# HG changeset patch
# User Marcin Kuzminski <marcin@python-works.com>
# Date 1280675338 -7200
# Node ID ca54622e39a13e4c0853e374d04916820a81d0ed
# Parent  86a25ad59766a6d85ca65979b5490269d17a0b23
Added separate create repository views for non administrative users.
Fixed permission issue with private repos

diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/__init__.py
--- a/pylons_app/__init__.py	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/__init__.py	Sun Aug 01 17:08:58 2010 +0200
@@ -2,7 +2,7 @@
 # encoding: utf-8
 # Hg app, a web based mercurial repository managment based on pylons
 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
- 
+# 
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; version 2
@@ -17,7 +17,6 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
-
 """
 Created on April 9, 2010
 Hg app, a web based mercurial repository managment based on pylons
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/config/routing.py
--- a/pylons_app/config/routing.py	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/config/routing.py	Sun Aug 01 17:08:58 2010 +0200
@@ -100,6 +100,8 @@
              action="my_account", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_account_update", "/my_account_update",
              action="my_account_update", conditions=dict(method=["PUT"]))
+        m.connect("admin_settings_create_repository", "/create_repository",
+             action="create_repository", conditions=dict(method=["GET"]))
     
     #ADMIN
     with map.submapper(path_prefix='/_admin', controller='admin/admin') as m:
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/controllers/admin/repos.py
--- a/pylons_app/controllers/admin/repos.py	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/controllers/admin/repos.py	Sun Aug 01 17:08:58 2010 +0200
@@ -29,7 +29,8 @@
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from pylons_app.lib import helpers as h
-from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
+from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator, \
+    HasPermissionAnyDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.lib.utils import invalidate_cache
 from pylons_app.model.db import User
@@ -49,12 +50,13 @@
     #     map.resource('repo', 'repos')
     
     @LoginRequired()
-    @HasPermissionAllDecorator('hg.admin')
+    @HasPermissionAnyDecorator('hg.admin', 'repository.create')
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(ReposController, self).__before__()
-                
+    
+    @HasPermissionAllDecorator('hg.admin')            
     def index(self, format='html'):
         """GET /repos: All items in the collection"""
         # url('repos')
@@ -62,6 +64,7 @@
         c.repos_list = sorted(cached_repo_list, key=itemgetter('name_sort'))
         return render('admin/repos/repos.html')
     
+    @HasPermissionAnyDecorator('hg.admin', 'repository.create')
     def create(self):
         """POST /repos: Create a new item"""
         # url('repos')
@@ -77,8 +80,14 @@
                                                              
         except formencode.Invalid as errors:
             c.new_repo = errors.value['repo_name']
+            
+            if request.POST.get('user_created'):
+                r = render('admin/repos/repo_add_create_repository.html')
+            else:
+                r = render('admin/repos/repo_add.html')
+            
             return htmlfill.render(
-                render('admin/repos/repo_add.html'),
+                r,
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
@@ -89,16 +98,19 @@
             msg = _('error occured during creation of repository %s') \
                     % form_result.get('repo_name')
             h.flash(msg, category='error')
-            
-        return redirect('repos')
-
+        if request.POST.get('user_created'):
+            return redirect(url('hg_home'))    
+        return redirect(url('repos'))
+    
+    @HasPermissionAllDecorator('hg.admin')
     def new(self, format='html'):
         """GET /repos/new: Form to create a new item"""
         new_repo = request.GET.get('repo', '')
         c.new_repo = h.repo_name_slug(new_repo)
 
         return render('admin/repos/repo_add.html')
-
+    
+    @HasPermissionAllDecorator('hg.admin')
     def update(self, repo_name):
         """PUT /repos/repo_name: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
@@ -136,6 +148,7 @@
             
         return redirect(url('edit_repo', repo_name=changed_name))
     
+    @HasPermissionAllDecorator('hg.admin')
     def delete(self, repo_name):
         """DELETE /repos/repo_name: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
@@ -164,7 +177,8 @@
                     category='error')
         
         return redirect(url('repos'))
-        
+    
+    @HasPermissionAllDecorator('hg.admin')        
     def delete_perm_user(self, repo_name):
         """
         DELETE an existing repository permission user
@@ -178,11 +192,13 @@
             h.flash(_('An error occured during deletion of repository user'),
                     category='error')
             raise HTTPInternalServerError()
-        
+    
+    @HasPermissionAllDecorator('hg.admin')    
     def show(self, repo_name, format='html'):
         """GET /repos/repo_name: Show a specific item"""
         # url('repo', repo_name=ID)
-        
+    
+    @HasPermissionAllDecorator('hg.admin')    
     def edit(self, repo_name, format='html'):
         """GET /repos/repo_name/edit: Form to edit an existing item"""
         # url('edit_repo', repo_name=ID)
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/controllers/admin/settings.py
--- a/pylons_app/controllers/admin/settings.py	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/controllers/admin/settings.py	Sun Aug 01 17:08:58 2010 +0200
@@ -28,7 +28,8 @@
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from pylons_app.lib import helpers as h
-from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
+from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator, \
+    HasPermissionAnyDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.lib.utils import repo2db_mapper, invalidate_cache, \
     set_hg_app_config
@@ -209,4 +210,11 @@
                     
         return redirect(url('my_account'))
     
+    @HasPermissionAnyDecorator('repository.create', 'hg.admin')
+    def create_repository(self):
+        """GET /_admin/create_repository: Form to create a new item"""
+        new_repo = request.GET.get('repo', '')
+        c.new_repo = h.repo_name_slug(new_repo)
 
+        return render('admin/repos/repo_add_create_repository.html')
+        
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/lib/auth.py
--- a/pylons_app/lib/auth.py	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/lib/auth.py	Sun Aug 01 17:08:58 2010 +0200
@@ -140,7 +140,7 @@
 
     if user.is_admin:
         user.permissions['global'].add('hg.admin')
-        #admin have all rights full
+        #admin have all rights set to admin
         for perm in default_perms:
             p = 'repository.admin'
             user.permissions['repositories'][perm.Repo2Perm.repository.repo_name] = p
@@ -148,7 +148,7 @@
     else:
         user.permissions['global'].add('repository.create')
         for perm in default_perms:
-            if perm.Repository.private:
+            if perm.Repository.private and not perm.Repository.user_id == user.user_id:
                 #disable defaults for private repos,
                 p = 'repository.none'
             elif perm.Repository.user_id == user.user_id:
@@ -186,6 +186,7 @@
         user = fill_perms(user)
     session['hg_app_user'] = user
     session.save()
+    print user.permissions
     return user
         
 #===============================================================================
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/templates/admin/repos/repo_add_create_repository.html
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/pylons_app/templates/admin/repos/repo_add_create_repository.html	Sun Aug 01 17:08:58 2010 +0200
@@ -0,0 +1,57 @@
+## -*- coding: utf-8 -*-
+<%inherit file="/base/base.html"/>
+
+<%def name="title()">
+    ${_('Repositories administration')}
+</%def>
+
+<%def name="breadcrumbs_links()">
+	${_('add new repository')}
+</%def>
+
+<%def name="page_nav()">
+	${self.menu('admin')}
+</%def>
+<%def name="main()">
+<div class="box">
+    <!-- box / title -->
+    <div class="title">
+        ${self.breadcrumbs()}      
+    </div>
+    ${h.form(url('repos'))}
+    <div class="form">
+        <!-- fields -->
+        <div class="fields">
+            <div class="field">
+	            <div class="label">
+	                <label for="repo_name">${_('Name')}:</label>
+	            </div>
+	            <div class="input">
+	                ${h.text('repo_name',c.new_repo)}
+	                ${h.hidden('user_created','True')}
+	            </div>
+             </div>
+            <div class="field">
+                <div class="label label-textarea">
+                    <label for="description">${_('Description')}:</label>
+                </div>
+                <div class="textarea text-area editor">
+                    ${h.textarea('description',cols=23,rows=5)}
+                </div>
+             </div>
+            <div class="field">
+                <div class="label label-checkbox">
+                    <label for="private">${_('Private')}:</label>
+                </div>
+                <div class="checkboxes">
+                    ${h.checkbox('private',value="True")}
+                </div>
+             </div>
+	        <div class="buttons">
+	          ${h.submit('add','add',class_="ui-button ui-widget ui-state-default ui-corner-all")}
+	        </div>                                                          
+        </div>
+    </div>    
+    ${h.end_form()}    
+</div>
+</%def>   
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/templates/base/base.html
--- a/pylons_app/templates/base/base.html	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/templates/base/base.html	Sun Aug 01 17:08:58 2010 +0200
@@ -204,7 +204,7 @@
 				    <ul>
 				        <li>${h.link_to(_('repositories'),h.url('repos'),class_='repos')}</li>
 				        <li>${h.link_to(_('users'),h.url('users'),class_='users')}</li>
-				        ##<li>${h.link_to(_('permissions'),h.url('permissions'),class_='permissions')}</li>
+				        <li>${h.link_to(_('permissions'),h.url('permissions'),class_='permissions')}</li>
 				        <li>${h.link_to(_('settings'),h.url('admin_settings'),class_='settings')}</li>        
 				    </ul>
                 </li>
diff -r 86a25ad59766 -r ca54622e39a1 pylons_app/templates/index.html
--- a/pylons_app/templates/index.html	Sun Aug 01 13:39:09 2010 +0200
+++ b/pylons_app/templates/index.html	Sun Aug 01 17:08:58 2010 +0200
@@ -27,13 +27,13 @@
 	    <!-- box / title -->
 	    <div class="title">
 	        <h5>${_('Dashboard')}</h5>
-	        ##%if h.HasPermissionAll('repository.create')():
+	        %if h.HasPermissionAny('repository.create','hg.admin')():
 	        <ul class="links">
 	          <li>
-	            <span>${h.link_to(u'ADD NEW REPOSITORY',h.url('new_repo'),class_="add_icon")}</span>
+	            <span>${h.link_to(u'ADD NEW REPOSITORY',h.url('admin_settings_create_repository'),class_="add_icon")}</span>
 	          </li>          
 	        </ul>  	        
-	        ##%endif
+	        %endif
 	    </div>
 	    <!-- end box / title -->
         <div class="table">