kallithea: rhodecode/controllers/admin/permissions.py annotate

annotate rhodecode/controllers/admin/permissions.py @ 3867:73f7149f2cc0 beta

Added show as raw into gist

author	Marcin Kuzminski <marcin@python-works.com>
date	Sun, 19 May 2013 02:14:51 +0200
parents	222e6769e7b5
children	5293d4bbb1ea

rev	line source
760 fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	1 # -- coding: utf-8 --
fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	2 """
853 f67868ef6cd2 some docs updates on controller Marcin Kuzminski <marcin@python-works.com> parents: 769 diff changeset	3 rhodecode.controllers.admin.permissions
f67868ef6cd2 some docs updates on controller Marcin Kuzminski <marcin@python-works.com> parents: 769 diff changeset	4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	5
760 fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	6 permissions controller for Rhodecode
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	7
760 fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	8 :created_on: Apr 27, 2010
fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	9 :author: marcink
1824 89efedac4e6c 2012 copyrights Marcin Kuzminski <marcin@python-works.com> parents: 1749 diff changeset	10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
760 fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	11 :license: GPLv3, see COPYING for more details.
fb7a3b291e64 Cleaned up scm model codes,Admin/admin permissions controller codes Marcin Kuzminski <marcin@python-works.com> parents: 705 diff changeset	12 """
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	13 # This program is free software: you can redistribute it and/or modify
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	14 # it under the terms of the GNU General Public License as published by
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	15 # the Free Software Foundation, either version 3 of the License, or
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	16 # (at your option) any later version.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	17 #
252 3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 230 diff changeset	18 # This program is distributed in the hope that it will be useful,
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 230 diff changeset	19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 230 diff changeset	20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 230 diff changeset	21 # GNU General Public License for more details.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	22 #
252 3782a6d698af licensing updates, code cleanups Marcin Kuzminski <marcin@python-works.com> parents: 230 diff changeset	23 # You should have received a copy of the GNU General Public License
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	25
1501 a828b83dfa4b Deprecated UserModel removals Marcin Kuzminski <marcin@python-works.com> parents: 1315 diff changeset	26 import logging
a828b83dfa4b Deprecated UserModel removals Marcin Kuzminski <marcin@python-works.com> parents: 1315 diff changeset	27 import traceback
a828b83dfa4b Deprecated UserModel removals Marcin Kuzminski <marcin@python-works.com> parents: 1315 diff changeset	28 import formencode
305 61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	29 from formencode import htmlfill
1501 a828b83dfa4b Deprecated UserModel removals Marcin Kuzminski <marcin@python-works.com> parents: 1315 diff changeset	30
305 61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	31 from pylons import request, session, tmpl_context as c, url
61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	32 from pylons.controllers.util import abort, redirect
61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	33 from pylons.i18n.translation import _
1501 a828b83dfa4b Deprecated UserModel removals Marcin Kuzminski <marcin@python-works.com> parents: 1315 diff changeset	34
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 418 diff changeset	35 from rhodecode.lib import helpers as h
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	36 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	37 AuthUser
547 1e757ac98988 renamed project to rhodecode Marcin Kuzminski <marcin@python-works.com> parents: 418 diff changeset	38 from rhodecode.lib.base import BaseController, render
1501 a828b83dfa4b Deprecated UserModel removals Marcin Kuzminski <marcin@python-works.com> parents: 1315 diff changeset	39 from rhodecode.model.forms import DefaultPermissionsForm
692 cb0d9ce6ac5c #50 on point cache invalidation changes. Marcin Kuzminski <marcin@python-works.com> parents: 673 diff changeset	40 from rhodecode.model.permission import PermissionModel
3731 21412a6c3854 throw 404s on empty show functions in ADMIN controllers Marcin Kuzminski <marcin@python-works.com> parents: 3712 diff changeset	41 from rhodecode.model.db import User, UserIpMap, Permission
1734 48d4fcf04a29 another major refactoring with session management Marcin Kuzminski <marcin@python-works.com> parents: 1530 diff changeset	42 from rhodecode.model.meta import Session
230 d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	43
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	44 log = logging.getLogger(__name__)
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	45
1245 5f2fbab7c429 PEP8ify - controllers Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	46
230 d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	47 class PermissionsController(BaseController):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	48 """REST Controller styled on the Atom Publishing Protocol"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	49 # To properly map this controller, ensure your config/routing.py
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	50 # file has a resource setup:
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	51 # map.resource('permission', 'permissions')
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	52
305 61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	53 @LoginRequired()
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	54 @HasPermissionAllDecorator('hg.admin')
305 61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	55 def __before__(self):
61be6dcd49a0 protected admin controllers Marcin Kuzminski <marcin@python-works.com> parents: 252 diff changeset	56 super(PermissionsController, self).__before__()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	57
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	58 c.repo_perms_choices = [('repository.none', _('None'),),
3052 d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	59 ('repository.read', _('Read'),),
d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	60 ('repository.write', _('Write'),),
d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	61 ('repository.admin', _('Admin'),)]
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	62 c.group_perms_choices = [('group.none', _('None'),),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	63 ('group.read', _('Read'),),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	64 ('group.write', _('Write'),),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	65 ('group.admin', _('Admin'),)]
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	66 c.user_group_perms_choices = [('usergroup.none', _('None'),),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	67 ('usergroup.read', _('Read'),),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	68 ('usergroup.write', _('Write'),),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	69 ('usergroup.admin', _('Admin'),)]
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	70 c.register_choices = [
673 dd532af216d9 #49 Enabled anonymous access for web interface controllable from permissions pannel Marcin Kuzminski <marcin@python-works.com> parents: 664 diff changeset	71 ('hg.register.none',
3654 ec6354949623 Fix a lot of casings - use standard casing in most places Mads Kiilerich <madski@unity3d.com> parents: 3565 diff changeset	72 _('Disabled')),
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	73 ('hg.register.manual_activate',
3654 ec6354949623 Fix a lot of casings - use standard casing in most places Mads Kiilerich <madski@unity3d.com> parents: 3565 diff changeset	74 _('Allowed with manual account activation')),
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	75 ('hg.register.auto_activate',
3654 ec6354949623 Fix a lot of casings - use standard casing in most places Mads Kiilerich <madski@unity3d.com> parents: 3565 diff changeset	76 _('Allowed with automatic account activation')), ]
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	77
3786 222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	78 c.extern_activate_choices = [
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	79 ('hg.extern_activate.manual', _('Manual activation of external account')),
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	80 ('hg.extern_activate.auto', _('Automatic activation of external account')),
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	81 ]
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	82
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	83 c.repo_create_choices = [('hg.create.none', _('Disabled')),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	84 ('hg.create.repository', _('Enabled'))]
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	85
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	86 c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	87 ('hg.usergroup.create.true', _('Enabled'))]
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	88
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	89 c.repo_group_create_choices = [('hg.repogroup.create.false', _('Disabled')),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	90 ('hg.repogroup.create.true', _('Enabled'))]
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	91
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	92 c.fork_choices = [('hg.fork.none', _('Disabled')),
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	93 ('hg.fork.repository', _('Enabled'))]
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	94
230 d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	95 def index(self, format='html'):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	96 """GET /permissions: All items in the collection"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	97 # url('permissions')
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	98
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	99 def create(self):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	100 """POST /permissions: Create a new item"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	101 # url('permissions')
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	102
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	103 def new(self, format='html'):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	104 """GET /permissions/new: Form to create a new item"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	105 # url('new_permission')
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	106
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	107 def update(self, id):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	108 """PUT /permissions/id: Update an existing item"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	109 # Forms posted to this method should contain a hidden field:
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	110 # <input type="hidden" name="_method" value="PUT" />
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	111 # Or using helpers:
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	112 # h.form(url('permission', id=ID),
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	113 # method='put')
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	114 # url('permission', id=ID)
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	115 if id == 'default':
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	116 c.user = default_user = User.get_default_user()
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	117 c.perm_user = AuthUser(user_id=default_user.user_id)
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	118 c.user_ip_map = UserIpMap.query()\
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	119 .filter(UserIpMap.user == default_user).all()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	120
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	121 _form = DefaultPermissionsForm(
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	122 [x[0] for x in c.repo_perms_choices],
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	123 [x[0] for x in c.group_perms_choices],
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	124 [x[0] for x in c.user_group_perms_choices],
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	125 [x[0] for x in c.repo_create_choices],
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	126 [x[0] for x in c.repo_group_create_choices],
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	127 [x[0] for x in c.user_group_create_choices],
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	128 [x[0] for x in c.fork_choices],
3786 222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	129 [x[0] for x in c.register_choices],
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	130 [x[0] for x in c.extern_activate_choices],
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	131 )()
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	132
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	133 try:
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	134 form_result = _form.to_python(dict(request.POST))
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	135 form_result.update({'perm_user_name': id})
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	136 PermissionModel().update(form_result)
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	137 Session().commit()
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	138 h.flash(_('Default permissions updated successfully'),
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	139 category='success')
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	140
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	141 except formencode.Invalid, errors:
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	142 defaults = errors.value
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	143
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	144 return htmlfill.render(
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	145 render('admin/permissions/permissions.html'),
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	146 defaults=defaults,
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	147 errors=errors.error_dict or {},
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	148 prefix_error=False,
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	149 encoding="UTF-8")
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	150 except Exception:
9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	151 log.error(traceback.format_exc())
3565 a8f2d78d14ea consistently capitalize initial letter in flash messages Mads Kiilerich <madski@unity3d.com> parents: 3125 diff changeset	152 h.flash(_('Error occurred during update of permissions'),
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	153 category='error')
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	154
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	155 return redirect(url('edit_permission', id=id))
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	156
230 d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	157 def delete(self, id):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	158 """DELETE /permissions/id: Delete an existing item"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	159 # Forms posted to this method should contain a hidden field:
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	160 # <input type="hidden" name="_method" value="DELETE" />
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	161 # Or using helpers:
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	162 # h.form(url('permission', id=ID),
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	163 # method='delete')
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	164 # url('permission', id=ID)
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	165
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	166 def show(self, id, format='html'):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	167 """GET /permissions/id: Show a specific item"""
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	168 # url('permission', id=ID)
3731 21412a6c3854 throw 404s on empty show functions in ADMIN controllers Marcin Kuzminski <marcin@python-works.com> parents: 3712 diff changeset	169 Permission.get_or_404(-1)
230 d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	170
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	171 def edit(self, id, format='html'):
d982ed8e32d8 Admin templating updates, added rest permission controllers Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	172 """GET /permissions/id/edit: Form to edit an existing item"""
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	173 #url('edit_permission', id=ID)
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	174
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	175 #this form can only edit default user permissions
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	176 if id == 'default':
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	177 c.user = User.get_default_user()
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	178 defaults = {'anonymous': c.user.active}
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	179 c.perm_user = c.user.AuthUser
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	180 c.user_ip_map = UserIpMap.query()\
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	181 .filter(UserIpMap.user == c.user).all()
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	182 for p in c.user.user_perms:
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	183 if p.permission.permission_name.startswith('repository.'):
3052 d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	184 defaults['default_repo_perm'] = p.permission.permission_name
d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	185
d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	186 if p.permission.permission_name.startswith('group.'):
d3200c58764e implemented #663 Admin/permission: specify default repogroup perms Marcin Kuzminski <marcin@python-works.com> parents: 2709 diff changeset	187 defaults['default_group_perm'] = p.permission.permission_name
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	188
3734 a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	189 if p.permission.permission_name.startswith('usergroup.'):
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	190 defaults['default_user_group_perm'] = p.permission.permission_name
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	191
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	192 if p.permission.permission_name.startswith('hg.create.'):
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	193 defaults['default_repo_create'] = p.permission.permission_name
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	194
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	195 if p.permission.permission_name.startswith('hg.repogroup.'):
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	196 defaults['default_repo_group_create'] = p.permission.permission_name
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	197
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	198 if p.permission.permission_name.startswith('hg.usergroup.'):
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	199 defaults['default_user_group_create'] = p.permission.permission_name
a8f520540ab0 New default permissions definition for user group create Marcin Kuzminski <marcin@python-works.com> parents: 3731 diff changeset	200
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	201 if p.permission.permission_name.startswith('hg.register.'):
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	202 defaults['default_register'] = p.permission.permission_name
629 7e536d1af60d Code refactoring,models renames Marcin Kuzminski <marcin@python-works.com> parents: 564 diff changeset	203
3786 222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	204 if p.permission.permission_name.startswith('hg.extern_activate.'):
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	205 defaults['default_extern_activate'] = p.permission.permission_name
222e6769e7b5 Added separate default permission for external_auth account Marcin Kuzminski <marcin@python-works.com> parents: 3734 diff changeset	206
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	207 if p.permission.permission_name.startswith('hg.fork.'):
d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	208 defaults['default_fork'] = p.permission.permission_name
d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	209
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	210 return htmlfill.render(
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	211 render('admin/permissions/permissions.html'),
d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	212 defaults=defaults,
d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	213 encoding="UTF-8",
3125 9b92cf5a0cca Added UserIpMap interface for allowed IP addresses and IP restriction access Marcin Kuzminski <marcin@python-works.com> parents: 3052 diff changeset	214 force_defaults=False
2709 d2d35cf2b351 RhodeCode now has a option to explicitly set forking permissions. ref #508 Marcin Kuzminski <marcin@python-works.com> parents: 2662 diff changeset	215 )
417 3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	216 else:
3ed2d46a2ca7 permission refactoring, Marcin Kuzminski <marcin@python-works.com> parents: 323 diff changeset	217 return redirect(url('admin_home'))

Mercurial > kallithea

annotate rhodecode/controllers/admin/permissions.py @ 3867:73f7149f2cc0 beta