Mercurial > kallithea
comparison pylons_app/controllers/admin/permissions.py @ 417:3ed2d46a2ca7
permission refactoring,
Implemented views for default permissions,
fixes #23 user registration is controlled by permission system.
Implemented manual registration option
websetup fills default permissions
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Sat, 21 Aug 2010 16:34:37 +0200 |
parents | 8026872a10ee |
children | 63c697d1a631 |
comparison
equal
deleted
inserted
replaced
416:25ab66a26975 | 417:3ed2d46a2ca7 |
---|---|
1 #!/usr/bin/env python | 1 #!/usr/bin/env python |
2 # encoding: utf-8 | 2 # encoding: utf-8 |
3 # permissions controller for pylons | 3 # permissions controller for pylons |
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> | 4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> |
5 | 5 # |
6 # This program is free software; you can redistribute it and/or | 6 # This program is free software; you can redistribute it and/or |
7 # modify it under the terms of the GNU General Public License | 7 # modify it under the terms of the GNU General Public License |
8 # as published by the Free Software Foundation; version 2 | 8 # as published by the Free Software Foundation; version 2 |
9 # of the License or (at your opinion) any later version of the license. | 9 # of the License or (at your opinion) any later version of the license. |
10 # | 10 # |
20 """ | 20 """ |
21 Created on April 27, 2010 | 21 Created on April 27, 2010 |
22 permissions controller for pylons | 22 permissions controller for pylons |
23 @author: marcink | 23 @author: marcink |
24 """ | 24 """ |
25 | |
25 from formencode import htmlfill | 26 from formencode import htmlfill |
26 from pylons import request, session, tmpl_context as c, url | 27 from pylons import request, session, tmpl_context as c, url |
27 from pylons.controllers.util import abort, redirect | 28 from pylons.controllers.util import abort, redirect |
28 from pylons.i18n.translation import _ | 29 from pylons.i18n.translation import _ |
29 from pylons_app.lib import helpers as h | 30 from pylons_app.lib import helpers as h |
30 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator | 31 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator |
31 from pylons_app.lib.base import BaseController, render | 32 from pylons_app.lib.base import BaseController, render |
32 from pylons_app.model.db import User, UserLog | 33 from pylons_app.model.db import User, UserLog |
33 from pylons_app.model.forms import UserForm | 34 from pylons_app.model.forms import UserForm, DefaultPermissionsForm |
35 from pylons_app.model.permission_model import PermissionModel | |
34 from pylons_app.model.user_model import UserModel | 36 from pylons_app.model.user_model import UserModel |
35 import formencode | 37 import formencode |
36 import logging | 38 import logging |
39 import traceback | |
37 | 40 |
38 log = logging.getLogger(__name__) | 41 log = logging.getLogger(__name__) |
39 | 42 |
40 class PermissionsController(BaseController): | 43 class PermissionsController(BaseController): |
41 """REST Controller styled on the Atom Publishing Protocol""" | 44 """REST Controller styled on the Atom Publishing Protocol""" |
42 # To properly map this controller, ensure your config/routing.py | 45 # To properly map this controller, ensure your config/routing.py |
43 # file has a resource setup: | 46 # file has a resource setup: |
44 # map.resource('permission', 'permissions') | 47 # map.resource('permission', 'permissions') |
45 | 48 |
46 @LoginRequired() | 49 @LoginRequired() |
47 #@HasPermissionAllDecorator('hg.admin') | 50 @HasPermissionAllDecorator('hg.admin') |
48 def __before__(self): | 51 def __before__(self): |
49 c.admin_user = session.get('admin_user') | 52 c.admin_user = session.get('admin_user') |
50 c.admin_username = session.get('admin_username') | 53 c.admin_username = session.get('admin_username') |
51 super(PermissionsController, self).__before__() | 54 super(PermissionsController, self).__before__() |
52 | 55 |
56 self.perms_choices = [('repository.none', _('None'),), | |
57 ('repository.read', _('Read'),), | |
58 ('repository.write', _('Write'),), | |
59 ('repository.admin', _('Admin'),)] | |
60 self.register_choices = [ | |
61 ('hg.register.none', 'disabled'), | |
62 ('hg.register.manual_activate', | |
63 _('allowed with manual account activation')), | |
64 ('hg.register.auto_activate', | |
65 _('allowed with automatic account activation')), ] | |
66 | |
67 self.create_choices = [('hg.create.none', _('Disabled')), | |
68 ('hg.create.repository', _('Enabled'))] | |
69 | |
70 | |
53 def index(self, format='html'): | 71 def index(self, format='html'): |
54 """GET /permissions: All items in the collection""" | 72 """GET /permissions: All items in the collection""" |
55 # url('permissions') | 73 # url('permissions') |
56 return render('admin/permissions/permissions.html') | |
57 | 74 |
58 def create(self): | 75 def create(self): |
59 """POST /permissions: Create a new item""" | 76 """POST /permissions: Create a new item""" |
60 # url('permissions') | 77 # url('permissions') |
61 | 78 |
69 # <input type="hidden" name="_method" value="PUT" /> | 86 # <input type="hidden" name="_method" value="PUT" /> |
70 # Or using helpers: | 87 # Or using helpers: |
71 # h.form(url('permission', id=ID), | 88 # h.form(url('permission', id=ID), |
72 # method='put') | 89 # method='put') |
73 # url('permission', id=ID) | 90 # url('permission', id=ID) |
91 | |
92 permission_model = PermissionModel() | |
93 | |
94 _form = DefaultPermissionsForm([x[0] for x in self.perms_choices], | |
95 [x[0] for x in self.register_choices], | |
96 [x[0] for x in self.create_choices])() | |
97 | |
98 try: | |
99 form_result = _form.to_python(dict(request.POST)) | |
100 permission_model.update(form_result) | |
101 h.flash(_('Default permissions updated succesfully'), | |
102 category='success') | |
103 | |
104 except formencode.Invalid as errors: | |
105 c.perms_choices = self.perms_choices | |
106 c.register_choices = self.register_choices | |
107 c.create_choices = self.create_choices | |
108 | |
109 return htmlfill.render( | |
110 render('admin/permissions/permissions.html'), | |
111 defaults=errors.value, | |
112 errors=errors.error_dict or {}, | |
113 prefix_error=False, | |
114 encoding="UTF-8") | |
115 except Exception: | |
116 log.error(traceback.format_exc()) | |
117 h.flash(_('error occured during update of permissions'), | |
118 category='error') | |
119 | |
120 return redirect(url('edit_permission', id=id)) | |
121 | |
122 | |
74 | 123 |
75 def delete(self, id): | 124 def delete(self, id): |
76 """DELETE /permissions/id: Delete an existing item""" | 125 """DELETE /permissions/id: Delete an existing item""" |
77 # Forms posted to this method should contain a hidden field: | 126 # Forms posted to this method should contain a hidden field: |
78 # <input type="hidden" name="_method" value="DELETE" /> | 127 # <input type="hidden" name="_method" value="DELETE" /> |
85 """GET /permissions/id: Show a specific item""" | 134 """GET /permissions/id: Show a specific item""" |
86 # url('permission', id=ID) | 135 # url('permission', id=ID) |
87 | 136 |
88 def edit(self, id, format='html'): | 137 def edit(self, id, format='html'): |
89 """GET /permissions/id/edit: Form to edit an existing item""" | 138 """GET /permissions/id/edit: Form to edit an existing item""" |
90 # url('edit_permission', id=ID) | 139 #url('edit_permission', id=ID) |
140 c.perms_choices = self.perms_choices | |
141 c.register_choices = self.register_choices | |
142 c.create_choices = self.create_choices | |
143 | |
144 if id == 'default': | |
145 defaults = {'_method':'put'} | |
146 for p in UserModel().get_default().user_perms: | |
147 if p.permission.permission_name.startswith('repository.'): | |
148 defaults['default_perm'] = p.permission.permission_name | |
149 | |
150 if p.permission.permission_name.startswith('hg.register.'): | |
151 defaults['default_register'] = p.permission.permission_name | |
152 | |
153 if p.permission.permission_name.startswith('hg.create.'): | |
154 defaults['default_create'] = p.permission.permission_name | |
155 | |
156 return htmlfill.render( | |
157 render('admin/permissions/permissions.html'), | |
158 defaults=defaults, | |
159 encoding="UTF-8", | |
160 force_defaults=True,) | |
161 else: | |
162 return redirect(url('admin_home')) |