# HG changeset patch # User Marcin Kuzminski # Date 1364433086 -3600 # Node ID c734686b3cf279ba32e50449050c55739dff8388 # Parent 32cb8d45f330741848ab19c072424d8386ed42ea moved permission management into separate entity. - this solves issues when whole form submision could influence permission management particular case is that when repo group permission is revoked and user is no longer able to update repository settings diff -r 32cb8d45f330 -r c734686b3cf2 rhodecode/config/routing.py --- a/rhodecode/config/routing.py Thu Mar 28 01:10:45 2013 +0100 +++ b/rhodecode/config/routing.py Thu Mar 28 02:11:26 2013 +0100 @@ -127,6 +127,11 @@ m.connect("formatted_repo", "/repos/{repo_name:.*?}.{format}", action="show", conditions=dict(method=["GET"], function=check_repo)) + #add repo perm member + m.connect('set_repo_perm_member', "/set_repo_perm_member/{repo_name:.*?}", + action="set_repo_perm_member", + conditions=dict(method=["POST"], function=check_repo)) + #ajax delete repo perm user m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}", action="delete_perm_user", diff -r 32cb8d45f330 -r c734686b3cf2 rhodecode/controllers/admin/repos.py --- a/rhodecode/controllers/admin/repos.py Thu Mar 28 01:10:45 2013 +0100 +++ b/rhodecode/controllers/admin/repos.py Thu Mar 28 02:11:26 2013 +0100 @@ -45,7 +45,7 @@ from rhodecode.model.meta import Session from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\ RhodeCodeSetting, RepositoryField -from rhodecode.model.forms import RepoForm, RepoFieldForm +from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm from rhodecode.model.scm import ScmModel, GroupList from rhodecode.model.repo import RepoModel from rhodecode.lib.compat import json @@ -330,6 +330,42 @@ return redirect(url('repos')) @HasRepoPermissionAllDecorator('repository.admin') + def set_repo_perm_member(self, repo_name): + form = RepoPermsForm()().to_python(request.POST) + + perms_new = form['perms_new'] + perms_updates = form['perms_updates'] + cur_repo = repo_name + + # update permissions + for member, perm, member_type in perms_updates: + if member_type == 'user': + # this updates existing one + RepoModel().grant_user_permission( + repo=cur_repo, user=member, perm=perm + ) + else: + RepoModel().grant_users_group_permission( + repo=cur_repo, group_name=member, perm=perm + ) + # set new permissions + for member, perm, member_type in perms_new: + if member_type == 'user': + RepoModel().grant_user_permission( + repo=cur_repo, user=member, perm=perm + ) + else: + RepoModel().grant_users_group_permission( + repo=cur_repo, group_name=member, perm=perm + ) + #TODO: implement this + #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions', + # repo_name, self.ip_addr, self.sa) + Session().commit() + h.flash(_('updated repository permissions'), category='success') + return redirect(url('edit_repo', repo_name=repo_name)) + + @HasRepoPermissionAllDecorator('repository.admin') def delete_perm_user(self, repo_name): """ DELETE an existing repository permission user @@ -339,6 +375,9 @@ try: RepoModel().revoke_user_permission(repo=repo_name, user=request.POST['user_id']) + #TODO: implement this + #action_logger(self.rhodecode_user, 'admin_revoked_repo_permissions', + # repo_name, self.ip_addr, self.sa) Session().commit() except Exception: log.error(traceback.format_exc()) diff -r 32cb8d45f330 -r c734686b3cf2 rhodecode/model/forms.py --- a/rhodecode/model/forms.py Thu Mar 28 01:10:45 2013 +0100 +++ b/rhodecode/model/forms.py Thu Mar 28 02:11:26 2013 +0100 @@ -199,11 +199,18 @@ user = All(v.UnicodeString(not_empty=True), v.ValidRepoUser()) chained_validators = [v.ValidCloneUri(), - v.ValidRepoName(edit, old_data), - v.ValidPerms()] + v.ValidRepoName(edit, old_data)] return _RepoForm +def RepoPermsForm(): + class _RepoPermsForm(formencode.Schema): + allow_extra_fields = True + filter_extra_fields = False + chained_validators = [v.ValidPerms()] + return _RepoPermsForm + + def RepoFieldForm(): class _RepoFieldForm(formencode.Schema): filter_extra_fields = True diff -r 32cb8d45f330 -r c734686b3cf2 rhodecode/model/repo.py --- a/rhodecode/model/repo.py Thu Mar 28 01:10:45 2013 +0100 +++ b/rhodecode/model/repo.py Thu Mar 28 02:11:26 2013 +0100 @@ -279,28 +279,6 @@ try: cur_repo = self.get_by_repo_name(org_repo_name, cache=False) - # update permissions - for member, perm, member_type in kwargs['perms_updates']: - if member_type == 'user': - # this updates existing one - RepoModel().grant_user_permission( - repo=cur_repo, user=member, perm=perm - ) - else: - RepoModel().grant_users_group_permission( - repo=cur_repo, group_name=member, perm=perm - ) - # set new permissions - for member, perm, member_type in kwargs['perms_new']: - if member_type == 'user': - RepoModel().grant_user_permission( - repo=cur_repo, user=member, perm=perm - ) - else: - RepoModel().grant_users_group_permission( - repo=cur_repo, group_name=member, perm=perm - ) - if 'user' in kwargs: cur_repo.user = User.get_by_username(kwargs['user']) diff -r 32cb8d45f330 -r c734686b3cf2 rhodecode/templates/admin/repos/repo_edit.html --- a/rhodecode/templates/admin/repos/repo_edit.html Thu Mar 28 01:10:45 2013 +0100 +++ b/rhodecode/templates/admin/repos/repo_edit.html Thu Mar 28 02:11:26 2013 +0100 @@ -144,15 +144,6 @@ %endfor %endif -
-
- -
-
- <%include file="repo_edit_perms.html"/> -
-
-
${h.submit('save',_('Save'),class_="ui-btn large")} ${h.reset('reset',_('Reset'),class_="ui-btn large")} @@ -164,6 +155,31 @@
+
${_('Permissions')}
+
+ ${h.form(url('set_repo_perm_member', repo_name=c.repo_info.repo_name),method='post')} +
+
+
+
+ +
+
+ <%include file="repo_edit_perms.html"/> +
+
+
+ ${h.submit('save',_('Save'),class_="ui-btn large")} + ${h.reset('reset',_('Reset'),class_="ui-btn large")} +
+
+
+ ${h.end_form()} +
+ + +
+
${_('Advanced settings')}