kallithea Changeset - 46b17730ca32

Changeset - 46b17730ca32

Parent rev.

Child rev.

[Not reviewed]

beta

0 3 0

Marcin Kuzminski - 13 years ago 2013-04-10 23:45:04
marcin@python-works.com

implemented usergroup permissions checks.
- each user who has now explicit or inherited permissions can create usersgrous
- user is automatically an admin of that usergroup, and can manage it

3 files changed with 9 insertions and 4 deletions:

rhodecode/controllers/admin/users_groups.py

rhodecode/model/users_group.py

rhodecode/templates/admin/users_groups/users_groups.html

0 comments (0 inline, 0 general)

rhodecode/controllers/admin/users_groups.py

➞

Show inline comments

@@ @@ -27,25 +27,25 @@ import logging @@
 import traceback
 import formencode
 from formencode import htmlfill
 from pylons import request, session, tmpl_context as c, url, config
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from rhodecode.lib import helpers as h
 from rhodecode.lib.exceptions import UserGroupsAssignedException
 from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
     HasUserGroupPermissionAnyDecorator
+    HasUserGroupPermissionAnyDecorator, HasPermissionAnyDecorator
 from rhodecode.lib.base import BaseController, render
 from rhodecode.model.scm import UserGroupList
 from rhodecode.model.users_group import UserGroupModel
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.db import User, UserGroup, UserGroupToPerm,\
     UserGroupRepoToPerm, UserGroupRepoGroupToPerm
 from rhodecode.model.forms import UserGroupForm, UserGroupPermsForm,\
     CustomDefaultPermissionsForm
 from rhodecode.model.meta import Session
 from rhodecode.lib.utils import action_logger
 from sqlalchemy.orm import joinedload
 from webob.exc import HTTPInternalServerError
@@ @@ -128,25 +128,25 @@ class UsersGroupsController(BaseControll @@
         return data
     def index(self, format='html'):
         """GET /users_groups: All items in the collection"""
         # url('users_groups')
         group_iter = UserGroupList(UserGroup().query().all(),
                                    perm_set=['usergroup.admin'])
         sk = lambda g: g.users_group_name
         c.users_groups_list = sorted(group_iter, key=sk)
         return render('admin/users_groups/users_groups.html')
-    @HasPermissionAllDecorator('hg.admin')
+    @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
     def create(self):
         """POST /users_groups: Create a new item"""
         # url('users_groups')
         users_group_form = UserGroupForm()()
         try:
             form_result = users_group_form.to_python(dict(request.POST))
             UserGroupModel().create(name=form_result['users_group_name'],
                                     owner=self.rhodecode_user.user_id,
                                     active=form_result['users_group_active'])
             gr = form_result['users_group_name']
@@ @@ -160,25 +160,25 @@ class UsersGroupsController(BaseControll @@
                 render('admin/users_groups/users_group_add.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('Error occurred during creation of user group %s') \
                     % request.POST.get('users_group_name'), category='error')
         return redirect(url('users_groups'))
-    @HasPermissionAllDecorator('hg.admin')
+    @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
     def new(self, format='html'):
         """GET /users_groups/new: Form to create a new item"""
         # url('new_users_group')
         return render('admin/users_groups/users_group_add.html')
     @HasUserGroupPermissionAnyDecorator('usergroup.admin')
     def update(self, id):
         """PUT /users_groups/id: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('users_group', id=ID),

rhodecode/model/users_group.py

➞

Show inline comments

@@ @@ -97,24 +97,28 @@ class UserGroupModel(BaseModel): @@
     def get_by_name(self, name, cache=False, case_insensitive=False):
         return UserGroup.get_by_group_name(name, cache, case_insensitive)
     def create(self, name, owner, active=True):
         try:
             new_user_group = UserGroup()
             new_user_group.user = self._get_user(owner)
             new_user_group.users_group_name = name
             new_user_group.users_group_active = active
             self.sa.add(new_user_group)
             perm_obj = self._create_default_perms(new_user_group)
             self.sa.add(perm_obj)
             self.grant_user_permission(user_group=new_user_group,
                                        user=owner, perm='usergroup.admin')
             return new_user_group
         except Exception:
             log.error(traceback.format_exc())
             raise
     def update(self, users_group, form_data):
         try:
             users_group = self._get_user_group(users_group)
             for k, v in form_data.items():
                 if k == 'users_group_members':

rhodecode/templates/admin/users_groups/users_groups.html

➞

Show inline comments

@@ @@ -12,28 +12,29 @@ @@
 </%def>
 <%def name="page_nav()">
     ${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
         <ul class="links">
         %if h.HasPermissionAny('hg.usergroup.create.true')():
           <li>
             <span>${h.link_to(_(u'Add new user group'),h.url('new_users_group'))}</span>
           </li>
+        %endif
         </ul>
     </div>
     <!-- end box / title -->
     <div class="table">
     %if c.users_groups_list:
         <table class="table_disp">
         <tr class="header">
             <th class="left">${_('Group name')}</th>
             <th class="left">${_('Members')}</th>
             <th class="left">${_('Active')}</th>
             <th class="left" colspan="2">${_('Action')}</th>

0 comments (0 inline, 0 general)