Mercurial > kallithea

comparison pylons_app/controllers/admin/permissions.py @ 417:3ed2d46a2ca7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
permission refactoring, Implemented views for default permissions, fixes #23 user registration is controlled by permission system. Implemented manual registration option websetup fills default permissions
author Marcin Kuzminski <marcin@python-works.com>
date Sat, 21 Aug 2010 16:34:37 +0200
parents 8026872a10ee
children 63c697d1a631
comparison
equal deleted inserted replaced
416:25ab66a26975 417:3ed2d46a2ca7
1 #!/usr/bin/env python 1 #!/usr/bin/env python
2 # encoding: utf-8 2 # encoding: utf-8
3 # permissions controller for pylons 3 # permissions controller for pylons
4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> 4 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
5 5 #
6 # This program is free software; you can redistribute it and/or 6 # This program is free software; you can redistribute it and/or
7 # modify it under the terms of the GNU General Public License 7 # modify it under the terms of the GNU General Public License
8 # as published by the Free Software Foundation; version 2 8 # as published by the Free Software Foundation; version 2
9 # of the License or (at your opinion) any later version of the license. 9 # of the License or (at your opinion) any later version of the license.
10 # 10 #
20 """ 20 """
21 Created on April 27, 2010 21 Created on April 27, 2010
22 permissions controller for pylons 22 permissions controller for pylons
23 @author: marcink 23 @author: marcink
24 """ 24 """
25
25 from formencode import htmlfill 26 from formencode import htmlfill
26 from pylons import request, session, tmpl_context as c, url 27 from pylons import request, session, tmpl_context as c, url
27 from pylons.controllers.util import abort, redirect 28 from pylons.controllers.util import abort, redirect
28 from pylons.i18n.translation import _ 29 from pylons.i18n.translation import _
29 from pylons_app.lib import helpers as h 30 from pylons_app.lib import helpers as h
30 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator 31 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
31 from pylons_app.lib.base import BaseController, render 32 from pylons_app.lib.base import BaseController, render
32 from pylons_app.model.db import User, UserLog 33 from pylons_app.model.db import User, UserLog
33 from pylons_app.model.forms import UserForm 34 from pylons_app.model.forms import UserForm, DefaultPermissionsForm
35 from pylons_app.model.permission_model import PermissionModel
34 from pylons_app.model.user_model import UserModel 36 from pylons_app.model.user_model import UserModel
35 import formencode 37 import formencode
36 import logging 38 import logging
39 import traceback
37 40
38 log = logging.getLogger(__name__) 41 log = logging.getLogger(__name__)
39 42
40 class PermissionsController(BaseController): 43 class PermissionsController(BaseController):
41 """REST Controller styled on the Atom Publishing Protocol""" 44 """REST Controller styled on the Atom Publishing Protocol"""
42 # To properly map this controller, ensure your config/routing.py 45 # To properly map this controller, ensure your config/routing.py
43 # file has a resource setup: 46 # file has a resource setup:
44 # map.resource('permission', 'permissions') 47 # map.resource('permission', 'permissions')
45 48
46 @LoginRequired() 49 @LoginRequired()
47 #@HasPermissionAllDecorator('hg.admin') 50 @HasPermissionAllDecorator('hg.admin')
48 def __before__(self): 51 def __before__(self):
49 c.admin_user = session.get('admin_user') 52 c.admin_user = session.get('admin_user')
50 c.admin_username = session.get('admin_username') 53 c.admin_username = session.get('admin_username')
51 super(PermissionsController, self).__before__() 54 super(PermissionsController, self).__before__()
52 55
56 self.perms_choices = [('repository.none', _('None'),),
57 ('repository.read', _('Read'),),
58 ('repository.write', _('Write'),),
59 ('repository.admin', _('Admin'),)]
60 self.register_choices = [
61 ('hg.register.none', 'disabled'),
62 ('hg.register.manual_activate',
63 _('allowed with manual account activation')),
64 ('hg.register.auto_activate',
65 _('allowed with automatic account activation')), ]
66
67 self.create_choices = [('hg.create.none', _('Disabled')),
68 ('hg.create.repository', _('Enabled'))]
69
70
53 def index(self, format='html'): 71 def index(self, format='html'):
54 """GET /permissions: All items in the collection""" 72 """GET /permissions: All items in the collection"""
55 # url('permissions') 73 # url('permissions')
56 return render('admin/permissions/permissions.html')
57 74
58 def create(self): 75 def create(self):
59 """POST /permissions: Create a new item""" 76 """POST /permissions: Create a new item"""
60 # url('permissions') 77 # url('permissions')
61 78
69 # <input type="hidden" name="_method" value="PUT" /> 86 # <input type="hidden" name="_method" value="PUT" />
70 # Or using helpers: 87 # Or using helpers:
71 # h.form(url('permission', id=ID), 88 # h.form(url('permission', id=ID),
72 # method='put') 89 # method='put')
73 # url('permission', id=ID) 90 # url('permission', id=ID)
91
92 permission_model = PermissionModel()
93
94 _form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
95 [x[0] for x in self.register_choices],
96 [x[0] for x in self.create_choices])()
97
98 try:
99 form_result = _form.to_python(dict(request.POST))
100 permission_model.update(form_result)
101 h.flash(_('Default permissions updated succesfully'),
102 category='success')
103
104 except formencode.Invalid as errors:
105 c.perms_choices = self.perms_choices
106 c.register_choices = self.register_choices
107 c.create_choices = self.create_choices
108
109 return htmlfill.render(
110 render('admin/permissions/permissions.html'),
111 defaults=errors.value,
112 errors=errors.error_dict or {},
113 prefix_error=False,
114 encoding="UTF-8")
115 except Exception:
116 log.error(traceback.format_exc())
117 h.flash(_('error occured during update of permissions'),
118 category='error')
119
120 return redirect(url('edit_permission', id=id))
121
122
74 123
75 def delete(self, id): 124 def delete(self, id):
76 """DELETE /permissions/id: Delete an existing item""" 125 """DELETE /permissions/id: Delete an existing item"""
77 # Forms posted to this method should contain a hidden field: 126 # Forms posted to this method should contain a hidden field:
78 # <input type="hidden" name="_method" value="DELETE" /> 127 # <input type="hidden" name="_method" value="DELETE" />
85 """GET /permissions/id: Show a specific item""" 134 """GET /permissions/id: Show a specific item"""
86 # url('permission', id=ID) 135 # url('permission', id=ID)
87 136
88 def edit(self, id, format='html'): 137 def edit(self, id, format='html'):
89 """GET /permissions/id/edit: Form to edit an existing item""" 138 """GET /permissions/id/edit: Form to edit an existing item"""
90 # url('edit_permission', id=ID) 139 #url('edit_permission', id=ID)
140 c.perms_choices = self.perms_choices
141 c.register_choices = self.register_choices
142 c.create_choices = self.create_choices
143
144 if id == 'default':
145 defaults = {'_method':'put'}
146 for p in UserModel().get_default().user_perms:
147 if p.permission.permission_name.startswith('repository.'):
148 defaults['default_perm'] = p.permission.permission_name
149
150 if p.permission.permission_name.startswith('hg.register.'):
151 defaults['default_register'] = p.permission.permission_name
152
153 if p.permission.permission_name.startswith('hg.create.'):
154 defaults['default_create'] = p.permission.permission_name
155
156 return htmlfill.render(
157 render('admin/permissions/permissions.html'),
158 defaults=defaults,
159 encoding="UTF-8",
160 force_defaults=True,)
161 else:
162 return redirect(url('admin_home'))