Files
@ b2634df81a11
Branch filter:
Location: kallithea/scripts/docs-headings.py - annotation
b2634df81a11
2.6 KiB
text/x-python
auth: explicit user permission should not blindly overrule permissions through user groups
Before, explicit permissions of a user could shadow higher permissions that
would otherwise be obtained through a group the user is member of.
That was confusing and fragile: *removing* a permission could then suddenly
give a user *more* permissions.
Instead, change the flag for controlling internal permission computation to
*not* use "explicit". Permissions will then add up, no matter if they are
explicit or through groups.
The change in auth.py is small, but read the body of __get_perms to see the
actual impact ... and also the clean-up changeset that will come next.
This might in some cases be a behaviour change and give users more access ...
but it will probably only give the user that was intended. This change can thus
be seen as a bugfix.
Some tests assumed the old behaviour. Not for good reasons, but just because
that is how they were written. These tests are updated to expect the new
behaviour, and it has been reviewed that it makes sense.
Note that this 'explicit' flag mostly is for repo permissions and independent
of the 'user_inherit_default_permissions' that just was removed and is about
global permissions.
Before, explicit permissions of a user could shadow higher permissions that
would otherwise be obtained through a group the user is member of.
That was confusing and fragile: *removing* a permission could then suddenly
give a user *more* permissions.
Instead, change the flag for controlling internal permission computation to
*not* use "explicit". Permissions will then add up, no matter if they are
explicit or through groups.
The change in auth.py is small, but read the body of __get_perms to see the
actual impact ... and also the clean-up changeset that will come next.
This might in some cases be a behaviour change and give users more access ...
but it will probably only give the user that was intended. This change can thus
be seen as a bugfix.
Some tests assumed the old behaviour. Not for good reasons, but just because
that is how they were written. These tests are updated to expect the new
behaviour, and it has been reviewed that it makes sense.
Note that this 'explicit' flag mostly is for repo permissions and independent
of the 'user_inherit_default_permissions' that just was removed and is about
global permissions.
f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 a188803df37e a188803df37e a188803df37e 665dfa112f2c f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 ed2fb6e84a02 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 665dfa112f2c a188803df37e a188803df37e f38b50f8a6a6 f38b50f8a6a6 f38b50f8a6a6 | #!/usr/bin/env python2
"""
Consistent formatting of rst section titles
"""
import re
import subprocess
spaces = [
(0, 1), # we assume this is a over-and-underlined header
(2, 1),
(1, 1),
(1, 0),
(1, 0),
]
# http://sphinx-doc.org/rest.html :
# for the Python documentation, this convention is used which you may follow:
# # with overline, for parts
# * with overline, for chapters
# =, for sections
# -, for subsections
# ^, for subsubsections
# ", for paragraphs
pystyles = ['#', '*', '=', '-', '^', '"']
# match on a header line underlined with one of the valid characters
headermatch = re.compile(r'''\n*(.+)\n([][!"#$%&'()*+,./:;<=>?@\\^_`{|}~-])\2{2,}\n+''', flags=re.MULTILINE)
def main():
filenames = subprocess.check_output(['hg', 'loc', 'set:**.rst+kallithea/i18n/how_to']).splitlines()
for fn in filenames:
print 'processing %s' % fn
s = open(fn).read()
# find levels and their styles
lastpos = 0
styles = []
for markup in headermatch.findall(s):
style = markup[1]
if style in styles:
stylepos = styles.index(style)
if stylepos > lastpos + 1:
print 'bad style %r with level %s - was at %s' % (style, stylepos, lastpos)
else:
stylepos = len(styles)
if stylepos > lastpos + 1:
print 'bad new style %r - expected %r' % (style, styles[lastpos + 1])
else:
styles.append(style)
lastpos = stylepos
# remove superfluous spacing (may however be restored by header spacing)
s = re.sub(r'''(\n\n)\n*''', r'\1', s, flags=re.MULTILINE)
if styles:
newstyles = pystyles[pystyles.index(styles[0]):]
def subf(m):
title, style = m.groups()
level = styles.index(style)
before, after = spaces[level]
newstyle = newstyles[level]
return '\n' * (before + 1) + title + '\n' + newstyle * len(title) + '\n' * (after + 1)
s = headermatch.sub(subf, s)
# remove superfluous spacing when headers are adjacent
s = re.sub(r'''(\n.+\n([][!"#$%&'()*+,./:;<=>?@\\^_`{|}~-])\2{2,}\n\n\n)\n*''', r'\1', s, flags=re.MULTILINE)
# fix trailing space and spacing before link sections
s = s.strip() + '\n'
s = re.sub(r'''\n+((?:\.\. _[^\n]*\n)+)$''', r'\n\n\n\1', s)
open(fn, 'w').write(s)
print subprocess.check_output(['hg', 'diff'] + filenames)
if __name__ == '__main__':
main()
|