Show More
| @@ -1,166 +1,165 | |||
|
|
1 | 1 | # -*- coding: utf-8 -*- |
|
|
2 | 2 | """ |
|
|
3 | 3 | rhodecode.controllers.admin.permissions |
|
|
4 | 4 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
|
5 | 5 | |
|
|
6 | 6 | permissions controller for Rhodecode |
|
|
7 | 7 | |
|
|
8 | 8 | :created_on: Apr 27, 2010 |
|
|
9 | 9 | :author: marcink |
|
|
10 | 10 | :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com> |
|
|
11 | 11 | :license: GPLv3, see COPYING for more details. |
|
|
12 | 12 | """ |
|
|
13 | 13 | # This program is free software: you can redistribute it and/or modify |
|
|
14 | 14 | # it under the terms of the GNU General Public License as published by |
|
|
15 | 15 | # the Free Software Foundation, either version 3 of the License, or |
|
|
16 | 16 | # (at your option) any later version. |
|
|
17 | 17 | # |
|
|
18 | 18 | # This program is distributed in the hope that it will be useful, |
|
|
19 | 19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
20 | 20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
|
21 | 21 | # GNU General Public License for more details. |
|
|
22 | 22 | # |
|
|
23 | 23 | # You should have received a copy of the GNU General Public License |
|
|
24 | 24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
|
25 | 25 | |
|
|
26 | 26 | from formencode import htmlfill |
|
|
27 | 27 | from pylons import request, session, tmpl_context as c, url |
|
|
28 | 28 | from pylons.controllers.util import abort, redirect |
|
|
29 | 29 | from pylons.i18n.translation import _ |
|
|
30 | 30 | from rhodecode.lib import helpers as h |
|
|
31 | 31 | from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator |
|
|
32 | from rhodecode.lib.auth_ldap import LdapImportError | |
|
|
33 | 32 | from rhodecode.lib.base import BaseController, render |
|
|
34 | 33 | from rhodecode.model.forms import LdapSettingsForm, DefaultPermissionsForm |
|
|
35 | 34 | from rhodecode.model.permission import PermissionModel |
|
|
36 | 35 | from rhodecode.model.user import UserModel |
|
|
37 | 36 | import formencode |
|
|
38 | 37 | import logging |
|
|
39 | 38 | import traceback |
|
|
40 | 39 | |
|
|
41 | 40 | log = logging.getLogger(__name__) |
|
|
42 | 41 | |
|
|
43 | 42 | |
|
|
44 | 43 | class PermissionsController(BaseController): |
|
|
45 | 44 | """REST Controller styled on the Atom Publishing Protocol""" |
|
|
46 | 45 | # To properly map this controller, ensure your config/routing.py |
|
|
47 | 46 | # file has a resource setup: |
|
|
48 | 47 | # map.resource('permission', 'permissions') |
|
|
49 | 48 | |
|
|
50 | 49 | @LoginRequired() |
|
|
51 | 50 | @HasPermissionAllDecorator('hg.admin') |
|
|
52 | 51 | def __before__(self): |
|
|
53 | 52 | c.admin_user = session.get('admin_user') |
|
|
54 | 53 | c.admin_username = session.get('admin_username') |
|
|
55 | 54 | super(PermissionsController, self).__before__() |
|
|
56 | 55 | |
|
|
57 | 56 | self.perms_choices = [('repository.none', _('None'),), |
|
|
58 | 57 | ('repository.read', _('Read'),), |
|
|
59 | 58 | ('repository.write', _('Write'),), |
|
|
60 | 59 | ('repository.admin', _('Admin'),)] |
|
|
61 | 60 | self.register_choices = [ |
|
|
62 | 61 | ('hg.register.none', |
|
|
63 | 62 | _('disabled')), |
|
|
64 | 63 | ('hg.register.manual_activate', |
|
|
65 | 64 | _('allowed with manual account activation')), |
|
|
66 | 65 | ('hg.register.auto_activate', |
|
|
67 | 66 | _('allowed with automatic account activation')), ] |
|
|
68 | 67 | |
|
|
69 | 68 | self.create_choices = [('hg.create.none', _('Disabled')), |
|
|
70 | 69 | ('hg.create.repository', _('Enabled'))] |
|
|
71 | 70 | |
|
|
72 | 71 | def index(self, format='html'): |
|
|
73 | 72 | """GET /permissions: All items in the collection""" |
|
|
74 | 73 | # url('permissions') |
|
|
75 | 74 | |
|
|
76 | 75 | def create(self): |
|
|
77 | 76 | """POST /permissions: Create a new item""" |
|
|
78 | 77 | # url('permissions') |
|
|
79 | 78 | |
|
|
80 | 79 | def new(self, format='html'): |
|
|
81 | 80 | """GET /permissions/new: Form to create a new item""" |
|
|
82 | 81 | # url('new_permission') |
|
|
83 | 82 | |
|
|
84 | 83 | def update(self, id): |
|
|
85 | 84 | """PUT /permissions/id: Update an existing item""" |
|
|
86 | 85 | # Forms posted to this method should contain a hidden field: |
|
|
87 | 86 | # <input type="hidden" name="_method" value="PUT" /> |
|
|
88 | 87 | # Or using helpers: |
|
|
89 | 88 | # h.form(url('permission', id=ID), |
|
|
90 | 89 | # method='put') |
|
|
91 | 90 | # url('permission', id=ID) |
|
|
92 | 91 | |
|
|
93 | 92 | permission_model = PermissionModel() |
|
|
94 | 93 | |
|
|
95 | 94 | _form = DefaultPermissionsForm([x[0] for x in self.perms_choices], |
|
|
96 | 95 | [x[0] for x in self.register_choices], |
|
|
97 | 96 | [x[0] for x in self.create_choices])() |
|
|
98 | 97 | |
|
|
99 | 98 | try: |
|
|
100 | 99 | form_result = _form.to_python(dict(request.POST)) |
|
|
101 | 100 | form_result.update({'perm_user_name': id}) |
|
|
102 | 101 | permission_model.update(form_result) |
|
|
103 | 102 | h.flash(_('Default permissions updated successfully'), |
|
|
104 | 103 | category='success') |
|
|
105 | 104 | |
|
|
106 | 105 | except formencode.Invalid, errors: |
|
|
107 | 106 | c.perms_choices = self.perms_choices |
|
|
108 | 107 | c.register_choices = self.register_choices |
|
|
109 | 108 | c.create_choices = self.create_choices |
|
|
110 | 109 | defaults = errors.value |
|
|
111 | 110 | |
|
|
112 | 111 | return htmlfill.render( |
|
|
113 | 112 | render('admin/permissions/permissions.html'), |
|
|
114 | 113 | defaults=defaults, |
|
|
115 | 114 | errors=errors.error_dict or {}, |
|
|
116 | 115 | prefix_error=False, |
|
|
117 | 116 | encoding="UTF-8") |
|
|
118 | 117 | except Exception: |
|
|
119 | 118 | log.error(traceback.format_exc()) |
|
|
120 | 119 | h.flash(_('error occurred during update of permissions'), |
|
|
121 | 120 | category='error') |
|
|
122 | 121 | |
|
|
123 | 122 | return redirect(url('edit_permission', id=id)) |
|
|
124 | 123 | |
|
|
125 | 124 | def delete(self, id): |
|
|
126 | 125 | """DELETE /permissions/id: Delete an existing item""" |
|
|
127 | 126 | # Forms posted to this method should contain a hidden field: |
|
|
128 | 127 | # <input type="hidden" name="_method" value="DELETE" /> |
|
|
129 | 128 | # Or using helpers: |
|
|
130 | 129 | # h.form(url('permission', id=ID), |
|
|
131 | 130 | # method='delete') |
|
|
132 | 131 | # url('permission', id=ID) |
|
|
133 | 132 | |
|
|
134 | 133 | def show(self, id, format='html'): |
|
|
135 | 134 | """GET /permissions/id: Show a specific item""" |
|
|
136 | 135 | # url('permission', id=ID) |
|
|
137 | 136 | |
|
|
138 | 137 | def edit(self, id, format='html'): |
|
|
139 | 138 | """GET /permissions/id/edit: Form to edit an existing item""" |
|
|
140 | 139 | #url('edit_permission', id=ID) |
|
|
141 | 140 | c.perms_choices = self.perms_choices |
|
|
142 | 141 | c.register_choices = self.register_choices |
|
|
143 | 142 | c.create_choices = self.create_choices |
|
|
144 | 143 | |
|
|
145 | 144 | if id == 'default': |
|
|
146 | 145 | default_user = UserModel().get_by_username('default') |
|
|
147 | 146 | defaults = {'_method': 'put', |
|
|
148 | 147 | 'anonymous': default_user.active} |
|
|
149 | 148 | |
|
|
150 | 149 | for p in default_user.user_perms: |
|
|
151 | 150 | if p.permission.permission_name.startswith('repository.'): |
|
|
152 | 151 | defaults['default_perm'] = p.permission.permission_name |
|
|
153 | 152 | |
|
|
154 | 153 | if p.permission.permission_name.startswith('hg.register.'): |
|
|
155 | 154 | defaults['default_register'] = p.permission.permission_name |
|
|
156 | 155 | |
|
|
157 | 156 | if p.permission.permission_name.startswith('hg.create.'): |
|
|
158 | 157 | defaults['default_create'] = p.permission.permission_name |
|
|
159 | 158 | |
|
|
160 | 159 | return htmlfill.render( |
|
|
161 | 160 | render('admin/permissions/permissions.html'), |
|
|
162 | 161 | defaults=defaults, |
|
|
163 | 162 | encoding="UTF-8", |
|
|
164 | 163 | force_defaults=True,) |
|
|
165 | 164 | else: |
|
|
166 | 165 | return redirect(url('admin_home')) |
General Comments 0
You need to be logged in to leave comments.
Login now