##// END OF EJS Templates
moved permission management into separate entity....
marcink -
r3628:c734686b beta
parent child Browse files
Show More
@@ -127,6 +127,11 b' def make_map(config):'
127 m.connect("formatted_repo", "/repos/{repo_name:.*?}.{format}",
127 m.connect("formatted_repo", "/repos/{repo_name:.*?}.{format}",
128 action="show", conditions=dict(method=["GET"],
128 action="show", conditions=dict(method=["GET"],
129 function=check_repo))
129 function=check_repo))
130 #add repo perm member
131 m.connect('set_repo_perm_member', "/set_repo_perm_member/{repo_name:.*?}",
132 action="set_repo_perm_member",
133 conditions=dict(method=["POST"], function=check_repo))
134
130 #ajax delete repo perm user
135 #ajax delete repo perm user
131 m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}",
136 m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}",
132 action="delete_perm_user",
137 action="delete_perm_user",
@@ -45,7 +45,7 b' from rhodecode.lib.helpers import get_to'
45 from rhodecode.model.meta import Session
45 from rhodecode.model.meta import Session
46 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\
46 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\
47 RhodeCodeSetting, RepositoryField
47 RhodeCodeSetting, RepositoryField
48 from rhodecode.model.forms import RepoForm, RepoFieldForm
48 from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm
49 from rhodecode.model.scm import ScmModel, GroupList
49 from rhodecode.model.scm import ScmModel, GroupList
50 from rhodecode.model.repo import RepoModel
50 from rhodecode.model.repo import RepoModel
51 from rhodecode.lib.compat import json
51 from rhodecode.lib.compat import json
@@ -330,6 +330,42 b' class ReposController(BaseRepoController'
330 return redirect(url('repos'))
330 return redirect(url('repos'))
331
331
332 @HasRepoPermissionAllDecorator('repository.admin')
332 @HasRepoPermissionAllDecorator('repository.admin')
333 def set_repo_perm_member(self, repo_name):
334 form = RepoPermsForm()().to_python(request.POST)
335
336 perms_new = form['perms_new']
337 perms_updates = form['perms_updates']
338 cur_repo = repo_name
339
340 # update permissions
341 for member, perm, member_type in perms_updates:
342 if member_type == 'user':
343 # this updates existing one
344 RepoModel().grant_user_permission(
345 repo=cur_repo, user=member, perm=perm
346 )
347 else:
348 RepoModel().grant_users_group_permission(
349 repo=cur_repo, group_name=member, perm=perm
350 )
351 # set new permissions
352 for member, perm, member_type in perms_new:
353 if member_type == 'user':
354 RepoModel().grant_user_permission(
355 repo=cur_repo, user=member, perm=perm
356 )
357 else:
358 RepoModel().grant_users_group_permission(
359 repo=cur_repo, group_name=member, perm=perm
360 )
361 #TODO: implement this
362 #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions',
363 # repo_name, self.ip_addr, self.sa)
364 Session().commit()
365 h.flash(_('updated repository permissions'), category='success')
366 return redirect(url('edit_repo', repo_name=repo_name))
367
368 @HasRepoPermissionAllDecorator('repository.admin')
333 def delete_perm_user(self, repo_name):
369 def delete_perm_user(self, repo_name):
334 """
370 """
335 DELETE an existing repository permission user
371 DELETE an existing repository permission user
@@ -339,6 +375,9 b' class ReposController(BaseRepoController'
339 try:
375 try:
340 RepoModel().revoke_user_permission(repo=repo_name,
376 RepoModel().revoke_user_permission(repo=repo_name,
341 user=request.POST['user_id'])
377 user=request.POST['user_id'])
378 #TODO: implement this
379 #action_logger(self.rhodecode_user, 'admin_revoked_repo_permissions',
380 # repo_name, self.ip_addr, self.sa)
342 Session().commit()
381 Session().commit()
343 except Exception:
382 except Exception:
344 log.error(traceback.format_exc())
383 log.error(traceback.format_exc())
@@ -199,11 +199,18 b' def RepoForm(edit=False, old_data={}, su'
199 user = All(v.UnicodeString(not_empty=True), v.ValidRepoUser())
199 user = All(v.UnicodeString(not_empty=True), v.ValidRepoUser())
200
200
201 chained_validators = [v.ValidCloneUri(),
201 chained_validators = [v.ValidCloneUri(),
202 v.ValidRepoName(edit, old_data),
202 v.ValidRepoName(edit, old_data)]
203 v.ValidPerms()]
204 return _RepoForm
203 return _RepoForm
205
204
206
205
206 def RepoPermsForm():
207 class _RepoPermsForm(formencode.Schema):
208 allow_extra_fields = True
209 filter_extra_fields = False
210 chained_validators = [v.ValidPerms()]
211 return _RepoPermsForm
212
213
207 def RepoFieldForm():
214 def RepoFieldForm():
208 class _RepoFieldForm(formencode.Schema):
215 class _RepoFieldForm(formencode.Schema):
209 filter_extra_fields = True
216 filter_extra_fields = True
@@ -279,28 +279,6 b' class RepoModel(BaseModel):'
279 try:
279 try:
280 cur_repo = self.get_by_repo_name(org_repo_name, cache=False)
280 cur_repo = self.get_by_repo_name(org_repo_name, cache=False)
281
281
282 # update permissions
283 for member, perm, member_type in kwargs['perms_updates']:
284 if member_type == 'user':
285 # this updates existing one
286 RepoModel().grant_user_permission(
287 repo=cur_repo, user=member, perm=perm
288 )
289 else:
290 RepoModel().grant_users_group_permission(
291 repo=cur_repo, group_name=member, perm=perm
292 )
293 # set new permissions
294 for member, perm, member_type in kwargs['perms_new']:
295 if member_type == 'user':
296 RepoModel().grant_user_permission(
297 repo=cur_repo, user=member, perm=perm
298 )
299 else:
300 RepoModel().grant_users_group_permission(
301 repo=cur_repo, group_name=member, perm=perm
302 )
303
304 if 'user' in kwargs:
282 if 'user' in kwargs:
305 cur_repo.user = User.get_by_username(kwargs['user'])
283 cur_repo.user = User.get_by_username(kwargs['user'])
306
284
@@ -144,15 +144,6 b''
144 </div>
144 </div>
145 %endfor
145 %endfor
146 %endif
146 %endif
147 <div class="field">
148 <div class="label">
149 <label for="input">${_('Permissions')}:</label>
150 </div>
151 <div class="input">
152 <%include file="repo_edit_perms.html"/>
153 </div>
154 </div>
155
156 <div class="buttons">
147 <div class="buttons">
157 ${h.submit('save',_('Save'),class_="ui-btn large")}
148 ${h.submit('save',_('Save'),class_="ui-btn large")}
158 ${h.reset('reset',_('Reset'),class_="ui-btn large")}
149 ${h.reset('reset',_('Reset'),class_="ui-btn large")}
@@ -164,6 +155,31 b''
164
155
165 <div class="box box-right">
156 <div class="box box-right">
166 <div class="title">
157 <div class="title">
158 <h5>${_('Permissions')}</h5>
159 </div>
160 ${h.form(url('set_repo_perm_member', repo_name=c.repo_info.repo_name),method='post')}
161 <div class="form">
162 <div class="fields">
163 <div class="field">
164 <div class="label">
165 <label for="input">${_('Permissions')}:</label>
166 </div>
167 <div class="input">
168 <%include file="repo_edit_perms.html"/>
169 </div>
170 </div>
171 <div class="buttons">
172 ${h.submit('save',_('Save'),class_="ui-btn large")}
173 ${h.reset('reset',_('Reset'),class_="ui-btn large")}
174 </div>
175 </div>
176 </div>
177 ${h.end_form()}
178 </div>
179
180
181 <div class="box box-right" style="clear:right">
182 <div class="title">
167 <h5>${_('Advanced settings')}</h5>
183 <h5>${_('Advanced settings')}</h5>
168 </div>
184 </div>
169
185
General Comments 0
You need to be logged in to leave comments. Login now