kallithea Changeset - 63c697d1a631

Changeset - 63c697d1a631

Parent rev.

Child rev.

[Not reviewed]

default

0 6 0

Marcin Kuzminski - 15 years ago 2010-08-21 18:31:28
marcin@python-works.com

added logic for changin defualt permissions, and option to overwrite all defualt permissions on each repository
fixed registration form text

6 files changed with 52 insertions and 7 deletions:

pylons_app/controllers/admin/permissions.py

pylons_app/controllers/login.py

pylons_app/lib/auth.py

pylons_app/model/forms.py

pylons_app/model/permission_model.py

pylons_app/templates/admin/permissions/permissions.html

0 comments (0 inline, 0 general)

pylons_app/controllers/admin/permissions.py

➞

Show inline comments

@@ @@ -52,96 +52,97 @@ class PermissionsController(BaseControll @@
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(PermissionsController, self).__before__()
         self.perms_choices = [('repository.none', _('None'),),
                               ('repository.read', _('Read'),),
                               ('repository.write', _('Write'),),
                               ('repository.admin', _('Admin'),)]
         self.register_choices = [
             ('hg.register.none', 'disabled'),
             ('hg.register.manual_activate',
                             _('allowed with manual account activation')),
             ('hg.register.auto_activate',
                             _('allowed with automatic account activation')), ]
         self.create_choices = [('hg.create.none', _('Disabled')),
                                ('hg.create.repository', _('Enabled'))]
     def index(self, format='html'):
         """GET /permissions: All items in the collection"""
         # url('permissions')
     def create(self):
         """POST /permissions: Create a new item"""
         # url('permissions')
     def new(self, format='html'):
         """GET /permissions/new: Form to create a new item"""
         # url('new_permission')
     def update(self, id):
         """PUT /permissions/id: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('permission', id=ID),
         #           method='put')
         # url('permission', id=ID)
         permission_model = PermissionModel()
         _form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
                                        [x[0] for x in self.register_choices],
                                        [x[0] for x in self.create_choices])()
         try:
             form_result = _form.to_python(dict(request.POST))
             form_result.update({'perm_user_name':id})
             permission_model.update(form_result)
             h.flash(_('Default permissions updated succesfully'),
                     category='success')
         except formencode.Invalid as errors:
             c.perms_choices = self.perms_choices
             c.register_choices = self.register_choices
             c.create_choices = self.create_choices
             return htmlfill.render(
                 render('admin/permissions/permissions.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occured during update of permissions'),
                     category='error')
         return redirect(url('edit_permission', id=id))
     def delete(self, id):
         """DELETE /permissions/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('permission', id=ID),
         #           method='delete')
         # url('permission', id=ID)
     def show(self, id, format='html'):
         """GET /permissions/id: Show a specific item"""
         # url('permission', id=ID)
     def edit(self, id, format='html'):
         """GET /permissions/id/edit: Form to edit an existing item"""
         #url('edit_permission', id=ID)
         c.perms_choices = self.perms_choices
         c.register_choices = self.register_choices
         c.create_choices = self.create_choices
         if id == 'default':
             defaults = {'_method':'put'}
             for p in UserModel().get_default().user_perms:
                 if p.permission.permission_name.startswith('repository.'):

pylons_app/controllers/login.py

➞

Show inline comments

@@ @@ -22,76 +22,77 @@ @@
 Created on April 22, 2010
 login controller for pylons
 @author: marcink
 """
 from formencode import htmlfill
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons_app.lib.auth import AuthUser, HasPermissionAnyDecorator
 from pylons_app.lib.base import BaseController, render
 from pylons_app.model.forms import LoginForm, RegisterForm
 from pylons_app.model.user_model import UserModel
 import formencode
 import logging
 log = logging.getLogger(__name__)
 class LoginController(BaseController):
     def __before__(self):
         super(LoginController, self).__before__()
     def index(self):
         #redirect if already logged in
         if c.hg_app_user.is_authenticated:
             return redirect(url('hg_home'))
         if request.POST:
             #import Login Form validator class
             login_form = LoginForm()
             try:
                 c.form_result = login_form.to_python(dict(request.POST))
                 return redirect(url('hg_home'))
             except formencode.Invalid as errors:
                 return htmlfill.render(
                     render('/login.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
         return render('/login.html')
     @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')
     def register(self):
         user_model = UserModel()
         c.auto_active = False
         for perm in user_model.get_default().user_perms:
             print perm.permission.permission_name
             if perm.permission.permission_name == 'hg.register.auto_activate':
-                c.auto_active = False
+                c.auto_active = True
                 break
         if request.POST:
             register_form = RegisterForm()()
             try:
                 form_result = register_form.to_python(dict(request.POST))
                 form_result['active'] = c.auto_active
                 user_model.create_registration(form_result)
                 return redirect(url('login_home'))
             except formencode.Invalid as errors:
                 return htmlfill.render(
                     render('/register.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
         return render('/register.html')
     def logout(self):
         session['hg_app_user'] = AuthUser()
         session.save()
         log.info('Logging out and setting user as Empty')
         redirect(url('hg_home'))

pylons_app/lib/auth.py

➞

Show inline comments

@@ @@ -79,140 +79,139 @@ class AuthUser(object): @@
     def __init__(self):
         self.username = 'None'
         self.name = ''
         self.lastname = ''
         self.email = ''
         self.user_id = None
         self.is_authenticated = False
         self.is_admin = False
         self.permissions = {}
 def set_available_permissions(config):
     """
     This function will propagate pylons globals with all available defined
     permission given in db. We don't wannt to check each time from db for new
     permissions since adding a new permission also requires application restart
     ie. to decorate new views with the newly created permission
     @param config:
     """
     log.info('getting information about all available permissions')
     try:
         sa = meta.Session
         all_perms = sa.query(Permission).all()
     finally:
         meta.Session.remove()
     config['available_permissions'] = [x.permission_name for x in all_perms]
 def set_base_path(config):
     config['base_path'] = config['pylons.app_globals'].base_path
 def fill_data(user):
     """
     Fills user data with those from database and log out user if not present
     in database
     @param user:
     """
     sa = meta.Session
     dbuser = sa.query(User).get(user.user_id)
     if dbuser:
         user.username = dbuser.username
         user.is_admin = dbuser.admin
         user.name = dbuser.name
         user.lastname = dbuser.lastname
         user.email = dbuser.email
     else:
         user.is_authenticated = False
     meta.Session.remove()
     from pprint import pprint
     pprint(user.permissions)
     return user
 def fill_perms(user):
     """
     Fills user permission attribute with permissions taken from database
     @param user:
     """
     sa = meta.Session
     user.permissions['repositories'] = {}
     user.permissions['global'] = set()
     #===========================================================================
     # fetch default permissions
     #===========================================================================
     default_perms = sa.query(RepoToPerm, UserToPerm, Repository, Permission)\
         .outerjoin((UserToPerm, RepoToPerm.user_id == UserToPerm.user_id))\
         .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
         .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\
         .filter(RepoToPerm.user_id == sa.query(User).filter(User.username ==
                                             'default').one().user_id).all()
     if user.is_admin:
         #=======================================================================
         # #admin have all rights set to admin
         #=======================================================================
         user.permissions['global'].add('hg.admin')
         for perm in default_perms:
             p = 'repository.admin'
             user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
     else:
         #=======================================================================
         # set default permissions
         #=======================================================================
         #default global
         for perm in default_perms:
             user.permissions['global'].add(perm.UserToPerm.permission.permission_name)
 #        user.permissions['global'].add('hg.create.repository')
 #        user.permissions['global'].add('hg.register')
         #default repositories
         for perm in default_perms:
             if perm.Repository.private and not perm.Repository.user_id == user.user_id:
                 #disable defaults for private repos,
                 p = 'repository.none'
             elif perm.Repository.user_id == user.user_id:
                 #set admin if owner
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
         #=======================================================================
         # #overwrite default with user permissions if any
         #=======================================================================
         user_perms = sa.query(RepoToPerm, UserToPerm, Permission, Repository)\
             .outerjoin((UserToPerm, RepoToPerm.user_id == UserToPerm.user_id))\
             .join((Repository, RepoToPerm.repository_id == Repository.repo_id))\
             .join((Permission, RepoToPerm.permission_id == Permission.permission_id))\
             .filter(RepoToPerm.user_id == user.user_id).all()
         for perm in user_perms:
             if perm.Repository.user_id == user.user_id:#set admin if owner
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions['repositories'][perm.RepoToPerm.repository.repo_name] = p
     meta.Session.remove()
     return user
 def get_user(session):
     """
     Gets user from session, and wraps permissions into user
     @param session:
     """
     user = session.get('hg_app_user', AuthUser())
     if user.is_authenticated:
         user = fill_data(user)
     user = fill_perms(user)
     session['hg_app_user'] = user
     session.save()
     return user
 #===============================================================================
 # CHECK DECORATORS
 #===============================================================================
 class LoginRequired(object):

pylons_app/model/forms.py

➞

Show inline comments

@@ @@ -287,53 +287,54 @@ def RepoForm(edit=False, old_data={}): @@
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True), ValidRepoName(edit, old_data))
         description = UnicodeString(strip=True, min=3, not_empty=True)
         private = StringBoolean(if_missing=False)
         if edit:
             user = All(Int(not_empty=True), ValidRepoUser)
         chained_validators = [ValidPerms]
     return _RepoForm
 def RepoSettingsForm(edit=False, old_data={}):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True), ValidRepoName(edit, old_data))
         description = UnicodeString(strip=True, min=3, not_empty=True)
         private = StringBoolean(if_missing=False)
         chained_validators = [ValidPerms, ValidSettings]
     return _RepoForm
 def ApplicationSettingsForm():
     class _ApplicationSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         hg_app_title = UnicodeString(strip=True, min=3, not_empty=True)
         hg_app_realm = UnicodeString(strip=True, min=3, not_empty=True)
     return _ApplicationSettingsForm
 def ApplicationUiSettingsForm():
     class _ApplicationUiSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         web_push_ssl = OneOf(['true', 'false'], if_missing='false')
         paths_root_path = All(ValidPath(), UnicodeString(strip=True, min=3, not_empty=True))
         hooks_changegroup_update = OneOf(['True', 'False'], if_missing=False)
         hooks_changegroup_repo_size = OneOf(['True', 'False'], if_missing=False)
     return _ApplicationUiSettingsForm
 def DefaultPermissionsForm(perms_choices, register_choices, create_choices):
     class _DefaultPermissionsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         overwrite_default = OneOf(['true', 'false'], if_missing='false')
         default_perm = OneOf(perms_choices)
         default_register = OneOf(register_choices)
         default_create = OneOf(create_choices)
     return _DefaultPermissionsForm

pylons_app/model/permission_model.py

➞

Show inline comments

 #!/usr/bin/env python
 # encoding: utf-8
 # Model for permissions
 # Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; version 2
 # of the License or (at your opinion) any later version of the license.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 # MA  02110-1301, USA.
 """
 Created on Aug 20, 2010
 Model for permissions
 @author: marcink
 """
 from pylons.i18n.translation import _
 from pylons_app.model.db import User, Permission
+from pylons_app.model.db import User, Permission, UserToPerm, RepoToPerm
 from pylons_app.model.meta import Session
 import logging
 import traceback
 log = logging.getLogger(__name__)
 class PermissionModel(object):
     def __init__(self):
         self.sa = Session()
     def get_default(self):
         return self.sa.query(User).filter(User.username == 'default').scalar()
     def get_permission(self, id):
         return self.sa.query(Permission).get(id)
     def get_permission_by_name(self, name):
         return self.sa.query(Permission)\
         .filter(Permission.permission_name == name).scalar()
     def update(self, form_result):
         print form_result
         pass
         perm_user = self.sa.query(User)\
                 .filter(User.username == form_result['perm_user_name']).scalar()
         u2p = self.sa.query(UserToPerm).filter(UserToPerm.user == perm_user).all()
         if len(u2p) != 3:
             raise Exception('There is more than 3 defined \
             permissions for defualt user. This should not happen please verify\
             your database')
         try:
             #stage 1 change defaults
             for p in u2p:
                 if p.permission.permission_name.startswith('repository.'):
                     p.permission = self.get_permission_by_name(form_result['default_perm'])
                     self.sa.add(p)
                 if p.permission.permission_name.startswith('hg.register.'):
                     p.permission = self.get_permission_by_name(form_result['default_register'])
                     self.sa.add(p)
                 if p.permission.permission_name.startswith('hg.create.'):
                     p.permission = self.get_permission_by_name(form_result['default_create'])
                     self.sa.add(p)
             #stage 2 update all default permissions for repos if checked
             if form_result['overwrite_default'] == 'true':
                 for r2p in self.sa.query(RepoToPerm).filter(RepoToPerm.user == perm_user).all():
                     r2p.permission = self.get_permission_by_name(form_result['default_perm'])
                     self.sa.add(r2p)
             self.sa.commit()
         except:
             log.error(traceback.format_exc())
             self.sa.rollback()
             raise

pylons_app/templates/admin/permissions/permissions.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 <%inherit file="/base/base.html"/>
 <%def name="title()">
     ${_('Permissions administration')}
 </%def>
 <%def name="breadcrumbs_links()">
     ${h.link_to(_('Admin'),h.url('admin_home'))}
     &raquo;
     ${_('Permissions')}
 </%def>
 <%def name="page_nav()">
 	${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
     </div>
     <h3>${_('Default permissions')}</h3>
     ${h.form(url('permission', id='default'),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
 			<div class="field">
 				<div class="label">
 					<label for="default_perm">${_('Default repository permission')}:</label>
 				</div>
 				<div class="select">
 					${h.select('default_perm','',c.perms_choices)}
 		                ${h.checkbox('overwrite_default','true')}
 		                <label for="overwrite_default">
 		                <span class="tooltip"
 		                tooltip_title="${h.tooltip(_('All default permissions on each repository will be reset to choosen permission, note that all custom default permission on repositories will be lost'))}">
 		                ${_('overwrite existing settings')}</span> </label>
 				</div>
 			</div>
 			<div class="field">
 		        <div class="label">
 		            <label for="default_register">${_('Registration')}:</label>
 		        </div>
 				<div class="select">
 					${h.select('default_register','',c.register_choices)}
 				</div>
 			</div>
              <div class="field">
                 <div class="label">
                     <label for="default_create">${_('Allow repository creation')}:</label>
                 </div>
 				<div class="select">
 					${h.select('default_create','',c.create_choices)}
 				</div>
              </div>
 	        <div class="buttons">
 	        ${h.submit('set','set',class_="ui-button ui-widget ui-state-default ui-corner-all")}
 	        </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>

0 comments (0 inline, 0 general)