Show More
| @@ -41,8 +41,9 b' from rhodecode.model.db import Repositor' | |||
|
|
41 | 41 | Statistics, UserGroup, UserGroupRepoToPerm, RhodeCodeUi, RepoGroup,\ |
|
|
42 | 42 | RhodeCodeSetting, RepositoryField |
|
|
43 | 43 | from rhodecode.lib import helpers as h |
|
|
44 | from rhodecode.lib.auth import HasRepoPermissionAny | |
|
|
44 | from rhodecode.lib.auth import HasRepoPermissionAny, HasUserGroupPermissionAny | |
|
|
45 | 45 | from rhodecode.lib.exceptions import AttachedForksError |
|
|
46 | from rhodecode.model.scm import UserGroupList | |
|
|
46 | 47 | |
|
|
47 | 48 | log = logging.getLogger(__name__) |
|
|
48 | 49 | |
| @@ -140,7 +141,9 b' class RepoModel(BaseModel):' | |||
|
|
140 | 141 | def get_users_groups_js(self): |
|
|
141 | 142 | users_groups = self.sa.query(UserGroup)\ |
|
|
142 | 143 | .filter(UserGroup.users_group_active == True).all() |
|
|
143 | ||
|
|
144 | users_groups = UserGroupList(users_groups, perm_set=['usergroup.read', | |
|
|
145 | 'usergroup.write', | |
|
|
146 | 'usergroup.admin']) | |
|
|
144 | 147 | return json.dumps([ |
|
|
145 | 148 | { |
|
|
146 | 149 | 'id': gr.users_group_id, |
| @@ -472,9 +475,12 b' class RepoModel(BaseModel):' | |||
|
|
472 | 475 | repo=repo, user=member, perm=perm |
|
|
473 | 476 | ) |
|
|
474 | 477 | else: |
|
|
475 | self.grant_users_group_permission( | |
|
|
476 | repo=repo, group_name=member, perm=perm | |
|
|
477 | ) | |
|
|
478 | #check if we have permissions to alter this usergroup | |
|
|
479 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
|
|
480 | 'usergroup.admin')(member): | |
|
|
481 | self.grant_users_group_permission( | |
|
|
482 | repo=repo, group_name=member, perm=perm | |
|
|
483 | ) | |
|
|
478 | 484 | # set new permissions |
|
|
479 | 485 | for member, perm, member_type in perms_new: |
|
|
480 | 486 | if member_type == 'user': |
| @@ -482,9 +488,12 b' class RepoModel(BaseModel):' | |||
|
|
482 | 488 | repo=repo, user=member, perm=perm |
|
|
483 | 489 | ) |
|
|
484 | 490 | else: |
|
|
485 | self.grant_users_group_permission( | |
|
|
486 | repo=repo, group_name=member, perm=perm | |
|
|
487 | ) | |
|
|
491 | #check if we have permissions to alter this usergroup | |
|
|
492 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
|
|
493 | 'usergroup.admin')(member): | |
|
|
494 | self.grant_users_group_permission( | |
|
|
495 | repo=repo, group_name=member, perm=perm | |
|
|
496 | ) | |
|
|
488 | 497 | |
|
|
489 | 498 | def create_fork(self, form_data, cur_user): |
|
|
490 | 499 | """ |
| @@ -169,6 +169,7 b' class ReposGroupModel(BaseModel):' | |||
|
|
169 | 169 | def _update_permissions(self, repos_group, perms_new=None, |
|
|
170 | 170 | perms_updates=None, recursive=False): |
|
|
171 | 171 | from rhodecode.model.repo import RepoModel |
|
|
172 | from rhodecode.lib.auth import HasUserGroupPermissionAny | |
|
|
172 | 173 | if not perms_new: |
|
|
173 | 174 | perms_new = [] |
|
|
174 | 175 | if not perms_updates: |
| @@ -220,13 +221,19 b' class ReposGroupModel(BaseModel):' | |||
|
|
220 | 221 | _set_perm_user(obj, user=member, perm=perm) |
|
|
221 | 222 | ## set for user group |
|
|
222 | 223 | else: |
|
|
223 | _set_perm_group(obj, users_group=member, perm=perm) | |
|
|
224 | #check if we have permissions to alter this usergroup | |
|
|
225 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
|
|
226 | 'usergroup.admin')(member): | |
|
|
227 | _set_perm_group(obj, users_group=member, perm=perm) | |
|
|
224 | 228 | # set new permissions |
|
|
225 | 229 | for member, perm, member_type in perms_new: |
|
|
226 | 230 | if member_type == 'user': |
|
|
227 | 231 | _set_perm_user(obj, user=member, perm=perm) |
|
|
228 | 232 | else: |
|
|
229 | _set_perm_group(obj, users_group=member, perm=perm) | |
|
|
233 | #check if we have permissions to alter this usergroup | |
|
|
234 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
|
|
235 | 'usergroup.admin')(member): | |
|
|
236 | _set_perm_group(obj, users_group=member, perm=perm) | |
|
|
230 | 237 | updates.append(obj) |
|
|
231 | 238 | #if it's not recursive call |
|
|
232 | 239 | # break the loop and don't proceed with other changes |
| @@ -63,6 +63,7 b' class UserGroupModel(BaseModel):' | |||
|
|
63 | 63 | |
|
|
64 | 64 | def _update_permissions(self, user_group, perms_new=None, |
|
|
65 | 65 | perms_updates=None): |
|
|
66 | from rhodecode.lib.auth import HasUserGroupPermissionAny | |
|
|
66 | 67 | if not perms_new: |
|
|
67 | 68 | perms_new = [] |
|
|
68 | 69 | if not perms_updates: |
| @@ -76,9 +77,12 b' class UserGroupModel(BaseModel):' | |||
|
|
76 | 77 | user_group=user_group, user=member, perm=perm |
|
|
77 | 78 | ) |
|
|
78 | 79 | else: |
|
|
79 | self.grant_users_group_permission( | |
|
|
80 | target_user_group=user_group, user_group=member, perm=perm | |
|
|
81 | ) | |
|
|
80 | #check if we have permissions to alter this usergroup | |
|
|
81 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
|
|
82 | 'usergroup.admin')(member): | |
|
|
83 | self.grant_users_group_permission( | |
|
|
84 | target_user_group=user_group, user_group=member, perm=perm | |
|
|
85 | ) | |
|
|
82 | 86 | # set new permissions |
|
|
83 | 87 | for member, perm, member_type in perms_new: |
|
|
84 | 88 | if member_type == 'user': |
| @@ -86,9 +90,12 b' class UserGroupModel(BaseModel):' | |||
|
|
86 | 90 | user_group=user_group, user=member, perm=perm |
|
|
87 | 91 | ) |
|
|
88 | 92 | else: |
|
|
89 | self.grant_users_group_permission( | |
|
|
90 | target_user_group=user_group, user_group=member, perm=perm | |
|
|
91 | ) | |
|
|
93 | #check if we have permissions to alter this usergroup | |
|
|
94 | if HasUserGroupPermissionAny('usergroup.read', 'usergroup.write', | |
|
|
95 | 'usergroup.admin')(member): | |
|
|
96 | self.grant_users_group_permission( | |
|
|
97 | target_user_group=user_group, user_group=member, perm=perm | |
|
|
98 | ) | |
|
|
92 | 99 | |
|
|
93 | 100 | def get(self, users_group_id, cache=False): |
|
|
94 | 101 | return UserGroup.get(users_group_id) |
General Comments 0
You need to be logged in to leave comments.
Login now