Mercurial > kallithea
diff rhodecode/controllers/admin/users_groups.py @ 2709:d2d35cf2b351 beta
RhodeCode now has a option to explicitly set forking permissions. ref #508
- changed the way permissons on users groups behave. Now explicit set on user
is more important than permission set on users group
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Fri, 10 Aug 2012 03:09:36 +0200 |
| parents | 91c442a489bb |
| children | 4150c45b5f7f |
line wrap: on
line diff
--- a/rhodecode/controllers/admin/users_groups.py Wed Aug 08 23:30:55 2012 +0200 +++ b/rhodecode/controllers/admin/users_groups.py Fri Aug 10 03:09:36 2012 +0200 @@ -34,13 +34,13 @@ from rhodecode.lib import helpers as h from rhodecode.lib.exceptions import UsersGroupsAssignedException -from rhodecode.lib.utils2 import safe_unicode +from rhodecode.lib.utils2 import safe_unicode, str2bool from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator from rhodecode.lib.base import BaseController, render from rhodecode.model.users_group import UsersGroupModel -from rhodecode.model.db import User, UsersGroup, Permission, UsersGroupToPerm +from rhodecode.model.db import User, UsersGroup from rhodecode.model.forms import UsersGroupForm from rhodecode.model.meta import Session from rhodecode.lib.utils import action_logger @@ -135,15 +135,20 @@ h.flash(_('updated users group %s') % gr, category='success') Session().commit() except formencode.Invalid, errors: + ug_model = UsersGroupModel() + defaults = errors.value e = errors.error_dict or {} - - perm = Permission.get_by_key('hg.create.repository') - e.update({'create_repo_perm': - UsersGroupModel().has_perm(id, perm)}) + defaults.update({ + 'create_repo_perm': ug_model.has_perm(id, + 'hg.create.repository'), + 'fork_repo_perm': ug_model.has_perm(id, + 'hg.fork.repository'), + '_method': 'put' + }) return htmlfill.render( render('admin/users_groups/users_group_edit.html'), - defaults=errors.value, + defaults=defaults, errors=e, prefix_error=False, encoding="UTF-8") @@ -152,7 +157,7 @@ h.flash(_('error occurred during update of users group %s') \ % request.POST.get('users_group_name'), category='error') - return redirect(url('users_groups')) + return redirect(url('edit_users_group', id=id)) def delete(self, id): """DELETE /users_groups/id: Delete an existing item""" @@ -162,9 +167,9 @@ # h.form(url('users_group', id=ID), # method='delete') # url('users_group', id=ID) - + usr_gr = UsersGroup.get_or_404(id) try: - UsersGroupModel().delete(id) + UsersGroupModel().delete(usr_gr) Session().commit() h.flash(_('successfully deleted users group'), category='success') except UsersGroupsAssignedException, e: @@ -183,9 +188,7 @@ """GET /users_groups/id/edit: Form to edit an existing item""" # url('edit_users_group', id=ID) - c.users_group = UsersGroup.get(id) - if not c.users_group: - return redirect(url('users_groups')) + c.users_group = UsersGroup.get_or_404(id) c.users_group.permissions = {} c.group_members_obj = [x.user for x in c.users_group.members] @@ -193,10 +196,15 @@ c.group_members_obj] c.available_members = [(x.user_id, x.username) for x in User.query().all()] + ug_model = UsersGroupModel() defaults = c.users_group.get_dict() - perm = Permission.get_by_key('hg.create.repository') - defaults.update({'create_repo_perm': - UsersGroupModel().has_perm(c.users_group, perm)}) + defaults.update({ + 'create_repo_perm': ug_model.has_perm(c.users_group, + 'hg.create.repository'), + 'fork_repo_perm': ug_model.has_perm(c.users_group, + 'hg.fork.repository'), + }) + return htmlfill.render( render('admin/users_groups/users_group_edit.html'), defaults=defaults, @@ -208,25 +216,43 @@ """PUT /users_perm/id: Update an existing item""" # url('users_group_perm', id=ID, method='put') - grant_perm = request.POST.get('create_repo_perm', False) + users_group = UsersGroup.get_or_404(id) + grant_create_perm = str2bool(request.POST.get('create_repo_perm')) + grant_fork_perm = str2bool(request.POST.get('fork_repo_perm')) + inherit_perms = str2bool(request.POST.get('inherit_default_permissions')) + + usersgroup_model = UsersGroupModel() + + try: + users_group.inherit_default_permissions = inherit_perms + Session().add(users_group) - if grant_perm: - perm = Permission.get_by_key('hg.create.none') - UsersGroupModel().revoke_perm(id, perm) + if grant_create_perm: + usersgroup_model.revoke_perm(id, 'hg.create.none') + usersgroup_model.grant_perm(id, 'hg.create.repository') + h.flash(_("Granted 'repository create' permission to users group"), + category='success') + else: + usersgroup_model.revoke_perm(id, 'hg.create.repository') + usersgroup_model.grant_perm(id, 'hg.create.none') + h.flash(_("Revoked 'repository create' permission to users group"), + category='success') - perm = Permission.get_by_key('hg.create.repository') - UsersGroupModel().grant_perm(id, perm) - h.flash(_("Granted 'repository create' permission to user"), - category='success') + if grant_fork_perm: + usersgroup_model.revoke_perm(id, 'hg.fork.none') + usersgroup_model.grant_perm(id, 'hg.fork.repository') + h.flash(_("Granted 'repository fork' permission to users group"), + category='success') + else: + usersgroup_model.revoke_perm(id, 'hg.fork.repository') + usersgroup_model.grant_perm(id, 'hg.fork.none') + h.flash(_("Revoked 'repository fork' permission to users group"), + category='success') Session().commit() - else: - perm = Permission.get_by_key('hg.create.repository') - UsersGroupModel().revoke_perm(id, perm) + except Exception: + log.error(traceback.format_exc()) + h.flash(_('An error occurred during permissions saving'), + category='error') - perm = Permission.get_by_key('hg.create.none') - UsersGroupModel().grant_perm(id, perm) - h.flash(_("Revoked 'repository create' permission to user"), - category='success') - Session().commit() return redirect(url('edit_users_group', id=id))