kallithea Changeset - 25dbbdae3ed9

Changeset - 25dbbdae3ed9

Parent rev.

Child rev.

[Not reviewed]

beta

0 8 0

Marcin Kuzminski - 13 years ago 2013-04-08 23:49:08
marcin@python-works.com

consistent handling of grant/revoke of permissions widgets
- use 1 method for users and for users groups
- use common JS for ajax revoke
- cleanup code

8 files changed with 103 insertions and 150 deletions:

rhodecode/config/routing.py

rhodecode/controllers/admin/repos.py

rhodecode/controllers/admin/repos_groups.py

rhodecode/controllers/admin/users_groups.py

rhodecode/public/js/rhodecode.js

rhodecode/templates/admin/repos/repo_edit_perms.html

rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html

rhodecode/templates/admin/users_groups/user_group_edit_perms.html

0 comments (0 inline, 0 general)

rhodecode/config/routing.py

➞

Show inline comments

@@ @@ -122,19 +122,15 @@ def make_map(config): @@
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         #add repo perm member
         m.connect('set_repo_perm_member', "/set_repo_perm_member/{repo_name:.*?}",
         m.connect('set_repo_perm_member',
                   "/repos/{repo_name:.*?}/grant_perm",
              action="set_repo_perm_member",
              conditions=dict(method=["POST"], function=check_repo))
         #ajax delete repo perm user
         m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}",
              action="delete_perm_user",
              conditions=dict(method=["DELETE"], function=check_repo))
         #ajax delete repo perm users_group
         m.connect('delete_repo_users_group',
                   "/repos_delete_users_group/{repo_name:.*?}",
                   action="delete_perm_users_group",
         m.connect('delete_repo_perm_member',
                   "/repos/{repo_name:.*?}/revoke_perm",
                   action="delete_repo_perm_member",
                   conditions=dict(method=["DELETE"], function=check_repo))
         #settings actions
@@ @@ -184,6 +180,18 @@ def make_map(config): @@
         m.connect("update_repos_group", "/repos_groups/{group_name:.*?}",
                   action="update", conditions=dict(method=["PUT"],
                                                    function=check_group))
         #add repo group perm member
         m.connect('set_repo_group_perm_member',
                   "/repos_groups/{group_name:.*?}/grant_perm",
                   action="set_repo_group_perm_member",
                   conditions=dict(method=["POST"], function=check_group))
         #ajax delete repo group perm
         m.connect('delete_repo_group_perm_member',
                   "/repos_groups/{group_name:.*?}/revoke_perm",
                   action="delete_repo_group_perm_member",
                   conditions=dict(method=["DELETE"], function=check_group))
         m.connect("delete_repos_group", "/repos_groups/{group_name:.*?}",
                   action="delete", conditions=dict(method=["DELETE"],
                                                    function=check_group_skip_path))
@@ @@ -201,24 +209,6 @@ def make_map(config): @@
                   action="show", conditions=dict(method=["GET"],
                                                  function=check_group))
         #add repo perm member
         m.connect('set_repo_group_perm_member',
                   "/set_repo_group_perm_member/{group_name:.*?}",
              action="set_repo_group_perm_member",
              conditions=dict(method=["POST"], function=check_group))
         # ajax delete repository group perm user
         m.connect('delete_repos_group_user_perm',
                   "/delete_repos_group_user_perm/{group_name:.*?}",
              action="delete_repos_group_user_perm",
              conditions=dict(method=["DELETE"], function=check_group))
         # ajax delete repository group perm users_group
         m.connect('delete_repos_group_users_group_perm',
                   "/delete_repos_group_users_group_perm/{group_name:.*?}",
                   action="delete_repos_group_users_group_perm",
                   conditions=dict(method=["DELETE"], function=check_group))
     #ADMIN USER REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users') as m:

rhodecode/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -51,6 +51,7 @@ from rhodecode.model.repo import RepoMod @@
 from rhodecode.lib.compat import json
 from sqlalchemy.sql.expression import func
 from rhodecode.lib.exceptions import AttachedForksError
 from rhodecode.lib.utils2 import safe_int
 log = logging.getLogger(__name__)
@@ @@ -340,42 +341,33 @@ class ReposController(BaseRepoController @@
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasRepoPermissionAllDecorator('repository.admin')
-    def delete_perm_user(self, repo_name):
+    def delete_repo_perm_member(self, repo_name):
         """
         DELETE an existing repository permission user
         :param repo_name:
         """
         try:
             RepoModel().revoke_user_permission(repo=repo_name,
                                                user=request.POST['user_id'])
             obj_type = request.POST.get('obj_type')
             obj_id = None
             if obj_type == 'user':
                 obj_id = safe_int(request.POST.get('user_id'))
             elif obj_type == 'user_group':
                 obj_id = safe_int(request.POST.get('user_group_id'))
             if obj_type == 'user':
                 RepoModel().revoke_user_permission(repo=repo_name, user=obj_id)
             elif obj_type == 'user_group':
                 RepoModel().revoke_users_group_permission(
                     repo=repo_name, group_name=obj_id
+                )
             #TODO: implement this
             #action_logger(self.rhodecode_user, 'admin_revoked_repo_permissions',
             #              repo_name, self.ip_addr, self.sa)
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository user'),
                     category='error')
             raise HTTPInternalServerError()
     @HasRepoPermissionAllDecorator('repository.admin')
     def delete_perm_users_group(self, repo_name):
         """
         DELETE an existing repository permission user group
         :param repo_name:
         """
         try:
             RepoModel().revoke_users_group_permission(
                 repo=repo_name, group_name=request.POST['users_group_id']
+            )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository'
                       ' user groups'),
             h.flash(_('An error occurred during revoking of permission'),
                     category='error')
             raise HTTPInternalServerError()

rhodecode/controllers/admin/repos_groups.py

➞

Show inline comments

@@ @@ -294,49 +294,41 @@ class ReposGroupsController(BaseControll @@
         return redirect(url('edit_repos_group', group_name=group_name))
     @HasReposGroupPermissionAnyDecorator('group.admin')
-    def delete_repos_group_user_perm(self, group_name):
+    def delete_repo_group_perm_member(self, group_name):
         """
         DELETE an existing repository group permission user
         :param group_name:
         """
         try:
             obj_type = request.POST.get('obj_type')
             obj_id = None
             if obj_type == 'user':
                 obj_id = safe_int(request.POST.get('user_id'))
             elif obj_type == 'user_group':
                 obj_id = safe_int(request.POST.get('user_group_id'))
             if not c.rhodecode_user.is_admin:
-                if c.rhodecode_user.user_id == safe_int(request.POST['user_id']):
+                if obj_type == 'user' and c.rhodecode_user.user_id == obj_id:
                     msg = _('Cannot revoke permission for yourself as admin')
                     h.flash(msg, category='warning')
                     raise Exception('revoke admin permission on self')
             recursive = str2bool(request.POST.get('recursive', False))
             if obj_type == 'user':
             ReposGroupModel().delete_permission(
-                repos_group=group_name, obj=request.POST['user_id'],
+                    repos_group=group_name, obj=obj_id,
                 obj_type='user', recursive=recursive
+            )
             elif obj_type == 'user_group':
                 ReposGroupModel().delete_permission(
                     repos_group=group_name, obj=obj_id,
                     obj_type='users_group', recursive=recursive
+                )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of group user'),
                     category='error')
             raise HTTPInternalServerError()
     @HasReposGroupPermissionAnyDecorator('group.admin')
     def delete_repos_group_users_group_perm(self, group_name):
         """
         DELETE an existing repository group permission user group
         :param group_name:
         """
         try:
             recursive = str2bool(request.POST.get('recursive', False))
             ReposGroupModel().delete_permission(
                 repos_group=group_name, obj=request.POST['users_group_id'],
                 obj_type='users_group', recursive=recursive
+            )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of group'
                       ' user groups'),
             h.flash(_('An error occurred during revoking of permission'),
                     category='error')
             raise HTTPInternalServerError()

rhodecode/controllers/admin/users_groups.py

➞

Show inline comments

@@ @@ -295,7 +295,7 @@ class UsersGroupsController(BaseControll @@
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
-            h.flash(_('An error occurred during deletion of group user'),
+            h.flash(_('An error occurred during revoking of permission'),
                     category='error')
             raise HTTPInternalServerError()

rhodecode/public/js/rhodecode.js

➞

Show inline comments

@@ @@ -368,6 +368,20 @@ var _run_callbacks = function(callbacks) @@
+}
 /**
  * turns objects into GET query string
  */
 var toQueryString = function(o) {
     if(typeof o !== 'object') {
         return false;
+    }
     var _p, _qs = [];
     for(_p in o) {
         _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p]));
+    }
     return _qs.join('&');
 };
 /**
  * Partial Ajax Implementation
+ *
  * @param url: defines url to make partial request
@@ @@ -441,17 +455,6 @@ var ajaxPOST = function(url,postData,suc @@
     // Set special header for ajax == HTTP_X_PARTIAL_XHR
     YUC.initHeader('X-PARTIAL-XHR',true);
     var toQueryString = function(o) {
         if(typeof o !== 'object') {
             return false;
+        }
         var _p, _qs = [];
         for(_p in o) {
             _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p]));
+        }
         return _qs.join('&');
     };
     var sUrl = url;
     var callback = {
         success: success,
@@ @@ -2035,7 +2038,38 @@ var addPermAction = function(_html, user @@
        YUD.insertAfter(el, last_node);
+    }
+}
 function ajaxActionRevokePermission(url, obj_id, obj_type, field_id, extra_data) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     };
     query_params = {
         '_method': 'delete'
+    }
     // put extra data into POST
     if (extra_data !== undefined && (typeof extra_data === 'object')){
         for(k in extra_data){
             query_params[k] = extra_data[k];
+        }
+    }
     if (obj_type=='user'){
         query_params['user_id'] = obj_id;
         query_params['obj_type'] = 'user';
+    }
     else if (obj_type=='user_group'){
         query_params['user_group_id'] = obj_id;
         query_params['obj_type'] = 'user_group';
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', url, callback,
             toQueryString(query_params));
 };
 /* Multi selectors */
 var MultiSelectWidget = function(selected_id, available_id, form_id){

rhodecode/templates/admin/repos/repo_edit_perms.html

➞

Show inline comments

@@ @@ -87,28 +87,9 @@ @@
 </table>
 <script type="text/javascript">
 function ajaxActionRevoke(obj_id, obj_type, field_id) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     url = "${h.url('delete_repo_perm_member',repo_name=c.repo_name)}";
     ajaxActionRevokePermission(url, obj_id, obj_type, field_id);
     };
     if (obj_type=='user'){
         var sUrl = "${h.url('delete_repo_user',repo_name=c.repo_name)}";
         var postData = '_method=delete&user_id={0}&obj_type=user'.format(obj_id);
+    }
     else if (obj_type=='user_group'){
         var sUrl = "${h.url('delete_repo_users_group',repo_name=c.repo_name)}";
         var postData = '_method=delete&users_group_id={0}&obj_type=user_group'.format(obj_id);
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {

rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html

➞

Show inline comments

@@ @@ -90,28 +90,9 @@ @@
 </table>
 <script type="text/javascript">
 function ajaxActionRevoke(obj_id, obj_type, field_id) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     url = "${h.url('delete_repo_group_perm_member', group_name=c.repos_group.group_name)}";
     ajaxActionRevokePermission(url, obj_id, obj_type, field_id, {recursive:YUD.get('recursive').checked});
     };
     var recursive = YUD.get('recursive').checked;
     if (obj_type=='user'){
         var sUrl = "${h.url('delete_repos_group_user_perm',group_name=c.repos_group.group_name)}";
         var postData = '_method=delete&recursive={0}&user_id={1}&obj_type=user'.format(recursive,obj_id);
+    }
     else if (obj_type=='user_group'){
         var sUrl = "${h.url('delete_repos_group_users_group_perm',group_name=c.repos_group.group_name)}";
         var postData = '_method=delete&recursive={0}&users_group_id={0}&obj_type=user_group'.format(recursive,obj_id);
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {

rhodecode/templates/admin/users_groups/user_group_edit_perms.html

➞

Show inline comments

@@ @@ -67,26 +67,9 @@ @@
 </table>
 <script type="text/javascript">
 function ajaxActionRevoke(obj_id, obj_type, field_id) {
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert(_TM['Failed to remoke permission'] + ": " + o.status);
         },
     url = "${h.url('delete_user_group_perm_member', id=c.users_group.users_group_id)}";
     ajaxActionRevokePermission(url, obj_id, obj_type, field_id);
     };
     var sUrl = "${h.url('delete_user_group_perm_member', id=c.users_group.users_group_id)}";
     if (obj_type=='user'){
         var postData = '_method=delete&user_id={0}&obj_type=user'.format(obj_id);
+    }
     else if (obj_type=='user_group'){
         var postData = '_method=delete&user_group_id={0}&obj_type=user_group'.format(obj_id);
+    }
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {

0 comments (0 inline, 0 general)