kallithea Changeset - 39798d53c65d

Changeset - 39798d53c65d

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Marcin Kuzminski - 12 years ago 2013-06-11 14:40:00
marcin@python-works.com

When using apply to children flag in repo group permission
change prompt, RhodeCode only applied this to user groups if
repository was private. Only thing that shouldn't be allowed is
to change the DEFAULT user permission when repository is private.

1 file changed with 5 insertions and 2 deletions:

rhodecode/model/repos_group.py

0 comments (0 inline, 0 general)

rhodecode/model/repos_group.py

➞

Show inline comments

@@ @@ -164,71 +164,74 @@ class ReposGroupModel(BaseModel): @@
                 self.__create_group(new_repos_group.group_name)
             return new_repos_group
         except Exception:
             log.error(traceback.format_exc())
             raise
     def _update_permissions(self, repos_group, perms_new=None,
                             perms_updates=None, recursive=False,
                             check_perms=True):
         from rhodecode.model.repo import RepoModel
         from rhodecode.lib.auth import HasUserGroupPermissionAny
         if not perms_new:
             perms_new = []
         if not perms_updates:
             perms_updates = []
         def _set_perm_user(obj, user, perm):
             if isinstance(obj, RepoGroup):
                 self.grant_user_permission(
                     repos_group=obj, user=user, perm=perm
+                )
             elif isinstance(obj, Repository):
                 #we do this ONLY IF repository is non-private
                 if obj.private:
                 # private repos will not allow to change the default permissions
                 # using recursive mode
                 if obj.private and user == User.DEFAULT_USER:
                     return
                 # we set group permission but we have to switch to repo
                 # permission
                 perm = perm.replace('group.', 'repository.')
                 RepoModel().grant_user_permission(
                     repo=obj, user=user, perm=perm
+                )
         def _set_perm_group(obj, users_group, perm):
             if isinstance(obj, RepoGroup):
                 self.grant_users_group_permission(
                     repos_group=obj, group_name=users_group, perm=perm
+                )
             elif isinstance(obj, Repository):
                 # we set group permission but we have to switch to repo
                 # permission
                 perm = perm.replace('group.', 'repository.')
                 RepoModel().grant_users_group_permission(
                     repo=obj, group_name=users_group, perm=perm
+                )
         # start updates
         updates = []
         log.debug('Now updating permissions for %s in recursive mode:%s'
                   % (repos_group, recursive))
         for obj in repos_group.recursive_groups_and_repos():
             #obj is an instance of a group or repositories in that group
             if not recursive:
                 obj = repos_group
             # update permissions
             for member, perm, member_type in perms_updates:
                 ## set for user
                 if member_type == 'user':
                     # this updates also current one if found
                     _set_perm_user(obj, user=member, perm=perm)
                 ## set for user group
                 else:
                     #check if we have permissions to alter this usergroup
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     if not check_perms or HasUserGroupPermissionAny(*req_perms)(member):
                         _set_perm_group(obj, users_group=member, perm=perm)
             # set new permissions
             for member, perm, member_type in perms_new:
                 if member_type == 'user':

0 comments (0 inline, 0 general)