perms_updates: | |
| @@ -220,13 +221,19 b' class ReposGroupModel(BaseModel):' | |||||
| 220 | _set_perm_user(obj, user=member, perm=perm) |
|
221 | _set_perm_user(obj, user=member, perm=perm) | |
| 221 | ## set for user group |
|
222 | ## set for user group | |
| 222 | else: |
|
223 | else: | |
| 223 | _set_perm_group(obj, users_group=member, perm=perm) |
|
224 | #check if we have permissions to alter this usergroup | |
|
|
225 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |||
|
|
226 | 'usergroup.admin')(member): | |||
|
|
227 | _set_perm_group(obj, users_group=member, perm=perm) | |||
| 224 | # set new permissions |
|
228 | # set new permissions | |
| 225 | for member, perm, member_type in perms_new: |
|
229 | for member, perm, member_type in perms_new: | |
| 226 | if member_type == 'user': |
|
230 | if member_type == 'user': | |
| 227 | _set_perm_user(obj, user=member, perm=perm) |
|
231 | _set_perm_user(obj, user=member, perm=perm) | |
| 228 | else: |
|
232 | else: | |
| 229 | _set_perm_group(obj, users_group=member, perm=perm) |
|
233 | #check if we have permissions to alter this usergroup | |
|
|
234 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |||
|
|
235 | 'usergroup.admin')(member): | |||
|
|
236 | _set_perm_group(obj, users_group=member, perm=perm) | |||
| 230 | updates.append(obj) |
|
237 | updates.append(obj) | |
| 231 | #if it's not recursive call |
|
238 | #if it's not recursive call | |
| 232 | # break the loop and don't proceed with other changes |
|
239 | # break the loop and don't proceed with other changes | |
| @@ -63,6 +63,7 b' class UserGroupModel(BaseModel):' | |||||
| 63 |
|
63 | |||
| 64 | def _update_permissions(self, user_group, perms_new=None, |
|
64 | def _update_permissions(self, user_group, perms_new=None, | |
| 65 | perms_updates=None): |
|
65 | perms_updates=None): | |
|
|
66 | from rhodecode.lib.auth import HasUserGroupPermissionAny | |||
| 66 | if not perms_new: |
|
67 | if not perms_new: | |
| 67 | perms_new = [] |
|
68 | perms_new = [] | |
| 68 | if not perms_updates: |
|
69 | if not perms_updates: | |
| @@ -76,9 +77,12 b' class UserGroupModel(BaseModel):' | |||||
| 76 | user_group=user_group, user=member, perm=perm |
|
77 | user_group=user_group, user=member, perm=perm | |
| 77 | ) |
|
78 | ) | |
| 78 | else: |
|
79 | else: | |
| 79 | self.grant_users_group_permission( |
|
80 | #check if we have permissions to alter this usergroup | |
| 80 | target_user_group=user_group, user_group=member, perm=perm |
|
81 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
| 81 | ) |
|
82 | 'usergroup.admin')(member): | |
|
|
83 | self.grant_users_group_permission( | |||
|
|
84 | target_user_group=user_group, user_group=member, perm=perm | |||
|
|
85 | ) | |||
| 82 | # set new permissions |
|
86 | # set new permissions | |
| 83 | for member, perm, member_type in perms_new: |
|
87 | for member, perm, member_type in perms_new: | |
| 84 | if member_type == 'user': |
|
88 | if member_type == 'user': | |
| @@ -86,9 +90,12 b' class UserGroupModel(BaseModel):' | |||||
| 86 | user_group=user_group, user=member, perm=perm |
|
90 | user_group=user_group, user=member, perm=perm | |
| 87 | ) |
|
91 | ) | |
| 88 | else: |
|
92 | else: | |
| 89 | self.grant_users_group_permission( |
|
93 | #check if we have permissions to alter this usergroup | |
| 90 | target_user_group=user_group, user_group=member, perm=perm |
|
94 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
| 91 | ) |
|
95 | 'usergroup.admin')(member): | |
|
|
96 | self.grant_users_group_permission( | |||
|
|
97 | target_user_group=user_group, user_group=member, perm=perm | |||
|
|
98 | ) | |||
| 92 |
|
99 | |||
| 93 | def get(self, users_group_id, cache=False): |
|
100 | def get(self, users_group_id, cache=False): | |
| 94 | return UserGroup.get(users_group_id) |
|
101 | return UserGroup.get(users_group_id) | |
General Comments 0
You need to be logged in to leave comments.
Login now