kallithea Changeset - 25dbbdae3ed9

Changeset - 25dbbdae3ed9

Parent rev.

Child rev.

[Not reviewed]

beta

0 8 0

Marcin Kuzminski - 13 years ago 2013-04-08 23:49:08
marcin@python-works.com

consistent handling of grant/revoke of permissions widgets
- use 1 method for users and for users groups
- use common JS for ajax revoke
- cleanup code

8 files changed with 108 insertions and 155 deletions:

rhodecode/config/routing.py

rhodecode/controllers/admin/repos.py

rhodecode/controllers/admin/repos_groups.py

rhodecode/controllers/admin/users_groups.py

rhodecode/public/js/rhodecode.js

rhodecode/templates/admin/repos/repo_edit_perms.html

rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html

rhodecode/templates/admin/users_groups/user_group_edit_perms.html

0 comments (0 inline, 0 general)

rhodecode/config/routing.py

➞

Show inline comments

@@ @@ -113,37 +113,33 @@ def make_map(config): @@
              action="delete", conditions=dict(method=["DELETE"],
                                               function=check_repo))
         m.connect("formatted_edit_repo", "/repos/{repo_name:.*?}.{format}/edit",
              action="edit", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("repo", "/repos/{repo_name:.*?}",
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("formatted_repo", "/repos/{repo_name:.*?}.{format}",
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         #add repo perm member
         m.connect('set_repo_perm_member', "/set_repo_perm_member/{repo_name:.*?}",
              action="set_repo_perm_member",
              conditions=dict(method=["POST"], function=check_repo))
         m.connect('set_repo_perm_member',
                   "/repos/{repo_name:.*?}/grant_perm",
                   action="set_repo_perm_member",
                   conditions=dict(method=["POST"], function=check_repo))
         #ajax delete repo perm user
         m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}",
              action="delete_perm_user",
              conditions=dict(method=["DELETE"], function=check_repo))
         #ajax delete repo perm users_group
         m.connect('delete_repo_users_group',
                   "/repos_delete_users_group/{repo_name:.*?}",
                   action="delete_perm_users_group",
         m.connect('delete_repo_perm_member',
                   "/repos/{repo_name:.*?}/revoke_perm",
                   action="delete_repo_perm_member",
                   conditions=dict(method=["DELETE"], function=check_repo))
         #settings actions
         m.connect('repo_stats', "/repos_stats/{repo_name:.*?}",
                   action="repo_stats", conditions=dict(method=["DELETE"],
                                                        function=check_repo))
         m.connect('repo_cache', "/repos_cache/{repo_name:.*?}",
                   action="repo_cache", conditions=dict(method=["DELETE"],
                                                        function=check_repo))
         m.connect('repo_public_journal', "/repos_public_journal/{repo_name:.*?}",
                   action="repo_public_journal", conditions=dict(method=["PUT"],
                                                         function=check_repo))
@@ @@ -175,59 +171,53 @@ def make_map(config): @@
                   action="create", conditions=dict(method=["POST"]))
         m.connect("repos_groups", "/repos_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_repos_groups", "/repos_groups.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_repos_group", "/repos_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_repos_group", "/repos_groups/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_repos_group", "/repos_groups/{group_name:.*?}",
                   action="update", conditions=dict(method=["PUT"],
                                                    function=check_group))
         #add repo group perm member
         m.connect('set_repo_group_perm_member',
                   "/repos_groups/{group_name:.*?}/grant_perm",
                   action="set_repo_group_perm_member",
                   conditions=dict(method=["POST"], function=check_group))
         #ajax delete repo group perm
         m.connect('delete_repo_group_perm_member',
                   "/repos_groups/{group_name:.*?}/revoke_perm",
                   action="delete_repo_group_perm_member",
                   conditions=dict(method=["DELETE"], function=check_group))
         m.connect("delete_repos_group", "/repos_groups/{group_name:.*?}",
                   action="delete", conditions=dict(method=["DELETE"],
                                                    function=check_group_skip_path))
         m.connect("edit_repos_group", "/repos_groups/{group_name:.*?}/edit",
                   action="edit", conditions=dict(method=["GET"],
                                                  function=check_group))
         m.connect("formatted_edit_repos_group",
                   "/repos_groups/{group_name:.*?}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"],
                                                  function=check_group))
         m.connect("repos_group", "/repos_groups/{group_name:.*?}",
                   action="show", conditions=dict(method=["GET"],
                                                  function=check_group))
         m.connect("formatted_repos_group", "/repos_groups/{group_name:.*?}.{format}",
                   action="show", conditions=dict(method=["GET"],
                                                  function=check_group))
         #add repo perm member
         m.connect('set_repo_group_perm_member',
                   "/set_repo_group_perm_member/{group_name:.*?}",
              action="set_repo_group_perm_member",
              conditions=dict(method=["POST"], function=check_group))
         # ajax delete repository group perm user
         m.connect('delete_repos_group_user_perm',
                   "/delete_repos_group_user_perm/{group_name:.*?}",
              action="delete_repos_group_user_perm",
              conditions=dict(method=["DELETE"], function=check_group))
         # ajax delete repository group perm users_group
         m.connect('delete_repos_group_users_group_perm',
                   "/delete_repos_group_users_group_perm/{group_name:.*?}",
                   action="delete_repos_group_users_group_perm",
                   conditions=dict(method=["DELETE"], function=check_group))
     #ADMIN USER REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users') as m:
         m.connect("users", "/users",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users", "/users",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users", "/users.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_user", "/users/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_user", "/users/new.{format}",

rhodecode/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -42,24 +42,25 @@ from rhodecode.lib.auth import LoginRequ @@
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.lib.utils import action_logger, repo_name_slug
 from rhodecode.lib.helpers import get_token
 from rhodecode.model.meta import Session
 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\
     RhodeCodeSetting, RepositoryField
 from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm
 from rhodecode.model.scm import ScmModel, RepoGroupList
 from rhodecode.model.repo import RepoModel
 from rhodecode.lib.compat import json
 from sqlalchemy.sql.expression import func
 from rhodecode.lib.exceptions import AttachedForksError
 from rhodecode.lib.utils2 import safe_int
 log = logging.getLogger(__name__)
 class ReposController(BaseRepoController):
     """
     REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('repo', 'repos')
     @LoginRequired()
@@ @@ -331,60 +332,51 @@ class ReposController(BaseRepoController @@
     def set_repo_perm_member(self, repo_name):
         form = RepoPermsForm()().to_python(request.POST)
         RepoModel()._update_permissions(repo_name, form['perms_new'],
                                         form['perms_updates'])
         #TODO: implement this
         #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions',
         #              repo_name, self.ip_addr, self.sa)
         Session().commit()
         h.flash(_('Repository permissions updated'), category='success')
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasRepoPermissionAllDecorator('repository.admin')
-    def delete_perm_user(self, repo_name):
+    def delete_repo_perm_member(self, repo_name):
         """
         DELETE an existing repository permission user
         :param repo_name:
         """
         try:
             RepoModel().revoke_user_permission(repo=repo_name,
                                                user=request.POST['user_id'])
             obj_type = request.POST.get('obj_type')
             obj_id = None
             if obj_type == 'user':
                 obj_id = safe_int(request.POST.get('user_id'))
             elif obj_type == 'user_group':
                 obj_id = safe_int(request.POST.get('user_group_id'))
             if obj_type == 'user':
                 RepoModel().revoke_user_permission(repo=repo_name, user=obj_id)
             elif obj_type == 'user_group':
                 RepoModel().revoke_users_group_permission(
                     repo=repo_name, group_name=obj_id
+                )
             #TODO: implement this
             #action_logger(self.rhodecode_user, 'admin_revoked_repo_permissions',
             #              repo_name, self.ip_addr, self.sa)
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository user'),
                     category='error')
             raise HTTPInternalServerError()
     @HasRepoPermissionAllDecorator('repository.admin')
     def delete_perm_users_group(self, repo_name):
         """
         DELETE an existing repository permission user group
         :param repo_name:
         """
         try:
             RepoModel().revoke_users_group_permission(
                 repo=repo_name, group_name=request.POST['users_group_id']
+            )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository'
                       ' user groups'),
             h.flash(_('An error occurred during revoking of permission'),
                     category='error')
             raise HTTPInternalServerError()
     @HasRepoPermissionAllDecorator('repository.admin')
     def repo_stats(self, repo_name):
         """
         DELETE an existing repository statistics
         :param repo_name:
         """
         try:

rhodecode/controllers/admin/repos_groups.py

➞

Show inline comments

@@ @@ -285,67 +285,59 @@ class ReposGroupsController(BaseControll @@
         # set the permissions !
         # this can be potentially heavy operation
         ReposGroupModel()._update_permissions(c.repos_group, form['perms_new'],
                                               form['perms_updates'], recursive)
         #TODO: implement this
         #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions',
         #              repo_name, self.ip_addr, self.sa)
         Session().commit()
         h.flash(_('Repository Group permissions updated'), category='success')
         return redirect(url('edit_repos_group', group_name=group_name))
     @HasReposGroupPermissionAnyDecorator('group.admin')
-    def delete_repos_group_user_perm(self, group_name):
+    def delete_repo_group_perm_member(self, group_name):
         """
         DELETE an existing repository group permission user
         :param group_name:
         """
         try:
             obj_type = request.POST.get('obj_type')
             obj_id = None
             if obj_type == 'user':
                 obj_id = safe_int(request.POST.get('user_id'))
             elif obj_type == 'user_group':
                 obj_id = safe_int(request.POST.get('user_group_id'))
             if not c.rhodecode_user.is_admin:
-                if c.rhodecode_user.user_id == safe_int(request.POST['user_id']):
+                if obj_type == 'user' and c.rhodecode_user.user_id == obj_id:
                     msg = _('Cannot revoke permission for yourself as admin')
                     h.flash(msg, category='warning')
                     raise Exception('revoke admin permission on self')
             recursive = str2bool(request.POST.get('recursive', False))
             ReposGroupModel().delete_permission(
                 repos_group=group_name, obj=request.POST['user_id'],
                 obj_type='user', recursive=recursive
+            )
             if obj_type == 'user':
                 ReposGroupModel().delete_permission(
                     repos_group=group_name, obj=obj_id,
                     obj_type='user', recursive=recursive
+                )
             elif obj_type == 'user_group':
                 ReposGroupModel().delete_permission(
                     repos_group=group_name, obj=obj_id,
                     obj_type='users_group', recursive=recursive
+                )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of group user'),
                     category='error')
             raise HTTPInternalServerError()
     @HasReposGroupPermissionAnyDecorator('group.admin')
     def delete_repos_group_users_group_perm(self, group_name):
         """
         DELETE an existing repository group permission user group
         :param group_name:
         """
         try:
             recursive = str2bool(request.POST.get('recursive', False))
             ReposGroupModel().delete_permission(
                 repos_group=group_name, obj=request.POST['users_group_id'],
                 obj_type='users_group', recursive=recursive
+            )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of group'
                       ' user groups'),
             h.flash(_('An error occurred during revoking of permission'),
                     category='error')
             raise HTTPInternalServerError()
     def show_by_name(self, group_name):
         """
         This is a proxy that does a lookup group_name -> id, and shows
         the group by id view instead
         """
         group_name = group_name.rstrip('/')
         id_ = RepoGroup.get_by_group_name(group_name)
         if id_:
             return self.show(id_.group_id)

rhodecode/controllers/admin/users_groups.py

➞

Show inline comments

@@ @@ -286,25 +286,25 @@ class UsersGroupsController(BaseControll @@
                 if obj_type == 'user' and c.rhodecode_user.user_id == obj_id:
                     msg = _('Cannot revoke permission for yourself as admin')
                     h.flash(msg, category='warning')
                     raise Exception('revoke admin permission on self')
             if obj_type == 'user':
                 UserGroupModel().revoke_user_permission(user_group=id,
                                                         user=obj_id)
             elif obj_type == 'user_group':
                 pass
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
-            h.flash(_('An error occurred during deletion of group user'),
+            h.flash(_('An error occurred during revoking of permission'),
                     category='error')
             raise HTTPInternalServerError()
     def show(self, id, format='html'):
         """GET /users_groups/id: Show a specific item"""
         # url('users_group', id=ID)
     @HasUserGroupPermissionAnyDecorator('usergroup.admin')
     def edit(self, id, format='html'):
         """GET /users_groups/id/edit: Form to edit an existing item"""
         # url('edit_users_group', id=ID)

rhodecode/public/js/rhodecode.js

➞

Show inline comments

@@ @@ -359,24 +359,38 @@ var _run_callbacks = function(callbacks) @@
         for (var i=0;i<_l;i++){
             var func = callbacks[i];
             if(typeof(func)=='function'){
                 try{
                     func();
                 }catch (err){};
+            }
+        }
+    }
+}
 /**
  * turns objects into GET query string
  */
 var toQueryString = function(o) {
     if(typeof o !== 'object') {
         return false;
+    }
     var _p, _qs = [];
     for(_p in o) {
         _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p]));
+    }
     return _qs.join('&');
 };
 /**
  * Partial Ajax Implementation
+ *
  * @param url: defines url to make partial request
  * @param container: defines id of container to input partial result
  * @param s_call: success callback function that takes o as arg
  *  o.tId
  *  o.status
  *  o.statusText
  *  o.getResponseHeader[ ]
  *  o.getAllResponseHeaders
  *  o.responseText
  *  o.responseXML
@@ @@ -432,35 +446,24 @@ var ajaxGET = function(url,success) { @@
     };
     var request = YAHOO.util.Connect.asyncRequest('GET', sUrl, callback);
     return request;
 };
 var ajaxPOST = function(url,postData,success) {
     // Set special header for ajax == HTTP_X_PARTIAL_XHR
     YUC.initHeader('X-PARTIAL-XHR',true);
     var toQueryString = function(o) {
         if(typeof o !== 'object') {
             return false;
+        }
         var _p, _qs = [];
         for(_p in o) {
             _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p]));
+        }
         return _qs.join('&');
     };
     var sUrl = url;
     var callback = {
         success: success,
         failure: function (o) {
             alert("error");
         },
     };
     var postData = toQueryString(postData);
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
     return request;
 };
@@ @@ -2026,25 +2029,56 @@ var addPermAction = function(_html, user @@
        YUD.setStyle(last_node, 'display', '');
        YUD.removeClass(last_node, 'last_new_member');
        MembersAutoComplete("perm_new_member_name_"+next_id,
                "perm_container_"+next_id, users_list, groups_list);
        //create new last NODE
        var el = document.createElement('tr');
        el.id = 'add_perm_input';
        YUD.addClass(el,'last_new_member');
        YUD.addClass(el,'new_members');
        YUD.insertAfter(el, last_node);
+    }
+}
 function ajaxActionRevokePermission(url, obj_id, obj_type, field_id, extra_data) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     };
     query_params = {
         '_method': 'delete'
+    }
     // put extra data into POST
     if (extra_data !== undefined && (typeof extra_data === 'object')){
         for(k in extra_data){
             query_params[k] = extra_data[k];
+        }
+    }
     if (obj_type=='user'){
         query_params['user_id'] = obj_id;
         query_params['obj_type'] = 'user';
+    }
     else if (obj_type=='user_group'){
         query_params['user_group_id'] = obj_id;
         query_params['obj_type'] = 'user_group';
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', url, callback,
             toQueryString(query_params));
 };
 /* Multi selectors */
 var MultiSelectWidget = function(selected_id, available_id, form_id){
     //definition of containers ID's
     var selected_container = selected_id;
     var available_container = available_id;
     //temp container for selected storage.
     var cache = new Array();
     var av_cache = new Array();

rhodecode/templates/admin/repos/repo_edit_perms.html

➞

Show inline comments

@@ @@ -78,45 +78,26 @@ @@
     ## ADD HERE DYNAMICALLY NEW INPUTS FROM THE '_tmpl'
     <tr class="new_members last_new_member" id="add_perm_input"></tr>
     <tr>
         <td colspan="6">
             <span id="add_perm" class="add_icon" style="cursor: pointer;">
             ${_('Add another member')}
             </span>
         </td>
     </tr>
 </table>
 <script type="text/javascript">
 function ajaxActionRevoke(obj_id, obj_type, field_id) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     };
     if (obj_type=='user'){
         var sUrl = "${h.url('delete_repo_user',repo_name=c.repo_name)}";
         var postData = '_method=delete&user_id={0}&obj_type=user'.format(obj_id);
+    }
     else if (obj_type=='user_group'){
         var sUrl = "${h.url('delete_repo_users_group',repo_name=c.repo_name)}";
         var postData = '_method=delete&users_group_id={0}&obj_type=user_group'.format(obj_id);
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
     url = "${h.url('delete_repo_perm_member',repo_name=c.repo_name)}";
     ajaxActionRevokePermission(url, obj_id, obj_type, field_id);
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {
         YUD.setStyle('add_perm_input', 'display', 'none');
+    }
     YAHOO.util.Event.addListener('add_perm', 'click', function () {
         addPermAction(${_tmpl}, ${c.users_array|n}, ${c.users_groups_array|n});
     });
 });
 </script>

rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html

➞

Show inline comments

@@ @@ -81,45 +81,26 @@ @@
             </span>
         </td>
     </tr>
     <tr>
         <td colspan="6">
            ${h.checkbox('recursive',value="True", label=_('apply to children'))}
            <span class="help-block">${_('Set or revoke permission to all children of that group, including non-private repositories and other groups')}</span>
         </td>
     </tr>
 </table>
 <script type="text/javascript">
 function ajaxActionRevoke(obj_id, obj_type, field_id) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     };
     var recursive = YUD.get('recursive').checked;
     if (obj_type=='user'){
         var sUrl = "${h.url('delete_repos_group_user_perm',group_name=c.repos_group.group_name)}";
         var postData = '_method=delete&recursive={0}&user_id={1}&obj_type=user'.format(recursive,obj_id);
+    }
     else if (obj_type=='user_group'){
         var sUrl = "${h.url('delete_repos_group_users_group_perm',group_name=c.repos_group.group_name)}";
         var postData = '_method=delete&recursive={0}&users_group_id={0}&obj_type=user_group'.format(recursive,obj_id);
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
     url = "${h.url('delete_repo_group_perm_member', group_name=c.repos_group.group_name)}";
     ajaxActionRevokePermission(url, obj_id, obj_type, field_id, {recursive:YUD.get('recursive').checked});
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {
         YUD.setStyle('add_perm_input', 'display', 'none');
+    }
     YAHOO.util.Event.addListener('add_perm', 'click', function () {
         addPermAction(${_tmpl}, ${c.users_array|n}, ${c.users_groups_array|n});
     });
 });
 </script>

rhodecode/templates/admin/users_groups/user_group_edit_perms.html

➞

Show inline comments

@@ @@ -58,43 +58,26 @@ @@
     ## ADD HERE DYNAMICALLY NEW INPUTS FROM THE '_tmpl'
     <tr class="new_members last_new_member" id="add_perm_input"></tr>
     <tr>
         <td colspan="6">
             <span id="add_perm" class="add_icon" style="cursor: pointer;">
             ${_('Add another member')}
             </span>
         </td>
     </tr>
 </table>
 <script type="text/javascript">
 function ajaxActionRevoke(obj_id, obj_type, field_id) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     };
     var sUrl = "${h.url('delete_user_group_perm_member', id=c.users_group.users_group_id)}";
     if (obj_type=='user'){
         var postData = '_method=delete&user_id={0}&obj_type=user'.format(obj_id);
+    }
     else if (obj_type=='user_group'){
         var postData = '_method=delete&user_group_id={0}&obj_type=user_group'.format(obj_id);
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
     url = "${h.url('delete_user_group_perm_member', id=c.users_group.users_group_id)}";
     ajaxActionRevokePermission(url, obj_id, obj_type, field_id);
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {
         YUD.setStyle('add_perm_input', 'display', 'none');
+    }
     YAHOO.util.Event.addListener('add_perm', 'click', function () {
         addPermAction(${_tmpl}, ${c.users_array|n}, ${c.users_groups_array|n});
     });
 });
 </script>

0 comments (0 inline, 0 general)