Changeset - 073cf19b5067
Parent rev.
Child rev.
[Not reviewed]
default
0 5 0
Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com
routing: use 'delete_repo_group' and POST instead of DELETE
5 files changed with 6 insertions and 6 deletions:
kallithea/config/routing.py
2
2
kallithea/templates/admin/repo_groups/repo_group_edit_advanced.html
1
1
kallithea/templates/admin/repo_groups/repo_group_edit_settings.html
1
1
kallithea/templates/data_table/_dt_elements.html
1
1
kallithea/tests/functional/test_admin_users.py
1
1
0 comments (0 inline, 0 general)
kallithea/config/routing.py
Show inline comments
 
@@ -69,194 +69,194 @@ def make_map(config):
 
        """
 
        check for valid repository group for proper 404 handling, but skips
 
        verification of existing path
 

			




	
	
	
		
 
        :param environ:

			




	
	
	
		
 
        :param match_dict:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        repo_group_name = match_dict.get('group_name')

			




	
	
	
		
 
        return is_valid_repo_group(repo_group_name, config['base_path'],

			




	
	
	
		
 
                                   skip_path_check=True)

			




	
	
	
		
 

			




	
	
	
		
 
    def check_user_group(environ, match_dict):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        check for valid user group for proper 404 handling

			




	
	
	
		
 

			




	
	
	
		
 
        :param environ:

			




	
	
	
		
 
        :param match_dict:

			




	
	
	
		
 
        """

			




	
	
	
		
 
        return True

			




	
	
	
		
 

			




	
	
	
		
 
    def check_int(environ, match_dict):

			




	
	
	
		
 
        return match_dict.get('id').isdigit()

			




	
	
	
		
 

			




	
	
	
		
 
    # The ErrorController route (handles 404/500 error pages); it should

			




	
	
	
		
 
    # likely stay at the top, ensuring it can always be resolved

			




	
	
	
		
 
    rmap.connect('/error/{action}', controller='error')

			




	
	
	
		
 
    rmap.connect('/error/{action}/{id}', controller='error')

			




	
	
	
		
 

			




	
	
	
		
 
    #==========================================================================

			




	
	
	
		
 
    # CUSTOM ROUTES HERE

			




	
	
	
		
 
    #==========================================================================

			




	
	
	
		
 

			




	
	
	
		
 
    #MAIN PAGE

			




	
	
	
		
 
    rmap.connect('home', '/', controller='home', action='index')

			




	
	
	
		
 
    rmap.connect('about', '/about', controller='home', action='about')

			




	
	
	
		
 
    rmap.connect('repo_switcher_data', '/_repos', controller='home',

			




	
	
	
		
 
                 action='repo_switcher_data')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('rst_help',

			




	
	
	
		
 
                 "http://docutils.sourceforge.net/docs/user/rst/quickref.html",

			




	
	
	
		
 
                 _static=True)

			




	
	
	
		
 
    rmap.connect('kallithea_project_url', "https://kallithea-scm.org/", _static=True)

			




	
	
	
		
 
    rmap.connect('issues_url', 'https://bitbucket.org/conservancy/kallithea/issues', _static=True)

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN REPOSITORY ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/repos') as m:

			




	
	
	
		
 
        m.connect("repos", "/repos",

			




	
	
	
		
 
                  action="create", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("repos", "/repos",

			




	
	
	
		
 
                  action="index", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("new_repo", "/create_repository",

			




	
	
	
		
 
                  action="create_repository", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("put_repo", "/repos/{repo_name:.*?}",

			




	
	
	
		
 
                  action="update", conditions=dict(method=["PUT"],

			




	
	
	
		
 
                  function=check_repo))

			




	
	
	
		
 
        m.connect("delete_repo", "/repos/{repo_name:.*?}",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["DELETE"],

			




	
	
	
		
 
                  ))

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN REPOSITORY GROUPS ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/repo_groups') as m:

			




	
	
	
		
 
        m.connect("repos_groups", "/repo_groups",

			




	
	
	
		
 
                  action="create", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("repos_groups", "/repo_groups",

			




	
	
	
		
 
                  action="index", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("new_repos_group", "/repo_groups/new",

			




	
	
	
		
 
                  action="new", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("update_repos_group", "/repo_groups/{group_name:.*?}",

			




	
	
	
		
 
                  action="update", conditions=dict(method=["PUT"],

			




	
	
	
		
 
                                                   function=check_group))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("repos_group", "/repo_groups/{group_name:.*?}",

			




	
	
	
		
 
                  action="show", conditions=dict(method=["GET"],

			




	
	
	
		
 
                                                 function=check_group))

			




	
	
	
		
 

			




	
	
	
		
 
        #EXTRAS REPO GROUP ROUTES

			




	
	
	
		
 
        m.connect("edit_repo_group", "/repo_groups/{group_name:.*?}/edit",

			




	
	
	
		
 
                  action="edit",

			




	
	
	
		
 
                  conditions=dict(method=["GET"], function=check_group))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_repo_group_advanced", "/repo_groups/{group_name:.*?}/edit/advanced",

			




	
	
	
		
 
                  action="edit_repo_group_advanced",

			




	
	
	
		
 
                  conditions=dict(method=["GET"], function=check_group))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_repo_group_perms", "/repo_groups/{group_name:.*?}/edit/permissions",

			




	
	
	
		
 
                  action="edit_repo_group_perms",

			




	
	
	
		
 
                  conditions=dict(method=["GET"], function=check_group))

			




	
	
	
		
 
        m.connect("edit_repo_group_perms", "/repo_groups/{group_name:.*?}/edit/permissions",

			




	
	
	
		
 
                  action="update_perms",

			




	
	
	
		
 
                  conditions=dict(method=["PUT"], function=check_group))

			




	
	
	
		
 
        m.connect("edit_repo_group_perms_delete", "/repo_groups/{group_name:.*?}/edit/permissions/delete",

			




	
	
	
		
 
                  action="delete_perms",

			




	
	
	
		
 
                  conditions=dict(method=["POST"], function=check_group))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("delete_repo_group", "/repo_groups/{group_name:.*?}",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["DELETE"],

			




	
	
	
		
 
        m.connect("delete_repo_group", "/repo_groups/{group_name:.*?}/delete",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["POST"],

			




	
	
	
		
 
                                                   function=check_group_skip_path))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN USER ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/users') as m:

			




	
	
	
		
 
        m.connect("users", "/users",

			




	
	
	
		
 
                  action="create", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("users", "/users",

			




	
	
	
		
 
                  action="index", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("formatted_users", "/users.{format}",

			




	
	
	
		
 
                  action="index", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("new_user", "/users/new",

			




	
	
	
		
 
                  action="new", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("update_user", "/users/{id}",

			




	
	
	
		
 
                  action="update", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("delete_user", "/users/{id}",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 
        m.connect("edit_user", "/users/{id}/edit",

			




	
	
	
		
 
                  action="edit", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        #EXTRAS USER ROUTES

			




	
	
	
		
 
        m.connect("edit_user_advanced", "/users/{id}/edit/advanced",

			




	
	
	
		
 
                  action="edit_advanced", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="edit_api_keys", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="add_api_key", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="delete_api_key", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="edit_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="update_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="edit_emails", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="add_email", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="delete_email", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_ips", "/users/{id}/edit/ips",

			




	
	
	
		
 
                  action="edit_ips", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_ips", "/users/{id}/edit/ips",

			




	
	
	
		
 
                  action="add_ip", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("edit_user_ips", "/users/{id}/edit/ips",

			




	
	
	
		
 
                  action="delete_ip", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN USER GROUPS REST ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/user_groups') as m:

			




	
	
	
		
 
        m.connect("users_groups", "/user_groups",

			




	
	
	
		
 
                  action="create", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("users_groups", "/user_groups",

			




	
	
	
		
 
                  action="index", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("new_users_group", "/user_groups/new",

			




	
	
	
		
 
                  action="new", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("update_users_group", "/user_groups/{id}",

			




	
	
	
		
 
                  action="update", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("delete_users_group", "/user_groups/{id}",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 
        m.connect("edit_users_group", "/user_groups/{id}/edit",

			




	
	
	
		
 
                  action="edit", conditions=dict(method=["GET"]),

			




	
	
	
		
 
                  function=check_user_group)

			




	
	
	
		
 

			




	
	
	
		
 
        #EXTRAS USER GROUP ROUTES

			




	
	
	
		
 
        m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",

			




	
	
	
		
 
                  action="edit_default_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",

			




	
	
	
		
 
                  action="update_default_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",

			




	
	
	
		
 
                  action="edit_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",

			




	
	
	
		
 
                  action="update_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("edit_user_group_perms_delete", "/user_groups/{id}/edit/perms/delete",

			




	
	
	
		
 
                  action="delete_perms", conditions=dict(method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_group_advanced", "/user_groups/{id}/edit/advanced",

			




	
	
	
		
 
                  action="edit_advanced", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_group_members", "/user_groups/{id}/edit/members",

			




	
	
	
		
 
                  action="edit_members", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN PERMISSIONS ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/permissions') as m:

			




	
	
	
		
 
        m.connect("admin_permissions", "/permissions",

			




	
	
	
		
 
                  action="permission_globals", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("admin_permissions", "/permissions",

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/repo_groups/repo_group_edit_advanced.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
<div style="font-size: 24px; color: #666666; padding: 0px 0px 10px 0px">${_('Repository Group: %s') % c.repo_group.group_name}</div>

			




	
	
	
		
 

			




	
	
	
		
 
<dl class="dl-horizontal">

			




	
	
	
		
 
<%

			




	
	
	
		
 
 elems = [

			




	
	
	
		
 
    (_('Top level repositories'), c.repo_group.repositories.count(), ''),

			




	
	
	
		
 
    (_('Total repositories'), c.repo_group.repositories_recursive_count, ''),

			




	
	
	
		
 
    (_('Children groups'), c.repo_group.children.count(), ''),

			




	
	
	
		
 
    (_('Created on'), h.fmt_date(c.repo_group.created_on), ''),

			




	
	
	
		
 
    (_('Owner'), h.person(c.repo_group.user), ''),

			




	
	
	
		
 
 ]

			




	
	
	
		
 
%>

			




	
	
	
		
 
%for dt, dd, tt in elems:

			




	
	
	
		
 
  <dt style="width:150px; text-align: left">${dt}:</dt>

			




	
	
	
		
 
  <dd style="margin-left: 160px" title="${tt}">${dd}</dd>

			




	
	
	
		
 
%endfor

			




	
	
	
		
 
</dl>

			




	
	
	
		
 

			




	
	
	
		
 
${h.form(h.url('repos_group', group_name=c.repo_group.group_name),method='delete')}

			




	
	
	
		
 
${h.form(h.url('delete_repos_group', group_name=c.repo_group.group_name))}

			




	
	
	
		
 
    <button class="btn btn-small btn-danger" type="submit"

			




	
	
	
		
 
            onclick="return confirm('${ungettext('Confirm to delete this group: %s with %s repository',

			




	
	
	
		
 
          'Confirm to delete this group: %s with %s repositories',

			




	
	
	
		
 
 c.repo_group.repositories_recursive_count) % (c.repo_group.group_name, c.repo_group.repositories_recursive_count)}');">

			




	
	
	
		
 
        <i class="icon-minus-circled"></i>

			




	
	
	
		
 
        ${_('Delete this repository group')}

			




	
	
	
		
 
    </button>

			




	
	
	
		
 
${h.end_form()}

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/repo_groups/repo_group_edit_settings.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
## -*- coding: utf-8 -*-

			




	
	
	
		
 
${h.form(url('repos_group',group_name=c.repo_group.group_name),method='put')}

			




	
	
	
		
 
<div class="form">

			




	
	
	
		
 
    <!-- fields -->

			




	
	
	
		
 
    <div class="fields">

			




	
	
	
		
 
        <div class="field">

			




	
	
	
		
 
            <div class="label">

			




	
	
	
		
 
                <label for="group_name">${_('Group name')}:</label>

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
            <div class="input">

			




	
	
	
		
 
                ${h.text('group_name',class_='medium')}

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 

			




	
	
	
		
 
        <div class="field">

			




	
	
	
		
 
            <div class="label label-textarea">

			




	
	
	
		
 
                <label for="group_description">${_('Description')}:</label>

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
            <div class="textarea text-area editor">

			




	
	
	
		
 
                ${h.textarea('group_description',cols=23,rows=5,class_="medium")}

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 

			




	
	
	
		
 
        <div class="field">

			




	
	
	
		
 
            <div class="label">

			




	
	
	
		
 
                <label for="group_parent_id">${_('Group parent')}:</label>

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
            <div class="input">

			




	
	
	
		
 
                ${h.select('group_parent_id','',c.repo_groups,class_="medium")}

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
        <div class="field">

			




	
	
	
		
 
            <div class="label label-checkbox">

			




	
	
	
		
 
                <label for="enable_locking">${_('Enable locking')}:</label>

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
            <div class="checkboxes">

			




	
	
	
		
 
                ${h.checkbox('enable_locking',value="True")}

			




	
	
	
		
 
                <span class="help-block">${_('Enable lock-by-pulling on group. This option will be applied to all other groups and repositories inside')}</span>

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
        <div class="buttons">

			




	
	
	
		
 
          ${h.submit('save',_('Save'),class_="btn")}

			




	
	
	
		
 
          ${h.reset('reset',_('Reset'),class_="btn")}

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
</div>

			




	
	
	
		
 
${h.end_form()}

			




	
	
	
		
 

			




	
	
	
		
 
${h.form(url('delete_repo_group', group_name=c.repo_group.group_name),method='delete')}

			




	
	
	
		
 
${h.form(url('delete_repo_group', group_name=c.repo_group.group_name))}

			




	
	
	
		
 
<div class="form">

			




	
	
	
		
 
    <div class="fields">

			




	
	
	
		
 
        <div class="field" style="border:none;color:#888">

			




	
	
	
		
 
            ${h.submit('remove_%s' % c.repo_group.group_name,_('Remove this group'),class_="btn red",onclick="return confirm('"+_('Confirm to delete this group')+"');")}

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
</div>

			




	
	
	
		
 
${h.end_form()}

			




	
	
	
		
 

			




	
	
	
		
 
<script>

			




	
	
	
		
 
    $(document).ready(function(){

			




	
	
	
		
 
        $("#group_parent_id").select2({

			




	
	
	
		
 
            'dropdownAutoWidth': true

			




	
	
	
		
 
        });

			




	
	
	
		
 
    });

			




	
	
	
		
 
</script>

			




        

    


    
    

    

        

                

                    kallithea/templates/data_table/_dt_elements.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -91,127 +91,127 @@

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="revision(name,rev,tip,author,last_msg)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
  %if rev >= 0:

			




	
	
	
		
 
      <a title="${'%s:\n\n%s' % (h.escape(author), h.escape(last_msg))}" class="tooltip revision-link safe-html-title" href="${h.url('changeset_home',repo_name=name,revision=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a>

			




	
	
	
		
 
  %else:

			




	
	
	
		
 
      ${_('No changesets yet')}

			




	
	
	
		
 
  %endif

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="rss(name)">

			




	
	
	
		
 
  %if c.authuser.username != 'default':

			




	
	
	
		
 
    <a title="${_('Subscribe to %s rss feed')% name}" href="${h.url('rss_feed_home',repo_name=name,api_key=c.authuser.api_key)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %else:

			




	
	
	
		
 
    <a title="${_('Subscribe to %s rss feed')% name}" href="${h.url('rss_feed_home',repo_name=name)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %endif

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="atom(name)">

			




	
	
	
		
 
  %if c.authuser.username != 'default':

			




	
	
	
		
 
    <a title="${_('Subscribe to %s atom feed')% name}" href="${h.url('atom_feed_home',repo_name=name,api_key=c.authuser.api_key)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %else:

			




	
	
	
		
 
    <a title="${_('Subscribe to %s atom feed')% name}" href="${h.url('atom_feed_home',repo_name=name)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %endif

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_actions(repo_name, super_user=True)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
    <div style="float:left; margin-right:5px;" class="grid_edit">

			




	
	
	
		
 
      <a href="${h.url('edit_repo',repo_name=repo_name)}" title="${_('Edit')}">

			




	
	
	
		
 
        <i class="icon-pencil"></i> ${h.submit('edit_%s' % repo_name,_('Edit'),class_="action_button")}

			




	
	
	
		
 
      </a>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
    <div style="float:left" class="grid_delete">

			




	
	
	
		
 
      ${h.form(h.url('delete_repo', repo_name=repo_name), method='delete')}

			




	
	
	
		
 
        <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
        ${h.submit('remove_%s' % repo_name,_('Delete'),class_="action_button",

			




	
	
	
		
 
        onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}

			




	
	
	
		
 
      ${h.end_form()}

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_state(repo_state)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
    %if repo_state == u'repo_state_pending':

			




	
	
	
		
 
        <div class="btn btn-mini btn-info disabled">${_('Creating')}</div>

			




	
	
	
		
 
    %elif repo_state == u'repo_state_created':

			




	
	
	
		
 
        <div class="btn btn-mini btn-success disabled">${_('Created')}</div>

			




	
	
	
		
 
    %else:

			




	
	
	
		
 
        <div class="btn btn-mini btn-danger disabled" title="${repo_state}">invalid</div>

			




	
	
	
		
 
    %endif

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_actions(user_id, username)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
   <a href="${h.url('edit_user',id=user_id)}" title="${_('Edit')}">

			




	
	
	
		
 
     <i class="icon-pencil"></i> ${h.submit('edit_%s' % username,_('Edit'),class_="action_button")}

			




	
	
	
		
 
   </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
  ${h.form(h.url('delete_user', id=user_id),method='delete')}

			




	
	
	
		
 
    <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
    ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="action_button",

			




	
	
	
		
 
    onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}

			




	
	
	
		
 
  ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_group_actions(user_group_id, user_group_name)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
    <a href="${h.url('edit_users_group', id=user_group_id)}" title="${_('Edit')}">

			




	
	
	
		
 
    <i class="icon-pencil"></i>

			




	
	
	
		
 
     ${h.submit('edit_%s' % user_group_name,_('Edit'),class_="action_button", id_="submit_user_group_edit")}

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
    ${h.form(h.url('users_group', id=user_group_id),method='delete')}

			




	
	
	
		
 
      <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
      ${h.submit('remove_',_('Delete'),id="remove_group_%s" % user_group_id, class_="action_button",

			




	
	
	
		
 
      onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}

			




	
	
	
		
 
    ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
    <a href="${h.url('edit_repo_group',group_name=repo_group_name)}" title="${_('Edit')}">

			




	
	
	
		
 
    <i class="icon-pencil"></i>

			




	
	
	
		
 
     ${h.submit('edit_%s' % repo_group_name, _('Edit'),class_="action_button")}

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
    ${h.form(h.url('repos_group', group_name=repo_group_name),method='delete')}

			




	
	
	
		
 
    ${h.form(h.url('delete_repos_group', group_name=repo_group_name))}

			




	
	
	
		
 
        <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
        ${h.submit('remove_%s' % repo_group_name,_('Delete'),class_="action_button",

			




	
	
	
		
 
        onclick="return confirm('"+ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}

			




	
	
	
		
 
    ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_name(user_id, username)">

			




	
	
	
		
 
    ${h.link_to(username,h.url('edit_user', id=user_id))}

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_group_name(repo_group_name, children_groups)">

			




	
	
	
		
 
  <div style="white-space: nowrap">

			




	
	
	
		
 
  <a href="${h.url('repos_group_home',group_name=repo_group_name)}">

			




	
	
	
		
 
    <i class="icon-folder" title="${_('Repository group')}"></i> ${h.literal(' &raquo; '.join(children_groups))}</a>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_group_name(user_group_id, user_group_name)">

			




	
	
	
		
 
  <div style="white-space: nowrap">

			




	
	
	
		
 
  <a href="${h.url('edit_users_group', id=user_group_id)}">

			




	
	
	
		
 
    <i class="icon-users" title="${_('User group')}"></i> ${user_group_name}</a>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="toggle_follow(repo_id)">

			




	
	
	
		
 
  <span id="follow_toggle_${repo_id}" class="following" title="${_('Stop following this repository')}"

			




	
	
	
		
 
        onclick="toggleFollowingRepo(this, ${repo_id})">

			




	
	
	
		
 
  </span>

			




	
	
	
		
 
</%def>

			




        

    


    
    

    

        

                

                    kallithea/tests/functional/test_admin_users.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -130,193 +130,193 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 
    def test_update(self, name, attrs):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        usr = fixture.create_user(self.test_user_1, password='qweqwe',

			




	
	
	
		
 
                                  email='testme@example.com',

			




	
	
	
		
 
                                  extern_type='internal',

			




	
	
	
		
 
                                  extern_name=self.test_user_1,

			




	
	
	
		
 
                                  skip_if_exists=True)

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        params = usr.get_api_data(True)

			




	
	
	
		
 
        params.update({'password_confirmation': ''})

			




	
	
	
		
 
        params.update({'new_password': ''})

			




	
	
	
		
 
        params.update(attrs)

			




	
	
	
		
 
        if name == 'email':

			




	
	
	
		
 
            params['emails'] = [attrs['email']]

			




	
	
	
		
 
        if name == 'extern_type':

			




	
	
	
		
 
            #cannot update this via form, expected value is original one

			




	
	
	
		
 
            params['extern_type'] = "internal"

			




	
	
	
		
 
        if name == 'extern_name':

			




	
	
	
		
 
            #cannot update this via form, expected value is original one

			




	
	
	
		
 
            params['extern_name'] = self.test_user_1

			




	
	
	
		
 
            # special case since this user is not

			




	
	
	
		
 
                                          # logged in yet his data is not filled

			




	
	
	
		
 
                                          # so we use creation data

			




	
	
	
		
 

			




	
	
	
		
 
        params.update({'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.put(url('user', id=usr.user_id), params)

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User updated successfully')

			




	
	
	
		
 
        params.pop('_authentication_token')

			




	
	
	
		
 

			




	
	
	
		
 
        updated_user = User.get_by_username(self.test_user_1)

			




	
	
	
		
 
        updated_params = updated_user.get_api_data(True)

			




	
	
	
		
 
        updated_params.update({'password_confirmation': ''})

			




	
	
	
		
 
        updated_params.update({'new_password': ''})

			




	
	
	
		
 

			




	
	
	
		
 
        assert params == updated_params

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'newtestuserdeleteme'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_repo_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'repoerr'

			




	
	
	
		
 
        reponame = u'repoerr_fail'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 
        fixture.create_repo(name=reponame, cur_user=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User "%s" still '

			




	
	
	
		
 
                               'owns 1 repositories and cannot be removed. '

			




	
	
	
		
 
                               'Switch owners or remove those repositories: '

			




	
	
	
		
 
                               '%s' % (username, reponame))

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('delete_repo', repo_name=reponame),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Deleted repository %s' % reponame)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_repo_group_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'repogrouperr'

			




	
	
	
		
 
        groupname = u'repogroup_fail'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 
        fixture.create_repo_group(name=groupname, cur_user=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User "%s" still '

			




	
	
	
		
 
                               'owns 1 repository groups and cannot be removed. '

			




	
	
	
		
 
                               'Switch owners or remove those repository groups: '

			




	
	
	
		
 
                               '%s' % (username, groupname))

			




	
	
	
		
 

			




	
	
	
		
 
        # Relevant _if_ the user deletion succeeded to make sure we can render groups without owner

			




	
	
	
		
 
        # rg = RepoGroup.get_by_group_name(group_name=groupname)

			




	
	
	
		
 
        # response = self.app.get(url('repos_groups', id=rg.group_id))

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('delete_repo_group', group_name=groupname),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Removed repository group %s' % groupname)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_user_group_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'usergrouperr'

			




	
	
	
		
 
        groupname = u'usergroup_fail'

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.create_user(name=username)

			




	
	
	
		
 
        ug = fixture.create_user_group(name=groupname, cur_user=username)

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = Session().query(User) \

			




	
	
	
		
 
            .filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'User "%s" still '

			




	
	
	
		
 
                               'owns 1 user groups and cannot be removed. '

			




	
	
	
		
 
                               'Switch owners or remove those user groups: '

			




	
	
	
		
 
                               '%s' % (username, groupname))

			




	
	
	
		
 

			




	
	
	
		
 
        # TODO: why do this fail?

			




	
	
	
		
 
        #response = self.app.delete(url('delete_users_group', id=groupname))

			




	
	
	
		
 
        #self.checkSessionFlash(response, 'Removed user group %s' % groupname)

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.destroy_user_group(ug.users_group_id)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('user', id=new_user.user_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Successfully deleted user')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_edit(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        user = User.get_by_username(TEST_USER_ADMIN_LOGIN)

			




	
	
	
		
 
        response = self.app.get(url('edit_user', id=user.user_id))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_add_perm_create_repo(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        perm_none = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
        perm_create = Permission.get_by_key('hg.create.repository')

			




	
	
	
		
 

			




	
	
	
		
 
        user = UserModel().create_or_update(username='dummy', password='qwe',

			




	
	
	
		
 
                                            email='dummy', firstname=u'a',

			




	
	
	
		
 
                                            lastname=u'b')

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        uid = user.user_id

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            #User should have None permission on creation repository

			




	
	
	
		
 
            assert UserModel().has_perm(user, perm_none) == False

			




	
	
	
		
 
            assert UserModel().has_perm(user, perm_create) == False

			




	
	
	
		
 

			




	
	
	
		
 
            response = self.app.post(url('edit_user_perms', id=uid),

			




	
	
	
		
 
                                     params=dict(_method='put',

			




	
	
	
		
 
                                                 create_repo_perm=True,

			




	
	
	
		
 
                                                 _authentication_token=self.authentication_token()))

			




	
	
	
		
 

			




	
	
	
		
 
            perm_none = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
            perm_create = Permission.get_by_key('hg.create.repository')

			




	
	
	
		
 

			




	
	
	
		
 
            #User should have None permission on creation repository

			




	
	
	
		
 
            assert UserModel().has_perm(uid, perm_none) == False

			




	
	
	
		
 
            assert UserModel().has_perm(uid, perm_create) == True

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            UserModel().delete(uid)

			




	
	
	
		
 
            Session().commit()

			




	
	
	
		
 

			




	
	
	
		
 
    def test_revoke_perm_create_repo(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        perm_none = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
        perm_create = Permission.get_by_key('hg.create.repository')

			




	
	
	
		
 

			




	
	
	
		
 
        user = UserModel().create_or_update(username='dummy', password='qwe',

			




	
	
	
		
 
                                            email='dummy', firstname=u'a',

			




	
	
	
		
 
                                            lastname=u'b')

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        uid = user.user_id

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            #User should have None permission on creation repository

			




	
	
	
		
 
            assert UserModel().has_perm(user, perm_none) == False

			




	
	
	
		
 
            assert UserModel().has_perm(user, perm_create) == False

			




	
	
	
		
 

			




	
	
	
		
 
            response = self.app.post(url('edit_user_perms', id=uid),

			




	
	
	
		
 
                                     params=dict(_method='put', _authentication_token=self.authentication_token()))

			




	
	
	
		
 

			




	
	
	
		
 
            perm_none = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
            perm_create = Permission.get_by_key('hg.create.repository')

			




	
	
	
		
 

			




	
	
	
		
 
            #User should have None permission on creation repository

			




	
	
	
		
 
            assert UserModel().has_perm(uid, perm_none) == True

			




	
	
	
		
 
            assert UserModel().has_perm(uid, perm_create) == False

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            UserModel().delete(uid)

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.