##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

auth: simplify repository permission checks...
Søren Løvborg -
r6471:a17c8e5f default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -37,7 +37,7 b' from webob.exc import HTTPFound, HTTPInt'
37 37 from kallithea.config.routing import url
38 38 from kallithea.lib import helpers as h
39 39 from kallithea.lib.auth import LoginRequired, \
40 HasRepoPermissionAnyDecorator, NotAnonymous, HasPermissionAny
40 HasRepoPermissionLevelDecorator, NotAnonymous, HasPermissionAny
41 41 from kallithea.lib.base import BaseRepoController, render, jsonify
42 42 from kallithea.lib.utils import action_logger
43 43 from kallithea.lib.vcs import RepositoryError
@@ -100,7 +100,7 b' class ReposController(BaseRepoController'
100 100 def index(self, format='html'):
101 101 _list = Repository.query(sorted=True).all()
102 102
103 c.repos_list = RepoList(_list, perm_set=['repository.admin'])
103 c.repos_list = RepoList(_list, perm_level='admin')
104 104 repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list,
105 105 admin=True,
106 106 super_user_actions=True)
@@ -212,7 +212,7 b' class ReposController(BaseRepoController'
212 212 return {'result': True}
213 213 return {'result': False}
214 214
215 @HasRepoPermissionAnyDecorator('repository.admin')
215 @HasRepoPermissionLevelDecorator('admin')
216 216 def update(self, repo_name):
217 217 c.repo_info = self._load_repo()
218 218 self.__load_defaults(c.repo_info)
@@ -261,7 +261,7 b' class ReposController(BaseRepoController'
261 261 % repo_name, category='error')
262 262 raise HTTPFound(location=url('edit_repo', repo_name=changed_name))
263 263
264 @HasRepoPermissionAnyDecorator('repository.admin')
264 @HasRepoPermissionLevelDecorator('admin')
265 265 def delete(self, repo_name):
266 266 repo_model = RepoModel()
267 267 repo = repo_model.get_by_repo_name(repo_name)
@@ -298,7 +298,7 b' class ReposController(BaseRepoController'
298 298 raise HTTPFound(location=url('repos_group_home', group_name=repo.group.group_name))
299 299 raise HTTPFound(location=url('repos'))
300 300
301 @HasRepoPermissionAnyDecorator('repository.admin')
301 @HasRepoPermissionLevelDecorator('admin')
302 302 def edit(self, repo_name):
303 303 defaults = self.__load_data()
304 304 c.repo_fields = RepositoryField.query() \
@@ -312,7 +312,7 b' class ReposController(BaseRepoController'
312 312 encoding="UTF-8",
313 313 force_defaults=False)
314 314
315 @HasRepoPermissionAnyDecorator('repository.admin')
315 @HasRepoPermissionLevelDecorator('admin')
316 316 def edit_permissions(self, repo_name):
317 317 c.repo_info = self._load_repo()
318 318 repo_model = RepoModel()
@@ -363,7 +363,7 b' class ReposController(BaseRepoController'
363 363 category='error')
364 364 raise HTTPInternalServerError()
365 365
366 @HasRepoPermissionAnyDecorator('repository.admin')
366 @HasRepoPermissionLevelDecorator('admin')
367 367 def edit_fields(self, repo_name):
368 368 c.repo_info = self._load_repo()
369 369 c.repo_fields = RepositoryField.query() \
@@ -374,7 +374,7 b' class ReposController(BaseRepoController'
374 374 raise HTTPFound(location=url('repo_edit_fields'))
375 375 return render('admin/repos/repo_edit.html')
376 376
377 @HasRepoPermissionAnyDecorator('repository.admin')
377 @HasRepoPermissionLevelDecorator('admin')
378 378 def create_repo_field(self, repo_name):
379 379 try:
380 380 form_result = RepoFieldForm()().to_python(dict(request.POST))
@@ -395,7 +395,7 b' class ReposController(BaseRepoController'
395 395 h.flash(msg, category='error')
396 396 raise HTTPFound(location=url('edit_repo_fields', repo_name=repo_name))
397 397
398 @HasRepoPermissionAnyDecorator('repository.admin')
398 @HasRepoPermissionLevelDecorator('admin')
399 399 def delete_repo_field(self, repo_name, field_id):
400 400 field = RepositoryField.get_or_404(field_id)
401 401 try:
@@ -407,7 +407,7 b' class ReposController(BaseRepoController'
407 407 h.flash(msg, category='error')
408 408 raise HTTPFound(location=url('edit_repo_fields', repo_name=repo_name))
409 409
410 @HasRepoPermissionAnyDecorator('repository.admin')
410 @HasRepoPermissionLevelDecorator('admin')
411 411 def edit_advanced(self, repo_name):
412 412 c.repo_info = self._load_repo()
413 413 c.default_user_id = User.get_default_user().user_id
@@ -416,7 +416,7 b' class ReposController(BaseRepoController'
416 416 .filter(UserFollowing.follows_repository == c.repo_info).scalar()
417 417
418 418 _repos = Repository.query(sorted=True).all()
419 read_access_repos = RepoList(_repos)
419 read_access_repos = RepoList(_repos, perm_level='read')
420 420 c.repos_list = [(None, _('-- Not a fork --'))]
421 421 c.repos_list += [(x.repo_id, x.repo_name)
422 422 for x in read_access_repos
@@ -435,7 +435,7 b' class ReposController(BaseRepoController'
435 435 encoding="UTF-8",
436 436 force_defaults=False)
437 437
438 @HasRepoPermissionAnyDecorator('repository.admin')
438 @HasRepoPermissionLevelDecorator('admin')
439 439 def edit_advanced_journal(self, repo_name):
440 440 """
441 441 Sets this repository to be visible in public journal,
@@ -458,7 +458,7 b' class ReposController(BaseRepoController'
458 458 raise HTTPFound(location=url('edit_repo_advanced', repo_name=repo_name))
459 459
460 460
461 @HasRepoPermissionAnyDecorator('repository.admin')
461 @HasRepoPermissionLevelDecorator('admin')
462 462 def edit_advanced_fork(self, repo_name):
463 463 """
464 464 Mark given repository as a fork of another
@@ -483,7 +483,7 b' class ReposController(BaseRepoController'
483 483
484 484 raise HTTPFound(location=url('edit_repo_advanced', repo_name=repo_name))
485 485
486 @HasRepoPermissionAnyDecorator('repository.admin')
486 @HasRepoPermissionLevelDecorator('admin')
487 487 def edit_advanced_locking(self, repo_name):
488 488 """
489 489 Unlock repository when it is locked !
@@ -504,7 +504,7 b' class ReposController(BaseRepoController'
504 504 category='error')
505 505 raise HTTPFound(location=url('edit_repo_advanced', repo_name=repo_name))
506 506
507 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
507 @HasRepoPermissionLevelDecorator('write')
508 508 def toggle_locking(self, repo_name):
509 509 try:
510 510 repo = Repository.get_by_repo_name(repo_name)
@@ -523,7 +523,7 b' class ReposController(BaseRepoController'
523 523 category='error')
524 524 raise HTTPFound(location=url('summary_home', repo_name=repo_name))
525 525
526 @HasRepoPermissionAnyDecorator('repository.admin')
526 @HasRepoPermissionLevelDecorator('admin')
527 527 def edit_caches(self, repo_name):
528 528 c.repo_info = self._load_repo()
529 529 c.active = 'caches'
@@ -541,7 +541,7 b' class ReposController(BaseRepoController'
541 541 raise HTTPFound(location=url('edit_repo_caches', repo_name=c.repo_name))
542 542 return render('admin/repos/repo_edit.html')
543 543
544 @HasRepoPermissionAnyDecorator('repository.admin')
544 @HasRepoPermissionLevelDecorator('admin')
545 545 def edit_remote(self, repo_name):
546 546 c.repo_info = self._load_repo()
547 547 c.active = 'remote'
@@ -556,7 +556,7 b' class ReposController(BaseRepoController'
556 556 raise HTTPFound(location=url('edit_repo_remote', repo_name=c.repo_name))
557 557 return render('admin/repos/repo_edit.html')
558 558
559 @HasRepoPermissionAnyDecorator('repository.admin')
559 @HasRepoPermissionLevelDecorator('admin')
560 560 def edit_statistics(self, repo_name):
561 561 c.repo_info = self._load_repo()
562 562 repo = c.repo_info.scm_instance
Show file before | Show file after | Hide comments
@@ -35,7 +35,7 b' from pylons import request'
35 35 from kallithea.controllers.api import JSONRPCController, JSONRPCError
36 36 from kallithea.lib.auth import (
37 37 PasswordGenerator, AuthUser, HasPermissionAnyDecorator,
38 HasPermissionAnyDecorator, HasPermissionAny, HasRepoPermissionAny,
38 HasPermissionAnyDecorator, HasPermissionAny, HasRepoPermissionLevel,
39 39 HasRepoGroupPermissionAny, HasUserGroupPermissionAny)
40 40 from kallithea.lib.utils import map_groups, repo2db_mapper
41 41 from kallithea.lib.utils2 import (
@@ -277,10 +277,7 b' class ApiController(JSONRPCController):'
277 277 """
278 278 repo = get_repo_or_error(repoid)
279 279 if not HasPermissionAny('hg.admin')():
280 # check if we have admin permission for this repo !
281 if not HasRepoPermissionAny('repository.admin',
282 'repository.write')(
283 repo_name=repo.repo_name):
280 if not HasRepoPermissionLevel('write')(repo.repo_name):
284 281 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
285 282
286 283 try:
@@ -342,8 +339,7 b' class ApiController(JSONRPCController):'
342 339 repo = get_repo_or_error(repoid)
343 340 if HasPermissionAny('hg.admin')():
344 341 pass
345 elif HasRepoPermissionAny('repository.admin',
346 'repository.write')(repo_name=repo.repo_name):
342 elif HasRepoPermissionLevel('write')(repo.repo_name):
347 343 # make sure normal user does not pass someone else userid,
348 344 # he is not allowed to do that
349 345 if not isinstance(userid, Optional) and userid != request.authuser.user_id:
@@ -1204,9 +1200,7 b' class ApiController(JSONRPCController):'
1204 1200 repo = get_repo_or_error(repoid)
1205 1201
1206 1202 if not HasPermissionAny('hg.admin')():
1207 # check if we have admin permission for this repo !
1208 perms = ('repository.admin', 'repository.write', 'repository.read')
1209 if not HasRepoPermissionAny(*perms)(repo_name=repo.repo_name):
1203 if not HasRepoPermissionLevel('read')(repo.repo_name):
1210 1204 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
1211 1205
1212 1206 members = []
@@ -1314,9 +1308,7 b' class ApiController(JSONRPCController):'
1314 1308 repo = get_repo_or_error(repoid)
1315 1309
1316 1310 if not HasPermissionAny('hg.admin')():
1317 # check if we have admin permission for this repo !
1318 perms = ('repository.admin', 'repository.write', 'repository.read')
1319 if not HasRepoPermissionAny(*perms)(repo_name=repo.repo_name):
1311 if not HasRepoPermissionLevel('read')(repo.repo_name):
1320 1312 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
1321 1313
1322 1314 ret_type = Optional.extract(ret_type)
@@ -1492,8 +1484,7 b' class ApiController(JSONRPCController):'
1492 1484 """
1493 1485 repo = get_repo_or_error(repoid)
1494 1486 if not HasPermissionAny('hg.admin')():
1495 # check if we have admin permission for this repo !
1496 if not HasRepoPermissionAny('repository.admin')(repo_name=repo.repo_name):
1487 if not HasRepoPermissionLevel('admin')(repo.repo_name):
1497 1488 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
1498 1489
1499 1490 if (name != repo.repo_name and
@@ -1590,9 +1581,7 b' class ApiController(JSONRPCController):'
1590 1581
1591 1582 if HasPermissionAny('hg.admin')():
1592 1583 pass
1593 elif HasRepoPermissionAny('repository.admin',
1594 'repository.write',
1595 'repository.read')(repo_name=repo.repo_name):
1584 elif HasRepoPermissionLevel('read')(repo.repo_name):
1596 1585 if not isinstance(owner, Optional):
1597 1586 # forbid setting owner for non-admins
1598 1587 raise JSONRPCError(
@@ -1669,8 +1658,7 b' class ApiController(JSONRPCController):'
1669 1658 repo = get_repo_or_error(repoid)
1670 1659
1671 1660 if not HasPermissionAny('hg.admin')():
1672 # check if we have admin permission for this repo !
1673 if not HasRepoPermissionAny('repository.admin')(repo_name=repo.repo_name):
1661 if not HasRepoPermissionLevel('admin')(repo.repo_name):
1674 1662 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
1675 1663
1676 1664 try:
@@ -1821,10 +1809,7 b' class ApiController(JSONRPCController):'
1821 1809 perm = get_perm_or_error(perm)
1822 1810 user_group = get_user_group_or_error(usergroupid)
1823 1811 if not HasPermissionAny('hg.admin')():
1824 # check if we have admin permission for this repo !
1825 _perms = ('repository.admin',)
1826 if not HasRepoPermissionAny(*_perms)(
1827 repo_name=repo.repo_name):
1812 if not HasRepoPermissionLevel('admin')(repo.repo_name):
1828 1813 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
1829 1814
1830 1815 # check if we have at least read permission for this user group !
@@ -1877,10 +1862,7 b' class ApiController(JSONRPCController):'
1877 1862 repo = get_repo_or_error(repoid)
1878 1863 user_group = get_user_group_or_error(usergroupid)
1879 1864 if not HasPermissionAny('hg.admin')():
1880 # check if we have admin permission for this repo !
1881 _perms = ('repository.admin',)
1882 if not HasRepoPermissionAny(*_perms)(
1883 repo_name=repo.repo_name):
1865 if not HasRepoPermissionLevel('admin')(repo.repo_name):
1884 1866 raise JSONRPCError('repository `%s` does not exist' % (repoid,))
1885 1867
1886 1868 # check if we have at least read permission for this user group !
Show file before | Show file after | Hide comments
@@ -34,7 +34,7 b' from webob.exc import HTTPFound, HTTPNot'
34 34
35 35 import kallithea.lib.helpers as h
36 36 from kallithea.config.routing import url
37 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
37 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
38 38 from kallithea.lib.base import BaseRepoController, render
39 39 from kallithea.lib.compat import json
40 40 from kallithea.lib.graphmod import graph_data
@@ -92,8 +92,7 b' class ChangelogController(BaseRepoContro'
92 92 raise HTTPBadRequest()
93 93
94 94 @LoginRequired()
95 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
96 'repository.admin')
95 @HasRepoPermissionLevelDecorator('read')
97 96 def index(self, repo_name, revision=None, f_path=None):
98 97 # Fix URL after page size form submission via GET
99 98 # TODO: Somehow just don't send this extra junk in the GET URL
@@ -179,8 +178,7 b' class ChangelogController(BaseRepoContro'
179 178 return render('changelog/changelog.html')
180 179
181 180 @LoginRequired()
182 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
183 'repository.admin')
181 @HasRepoPermissionLevelDecorator('read')
184 182 def changelog_details(self, cs):
185 183 if request.environ.get('HTTP_X_PARTIAL_XHR'):
186 184 c.cs = c.db_repo_scm_instance.get_changeset(cs)
@@ -188,8 +186,7 b' class ChangelogController(BaseRepoContro'
188 186 raise HTTPNotFound()
189 187
190 188 @LoginRequired()
191 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
192 'repository.admin')
189 @HasRepoPermissionLevelDecorator('read')
193 190 def changelog_summary(self, repo_name):
194 191 if request.environ.get('HTTP_X_PARTIAL_XHR'):
195 192 _load_changelog_summary()
Show file before | Show file after | Hide comments
@@ -38,7 +38,7 b' from kallithea.lib.vcs.exceptions import'
38 38
39 39 from kallithea.lib.compat import json
40 40 import kallithea.lib.helpers as h
41 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \
41 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
42 42 NotAnonymous
43 43 from kallithea.lib.base import BaseRepoController, render, jsonify
44 44 from kallithea.lib.utils import action_logger
@@ -337,33 +337,28 b' class ChangesetController(BaseRepoContro'
337 337 return render('changeset/changeset_range.html')
338 338
339 339 @LoginRequired()
340 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
341 'repository.admin')
340 @HasRepoPermissionLevelDecorator('read')
342 341 def index(self, revision, method='show'):
343 342 return self._index(revision, method=method)
344 343
345 344 @LoginRequired()
346 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
347 'repository.admin')
345 @HasRepoPermissionLevelDecorator('read')
348 346 def changeset_raw(self, revision):
349 347 return self._index(revision, method='raw')
350 348
351 349 @LoginRequired()
352 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
353 'repository.admin')
350 @HasRepoPermissionLevelDecorator('read')
354 351 def changeset_patch(self, revision):
355 352 return self._index(revision, method='patch')
356 353
357 354 @LoginRequired()
358 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
359 'repository.admin')
355 @HasRepoPermissionLevelDecorator('read')
360 356 def changeset_download(self, revision):
361 357 return self._index(revision, method='download')
362 358
363 359 @LoginRequired()
364 360 @NotAnonymous()
365 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
366 'repository.admin')
361 @HasRepoPermissionLevelDecorator('read')
367 362 @jsonify
368 363 def comment(self, repo_name, revision):
369 364 assert request.environ.get('HTTP_X_PARTIAL_XHR')
@@ -414,15 +409,14 b' class ChangesetController(BaseRepoContro'
414 409
415 410 @LoginRequired()
416 411 @NotAnonymous()
417 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
418 'repository.admin')
412 @HasRepoPermissionLevelDecorator('read')
419 413 @jsonify
420 414 def delete_comment(self, repo_name, comment_id):
421 415 co = ChangesetComment.get_or_404(comment_id)
422 416 if co.repo.repo_name != repo_name:
423 417 raise HTTPNotFound()
424 418 owner = co.author_id == request.authuser.user_id
425 repo_admin = h.HasRepoPermissionAny('repository.admin')(repo_name)
419 repo_admin = h.HasRepoPermissionLevel('admin')(repo_name)
426 420 if h.HasPermissionAny('hg.admin')() or repo_admin or owner:
427 421 ChangesetCommentsModel().delete(comment=co)
428 422 Session().commit()
@@ -431,8 +425,7 b' class ChangesetController(BaseRepoContro'
431 425 raise HTTPForbidden()
432 426
433 427 @LoginRequired()
434 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
435 'repository.admin')
428 @HasRepoPermissionLevelDecorator('read')
436 429 @jsonify
437 430 def changeset_info(self, repo_name, revision):
438 431 if request.is_xhr:
@@ -444,8 +437,7 b' class ChangesetController(BaseRepoContro'
444 437 raise HTTPBadRequest()
445 438
446 439 @LoginRequired()
447 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
448 'repository.admin')
440 @HasRepoPermissionLevelDecorator('read')
449 441 @jsonify
450 442 def changeset_children(self, repo_name, revision):
451 443 if request.is_xhr:
@@ -458,8 +450,7 b' class ChangesetController(BaseRepoContro'
458 450 raise HTTPBadRequest()
459 451
460 452 @LoginRequired()
461 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
462 'repository.admin')
453 @HasRepoPermissionLevelDecorator('read')
463 454 @jsonify
464 455 def changeset_parents(self, repo_name, revision):
465 456 if request.is_xhr:
Show file before | Show file after | Hide comments
@@ -39,7 +39,7 b' from kallithea.lib.utils2 import safe_st'
39 39 from kallithea.lib.vcs.utils.hgcompat import unionrepo
40 40 from kallithea.lib import helpers as h
41 41 from kallithea.lib.base import BaseRepoController, render
42 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
42 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
43 43 from kallithea.lib import diffs
44 44 from kallithea.model.db import Repository
45 45 from kallithea.lib.diffs import LimitedDiffContainer
@@ -168,16 +168,14 b' class CompareController(BaseRepoControll'
168 168 return other_changesets, org_changesets, ancestors
169 169
170 170 @LoginRequired()
171 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
172 'repository.admin')
171 @HasRepoPermissionLevelDecorator('read')
173 172 def index(self, repo_name):
174 173 c.compare_home = True
175 174 c.a_ref_name = c.cs_ref_name = _('Select changeset')
176 175 return render('compare/compare_diff.html')
177 176
178 177 @LoginRequired()
179 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
180 'repository.admin')
178 @HasRepoPermissionLevelDecorator('read')
181 179 def compare(self, repo_name, org_ref_type, org_ref_name, other_ref_type, other_ref_name):
182 180 org_ref_name = org_ref_name.strip()
183 181 other_ref_name = other_ref_name.strip()
Show file before | Show file after | Hide comments
@@ -36,7 +36,7 b' from webhelpers.feedgenerator import Ato'
36 36
37 37 from kallithea import CONFIG
38 38 from kallithea.lib import helpers as h
39 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
39 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
40 40 from kallithea.lib.base import BaseRepoController
41 41 from kallithea.lib.diffs import DiffProcessor, LimitedDiffContainer
42 42 from kallithea.model.db import CacheInvalidation
@@ -52,8 +52,7 b' ttl = "5"'
52 52 class FeedController(BaseRepoController):
53 53
54 54 @LoginRequired(api_access=True)
55 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
56 'repository.admin')
55 @HasRepoPermissionLevelDecorator('read')
57 56 def __before__(self):
58 57 super(FeedController, self).__before__()
59 58
Show file before | Show file after | Hide comments
@@ -44,7 +44,7 b' from kallithea.lib import helpers as h'
44 44 from kallithea.lib.compat import OrderedDict
45 45 from kallithea.lib.utils2 import convert_line_endings, detect_mode, safe_str, \
46 46 str2bool, safe_int
47 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
47 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
48 48 from kallithea.lib.base import BaseRepoController, render, jsonify
49 49 from kallithea.lib.vcs.backends.base import EmptyChangeset
50 50 from kallithea.lib.vcs.conf import settings
@@ -125,8 +125,7 b' class FilesController(BaseRepoController'
125 125 return file_node
126 126
127 127 @LoginRequired()
128 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
129 'repository.admin')
128 @HasRepoPermissionLevelDecorator('read')
130 129 def index(self, repo_name, revision, f_path, annotate=False):
131 130 # redirect to given revision from form if given
132 131 post_revision = request.POST.get('at_rev', None)
@@ -199,8 +198,7 b' class FilesController(BaseRepoController'
199 198 return render('files/files.html')
200 199
201 200 @LoginRequired()
202 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
203 'repository.admin')
201 @HasRepoPermissionLevelDecorator('read')
204 202 @jsonify
205 203 def history(self, repo_name, revision, f_path):
206 204 changeset = self.__get_cs(revision)
@@ -222,8 +220,7 b' class FilesController(BaseRepoController'
222 220 return data
223 221
224 222 @LoginRequired()
225 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
226 'repository.admin')
223 @HasRepoPermissionLevelDecorator('read')
227 224 def authors(self, repo_name, revision, f_path):
228 225 changeset = self.__get_cs(revision)
229 226 _file = changeset.get_node(f_path)
@@ -235,8 +232,7 b' class FilesController(BaseRepoController'
235 232 return render('files/files_history_box.html')
236 233
237 234 @LoginRequired()
238 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
239 'repository.admin')
235 @HasRepoPermissionLevelDecorator('read')
240 236 def rawfile(self, repo_name, revision, f_path):
241 237 cs = self.__get_cs(revision)
242 238 file_node = self.__get_filenode(cs, f_path)
@@ -248,8 +244,7 b' class FilesController(BaseRepoController'
248 244 return file_node.content
249 245
250 246 @LoginRequired()
251 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
252 'repository.admin')
247 @HasRepoPermissionLevelDecorator('read')
253 248 def raw(self, repo_name, revision, f_path):
254 249 cs = self.__get_cs(revision)
255 250 file_node = self.__get_filenode(cs, f_path)
@@ -295,7 +290,7 b' class FilesController(BaseRepoController'
295 290 return file_node.content
296 291
297 292 @LoginRequired()
298 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
293 @HasRepoPermissionLevelDecorator('write')
299 294 def delete(self, repo_name, revision, f_path):
300 295 repo = c.db_repo
301 296 if repo.enable_locking and repo.locked[0]:
@@ -355,7 +350,7 b' class FilesController(BaseRepoController'
355 350 return render('files/files_delete.html')
356 351
357 352 @LoginRequired()
358 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
353 @HasRepoPermissionLevelDecorator('write')
359 354 def edit(self, repo_name, revision, f_path):
360 355 repo = c.db_repo
361 356 if repo.enable_locking and repo.locked[0]:
@@ -421,7 +416,7 b' class FilesController(BaseRepoController'
421 416 return render('files/files_edit.html')
422 417
423 418 @LoginRequired()
424 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
419 @HasRepoPermissionLevelDecorator('write')
425 420 def add(self, repo_name, revision, f_path):
426 421
427 422 repo = c.db_repo
@@ -502,8 +497,7 b' class FilesController(BaseRepoController'
502 497 return render('files/files_add.html')
503 498
504 499 @LoginRequired()
505 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
506 'repository.admin')
500 @HasRepoPermissionLevelDecorator('read')
507 501 def archivefile(self, repo_name, fname):
508 502 fileformat = None
509 503 revision = None
@@ -589,8 +583,7 b' class FilesController(BaseRepoController'
589 583 return get_chunked_archive(archive_path)
590 584
591 585 @LoginRequired()
592 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
593 'repository.admin')
586 @HasRepoPermissionLevelDecorator('read')
594 587 def diff(self, repo_name, f_path):
595 588 ignore_whitespace = request.GET.get('ignorews') == '1'
596 589 line_context = safe_int(request.GET.get('context'), 3)
@@ -693,8 +686,7 b' class FilesController(BaseRepoController'
693 686 return render('files/file_diff.html')
694 687
695 688 @LoginRequired()
696 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
697 'repository.admin')
689 @HasRepoPermissionLevelDecorator('read')
698 690 def diff_2way(self, repo_name, f_path):
699 691 diff1 = request.GET.get('diff1', '')
700 692 diff2 = request.GET.get('diff2', '')
@@ -781,8 +773,7 b' class FilesController(BaseRepoController'
781 773 return hist_l, changesets
782 774
783 775 @LoginRequired()
784 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
785 'repository.admin')
776 @HasRepoPermissionLevelDecorator('read')
786 777 @jsonify
787 778 def nodelist(self, repo_name, revision, f_path):
788 779 if request.environ.get('HTTP_X_PARTIAL_XHR'):
Show file before | Show file after | Hide comments
@@ -29,7 +29,7 b' import logging'
29 29
30 30 from pylons import tmpl_context as c, request
31 31
32 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
32 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
33 33 from kallithea.lib.base import BaseRepoController, render
34 34 from kallithea.lib.page import Page
35 35 from kallithea.lib.utils2 import safe_int
@@ -44,8 +44,7 b' class FollowersController(BaseRepoContro'
44 44 super(FollowersController, self).__before__()
45 45
46 46 @LoginRequired()
47 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
48 'repository.admin')
47 @HasRepoPermissionLevelDecorator('read')
49 48 def followers(self, repo_name):
50 49 p = safe_int(request.GET.get('page'), 1)
51 50 repo_id = c.db_repo.repo_id
Show file before | Show file after | Hide comments
@@ -37,8 +37,8 b' from webob.exc import HTTPFound'
37 37 import kallithea.lib.helpers as h
38 38
39 39 from kallithea.config.routing import url
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \
41 NotAnonymous, HasRepoPermissionAny, HasPermissionAnyDecorator, HasPermissionAny
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
41 NotAnonymous, HasRepoPermissionLevel, HasPermissionAnyDecorator, HasPermissionAny
42 42 from kallithea.lib.base import BaseRepoController, render
43 43 from kallithea.lib.page import Page
44 44 from kallithea.lib.utils2 import safe_int
@@ -108,16 +108,13 b' class ForksController(BaseRepoController'
108 108 return defaults
109 109
110 110 @LoginRequired()
111 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
112 'repository.admin')
111 @HasRepoPermissionLevelDecorator('read')
113 112 def forks(self, repo_name):
114 113 p = safe_int(request.GET.get('page'), 1)
115 114 repo_id = c.db_repo.repo_id
116 115 d = []
117 116 for r in Repository.get_repo_forks(repo_id):
118 if not HasRepoPermissionAny(
119 'repository.read', 'repository.write', 'repository.admin'
120 )(r.repo_name, 'get forks check'):
117 if not HasRepoPermissionLevel('read')(r.repo_name, 'get forks check'):
121 118 continue
122 119 d.append(r)
123 120 c.forks_pager = Page(d, page=p, items_per_page=20)
@@ -130,8 +127,7 b' class ForksController(BaseRepoController'
130 127 @LoginRequired()
131 128 @NotAnonymous()
132 129 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
133 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
134 'repository.admin')
130 @HasRepoPermissionLevelDecorator('read')
135 131 def fork(self, repo_name):
136 132 c.repo_info = Repository.get_by_repo_name(repo_name)
137 133 if not c.repo_info:
@@ -149,8 +145,7 b' class ForksController(BaseRepoController'
149 145 @LoginRequired()
150 146 @NotAnonymous()
151 147 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
152 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
153 'repository.admin')
148 @HasRepoPermissionLevelDecorator('read')
154 149 def fork_create(self, repo_name):
155 150 self.__load_defaults()
156 151 c.repo_info = Repository.get_by_repo_name(repo_name)
Show file before | Show file after | Hide comments
@@ -35,7 +35,7 b' from sqlalchemy.sql.expression import fu'
35 35
36 36 from kallithea.lib.utils import conditional_cache
37 37 from kallithea.lib.compat import json
38 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
38 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator
39 39 from kallithea.lib.base import BaseController, render, jsonify
40 40 from kallithea.model.db import Repository, RepoGroup
41 41 from kallithea.model.repo import RepoModel
@@ -113,8 +113,7 b' class HomeController(BaseController):'
113 113 raise HTTPBadRequest()
114 114
115 115 @LoginRequired()
116 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
117 'repository.admin')
116 @HasRepoPermissionLevelDecorator('read')
118 117 @jsonify
119 118 def repo_refs_data(self, repo_name):
120 119 repo = Repository.get_by_repo_name(repo_name).scm_instance
Show file before | Show file after | Hide comments
@@ -37,7 +37,7 b' from webob.exc import HTTPFound, HTTPNot'
37 37 from kallithea.config.routing import url
38 38 from kallithea.lib import helpers as h
39 39 from kallithea.lib import diffs
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \
40 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
41 41 NotAnonymous
42 42 from kallithea.lib.base import BaseRepoController, render, jsonify
43 43 from kallithea.lib.compat import json, OrderedDict
@@ -190,8 +190,7 b' class PullrequestsController(BaseRepoCon'
190 190 return request.authuser.admin or owner or reviewer
191 191
192 192 @LoginRequired()
193 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
194 'repository.admin')
193 @HasRepoPermissionLevelDecorator('read')
195 194 def show_all(self, repo_name):
196 195 c.from_ = request.GET.get('from_') or ''
197 196 c.closed = request.GET.get('closed') or ''
@@ -236,8 +235,7 b' class PullrequestsController(BaseRepoCon'
236 235
237 236 @LoginRequired()
238 237 @NotAnonymous()
239 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
240 'repository.admin')
238 @HasRepoPermissionLevelDecorator('read')
241 239 def index(self):
242 240 org_repo = c.db_repo
243 241 org_scm_instance = org_repo.scm_instance
@@ -293,8 +291,7 b' class PullrequestsController(BaseRepoCon'
293 291
294 292 @LoginRequired()
295 293 @NotAnonymous()
296 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
297 'repository.admin')
294 @HasRepoPermissionLevelDecorator('read')
298 295 @jsonify
299 296 def repo_info(self, repo_name):
300 297 repo = c.db_repo
@@ -307,8 +304,7 b' class PullrequestsController(BaseRepoCon'
307 304
308 305 @LoginRequired()
309 306 @NotAnonymous()
310 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
311 'repository.admin')
307 @HasRepoPermissionLevelDecorator('read')
312 308 def create(self, repo_name):
313 309 repo = c.db_repo
314 310 try:
@@ -513,8 +509,7 b' class PullrequestsController(BaseRepoCon'
513 509 # pullrequest_post for PR editing
514 510 @LoginRequired()
515 511 @NotAnonymous()
516 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
517 'repository.admin')
512 @HasRepoPermissionLevelDecorator('read')
518 513 def post(self, repo_name, pull_request_id):
519 514 pull_request = PullRequest.get_or_404(pull_request_id)
520 515 if pull_request.is_closed():
@@ -522,7 +517,7 b' class PullrequestsController(BaseRepoCon'
522 517 assert pull_request.other_repo.repo_name == repo_name
523 518 #only owner or admin can update it
524 519 owner = pull_request.owner_id == request.authuser.user_id
525 repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)
520 repo_admin = h.HasRepoPermissionLevel('admin')(c.repo_name)
526 521 if not (h.HasPermissionAny('hg.admin')() or repo_admin or owner):
527 522 raise HTTPForbidden()
528 523
@@ -571,8 +566,7 b' class PullrequestsController(BaseRepoCon'
571 566
572 567 @LoginRequired()
573 568 @NotAnonymous()
574 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
575 'repository.admin')
569 @HasRepoPermissionLevelDecorator('read')
576 570 @jsonify
577 571 def delete(self, repo_name, pull_request_id):
578 572 pull_request = PullRequest.get_or_404(pull_request_id)
@@ -586,8 +580,7 b' class PullrequestsController(BaseRepoCon'
586 580 raise HTTPForbidden()
587 581
588 582 @LoginRequired()
589 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
590 'repository.admin')
583 @HasRepoPermissionLevelDecorator('read')
591 584 def show(self, repo_name, pull_request_id, extra=None):
592 585 repo_model = RepoModel()
593 586 c.users_array = repo_model.get_users_js()
@@ -775,8 +768,7 b' class PullrequestsController(BaseRepoCon'
775 768
776 769 @LoginRequired()
777 770 @NotAnonymous()
778 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
779 'repository.admin')
771 @HasRepoPermissionLevelDecorator('read')
780 772 @jsonify
781 773 def comment(self, repo_name, pull_request_id):
782 774 pull_request = PullRequest.get_or_404(pull_request_id)
@@ -800,8 +792,8 b' class PullrequestsController(BaseRepoCon'
800 792 if delete == "delete":
801 793 if (pull_request.owner_id == request.authuser.user_id or
802 794 h.HasPermissionAny('hg.admin')() or
803 h.HasRepoPermissionAny('repository.admin')(pull_request.org_repo.repo_name) or
804 h.HasRepoPermissionAny('repository.admin')(pull_request.other_repo.repo_name)
795 h.HasRepoPermissionLevel('admin')(pull_request.org_repo.repo_name) or
796 h.HasRepoPermissionLevel('admin')(pull_request.other_repo.repo_name)
805 797 ) and not pull_request.is_closed():
806 798 PullRequestModel().delete(pull_request)
807 799 Session().commit()
@@ -861,8 +853,7 b' class PullrequestsController(BaseRepoCon'
861 853
862 854 @LoginRequired()
863 855 @NotAnonymous()
864 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
865 'repository.admin')
856 @HasRepoPermissionLevelDecorator('read')
866 857 @jsonify
867 858 def delete_comment(self, repo_name, comment_id):
868 859 co = ChangesetComment.get(comment_id)
@@ -871,7 +862,7 b' class PullrequestsController(BaseRepoCon'
871 862 raise HTTPForbidden()
872 863
873 864 owner = co.author_id == request.authuser.user_id
874 repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)
865 repo_admin = h.HasRepoPermissionLevel('admin')(c.repo_name)
875 866 if h.HasPermissionAny('hg.admin')() or repo_admin or owner:
876 867 ChangesetCommentsModel().delete(comment=co)
877 868 Session().commit()
Show file before | Show file after | Hide comments
@@ -43,7 +43,7 b' from kallithea.lib.vcs.exceptions import'
43 43 from kallithea.config.conf import ALL_READMES, ALL_EXTS, LANGUAGES_EXTENSIONS_MAP
44 44 from kallithea.model.db import Statistics, CacheInvalidation, User
45 45 from kallithea.lib.utils2 import safe_str
46 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \
46 from kallithea.lib.auth import LoginRequired, HasRepoPermissionLevelDecorator, \
47 47 NotAnonymous
48 48 from kallithea.lib.base import BaseRepoController, render, jsonify
49 49 from kallithea.lib.vcs.backends.base import EmptyChangeset
@@ -107,8 +107,7 b' class SummaryController(BaseRepoControll'
107 107 return _get_readme_from_cache(repo_name, kind)
108 108
109 109 @LoginRequired()
110 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
111 'repository.admin')
110 @HasRepoPermissionLevelDecorator('read')
112 111 def index(self, repo_name):
113 112 _load_changelog_summary()
114 113
@@ -161,8 +160,7 b' class SummaryController(BaseRepoControll'
161 160
162 161 @LoginRequired()
163 162 @NotAnonymous()
164 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
165 'repository.admin')
163 @HasRepoPermissionLevelDecorator('read')
166 164 @jsonify
167 165 def repo_size(self, repo_name):
168 166 if request.is_xhr:
@@ -171,8 +169,7 b' class SummaryController(BaseRepoControll'
171 169 raise HTTPBadRequest()
172 170
173 171 @LoginRequired()
174 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
175 'repository.admin')
172 @HasRepoPermissionLevelDecorator('read')
176 173 def statistics(self, repo_name):
177 174 if c.db_repo.enable_statistics:
178 175 c.show_stats = True
Show file before | Show file after | Hide comments
@@ -537,6 +537,18 b' class AuthUser(object):'
537 537 def permissions(self):
538 538 return self.__get_perms(user=self, cache=False)
539 539
540 def has_repository_permission_level(self, repo_name, level, purpose=None):
541 required_perms = {
542 'read': ['repository.read', 'repository.write', 'repository.admin'],
543 'write': ['repository.write', 'repository.admin'],
544 'admin': ['repository.admin'],
545 }[level]
546 actual_perm = self.permissions['repositories'].get(repo_name)
547 ok = actual_perm in required_perms
548 log.debug('Checking if user %r can %r repo %r (%s): %s (has %r)',
549 self.username, level, repo_name, purpose, ok, actual_perm)
550 return ok
551
540 552 @property
541 553 def api_keys(self):
542 554 return self._get_api_keys()
@@ -836,17 +848,15 b' class HasPermissionAnyDecorator(_PermsDe'
836 848 return any(p in global_permissions for p in self.required_perms)
837 849
838 850
839 class HasRepoPermissionAnyDecorator(_PermsDecorator):
851 class HasRepoPermissionLevelDecorator(_PermsDecorator):
840 852 """
841 Checks the user has any of given permissions for the requested repository.
853 Checks the user has at least the specified permission level for the requested repository.
842 854 """
843 855
844 856 def check_permissions(self, user):
845 857 repo_name = get_repo_slug(request)
846 try:
847 return user.permissions['repositories'][repo_name] in self.required_perms
848 except KeyError:
849 return False
858 (level,) = self.required_perms
859 return user.has_repository_permission_level(repo_name, level)
850 860
851 861
852 862 class HasRepoGroupPermissionAnyDecorator(_PermsDecorator):
@@ -908,17 +918,11 b' class HasPermissionAny(_PermsFunction):'
908 918 return ok
909 919
910 920
911 class HasRepoPermissionAny(_PermsFunction):
921 class HasRepoPermissionLevel(_PermsFunction):
912 922
913 923 def __call__(self, repo_name, purpose=None):
914 try:
915 ok = request.user.permissions['repositories'][repo_name] in self.required_perms
916 except KeyError:
917 ok = False
918
919 log.debug('Check %s for %s for repo %s (%s): %s' %
920 (request.user.username, self.required_perms, repo_name, purpose, ok))
921 return ok
924 (level,) = self.required_perms
925 return request.user.has_repository_permission_level(repo_name, level, purpose)
922 926
923 927
924 928 class HasRepoGroupPermissionAny(_PermsFunction):
Show file before | Show file after | Hide comments
@@ -778,7 +778,7 b' def action_parser(user_log, feed=False, '
778 778 # PERMS
779 779 #==============================================================================
780 780 from kallithea.lib.auth import HasPermissionAny, \
781 HasRepoPermissionAny, HasRepoGroupPermissionAny
781 HasRepoPermissionLevel, HasRepoGroupPermissionAny
782 782
783 783
784 784 #==============================================================================
Show file before | Show file after | Hide comments
@@ -47,7 +47,7 b' from kallithea.model.db import Repositor'
47 47 Statistics, UserGroup, Ui, RepoGroup, RepositoryField
48 48
49 49 from kallithea.lib import helpers as h
50 from kallithea.lib.auth import HasRepoPermissionAny, HasUserGroupPermissionAny
50 from kallithea.lib.auth import HasRepoPermissionLevel, HasUserGroupPermissionAny
51 51 from kallithea.lib.exceptions import AttachedForksError
52 52 from kallithea.model.scm import UserGroupList
53 53
@@ -207,10 +207,7 b' class RepoModel(BaseModel):'
207 207 for repo in repos_list:
208 208 if perm_check:
209 209 # check permission at this level
210 if not HasRepoPermissionAny(
211 'repository.read', 'repository.write',
212 'repository.admin'
213 )(repo.repo_name, 'get_repos_as_dict check'):
210 if not HasRepoPermissionLevel('read')(repo.repo_name, 'get_repos_as_dict check'):
214 211 continue
215 212 cs_cache = repo.changeset_cache
216 213 row = {
Show file before | Show file after | Hide comments
@@ -49,7 +49,7 b' from kallithea import BACKENDS'
49 49 from kallithea.lib import helpers as h
50 50 from kallithea.lib.utils2 import safe_str, safe_unicode, get_server_url, \
51 51 _set_extras
52 from kallithea.lib.auth import HasRepoPermissionAny, HasRepoGroupPermissionAny, \
52 from kallithea.lib.auth import HasRepoPermissionLevel, HasRepoGroupPermissionAny, \
53 53 HasUserGroupPermissionAny, HasPermissionAny, HasPermissionAny
54 54 from kallithea.lib.utils import get_filesystem_repos, make_ui, \
55 55 action_logger
@@ -114,13 +114,10 b' class _PermCheckIterator(object):'
114 114
115 115 class RepoList(_PermCheckIterator):
116 116
117 def __init__(self, db_repo_list, perm_set=None, extra_kwargs=None):
118 if not perm_set:
119 perm_set = ['repository.read', 'repository.write', 'repository.admin']
120
117 def __init__(self, db_repo_list, perm_level, extra_kwargs=None):
121 118 super(RepoList, self).__init__(obj_list=db_repo_list,
122 obj_attr='repo_name', perm_set=perm_set,
123 perm_checker=HasRepoPermissionAny,
119 obj_attr='repo_name', perm_set=[perm_level],
120 perm_checker=HasRepoPermissionLevel,
124 121 extra_kwargs=extra_kwargs)
125 122
126 123
@@ -216,7 +213,7 b' class ScmModel(BaseModel):'
216 213
217 214 def get_repos(self, repos):
218 215 """Return the repos the user has access to"""
219 return RepoList(repos)
216 return RepoList(repos, perm_level='read')
220 217
221 218 def get_repo_groups(self, groups=None):
222 219 """Return the repo groups the user has access to
Show file before | Show file after | Hide comments
@@ -133,13 +133,13 b''
133 133 <input id="branch_switcher" name="branch_switcher" type="hidden">
134 134 </li>
135 135 <li class="${'active' if current == 'options' else ''} dropdown" data-context="options">
136 %if h.HasRepoPermissionAny('repository.admin')(c.repo_name):
136 %if h.HasRepoPermissionLevel('admin')(c.repo_name):
137 137 <a href="${h.url('edit_repo',repo_name=c.repo_name)}" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false" aria-haspopup="true"><i class="icon-wrench"></i> ${_('Options')} <i class="caret"></i></a>
138 138 %else:
139 139 <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false" aria-haspopup="true"><i class="icon-wrench"></i> ${_('Options')} <i class="caret"></i></a>
140 140 %endif
141 141 <ul class="dropdown-menu" role="menu" aria-hidden="true">
142 %if h.HasRepoPermissionAny('repository.admin')(c.repo_name):
142 %if h.HasRepoPermissionLevel('admin')(c.repo_name):
143 143 <li><a href="${h.url('edit_repo',repo_name=c.repo_name)}"><i class="icon-gear"></i> ${_('Settings')}</a></li>
144 144 %endif
145 145 %if c.db_repo.fork:
@@ -150,7 +150,7 b''
150 150
151 151 <li><a href="${h.url('search_repo',repo_name=c.repo_name)}"><i class="icon-search"></i> ${_('Search')}</a></li>
152 152
153 %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name) and c.db_repo.enable_locking:
153 %if h.HasRepoPermissionLevel('write')(c.repo_name) and c.db_repo.enable_locking:
154 154 %if c.db_repo.locked[0]:
155 155 <li><a href="${h.url('toggle_locking', repo_name=c.repo_name)}"><i class="icon-lock"></i> ${_('Unlock')}</a></li>
156 156 %else:
Show file before | Show file after | Hide comments
@@ -80,7 +80,7 b''
80 80 </ul>
81 81 %else:
82 82
83 %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name):
83 %if h.HasRepoPermissionLevel('write')(c.repo_name):
84 84 <h4>${_('Add or upload files directly via Kallithea')}</h4>
85 85 <div style="margin: 20px 30px;">
86 86 <div id="add_node_id" class="add_node">
Show file before | Show file after | Hide comments
@@ -24,7 +24,7 b''
24 24 <a class="permalink" href="${co.url()}">&para;</a>
25 25 </span>
26 26
27 %if co.author_id == request.authuser.user_id or h.HasRepoPermissionAny('repository.admin')(c.repo_name):
27 %if co.author_id == request.authuser.user_id or h.HasRepoPermissionLevel('admin')(c.repo_name):
28 28 %if co.deletable():
29 29 <div onClick="confirm('${_('Delete comment?')}') && deleteComment(${co.comment_id})" class="buttons delete-comment btn btn-default btn-xs" style="margin:0 5px">${_('Delete')}</div>
30 30 %endif
@@ -80,7 +80,7 b''
80 80 %endfor
81 81
82 82 %if c.pull_request is not None and ( \
83 h.HasPermissionAny('hg.admin')() or h.HasRepoPermissionAny('repository.admin')(c.repo_name) \
83 h.HasPermissionAny('hg.admin')() or h.HasRepoPermissionLevel('admin')(c.repo_name) \
84 84 or c.pull_request.owner_id == request.authuser.user_id):
85 85 <div>
86 86 ${_('Finish pull request')}:
Show file before | Show file after | Hide comments
@@ -48,7 +48,7 b''
48 48 ${h.link_to(_('Show Annotation'),h.url('files_annotate_home',repo_name=c.repo_name,revision=c.cs.raw_id,f_path=c.f_path),class_="btn btn-default btn-xs")}
49 49 ${h.link_to(_('Show as Raw'),h.url('files_raw_home',repo_name=c.repo_name,revision=c.cs.raw_id,f_path=c.f_path),class_="btn btn-default btn-xs")}
50 50 ${h.link_to(_('Download as Raw'),h.url('files_rawfile_home',repo_name=c.repo_name,revision=c.cs.raw_id,f_path=c.f_path),class_="btn btn-default btn-xs")}
51 % if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name):
51 % if h.HasRepoPermissionLevel('write')(c.repo_name):
52 52 % if not c.file.is_binary:
53 53 ${h.link_to(_('Source'),h.url('files_home',repo_name=c.repo_name,revision=c.cs.raw_id,f_path=c.f_path),class_="btn btn-default btn-xs")}
54 54 % endif
Show file before | Show file after | Hide comments
@@ -34,7 +34,7 b''
34 34 %endif
35 35 ${h.link_to(_('Show as Raw'),h.url('files_raw_home',repo_name=c.repo_name,revision=c.changeset.raw_id,f_path=c.f_path),class_="btn btn-default btn-xs")}
36 36 ${h.link_to(_('Download as Raw'),h.url('files_rawfile_home',repo_name=c.repo_name,revision=c.changeset.raw_id,f_path=c.f_path),class_="btn btn-default btn-xs")}
37 %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name):
37 %if h.HasRepoPermissionLevel('write')(c.repo_name):
38 38 %if c.on_branch_head and not c.file.is_binary:
39 39 ${h.link_to(_('Edit on Branch: %s') % c.changeset.branch, h.url('files_edit_home',repo_name=c.repo_name,revision=c.changeset.raw_id,f_path=c.f_path, anchor='edit'),class_="btn btn-default btn-xs")}
40 40 ${h.link_to(_('Delete'), h.url('files_delete_home',repo_name=c.repo_name,revision=c.changeset.raw_id,f_path=c.f_path, anchor='edit'),class_="btn btn-danger btn-xs")}
Show file before | Show file after | Hide comments
@@ -5,7 +5,7 b''
5 5 - ${_('annotation')}
6 6 %endif
7 7 %if c.file.is_dir():
8 % if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name):
8 % if h.HasRepoPermissionLevel('write')(c.repo_name):
9 9 / <span title="${_('Add New File')}">
10 10 <a href="${h.url('files_add_home',repo_name=c.repo_name,revision=c.changeset.raw_id,f_path=c.f_path, anchor='edit')}">
11 11 <i class="icon-plus-circled" style="color:#5bb75b; font-size: 16px"></i></a>
Show file before | Show file after | Hide comments
@@ -15,7 +15,7 b''
15 15 </%block>
16 16
17 17 <%def name="main()">
18 <% editable = not c.pull_request.is_closed() and (h.HasPermissionAny('hg.admin')() or h.HasRepoPermissionAny('repository.admin')(c.repo_name) or c.pull_request.owner_id == request.authuser.user_id) %>
18 <% editable = not c.pull_request.is_closed() and (h.HasPermissionAny('hg.admin')() or h.HasRepoPermissionLevel('admin')(c.repo_name) or c.pull_request.owner_id == request.authuser.user_id) %>
19 19 ${self.repo_context_bar('showpullrequest')}
20 20 <div class="panel panel-primary">
21 21 <div class="panel-heading clearfix">
Show file before | Show file after | Hide comments
@@ -1,7 +1,7 b''
1 1 ##commit highlighting
2 2
3 3 %for cnt,sr in enumerate(c.formated_results):
4 %if h.HasRepoPermissionAny('repository.write','repository.read','repository.admin')(sr['repository'],'search results check'):
4 %if h.HasRepoPermissionLevel('read')(sr['repository'],'search results check'):
5 5 <div id="body${cnt}" class="codeblock">
6 6 <div class="code-header">
7 7 <div class="search-path">${h.link_to(h.literal('%s &raquo; %s' % (sr['repository'],sr['raw_id'])),
Show file before | Show file after | Hide comments
@@ -1,7 +1,7 b''
1 1 ##content highlighting
2 2
3 3 %for cnt,sr in enumerate(c.formated_results):
4 %if h.HasRepoPermissionAny('repository.write','repository.read','repository.admin')(sr['repository'],'search results check'):
4 %if h.HasRepoPermissionLevel('read')(sr['repository'],'search results check'):
5 5 <div id="body${cnt}" class="codeblock">
6 6 <div class="code-header">
7 7 <div class="search-path">${h.link_to(h.literal('%s &raquo; %s' % (sr['repository'],sr['f_path'])),
Show file before | Show file after | Hide comments
@@ -1,7 +1,7 b''
1 1 ##path search
2 2
3 3 %for cnt,sr in enumerate(c.formated_results):
4 %if h.HasRepoPermissionAny('repository.write','repository.read','repository.admin')(sr['repository'],'search results check'):
4 %if h.HasRepoPermissionLevel('read')(sr['repository'],'search results check'):
5 5 <div class="panel panel-default">
6 6 <div class="panel-heading">
7 7 ${h.link_to(h.literal('%s &raquo; %s' % (sr['repository'],sr['f_path'])),
General Comments 0
You need to be logged in to leave comments. Login now