Mercurial > kallithea
changeset 380:ca54622e39a1
Added separate create repository views for non administrative users.
Fixed permission issue with private repos
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Sun, 01 Aug 2010 17:08:58 +0200 |
| parents | 86a25ad59766 |
| children | 55377fdc1fc6 |
| files | pylons_app/__init__.py pylons_app/config/routing.py pylons_app/controllers/admin/repos.py pylons_app/controllers/admin/settings.py pylons_app/lib/auth.py pylons_app/templates/admin/repos/repo_add_create_repository.html pylons_app/templates/base/base.html pylons_app/templates/index.html |
| diffstat | 8 files changed, 103 insertions(+), 20 deletions(-) [+] |
line wrap: on
line diff
--- a/pylons_app/__init__.py Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/__init__.py Sun Aug 01 17:08:58 2010 +0200 @@ -2,7 +2,7 @@ # encoding: utf-8 # Hg app, a web based mercurial repository managment based on pylons # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com> - +# # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; version 2 @@ -17,7 +17,6 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # MA 02110-1301, USA. - """ Created on April 9, 2010 Hg app, a web based mercurial repository managment based on pylons
--- a/pylons_app/config/routing.py Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/config/routing.py Sun Aug 01 17:08:58 2010 +0200 @@ -100,6 +100,8 @@ action="my_account", conditions=dict(method=["GET"])) m.connect("admin_settings_my_account_update", "/my_account_update", action="my_account_update", conditions=dict(method=["PUT"])) + m.connect("admin_settings_create_repository", "/create_repository", + action="create_repository", conditions=dict(method=["GET"])) #ADMIN with map.submapper(path_prefix='/_admin', controller='admin/admin') as m:
--- a/pylons_app/controllers/admin/repos.py Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/controllers/admin/repos.py Sun Aug 01 17:08:58 2010 +0200 @@ -29,7 +29,8 @@ from pylons.controllers.util import abort, redirect from pylons.i18n.translation import _ from pylons_app.lib import helpers as h -from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator +from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator, \ + HasPermissionAnyDecorator from pylons_app.lib.base import BaseController, render from pylons_app.lib.utils import invalidate_cache from pylons_app.model.db import User @@ -49,12 +50,13 @@ # map.resource('repo', 'repos') @LoginRequired() - @HasPermissionAllDecorator('hg.admin') + @HasPermissionAnyDecorator('hg.admin', 'repository.create') def __before__(self): c.admin_user = session.get('admin_user') c.admin_username = session.get('admin_username') super(ReposController, self).__before__() - + + @HasPermissionAllDecorator('hg.admin') def index(self, format='html'): """GET /repos: All items in the collection""" # url('repos') @@ -62,6 +64,7 @@ c.repos_list = sorted(cached_repo_list, key=itemgetter('name_sort')) return render('admin/repos/repos.html') + @HasPermissionAnyDecorator('hg.admin', 'repository.create') def create(self): """POST /repos: Create a new item""" # url('repos') @@ -77,8 +80,14 @@ except formencode.Invalid as errors: c.new_repo = errors.value['repo_name'] + + if request.POST.get('user_created'): + r = render('admin/repos/repo_add_create_repository.html') + else: + r = render('admin/repos/repo_add.html') + return htmlfill.render( - render('admin/repos/repo_add.html'), + r, defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, @@ -89,16 +98,19 @@ msg = _('error occured during creation of repository %s') \ % form_result.get('repo_name') h.flash(msg, category='error') - - return redirect('repos') - + if request.POST.get('user_created'): + return redirect(url('hg_home')) + return redirect(url('repos')) + + @HasPermissionAllDecorator('hg.admin') def new(self, format='html'): """GET /repos/new: Form to create a new item""" new_repo = request.GET.get('repo', '') c.new_repo = h.repo_name_slug(new_repo) return render('admin/repos/repo_add.html') - + + @HasPermissionAllDecorator('hg.admin') def update(self, repo_name): """PUT /repos/repo_name: Update an existing item""" # Forms posted to this method should contain a hidden field: @@ -136,6 +148,7 @@ return redirect(url('edit_repo', repo_name=changed_name)) + @HasPermissionAllDecorator('hg.admin') def delete(self, repo_name): """DELETE /repos/repo_name: Delete an existing item""" # Forms posted to this method should contain a hidden field: @@ -164,7 +177,8 @@ category='error') return redirect(url('repos')) - + + @HasPermissionAllDecorator('hg.admin') def delete_perm_user(self, repo_name): """ DELETE an existing repository permission user @@ -178,11 +192,13 @@ h.flash(_('An error occured during deletion of repository user'), category='error') raise HTTPInternalServerError() - + + @HasPermissionAllDecorator('hg.admin') def show(self, repo_name, format='html'): """GET /repos/repo_name: Show a specific item""" # url('repo', repo_name=ID) - + + @HasPermissionAllDecorator('hg.admin') def edit(self, repo_name, format='html'): """GET /repos/repo_name/edit: Form to edit an existing item""" # url('edit_repo', repo_name=ID)
--- a/pylons_app/controllers/admin/settings.py Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/controllers/admin/settings.py Sun Aug 01 17:08:58 2010 +0200 @@ -28,7 +28,8 @@ from pylons.controllers.util import abort, redirect from pylons.i18n.translation import _ from pylons_app.lib import helpers as h -from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator +from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator, \ + HasPermissionAnyDecorator from pylons_app.lib.base import BaseController, render from pylons_app.lib.utils import repo2db_mapper, invalidate_cache, \ set_hg_app_config @@ -209,4 +210,11 @@ return redirect(url('my_account')) + @HasPermissionAnyDecorator('repository.create', 'hg.admin') + def create_repository(self): + """GET /_admin/create_repository: Form to create a new item""" + new_repo = request.GET.get('repo', '') + c.new_repo = h.repo_name_slug(new_repo) + return render('admin/repos/repo_add_create_repository.html') +
--- a/pylons_app/lib/auth.py Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/lib/auth.py Sun Aug 01 17:08:58 2010 +0200 @@ -140,7 +140,7 @@ if user.is_admin: user.permissions['global'].add('hg.admin') - #admin have all rights full + #admin have all rights set to admin for perm in default_perms: p = 'repository.admin' user.permissions['repositories'][perm.Repo2Perm.repository.repo_name] = p @@ -148,7 +148,7 @@ else: user.permissions['global'].add('repository.create') for perm in default_perms: - if perm.Repository.private: + if perm.Repository.private and not perm.Repository.user_id == user.user_id: #disable defaults for private repos, p = 'repository.none' elif perm.Repository.user_id == user.user_id: @@ -186,6 +186,7 @@ user = fill_perms(user) session['hg_app_user'] = user session.save() + print user.permissions return user #===============================================================================
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/pylons_app/templates/admin/repos/repo_add_create_repository.html Sun Aug 01 17:08:58 2010 +0200 @@ -0,0 +1,57 @@ +## -*- coding: utf-8 -*- +<%inherit file="/base/base.html"/> + +<%def name="title()"> + ${_('Repositories administration')} +</%def> + +<%def name="breadcrumbs_links()"> + ${_('add new repository')} +</%def> + +<%def name="page_nav()"> + ${self.menu('admin')} +</%def> +<%def name="main()"> +<div class="box"> + <!-- box / title --> + <div class="title"> + ${self.breadcrumbs()} + </div> + ${h.form(url('repos'))} + <div class="form"> + <!-- fields --> + <div class="fields"> + <div class="field"> + <div class="label"> + <label for="repo_name">${_('Name')}:</label> + </div> + <div class="input"> + ${h.text('repo_name',c.new_repo)} + ${h.hidden('user_created','True')} + </div> + </div> + <div class="field"> + <div class="label label-textarea"> + <label for="description">${_('Description')}:</label> + </div> + <div class="textarea text-area editor"> + ${h.textarea('description',cols=23,rows=5)} + </div> + </div> + <div class="field"> + <div class="label label-checkbox"> + <label for="private">${_('Private')}:</label> + </div> + <div class="checkboxes"> + ${h.checkbox('private',value="True")} + </div> + </div> + <div class="buttons"> + ${h.submit('add','add',class_="ui-button ui-widget ui-state-default ui-corner-all")} + </div> + </div> + </div> + ${h.end_form()} +</div> +</%def>
--- a/pylons_app/templates/base/base.html Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/templates/base/base.html Sun Aug 01 17:08:58 2010 +0200 @@ -204,7 +204,7 @@ <ul> <li>${h.link_to(_('repositories'),h.url('repos'),class_='repos')}</li> <li>${h.link_to(_('users'),h.url('users'),class_='users')}</li> - ##<li>${h.link_to(_('permissions'),h.url('permissions'),class_='permissions')}</li> + <li>${h.link_to(_('permissions'),h.url('permissions'),class_='permissions')}</li> <li>${h.link_to(_('settings'),h.url('admin_settings'),class_='settings')}</li> </ul> </li>
--- a/pylons_app/templates/index.html Sun Aug 01 13:39:09 2010 +0200 +++ b/pylons_app/templates/index.html Sun Aug 01 17:08:58 2010 +0200 @@ -27,13 +27,13 @@ <!-- box / title --> <div class="title"> <h5>${_('Dashboard')}</h5> - ##%if h.HasPermissionAll('repository.create')(): + %if h.HasPermissionAny('repository.create','hg.admin')(): <ul class="links"> <li> - <span>${h.link_to(u'ADD NEW REPOSITORY',h.url('new_repo'),class_="add_icon")}</span> + <span>${h.link_to(u'ADD NEW REPOSITORY',h.url('admin_settings_create_repository'),class_="add_icon")}</span> </li> </ul> - ##%endif + %endif </div> <!-- end box / title --> <div class="table">