Mercurial > kallithea
comparison rhodecode/controllers/admin/repos.py @ 3714:7e3d89d9d3a2 beta
- Manage User’s Groups: create, delete, rename, add/remove users inside.
by user group admin.
In this case, a user's group can be owned by several people thru an owner user's group.
Some refactoring of naming, permission handling logic.
- remove some code duplicity as well as inconsistent naming
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 08 Apr 2013 22:47:35 +0200 |
parents | 08cf7741e5e1 |
children | 25dbbdae3ed9 |
comparison
equal
deleted
inserted
replaced
3713:e45f8cefd7d9 | 3714:7e3d89d9d3a2 |
---|---|
44 from rhodecode.lib.helpers import get_token | 44 from rhodecode.lib.helpers import get_token |
45 from rhodecode.model.meta import Session | 45 from rhodecode.model.meta import Session |
46 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\ | 46 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\ |
47 RhodeCodeSetting, RepositoryField | 47 RhodeCodeSetting, RepositoryField |
48 from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm | 48 from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm |
49 from rhodecode.model.scm import ScmModel, GroupList | 49 from rhodecode.model.scm import ScmModel, RepoGroupList |
50 from rhodecode.model.repo import RepoModel | 50 from rhodecode.model.repo import RepoModel |
51 from rhodecode.lib.compat import json | 51 from rhodecode.lib.compat import json |
52 from sqlalchemy.sql.expression import func | 52 from sqlalchemy.sql.expression import func |
53 from rhodecode.lib.exceptions import AttachedForksError | 53 from rhodecode.lib.exceptions import AttachedForksError |
54 | 54 |
65 @LoginRequired() | 65 @LoginRequired() |
66 def __before__(self): | 66 def __before__(self): |
67 super(ReposController, self).__before__() | 67 super(ReposController, self).__before__() |
68 | 68 |
69 def __load_defaults(self): | 69 def __load_defaults(self): |
70 acl_groups = GroupList(RepoGroup.query().all(), | 70 acl_groups = RepoGroupList(RepoGroup.query().all(), |
71 perm_set=['group.write', 'group.admin']) | 71 perm_set=['group.write', 'group.admin']) |
72 c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) | 72 c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) |
73 c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) | 73 c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) |
74 | 74 |
75 repo_model = RepoModel() | 75 repo_model = RepoModel() |
212 _gr = RepoGroup.get(parent_group) | 212 _gr = RepoGroup.get(parent_group) |
213 gr_name = _gr.group_name if _gr else None | 213 gr_name = _gr.group_name if _gr else None |
214 if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name): | 214 if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name): |
215 raise HTTPForbidden | 215 raise HTTPForbidden |
216 | 216 |
217 acl_groups = GroupList(RepoGroup.query().all(), | 217 acl_groups = RepoGroupList(RepoGroup.query().all(), |
218 perm_set=['group.write', 'group.admin']) | 218 perm_set=['group.write', 'group.admin']) |
219 c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) | 219 c.repo_groups = RepoGroup.groups_choices(groups=acl_groups) |
220 c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) | 220 c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups) |
221 choices, c.landing_revs = ScmModel().get_repo_landing_revs() | 221 choices, c.landing_revs = ScmModel().get_repo_landing_revs() |
222 | 222 |
328 return redirect(url('repos')) | 328 return redirect(url('repos')) |
329 | 329 |
330 @HasRepoPermissionAllDecorator('repository.admin') | 330 @HasRepoPermissionAllDecorator('repository.admin') |
331 def set_repo_perm_member(self, repo_name): | 331 def set_repo_perm_member(self, repo_name): |
332 form = RepoPermsForm()().to_python(request.POST) | 332 form = RepoPermsForm()().to_python(request.POST) |
333 | 333 RepoModel()._update_permissions(repo_name, form['perms_new'], |
334 perms_new = form['perms_new'] | 334 form['perms_updates']) |
335 perms_updates = form['perms_updates'] | |
336 cur_repo = repo_name | |
337 | |
338 # update permissions | |
339 for member, perm, member_type in perms_updates: | |
340 if member_type == 'user': | |
341 # this updates existing one | |
342 RepoModel().grant_user_permission( | |
343 repo=cur_repo, user=member, perm=perm | |
344 ) | |
345 else: | |
346 RepoModel().grant_users_group_permission( | |
347 repo=cur_repo, group_name=member, perm=perm | |
348 ) | |
349 # set new permissions | |
350 for member, perm, member_type in perms_new: | |
351 if member_type == 'user': | |
352 RepoModel().grant_user_permission( | |
353 repo=cur_repo, user=member, perm=perm | |
354 ) | |
355 else: | |
356 RepoModel().grant_users_group_permission( | |
357 repo=cur_repo, group_name=member, perm=perm | |
358 ) | |
359 #TODO: implement this | 335 #TODO: implement this |
360 #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions', | 336 #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions', |
361 # repo_name, self.ip_addr, self.sa) | 337 # repo_name, self.ip_addr, self.sa) |
362 Session().commit() | 338 Session().commit() |
363 h.flash(_('Repository permissions updated'), category='success') | 339 h.flash(_('Repository permissions updated'), category='success') |