Mercurial > kallithea
annotate rhodecode/controllers/admin/permissions.py @ 4045:9b4ba12ef8c3
Add ini option to controll custom advanced hooks settings
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 27 Jun 2013 00:47:15 +0200 |
parents | 5293d4bbb1ea |
children | ffd45b185016 |
rev | line source |
---|---|
760
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
1 # -*- coding: utf-8 -*- |
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
2 """ |
853
f67868ef6cd2
some docs updates on controller
Marcin Kuzminski <marcin@python-works.com>
parents:
769
diff
changeset
|
3 rhodecode.controllers.admin.permissions |
f67868ef6cd2
some docs updates on controller
Marcin Kuzminski <marcin@python-works.com>
parents:
769
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
5 |
760
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
6 permissions controller for Rhodecode |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
7 |
760
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
8 :created_on: Apr 27, 2010 |
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
9 :author: marcink |
1824
89efedac4e6c
2012 copyrights
Marcin Kuzminski <marcin@python-works.com>
parents:
1749
diff
changeset
|
10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
760
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
11 :license: GPLv3, see COPYING for more details. |
fb7a3b291e64
Cleaned up scm model codes,Admin/admin permissions controller codes
Marcin Kuzminski <marcin@python-works.com>
parents:
705
diff
changeset
|
12 """ |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # This program is free software: you can redistribute it and/or modify |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
14 # it under the terms of the GNU General Public License as published by |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
15 # the Free Software Foundation, either version 3 of the License, or |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
16 # (at your option) any later version. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
17 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
18 # This program is distributed in the hope that it will be useful, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
21 # GNU General Public License for more details. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
22 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
230
diff
changeset
|
23 # You should have received a copy of the GNU General Public License |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
25 |
1501
a828b83dfa4b
Deprecated UserModel removals
Marcin Kuzminski <marcin@python-works.com>
parents:
1315
diff
changeset
|
26 import logging |
a828b83dfa4b
Deprecated UserModel removals
Marcin Kuzminski <marcin@python-works.com>
parents:
1315
diff
changeset
|
27 import traceback |
a828b83dfa4b
Deprecated UserModel removals
Marcin Kuzminski <marcin@python-works.com>
parents:
1315
diff
changeset
|
28 import formencode |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
29 from formencode import htmlfill |
1501
a828b83dfa4b
Deprecated UserModel removals
Marcin Kuzminski <marcin@python-works.com>
parents:
1315
diff
changeset
|
30 |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
31 from pylons import request, session, tmpl_context as c, url |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
32 from pylons.controllers.util import abort, redirect |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
33 from pylons.i18n.translation import _ |
1501
a828b83dfa4b
Deprecated UserModel removals
Marcin Kuzminski <marcin@python-works.com>
parents:
1315
diff
changeset
|
34 |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
35 from rhodecode.lib import helpers as h |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
36 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\ |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
37 AuthUser |
547
1e757ac98988
renamed project to rhodecode
Marcin Kuzminski <marcin@python-works.com>
parents:
418
diff
changeset
|
38 from rhodecode.lib.base import BaseController, render |
1501
a828b83dfa4b
Deprecated UserModel removals
Marcin Kuzminski <marcin@python-works.com>
parents:
1315
diff
changeset
|
39 from rhodecode.model.forms import DefaultPermissionsForm |
692
cb0d9ce6ac5c
#50 on point cache invalidation changes.
Marcin Kuzminski <marcin@python-works.com>
parents:
673
diff
changeset
|
40 from rhodecode.model.permission import PermissionModel |
3731
21412a6c3854
throw 404s on empty show functions in ADMIN controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
3712
diff
changeset
|
41 from rhodecode.model.db import User, UserIpMap, Permission |
1734
48d4fcf04a29
another major refactoring with session management
Marcin Kuzminski <marcin@python-works.com>
parents:
1530
diff
changeset
|
42 from rhodecode.model.meta import Session |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
43 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
44 log = logging.getLogger(__name__) |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
45 |
1245
5f2fbab7c429
PEP8ify - controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
46 |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
47 class PermissionsController(BaseController): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
48 """REST Controller styled on the Atom Publishing Protocol""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
49 # To properly map this controller, ensure your config/routing.py |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
50 # file has a resource setup: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
51 # map.resource('permission', 'permissions') |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
52 |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
53 @LoginRequired() |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
54 @HasPermissionAllDecorator('hg.admin') |
305
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
55 def __before__(self): |
61be6dcd49a0
protected admin controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
252
diff
changeset
|
56 super(PermissionsController, self).__before__() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
57 |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
58 c.repo_perms_choices = [('repository.none', _('None'),), |
3052
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
59 ('repository.read', _('Read'),), |
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
60 ('repository.write', _('Write'),), |
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
61 ('repository.admin', _('Admin'),)] |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
62 c.group_perms_choices = [('group.none', _('None'),), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
63 ('group.read', _('Read'),), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
64 ('group.write', _('Write'),), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
65 ('group.admin', _('Admin'),)] |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
66 c.user_group_perms_choices = [('usergroup.none', _('None'),), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
67 ('usergroup.read', _('Read'),), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
68 ('usergroup.write', _('Write'),), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
69 ('usergroup.admin', _('Admin'),)] |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
70 c.register_choices = [ |
673
dd532af216d9
#49 Enabled anonymous access for web interface controllable from permissions pannel
Marcin Kuzminski <marcin@python-works.com>
parents:
664
diff
changeset
|
71 ('hg.register.none', |
3654
ec6354949623
Fix a lot of casings - use standard casing in most places
Mads Kiilerich <madski@unity3d.com>
parents:
3565
diff
changeset
|
72 _('Disabled')), |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
73 ('hg.register.manual_activate', |
3654
ec6354949623
Fix a lot of casings - use standard casing in most places
Mads Kiilerich <madski@unity3d.com>
parents:
3565
diff
changeset
|
74 _('Allowed with manual account activation')), |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
75 ('hg.register.auto_activate', |
3654
ec6354949623
Fix a lot of casings - use standard casing in most places
Mads Kiilerich <madski@unity3d.com>
parents:
3565
diff
changeset
|
76 _('Allowed with automatic account activation')), ] |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
77 |
3786
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
78 c.extern_activate_choices = [ |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
79 ('hg.extern_activate.manual', _('Manual activation of external account')), |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
80 ('hg.extern_activate.auto', _('Automatic activation of external account')), |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
81 ] |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
82 |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
83 c.repo_create_choices = [('hg.create.none', _('Disabled')), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
84 ('hg.create.repository', _('Enabled'))] |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
85 |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
86 c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
87 ('hg.usergroup.create.true', _('Enabled'))] |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
88 |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
89 c.repo_group_create_choices = [('hg.repogroup.create.false', _('Disabled')), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
90 ('hg.repogroup.create.true', _('Enabled'))] |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
91 |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
92 c.fork_choices = [('hg.fork.none', _('Disabled')), |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
93 ('hg.fork.repository', _('Enabled'))] |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
94 |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
95 def index(self, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
96 """GET /permissions: All items in the collection""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
97 # url('permissions') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
98 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
99 def create(self): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
100 """POST /permissions: Create a new item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
101 # url('permissions') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
102 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
103 def new(self, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
104 """GET /permissions/new: Form to create a new item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
105 # url('new_permission') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
106 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
107 def update(self, id): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
108 """PUT /permissions/id: Update an existing item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
109 # Forms posted to this method should contain a hidden field: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
110 # <input type="hidden" name="_method" value="PUT" /> |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
111 # Or using helpers: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
112 # h.form(url('permission', id=ID), |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
113 # method='put') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
114 # url('permission', id=ID) |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
115 if id == 'default': |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
116 c.user = default_user = User.get_default_user() |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
117 c.perm_user = AuthUser(user_id=default_user.user_id) |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
118 c.user_ip_map = UserIpMap.query()\ |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
119 .filter(UserIpMap.user == default_user).all() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
120 |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
121 _form = DefaultPermissionsForm( |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
122 [x[0] for x in c.repo_perms_choices], |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
123 [x[0] for x in c.group_perms_choices], |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
124 [x[0] for x in c.user_group_perms_choices], |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
125 [x[0] for x in c.repo_create_choices], |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
126 [x[0] for x in c.repo_group_create_choices], |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
127 [x[0] for x in c.user_group_create_choices], |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
128 [x[0] for x in c.fork_choices], |
3786
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
129 [x[0] for x in c.register_choices], |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
130 [x[0] for x in c.extern_activate_choices], |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
131 )() |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
132 |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
133 try: |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
134 form_result = _form.to_python(dict(request.POST)) |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
135 form_result.update({'perm_user_name': id}) |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
136 PermissionModel().update(form_result) |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
137 Session().commit() |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
138 h.flash(_('Default permissions updated successfully'), |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
139 category='success') |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
140 |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
141 except formencode.Invalid, errors: |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
142 defaults = errors.value |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
143 |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
144 return htmlfill.render( |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
145 render('admin/permissions/permissions.html'), |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
146 defaults=defaults, |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
147 errors=errors.error_dict or {}, |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
148 prefix_error=False, |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
149 encoding="UTF-8") |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
150 except Exception: |
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
151 log.error(traceback.format_exc()) |
3565
a8f2d78d14ea
consistently capitalize initial letter in flash messages
Mads Kiilerich <madski@unity3d.com>
parents:
3125
diff
changeset
|
152 h.flash(_('Error occurred during update of permissions'), |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
153 category='error') |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
154 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
155 return redirect(url('edit_permission', id=id)) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
156 |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
157 def delete(self, id): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
158 """DELETE /permissions/id: Delete an existing item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
159 # Forms posted to this method should contain a hidden field: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
160 # <input type="hidden" name="_method" value="DELETE" /> |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
161 # Or using helpers: |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
162 # h.form(url('permission', id=ID), |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
163 # method='delete') |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
164 # url('permission', id=ID) |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
165 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
166 def show(self, id, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
167 """GET /permissions/id: Show a specific item""" |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
168 # url('permission', id=ID) |
3731
21412a6c3854
throw 404s on empty show functions in ADMIN controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
3712
diff
changeset
|
169 Permission.get_or_404(-1) |
230
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
170 |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
171 def edit(self, id, format='html'): |
d982ed8e32d8
Admin templating updates, added rest permission controllers
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
172 """GET /permissions/id/edit: Form to edit an existing item""" |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
173 #url('edit_permission', id=ID) |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
174 |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
175 #this form can only edit default user permissions |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
176 if id == 'default': |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
177 c.user = User.get_default_user() |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
178 defaults = {'anonymous': c.user.active} |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
179 c.perm_user = c.user.AuthUser |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
180 c.user_ip_map = UserIpMap.query()\ |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
181 .filter(UserIpMap.user == c.user).all() |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
182 for p in c.user.user_perms: |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
183 if p.permission.permission_name.startswith('repository.'): |
3052
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
184 defaults['default_repo_perm'] = p.permission.permission_name |
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
185 |
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
186 if p.permission.permission_name.startswith('group.'): |
d3200c58764e
implemented #663 Admin/permission: specify default repogroup perms
Marcin Kuzminski <marcin@python-works.com>
parents:
2709
diff
changeset
|
187 defaults['default_group_perm'] = p.permission.permission_name |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
188 |
3734
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
189 if p.permission.permission_name.startswith('usergroup.'): |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
190 defaults['default_user_group_perm'] = p.permission.permission_name |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
191 |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
192 if p.permission.permission_name.startswith('hg.create.'): |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
193 defaults['default_repo_create'] = p.permission.permission_name |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
194 |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
195 if p.permission.permission_name.startswith('hg.repogroup.'): |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
196 defaults['default_repo_group_create'] = p.permission.permission_name |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
197 |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
198 if p.permission.permission_name.startswith('hg.usergroup.'): |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
199 defaults['default_user_group_create'] = p.permission.permission_name |
a8f520540ab0
New default permissions definition for user group create
Marcin Kuzminski <marcin@python-works.com>
parents:
3731
diff
changeset
|
200 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
201 if p.permission.permission_name.startswith('hg.register.'): |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
202 defaults['default_register'] = p.permission.permission_name |
629
7e536d1af60d
Code refactoring,models renames
Marcin Kuzminski <marcin@python-works.com>
parents:
564
diff
changeset
|
203 |
3786
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
204 if p.permission.permission_name.startswith('hg.extern_activate.'): |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
205 defaults['default_extern_activate'] = p.permission.permission_name |
222e6769e7b5
Added separate default permission for external_auth account
Marcin Kuzminski <marcin@python-works.com>
parents:
3734
diff
changeset
|
206 |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
207 if p.permission.permission_name.startswith('hg.fork.'): |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
208 defaults['default_fork'] = p.permission.permission_name |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
209 |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
210 return htmlfill.render( |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
211 render('admin/permissions/permissions.html'), |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
212 defaults=defaults, |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
213 encoding="UTF-8", |
3125
9b92cf5a0cca
Added UserIpMap interface for allowed IP addresses and IP restriction access
Marcin Kuzminski <marcin@python-works.com>
parents:
3052
diff
changeset
|
214 force_defaults=False |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2662
diff
changeset
|
215 ) |
417
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
216 else: |
3ed2d46a2ca7
permission refactoring,
Marcin Kuzminski <marcin@python-works.com>
parents:
323
diff
changeset
|
217 return redirect(url('admin_home')) |