kallithea Changeset - 199fd214b213

Changeset - 199fd214b213

Parent rev.

Child rev.

[Not reviewed]

beta

0 4 0

Marcin Kuzminski - 13 years ago 2013-02-15 00:53:47
marcin@python-works.com

Show admin dropdown for users who are admin of repo groups

4 files changed with 42 insertions and 2 deletions:

rhodecode/lib/auth.py

rhodecode/templates/admin/repos_groups/repos_groups_edit.html

rhodecode/templates/admin/repos_groups/repos_groups_show.html

rhodecode/templates/base/base.html

0 comments (0 inline, 0 general)

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -308,192 +308,208 @@ def get_container_username(environ, conf @@
 class CookieStoreWrapper(object):
     def __init__(self, cookie_store):
         self.cookie_store = cookie_store
     def __repr__(self):
         return 'CookieStore<%s>' % (self.cookie_store)
     def get(self, key, other=None):
         if isinstance(self.cookie_store, dict):
             return self.cookie_store.get(key, other)
         elif isinstance(self.cookie_store, AuthUser):
             return self.cookie_store.__dict__.get(key, other)
 class  AuthUser(object):
     """
     A simple object that handles all attributes of user in RhodeCode
     It does lookup based on API key,given user, or user present in session
     Then it fills all required information for such user. It also checks if
     anonymous access is enabled and if so, it returns default user as logged
     in
     """
     def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
         self.user_id = user_id
         self.api_key = None
         self.username = username
         self.ip_addr = ip_addr
         self.name = ''
         self.lastname = ''
         self.email = ''
         self.is_authenticated = False
         self.admin = False
         self.inherit_default_permissions = False
         self.permissions = {}
         self._api_key = api_key
         self.propagate_data()
         self._instance = None
     def propagate_data(self):
         user_model = UserModel()
         self.anonymous_user = User.get_by_username('default', cache=True)
         is_user_loaded = False
         # try go get user by api key
         if self._api_key and self._api_key != self.anonymous_user.api_key:
             log.debug('Auth User lookup by API KEY %s' % self._api_key)
             is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
         # lookup by userid
         elif (self.user_id is not None and
               self.user_id != self.anonymous_user.user_id):
             log.debug('Auth User lookup by USER ID %s' % self.user_id)
             is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
         # lookup by username
         elif self.username and \
             str2bool(config.get('container_auth_enabled', False)):
             log.debug('Auth User lookup by USER NAME %s' % self.username)
             dbuser = login_container_auth(self.username)
             if dbuser is not None:
                 log.debug('filling all attributes to object')
                 for k, v in dbuser.get_dict().items():
                     setattr(self, k, v)
                 self.set_authenticated()
                 is_user_loaded = True
         else:
             log.debug('No data in %s that could been used to log in' % self)
         if not is_user_loaded:
             # if we cannot authenticate user try anonymous
             if self.anonymous_user.active is True:
                 user_model.fill_data(self, user_id=self.anonymous_user.user_id)
                 # then we set this user is logged in
                 self.is_authenticated = True
             else:
                 self.user_id = None
                 self.username = None
                 self.is_authenticated = False
         if not self.username:
             self.username = 'None'
         log.debug('Auth User is now %s' % self)
         user_model.fill_perms(self)
     @property
     def is_admin(self):
         return self.admin
     @property
     def repos_admin(self):
         """
         Returns list of repositories you're an admin of
         """
         return [x[0] for x in self.permissions['repositories'].iteritems()
                 if x[1] == 'repository.admin']
     @property
     def groups_admin(self):
         """
         Returns list of repositories groups you're an admin of
         """
         return [x[0] for x in self.permissions['repositories_groups'].iteritems()
                 if x[1] == 'group.admin']
     @property
     def ip_allowed(self):
         """
         Checks if ip_addr used in constructor is allowed from defined list of
         allowed ip_addresses for user
         :returns: boolean, True if ip is in allowed ip range
         """
         #check IP
         allowed_ips = AuthUser.get_allowed_ips(self.user_id, cache=True)
         if check_ip_access(source_ip=self.ip_addr, allowed_ips=allowed_ips):
             log.debug('IP:%s is in range of %s' % (self.ip_addr, allowed_ips))
             return True
         else:
             log.info('Access for IP:%s forbidden, '
                      'not in %s' % (self.ip_addr, allowed_ips))
             return False
     def __repr__(self):
         return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username,
                                               self.is_authenticated)
     def set_authenticated(self, authenticated=True):
         if self.user_id != self.anonymous_user.user_id:
             self.is_authenticated = authenticated
     def get_cookie_store(self):
         return {'username': self.username,
                 'user_id': self.user_id,
                 'is_authenticated': self.is_authenticated}
     @classmethod
     def from_cookie_store(cls, cookie_store):
         """
         Creates AuthUser from a cookie store
         :param cls:
         :param cookie_store:
         """
         user_id = cookie_store.get('user_id')
         username = cookie_store.get('username')
         api_key = cookie_store.get('api_key')
         return AuthUser(user_id, api_key, username)
     @classmethod
     def get_allowed_ips(cls, user_id, cache=False):
         _set = set()
         user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
         if cache:
             user_ips = user_ips.options(FromCache("sql_cache_short",
                                                   "get_user_ips_%s" % user_id))
         for ip in user_ips:
             try:
                 _set.add(ip.ip_addr)
             except ObjectDeletedError:
                 # since we use heavy caching sometimes it happens that we get
                 # deleted objects here, we just skip them
                 pass
         return _set or set(['0.0.0.0/0', '::/0'])
 def set_available_permissions(config):
     """
     This function will propagate pylons globals with all available defined
     permission given in db. We don't want to check each time from db for new
     permissions since adding a new permission also requires application restart
     ie. to decorate new views with the newly created permission
     :param config: current pylons config instance
     """
     log.info('getting information about all available permissions')
     try:
         sa = meta.Session
         all_perms = sa.query(Permission).all()
     except Exception:
         pass
     finally:
         meta.Session.remove()
     config['available_permissions'] = [x.permission_name for x in all_perms]
 #==============================================================================
 # CHECK DECORATORS
 #==============================================================================
 class LoginRequired(object):
     """
     Must be logged in to execute this function else
     redirect to login page
     :param api_access: if enabled this checks only for valid auth token
         and grants access based on valid token
     """
     def __init__(self, api_access=False):
         self.api_access = api_access

rhodecode/templates/admin/repos_groups/repos_groups_edit.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 <%inherit file="/base/base.html"/>
 <%def name="title()">
     ${_('Edit repos group')} ${c.repos_group.name} - ${c.rhodecode_name}
 </%def>
 <%def name="breadcrumbs_links()">
     ${h.link_to(_('Admin'),h.url('admin_home'))}
     &raquo;
     ${h.link_to(_('Repos groups'),h.url('repos_groups'))}
     &raquo;
     ${_('edit repos group')} "${c.repos_group.name}"
 </%def>
 <%def name="page_nav()">
     ${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
         <ul class="links">
           <li>
-            <span>${h.link_to(_(u'Add new child group'),h.url('new_repos_group', parent_group=c.repos_group.group_id))}</span>
             <span>${h.link_to(_(u'Add child group'),h.url('new_repos_group', parent_group=c.repos_group.group_id))}</span>
           </li>
         </ul>
     </div>
     <!-- end box / title -->
     ${h.form(url('repos_group',group_name=c.repos_group.group_name),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
             <div class="field">
                 <div class="label">
                     <label for="group_name">${_('Group name')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('group_name',class_='medium')}
                 </div>
             </div>
             <div class="field">
                 <div class="label label-textarea">
                     <label for="group_description">${_('Description')}:</label>
                 </div>
                 <div class="textarea text-area editor">
                     ${h.textarea('group_description',cols=23,rows=5,class_="medium")}
                 </div>
             </div>
             <div class="field">
                 <div class="label">
                     <label for="group_parent_id">${_('Group parent')}:</label>
                 </div>
                 <div class="input">
                     ${h.select('group_parent_id','',c.repo_groups,class_="medium")}
                 </div>
             </div>
             <div class="field">
                 <div class="label">
                     <label for="input">${_('Permissions')}:</label>
                 </div>
                 <div class="input">
                     <%include file="repos_group_edit_perms.html"/>
                 </div>
             </div>
             <div class="field">
                 <div class="label label-checkbox">
                     <label for="enable_locking">${_('Enable locking')}:</label>
                 </div>
                 <div class="checkboxes">
                     ${h.checkbox('enable_locking',value="True")}
                     <span class="help-block">${_('Enable lock-by-pulling on group. This option will be applied to all other groups and repositories inside')}</span>
                 </div>
             </div>
             <div class="buttons">
               ${h.submit('save',_('Save'),class_="ui-btn large")}
               ${h.reset('reset',_('Reset'),class_="ui-btn large")}
             </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>

rhodecode/templates/admin/repos_groups/repos_groups_show.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 <%inherit file="/base/base.html"/>
 <%def name="title()">
     ${_('Repositories groups administration')} - ${c.rhodecode_name}
 </%def>
 <%def name="breadcrumbs_links()">
     ${h.link_to(_('Admin'),h.url('admin_home'))} &raquo; ${_('Repositories')}
 </%def>
 <%def name="page_nav()">
     ${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
         <ul class="links">
           <li>
             <span>${h.link_to(_(u'Add new group'),h.url('new_repos_group'))}</span>
             %if h.HasPermissionAny('hg.admin')():
              <span>${h.link_to(_(u'Add group'),h.url('new_repos_group'))}</span>
             %endif
           </li>
         </ul>
     </div>
     <!-- end box / title -->
     <div class="table">
            % if c.groups:
             <table class="table_disp">
                 <thead>
                     <tr>
                         <th class="left"><a href="#">${_('Group name')}</a></th>
                         <th class="left"><a href="#">${_('Description')}</a></th>
                         <th class="left"><a href="#">${_('Number of toplevel repositories')}</a></th>
                         <th class="left" colspan="2">${_('action')}</th>
                     </tr>
                 </thead>
                 ## REPO GROUPS
                 % for gr in c.groups:
                     <% gr_cn = gr.repositories.count() %>
                   <tr>
                       <td>
                           <div style="white-space: nowrap">
                           <img class="icon" alt="${_('Repositories group')}" src="${h.url('/images/icons/database_link.png')}"/>
                           ${h.link_to(h.literal(' &raquo; '.join(map(h.safe_unicode,[g.name for g in gr.parents+[gr]]))), url('repos_group_home',group_name=gr.group_name))}
                           </div>
                       </td>
                       <td>${gr.group_description}</td>
                       <td><b>${gr_cn}</b></td>
                       <td>
                        <a href="${h.url('edit_repos_group',group_name=gr.group_name)}" title="${_('edit')}">
                          ${h.submit('edit_%s' % gr.group_name,_('edit'),class_="edit_icon action_button")}
                        </a>
                       </td>
                       <td>
                        ${h.form(url('repos_group', group_name=gr.group_name),method='delete')}
                          ${h.submit('remove_%s' % gr.name,_('delete'),class_="delete_icon action_button",onclick="return confirm('"+ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_cn) % (gr.name,gr_cn)+"');")}
                        ${h.end_form()}
                       </td>
                   </tr>
                 % endfor
             </table>
             % else:
                 ${_('There are no repositories groups yet')}
             % endif
     </div>
 </div>
 </%def>

rhodecode/templates/base/base.html

➞

Show inline comments

@@ @@ -159,210 +159,232 @@ @@
                   <li>
                       <a href="#">${_('loading...')}</a>
                   </li>
               </ul>
           </li>
         ## we render this menu only not for those pages
         %if current not in ['home','admin', 'search', 'journal']:
             ##REGULAR MENU
             <li ${is_current('summary')}>
                <a class="menu_link" title="${_('Summary page')}" href="${h.url('summary_home',repo_name=c.repo_name)}">
                <span class="icon">
                    <img src="${h.url('/images/icons/clipboard_16.png')}" alt="${_('Summary')}" />
                </span>
                <span>${_('Summary')}</span>
                </a>
             </li>
             <li ${is_current('changelog')}>
                <a class="menu_link" title="${_('Changeset list')}" href="${h.url('changelog_home',repo_name=c.repo_name)}">
                <span class="icon">
                    <img src="${h.url('/images/icons/time.png')}" alt="${_('Changelog')}" />
                </span>
                <span>${_('Changelog')}</span>
                </a>
             </li>
             <li ${is_current('switch_to')}>
                <a class="menu_link" id="branch_tag_switcher" title="${_('Switch to')}" href="#">
                <span class="icon">
                    <img src="${h.url('/images/icons/arrow_switch.png')}" alt="${_('Switch to')}" />
                </span>
                <span>${_('Switch to')}</span>
                </a>
                 <ul id="switch_to_list" class="switch_to">
                     <li><a href="#">${_('loading...')}</a></li>
                 </ul>
             </li>
             <li ${is_current('files')}>
                <a class="menu_link" title="${_('Show repository content')}" href="${h.url('files_home',repo_name=c.repo_name)}">
                <span class="icon">
                    <img src="${h.url('/images/icons/file.png')}" alt="${_('Files')}" />
                </span>
                <span>${_('Files')}</span>
                </a>
             </li>
             <li ${is_current('options')}>
                <a class="menu_link" title="${_('Options')}" href="#">
                <span class="icon">
                    <img src="${h.url('/images/icons/table_gear.png')}" alt="${_('Admin')}" />
                </span>
                <span>${_('Options')}</span>
                </a>
                <ul>
                %if h.HasRepoPermissionAll('repository.admin')(c.repo_name):
                  %if h.HasPermissionAll('hg.admin')('access settings on repository'):
                      <li>${h.link_to(_('repository settings'),h.url('edit_repo',repo_name=c.repo_name),class_='settings')}</li>
                  %else:
                      <li>${h.link_to(_('repository settings'),h.url('repo_settings_home',repo_name=c.repo_name),class_='settings')}</li>
                  %endif
                %endif
                 <li>${h.link_to(_('fork'),h.url('repo_fork_home',repo_name=c.repo_name),class_='fork')}</li>
                 %if h.is_hg(c.rhodecode_repo):
                  <li>${h.link_to(_('open new pull request'),h.url('pullrequest_home',repo_name=c.repo_name),class_='pull_request')}</li>
                 %endif
                 %if c.rhodecode_db_repo.fork:
                  <li>${h.link_to(_('compare fork'),h.url('compare_url',repo_name=c.rhodecode_db_repo.fork.repo_name,org_ref_type='branch',org_ref='default',other_repo=c.repo_name,other_ref_type='branch',other_ref=request.GET.get('branch') or 'default'),class_='compare_request')}</li>
                 %endif
                 <li>${h.link_to(_('lightweight changelog'),h.url('shortlog_home',repo_name=c.repo_name),class_='shortlog')}</li>
                 <li>${h.link_to(_('search'),h.url('search_repo',repo_name=c.repo_name),class_='search')}</li>
                 %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name) and c.rhodecode_db_repo.enable_locking:
                   %if c.rhodecode_db_repo.locked[0]:
                     <li>${h.link_to(_('unlock'), h.url('toggle_locking',repo_name=c.repo_name),class_='locking_del')}</li>
                   %else:
                     <li>${h.link_to(_('lock'), h.url('toggle_locking',repo_name=c.repo_name),class_='locking_add')}</li>
                   %endif
                 %endif
                 % if h.HasPermissionAll('hg.admin')('access admin main page'):
                  <li>
                    ${h.link_to(_('admin'),h.url('admin_home'),class_='admin')}
                     <%def name="admin_menu()">
                     <ul>
                         <li>${h.link_to(_('admin journal'),h.url('admin_home'),class_='journal')}</li>
                         <li>${h.link_to(_('repositories'),h.url('repos'),class_='repos')}</li>
                         <li>${h.link_to(_('repositories groups'),h.url('repos_groups'),class_='repos_groups')}</li>
                         <li>${h.link_to(_('users'),h.url('users'),class_='users')}</li>
                         <li>${h.link_to(_('users groups'),h.url('users_groups'),class_='groups')}</li>
                         <li>${h.link_to(_('permissions'),h.url('edit_permission',id='default'),class_='permissions')}</li>
                         <li>${h.link_to(_('ldap'),h.url('ldap_home'),class_='ldap')}</li>
                         <li>${h.link_to(_('defaults'),h.url('defaults'),class_='defaults')}</li>
                         <li class="last">${h.link_to(_('settings'),h.url('admin_settings'),class_='settings')}</li>
                     </ul>
                     </%def>
                     ## ADMIN MENU
                     ${admin_menu()}
                  </li>
                 ## if you're a admin of any groups, show admin menu for it
                 % elif c.rhodecode_user.groups_admin:
                    <li>
                      ${h.link_to(_('admin'),h.url('admin_home'),class_='admin')}
                       <%def name="admin_menu_simple()">
                       <ul>
                           <li>${h.link_to(_('repositories groups'),h.url('repos_groups'),class_='repos_groups')}</li>
                       </ul>
                       </%def>
                       ## ADMIN MENU
                       ${admin_menu_simple()}
                    </li>
                 % endif
                </ul>
             </li>
             <li>
                 <a class="menu_link" title="${_('Followers')}" href="${h.url('repo_followers_home',repo_name=c.repo_name)}">
                 <span class="icon_short">
                     <img src="${h.url('/images/icons/heart.png')}" alt="${_('Followers')}" />
                 </span>
                 <span id="current_followers_count" class="short">${c.repository_followers}</span>
                 </a>
             </li>
             <li>
                 <a class="menu_link" title="${_('Forks')}" href="${h.url('repo_forks_home',repo_name=c.repo_name)}">
                 <span class="icon_short">
                     <img src="${h.url('/images/icons/arrow_divide.png')}" alt="${_('Forks')}" />
                 </span>
                 <span class="short">${c.repository_forks}</span>
                 </a>
             </li>
             <li>
                 <a class="menu_link" title="${_('Pull requests')}" href="${h.url('pullrequest_show_all',repo_name=c.repo_name)}">
                 <span class="icon_short">
                     <img src="${h.url('/images/icons/arrow_join.png')}" alt="${_('Pull requests')}" />
                 </span>
                 <span class="short">${c.repository_pull_requests}</span>
                 </a>
             </li>
             ${usermenu()}
             <script type="text/javascript">
                 YUE.on('branch_tag_switcher','mouseover',function(){
                    var loaded = YUD.hasClass('branch_tag_switcher','loaded');
                    if(!loaded){
                        YUD.addClass('branch_tag_switcher','loaded');
                        ypjax("${h.url('branch_tag_switcher',repo_name=c.repo_name)}",'switch_to_list',
                            function(o){},
                            function(o){YUD.removeClass('branch_tag_switcher','loaded');}
                            ,null);
+                   }
                    return false;
                 });
             </script>
         %else:
             ##ROOT MENU
             %if c.rhodecode_user.username != 'default':
              <li ${is_current('journal')}>
                 <a class="menu_link" title="${_('Show recent activity')}"  href="${h.url('journal')}">
                 <span class="icon">
                     <img src="${h.url('/images/icons/book.png')}" alt="${_('Journal')}" />
                 </span>
                 <span>${_('Journal')}</span>
                 </a>
              </li>
             %else:
              <li ${is_current('journal')}>
                 <a class="menu_link" title="${_('Public journal')}"  href="${h.url('public_journal')}">
                 <span class="icon">
                     <img src="${h.url('/images/icons/book.png')}" alt="${_('Public journal')}" />
                 </span>
                 <span>${_('Public journal')}</span>
                 </a>
              </li>
             %endif
             <li ${is_current('search')}>
                 <a class="menu_link" title="${_('Search in repositories')}"  href="${h.url('search')}">
                 <span class="icon">
                     <img src="${h.url('/images/icons/search_16.png')}" alt="${_('Search')}" />
                 </span>
                 <span>${_('Search')}</span>
                 </a>
             </li>
             %if h.HasPermissionAll('hg.admin')('access admin main page'):
             <li ${is_current('admin')}>
                <a class="menu_link" title="${_('Admin')}" href="${h.url('admin_home')}">
                <span class="icon">
                    <img src="${h.url('/images/icons/cog_edit.png')}" alt="${_('Admin')}" />
                </span>
                <span>${_('Admin')}</span>
                </a>
                 ${admin_menu()}
             </li>
             % elif c.rhodecode_user.groups_admin:
             <li ${is_current('admin')}>
                <a class="menu_link" title="${_('Admin')}" href="${h.url('admin_home')}">
                <span class="icon">
                    <img src="${h.url('/images/icons/cog_edit.png')}" alt="${_('Admin')}" />
                </span>
                <span>${_('Admin')}</span>
                </a>
                 ${admin_menu_simple()}
             </li>
             %endif
             ${usermenu()}
         %endif
 <script type="text/javascript">
     YUE.on('repo_switcher','mouseover',function(){
       var target = 'q_filter_rs';
       var qfilter_activate = function(){
           var nodes = YUQ('ul#repo_switcher_list li a.repo_name');
           var func = function(node){
               return node.parentNode;
+          }
           q_filter(target,nodes,func);
+      }
       var loaded = YUD.hasClass('repo_switcher','loaded');
       if(!loaded){
          YUD.addClass('repo_switcher','loaded');
          ypjax("${h.url('repo_switcher')}",'repo_switcher_list',
              function(o){qfilter_activate();YUD.get(target).focus()},
              function(o){YUD.removeClass('repo_switcher','loaded');}
              ,null);
       }else{
          YUD.get(target).focus();
+      }
       return false;
      });
      YUE.on('header-dd', 'click',function(e){
          YUD.addClass('header-inner', 'hover');
          YUD.addClass('content', 'hover');
      });
 </script>
 </%def>

0 comments (0 inline, 0 general)