Mercurial > kallithea
annotate rhodecode/controllers/admin/permissions.py @ 712:131c1e335fa7 beta
Added ldap info on admin users, added bool2icon helper for nicer representation of
True/False values. Fixed lock open icon to be more readable
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 18 Nov 2010 03:05:29 +0100 |
parents | 9e9f1b919c0c |
children | fb7a3b291e64 |
rev | line source |
---|---|
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
1 #!/usr/bin/env python |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
2 # encoding: utf-8 |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
3 # permissions controller for pylons |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
5 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
6 # This program is free software; you can redistribute it and/or |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
7 # modify it under the terms of the GNU General Public License |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
8 # as published by the Free Software Foundation; version 2 |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
9 # of the License or (at your opinion) any later version of the license. |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
10 # |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
14 # GNU General Public License for more details. |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
15 # |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
16 # You should have received a copy of the GNU General Public License |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
17 # along with this program; if not, write to the Free Software |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
19 # MA 02110-1301, USA. |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
20 """ |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
21 Created on April 27, 2010 |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
22 permissions controller for pylons |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
23 @author: marcink |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
24 """ |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
25 |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
26 from formencode import htmlfill |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
27 from pylons import request, session, tmpl_context as c, url |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
28 from pylons.controllers.util import abort, redirect |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
29 from pylons.i18n.translation import _ |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
30 from rhodecode.lib import helpers as h |
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
31 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
32 from rhodecode.lib.auth_ldap import LdapImportError |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
33 from rhodecode.lib.base import BaseController, render |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
34 from rhodecode.model.forms import LdapSettingsForm, DefaultPermissionsForm |
692
cb0d9ce6ac5c
#50 on point cache invalidation changes.
Marcin Kuzminski <marcin@python-works.com>
parents:
673
diff
changeset
|
35 from rhodecode.model.permission import PermissionModel |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
36 from rhodecode.model.settings import SettingsModel |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
37 from rhodecode.model.user import UserModel |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
38 import formencode |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
39 import logging |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
40 import traceback |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
41 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
42 log = logging.getLogger(__name__) |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
43 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
44 class PermissionsController(BaseController): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
45 """REST Controller styled on the Atom Publishing Protocol""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
46 # To properly map this controller, ensure your config/routing.py |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
47 # file has a resource setup: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
48 # map.resource('permission', 'permissions') |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
49 |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
50 @LoginRequired() |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
51 @HasPermissionAllDecorator('hg.admin') |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
52 def __before__(self): |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
53 c.admin_user = session.get('admin_user') |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
54 c.admin_username = session.get('admin_username') |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
55 super(PermissionsController, self).__before__() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
56 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
57 self.perms_choices = [('repository.none', _('None'),), |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
58 ('repository.read', _('Read'),), |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
59 ('repository.write', _('Write'),), |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
60 ('repository.admin', _('Admin'),)] |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
61 self.register_choices = [ |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
62 ('hg.register.none', |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
63 _('disabled')), |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
64 ('hg.register.manual_activate', |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
65 _('allowed with manual account activation')), |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
66 ('hg.register.auto_activate', |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
67 _('allowed with automatic account activation')), ] |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
68 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
69 self.create_choices = [('hg.create.none', _('Disabled')), |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
70 ('hg.create.repository', _('Enabled'))] |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
71 |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
72 |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
73 def index(self, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
74 """GET /permissions: All items in the collection""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
75 # url('permissions') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
76 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
77 def create(self): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
78 """POST /permissions: Create a new item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
79 # url('permissions') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
80 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
81 def new(self, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
82 """GET /permissions/new: Form to create a new item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
83 # url('new_permission') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
84 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
85 def update(self, id): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
86 """PUT /permissions/id: Update an existing item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
87 # Forms posted to this method should contain a hidden field: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
88 # <input type="hidden" name="_method" value="PUT" /> |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
89 # Or using helpers: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
90 # h.form(url('permission', id=ID), |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
91 # method='put') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
92 # url('permission', id=ID) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
93 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
94 permission_model = PermissionModel() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
95 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
96 _form = DefaultPermissionsForm([x[0] for x in self.perms_choices], |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
97 [x[0] for x in self.register_choices], |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
98 [x[0] for x in self.create_choices])() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
99 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
100 try: |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
101 form_result = _form.to_python(dict(request.POST)) |
418
63c697d1a631
added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
Marcin Kuzminski <marcin@python-works.com>
parents:
417
diff
changeset
|
102 form_result.update({'perm_user_name':id}) |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
103 permission_model.update(form_result) |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
104 h.flash(_('Default permissions updated successfully'), |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
105 category='success') |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
106 |
564
ba7e24cd4786
refactor codes and setup for python 2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
547
diff
changeset
|
107 except formencode.Invalid, errors: |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
108 c.perms_choices = self.perms_choices |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
109 c.register_choices = self.register_choices |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
110 c.create_choices = self.create_choices |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
111 defaults = errors.value |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
112 defaults.update(SettingsModel().get_ldap_settings()) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
113 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
114 return htmlfill.render( |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
115 render('admin/permissions/permissions.html'), |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
116 defaults=defaults, |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
117 errors=errors.error_dict or {}, |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
118 prefix_error=False, |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
119 encoding="UTF-8") |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
120 except Exception: |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
121 log.error(traceback.format_exc()) |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
122 h.flash(_('error occured during update of permissions'), |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
123 category='error') |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
124 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
125 return redirect(url('edit_permission', id=id)) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
126 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
127 |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
128 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
129 def delete(self, id): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
130 """DELETE /permissions/id: Delete an existing item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
131 # Forms posted to this method should contain a hidden field: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
132 # <input type="hidden" name="_method" value="DELETE" /> |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
133 # Or using helpers: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
134 # h.form(url('permission', id=ID), |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
135 # method='delete') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
136 # url('permission', id=ID) |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
137 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
138 def show(self, id, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
139 """GET /permissions/id: Show a specific item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
140 # url('permission', id=ID) |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
141 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
142 def edit(self, id, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
143 """GET /permissions/id/edit: Form to edit an existing item""" |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
144 #url('edit_permission', id=ID) |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
145 c.perms_choices = self.perms_choices |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
146 c.register_choices = self.register_choices |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
147 c.create_choices = self.create_choices |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
148 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
149 if id == 'default': |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
150 default_user = UserModel().get_by_username('default') |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
151 defaults = {'_method':'put', |
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
152 'anonymous':default_user.active} |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
153 defaults.update(SettingsModel().get_ldap_settings()) |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
154 for p in default_user.user_perms: |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
155 if p.permission.permission_name.startswith('repository.'): |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
156 defaults['default_perm'] = p.permission.permission_name |
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
157 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
158 if p.permission.permission_name.startswith('hg.register.'): |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
159 defaults['default_register'] = p.permission.permission_name |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
160 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
161 if p.permission.permission_name.startswith('hg.create.'): |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
162 defaults['default_create'] = p.permission.permission_name |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
163 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
164 return htmlfill.render( |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
165 render('admin/permissions/permissions.html'), |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
166 defaults=defaults, |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
167 encoding="UTF-8", |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
168 force_defaults=True,) |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
169 else: |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
170 return redirect(url('admin_home')) |
705
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
171 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
172 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
173 def ldap(self, id_user='default'): |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
174 """ |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
175 POST ldap create and store ldap settings |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
176 """ |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
177 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
178 settings_model = SettingsModel() |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
179 _form = LdapSettingsForm()() |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
180 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
181 try: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
182 form_result = _form.to_python(dict(request.POST)) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
183 try: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
184 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
185 for k, v in form_result.items(): |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
186 if k.startswith('ldap_'): |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
187 setting = settings_model.get(k) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
188 setting.app_settings_value = v |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
189 self.sa.add(setting) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
190 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
191 self.sa.commit() |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
192 h.flash(_('Ldap settings updated successfully'), |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
193 category='success') |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
194 except: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
195 raise |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
196 except LdapImportError: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
197 h.flash(_('Unable to activate ldap. The "ldap-python" library ' |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
198 'is missing.'), |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
199 category='warning') |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
200 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
201 except formencode.Invalid, errors: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
202 c.perms_choices = self.perms_choices |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
203 c.register_choices = self.register_choices |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
204 c.create_choices = self.create_choices |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
205 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
206 return htmlfill.render( |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
207 render('admin/permissions/permissions.html'), |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
208 defaults=errors.value, |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
209 errors=errors.error_dict or {}, |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
210 prefix_error=False, |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
211 encoding="UTF-8") |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
212 except Exception: |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
213 log.error(traceback.format_exc()) |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
214 h.flash(_('error occured during update of ldap settings'), |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
215 category='error') |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
216 |
9e9f1b919c0c
implements #60, ldap configuration and authentication.
Marcin Kuzminski <marcin@python-works.com>
parents:
692
diff
changeset
|
217 return redirect(url('edit_permission', id=id_user)) |