Mercurial > kallithea
comparison pylons_app/controllers/users.py @ 318:fdf9f6ee5217
Implemented permissions into hg app, secured admin controllers, templates and repository specific controllers
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Tue, 29 Jun 2010 20:45:03 +0200 |
| parents | 61be6dcd49a0 |
| children |
comparison
equal
deleted
inserted
replaced
| 317:c961b78ff0a0 | 318:fdf9f6ee5217 |
|---|---|
| 29 from pylons_app.lib import helpers as h | 29 from pylons_app.lib import helpers as h |
| 30 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator | 30 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator |
| 31 from pylons_app.lib.base import BaseController, render | 31 from pylons_app.lib.base import BaseController, render |
| 32 from pylons_app.model.db import User, UserLog | 32 from pylons_app.model.db import User, UserLog |
| 33 from pylons_app.model.forms import UserForm | 33 from pylons_app.model.forms import UserForm |
| 34 from pylons_app.model.user_model import UserModel | 34 from pylons_app.model.user_model import UserModel, DefaultUserException |
| 35 import formencode | 35 import formencode |
| 36 import logging | 36 import logging |
| 37 | 37 |
| 38 log = logging.getLogger(__name__) | 38 log = logging.getLogger(__name__) |
| 39 | 39 |
| 123 # url('user', id=ID) | 123 # url('user', id=ID) |
| 124 user_model = UserModel() | 124 user_model = UserModel() |
| 125 try: | 125 try: |
| 126 user_model.delete(id) | 126 user_model.delete(id) |
| 127 h.flash(_('sucessfully deleted user'), category='success') | 127 h.flash(_('sucessfully deleted user'), category='success') |
| 128 except DefaultUserException as e: | |
| 129 h.flash(str(e), category='warning') | |
| 128 except Exception: | 130 except Exception: |
| 129 h.flash(_('An error occured during deletion of user'), | 131 h.flash(_('An error occured during deletion of user'), |
| 130 category='error') | 132 category='error') |
| 131 | |
| 132 return redirect(url('users')) | 133 return redirect(url('users')) |
| 133 | 134 |
| 134 def show(self, id, format='html'): | 135 def show(self, id, format='html'): |
| 135 """GET /users/id: Show a specific item""" | 136 """GET /users/id: Show a specific item""" |
| 136 # url('user', id=ID) | 137 # url('user', id=ID) |
| 138 | 139 |
| 139 def edit(self, id, format='html'): | 140 def edit(self, id, format='html'): |
| 140 """GET /users/id/edit: Form to edit an existing item""" | 141 """GET /users/id/edit: Form to edit an existing item""" |
| 141 # url('edit_user', id=ID) | 142 # url('edit_user', id=ID) |
| 142 c.user = self.sa.query(User).get(id) | 143 c.user = self.sa.query(User).get(id) |
| 144 if c.user.username == 'default': | |
| 145 h.flash(_("You can't edit this user since it's" | |
| 146 " crucial for entire application"), category='warning') | |
| 147 return redirect(url('users')) | |
| 148 | |
| 143 defaults = c.user.__dict__ | 149 defaults = c.user.__dict__ |
| 144 return htmlfill.render( | 150 return htmlfill.render( |
| 145 render('admin/users/user_edit.html'), | 151 render('admin/users/user_edit.html'), |
| 146 defaults=defaults, | 152 defaults=defaults, |
| 147 encoding="UTF-8", | 153 encoding="UTF-8", |