Show More
| @@ -1,282 +1,284 b'' | |||||
| 1 | # -*- coding: utf-8 -*- |
|
1 | # -*- coding: utf-8 -*- | |
| 2 | """ |
|
2 | """ | |
| 3 | rhodecode.controllers.admin.users_groups |
|
3 | rhodecode.controllers.admin.users_groups | |
| 4 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
4 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 5 |
|
5 | |||
| 6 | User Groups crud controller for pylons |
|
6 | User Groups crud controller for pylons | |
| 7 |
|
7 | |||
| 8 | :created_on: Jan 25, 2011 |
|
8 | :created_on: Jan 25, 2011 | |
| 9 | :author: marcink |
|
9 | :author: marcink | |
| 10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |
| 11 | :license: GPLv3, see COPYING for more details. |
|
11 | :license: GPLv3, see COPYING for more details. | |
| 12 | """ |
|
12 | """ | |
| 13 | # This program is free software: you can redistribute it and/or modify |
|
13 | # This program is free software: you can redistribute it and/or modify | |
| 14 | # it under the terms of the GNU General Public License as published by |
|
14 | # it under the terms of the GNU General Public License as published by | |
| 15 | # the Free Software Foundation, either version 3 of the License, or |
|
15 | # the Free Software Foundation, either version 3 of the License, or | |
| 16 | # (at your option) any later version. |
|
16 | # (at your option) any later version. | |
| 17 | # |
|
17 | # | |
| 18 | # This program is distributed in the hope that it will be useful, |
|
18 | # This program is distributed in the hope that it will be useful, | |
| 19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 21 | # GNU General Public License for more details. |
|
21 | # GNU General Public License for more details. | |
| 22 | # |
|
22 | # | |
| 23 | # You should have received a copy of the GNU General Public License |
|
23 | # You should have received a copy of the GNU General Public License | |
| 24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 25 |
|
25 | |||
| 26 | import logging |
|
26 | import logging | |
| 27 | import traceback |
|
27 | import traceback | |
| 28 | import formencode |
|
28 | import formencode | |
| 29 |
|
29 | |||
| 30 | from formencode import htmlfill |
|
30 | from formencode import htmlfill | |
| 31 | from pylons import request, session, tmpl_context as c, url, config |
|
31 | from pylons import request, session, tmpl_context as c, url, config | |
| 32 | from pylons.controllers.util import abort, redirect |
|
32 | from pylons.controllers.util import abort, redirect | |
| 33 | from pylons.i18n.translation import _ |
|
33 | from pylons.i18n.translation import _ | |
| 34 |
|
34 | |||
| 35 | from rhodecode.lib import helpers as h |
|
35 | from rhodecode.lib import helpers as h | |
| 36 | from rhodecode.lib.exceptions import UserGroupsAssignedException |
|
36 | from rhodecode.lib.exceptions import UserGroupsAssignedException | |
| 37 | from rhodecode.lib.utils2 import safe_unicode, str2bool |
|
37 | from rhodecode.lib.utils2 import safe_unicode, str2bool | |
| 38 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator |
|
38 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator | |
| 39 | from rhodecode.lib.base import BaseController, render |
|
39 | from rhodecode.lib.base import BaseController, render | |
| 40 |
|
40 | |||
| 41 | from rhodecode.model.users_group import UserGroupModel |
|
41 | from rhodecode.model.users_group import UserGroupModel | |
| 42 |
|
42 | |||
| 43 | from rhodecode.model.db import User, UserGroup, UserGroupToPerm,\ |
|
43 | from rhodecode.model.db import User, UserGroup, UserGroupToPerm,\ | |
| 44 | UserGroupRepoToPerm, UserGroupRepoGroupToPerm |
|
44 | UserGroupRepoToPerm, UserGroupRepoGroupToPerm | |
| 45 | from rhodecode.model.forms import UserGroupForm |
|
45 | from rhodecode.model.forms import UserGroupForm | |
| 46 | from rhodecode.model.meta import Session |
|
46 | from rhodecode.model.meta import Session | |
| 47 | from rhodecode.lib.utils import action_logger |
|
47 | from rhodecode.lib.utils import action_logger | |
| 48 | from sqlalchemy.orm import joinedload |
|
48 | from sqlalchemy.orm import joinedload | |
| 49 |
|
49 | |||
| 50 | log = logging.getLogger(__name__) |
|
50 | log = logging.getLogger(__name__) | |
| 51 |
|
51 | |||
| 52 |
|
52 | |||
| 53 | class UsersGroupsController(BaseController): |
|
53 | class UsersGroupsController(BaseController): | |
| 54 | """REST Controller styled on the Atom Publishing Protocol""" |
|
54 | """REST Controller styled on the Atom Publishing Protocol""" | |
| 55 | # To properly map this controller, ensure your config/routing.py |
|
55 | # To properly map this controller, ensure your config/routing.py | |
| 56 | # file has a resource setup: |
|
56 | # file has a resource setup: | |
| 57 | # map.resource('users_group', 'users_groups') |
|
57 | # map.resource('users_group', 'users_groups') | |
| 58 |
|
58 | |||
| 59 | @LoginRequired() |
|
59 | @LoginRequired() | |
| 60 | @HasPermissionAllDecorator('hg.admin') |
|
60 | @HasPermissionAllDecorator('hg.admin') | |
| 61 | def __before__(self): |
|
61 | def __before__(self): | |
| 62 | c.admin_user = session.get('admin_user') |
|
62 | c.admin_user = session.get('admin_user') | |
| 63 | c.admin_username = session.get('admin_username') |
|
63 | c.admin_username = session.get('admin_username') | |
| 64 | super(UsersGroupsController, self).__before__() |
|
64 | super(UsersGroupsController, self).__before__() | |
| 65 | c.available_permissions = config['available_permissions'] |
|
65 | c.available_permissions = config['available_permissions'] | |
| 66 |
|
66 | |||
| 67 | def index(self, format='html'): |
|
67 | def index(self, format='html'): | |
| 68 | """GET /users_groups: All items in the collection""" |
|
68 | """GET /users_groups: All items in the collection""" | |
| 69 | # url('users_groups') |
|
69 | # url('users_groups') | |
| 70 | c.users_groups_list = UserGroup().query().all() |
|
70 | c.users_groups_list = UserGroup().query().all() | |
| 71 | return render('admin/users_groups/users_groups.html') |
|
71 | return render('admin/users_groups/users_groups.html') | |
| 72 |
|
72 | |||
| 73 | def create(self): |
|
73 | def create(self): | |
| 74 | """POST /users_groups: Create a new item""" |
|
74 | """POST /users_groups: Create a new item""" | |
| 75 | # url('users_groups') |
|
75 | # url('users_groups') | |
| 76 |
|
76 | |||
| 77 | users_group_form = UserGroupForm()() |
|
77 | users_group_form = UserGroupForm()() | |
| 78 | try: |
|
78 | try: | |
| 79 | form_result = users_group_form.to_python(dict(request.POST)) |
|
79 | form_result = users_group_form.to_python(dict(request.POST)) | |
| 80 | UserGroupModel().create(name=form_result['users_group_name'], |
|
80 | UserGroupModel().create(name=form_result['users_group_name'], | |
| 81 | active=form_result['users_group_active']) |
|
81 | active=form_result['users_group_active']) | |
| 82 | gr = form_result['users_group_name'] |
|
82 | gr = form_result['users_group_name'] | |
| 83 | action_logger(self.rhodecode_user, |
|
83 | action_logger(self.rhodecode_user, | |
| 84 | 'admin_created_users_group:%s' % gr, |
|
84 | 'admin_created_users_group:%s' % gr, | |
| 85 | None, self.ip_addr, self.sa) |
|
85 | None, self.ip_addr, self.sa) | |
| 86 | h.flash(_('Created user group %s') % gr, category='success') |
|
86 | h.flash(_('Created user group %s') % gr, category='success') | |
| 87 | Session().commit() |
|
87 | Session().commit() | |
| 88 | except formencode.Invalid, errors: |
|
88 | except formencode.Invalid, errors: | |
| 89 | return htmlfill.render( |
|
89 | return htmlfill.render( | |
| 90 | render('admin/users_groups/users_group_add.html'), |
|
90 | render('admin/users_groups/users_group_add.html'), | |
| 91 | defaults=errors.value, |
|
91 | defaults=errors.value, | |
| 92 | errors=errors.error_dict or {}, |
|
92 | errors=errors.error_dict or {}, | |
| 93 | prefix_error=False, |
|
93 | prefix_error=False, | |
| 94 | encoding="UTF-8") |
|
94 | encoding="UTF-8") | |
| 95 | except Exception: |
|
95 | except Exception: | |
| 96 | log.error(traceback.format_exc()) |
|
96 | log.error(traceback.format_exc()) | |
| 97 | h.flash(_('Error occurred during creation of user group %s') \ |
|
97 | h.flash(_('Error occurred during creation of user group %s') \ | |
| 98 | % request.POST.get('users_group_name'), category='error') |
|
98 | % request.POST.get('users_group_name'), category='error') | |
| 99 |
|
99 | |||
| 100 | return redirect(url('users_groups')) |
|
100 | return redirect(url('users_groups')) | |
| 101 |
|
101 | |||
| 102 | def new(self, format='html'): |
|
102 | def new(self, format='html'): | |
| 103 | """GET /users_groups/new: Form to create a new item""" |
|
103 | """GET /users_groups/new: Form to create a new item""" | |
| 104 | # url('new_users_group') |
|
104 | # url('new_users_group') | |
| 105 | return render('admin/users_groups/users_group_add.html') |
|
105 | return render('admin/users_groups/users_group_add.html') | |
| 106 |
|
106 | |||
| 107 | def _load_data(self, id): |
|
107 | def _load_data(self, id): | |
| 108 | c.users_group.permissions = { |
|
108 | c.users_group.permissions = { | |
| 109 | 'repositories': {}, |
|
109 | 'repositories': {}, | |
| 110 | 'repositories_groups': {} |
|
110 | 'repositories_groups': {} | |
| 111 | } |
|
111 | } | |
| 112 |
|
112 | |||
| 113 | ugroup_repo_perms = UserGroupRepoToPerm.query()\ |
|
113 | ugroup_repo_perms = UserGroupRepoToPerm.query()\ | |
| 114 | .options(joinedload(UserGroupRepoToPerm.permission))\ |
|
114 | .options(joinedload(UserGroupRepoToPerm.permission))\ | |
| 115 | .options(joinedload(UserGroupRepoToPerm.repository))\ |
|
115 | .options(joinedload(UserGroupRepoToPerm.repository))\ | |
| 116 | .filter(UserGroupRepoToPerm.users_group_id == id)\ |
|
116 | .filter(UserGroupRepoToPerm.users_group_id == id)\ | |
| 117 | .all() |
|
117 | .all() | |
| 118 |
|
118 | |||
| 119 | for gr in ugroup_repo_perms: |
|
119 | for gr in ugroup_repo_perms: | |
| 120 | c.users_group.permissions['repositories'][gr.repository.repo_name] \ |
|
120 | c.users_group.permissions['repositories'][gr.repository.repo_name] \ | |
| 121 | = gr.permission.permission_name |
|
121 | = gr.permission.permission_name | |
| 122 |
|
122 | |||
| 123 | ugroup_group_perms = UserGroupRepoGroupToPerm.query()\ |
|
123 | ugroup_group_perms = UserGroupRepoGroupToPerm.query()\ | |
| 124 | .options(joinedload(UserGroupRepoGroupToPerm.permission))\ |
|
124 | .options(joinedload(UserGroupRepoGroupToPerm.permission))\ | |
| 125 | .options(joinedload(UserGroupRepoGroupToPerm.group))\ |
|
125 | .options(joinedload(UserGroupRepoGroupToPerm.group))\ | |
| 126 | .filter(UserGroupRepoGroupToPerm.users_group_id == id)\ |
|
126 | .filter(UserGroupRepoGroupToPerm.users_group_id == id)\ | |
| 127 | .all() |
|
127 | .all() | |
| 128 |
|
128 | |||
| 129 | for gr in ugroup_group_perms: |
|
129 | for gr in ugroup_group_perms: | |
| 130 | c.users_group.permissions['repositories_groups'][gr.group.group_name] \ |
|
130 | c.users_group.permissions['repositories_groups'][gr.group.group_name] \ | |
| 131 | = gr.permission.permission_name |
|
131 | = gr.permission.permission_name | |
| 132 |
|
132 | |||
| 133 |
c.group_members_obj = |
|
133 | c.group_members_obj = sorted((x.user for x in c.users_group.members), | |
|
|
134 | key=lambda u: u.username.lower()) | |||
| 134 | c.group_members = [(x.user_id, x.username) for x in |
|
135 | c.group_members = [(x.user_id, x.username) for x in | |
| 135 | c.group_members_obj] |
|
136 | c.group_members_obj] | |
| 136 |
c.available_members = |
|
137 | c.available_members = sorted(((x.user_id, x.username) for x in | |
| 137 |
User.query().all() |
|
138 | User.query().all()), | |
|
|
139 | key=lambda u: u[1].lower()) | |||
| 138 |
|
140 | |||
| 139 | def update(self, id): |
|
141 | def update(self, id): | |
| 140 | """PUT /users_groups/id: Update an existing item""" |
|
142 | """PUT /users_groups/id: Update an existing item""" | |
| 141 | # Forms posted to this method should contain a hidden field: |
|
143 | # Forms posted to this method should contain a hidden field: | |
| 142 | # <input type="hidden" name="_method" value="PUT" /> |
|
144 | # <input type="hidden" name="_method" value="PUT" /> | |
| 143 | # Or using helpers: |
|
145 | # Or using helpers: | |
| 144 | # h.form(url('users_group', id=ID), |
|
146 | # h.form(url('users_group', id=ID), | |
| 145 | # method='put') |
|
147 | # method='put') | |
| 146 | # url('users_group', id=ID) |
|
148 | # url('users_group', id=ID) | |
| 147 |
|
149 | |||
| 148 | c.users_group = UserGroup.get_or_404(id) |
|
150 | c.users_group = UserGroup.get_or_404(id) | |
| 149 | self._load_data(id) |
|
151 | self._load_data(id) | |
| 150 |
|
152 | |||
| 151 | available_members = [safe_unicode(x[0]) for x in c.available_members] |
|
153 | available_members = [safe_unicode(x[0]) for x in c.available_members] | |
| 152 |
|
154 | |||
| 153 | users_group_form = UserGroupForm(edit=True, |
|
155 | users_group_form = UserGroupForm(edit=True, | |
| 154 | old_data=c.users_group.get_dict(), |
|
156 | old_data=c.users_group.get_dict(), | |
| 155 | available_members=available_members)() |
|
157 | available_members=available_members)() | |
| 156 |
|
158 | |||
| 157 | try: |
|
159 | try: | |
| 158 | form_result = users_group_form.to_python(request.POST) |
|
160 | form_result = users_group_form.to_python(request.POST) | |
| 159 | UserGroupModel().update(c.users_group, form_result) |
|
161 | UserGroupModel().update(c.users_group, form_result) | |
| 160 | gr = form_result['users_group_name'] |
|
162 | gr = form_result['users_group_name'] | |
| 161 | action_logger(self.rhodecode_user, |
|
163 | action_logger(self.rhodecode_user, | |
| 162 | 'admin_updated_users_group:%s' % gr, |
|
164 | 'admin_updated_users_group:%s' % gr, | |
| 163 | None, self.ip_addr, self.sa) |
|
165 | None, self.ip_addr, self.sa) | |
| 164 | h.flash(_('Updated user group %s') % gr, category='success') |
|
166 | h.flash(_('Updated user group %s') % gr, category='success') | |
| 165 | Session().commit() |
|
167 | Session().commit() | |
| 166 | except formencode.Invalid, errors: |
|
168 | except formencode.Invalid, errors: | |
| 167 | ug_model = UserGroupModel() |
|
169 | ug_model = UserGroupModel() | |
| 168 | defaults = errors.value |
|
170 | defaults = errors.value | |
| 169 | e = errors.error_dict or {} |
|
171 | e = errors.error_dict or {} | |
| 170 | defaults.update({ |
|
172 | defaults.update({ | |
| 171 | 'create_repo_perm': ug_model.has_perm(id, |
|
173 | 'create_repo_perm': ug_model.has_perm(id, | |
| 172 | 'hg.create.repository'), |
|
174 | 'hg.create.repository'), | |
| 173 | 'fork_repo_perm': ug_model.has_perm(id, |
|
175 | 'fork_repo_perm': ug_model.has_perm(id, | |
| 174 | 'hg.fork.repository'), |
|
176 | 'hg.fork.repository'), | |
| 175 | '_method': 'put' |
|
177 | '_method': 'put' | |
| 176 | }) |
|
178 | }) | |
| 177 |
|
179 | |||
| 178 | return htmlfill.render( |
|
180 | return htmlfill.render( | |
| 179 | render('admin/users_groups/users_group_edit.html'), |
|
181 | render('admin/users_groups/users_group_edit.html'), | |
| 180 | defaults=defaults, |
|
182 | defaults=defaults, | |
| 181 | errors=e, |
|
183 | errors=e, | |
| 182 | prefix_error=False, |
|
184 | prefix_error=False, | |
| 183 | encoding="UTF-8") |
|
185 | encoding="UTF-8") | |
| 184 | except Exception: |
|
186 | except Exception: | |
| 185 | log.error(traceback.format_exc()) |
|
187 | log.error(traceback.format_exc()) | |
| 186 | h.flash(_('Error occurred during update of user group %s') \ |
|
188 | h.flash(_('Error occurred during update of user group %s') \ | |
| 187 | % request.POST.get('users_group_name'), category='error') |
|
189 | % request.POST.get('users_group_name'), category='error') | |
| 188 |
|
190 | |||
| 189 | return redirect(url('edit_users_group', id=id)) |
|
191 | return redirect(url('edit_users_group', id=id)) | |
| 190 |
|
192 | |||
| 191 | def delete(self, id): |
|
193 | def delete(self, id): | |
| 192 | """DELETE /users_groups/id: Delete an existing item""" |
|
194 | """DELETE /users_groups/id: Delete an existing item""" | |
| 193 | # Forms posted to this method should contain a hidden field: |
|
195 | # Forms posted to this method should contain a hidden field: | |
| 194 | # <input type="hidden" name="_method" value="DELETE" /> |
|
196 | # <input type="hidden" name="_method" value="DELETE" /> | |
| 195 | # Or using helpers: |
|
197 | # Or using helpers: | |
| 196 | # h.form(url('users_group', id=ID), |
|
198 | # h.form(url('users_group', id=ID), | |
| 197 | # method='delete') |
|
199 | # method='delete') | |
| 198 | # url('users_group', id=ID) |
|
200 | # url('users_group', id=ID) | |
| 199 | usr_gr = UserGroup.get_or_404(id) |
|
201 | usr_gr = UserGroup.get_or_404(id) | |
| 200 | try: |
|
202 | try: | |
| 201 | UserGroupModel().delete(usr_gr) |
|
203 | UserGroupModel().delete(usr_gr) | |
| 202 | Session().commit() |
|
204 | Session().commit() | |
| 203 | h.flash(_('Successfully deleted user group'), category='success') |
|
205 | h.flash(_('Successfully deleted user group'), category='success') | |
| 204 | except UserGroupsAssignedException, e: |
|
206 | except UserGroupsAssignedException, e: | |
| 205 | h.flash(e, category='error') |
|
207 | h.flash(e, category='error') | |
| 206 | except Exception: |
|
208 | except Exception: | |
| 207 | log.error(traceback.format_exc()) |
|
209 | log.error(traceback.format_exc()) | |
| 208 | h.flash(_('An error occurred during deletion of user group'), |
|
210 | h.flash(_('An error occurred during deletion of user group'), | |
| 209 | category='error') |
|
211 | category='error') | |
| 210 | return redirect(url('users_groups')) |
|
212 | return redirect(url('users_groups')) | |
| 211 |
|
213 | |||
| 212 | def show(self, id, format='html'): |
|
214 | def show(self, id, format='html'): | |
| 213 | """GET /users_groups/id: Show a specific item""" |
|
215 | """GET /users_groups/id: Show a specific item""" | |
| 214 | # url('users_group', id=ID) |
|
216 | # url('users_group', id=ID) | |
| 215 |
|
217 | |||
| 216 | def edit(self, id, format='html'): |
|
218 | def edit(self, id, format='html'): | |
| 217 | """GET /users_groups/id/edit: Form to edit an existing item""" |
|
219 | """GET /users_groups/id/edit: Form to edit an existing item""" | |
| 218 | # url('edit_users_group', id=ID) |
|
220 | # url('edit_users_group', id=ID) | |
| 219 |
|
221 | |||
| 220 | c.users_group = UserGroup.get_or_404(id) |
|
222 | c.users_group = UserGroup.get_or_404(id) | |
| 221 | self._load_data(id) |
|
223 | self._load_data(id) | |
| 222 |
|
224 | |||
| 223 | ug_model = UserGroupModel() |
|
225 | ug_model = UserGroupModel() | |
| 224 | defaults = c.users_group.get_dict() |
|
226 | defaults = c.users_group.get_dict() | |
| 225 | defaults.update({ |
|
227 | defaults.update({ | |
| 226 | 'create_repo_perm': ug_model.has_perm(c.users_group, |
|
228 | 'create_repo_perm': ug_model.has_perm(c.users_group, | |
| 227 | 'hg.create.repository'), |
|
229 | 'hg.create.repository'), | |
| 228 | 'fork_repo_perm': ug_model.has_perm(c.users_group, |
|
230 | 'fork_repo_perm': ug_model.has_perm(c.users_group, | |
| 229 | 'hg.fork.repository'), |
|
231 | 'hg.fork.repository'), | |
| 230 | }) |
|
232 | }) | |
| 231 |
|
233 | |||
| 232 | return htmlfill.render( |
|
234 | return htmlfill.render( | |
| 233 | render('admin/users_groups/users_group_edit.html'), |
|
235 | render('admin/users_groups/users_group_edit.html'), | |
| 234 | defaults=defaults, |
|
236 | defaults=defaults, | |
| 235 | encoding="UTF-8", |
|
237 | encoding="UTF-8", | |
| 236 | force_defaults=False |
|
238 | force_defaults=False | |
| 237 | ) |
|
239 | ) | |
| 238 |
|
240 | |||
| 239 | def update_perm(self, id): |
|
241 | def update_perm(self, id): | |
| 240 | """PUT /users_perm/id: Update an existing item""" |
|
242 | """PUT /users_perm/id: Update an existing item""" | |
| 241 | # url('users_group_perm', id=ID, method='put') |
|
243 | # url('users_group_perm', id=ID, method='put') | |
| 242 |
|
244 | |||
| 243 | users_group = UserGroup.get_or_404(id) |
|
245 | users_group = UserGroup.get_or_404(id) | |
| 244 | grant_create_perm = str2bool(request.POST.get('create_repo_perm')) |
|
246 | grant_create_perm = str2bool(request.POST.get('create_repo_perm')) | |
| 245 | grant_fork_perm = str2bool(request.POST.get('fork_repo_perm')) |
|
247 | grant_fork_perm = str2bool(request.POST.get('fork_repo_perm')) | |
| 246 | inherit_perms = str2bool(request.POST.get('inherit_default_permissions')) |
|
248 | inherit_perms = str2bool(request.POST.get('inherit_default_permissions')) | |
| 247 |
|
249 | |||
| 248 | usergroup_model = UserGroupModel() |
|
250 | usergroup_model = UserGroupModel() | |
| 249 |
|
251 | |||
| 250 | try: |
|
252 | try: | |
| 251 | users_group.inherit_default_permissions = inherit_perms |
|
253 | users_group.inherit_default_permissions = inherit_perms | |
| 252 | Session().add(users_group) |
|
254 | Session().add(users_group) | |
| 253 |
|
255 | |||
| 254 | if grant_create_perm: |
|
256 | if grant_create_perm: | |
| 255 | usergroup_model.revoke_perm(id, 'hg.create.none') |
|
257 | usergroup_model.revoke_perm(id, 'hg.create.none') | |
| 256 | usergroup_model.grant_perm(id, 'hg.create.repository') |
|
258 | usergroup_model.grant_perm(id, 'hg.create.repository') | |
| 257 | h.flash(_("Granted 'repository create' permission to user group"), |
|
259 | h.flash(_("Granted 'repository create' permission to user group"), | |
| 258 | category='success') |
|
260 | category='success') | |
| 259 | else: |
|
261 | else: | |
| 260 | usergroup_model.revoke_perm(id, 'hg.create.repository') |
|
262 | usergroup_model.revoke_perm(id, 'hg.create.repository') | |
| 261 | usergroup_model.grant_perm(id, 'hg.create.none') |
|
263 | usergroup_model.grant_perm(id, 'hg.create.none') | |
| 262 | h.flash(_("Revoked 'repository create' permission to user group"), |
|
264 | h.flash(_("Revoked 'repository create' permission to user group"), | |
| 263 | category='success') |
|
265 | category='success') | |
| 264 |
|
266 | |||
| 265 | if grant_fork_perm: |
|
267 | if grant_fork_perm: | |
| 266 | usergroup_model.revoke_perm(id, 'hg.fork.none') |
|
268 | usergroup_model.revoke_perm(id, 'hg.fork.none') | |
| 267 | usergroup_model.grant_perm(id, 'hg.fork.repository') |
|
269 | usergroup_model.grant_perm(id, 'hg.fork.repository') | |
| 268 | h.flash(_("Granted 'repository fork' permission to user group"), |
|
270 | h.flash(_("Granted 'repository fork' permission to user group"), | |
| 269 | category='success') |
|
271 | category='success') | |
| 270 | else: |
|
272 | else: | |
| 271 | usergroup_model.revoke_perm(id, 'hg.fork.repository') |
|
273 | usergroup_model.revoke_perm(id, 'hg.fork.repository') | |
| 272 | usergroup_model.grant_perm(id, 'hg.fork.none') |
|
274 | usergroup_model.grant_perm(id, 'hg.fork.none') | |
| 273 | h.flash(_("Revoked 'repository fork' permission to user group"), |
|
275 | h.flash(_("Revoked 'repository fork' permission to user group"), | |
| 274 | category='success') |
|
276 | category='success') | |
| 275 |
|
277 | |||
| 276 | Session().commit() |
|
278 | Session().commit() | |
| 277 | except Exception: |
|
279 | except Exception: | |
| 278 | log.error(traceback.format_exc()) |
|
280 | log.error(traceback.format_exc()) | |
| 279 | h.flash(_('An error occurred during permissions saving'), |
|
281 | h.flash(_('An error occurred during permissions saving'), | |
| 280 | category='error') |
|
282 | category='error') | |
| 281 |
|
283 | |||
| 282 | return redirect(url('edit_users_group', id=id)) |
|
284 | return redirect(url('edit_users_group', id=id)) | |
| @@ -1,228 +1,228 b'' | |||||
| 1 | ## -*- coding: utf-8 -*- |
|
1 | ## -*- coding: utf-8 -*- | |
| 2 | <%inherit file="/base/base.html"/> |
|
2 | <%inherit file="/base/base.html"/> | |
| 3 |
|
3 | |||
| 4 | <%def name="title()"> |
|
4 | <%def name="title()"> | |
| 5 | ${_('Edit user group')} ${c.users_group.users_group_name} · ${c.rhodecode_name} |
|
5 | ${_('Edit user group')} ${c.users_group.users_group_name} · ${c.rhodecode_name} | |
| 6 | </%def> |
|
6 | </%def> | |
| 7 |
|
7 | |||
| 8 | <%def name="breadcrumbs_links()"> |
|
8 | <%def name="breadcrumbs_links()"> | |
| 9 | ${h.link_to(_('Admin'),h.url('admin_home'))} |
|
9 | ${h.link_to(_('Admin'),h.url('admin_home'))} | |
| 10 | » |
|
10 | » | |
| 11 | ${h.link_to(_('UserGroups'),h.url('users_groups'))} |
|
11 | ${h.link_to(_('UserGroups'),h.url('users_groups'))} | |
| 12 | » |
|
12 | » | |
| 13 | ${_('edit')} "${c.users_group.users_group_name}" |
|
13 | ${_('edit')} "${c.users_group.users_group_name}" | |
| 14 | </%def> |
|
14 | </%def> | |
| 15 |
|
15 | |||
| 16 | <%def name="page_nav()"> |
|
16 | <%def name="page_nav()"> | |
| 17 | ${self.menu('admin')} |
|
17 | ${self.menu('admin')} | |
| 18 | </%def> |
|
18 | </%def> | |
| 19 |
|
19 | |||
| 20 | <%def name="main()"> |
|
20 | <%def name="main()"> | |
| 21 | <div class="box box-left"> |
|
21 | <div class="box box-left"> | |
| 22 | <!-- box / title --> |
|
22 | <!-- box / title --> | |
| 23 | <div class="title"> |
|
23 | <div class="title"> | |
| 24 | ${self.breadcrumbs()} |
|
24 | ${self.breadcrumbs()} | |
| 25 | </div> |
|
25 | </div> | |
| 26 | <!-- end box / title --> |
|
26 | <!-- end box / title --> | |
| 27 | ${h.form(url('users_group', id=c.users_group.users_group_id),method='put', id='edit_users_group')} |
|
27 | ${h.form(url('users_group', id=c.users_group.users_group_id),method='put', id='edit_users_group')} | |
| 28 | <div class="form"> |
|
28 | <div class="form"> | |
| 29 | <!-- fields --> |
|
29 | <!-- fields --> | |
| 30 | <div class="fields"> |
|
30 | <div class="fields"> | |
| 31 | <div class="field"> |
|
31 | <div class="field"> | |
| 32 | <div class="label"> |
|
32 | <div class="label"> | |
| 33 | <label for="users_group_name">${_('Group name')}:</label> |
|
33 | <label for="users_group_name">${_('Group name')}:</label> | |
| 34 | </div> |
|
34 | </div> | |
| 35 | <div class="input"> |
|
35 | <div class="input"> | |
| 36 | ${h.text('users_group_name',class_='small')} |
|
36 | ${h.text('users_group_name',class_='small')} | |
| 37 | </div> |
|
37 | </div> | |
| 38 | </div> |
|
38 | </div> | |
| 39 |
|
39 | |||
| 40 | <div class="field"> |
|
40 | <div class="field"> | |
| 41 | <div class="label label-checkbox"> |
|
41 | <div class="label label-checkbox"> | |
| 42 | <label for="users_group_active">${_('Active')}:</label> |
|
42 | <label for="users_group_active">${_('Active')}:</label> | |
| 43 | </div> |
|
43 | </div> | |
| 44 | <div class="checkboxes"> |
|
44 | <div class="checkboxes"> | |
| 45 | ${h.checkbox('users_group_active',value=True)} |
|
45 | ${h.checkbox('users_group_active',value=True)} | |
| 46 | </div> |
|
46 | </div> | |
| 47 | </div> |
|
47 | </div> | |
| 48 | <div class="field"> |
|
48 | <div class="field"> | |
| 49 | <div class="label"> |
|
49 | <div class="label"> | |
| 50 | <label for="users_group_active">${_('Members')}:</label> |
|
50 | <label for="users_group_active">${_('Members')}:</label> | |
| 51 | </div> |
|
51 | </div> | |
| 52 | <div class="select"> |
|
52 | <div class="select"> | |
| 53 | <table> |
|
53 | <table> | |
| 54 | <tr> |
|
54 | <tr> | |
| 55 | <td> |
|
55 | <td> | |
| 56 | <div> |
|
56 | <div> | |
| 57 | <div style="float:left"> |
|
57 | <div style="float:left"> | |
| 58 | <div class="text" style="padding: 0px 0px 6px;">${_('Chosen group members')}</div> |
|
58 | <div class="text" style="padding: 0px 0px 6px;">${_('Chosen group members')}</div> | |
| 59 | ${h.select('users_group_members',[x[0] for x in c.group_members],c.group_members,multiple=True,size=8,style="min-width:210px")} |
|
59 | ${h.select('users_group_members',[x[0] for x in c.group_members],c.group_members,multiple=True,size=8,style="min-width:210px")} | |
| 60 |
<div |
|
60 | <div id="remove_all_elements" style="cursor:pointer;text-align:center"> | |
| 61 | ${_('Remove all elements')} |
|
61 | ${_('Remove all elements')} | |
| 62 | <img alt="remove" style="vertical-align:text-bottom" src="${h.url('/images/icons/arrow_right.png')}"/> |
|
62 | <img alt="remove" style="vertical-align:text-bottom" src="${h.url('/images/icons/arrow_right.png')}"/> | |
| 63 | </div> |
|
63 | </div> | |
| 64 | </div> |
|
64 | </div> | |
| 65 | <div style="float:left;width:20px;padding-top:50px"> |
|
65 | <div style="float:left;width:20px;padding-top:50px"> | |
| 66 | <img alt="add" id="add_element" |
|
66 | <img alt="add" id="add_element" | |
| 67 | style="padding:2px;cursor:pointer" |
|
67 | style="padding:2px;cursor:pointer" | |
| 68 | src="${h.url('/images/icons/arrow_left.png')}"/> |
|
68 | src="${h.url('/images/icons/arrow_left.png')}"/> | |
| 69 | <br /> |
|
69 | <br /> | |
| 70 | <img alt="remove" id="remove_element" |
|
70 | <img alt="remove" id="remove_element" | |
| 71 | style="padding:2px;cursor:pointer" |
|
71 | style="padding:2px;cursor:pointer" | |
| 72 | src="${h.url('/images/icons/arrow_right.png')}"/> |
|
72 | src="${h.url('/images/icons/arrow_right.png')}"/> | |
| 73 | </div> |
|
73 | </div> | |
| 74 | <div style="float:left"> |
|
74 | <div style="float:left"> | |
| 75 | <div class="text" style="padding: 0px 0px 6px;">${_('Available members')}</div> |
|
75 | <div class="text" style="padding: 0px 0px 6px;">${_('Available members')}</div> | |
| 76 | ${h.select('available_members',[],c.available_members,multiple=True,size=8,style="min-width:210px")} |
|
76 | ${h.select('available_members',[],c.available_members,multiple=True,size=8,style="min-width:210px")} | |
| 77 | <div id="add_all_elements" style="cursor:pointer;text-align:center"> |
|
77 | <div id="add_all_elements" style="cursor:pointer;text-align:center"> | |
| 78 | <img alt="add" style="vertical-align:text-bottom" src="${h.url('/images/icons/arrow_left.png')}"/> |
|
78 | <img alt="add" style="vertical-align:text-bottom" src="${h.url('/images/icons/arrow_left.png')}"/> | |
| 79 | ${_('Add all elements')} |
|
79 | ${_('Add all elements')} | |
| 80 | </div> |
|
80 | </div> | |
| 81 | </div> |
|
81 | </div> | |
| 82 | </div> |
|
82 | </div> | |
| 83 | </td> |
|
83 | </td> | |
| 84 | </tr> |
|
84 | </tr> | |
| 85 | </table> |
|
85 | </table> | |
| 86 | </div> |
|
86 | </div> | |
| 87 |
|
87 | |||
| 88 | </div> |
|
88 | </div> | |
| 89 | <div class="buttons"> |
|
89 | <div class="buttons"> | |
| 90 |
${h.submit(' |
|
90 | ${h.submit('Save',_('save'),class_="ui-btn large")} | |
| 91 | </div> |
|
91 | </div> | |
| 92 | </div> |
|
92 | </div> | |
| 93 | </div> |
|
93 | </div> | |
| 94 | ${h.end_form()} |
|
94 | ${h.end_form()} | |
| 95 | </div> |
|
95 | </div> | |
| 96 |
|
96 | |||
| 97 | <div class="box box-right"> |
|
97 | <div class="box box-right"> | |
| 98 | <!-- box / title --> |
|
98 | <!-- box / title --> | |
| 99 | <div class="title"> |
|
99 | <div class="title"> | |
| 100 | <h5>${_('Permissions')}</h5> |
|
100 | <h5>${_('Permissions')}</h5> | |
| 101 | </div> |
|
101 | </div> | |
| 102 | ${h.form(url('users_group_perm', id=c.users_group.users_group_id), method='put')} |
|
102 | ${h.form(url('users_group_perm', id=c.users_group.users_group_id), method='put')} | |
| 103 | <div class="form"> |
|
103 | <div class="form"> | |
| 104 | <!-- fields --> |
|
104 | <!-- fields --> | |
| 105 | <div class="fields"> |
|
105 | <div class="fields"> | |
| 106 | <div class="field"> |
|
106 | <div class="field"> | |
| 107 | <div class="label label-checkbox"> |
|
107 | <div class="label label-checkbox"> | |
| 108 | <label for="inherit_permissions">${_('Inherit default permissions')}:</label> |
|
108 | <label for="inherit_permissions">${_('Inherit default permissions')}:</label> | |
| 109 | </div> |
|
109 | </div> | |
| 110 | <div class="checkboxes"> |
|
110 | <div class="checkboxes"> | |
| 111 | ${h.checkbox('inherit_default_permissions',value=True)} |
|
111 | ${h.checkbox('inherit_default_permissions',value=True)} | |
| 112 | </div> |
|
112 | </div> | |
| 113 | <span class="help-block">${h.literal(_('Select to inherit permissions from %s settings. ' |
|
113 | <span class="help-block">${h.literal(_('Select to inherit permissions from %s settings. ' | |
| 114 | 'With this selected below options does not have any action') % h.link_to('default', url('edit_permission', id='default')))}</span> |
|
114 | 'With this selected below options does not have any action') % h.link_to('default', url('edit_permission', id='default')))}</span> | |
| 115 | </div> |
|
115 | </div> | |
| 116 | <div id="inherit_overlay" style="${'opacity:0.3' if c.users_group.inherit_default_permissions else ''}" > |
|
116 | <div id="inherit_overlay" style="${'opacity:0.3' if c.users_group.inherit_default_permissions else ''}" > | |
| 117 | <div class="field"> |
|
117 | <div class="field"> | |
| 118 | <div class="label label-checkbox"> |
|
118 | <div class="label label-checkbox"> | |
| 119 | <label for="create_repo_perm">${_('Create repositories')}:</label> |
|
119 | <label for="create_repo_perm">${_('Create repositories')}:</label> | |
| 120 | </div> |
|
120 | </div> | |
| 121 | <div class="checkboxes"> |
|
121 | <div class="checkboxes"> | |
| 122 | ${h.checkbox('create_repo_perm',value=True)} |
|
122 | ${h.checkbox('create_repo_perm',value=True)} | |
| 123 | </div> |
|
123 | </div> | |
| 124 | </div> |
|
124 | </div> | |
| 125 | <div class="field"> |
|
125 | <div class="field"> | |
| 126 | <div class="label label-checkbox"> |
|
126 | <div class="label label-checkbox"> | |
| 127 | <label for="fork_repo_perm">${_('Fork repositories')}:</label> |
|
127 | <label for="fork_repo_perm">${_('Fork repositories')}:</label> | |
| 128 | </div> |
|
128 | </div> | |
| 129 | <div class="checkboxes"> |
|
129 | <div class="checkboxes"> | |
| 130 | ${h.checkbox('fork_repo_perm',value=True)} |
|
130 | ${h.checkbox('fork_repo_perm',value=True)} | |
| 131 | </div> |
|
131 | </div> | |
| 132 | </div> |
|
132 | </div> | |
| 133 | </div> |
|
133 | </div> | |
| 134 | <div class="buttons"> |
|
134 | <div class="buttons"> | |
| 135 | ${h.submit('save',_('Save'),class_="ui-btn large")} |
|
135 | ${h.submit('save',_('Save'),class_="ui-btn large")} | |
| 136 | ${h.reset('reset',_('Reset'),class_="ui-btn large")} |
|
136 | ${h.reset('reset',_('Reset'),class_="ui-btn large")} | |
| 137 | </div> |
|
137 | </div> | |
| 138 | </div> |
|
138 | </div> | |
| 139 | </div> |
|
139 | </div> | |
| 140 | ${h.end_form()} |
|
140 | ${h.end_form()} | |
| 141 | </div> |
|
141 | </div> | |
| 142 |
|
142 | |||
| 143 | <div class="box box-right"> |
|
143 | <div class="box box-right"> | |
| 144 | <!-- box / title --> |
|
144 | <!-- box / title --> | |
| 145 | <div class="title"> |
|
145 | <div class="title"> | |
| 146 | <h5>${_('Group members')}</h5> |
|
146 | <h5>${_('Group members')}</h5> | |
| 147 | </div> |
|
147 | </div> | |
| 148 |
|
148 | |||
| 149 | <div class="group_members_wrap"> |
|
149 | <div class="group_members_wrap"> | |
| 150 | % if c.group_members_obj: |
|
150 | % if c.group_members_obj: | |
| 151 | <ul class="group_members"> |
|
151 | <ul class="group_members"> | |
| 152 | %for user in c.group_members_obj: |
|
152 | %for user in c.group_members_obj: | |
| 153 | <li> |
|
153 | <li> | |
| 154 | <div class="group_member"> |
|
154 | <div class="group_member"> | |
| 155 | <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(user.email,24)}"/> </div> |
|
155 | <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(user.email,24)}"/> </div> | |
| 156 | <div>${h.link_to(user.username, h.url('edit_user',id=user.user_id))}</div> |
|
156 | <div>${h.link_to(user.username, h.url('edit_user',id=user.user_id))}</div> | |
| 157 | <div>${user.full_name}</div> |
|
157 | <div>${user.full_name}</div> | |
| 158 | </div> |
|
158 | </div> | |
| 159 | </li> |
|
159 | </li> | |
| 160 | %endfor |
|
160 | %endfor | |
| 161 | </ul> |
|
161 | </ul> | |
| 162 | %else: |
|
162 | %else: | |
| 163 | <span class="empty_data">${_('No members yet')}</span> |
|
163 | <span class="empty_data">${_('No members yet')}</span> | |
| 164 | %endif |
|
164 | %endif | |
| 165 | </div> |
|
165 | </div> | |
| 166 | </div> |
|
166 | </div> | |
| 167 |
|
167 | |||
| 168 | <div class="box box-left"> |
|
168 | <div class="box box-left"> | |
| 169 | <!-- box / title --> |
|
169 | <!-- box / title --> | |
| 170 | <div class="title"> |
|
170 | <div class="title"> | |
| 171 | <h5>${_('Permissions defined for this group')}</h5> |
|
171 | <h5>${_('Permissions defined for this group')}</h5> | |
| 172 | </div> |
|
172 | </div> | |
| 173 | ## permissions overview |
|
173 | ## permissions overview | |
| 174 | <div id="perms" class="table"> |
|
174 | <div id="perms" class="table"> | |
| 175 | %for section in sorted(c.users_group.permissions.keys()): |
|
175 | %for section in sorted(c.users_group.permissions.keys()): | |
| 176 | <div class="perms_section_head">${section.replace("_"," ").capitalize()}</div> |
|
176 | <div class="perms_section_head">${section.replace("_"," ").capitalize()}</div> | |
| 177 | %if not c.users_group.permissions: |
|
177 | %if not c.users_group.permissions: | |
| 178 | <span class="empty_data">${_('No permissions set yet')}</span> |
|
178 | <span class="empty_data">${_('No permissions set yet')}</span> | |
| 179 | %else: |
|
179 | %else: | |
| 180 | <div id='tbl_list_wrap_${section}' class="yui-skin-sam"> |
|
180 | <div id='tbl_list_wrap_${section}' class="yui-skin-sam"> | |
| 181 | <table id="tbl_list_repository"> |
|
181 | <table id="tbl_list_repository"> | |
| 182 | <thead> |
|
182 | <thead> | |
| 183 | <tr> |
|
183 | <tr> | |
| 184 | <th class="left">${_('Name')}</th> |
|
184 | <th class="left">${_('Name')}</th> | |
| 185 | <th class="left">${_('Permission')}</th> |
|
185 | <th class="left">${_('Permission')}</th> | |
| 186 | <th class="left">${_('Edit Permission')}</th> |
|
186 | <th class="left">${_('Edit Permission')}</th> | |
| 187 | </thead> |
|
187 | </thead> | |
| 188 | <tbody> |
|
188 | <tbody> | |
| 189 | %for k in sorted(c.users_group.permissions[section], key=lambda s: s.lower): |
|
189 | %for k in sorted(c.users_group.permissions[section], key=lambda s: s.lower): | |
| 190 | <% |
|
190 | <% | |
| 191 | section_perm = c.users_group.permissions[section].get(k) |
|
191 | section_perm = c.users_group.permissions[section].get(k) | |
| 192 | _perm = section_perm.split('.')[-1] |
|
192 | _perm = section_perm.split('.')[-1] | |
| 193 | %> |
|
193 | %> | |
| 194 | <tr> |
|
194 | <tr> | |
| 195 | <td> |
|
195 | <td> | |
| 196 | %if section == 'repositories': |
|
196 | %if section == 'repositories': | |
| 197 | <a href="${h.url('summary_home',repo_name=k)}">${k}</a> |
|
197 | <a href="${h.url('summary_home',repo_name=k)}">${k}</a> | |
| 198 | %elif section == 'repositories_groups': |
|
198 | %elif section == 'repositories_groups': | |
| 199 | <a href="${h.url('repos_group_home',group_name=k)}">${k}</a> |
|
199 | <a href="${h.url('repos_group_home',group_name=k)}">${k}</a> | |
| 200 | %endif |
|
200 | %endif | |
| 201 | </td> |
|
201 | </td> | |
| 202 | <td> |
|
202 | <td> | |
| 203 | <span class="perm_tag ${_perm}">${section_perm}</span> |
|
203 | <span class="perm_tag ${_perm}">${section_perm}</span> | |
| 204 | </td> |
|
204 | </td> | |
| 205 | <td> |
|
205 | <td> | |
| 206 | %if section == 'repositories': |
|
206 | %if section == 'repositories': | |
| 207 | <a href="${h.url('edit_repo',repo_name=k,anchor='permissions_manage')}">${_('edit')}</a> |
|
207 | <a href="${h.url('edit_repo',repo_name=k,anchor='permissions_manage')}">${_('edit')}</a> | |
| 208 | %elif section == 'repositories_groups': |
|
208 | %elif section == 'repositories_groups': | |
| 209 | <a href="${h.url('edit_repos_group',group_name=k,anchor='permissions_manage')}">${_('edit')}</a> |
|
209 | <a href="${h.url('edit_repos_group',group_name=k,anchor='permissions_manage')}">${_('edit')}</a> | |
| 210 | %else: |
|
210 | %else: | |
| 211 | -- |
|
211 | -- | |
| 212 | %endif |
|
212 | %endif | |
| 213 | </td> |
|
213 | </td> | |
| 214 | </tr> |
|
214 | </tr> | |
| 215 | %endfor |
|
215 | %endfor | |
| 216 | </tbody> |
|
216 | </tbody> | |
| 217 | </table> |
|
217 | </table> | |
| 218 | </div> |
|
218 | </div> | |
| 219 | %endif |
|
219 | %endif | |
| 220 | %endfor |
|
220 | %endfor | |
| 221 | </div> |
|
221 | </div> | |
| 222 | </div> |
|
222 | </div> | |
| 223 |
|
223 | |||
| 224 |
|
224 | |||
| 225 | <script type="text/javascript"> |
|
225 | <script type="text/javascript"> | |
| 226 | MultiSelectWidget('users_group_members','available_members','edit_users_group'); |
|
226 | MultiSelectWidget('users_group_members','available_members','edit_users_group'); | |
| 227 | </script> |
|
227 | </script> | |
| 228 | </%def> |
|
228 | </%def> | |
General Comments 0
You need to be logged in to leave comments.
Login now