Changeset - 5e69685567c3
Parent rev.
Child rev.
[Not reviewed]
default
0 4 0
Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com
routing: use POST to 'delete_users_group' instead of DELETE
4 files changed with 12 insertions and 12 deletions:
kallithea/config/routing.py
2
2
kallithea/templates/admin/user_groups/user_group_edit_advanced.html
1
1
kallithea/templates/data_table/_dt_elements.html
1
1
kallithea/tests/functional/test_admin_user_groups.py
8
8
0 comments (0 inline, 0 general)
kallithea/config/routing.py
Show inline comments
 
@@ -180,98 +180,98 @@ def make_map(config):
 
        m.connect("update_user", "/users/{id}",
 
                  action="update", conditions=dict(method=["PUT"]))
 
        m.connect("delete_user", "/users/{id}/delete",
 
                  action="delete", conditions=dict(method=["POST"]))
 
        m.connect("edit_user", "/users/{id}/edit",
 
                  action="edit", conditions=dict(method=["GET"]))
 

			




	
	
	
		
 
        #EXTRAS USER ROUTES

			




	
	
	
		
 
        m.connect("edit_user_advanced", "/users/{id}/edit/advanced",

			




	
	
	
		
 
                  action="edit_advanced", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="edit_api_keys", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

			




	
	
	
		
 
                  action="add_api_key", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("edit_user_api_keys_delete", "/users/{id}/edit/api_keys/delete",

			




	
	
	
		
 
                  action="delete_api_key", conditions=dict(method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="edit_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

			




	
	
	
		
 
                  action="update_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="edit_emails", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_emails", "/users/{id}/edit/emails",

			




	
	
	
		
 
                  action="add_email", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("edit_user_emails_delete", "/users/{id}/edit/emails/delete",

			




	
	
	
		
 
                  action="delete_email", conditions=dict(method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_ips", "/users/{id}/edit/ips",

			




	
	
	
		
 
                  action="edit_ips", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_ips", "/users/{id}/edit/ips",

			




	
	
	
		
 
                  action="add_ip", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("edit_user_ips_delete", "/users/{id}/edit/ips/delete",

			




	
	
	
		
 
                  action="delete_ip", conditions=dict(method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN USER GROUPS REST ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/user_groups') as m:

			




	
	
	
		
 
        m.connect("users_groups", "/user_groups",

			




	
	
	
		
 
                  action="create", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("users_groups", "/user_groups",

			




	
	
	
		
 
                  action="index", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("new_users_group", "/user_groups/new",

			




	
	
	
		
 
                  action="new", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("update_users_group", "/user_groups/{id}",

			




	
	
	
		
 
                  action="update", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("delete_users_group", "/user_groups/{id}",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["DELETE"]))

			




	
	
	
		
 
        m.connect("delete_users_group", "/user_groups/{id}/delete",

			




	
	
	
		
 
                  action="delete", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("edit_users_group", "/user_groups/{id}/edit",

			




	
	
	
		
 
                  action="edit", conditions=dict(method=["GET"]),

			




	
	
	
		
 
                  function=check_user_group)

			




	
	
	
		
 

			




	
	
	
		
 
        #EXTRAS USER GROUP ROUTES

			




	
	
	
		
 
        m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",

			




	
	
	
		
 
                  action="edit_default_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",

			




	
	
	
		
 
                  action="update_default_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",

			




	
	
	
		
 
                  action="edit_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 
        m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",

			




	
	
	
		
 
                  action="update_perms", conditions=dict(method=["PUT"]))

			




	
	
	
		
 
        m.connect("edit_user_group_perms_delete", "/user_groups/{id}/edit/perms/delete",

			




	
	
	
		
 
                  action="delete_perms", conditions=dict(method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_group_advanced", "/user_groups/{id}/edit/advanced",

			




	
	
	
		
 
                  action="edit_advanced", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("edit_user_group_members", "/user_groups/{id}/edit/members",

			




	
	
	
		
 
                  action="edit_members", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN PERMISSIONS ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/permissions') as m:

			




	
	
	
		
 
        m.connect("admin_permissions", "/permissions",

			




	
	
	
		
 
                  action="permission_globals", conditions=dict(method=["POST"]))

			




	
	
	
		
 
        m.connect("admin_permissions", "/permissions",

			




	
	
	
		
 
                  action="permission_globals", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("admin_permissions_ips", "/permissions/ips",

			




	
	
	
		
 
                  action="permission_ips", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 
        m.connect("admin_permissions_perms", "/permissions/perms",

			




	
	
	
		
 
                  action="permission_perms", conditions=dict(method=["GET"]))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    #ADMIN DEFAULTS ROUTES

			




	
	
	
		
 
    with rmap.submapper(path_prefix=ADMIN_PREFIX,

			




	
	
	
		
 
                        controller='admin/defaults') as m:

			




	
	
	
		
 
        m.connect('defaults', 'defaults',

			




	
	
	
		
 
                  action="index")

			




	
	
	
		
 
        m.connect('defaults_update', 'defaults/{id}/update',

			




	
	
	
		
 
                  action="update", conditions=dict(method=["POST"]))

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/user_groups/user_group_edit_advanced.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
<div style="font-size: 24px; color: #666666; padding: 0px 0px 10px 0px">${_('User Group: %s') % c.user_group.users_group_name}</div>

			




	
	
	
		
 

			




	
	
	
		
 
<dl class="dl-horizontal">

			




	
	
	
		
 
<%

			




	
	
	
		
 
 elems = [

			




	
	
	
		
 
    (_('Members'), len(c.group_members_obj), ''),

			




	
	
	
		
 
    (_('Created on'), h.fmt_date(c.user_group.created_on), ''),

			




	
	
	
		
 
    (_('Owner'), h.person(c.user_group.user), ''),

			




	
	
	
		
 
    ]

			




	
	
	
		
 
%>

			




	
	
	
		
 
%for dt, dd, tt in elems:

			




	
	
	
		
 
  <dt style="width:150px; text-align: left">${dt}:</dt>

			




	
	
	
		
 
  <dd style="margin-left: 160px" title="${tt}">${dd}</dd>

			




	
	
	
		
 
%endfor

			




	
	
	
		
 
</dl>

			




	
	
	
		
 

			




	
	
	
		
 
${h.form(h.url('users_group', id=c.user_group.users_group_id),method='delete')}

			




	
	
	
		
 
${h.form(h.url('delete_users_group', id=c.user_group.users_group_id))}

			




	
	
	
		
 
    <button class="btn btn-small btn-danger" type="submit"

			




	
	
	
		
 
            onclick="return confirm('${_('Confirm to delete this user group: %s') % c.user_group.users_group_name}');">

			




	
	
	
		
 
        <i class="icon-minus-circled"></i>

			




	
	
	
		
 
        ${_('Delete this user group')}

			




	
	
	
		
 
    </button>

			




	
	
	
		
 
${h.end_form()}

			




        

    


    
    

    

        

                

                    kallithea/templates/data_table/_dt_elements.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -123,95 +123,95 @@

			




	
	
	
		
 
        <i class="icon-pencil"></i> ${h.submit('edit_%s' % repo_name,_('Edit'),class_="action_button")}

			




	
	
	
		
 
      </a>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
    <div style="float:left" class="grid_delete">

			




	
	
	
		
 
      ${h.form(h.url('delete_repo', repo_name=repo_name))}

			




	
	
	
		
 
        <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
        ${h.submit('remove_%s' % repo_name,_('Delete'),class_="action_button",

			




	
	
	
		
 
        onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}

			




	
	
	
		
 
      ${h.end_form()}

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_state(repo_state)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
    %if repo_state == u'repo_state_pending':

			




	
	
	
		
 
        <div class="btn btn-mini btn-info disabled">${_('Creating')}</div>

			




	
	
	
		
 
    %elif repo_state == u'repo_state_created':

			




	
	
	
		
 
        <div class="btn btn-mini btn-success disabled">${_('Created')}</div>

			




	
	
	
		
 
    %else:

			




	
	
	
		
 
        <div class="btn btn-mini btn-danger disabled" title="${repo_state}">invalid</div>

			




	
	
	
		
 
    %endif

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_actions(user_id, username)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
   <a href="${h.url('edit_user',id=user_id)}" title="${_('Edit')}">

			




	
	
	
		
 
     <i class="icon-pencil"></i> ${h.submit('edit_%s' % username,_('Edit'),class_="action_button")}

			




	
	
	
		
 
   </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
  ${h.form(h.url('delete_user', id=user_id))}

			




	
	
	
		
 
    <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
    ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="action_button",

			




	
	
	
		
 
    onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}

			




	
	
	
		
 
  ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_group_actions(user_group_id, user_group_name)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
    <a href="${h.url('edit_users_group', id=user_group_id)}" title="${_('Edit')}">

			




	
	
	
		
 
    <i class="icon-pencil"></i>

			




	
	
	
		
 
     ${h.submit('edit_%s' % user_group_name,_('Edit'),class_="action_button", id_="submit_user_group_edit")}

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
    ${h.form(h.url('users_group', id=user_group_id),method='delete')}

			




	
	
	
		
 
    ${h.form(h.url('delete_users_group', id=user_group_id))}

			




	
	
	
		
 
      <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
      ${h.submit('remove_',_('Delete'),id="remove_group_%s" % user_group_id, class_="action_button",

			




	
	
	
		
 
      onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}

			




	
	
	
		
 
    ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
    <a href="${h.url('edit_repo_group',group_name=repo_group_name)}" title="${_('Edit')}">

			




	
	
	
		
 
    <i class="icon-pencil"></i>

			




	
	
	
		
 
     ${h.submit('edit_%s' % repo_group_name, _('Edit'),class_="action_button")}

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
    ${h.form(h.url('delete_repos_group', group_name=repo_group_name))}

			




	
	
	
		
 
        <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
        ${h.submit('remove_%s' % repo_group_name,_('Delete'),class_="action_button",

			




	
	
	
		
 
        onclick="return confirm('"+ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}

			




	
	
	
		
 
    ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_name(user_id, username)">

			




	
	
	
		
 
    ${h.link_to(username,h.url('edit_user', id=user_id))}

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_group_name(repo_group_name, children_groups)">

			




	
	
	
		
 
  <div style="white-space: nowrap">

			




	
	
	
		
 
  <a href="${h.url('repos_group_home',group_name=repo_group_name)}">

			




	
	
	
		
 
    <i class="icon-folder" title="${_('Repository group')}"></i> ${h.literal(' &raquo; '.join(children_groups))}</a>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_group_name(user_group_id, user_group_name)">

			




	
	
	
		
 
  <div style="white-space: nowrap">

			




	
	
	
		
 
  <a href="${h.url('edit_users_group', id=user_group_id)}">

			




	
	
	
		
 
    <i class="icon-users" title="${_('User group')}"></i> ${user_group_name}</a>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="toggle_follow(repo_id)">

			




	
	
	
		
 
  <span id="follow_toggle_${repo_id}" class="following" title="${_('Stop following this repository')}"

			




	
	
	
		
 
        onclick="toggleFollowingRepo(this, ${repo_id})">

			




	
	
	
		
 
  </span>

			




	
	
	
		
 
</%def>

			




        

    


    
    

    

        

                

                    kallithea/tests/functional/test_admin_user_groups.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -9,196 +9,196 @@ TEST_USER_GROUP = u'admins_test'

			




	
	
	
		
 
class TestAdminUsersGroupsController(TestController):

			




	
	
	
		
 

			




	
	
	
		
 
    def test_index(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        response = self.app.get(url('users_groups'))

			




	
	
	
		
 
        # Test response...

			




	
	
	
		
 

			




	
	
	
		
 
    def test_create(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        users_group_name = TEST_USER_GROUP

			




	
	
	
		
 
        response = self.app.post(url('users_groups'),

			




	
	
	
		
 
                                 {'users_group_name': users_group_name,

			




	
	
	
		
 
                                  'user_group_description': u'DESC',

			




	
	
	
		
 
                                  'active': True,

			




	
	
	
		
 
                                  '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        self.checkSessionFlash(response,

			




	
	
	
		
 
                               'Created user group <a href="/_admin/user_groups/')

			




	
	
	
		
 
        self.checkSessionFlash(response,

			




	
	
	
		
 
                               '/edit">%s</a>' % TEST_USER_GROUP)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_new(self):

			




	
	
	
		
 
        response = self.app.get(url('new_users_group'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_update(self):

			




	
	
	
		
 
        response = self.app.put(url('users_group', id=1), status=403)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_update_browser_fakeout(self):

			




	
	
	
		
 
        response = self.app.post(url('users_group', id=1),

			




	
	
	
		
 
                                 params=dict(_method='put', _authentication_token=self.authentication_token()))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        users_group_name = TEST_USER_GROUP + 'another'

			




	
	
	
		
 
        response = self.app.post(url('users_groups'),

			




	
	
	
		
 
                                 {'users_group_name':users_group_name,

			




	
	
	
		
 
                                  'user_group_description': u'DESC',

			




	
	
	
		
 
                                  'active': True,

			




	
	
	
		
 
                                  '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        self.checkSessionFlash(response,

			




	
	
	
		
 
                               'Created user group ')

			




	
	
	
		
 

			




	
	
	
		
 
        gr = Session().query(UserGroup) \

			




	
	
	
		
 
            .filter(UserGroup.users_group_name == users_group_name).one()

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('users_group', id=gr.users_group_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_users_group', id=gr.users_group_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 

			




	
	
	
		
 
        gr = Session().query(UserGroup) \

			




	
	
	
		
 
            .filter(UserGroup.users_group_name == users_group_name).scalar()

			




	
	
	
		
 

			




	
	
	
		
 
        assert gr == None

			




	
	
	
		
 

			




	
	
	
		
 
    def test_default_perms_enable_repository_read_on_group(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        users_group_name = TEST_USER_GROUP + 'another2'

			




	
	
	
		
 
        response = self.app.post(url('users_groups'),

			




	
	
	
		
 
                                 {'users_group_name': users_group_name,

			




	
	
	
		
 
                                  'user_group_description': u'DESC',

			




	
	
	
		
 
                                  'active': True,

			




	
	
	
		
 
                                  '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        self.checkSessionFlash(response,

			




	
	
	
		
 
                               'Created user group ')

			




	
	
	
		
 
        ## ENABLE REPO CREATE ON A GROUP

			




	
	
	
		
 
        response = self.app.put(url('edit_user_group_default_perms',

			




	
	
	
		
 
                                    id=ug.users_group_id),

			




	
	
	
		
 
                                 {'create_repo_perm': True,

			




	
	
	
		
 
                                  '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        p = Permission.get_by_key('hg.create.repository')

			




	
	
	
		
 
        p2 = Permission.get_by_key('hg.usergroup.create.false')

			




	
	
	
		
 
        p3 = Permission.get_by_key('hg.fork.none')

			




	
	
	
		
 
        # check if user has this perms, they should be here since

			




	
	
	
		
 
        # defaults are on

			




	
	
	
		
 
        perms = UserGroupToPerm.query() \

			




	
	
	
		
 
            .filter(UserGroupToPerm.users_group == ug).all()

			




	
	
	
		
 

			




	
	
	
		
 
        assert sorted([[x.users_group_id, x.permission_id, ] for x in perms]) == sorted([[ug.users_group_id, p.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p2.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p3.permission_id]])

			




	
	
	
		
 

			




	
	
	
		
 
        ## DISABLE REPO CREATE ON A GROUP

			




	
	
	
		
 
        response = self.app.put(

			




	
	
	
		
 
            url('edit_user_group_default_perms', id=ug.users_group_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        p = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
        p2 = Permission.get_by_key('hg.usergroup.create.false')

			




	
	
	
		
 
        p3 = Permission.get_by_key('hg.fork.none')

			




	
	
	
		
 

			




	
	
	
		
 
        # check if user has this perms, they should be here since

			




	
	
	
		
 
        # defaults are on

			




	
	
	
		
 
        perms = UserGroupToPerm.query() \

			




	
	
	
		
 
            .filter(UserGroupToPerm.users_group == ug).all()

			




	
	
	
		
 

			




	
	
	
		
 
        assert sorted([[x.users_group_id, x.permission_id, ] for x in perms]) == sorted([[ug.users_group_id, p.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p2.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p3.permission_id]])

			




	
	
	
		
 

			




	
	
	
		
 
        # DELETE !

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        ugid = ug.users_group_id

			




	
	
	
		
 
        response = self.app.post(url('users_group', id=ug.users_group_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_users_group', id=ug.users_group_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = response.follow()

			




	
	
	
		
 
        gr = Session().query(UserGroup) \

			




	
	
	
		
 
            .filter(UserGroup.users_group_name == users_group_name).scalar()

			




	
	
	
		
 

			




	
	
	
		
 
        assert gr == None

			




	
	
	
		
 
        p = Permission.get_by_key('hg.create.repository')

			




	
	
	
		
 
        perms = UserGroupToPerm.query() \

			




	
	
	
		
 
            .filter(UserGroupToPerm.users_group_id == ugid).all()

			




	
	
	
		
 
        perms = [[x.users_group_id,

			




	
	
	
		
 
                  x.permission_id, ] for x in perms]

			




	
	
	
		
 
        assert perms == []

			




	
	
	
		
 

			




	
	
	
		
 
    def test_default_perms_enable_repository_fork_on_group(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        users_group_name = TEST_USER_GROUP + 'another2'

			




	
	
	
		
 
        response = self.app.post(url('users_groups'),

			




	
	
	
		
 
                                 {'users_group_name': users_group_name,

			




	
	
	
		
 
                                  'user_group_description': u'DESC',

			




	
	
	
		
 
                                  'active': True,

			




	
	
	
		
 
                                  '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        self.checkSessionFlash(response,

			




	
	
	
		
 
                               'Created user group ')

			




	
	
	
		
 
        ## ENABLE REPO CREATE ON A GROUP

			




	
	
	
		
 
        response = self.app.put(url('edit_user_group_default_perms',

			




	
	
	
		
 
                                    id=ug.users_group_id),

			




	
	
	
		
 
                                {'fork_repo_perm': True, '_authentication_token': self.authentication_token()})

			




	
	
	
		
 

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        p = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
        p2 = Permission.get_by_key('hg.usergroup.create.false')

			




	
	
	
		
 
        p3 = Permission.get_by_key('hg.fork.repository')

			




	
	
	
		
 
        # check if user has this perms, they should be here since

			




	
	
	
		
 
        # defaults are on

			




	
	
	
		
 
        perms = UserGroupToPerm.query() \

			




	
	
	
		
 
            .filter(UserGroupToPerm.users_group == ug).all()

			




	
	
	
		
 

			




	
	
	
		
 
        assert sorted([[x.users_group_id, x.permission_id, ] for x in perms]) == sorted([[ug.users_group_id, p.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p2.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p3.permission_id]])

			




	
	
	
		
 

			




	
	
	
		
 
        ## DISABLE REPO CREATE ON A GROUP

			




	
	
	
		
 
        response = self.app.put(url('edit_user_group_default_perms', id=ug.users_group_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        p = Permission.get_by_key('hg.create.none')

			




	
	
	
		
 
        p2 = Permission.get_by_key('hg.usergroup.create.false')

			




	
	
	
		
 
        p3 = Permission.get_by_key('hg.fork.none')

			




	
	
	
		
 
        # check if user has this perms, they should be here since

			




	
	
	
		
 
        # defaults are on

			




	
	
	
		
 
        perms = UserGroupToPerm.query() \

			




	
	
	
		
 
            .filter(UserGroupToPerm.users_group == ug).all()

			




	
	
	
		
 

			




	
	
	
		
 
        assert sorted([[x.users_group_id, x.permission_id, ] for x in perms]) == sorted([[ug.users_group_id, p.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p2.permission_id],

			




	
	
	
		
 
                    [ug.users_group_id, p3.permission_id]])

			




	
	
	
		
 

			




	
	
	
		
 
        # DELETE !

			




	
	
	
		
 
        ug = UserGroup.get_by_group_name(users_group_name)

			




	
	
	
		
 
        ugid = ug.users_group_id

			




	
	
	
		
 
        response = self.app.post(url('users_group', id=ug.users_group_id),

			




	
	
	
		
 
            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = self.app.post(url('delete_users_group', id=ug.users_group_id),

			




	
	
	
		
 
            params={'_authentication_token': self.authentication_token()})

			




	
	
	
		
 
        response = response.follow()

			




	
	
	
		
 
        gr = Session().query(UserGroup) \

			




	
	
	
		
 
                           .filter(UserGroup.users_group_name ==

			




	
	
	
		
 
                                   users_group_name).scalar()

			




	
	
	
		
 

			




	
	
	
		
 
        assert gr == None

			




	
	
	
		
 
        p = Permission.get_by_key('hg.fork.repository')

			




	
	
	
		
 
        perms = UserGroupToPerm.query() \

			




	
	
	
		
 
            .filter(UserGroupToPerm.users_group_id == ugid).all()

			




	
	
	
		
 
        perms = [[x.users_group_id,

			




	
	
	
		
 
                  x.permission_id, ] for x in perms]

			




	
	
	
		
 
        assert perms == []

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_browser_fakeout(self):

			




	
	
	
		
 
        response = self.app.post(url('users_group', id=1),

			




	
	
	
		
 
                                 params=dict(_method='delete', _authentication_token=self.authentication_token()))

			




	
	
	
		
 
        response = self.app.post(url('delete_users_group', id=1),

			




	
	
	
		
 
                                 params=dict(_authentication_token=self.authentication_token()))

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.