Show More
@@ -106,6 +106,15 b' class ReposGroupsController(BaseControll' | |||||
106 |
|
106 | |||
107 | return data |
|
107 | return data | |
108 |
|
108 | |||
|
109 | def _revoke_perms_on_yourself(self, form_result): | |||
|
110 | _up = filter(lambda u: c.rhodecode_user.username == u[0], | |||
|
111 | form_result['perms_updates']) | |||
|
112 | _new = filter(lambda u: c.rhodecode_user.username == u[0], | |||
|
113 | form_result['perms_new']) | |||
|
114 | if _new and _new[0][1] != 'group.admin' or _up and _up[0][1] != 'group.admin': | |||
|
115 | return True | |||
|
116 | return False | |||
|
117 | ||||
109 | def index(self, format='html'): |
|
118 | def index(self, format='html'): | |
110 | """GET /repos_groups: All items in the collection""" |
|
119 | """GET /repos_groups: All items in the collection""" | |
111 | # url('repos_groups') |
|
120 | # url('repos_groups') | |
@@ -200,6 +209,12 b' class ReposGroupsController(BaseControll' | |||||
200 | )() |
|
209 | )() | |
201 | try: |
|
210 | try: | |
202 | form_result = repos_group_form.to_python(dict(request.POST)) |
|
211 | form_result = repos_group_form.to_python(dict(request.POST)) | |
|
212 | if not c.rhodecode_user.is_admin: | |||
|
213 | if self._revoke_perms_on_yourself(form_result): | |||
|
214 | msg = _('Cannot revoke permission for yourself as admin') | |||
|
215 | h.flash(msg, category='warning') | |||
|
216 | raise Exception('revoke admin permission on self') | |||
|
217 | ||||
203 | new_gr = ReposGroupModel().update(group_name, form_result) |
|
218 | new_gr = ReposGroupModel().update(group_name, form_result) | |
204 | Session().commit() |
|
219 | Session().commit() | |
205 | h.flash(_('updated repos group %s') \ |
|
220 | h.flash(_('updated repos group %s') \ | |
@@ -272,6 +287,11 b' class ReposGroupsController(BaseControll' | |||||
272 | :param group_name: |
|
287 | :param group_name: | |
273 | """ |
|
288 | """ | |
274 | try: |
|
289 | try: | |
|
290 | if not c.rhodecode_user.is_admin: | |||
|
291 | if c.rhodecode_user.user_id == safe_int(request.POST['user_id']): | |||
|
292 | msg = _('Cannot revoke permission for yourself as admin') | |||
|
293 | h.flash(msg, category='warning') | |||
|
294 | raise Exception('revoke admin permission on self') | |||
275 | recursive = str2bool(request.POST.get('recursive', False)) |
|
295 | recursive = str2bool(request.POST.get('recursive', False)) | |
276 | ReposGroupModel().delete_permission( |
|
296 | ReposGroupModel().delete_permission( | |
277 | repos_group=group_name, obj=request.POST['user_id'], |
|
297 | repos_group=group_name, obj=request.POST['user_id'], |
@@ -9,7 +9,9 b'' | |||||
9 | </tr> |
|
9 | </tr> | |
10 | ## USERS |
|
10 | ## USERS | |
11 | %for r2p in c.repos_group.repo_group_to_perm: |
|
11 | %for r2p in c.repos_group.repo_group_to_perm: | |
|
12 | ##forbid revoking permission from yourself | |||
12 | <tr id="id${id(r2p.user.username)}"> |
|
13 | <tr id="id${id(r2p.user.username)}"> | |
|
14 | %if c.rhodecode_user.user_id != r2p.user.user_id or c.rhodecode_user.is_admin: | |||
13 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none')}</td> |
|
15 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none')}</td> | |
14 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read')}</td> |
|
16 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read')}</td> | |
15 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write')}</td> |
|
17 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write')}</td> | |
@@ -24,6 +26,17 b'' | |||||
24 | </span> |
|
26 | </span> | |
25 | %endif |
|
27 | %endif | |
26 | </td> |
|
28 | </td> | |
|
29 | %else: | |||
|
30 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none', disabled="disabled")}</td> | |||
|
31 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read', disabled="disabled")}</td> | |||
|
32 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write', disabled="disabled")}</td> | |||
|
33 | <td>${h.radio('u_perm_%s' % r2p.user.username,'group.admin', disabled="disabled")}</td> | |||
|
34 | <td style="white-space: nowrap;"> | |||
|
35 | <img class="perm-gravatar" src="${h.gravatar_url(r2p.user.email,14)}"/>${r2p.user.username if r2p.user.username != 'default' else _('default')} | |||
|
36 | </td> | |||
|
37 | <td> | |||
|
38 | </td> | |||
|
39 | %endif | |||
27 | </tr> |
|
40 | </tr> | |
28 | %endfor |
|
41 | %endfor | |
29 |
|
42 |
General Comments 0
You need to be logged in to leave comments.
Login now