kallithea Changeset - 3ed2d46a2ca7

Changeset - 3ed2d46a2ca7

Parent rev.

Child rev.

[Not reviewed]

default

0 17 1

Marcin Kuzminski - 15 years ago 2010-08-21 16:34:37
marcin@python-works.com

permission refactoring,
Implemented views for default permissions,
fixes #23 user registration is controlled by permission system.
Implemented manual registration option
websetup fills default permissions

18 files changed with 282 insertions and 47 deletions:

pylons_app/controllers/admin/permissions.py

pylons_app/controllers/admin/repos.py

pylons_app/controllers/admin/settings.py

pylons_app/controllers/admin/users.py

pylons_app/controllers/login.py

pylons_app/lib/auth.py

pylons_app/lib/db_manage.py

pylons_app/model/db.py

pylons_app/model/forms.py

pylons_app/model/permission_model.py

pylons_app/model/repo_model.py

pylons_app/model/user_model.py

pylons_app/templates/admin/permissions/permissions.html

pylons_app/templates/base/base.html

pylons_app/templates/index.html

pylons_app/templates/login.html

pylons_app/templates/register.html

pylons_app/websetup.py

0 comments (0 inline, 0 general)

pylons_app/controllers/admin/permissions.py

➞

Show inline comments

 #!/usr/bin/env python
 # encoding: utf-8
 # permissions controller for pylons
 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
+#
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; version 2
 # of the License or (at your opinion) any later version of the license.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
 """
 Created on April 27, 2010
 permissions controller for pylons
 @author: marcink
 """
 from formencode import htmlfill
 from pylons import request, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from pylons_app.lib import helpers as h
 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model.db import User, UserLog
 from pylons_app.model.forms import UserForm
 from pylons_app.model.forms import UserForm, DefaultPermissionsForm
 from pylons_app.model.permission_model import PermissionModel
 from pylons_app.model.user_model import UserModel
 import formencode
 import logging
 import traceback
 log = logging.getLogger(__name__)
 class PermissionsController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('permission', 'permissions')
     @LoginRequired()
-    #@HasPermissionAllDecorator('hg.admin')
     @HasPermissionAllDecorator('hg.admin')
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(PermissionsController, self).__before__()
         self.perms_choices = [('repository.none', _('None'),),
                               ('repository.read', _('Read'),),
                               ('repository.write', _('Write'),),
                               ('repository.admin', _('Admin'),)]
         self.register_choices = [
             ('hg.register.none', 'disabled'),
             ('hg.register.manual_activate',
                             _('allowed with manual account activation')),
             ('hg.register.auto_activate',
                             _('allowed with automatic account activation')), ]
         self.create_choices = [('hg.create.none', _('Disabled')),
                                ('hg.create.repository', _('Enabled'))]
     def index(self, format='html'):
         """GET /permissions: All items in the collection"""
         # url('permissions')
         return render('admin/permissions/permissions.html')
     def create(self):
         """POST /permissions: Create a new item"""
         # url('permissions')
     def new(self, format='html'):
         """GET /permissions/new: Form to create a new item"""
         # url('new_permission')
     def update(self, id):
         """PUT /permissions/id: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('permission', id=ID),
         #           method='put')
         # url('permission', id=ID)
         permission_model = PermissionModel()
         _form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
                                        [x[0] for x in self.register_choices],
                                        [x[0] for x in self.create_choices])()
         try:
             form_result = _form.to_python(dict(request.POST))
             permission_model.update(form_result)
             h.flash(_('Default permissions updated succesfully'),
                     category='success')
         except formencode.Invalid as errors:
             c.perms_choices = self.perms_choices
             c.register_choices = self.register_choices
             c.create_choices = self.create_choices
             return htmlfill.render(
                 render('admin/permissions/permissions.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occured during update of permissions'),
                     category='error')
         return redirect(url('edit_permission', id=id))
     def delete(self, id):
         """DELETE /permissions/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('permission', id=ID),
         #           method='delete')
         # url('permission', id=ID)
     def show(self, id, format='html'):
         """GET /permissions/id: Show a specific item"""
         # url('permission', id=ID)
     def edit(self, id, format='html'):
         """GET /permissions/id/edit: Form to edit an existing item"""
         # url('edit_permission', id=ID)
         #url('edit_permission', id=ID)
         c.perms_choices = self.perms_choices
         c.register_choices = self.register_choices
         c.create_choices = self.create_choices
         if id == 'default':
             defaults = {'_method':'put'}
             for p in UserModel().get_default().user_perms:
                 if p.permission.permission_name.startswith('repository.'):
                     defaults['default_perm'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.register.'):
                     defaults['default_register'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.create.'):
                     defaults['default_create'] = p.permission.permission_name
             return htmlfill.render(
                         render('admin/permissions/permissions.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=True,)
         else:
             return redirect(url('admin_home'))

pylons_app/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -41,39 +41,39 @@ import formencode @@
 import logging
 import traceback
 log = logging.getLogger(__name__)
 class ReposController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('repo', 'repos')
     @LoginRequired()
-    @HasPermissionAnyDecorator('hg.admin', 'repository.create')
+    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(ReposController, self).__before__()
     @HasPermissionAllDecorator('hg.admin')
     def index(self, format='html'):
         """GET /repos: All items in the collection"""
         # url('repos')
         cached_repo_list = HgModel().get_repos()
         c.repos_list = sorted(cached_repo_list, key=itemgetter('name_sort'))
         return render('admin/repos/repos.html')
-    @HasPermissionAnyDecorator('hg.admin', 'repository.create')
+    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def create(self):
         """POST /repos: Create a new item"""
         # url('repos')
         repo_model = RepoModel()
         _form = RepoForm()()
         form_result = {}
         try:
             form_result = _form.to_python(dict(request.POST))
             repo_model.create(form_result, c.hg_app_user)
             invalidate_cache('cached_repo_list')
             h.flash(_('created repository %s') % form_result['repo_name'],
                     category='success')

pylons_app/controllers/admin/settings.py

➞

Show inline comments

@@ @@ -262,20 +262,20 @@ class SettingsController(BaseController) @@
                 render('admin/users/user_edit_my_account.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occured during update of user %s') \
                     % form_result.get('username'), category='error')
         return redirect(url('my_account'))
-    @HasPermissionAnyDecorator('repository.create', 'hg.admin')
+    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def create_repository(self):
         """GET /_admin/create_repository: Form to create a new item"""
         new_repo = request.GET.get('repo', '')
         c.new_repo = h.repo_name_slug(new_repo)
         return render('admin/repos/repo_add_create_repository.html')

pylons_app/controllers/admin/users.py

➞

Show inline comments

@@ @@ -28,25 +28,24 @@ from pylons import request, session, tmp @@
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from pylons_app.lib import helpers as h
 from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model.db import User, UserLog
 from pylons_app.model.forms import UserForm
 from pylons_app.model.user_model import UserModel, DefaultUserException
 import formencode
 import logging
 import traceback
 log = logging.getLogger(__name__)
 class UsersController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('user', 'users')
     @LoginRequired()
     @HasPermissionAllDecorator('hg.admin')
     def __before__(self):
         c.admin_user = session.get('admin_user')

pylons_app/controllers/login.py

➞

Show inline comments

@@ @@ -8,38 +8,39 @@ @@
 # as published by the Free Software Foundation; version 2
 # of the License or (at your opinion) any later version of the license.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
 """
 Created on April 22, 2010
 login controller for pylons
 @author: marcink
 """
 from formencode import htmlfill
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons_app.lib.auth import AuthUser
+from pylons_app.lib.auth import AuthUser, HasPermissionAnyDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model.forms import LoginForm, RegisterForm
 from pylons_app.model.user_model import UserModel
 import formencode
 import logging
 """
 Created on April 22, 2010
 login controller for pylons
 @author: marcink
 """
 log = logging.getLogger(__name__)
 class LoginController(BaseController):
     def __before__(self):
         super(LoginController, self).__before__()
     def index(self):
         #redirect if already logged in
         if c.hg_app_user.is_authenticated:
             return redirect(url('hg_home'))
@@ @@ -52,31 +53,39 @@ class LoginController(BaseController): @@
                 return redirect(url('hg_home'))
             except formencode.Invalid as errors:
                 return htmlfill.render(
                     render('/login.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
         return render('/login.html')
+    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')
     def register(self):
         user_model = UserModel()
         c.auto_active = False
         for perm in user_model.get_default().user_perms:
             if perm.permission.permission_name == 'hg.register.auto_activate':
                 c.auto_active = False
                 break
         if request.POST:
-            user_model = UserModel()
             register_form = RegisterForm()()
             try:
                 form_result = register_form.to_python(dict(request.POST))
                 form_result['active'] = c.auto_active
                 user_model.create_registration(form_result)
                 return redirect(url('login_home'))
             except formencode.Invalid as errors:
                 return htmlfill.render(
                     render('/register.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
         return render('/register.html')

pylons_app/lib/auth.py

➞

Show inline comments

@@ @@ -18,25 +18,26 @@ @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
 """
 Created on April 4, 2010
 @author: marcink
 """
 from beaker.cache import cache_region
 from pylons import config, session, url, request
 from pylons.controllers.util import abort, redirect
 from pylons_app.lib.utils import get_repo_slug
 from pylons_app.model import meta
 from pylons_app.model.db import User, RepoToPerm, Repository, Permission
 from pylons_app.model.db import User, RepoToPerm, Repository, Permission, \
     UserToPerm
 from sqlalchemy.exc import OperationalError
 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
 import bcrypt
 from decorator import decorator
 import logging
 log = logging.getLogger(__name__)
 def get_crypt_password(password):
     """Cryptographic function used for password hashing based on sha1
     @param password: password to hash
     """
@@ @@ -126,64 +127,81 @@ def fill_data(user): @@
     return user
 def fill_perms(user):
     """
     Fills user permission attribute with permissions taken from database
     @param user:
     """
     sa = meta.Session
     user.permissions['repositories'] = {}
     user.permissions['global'] = set()
     #first fetch default permissions
     default_perms = sa.query(RepoToPerm, Repository, Permission)\
     #===========================================================================
     # fetch default permissions
     #===========================================================================
     default_perms = sa.query(RepoToPerm, UserToPerm, Repository, Permission)\
         .outerjoin((UserToPerm, RepoToPerm.user_id == UserToPerm.user_id))\
         .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
         .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\
         .filter(RepoToPerm.user_id == sa.query(User).filter(User.username ==
                                             'default').one().user_id).all()
     if user.is_admin:
         #=======================================================================
         # #admin have all rights set to admin
         #=======================================================================
         user.permissions['global'].add('hg.admin')
-        #admin have all rights set to admin
         for perm in default_perms:
             p = 'repository.admin'
             user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
     else:
         user.permissions['global'].add('repository.create')
         user.permissions['global'].add('hg.register')
         #=======================================================================
         # set default permissions
         #=======================================================================
         #default global
         for perm in default_perms:
             user.permissions['global'].add(perm.UserToPerm.permission.permission_name)
 #        user.permissions['global'].add('hg.create.repository')
 #        user.permissions['global'].add('hg.register')
         #default repositories
         for perm in default_perms:
             if perm.Repository.private and not perm.Repository.user_id == user.user_id:
                 #disable defaults for private repos,
                 p = 'repository.none'
             elif perm.Repository.user_id == user.user_id:
                 #set admin if owner
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
         user_perms = sa.query(RepoToPerm, Permission, Repository)\
         #=======================================================================
         # #overwrite default with user permissions if any
         #=======================================================================
         user_perms = sa.query(RepoToPerm, UserToPerm, Permission, Repository)\
             .outerjoin((UserToPerm, RepoToPerm.user_id == UserToPerm.user_id))\
             .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
             .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\
             .filter(RepoToPerm.user_id == user.user_id).all()
-        #overwrite userpermissions with defaults
         for perm in user_perms:
             #set write if owner
             if perm.Repository.user_id == user.user_id:
                 p = 'repository.write'
             if perm.Repository.user_id == user.user_id:#set admin if owner
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
     meta.Session.remove()
     return user
 def get_user(session):
     """
     Gets user from session, and wraps permissions into user
     @param session:
     """
     user = session.get('hg_app_user', AuthUser())

pylons_app/lib/db_manage.py

➞

Show inline comments

@@ @@ -25,25 +25,26 @@ database managment and creation for hg a @@
 """
 from os.path import dirname as dn, join as jn
 import os
 import sys
 import uuid
 ROOT = dn(dn(dn(os.path.realpath(__file__))))
 sys.path.append(ROOT)
 from pylons_app.lib.auth import get_crypt_password
 from pylons_app.lib.utils import ask_ok
 from pylons_app.model import init_model
 from pylons_app.model.db import User, Permission, HgAppUi, HgAppSettings
 from pylons_app.model.db import User, Permission, HgAppUi, HgAppSettings, \
     UserToPerm
 from pylons_app.model import meta
 from sqlalchemy.engine import create_engine
 import logging
 log = logging.getLogger(__name__)
 class DbManage(object):
     def __init__(self, log_sql):
         self.dbname = 'hg_app.db'
         dburi = 'sqlite:////%s' % jn(ROOT, self.dbname)
         engine = create_engine(dburi, echo=log_sql)
         init_model(engine)
@@ @@ -180,26 +181,64 @@ class DbManage(object): @@
             self.sa.commit()
         except:
             self.sa.rollback()
             raise
     def create_permissions(self):
         #module.(access|create|change|delete)_[name]
         #module.(read|write|owner)
         perms = [('repository.none', 'Repository no access'),
                  ('repository.read', 'Repository read access'),
                  ('repository.write', 'Repository write access'),
                  ('repository.admin', 'Repository admin access'),
                  ('repository.create', 'Repository create'),
                  ('hg.admin', 'Hg Administrator'),
                  ('hg.create.repository', 'Repository create'),
                  ('hg.create.none', 'Repository creation disabled'),
                  ('hg.register.none', 'Register disabled'),
                  ('hg.register.manual_activate', 'Register new user with hg-app without manual activation'),
                  ('hg.register.auto_activate', 'Register new user with hg-app without auto activation'),
+                ]
         for p in perms:
             new_perm = Permission()
             new_perm.permission_name = p[0]
             new_perm.permission_longname = p[1]
             try:
                 self.sa.add(new_perm)
                 self.sa.commit()
             except:
                 self.sa.rollback()
                 raise
     def populate_default_permissions(self):
         log.info('creating default user permissions')
         default_user = self.sa.query(User)\
         .filter(User.username == 'default').scalar()
         reg_perm = UserToPerm()
         reg_perm.user = default_user
         reg_perm.permission = self.sa.query(Permission)\
         .filter(Permission.permission_name == 'hg.register.manual_activate')\
         .scalar()
         create_repo_perm = UserToPerm()
         create_repo_perm.user = default_user
         create_repo_perm.permission = self.sa.query(Permission)\
         .filter(Permission.permission_name == 'hg.create.repository')\
         .scalar()
         default_repo_perm = UserToPerm()
         default_repo_perm.user = default_user
         default_repo_perm.permission = self.sa.query(Permission)\
         .filter(Permission.permission_name == 'repository.read')\
         .scalar()
         try:
             self.sa.add(reg_perm)
             self.sa.add(create_repo_perm)
             self.sa.add(default_repo_perm)
             self.sa.commit()
         except:
             self.sa.rollback()
             raise

pylons_app/model/db.py

➞

Show inline comments

@@ @@ -25,31 +25,32 @@ class User(Base): @@
     __table_args__ = {'useexisting':True}
     user_id = Column("user_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)
     username = Column("username", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     password = Column("password", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     active = Column("active", BOOLEAN(), nullable=True, unique=None, default=None)
     admin = Column("admin", BOOLEAN(), nullable=True, unique=None, default=False)
     name = Column("name", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     lastname = Column("lastname", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     email = Column("email", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     last_login = Column("last_login", DATETIME(timezone=False), nullable=True, unique=None, default=None)
     user_log = relation('UserLog')
     user_perms = relation('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id")
     @LazyProperty
     def full_contact(self):
         return '%s %s <%s>' % (self.name, self.lastname, self.email)
     def __repr__(self):
         return "<User('%s:%s')>" % (self.user_id, self.username)
+        return "<User('id:%s:%s')>" % (self.user_id, self.username)
 class UserLog(Base):
     __tablename__ = 'user_logs'
     __table_args__ = {'useexisting':True}
     user_log_id = Column("user_log_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=None, default=None)
     user_ip = Column("user_ip", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     repository = Column("repository", TEXT(length=None, convert_unicode=False, assert_unicode=None), ForeignKey(u'repositories.repo_name'), nullable=False, unique=None, default=None)
     action = Column("action", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     action_date = Column("action_date", DATETIME(timezone=False), nullable=True, unique=None, default=None)
     user = relation('User')
@@ @@ -57,24 +58,27 @@ class UserLog(Base): @@
 class Repository(Base):
     __tablename__ = 'repositories'
     __table_args__ = (UniqueConstraint('repo_name'), {'useexisting':True},)
     repo_id = Column("repo_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)
     repo_name = Column("repo_name", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=False, default=None)
     private = Column("private", BOOLEAN(), nullable=True, unique=None, default=None)
     description = Column("description", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     user = relation('User')
     repo_to_perm = relation('RepoToPerm', cascade='all')
     def __repr__(self):
         return "<Repository('id:%s:%s')>" % (self.repo_id, self.repo_name)
 class Permission(Base):
     __tablename__ = 'permissions'
     __table_args__ = {'useexisting':True}
     permission_id = Column("permission_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)
     permission_name = Column("permission_name", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     permission_longname = Column("permission_longname", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     def __repr__(self):
         return "<Permission('%s:%s')>" % (self.permission_id, self.permission_name)
 class RepoToPerm(Base):
     __tablename__ = 'repo_to_perm'

pylons_app/model/forms.py

➞

Show inline comments

@@ @@ -319,12 +319,21 @@ def ApplicationSettingsForm(): @@
 def ApplicationUiSettingsForm():
     class _ApplicationUiSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         web_push_ssl = OneOf(['true', 'false'], if_missing='false')
         paths_root_path = All(ValidPath(), UnicodeString(strip=True, min=3, not_empty=True))
         hooks_changegroup_update = OneOf(['True', 'False'], if_missing=False)
         hooks_changegroup_repo_size = OneOf(['True', 'False'], if_missing=False)
     return _ApplicationUiSettingsForm
 def DefaultPermissionsForm(perms_choices, register_choices, create_choices):
     class _DefaultPermissionsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         default_perm = OneOf(perms_choices)
         default_register = OneOf(register_choices)
         default_create = OneOf(create_choices)
     return _DefaultPermissionsForm

pylons_app/model/permission_model.py

➞

Show inline comments

@@ new file 100644 @@
 #!/usr/bin/env python
 # encoding: utf-8
 # Model for permissions
 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; version 2
 # of the License or (at your opinion) any later version of the license.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
 """
 Created on Aug 20, 2010
 Model for permissions
 @author: marcink
 """
 from pylons.i18n.translation import _
 from pylons_app.model.db import User, Permission
 from pylons_app.model.meta import Session
 import logging
 log = logging.getLogger(__name__)
 class PermissionModel(object):
     def __init__(self):
         self.sa = Session()
     def get_default(self):
         return self.sa.query(User).filter(User.username == 'default').scalar()
     def get_permission(self, id):
         return self.sa.query(Permission).get(id)
     def get_permission_by_name(self, name):
         return self.sa.query(Permission)\
         .filter(Permission.permission_name == name).scalar()
     def update(self, form_result):
         print form_result
         pass

pylons_app/model/repo_model.py

➞

Show inline comments

@@ @@ -17,24 +17,25 @@ @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
 """
 Created on Jun 5, 2010
 model for handling repositories actions
 @author: marcink
 """
 from datetime import datetime
 from pylons import app_globals as g
 from pylons_app.lib.utils import check_repo
 from pylons_app.model.db import Repository, RepoToPerm, User, Permission
 from pylons_app.model.meta import Session
 from pylons_app.model.user_model import UserModel
 import logging
 import os
 import shutil
 import traceback
 log = logging.getLogger(__name__)
 class RepoModel(object):
     def __init__(self):
         self.sa = Session()
     def get(self, id):
@@ @@ -102,26 +103,32 @@ class RepoModel(object): @@
     def create(self, form_data, cur_user, just_db=False):
         try:
             repo_name = form_data['repo_name']
             new_repo = Repository()
             for k, v in form_data.items():
                 setattr(new_repo, k, v)
             new_repo.user_id = cur_user.user_id
             self.sa.add(new_repo)
             #create default permission
             repo_to_perm = RepoToPerm()
             default_perm = 'repository.none' if form_data['private'] \
                                                         else 'repository.read'
             default = 'repository.read'
             for p in UserModel().get_default().user_perms:
                 if p.permission.permission_name.startswith('repository.'):
                     default = p.permission.permission_name
                     break
             default_perm = 'repository.none' if form_data['private'] else default
             repo_to_perm.permission_id = self.sa.query(Permission)\
                     .filter(Permission.permission_name == default_perm)\
                     .one().permission_id
             repo_to_perm.repository_id = new_repo.repo_id
             repo_to_perm.user_id = self.sa.query(User)\
                     .filter(User.username == 'default').one().user_id
             self.sa.add(repo_to_perm)
             self.sa.commit()
             if not just_db:
                 self.__create_repo(repo_name)

pylons_app/model/user_model.py

➞

Show inline comments

@@ @@ -28,47 +28,49 @@ from pylons_app.model.db import User @@
 from pylons_app.model.meta import Session
 from pylons.i18n.translation import _
 import logging
 log = logging.getLogger(__name__)
 class DefaultUserException(Exception):pass
 class UserModel(object):
     def __init__(self):
         self.sa = Session()
     def get_default(self):
         return self.sa.query(User).filter(User.username == 'default').scalar()
     def get_user(self, id):
         return self.sa.query(User).get(id)
     def create(self, form_data):
         try:
             new_user = User()
             for k, v in form_data.items():
                 setattr(new_user, k, v)
             self.sa.add(new_user)
             self.sa.commit()
         except Exception as e:
             log.error(e)
             self.sa.rollback()
             raise
     def create_registration(self, form_data):
         try:
             new_user = User()
             for k, v in form_data.items():
-                if k != 'admin' or k != 'active':
                 if k != 'admin':
                     setattr(new_user, k, v)
                 setattr(new_user, 'active', True)
             self.sa.add(new_user)
             self.sa.commit()
         except Exception as e:
             log.error(e)
             self.sa.rollback()
             raise
     def update(self, uid, form_data):
         try:
             new_user = self.sa.query(User).get(uid)
             if new_user.username == 'default':

pylons_app/templates/admin/permissions/permissions.html

➞

Show inline comments

@@ @@ -12,34 +12,51 @@ @@
 </%def>
 <%def name="page_nav()">
 	${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
     </div>
     <h3>${_('Repositories permissions')}</h3>
     ${h.form(url('permission', id='default_perm'),method='put')}
     <h3>${_('Default permissions')}</h3>
     ${h.form(url('permission', id='default'),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
 			<div class="field">
 				<div class="label">
-					<label for="default_perm">${_('default repository permission')}:</label>
+					<label for="default_perm">${_('Default repository permission')}:</label>
 				</div>
 				<div class="select">
 					${h.select('default_perm','repository.read',['repository.none','repository.read','repository.write','repository.admin'])}
 					${h.select('default_perm','',c.perms_choices)}
 				</div>
 			</div>
 			<div class="field">
 		        <div class="label">
 		            <label for="default_register">${_('Registration')}:</label>
 		        </div>
 				<div class="select">
 					${h.select('default_register','',c.register_choices)}
 				</div>
 			</div>
 			</div>
              <div class="field">
                 <div class="label">
                     <label for="default_create">${_('Allow repository creation')}:</label>
                 </div>
 				<div class="select">
 					${h.select('default_create','',c.create_choices)}
 				</div>
              </div>
 	        <div class="buttons">
 	        ${h.submit('set','set',class_="ui-button ui-widget ui-state-default ui-corner-all")}
 	        </div>
+	        </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>

pylons_app/templates/base/base.html

➞

Show inline comments

@@ @@ -210,25 +210,25 @@ @@
 				%if h.HasPermissionAll('hg.admin')('access admin main page'):
                 <li ${is_current('admin')}>
                    <a title="${_('Admin')}" href="${h.url('admin_home')}">
                    <span class="icon">
                        <img src="/images/icons/cog_edit.png" alt="${_('Admin')}" />
                    </span>
                    <span>${_('Admin')}</span>
                    </a>
 				    <ul>
 				        <li>${h.link_to(_('repositories'),h.url('repos'),class_='repos')}</li>
 				        <li>${h.link_to(_('users'),h.url('users'),class_='users')}</li>
-				        <li>${h.link_to(_('permissions'),h.url('permissions'),class_='permissions')}</li>
+				        <li>${h.link_to(_('permissions'),h.url('edit_permission',id='default'),class_='permissions')}</li>
 				        <li>${h.link_to(_('settings'),h.url('admin_settings'),class_='settings')}</li>
 				    </ul>
                 </li>
 				%endif
 			</ul>
 		%endif
 </%def>
 <%def name="css()">
 <link rel="stylesheet" type="text/css" href="/css/reset.css" />

pylons_app/templates/index.html

➞

Show inline comments

@@ @@ -18,25 +18,25 @@ @@
 			<span style="font-weight: bold">${name}</span>
 		%endif
 		<a href="?sort=${name_slug}">&darr;</a>
 		<a href="?sort=-${name_slug}">&uarr;</a>
 	</%def>
     <div class="box">
 	    <!-- box / title -->
 	    <div class="title">
 	        <h5>${_('Dashboard')}</h5>
-	        %if h.HasPermissionAny('repository.create','hg.admin')():
+	        %if h.HasPermissionAny('hg.admin','hg.create.repository')():
 	        <ul class="links">
 	          <li>
 	            <span>${h.link_to(u'ADD NEW REPOSITORY',h.url('admin_settings_create_repository'),class_="add_icon")}</span>
 	          </li>
 	        </ul>
 	        %endif
 	    </div>
 	    <!-- end box / title -->
         <div class="table">
                     <table>
             <thead>
 	            <tr>

pylons_app/templates/login.html

➞

Show inline comments

@@ @@ -52,25 +52,27 @@ @@
                         ##        <input type="checkbox" id="remember" name="remember" />
                         ##        <label for="remember">Remember me</label>
                         ##    </div>
                         ##</div>
                         <div class="buttons">
                             ${h.submit('sign_in','Sign In',class_="ui-button ui-widget ui-state-default ui-corner-all")}
                         </div>
                     </div>
                     <!-- end fields -->
                     <!-- links -->
                     <div class="links">
                         ${h.link_to(_('Forgot your password ?'),h.url('#'))}
+                         /
                         ${h.link_to(_("Don't have an account ?"),h.url('register'))}
                         %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():
+	                         /
 	                        ${h.link_to(_("Don't have an account ?"),h.url('register'))}
                         %endif
                     </div>
                     <!-- end links -->
                 </div>
                 ${h.end_form()}
             </div>
             <!-- end login -->
         </div>
     </body>
 </html>

pylons_app/templates/register.html

➞

Show inline comments

@@ @@ -67,22 +67,27 @@ @@
 			             <div class="field">
 			                <div class="label">
 			                    <label for="email">${_('Email')}:</label>
 			                </div>
 			                <div class="input">
 			                    ${h.text('email')}
 			                </div>
 			             </div>
 			            <div class="buttons">
 				            <div class="nohighlight">
 				              ${h.submit('sign_up','Sign Up',class_="ui-button ui-widget ui-state-default ui-corner-all")}
 				              %if c.auto_active:
 							  	<div class="activation_msg">${_('Your account will be activated right after registration')}</div>
 							  %else:
 							  	<div class="activation_msg">${_('Your account must wait for activation by administrator')}</div>
 							  %endif
 				            </div>
 			            </div>
 			    	</div>
 			    </div>
 			    ${h.end_form()}
 			</div>
 	    </div>
     </body>
 </html>

pylons_app/websetup.py

➞

Show inline comments

@@ @@ -10,14 +10,15 @@ import sys @@
 log = logging.getLogger(__name__)
 ROOT = dn(dn(os.path.realpath(__file__)))
 sys.path.append(ROOT)
 def setup_app(command, conf, vars):
     """Place any commands to setup pylons_app here"""
     dbmanage = DbManage(log_sql=True)
     dbmanage.create_tables(override=True)
     dbmanage.config_prompt()
     dbmanage.admin_prompt()
     dbmanage.create_permissions()
     dbmanage.populate_default_permissions()
     load_environment(conf.global_conf, conf.local_conf, initial=True)

0 comments (0 inline, 0 general)