Mercurial > kallithea
view kallithea/templates/admin/repo_groups/repo_group_edit_perms.html @ 8991:2e1059de6751 stable
repo groups: make it possible to remove own explicit permissions, now when group owners always have admin permissions
Until recently, group owners very given explicit admin permissions on repo
group, and special care was taken to make sure they didn't remove themselves.
Now we always give admin permissions to owners, and don't care about the
explicit permissions. We no longer add them when creating groups or changing
owner. There is no migration step to remove redundant permissions, but we
should allow group admins to remove them. This change will thus remove the
mechanism for preventing removal of own/owner permissions.
| author | Mads Kiilerich <mads@kiilerich.com> |
|---|---|
| date | Tue, 09 May 2023 17:42:44 +0200 |
| parents | 0f9415c2115e |
| children | 439bc130e093 |
line wrap: on
line source
${h.form(url('edit_repo_group_perms', group_name=c.repo_group.group_name))} <div class="form"> <div> <table id="permissions_manage" class="table"> <tr> <td>${_('None')}<br />(${_('Not visible')})</td> <td>${_('Read')}<br />(${_('Visible')})</td> <td>${_('Write')}<br />(${_('Add repos')})</td> <td>${_('Admin')}<br />(${_('Add/Edit groups')})</td> <td>${_('User/User Group')}</td> <td></td> </tr> ## USERS %for r2p in c.repo_group.repo_group_to_perm: <tr id="id${id(r2p.user.username)}"> <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none')}</td> <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read')}</td> <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write')}</td> <td>${h.radio('u_perm_%s' % r2p.user.username,'group.admin')}</td> <td> ${h.gravatar(r2p.user.email, cls="perm-gravatar", size=14)} %if h.HasPermissionAny('hg.admin')() and r2p.user.username != 'default': <a href="${h.url('edit_user',id=r2p.user.user_id)}">${r2p.user.username}</a> %else: ${r2p.user.username if r2p.user.username != 'default' else _('Default')} %endif </td> <td> %if r2p.user.username !='default': <button type="button" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${r2p.user.user_id}, 'user', '${'id%s'%id(r2p.user.username)}', '${r2p.user.username}')"> <i class="icon-minus-circled"></i>${_('Revoke')} </button> %endif </td> </tr> %endfor ## USER GROUPS %for g2p in c.repo_group.users_group_to_perm: <tr id="id${id(g2p.users_group.users_group_name)}"> <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.none')}</td> <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.read')}</td> <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.write')}</td> <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.admin')}</td> <td> <i class="icon-users"></i> %if h.HasPermissionAny('hg.admin')(): <a href="${h.url('edit_users_group',id=g2p.users_group.users_group_id)}"> ${g2p.users_group.users_group_name} </a> %else: ${g2p.users_group.users_group_name} %endif </td> <td> <button type="button" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${g2p.users_group.users_group_id}, 'user_group', '${'id%s'%id(g2p.users_group.users_group_name)}', '${g2p.users_group.users_group_name}')"> <i class="icon-minus-circled"></i>${_('Revoke')} </button> </td> </tr> %endfor ## New entries added by addPermAction here. <tr class="new_members last_new_member" id="add_perm_input"><td colspan="6"></td></tr> <tr> <td colspan="6"> <button type="button" id="add_perm" class="btn btn-link btn-xs"> <i class="icon-plus"></i>${_('Add new')} </button> </td> </tr> <tr> <td colspan="6"> ${_('Apply to children')}: ${h.radio('recursive', 'none', label=_('None'), checked="checked")} ${h.radio('recursive', 'groups', label=_('Repository Groups'))} ${h.radio('recursive', 'repos', label=_('Repositories'))} ${h.radio('recursive', 'all', label=_('Both'))} <span class="help-block">${_('Set or revoke permission to all children of that group, including non-private repositories and other groups if selected.')}</span> </td> </tr> </table> </div> <div class="buttons"> ${h.submit('save',_('Save'),class_="btn btn-default")} ${h.reset('reset',_('Reset'),class_="btn btn-default")} </div> </div> ${h.end_form()} <script> 'use strict'; function ajaxActionRevoke(obj_id, obj_type, field_id, obj_name) { let url = ${h.jshtml(h.url('edit_repo_group_perms_delete', group_name=c.repo_group.group_name))}; var revoke_msg = _TM['Confirm to revoke permission for {0}: {1}?'].format(obj_type.replace('_', ' '), obj_name); if (confirm(revoke_msg)){ var recursive = $('input[name=recursive]:checked').val(); ajaxActionRevokePermission(url, obj_id, obj_type, field_id, {recursive:recursive}); } } $(document).ready(function () { if (!$('#perm_new_member_name').hasClass('error')) { $('#add_perm_input').hide(); } $('#add_perm').click(function () { addPermAction('group'); }); }); </script>