Mercurial > kallithea
changeset 3715:25dbbdae3ed9 beta
consistent handling of grant/revoke of permissions widgets
- use 1 method for users and for users groups
- use common JS for ajax revoke
- cleanup code
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Mon, 08 Apr 2013 23:49:08 +0200 |
| parents | 7e3d89d9d3a2 |
| children | 355fcdd2c027 |
| files | rhodecode/config/routing.py rhodecode/controllers/admin/repos.py rhodecode/controllers/admin/repos_groups.py rhodecode/controllers/admin/users_groups.py rhodecode/public/js/rhodecode.js rhodecode/templates/admin/repos/repo_edit_perms.html rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html rhodecode/templates/admin/users_groups/user_group_edit_perms.html |
| diffstat | 8 files changed, 108 insertions(+), 155 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/config/routing.py Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/config/routing.py Mon Apr 08 23:49:08 2013 +0200 @@ -122,19 +122,15 @@ action="show", conditions=dict(method=["GET"], function=check_repo)) #add repo perm member - m.connect('set_repo_perm_member', "/set_repo_perm_member/{repo_name:.*?}", - action="set_repo_perm_member", - conditions=dict(method=["POST"], function=check_repo)) + m.connect('set_repo_perm_member', + "/repos/{repo_name:.*?}/grant_perm", + action="set_repo_perm_member", + conditions=dict(method=["POST"], function=check_repo)) #ajax delete repo perm user - m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}", - action="delete_perm_user", - conditions=dict(method=["DELETE"], function=check_repo)) - - #ajax delete repo perm users_group - m.connect('delete_repo_users_group', - "/repos_delete_users_group/{repo_name:.*?}", - action="delete_perm_users_group", + m.connect('delete_repo_perm_member', + "/repos/{repo_name:.*?}/revoke_perm", + action="delete_repo_perm_member", conditions=dict(method=["DELETE"], function=check_repo)) #settings actions @@ -184,6 +180,18 @@ m.connect("update_repos_group", "/repos_groups/{group_name:.*?}", action="update", conditions=dict(method=["PUT"], function=check_group)) + #add repo group perm member + m.connect('set_repo_group_perm_member', + "/repos_groups/{group_name:.*?}/grant_perm", + action="set_repo_group_perm_member", + conditions=dict(method=["POST"], function=check_group)) + + #ajax delete repo group perm + m.connect('delete_repo_group_perm_member', + "/repos_groups/{group_name:.*?}/revoke_perm", + action="delete_repo_group_perm_member", + conditions=dict(method=["DELETE"], function=check_group)) + m.connect("delete_repos_group", "/repos_groups/{group_name:.*?}", action="delete", conditions=dict(method=["DELETE"], function=check_group_skip_path)) @@ -201,24 +209,6 @@ action="show", conditions=dict(method=["GET"], function=check_group)) - #add repo perm member - m.connect('set_repo_group_perm_member', - "/set_repo_group_perm_member/{group_name:.*?}", - action="set_repo_group_perm_member", - conditions=dict(method=["POST"], function=check_group)) - - # ajax delete repository group perm user - m.connect('delete_repos_group_user_perm', - "/delete_repos_group_user_perm/{group_name:.*?}", - action="delete_repos_group_user_perm", - conditions=dict(method=["DELETE"], function=check_group)) - - # ajax delete repository group perm users_group - m.connect('delete_repos_group_users_group_perm', - "/delete_repos_group_users_group_perm/{group_name:.*?}", - action="delete_repos_group_users_group_perm", - conditions=dict(method=["DELETE"], function=check_group)) - #ADMIN USER REST ROUTES with rmap.submapper(path_prefix=ADMIN_PREFIX, controller='admin/users') as m:
--- a/rhodecode/controllers/admin/repos.py Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/controllers/admin/repos.py Mon Apr 08 23:49:08 2013 +0200 @@ -51,6 +51,7 @@ from rhodecode.lib.compat import json from sqlalchemy.sql.expression import func from rhodecode.lib.exceptions import AttachedForksError +from rhodecode.lib.utils2 import safe_int log = logging.getLogger(__name__) @@ -340,42 +341,33 @@ return redirect(url('edit_repo', repo_name=repo_name)) @HasRepoPermissionAllDecorator('repository.admin') - def delete_perm_user(self, repo_name): + def delete_repo_perm_member(self, repo_name): """ DELETE an existing repository permission user :param repo_name: """ try: - RepoModel().revoke_user_permission(repo=repo_name, - user=request.POST['user_id']) + obj_type = request.POST.get('obj_type') + obj_id = None + if obj_type == 'user': + obj_id = safe_int(request.POST.get('user_id')) + elif obj_type == 'user_group': + obj_id = safe_int(request.POST.get('user_group_id')) + + if obj_type == 'user': + RepoModel().revoke_user_permission(repo=repo_name, user=obj_id) + elif obj_type == 'user_group': + RepoModel().revoke_users_group_permission( + repo=repo_name, group_name=obj_id + ) #TODO: implement this #action_logger(self.rhodecode_user, 'admin_revoked_repo_permissions', # repo_name, self.ip_addr, self.sa) Session().commit() except Exception: log.error(traceback.format_exc()) - h.flash(_('An error occurred during deletion of repository user'), - category='error') - raise HTTPInternalServerError() - - @HasRepoPermissionAllDecorator('repository.admin') - def delete_perm_users_group(self, repo_name): - """ - DELETE an existing repository permission user group - - :param repo_name: - """ - - try: - RepoModel().revoke_users_group_permission( - repo=repo_name, group_name=request.POST['users_group_id'] - ) - Session().commit() - except Exception: - log.error(traceback.format_exc()) - h.flash(_('An error occurred during deletion of repository' - ' user groups'), + h.flash(_('An error occurred during revoking of permission'), category='error') raise HTTPInternalServerError()
--- a/rhodecode/controllers/admin/repos_groups.py Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/controllers/admin/repos_groups.py Mon Apr 08 23:49:08 2013 +0200 @@ -294,49 +294,41 @@ return redirect(url('edit_repos_group', group_name=group_name)) @HasReposGroupPermissionAnyDecorator('group.admin') - def delete_repos_group_user_perm(self, group_name): + def delete_repo_group_perm_member(self, group_name): """ DELETE an existing repository group permission user :param group_name: """ try: + obj_type = request.POST.get('obj_type') + obj_id = None + if obj_type == 'user': + obj_id = safe_int(request.POST.get('user_id')) + elif obj_type == 'user_group': + obj_id = safe_int(request.POST.get('user_group_id')) + if not c.rhodecode_user.is_admin: - if c.rhodecode_user.user_id == safe_int(request.POST['user_id']): + if obj_type == 'user' and c.rhodecode_user.user_id == obj_id: msg = _('Cannot revoke permission for yourself as admin') h.flash(msg, category='warning') raise Exception('revoke admin permission on self') recursive = str2bool(request.POST.get('recursive', False)) - ReposGroupModel().delete_permission( - repos_group=group_name, obj=request.POST['user_id'], - obj_type='user', recursive=recursive - ) + if obj_type == 'user': + ReposGroupModel().delete_permission( + repos_group=group_name, obj=obj_id, + obj_type='user', recursive=recursive + ) + elif obj_type == 'user_group': + ReposGroupModel().delete_permission( + repos_group=group_name, obj=obj_id, + obj_type='users_group', recursive=recursive + ) + Session().commit() except Exception: log.error(traceback.format_exc()) - h.flash(_('An error occurred during deletion of group user'), - category='error') - raise HTTPInternalServerError() - - @HasReposGroupPermissionAnyDecorator('group.admin') - def delete_repos_group_users_group_perm(self, group_name): - """ - DELETE an existing repository group permission user group - - :param group_name: - """ - - try: - recursive = str2bool(request.POST.get('recursive', False)) - ReposGroupModel().delete_permission( - repos_group=group_name, obj=request.POST['users_group_id'], - obj_type='users_group', recursive=recursive - ) - Session().commit() - except Exception: - log.error(traceback.format_exc()) - h.flash(_('An error occurred during deletion of group' - ' user groups'), + h.flash(_('An error occurred during revoking of permission'), category='error') raise HTTPInternalServerError()
--- a/rhodecode/controllers/admin/users_groups.py Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/controllers/admin/users_groups.py Mon Apr 08 23:49:08 2013 +0200 @@ -295,7 +295,7 @@ Session().commit() except Exception: log.error(traceback.format_exc()) - h.flash(_('An error occurred during deletion of group user'), + h.flash(_('An error occurred during revoking of permission'), category='error') raise HTTPInternalServerError()
--- a/rhodecode/public/js/rhodecode.js Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/public/js/rhodecode.js Mon Apr 08 23:49:08 2013 +0200 @@ -368,6 +368,20 @@ } /** + * turns objects into GET query string + */ +var toQueryString = function(o) { + if(typeof o !== 'object') { + return false; + } + var _p, _qs = []; + for(_p in o) { + _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p])); + } + return _qs.join('&'); +}; + +/** * Partial Ajax Implementation * * @param url: defines url to make partial request @@ -441,17 +455,6 @@ // Set special header for ajax == HTTP_X_PARTIAL_XHR YUC.initHeader('X-PARTIAL-XHR',true); - var toQueryString = function(o) { - if(typeof o !== 'object') { - return false; - } - var _p, _qs = []; - for(_p in o) { - _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p])); - } - return _qs.join('&'); - }; - var sUrl = url; var callback = { success: success, @@ -2035,7 +2038,38 @@ YUD.insertAfter(el, last_node); } } +function ajaxActionRevokePermission(url, obj_id, obj_type, field_id, extra_data) { + var callback = { + success: function (o) { + var tr = YUD.get(String(field_id)); + tr.parentNode.removeChild(tr); + }, + failure: function (o) { + alert(_TM['Failed to remoke permission'] + ": " + o.status); + }, + }; + query_params = { + '_method': 'delete' + } + // put extra data into POST + if (extra_data !== undefined && (typeof extra_data === 'object')){ + for(k in extra_data){ + query_params[k] = extra_data[k]; + } + } + if (obj_type=='user'){ + query_params['user_id'] = obj_id; + query_params['obj_type'] = 'user'; + } + else if (obj_type=='user_group'){ + query_params['user_group_id'] = obj_id; + query_params['obj_type'] = 'user_group'; + } + + var request = YAHOO.util.Connect.asyncRequest('POST', url, callback, + toQueryString(query_params)); +}; /* Multi selectors */ var MultiSelectWidget = function(selected_id, available_id, form_id){
--- a/rhodecode/templates/admin/repos/repo_edit_perms.html Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/templates/admin/repos/repo_edit_perms.html Mon Apr 08 23:49:08 2013 +0200 @@ -87,29 +87,10 @@ </table> <script type="text/javascript"> function ajaxActionRevoke(obj_id, obj_type, field_id) { - var callback = { - success: function (o) { - var tr = YUD.get(String(field_id)); - tr.parentNode.removeChild(tr); - }, - failure: function (o) { - alert(_TM['Failed to remoke permission'] + ": " + o.status); - }, - }; - if (obj_type=='user'){ - var sUrl = "${h.url('delete_repo_user',repo_name=c.repo_name)}"; - var postData = '_method=delete&user_id={0}&obj_type=user'.format(obj_id); - } - else if (obj_type=='user_group'){ - var sUrl = "${h.url('delete_repo_users_group',repo_name=c.repo_name)}"; - var postData = '_method=delete&users_group_id={0}&obj_type=user_group'.format(obj_id); - - } - - var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData); + url = "${h.url('delete_repo_perm_member',repo_name=c.repo_name)}"; + ajaxActionRevokePermission(url, obj_id, obj_type, field_id); }; - YUE.onDOMReady(function () { if (!YUD.hasClass('perm_new_member_name', 'error')) { YUD.setStyle('add_perm_input', 'display', 'none');
--- a/rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html Mon Apr 08 23:49:08 2013 +0200 @@ -90,29 +90,10 @@ </table> <script type="text/javascript"> function ajaxActionRevoke(obj_id, obj_type, field_id) { - var callback = { - success: function (o) { - var tr = YUD.get(String(field_id)); - tr.parentNode.removeChild(tr); - }, - failure: function (o) { - alert(_TM['Failed to remoke permission'] + ": " + o.status); - }, - }; - var recursive = YUD.get('recursive').checked; - - if (obj_type=='user'){ - var sUrl = "${h.url('delete_repos_group_user_perm',group_name=c.repos_group.group_name)}"; - var postData = '_method=delete&recursive={0}&user_id={1}&obj_type=user'.format(recursive,obj_id); - } - else if (obj_type=='user_group'){ - var sUrl = "${h.url('delete_repos_group_users_group_perm',group_name=c.repos_group.group_name)}"; - var postData = '_method=delete&recursive={0}&users_group_id={0}&obj_type=user_group'.format(recursive,obj_id); - } - var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData); + url = "${h.url('delete_repo_group_perm_member', group_name=c.repos_group.group_name)}"; + ajaxActionRevokePermission(url, obj_id, obj_type, field_id, {recursive:YUD.get('recursive').checked}); }; - YUE.onDOMReady(function () { if (!YUD.hasClass('perm_new_member_name', 'error')) { YUD.setStyle('add_perm_input', 'display', 'none');
--- a/rhodecode/templates/admin/users_groups/user_group_edit_perms.html Mon Apr 08 22:47:35 2013 +0200 +++ b/rhodecode/templates/admin/users_groups/user_group_edit_perms.html Mon Apr 08 23:49:08 2013 +0200 @@ -67,27 +67,10 @@ </table> <script type="text/javascript"> function ajaxActionRevoke(obj_id, obj_type, field_id) { - var callback = { - success: function (o) { - var tr = YUD.get(String(field_id)); - tr.parentNode.removeChild(tr); - }, - failure: function (o) { - alert(_TM['Failed to remoke permission'] + ": " + o.status); - }, - }; - var sUrl = "${h.url('delete_user_group_perm_member', id=c.users_group.users_group_id)}"; - if (obj_type=='user'){ - var postData = '_method=delete&user_id={0}&obj_type=user'.format(obj_id); - } - else if (obj_type=='user_group'){ - var postData = '_method=delete&user_group_id={0}&obj_type=user_group'.format(obj_id); - } - - var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData); + url = "${h.url('delete_user_group_perm_member', id=c.users_group.users_group_id)}"; + ajaxActionRevokePermission(url, obj_id, obj_type, field_id); }; - YUE.onDOMReady(function () { if (!YUD.hasClass('perm_new_member_name', 'error')) { YUD.setStyle('add_perm_input', 'display', 'none');