##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

Implemented permissions into hg app, secured admin controllers, templates and repository specific controllers
marcink -
r318:fdf9f6ee default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -22,17 +22,17 b' Created on April 21, 2010'
22 branches controller for pylons
22 branches controller for pylons
23 @author: marcink
23 @author: marcink
24 """
24 """
25 from pylons import tmpl_context as c
25 from pylons import tmpl_context as c, request
26 from pylons_app.lib.auth import LoginRequired
26 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
27 from pylons_app.lib.base import BaseController, render
27 from pylons_app.lib.base import BaseController, render
28 from pylons_app.model.hg_model import HgModel
28 from pylons_app.model.hg_model import HgModel
29 import logging
29 import logging
30
31 log = logging.getLogger(__name__)
30 log = logging.getLogger(__name__)
32
31
33 class BranchesController(BaseController):
32 class BranchesController(BaseController):
34
33
35 @LoginRequired()
34 @LoginRequired()
35 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', 'repository.admin')
36 def __before__(self):
36 def __before__(self):
37 super(BranchesController, self).__before__()
37 super(BranchesController, self).__before__()
38
38
@@ -40,7 +40,7 b' class BranchesController(BaseController)'
40 hg_model = HgModel()
40 hg_model = HgModel()
41 c.repo_info = hg_model.get_repo(c.repo_name)
41 c.repo_info = hg_model.get_repo(c.repo_name)
42 c.repo_branches = {}
42 c.repo_branches = {}
43 for name, hash in c.repo_info.branches.items():
43 for name, hash_ in c.repo_info.branches.items():
44 c.repo_branches[name] = c.repo_info.get_changeset(hash)
44 c.repo_branches[name] = c.repo_info.get_changeset(hash_)
45
45
46 return render('branches/branches.html')
46 return render('branches/branches.html')
Show file before | Show file after | Hide comments
@@ -2,14 +2,6 b''
2 # encoding: utf-8
2 # encoding: utf-8
3 # changelog controller for pylons
3 # changelog controller for pylons
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
5 from json import dumps
6 from mercurial.graphmod import colored, CHANGESET, revisions as graph_rev
7 from pylons import request, session, tmpl_context as c
8 from pylons_app.lib.auth import LoginRequired
9 from pylons_app.lib.base import BaseController, render
10 from pylons_app.model.hg_model import HgModel
11 from webhelpers.paginate import Page
12 import logging
13
5
14 # This program is free software; you can redistribute it and/or
6 # This program is free software; you can redistribute it and/or
15 # modify it under the terms of the GNU General Public License
7 # modify it under the terms of the GNU General Public License
@@ -30,11 +22,21 b' Created on April 21, 2010'
30 changelog controller for pylons
22 changelog controller for pylons
31 @author: marcink
23 @author: marcink
32 """
24 """
33 log = logging.getLogger(__name__)
25 from json import dumps
26 from mercurial.graphmod import colored, CHANGESET, revisions as graph_rev
27 from pylons import request, session, tmpl_context as c
28 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
29 from pylons_app.lib.base import BaseController, render
30 from pylons_app.model.hg_model import HgModel
31 from webhelpers.paginate import Page
32 import logging
33 log = logging.getLogger(__name__)
34
34
35 class ChangelogController(BaseController):
35 class ChangelogController(BaseController):
36
36
37 @LoginRequired()
37 @LoginRequired()
38 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
39 'repository.admin')
38 def __before__(self):
40 def __before__(self):
39 super(ChangelogController, self).__before__()
41 super(ChangelogController, self).__before__()
40
42
Show file before | Show file after | Hide comments
@@ -2,16 +2,6 b''
2 # encoding: utf-8
2 # encoding: utf-8
3 # changeset controller for pylons
3 # changeset controller for pylons
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
5 from pylons import tmpl_context as c, url
6 from pylons.controllers.util import redirect
7 from pylons_app.lib.auth import LoginRequired
8 from pylons_app.lib.base import BaseController, render
9 from pylons_app.model.hg_model import HgModel
10 from vcs.exceptions import RepositoryError
11 from vcs.nodes import FileNode
12 from vcs.utils import diffs as differ
13 import logging
14 import traceback
15
5
16 # This program is free software; you can redistribute it and/or
6 # This program is free software; you can redistribute it and/or
17 # modify it under the terms of the GNU General Public License
7 # modify it under the terms of the GNU General Public License
@@ -32,13 +22,24 b' Created on April 25, 2010'
32 changeset controller for pylons
22 changeset controller for pylons
33 @author: marcink
23 @author: marcink
34 """
24 """
35
25 from pylons import tmpl_context as c, url, request
26 from pylons.controllers.util import redirect
27 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
28 from pylons_app.lib.base import BaseController, render
29 from pylons_app.model.hg_model import HgModel
30 from vcs.exceptions import RepositoryError
31 from vcs.nodes import FileNode
32 from vcs.utils import diffs as differ
33 import logging
34 import traceback
36
35
37 log = logging.getLogger(__name__)
36 log = logging.getLogger(__name__)
38
37
39 class ChangesetController(BaseController):
38 class ChangesetController(BaseController):
40
39
41 @LoginRequired()
40 @LoginRequired()
41 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
42 'repository.admin')
42 def __before__(self):
43 def __before__(self):
43 super(ChangesetController, self).__before__()
44 super(ChangesetController, self).__before__()
44
45
Show file before | Show file after | Hide comments
@@ -2,20 +2,7 b''
2 # encoding: utf-8
2 # encoding: utf-8
3 # files controller for pylons
3 # files controller for pylons
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
5 from mercurial import archival
5
6 from pylons import request, response, session, tmpl_context as c, url
7 from pylons.controllers.util import redirect
8 from pylons_app.lib.auth import LoginRequired
9 from pylons_app.lib.base import BaseController, render
10 from pylons_app.lib.utils import EmptyChangeset
11 from pylons_app.model.hg_model import HgModel
12 from vcs.exceptions import RepositoryError, ChangesetError
13 from vcs.nodes import FileNode
14 from vcs.utils import diffs as differ
15 import logging
16 import pylons_app.lib.helpers as h
17 import tempfile
18
19 # This program is free software; you can redistribute it and/or
6 # This program is free software; you can redistribute it and/or
20 # modify it under the terms of the GNU General Public License
7 # modify it under the terms of the GNU General Public License
21 # as published by the Free Software Foundation; version 2
8 # as published by the Free Software Foundation; version 2
@@ -35,13 +22,27 b' Created on April 21, 2010'
35 files controller for pylons
22 files controller for pylons
36 @author: marcink
23 @author: marcink
37 """
24 """
38
25 from mercurial import archival
26 from pylons import request, response, session, tmpl_context as c, url
27 from pylons.controllers.util import redirect
28 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
29 from pylons_app.lib.base import BaseController, render
30 from pylons_app.lib.utils import EmptyChangeset, get_repo_slug
31 from pylons_app.model.hg_model import HgModel
32 from vcs.exceptions import RepositoryError, ChangesetError
33 from vcs.nodes import FileNode
34 from vcs.utils import diffs as differ
35 import logging
36 import pylons_app.lib.helpers as h
37 import tempfile
39
38
40 log = logging.getLogger(__name__)
39 log = logging.getLogger(__name__)
41
40
42 class FilesController(BaseController):
41 class FilesController(BaseController):
43
42
44 @LoginRequired()
43 @LoginRequired()
44 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
45 'repository.admin')
45 def __before__(self):
46 def __before__(self):
46 super(FilesController, self).__before__()
47 super(FilesController, self).__before__()
47
48
Show file before | Show file after | Hide comments
@@ -44,7 +44,7 b' class PermissionsController(BaseControll'
44 # map.resource('permission', 'permissions')
44 # map.resource('permission', 'permissions')
45
45
46 @LoginRequired()
46 @LoginRequired()
47 @HasPermissionAllDecorator('hg.admin')
47 #@HasPermissionAllDecorator('hg.admin')
48 def __before__(self):
48 def __before__(self):
49 c.admin_user = session.get('admin_user')
49 c.admin_user = session.get('admin_user')
50 c.admin_username = session.get('admin_username')
50 c.admin_username = session.get('admin_username')
Show file before | Show file after | Hide comments
@@ -21,21 +21,19 b' Created on April 7, 2010'
21 admin controller for pylons
21 admin controller for pylons
22 @author: marcink
22 @author: marcink
23 """
23 """
24 from formencode import htmlfill
24 from operator import itemgetter
25 from operator import itemgetter
25 from pylons import request, response, session, tmpl_context as c, url, \
26 from pylons import request, response, session, tmpl_context as c, url
26 app_globals as g
27 from pylons.controllers.util import abort, redirect
27 from pylons.controllers.util import abort, redirect
28 from pylons.i18n.translation import _
28 from pylons.i18n.translation import _
29 from pylons_app.lib import helpers as h
29 from pylons_app.lib import helpers as h
30 from pylons_app.lib.auth import LoginRequired
30 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
31 from pylons_app.lib.base import BaseController, render
31 from pylons_app.lib.base import BaseController, render
32 from pylons_app.lib.utils import invalidate_cache
32 from pylons_app.lib.utils import invalidate_cache
33 from pylons_app.model.repo_model import RepoModel
33 from pylons_app.model.forms import RepoForm
34 from pylons_app.model.hg_model import HgModel
34 from pylons_app.model.hg_model import HgModel
35 from pylons_app.model.forms import RepoForm
35 from pylons_app.model.repo_model import RepoModel
36 from pylons_app.model.meta import Session
37 import formencode
36 import formencode
38 from formencode import htmlfill
39 import logging
37 import logging
40 log = logging.getLogger(__name__)
38 log = logging.getLogger(__name__)
41
39
@@ -44,7 +42,9 b' class ReposController(BaseController):'
44 # To properly map this controller, ensure your config/routing.py
42 # To properly map this controller, ensure your config/routing.py
45 # file has a resource setup:
43 # file has a resource setup:
46 # map.resource('repo', 'repos')
44 # map.resource('repo', 'repos')
45
47 @LoginRequired()
46 @LoginRequired()
47 @HasPermissionAllDecorator('hg.admin')
48 def __before__(self):
48 def __before__(self):
49 c.admin_user = session.get('admin_user')
49 c.admin_user = session.get('admin_user')
50 c.admin_username = session.get('admin_username')
50 c.admin_username = session.get('admin_username')
@@ -104,7 +104,8 b' class ReposController(BaseController):'
104 form_result = _form.to_python(dict(request.POST))
104 form_result = _form.to_python(dict(request.POST))
105 repo_model.update(repo_name, form_result)
105 repo_model.update(repo_name, form_result)
106 invalidate_cache('cached_repo_list')
106 invalidate_cache('cached_repo_list')
107 h.flash(_('Repository %s updated succesfully' % repo_name), category='success')
107 h.flash(_('Repository %s updated succesfully' % repo_name),
108 category='success')
108
109
109 except formencode.Invalid as errors:
110 except formencode.Invalid as errors:
110 c.repo_info = repo_model.get(repo_name)
111 c.repo_info = repo_model.get(repo_name)
@@ -135,7 +136,8 b' class ReposController(BaseController):'
135 h.flash(_('%s repository is not mapped to db perhaps'
136 h.flash(_('%s repository is not mapped to db perhaps'
136 ' it was moved or renamed from the filesystem'
137 ' it was moved or renamed from the filesystem'
137 ' please run the application again'
138 ' please run the application again'
138 ' in order to rescan repositories') % repo_name, category='error')
139 ' in order to rescan repositories') % repo_name,
140 category='error')
139
141
140 return redirect(url('repos'))
142 return redirect(url('repos'))
141 try:
143 try:
@@ -175,7 +177,8 b' class ReposController(BaseController):'
175 h.flash(_('%s repository is not mapped to db perhaps'
177 h.flash(_('%s repository is not mapped to db perhaps'
176 ' it was created or renamed from the filesystem'
178 ' it was created or renamed from the filesystem'
177 ' please run the application again'
179 ' please run the application again'
178 ' in order to rescan repositories') % repo_name, category='error')
180 ' in order to rescan repositories') % repo_name,
181 category='error')
179
182
180 return redirect(url('repos'))
183 return redirect(url('repos'))
181 defaults = c.repo_info.__dict__
184 defaults = c.repo_info.__dict__
Show file before | Show file after | Hide comments
@@ -23,17 +23,18 b' shortlog controller for pylons'
23 @author: marcink
23 @author: marcink
24 """
24 """
25 from pylons import tmpl_context as c, request
25 from pylons import tmpl_context as c, request
26 from pylons_app.lib.auth import LoginRequired
26 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
27 from pylons_app.lib.base import BaseController, render
27 from pylons_app.lib.base import BaseController, render
28 from pylons_app.model.hg_model import HgModel
28 from pylons_app.model.hg_model import HgModel
29 from webhelpers.paginate import Page
29 from webhelpers.paginate import Page
30 import logging
30 import logging
31
32 log = logging.getLogger(__name__)
31 log = logging.getLogger(__name__)
33
32
34 class ShortlogController(BaseController):
33 class ShortlogController(BaseController):
35
34
36 @LoginRequired()
35 @LoginRequired()
36 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
37 'repository.admin')
37 def __before__(self):
38 def __before__(self):
38 super(ShortlogController, self).__before__()
39 super(ShortlogController, self).__before__()
39
40
Show file before | Show file after | Hide comments
@@ -23,20 +23,21 b' summary controller for pylons'
23 @author: marcink
23 @author: marcink
24 """
24 """
25 from pylons import tmpl_context as c, request
25 from pylons import tmpl_context as c, request
26 from pylons_app.lib.auth import LoginRequired
26 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
27 from pylons_app.lib.base import BaseController, render
27 from pylons_app.lib.base import BaseController, render
28 from pylons_app.model.hg_model import HgModel
28 from pylons_app.model.hg_model import HgModel
29 from webhelpers.paginate import Page
29 from webhelpers.paginate import Page
30 import logging
30 import logging
31
32 log = logging.getLogger(__name__)
31 log = logging.getLogger(__name__)
33
32
34 class SummaryController(BaseController):
33 class SummaryController(BaseController):
35
34
36 @LoginRequired()
35 @LoginRequired()
36 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
37 'repository.admin')
37 def __before__(self):
38 def __before__(self):
38 super(SummaryController, self).__before__()
39 super(SummaryController, self).__before__()
39
40
40 def index(self):
41 def index(self):
41 hg_model = HgModel()
42 hg_model = HgModel()
42 c.repo_info = hg_model.get_repo(c.repo_name)
43 c.repo_info = hg_model.get_repo(c.repo_name)
Show file before | Show file after | Hide comments
@@ -22,17 +22,17 b' Created on April 21, 2010'
22 tags controller for pylons
22 tags controller for pylons
23 @author: marcink
23 @author: marcink
24 """
24 """
25 from pylons import tmpl_context as c
25 from pylons import tmpl_context as c, request
26 from pylons_app.lib.auth import LoginRequired
26 from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
27 from pylons_app.lib.base import BaseController, render
27 from pylons_app.lib.base import BaseController, render
28 from pylons_app.model.hg_model import HgModel
28 from pylons_app.model.hg_model import HgModel
29 import logging
29 import logging
30
31 log = logging.getLogger(__name__)
30 log = logging.getLogger(__name__)
32
31
33 class TagsController(BaseController):
32 class TagsController(BaseController):
34
33
35 @LoginRequired()
34 @LoginRequired()
35 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', 'repository.admin')
36 def __before__(self):
36 def __before__(self):
37 super(TagsController, self).__before__()
37 super(TagsController, self).__before__()
38
38
Show file before | Show file after | Hide comments
@@ -31,7 +31,7 b' from pylons_app.lib.auth import LoginReq'
31 from pylons_app.lib.base import BaseController, render
31 from pylons_app.lib.base import BaseController, render
32 from pylons_app.model.db import User, UserLog
32 from pylons_app.model.db import User, UserLog
33 from pylons_app.model.forms import UserForm
33 from pylons_app.model.forms import UserForm
34 from pylons_app.model.user_model import UserModel
34 from pylons_app.model.user_model import UserModel, DefaultUserException
35 import formencode
35 import formencode
36 import logging
36 import logging
37
37
@@ -125,10 +125,11 b' class UsersController(BaseController):'
125 try:
125 try:
126 user_model.delete(id)
126 user_model.delete(id)
127 h.flash(_('sucessfully deleted user'), category='success')
127 h.flash(_('sucessfully deleted user'), category='success')
128 except DefaultUserException as e:
129 h.flash(str(e), category='warning')
128 except Exception:
130 except Exception:
129 h.flash(_('An error occured during deletion of user'),
131 h.flash(_('An error occured during deletion of user'),
130 category='error')
132 category='error')
131
132 return redirect(url('users'))
133 return redirect(url('users'))
133
134
134 def show(self, id, format='html'):
135 def show(self, id, format='html'):
@@ -140,6 +141,11 b' class UsersController(BaseController):'
140 """GET /users/id/edit: Form to edit an existing item"""
141 """GET /users/id/edit: Form to edit an existing item"""
141 # url('edit_user', id=ID)
142 # url('edit_user', id=ID)
142 c.user = self.sa.query(User).get(id)
143 c.user = self.sa.query(User).get(id)
144 if c.user.username == 'default':
145 h.flash(_("You can't edit this user since it's"
146 " crucial for entire application"), category='warning')
147 return redirect(url('users'))
148
143 defaults = c.user.__dict__
149 defaults = c.user.__dict__
144 return htmlfill.render(
150 return htmlfill.render(
145 render('admin/users/user_edit.html'),
151 render('admin/users/user_edit.html'),
Show file before | Show file after | Hide comments
@@ -106,13 +106,17 b' def is_current(selected):'
106 <li ${is_current('branches')}>${h.link_to(_('branches'),h.url('branches_home',repo_name=c.repo_name))}</li>
106 <li ${is_current('branches')}>${h.link_to(_('branches'),h.url('branches_home',repo_name=c.repo_name))}</li>
107 <li ${is_current('tags')}>${h.link_to(_('tags'),h.url('tags_home',repo_name=c.repo_name))}</li>
107 <li ${is_current('tags')}>${h.link_to(_('tags'),h.url('tags_home',repo_name=c.repo_name))}</li>
108 <li ${is_current('files')}>${h.link_to(_('files'),h.url('files_home',repo_name=c.repo_name))}</li>
108 <li ${is_current('files')}>${h.link_to(_('files'),h.url('files_home',repo_name=c.repo_name))}</li>
109 <li>${h.link_to(_('settings'),h.url('edit_repo',repo_name=c.repo_name))}</li>
109 %if h.HasRepoPermissionAll('repository.admin')(c.repo_name):
110 <li>${h.link_to(_('settings'),h.url('edit_repo',repo_name=c.repo_name))}</li>
111 %endif
110 </ul>
112 </ul>
111 %else:
113 %else:
112 ##Root menu
114 ##Root menu
113 <ul class="page-nav">
115 <ul class="page-nav">
114 <li ${is_current('home')}>${h.link_to(_('Home'),h.url('/'))}</li>
116 <li ${is_current('home')}>${h.link_to(_('Home'),h.url('/'))}</li>
115 <li ${is_current('admin')}>${h.link_to(_('Admin'),h.url('admin_home'))}</li>
117 %if h.HasPermissionAll('hg.admin')('access admin main page'):
118 <li ${is_current('admin')}>${h.link_to(_('Admin'),h.url('admin_home'))}</li>
119 %endif
116 <li class="logout">${h.link_to(u'Logout',h.url('logout_home'))}</li>
120 <li class="logout">${h.link_to(u'Logout',h.url('logout_home'))}</li>
117 </ul>
121 </ul>
118 %endif
122 %endif
@@ -129,7 +133,7 b' def is_current(selected):'
129 <ul class="submenu">
133 <ul class="submenu">
130 <li ${is_current('repos')}>${h.link_to(u'repos',h.url('repos'),class_='repos')}</li>
134 <li ${is_current('repos')}>${h.link_to(u'repos',h.url('repos'),class_='repos')}</li>
131 <li ${is_current('users')}>${h.link_to(u'users',h.url('users'),class_='users')}</li>
135 <li ${is_current('users')}>${h.link_to(u'users',h.url('users'),class_='users')}</li>
132 <li ${is_current('permissions')}>${h.link_to(u'permissions',h.url('permissions'),class_='permissions')}</li>
136 ##comented for now<li ${is_current('permissions')}>${h.link_to(u'permissions',h.url('permissions'),class_='permissions')}</li>
133 </ul>
137 </ul>
134 </div>
138 </div>
135 %endif
139 %endif
Show file before | Show file after | Hide comments
@@ -31,6 +31,7 b''
31 <td>${_('Atom')}</td>
31 <td>${_('Atom')}</td>
32 </tr>
32 </tr>
33 %for cnt,repo in enumerate(c.repos_list):
33 %for cnt,repo in enumerate(c.repos_list):
34 %if h.HasRepoPermissionAny('repository.write','repository.read','repository.admin')(repo['name'],'main page check'):
34 <tr class="parity${cnt%2}">
35 <tr class="parity${cnt%2}">
35 <td>${h.link_to(repo['name'],
36 <td>${h.link_to(repo['name'],
36 h.url('summary_home',repo_name=repo['name']))}</td>
37 h.url('summary_home',repo_name=repo['name']))}</td>
@@ -48,6 +49,7 b''
48 <a title="${_('Subscribe to %s atom feed')%repo['name']}" class="atom_logo" href="${h.url('atom_feed_home',repo_name=repo['name'])}"></a>
49 <a title="${_('Subscribe to %s atom feed')%repo['name']}" class="atom_logo" href="${h.url('atom_feed_home',repo_name=repo['name'])}"></a>
49 </td>
50 </td>
50 </tr>
51 </tr>
52 %endif
51 %endfor
53 %endfor
52 </table>
54 </table>
53 </%def>
55 </%def>
General Comments 0
You need to be logged in to leave comments. Login now