kallithea Changeset - 6ce3387bf0ce

Changeset - 6ce3387bf0ce

Parent rev.

Child rev.

[Not reviewed]

beta

0 8 0

Marcin Kuzminski - 13 years ago 2012-07-04 18:13:25
marcin@python-works.com

Renamed name to firstname in forms
- added multiple test for edit my account and edit user from admin
- fixed issues with update user accounts from admin

8 files changed with 118 insertions and 81 deletions:

rhodecode/controllers/admin/settings.py

rhodecode/model/db.py

rhodecode/model/forms.py

rhodecode/model/user.py

rhodecode/templates/admin/users/user_edit.html

rhodecode/templates/admin/users/user_edit_my_account_form.html

rhodecode/tests/functional/test_admin_settings.py

rhodecode/tests/functional/test_admin_users.py

0 comments (0 inline, 0 general)

rhodecode/controllers/admin/settings.py

➞

Show inline comments

@@ @@ -167,261 +167,260 @@ class SettingsController(BaseController) @@
                      render('admin/settings/settings.html'),
                      defaults=errors.value,
                      errors=errors.error_dict or {},
                      prefix_error=False,
                      encoding="UTF-8")
         if setting_id == 'mercurial':
             application_form = ApplicationUiSettingsForm()()
             try:
                 form_result = application_form.to_python(dict(request.POST))
                 # fix namespaces for hooks
                 _f = lambda s: s.replace('.', '_')
                 try:
                     hgsettings1 = self.sa.query(RhodeCodeUi)\
                     .filter(RhodeCodeUi.ui_key == 'push_ssl').one()
                     hgsettings1.ui_value = form_result['web_push_ssl']
                     hgsettings2 = self.sa.query(RhodeCodeUi)\
                     .filter(RhodeCodeUi.ui_key == '/').one()
                     hgsettings2.ui_value = form_result['paths_root_path']
                     #HOOKS
                     hgsettings3 = self.sa.query(RhodeCodeUi)\
                     .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_UPDATE)\
                     .one()
                     hgsettings3.ui_active = bool(form_result[_f('hooks_%s' %
                                                  RhodeCodeUi.HOOK_UPDATE)])
                     hgsettings4 = self.sa.query(RhodeCodeUi)\
                     .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_REPO_SIZE)\
                     .one()
                     hgsettings4.ui_active = bool(form_result[_f('hooks_%s' %
                                                  RhodeCodeUi.HOOK_REPO_SIZE)])
                     hgsettings5 = self.sa.query(RhodeCodeUi)\
                     .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_PUSH)\
                     .one()
                     hgsettings5.ui_active = bool(form_result[_f('hooks_%s' %
                                                  RhodeCodeUi.HOOK_PUSH)])
                     hgsettings6 = self.sa.query(RhodeCodeUi)\
                     .filter(RhodeCodeUi.ui_key == RhodeCodeUi.HOOK_PULL)\
                     .one()
                     hgsettings6.ui_active = bool(form_result[_f('hooks_%s' %
                                                  RhodeCodeUi.HOOK_PULL)])
                     self.sa.add(hgsettings1)
                     self.sa.add(hgsettings2)
                     self.sa.add(hgsettings3)
                     self.sa.add(hgsettings4)
                     self.sa.add(hgsettings5)
                     self.sa.add(hgsettings6)
                     self.sa.commit()
                     h.flash(_('Updated mercurial settings'),
                             category='success')
                 except:
                     log.error(traceback.format_exc())
                     h.flash(_('error occurred during updating '
                               'application settings'), category='error')
                     self.sa.rollback()
             except formencode.Invalid, errors:
                 return htmlfill.render(
                      render('admin/settings/settings.html'),
                      defaults=errors.value,
                      errors=errors.error_dict or {},
                      prefix_error=False,
                      encoding="UTF-8")
         if setting_id == 'hooks':
             ui_key = request.POST.get('new_hook_ui_key')
             ui_value = request.POST.get('new_hook_ui_value')
             try:
                 if ui_value and ui_key:
                     RhodeCodeUi.create_or_update_hook(ui_key, ui_value)
                     h.flash(_('Added new hook'),
                             category='success')
                 # check for edits
                 update = False
                 _d = request.POST.dict_of_lists()
                 for k, v in zip(_d.get('hook_ui_key', []),
                                 _d.get('hook_ui_value_new', [])):
                     RhodeCodeUi.create_or_update_hook(k, v)
                     update = True
                 if update:
                     h.flash(_('Updated hooks'), category='success')
                 self.sa.commit()
             except:
                 log.error(traceback.format_exc())
                 h.flash(_('error occurred during hook creation'),
                         category='error')
             return redirect(url('admin_edit_setting', setting_id='hooks'))
         if setting_id == 'email':
             test_email = request.POST.get('test_email')
             test_email_subj = 'RhodeCode TestEmail'
             test_email_body = 'RhodeCode Email test'
             test_email_html_body = EmailNotificationModel()\
                 .get_email_tmpl(EmailNotificationModel.TYPE_DEFAULT,
                                 body=test_email_body)
             recipients = [test_email] if [test_email] else None
             run_task(tasks.send_email, recipients, test_email_subj,
                      test_email_body, test_email_html_body)
             h.flash(_('Email task created'), category='success')
         return redirect(url('admin_settings'))
     @HasPermissionAllDecorator('hg.admin')
     def delete(self, setting_id):
         """DELETE /admin/settings/setting_id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('admin_setting', setting_id=ID),
         #           method='delete')
         # url('admin_setting', setting_id=ID)
         if setting_id == 'hooks':
             hook_id = request.POST.get('hook_id')
             RhodeCodeUi.delete(hook_id)
             self.sa.commit()
     @HasPermissionAllDecorator('hg.admin')
     def show(self, setting_id, format='html'):
         """
         GET /admin/settings/setting_id: Show a specific item"""
         # url('admin_setting', setting_id=ID)
     @HasPermissionAllDecorator('hg.admin')
     def edit(self, setting_id, format='html'):
         """
         GET /admin/settings/setting_id/edit: Form to
         edit an existing item"""
         # url('admin_edit_setting', setting_id=ID)
         c.hooks = RhodeCodeUi.get_builtin_hooks()
         c.custom_hooks = RhodeCodeUi.get_custom_hooks()
         return htmlfill.render(
             render('admin/settings/hooks.html'),
             defaults={},
             encoding="UTF-8",
             force_defaults=False
+        )
     @NotAnonymous()
     def my_account(self):
         """
         GET /_admin/my_account Displays info about my account
         """
         # url('admin_settings_my_account')
         c.user = User.get(self.rhodecode_user.user_id)
         all_repos = self.sa.query(Repository)\
                      .filter(Repository.user_id == c.user.user_id)\
                      .order_by(func.lower(Repository.repo_name)).all()
         c.user_repos = ScmModel().get_repos(all_repos)
         if c.user.username == 'default':
             h.flash(_("You can't edit this user since it's"
               " crucial for entire application"), category='warning')
             return redirect(url('users'))
         defaults = c.user.get_dict()
         c.form = htmlfill.render(
             render('admin/users/user_edit_my_account_form.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False
+        )
         return render('admin/users/user_edit_my_account.html')
     def my_account_update(self):
         """PUT /_admin/my_account_update: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('admin_settings_my_account_update'),
         #           method='put')
         # url('admin_settings_my_account_update', id=ID)
         user_model = UserModel()
         uid = self.rhodecode_user.user_id
         email = self.rhodecode_user.email
         _form = UserForm(edit=True,
                          old_data={'user_id': uid,
                                    'email': self.rhodecode_user.email})()
                          old_data={'user_id': uid, 'email': email})()
         form_result = {}
         try:
             form_result = _form.to_python(dict(request.POST))
-            user_model.update_my_account(uid, form_result)
+            UserModel().update_my_account(uid, form_result)
             h.flash(_('Your account was updated successfully'),
                     category='success')
             Session.commit()
         except formencode.Invalid, errors:
             c.user = User.get(self.rhodecode_user.user_id)
             all_repos = self.sa.query(Repository)\
                 .filter(Repository.user_id == c.user.user_id)\
                 .order_by(func.lower(Repository.repo_name))\
                 .all()
             c.user_repos = ScmModel().get_repos(all_repos)
             c.form = htmlfill.render(
                 render('admin/users/user_edit_my_account_form.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
             return render('admin/users/user_edit_my_account.html')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during update of user %s') \
                     % form_result.get('username'), category='error')
         return redirect(url('my_account'))
     @NotAnonymous()
     @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def create_repository(self):
         """GET /_admin/create_repository: Form to create a new item"""
         c.repo_groups = RepoGroup.groups_choices()
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         new_repo = request.GET.get('repo', '')
         c.new_repo = repo_name_slug(new_repo)
         return render('admin/repos/repo_add_create_repository.html')
     def get_hg_ui_settings(self):
         ret = self.sa.query(RhodeCodeUi).all()
         if not ret:
             raise Exception('Could not get application ui settings !')
         settings = {}
         for each in ret:
             k = each.ui_key
             v = each.ui_value
             if k == '/':
                 k = 'root_path'
             if k.find('.') != -1:
                 k = k.replace('.', '_')
             if each.ui_section == 'hooks':
                 v = each.ui_active
             settings[each.ui_section + '_' + k] = v
         return settings

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -257,394 +257,392 @@ class RhodeCodeUi(Base, BaseModel): @@
     ui_section = Column("ui_section", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ui_key = Column("ui_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ui_value = Column("ui_value", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True)
     @classmethod
     def get_by_key(cls, key):
         return cls.query().filter(cls.ui_key == key)
     @classmethod
     def get_builtin_hooks(cls):
         q = cls.query()
         q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE,
                                     cls.HOOK_REPO_SIZE,
                                     cls.HOOK_PUSH, cls.HOOK_PULL]))
         return q.all()
     @classmethod
     def get_custom_hooks(cls):
         q = cls.query()
         q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE,
                                     cls.HOOK_REPO_SIZE,
                                     cls.HOOK_PUSH, cls.HOOK_PULL]))
         q = q.filter(cls.ui_section == 'hooks')
         return q.all()
     @classmethod
     def get_repos_location(cls):
         return cls.get_by_key('/').one().ui_value
     @classmethod
     def create_or_update_hook(cls, key, val):
         new_ui = cls.get_by_key(key).scalar() or cls()
         new_ui.ui_section = 'hooks'
         new_ui.ui_active = True
         new_ui.ui_key = key
         new_ui.ui_value = val
         Session().add(new_ui)
 class User(Base, BaseModel):
     __tablename__ = 'users'
     __table_args__ = (
         UniqueConstraint('username'), UniqueConstraint('email'),
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'}
+    )
     user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     username = Column("username", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     password = Column("password", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     active = Column("active", Boolean(), nullable=True, unique=None, default=True)
     admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
     name = Column("firstname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     lastname = Column("lastname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     _email = Column("email", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
     ldap_dn = Column("ldap_dn", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     api_key = Column("api_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     user_log = relationship('UserLog', cascade='all')
     user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
     repositories = relationship('Repository')
     user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
     repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
     repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
     group_member = relationship('UsersGroupMember', cascade='all')
     notifications = relationship('UserNotification', cascade='all')
     # notifications assigned to this user
     user_created_notifications = relationship('Notification', cascade='all')
     # comments created by this user
     user_comments = relationship('ChangesetComment', cascade='all')
     @hybrid_property
     def email(self):
         return self._email
     @email.setter
     def email(self, val):
         self._email = val.lower() if val else None
     @property
     def emails(self):
         other = UserEmailMap.query().filter(UserEmailMap.user==self).all()
         return [self.email] + [x.email for x in other]
     @property
     def full_name(self):
         return '%s %s' % (self.name, self.lastname)
     @property
     def full_name_or_username(self):
         return ('%s %s' % (self.name, self.lastname)
                 if (self.name and self.lastname) else self.username)
     @property
     def full_contact(self):
         return '%s %s <%s>' % (self.name, self.lastname, self.email)
     @property
     def short_contact(self):
         return '%s %s' % (self.name, self.lastname)
     @property
     def is_admin(self):
         return self.admin
     def __unicode__(self):
         return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                      self.user_id, self.username)
     @classmethod
     def get_by_username(cls, username, case_insensitive=False, cache=False):
         if case_insensitive:
             q = cls.query().filter(cls.username.ilike(username))
         else:
             q = cls.query().filter(cls.username == username)
         if cache:
             q = q.options(FromCache(
                             "sql_cache_short",
                             "get_user_%s" % _hash_key(username)
+                          )
+            )
         return q.scalar()
     @classmethod
     def get_by_api_key(cls, api_key, cache=False):
         q = cls.query().filter(cls.api_key == api_key)
         if cache:
             q = q.options(FromCache("sql_cache_short",
                                     "get_api_key_%s" % api_key))
         return q.scalar()
     @classmethod
     def get_by_email(cls, email, case_insensitive=False, cache=False):
         if case_insensitive:
             q = cls.query().filter(cls.email.ilike(email))
         else:
             q = cls.query().filter(cls.email == email)
         if cache:
             q = q.options(FromCache("sql_cache_short",
                                     "get_email_key_%s" % email))
         ret = q.scalar()
         if ret is None:
             q = UserEmailMap.query()
             # try fetching in alternate email map
             if case_insensitive:
                 q = q.filter(UserEmailMap.email.ilike(email))
             else:
                 q = q.filter(UserEmailMap.email == email)
             q = q.options(joinedload(UserEmailMap.user))
             if cache:
                 q = q.options(FromCache("sql_cache_short",
                                         "get_email_map_key_%s" % email))
             ret = getattr(q.scalar(), 'user', None)
         return ret
     def update_lastlogin(self):
         """Update user lastlogin"""
         self.last_login = datetime.datetime.now()
         Session().add(self)
         log.debug('updated user %s lastlogin' % self.username)
     def get_api_data(self):
         """
         Common function for generating user related data for API
         """
         user = self
         data = dict(
             user_id=user.user_id,
             username=user.username,
             firstname=user.name,
             lastname=user.lastname,
             email=user.email,
             emails=user.emails,
             api_key=user.api_key,
             active=user.active,
             admin=user.admin,
             ldap_dn=user.ldap_dn,
             last_login=user.last_login,
+        )
         return data
     def __json__(self):
         return dict(
             user_id=self.user_id,
             first_name=self.name,
             last_name=self.lastname,
             email=self.email,
         data = dict(
             full_name=self.full_name,
             full_name_or_username=self.full_name_or_username,
             short_contact=self.short_contact,
             full_contact=self.full_contact
+        )
         data.update(self.get_api_data())
         return data
 class UserEmailMap(Base, BaseModel):
     __tablename__ = 'user_email_map'
     __table_args__ = (
         Index('uem_email_idx', 'email'),
         UniqueConstraint('email'),
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'}
+    )
     __mapper_args__ = {}
     email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
     _email = Column("email", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)
     user = relationship('User', lazy='joined')
     @validates('_email')
     def validate_email(self, key, email):
         # check if this email is not main one
         main_email = Session().query(User).filter(User.email == email).scalar()
         if main_email is not None:
             raise AttributeError('email %s is present is user table' % email)
         return email
     @hybrid_property
     def email(self):
         return self._email
     @email.setter
     def email(self, val):
         self._email = val.lower() if val else None
 class UserLog(Base, BaseModel):
     __tablename__ = 'user_logs'
     __table_args__ = (
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'},
+    )
     user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
     repository_name = Column("repository_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     user_ip = Column("user_ip", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     action = Column("action", UnicodeText(length=1200000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
     @property
     def action_as_day(self):
         return datetime.date(*self.action_date.timetuple()[:3])
     user = relationship('User')
     repository = relationship('Repository', cascade='')
 class UsersGroup(Base, BaseModel):
     __tablename__ = 'users_groups'
     __table_args__ = (
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'},
+    )
     users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_name = Column("users_group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
     members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
     users_group_to_perm = relationship('UsersGroupToPerm', cascade='all')
     users_group_repo_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')
     def __unicode__(self):
         return u'<userGroup(%s)>' % (self.users_group_name)
     @classmethod
     def get_by_group_name(cls, group_name, cache=False,
                           case_insensitive=False):
         if case_insensitive:
             q = cls.query().filter(cls.users_group_name.ilike(group_name))
         else:
             q = cls.query().filter(cls.users_group_name == group_name)
         if cache:
             q = q.options(FromCache(
                             "sql_cache_short",
                             "get_user_%s" % _hash_key(group_name)
+                          )
+            )
         return q.scalar()
     @classmethod
     def get(cls, users_group_id, cache=False):
         users_group = cls.query()
         if cache:
             users_group = users_group.options(FromCache("sql_cache_short",
                                     "get_users_group_%s" % users_group_id))
         return users_group.get(users_group_id)
     def get_api_data(self):
         users_group = self
         data = dict(
             users_group_id=users_group.users_group_id,
             group_name=users_group.users_group_name,
             active=users_group.users_group_active,
+        )
         return data
 class UsersGroupMember(Base, BaseModel):
     __tablename__ = 'users_groups_members'
     __table_args__ = (
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'},
+    )
     users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     user = relationship('User', lazy='joined')
     users_group = relationship('UsersGroup')
     def __init__(self, gr_id='', u_id=''):
         self.users_group_id = gr_id
         self.user_id = u_id
 class Repository(Base, BaseModel):
     __tablename__ = 'repositories'
     __table_args__ = (
         UniqueConstraint('repo_name'),
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'},
+    )
     repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     repo_name = Column("repo_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     clone_uri = Column("clone_uri", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)
     repo_type = Column("repo_type", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
     private = Column("private", Boolean(), nullable=True, unique=None, default=None)
     enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)
     enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)
     description = Column("description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
     landing_rev = Column("landing_revision", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None)
     fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)
     group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)
     user = relationship('User')
     fork = relationship('Repository', remote_side=repo_id)
     group = relationship('RepoGroup')
     repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
     users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')
     stats = relationship('Statistics', cascade='all', uselist=False)
     followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')
     logs = relationship('UserLog')
     comments = relationship('ChangesetComment')
     def __unicode__(self):
         return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
                                    self.repo_name)
     @classmethod
     def url_sep(cls):
         return URL_SEP
     @classmethod
     def get_by_repo_name(cls, repo_name):
         q = Session().query(cls).filter(cls.repo_name == repo_name)
         q = q.options(joinedload(Repository.fork))\
                 .options(joinedload(Repository.user))\
                 .options(joinedload(Repository.group))
         return q.scalar()
     @classmethod
     def get_by_full_path(cls, repo_full_path):
         repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
         return cls.get_by_repo_name(repo_name.strip(URL_SEP))
     @classmethod
     def get_repo_forks(cls, repo_id):
         return cls.query().filter(Repository.fork_id == repo_id)
     @classmethod
     def base_path(cls):
         """

rhodecode/model/forms.py

➞

Show inline comments

 """ this is forms validation classes
 http://formencode.org/module-formencode.validators.html
 for list off all availible validators
 we can create our own validators
 The table below outlines the options which can be used in a schema in addition to the validators themselves
 pre_validators          []     These validators will be applied before the schema
 chained_validators      []     These validators will be applied after the schema
 allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present
 filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed
 if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
 ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
 <name> = formencode.validators.<name of validator>
 <name> must equal form name
 list=[1,2,3,4,5]
 for SELECT use formencode.All(OneOf(list), Int())
 """
 import logging
 import formencode
 from formencode import All
 from pylons.i18n.translation import _
 from rhodecode.model import validators as v
 from rhodecode import BACKENDS
 log = logging.getLogger(__name__)
 class LoginForm(formencode.Schema):
     allow_extra_fields = True
     filter_extra_fields = True
     username = v.UnicodeString(
         strip=True,
         min=1,
         not_empty=True,
         messages={
            'empty': _(u'Please enter a login'),
            'tooShort': _(u'Enter a value %(min)i characters long or more')}
+    )
     password = v.UnicodeString(
         strip=False,
         min=3,
         not_empty=True,
         messages={
             'empty': _(u'Please enter a password'),
             'tooShort': _(u'Enter %(min)i characters or more')}
+    )
     remember = v.StringBoolean(if_missing=False)
     chained_validators = [v.ValidAuth()]
 def UserForm(edit=False, old_data={}):
     class _UserForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                        v.ValidUsername(edit, old_data))
         if edit:
             new_password = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=False)
+            )
             password_confirmation = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=False),
+            )
             admin = v.StringBoolean(if_missing=False)
         else:
             password = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=True)
+            )
             password_confirmation = All(
                 v.ValidPassword(),
                 v.UnicodeString(strip=False, min=6, not_empty=False)
+            )
         active = v.StringBoolean(if_missing=False)
-        name = v.UnicodeString(strip=True, min=1, not_empty=False)
+        firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
         lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
         email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
         chained_validators = [v.ValidPasswordsMatch()]
     return _UserForm
 def UsersGroupForm(edit=False, old_data={}, available_members=[]):
     class _UsersGroupForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         users_group_name = All(
             v.UnicodeString(strip=True, min=1, not_empty=True),
             v.ValidUsersGroup(edit, old_data)
+        )
         users_group_active = v.StringBoolean(if_missing=False)
         if edit:
             users_group_members = v.OneOf(
                 available_members, hideList=False, testValueList=True,
                 if_missing=None, not_empty=False
+            )
     return _UsersGroupForm
 def ReposGroupForm(edit=False, old_data={}, available_groups=[]):
     class _ReposGroupForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                v.SlugifyName())
         group_description = v.UnicodeString(strip=True, min=1,
                                                 not_empty=True)
         group_parent_id = v.OneOf(available_groups, hideList=False,
                                         testValueList=True,
                                         if_missing=None, not_empty=False)
         chained_validators = [v.ValidReposGroup(edit, old_data),
                               v.ValidPerms('group')]
     return _ReposGroupForm
 def RegisterForm(edit=False, old_data={}):
     class _RegisterForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(
             v.ValidUsername(edit, old_data),
             v.UnicodeString(strip=True, min=1, not_empty=True)
+        )
         password = All(
             v.ValidPassword(),
             v.UnicodeString(strip=False, min=6, not_empty=True)
+        )
         password_confirmation = All(
             v.ValidPassword(),
             v.UnicodeString(strip=False, min=6, not_empty=True)
+        )
         active = v.StringBoolean(if_missing=False)
         name = v.UnicodeString(strip=True, min=1, not_empty=False)
         lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
         email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
         chained_validators = [v.ValidPasswordsMatch()]
     return _RegisterForm
 def PasswordResetForm():
     class _PasswordResetForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         email = All(v.ValidSystemEmail(), v.Email(not_empty=True))
     return _PasswordResetForm
 def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
              repo_groups=[], landing_revs=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_type = v.OneOf(supported_backends)
         description = v.UnicodeString(strip=True, min=1, not_empty=False)
         private = v.StringBoolean(if_missing=False)
         enable_statistics = v.StringBoolean(if_missing=False)
         enable_downloads = v.StringBoolean(if_missing=False)
         landing_rev = v.OneOf(landing_revs, hideList=True)
         if edit:
             #this is repo owner
             user = All(v.UnicodeString(not_empty=True), v.ValidRepoUser())
         chained_validators = [v.ValidCloneUri(),
                               v.ValidRepoName(edit, old_data),
                               v.ValidPerms()]
     return _RepoForm
 def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                  repo_groups=[], landing_revs=[]):
     class _RepoForkForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         private = v.StringBoolean(if_missing=False)
         copy_permissions = v.StringBoolean(if_missing=False)
         update_after_clone = v.StringBoolean(if_missing=False)
         fork_parent_id = v.UnicodeString()
         chained_validators = [v.ValidForkName(edit, old_data)]
         landing_rev = v.OneOf(landing_revs, hideList=True)
     return _RepoForkForm
 def RepoSettingsForm(edit=False, old_data={},
                      supported_backends=BACKENDS.keys(), repo_groups=[],
                      landing_revs=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         repo_group = v.OneOf(repo_groups, hideList=True)
         private = v.StringBoolean(if_missing=False)
         landing_rev = v.OneOf(landing_revs, hideList=True)
         chained_validators = [v.ValidRepoName(edit, old_data), v.ValidPerms(),
                               v.ValidSettings()]
     return _RepoForm
 def ApplicationSettingsForm():
     class _ApplicationSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         rhodecode_title = v.UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_ga_code = v.UnicodeString(strip=True, min=1, not_empty=False)
     return _ApplicationSettingsForm
 def ApplicationUiSettingsForm():
     class _ApplicationUiSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         web_push_ssl = v.OneOf(['true', 'false'], if_missing='false')
         paths_root_path = All(
             v.ValidPath(),
             v.UnicodeString(strip=True, min=1, not_empty=True)
+        )
         hooks_changegroup_update = v.OneOf(['True', 'False'],
                                            if_missing=False)
         hooks_changegroup_repo_size = v.OneOf(['True', 'False'],
                                               if_missing=False)
         hooks_changegroup_push_logger = v.OneOf(['True', 'False'],
                                                 if_missing=False)
         hooks_preoutgoing_pull_logger = v.OneOf(['True', 'False'],
                                                 if_missing=False)
     return _ApplicationUiSettingsForm
 def DefaultPermissionsForm(perms_choices, register_choices, create_choices):
     class _DefaultPermissionsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         overwrite_default = v.StringBoolean(if_missing=False)
         anonymous = v.OneOf(['True', 'False'], if_missing=False)
         default_perm = v.OneOf(perms_choices)
         default_register = v.OneOf(register_choices)
         default_create = v.OneOf(create_choices)
     return _DefaultPermissionsForm
 def LdapSettingsForm(tls_reqcert_choices, search_scope_choices,
                      tls_kind_choices):

rhodecode/model/user.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.user
     ~~~~~~~~~~~~~~~~~~~~
     users model for RhodeCode
     :created_on: Apr 9, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from pylons import url
 from pylons.i18n.translation import _
 from sqlalchemy.exc import DatabaseError
 from sqlalchemy.orm import joinedload
 from rhodecode.lib.utils2 import safe_unicode, generate_api_key
 from rhodecode.lib.caching_query import FromCache
 from rhodecode.model import BaseModel
 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \
     UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember, \
     Notification, RepoGroup, UserRepoGroupToPerm, UsersGroupRepoGroupToPerm, \
     UserEmailMap
 from rhodecode.lib.exceptions import DefaultUserException, \
     UserOwnsReposException
 log = logging.getLogger(__name__)
 PERM_WEIGHTS = {
     'repository.none': 0,
     'repository.read': 1,
     'repository.write': 3,
     'repository.admin': 4,
     'group.none': 0,
     'group.read': 1,
     'group.write': 3,
     'group.admin': 4,
+}
 class UserModel(BaseModel):
     cls = User
     def get(self, user_id, cache=False):
         user = self.sa.query(User)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % user_id))
         return user.get(user_id)
     def get_user(self, user):
         return self._get_user(user)
     def get_by_username(self, username, cache=False, case_insensitive=False):
         if case_insensitive:
             user = self.sa.query(User).filter(User.username.ilike(username))
         else:
             user = self.sa.query(User)\
                 .filter(User.username == username)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % username))
         return user.scalar()
     def get_by_email(self, email, cache=False, case_insensitive=False):
         return User.get_by_email(email, case_insensitive, cache)
     def get_by_api_key(self, api_key, cache=False):
         return User.get_by_api_key(api_key, cache)
     def create(self, form_data):
         from rhodecode.lib.auth import get_crypt_password
         try:
             new_user = User()
             for k, v in form_data.items():
                 if k == 'password':
                     v = get_crypt_password(v)
                 if k == 'firstname':
                     k = 'name'
                 setattr(new_user, k, v)
             new_user.api_key = generate_api_key(form_data['username'])
             self.sa.add(new_user)
             return new_user
         except:
             log.error(traceback.format_exc())
             raise
     def create_or_update(self, username, password, email, firstname='',
                          lastname='', active=True, admin=False, ldap_dn=None):
         """
         Creates a new instance if not found, or updates current one
         :param username:
         :param password:
         :param email:
         :param active:
         :param firstname:
         :param lastname:
         :param active:
         :param admin:
         :param ldap_dn:
         """
         from rhodecode.lib.auth import get_crypt_password
         log.debug('Checking for %s account in RhodeCode database' % username)
         user = User.get_by_username(username, case_insensitive=True)
         if user is None:
             log.debug('creating new user %s' % username)
             new_user = User()
             edit = False
         else:
             log.debug('updating user %s' % username)
             new_user = user
             edit = True
         try:
             new_user.username = username
             new_user.admin = admin
             # set password only if creating an user or password is changed
             if edit is False or user.password != password:
                 new_user.password = get_crypt_password(password)
                 new_user.api_key = generate_api_key(username)
             new_user.email = email
             new_user.active = active
             new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None
             new_user.name = firstname
             new_user.lastname = lastname
             self.sa.add(new_user)
             return new_user
         except (DatabaseError,):
             log.error(traceback.format_exc())
             raise
     def create_for_container_auth(self, username, attrs):
         """
         Creates the given user if it's not already in the database
         :param username:
         :param attrs:
         """
         if self.get_by_username(username, case_insensitive=True) is None:
             # autogenerate email for container account without one
             generate_email = lambda usr: '%s@container_auth.account' % usr
             try:
                 new_user = User()
                 new_user.username = username
                 new_user.password = None
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email']
                 new_user.active = attrs.get('active', True)
                 new_user.name = attrs['name'] or generate_email(username)
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('User %s already exists. Skipping creation of account'
                   ' for container auth.', username)
         return None
     def create_ldap(self, username, password, user_dn, attrs):
         """
         Checks if user is in database, if not creates this user marked
         as ldap user
         :param username:
         :param password:
         :param user_dn:
         :param attrs:
         """
         from rhodecode.lib.auth import get_crypt_password
         log.debug('Checking for such ldap account in RhodeCode database')
         if self.get_by_username(username, case_insensitive=True) is None:
             # autogenerate email for ldap account without one
             generate_email = lambda usr: '%s@ldap.account' % usr
             try:
                 new_user = User()
                 username = username.lower()
                 # add ldap account always lowercase
                 new_user.username = username
                 new_user.password = get_crypt_password(password)
                 new_user.api_key = generate_api_key(username)
                 new_user.email = attrs['email'] or generate_email(username)
                 new_user.active = attrs.get('active', True)
                 new_user.ldap_dn = safe_unicode(user_dn)
                 new_user.name = attrs['name']
                 new_user.lastname = attrs['lastname']
                 self.sa.add(new_user)
                 return new_user
             except (DatabaseError,):
                 log.error(traceback.format_exc())
                 self.sa.rollback()
                 raise
         log.debug('this %s user exists skipping creation of ldap account',
                   username)
         return None
     def create_registration(self, form_data):
         from rhodecode.model.notification import NotificationModel
         try:
             form_data['admin'] = False
             new_user = self.create(form_data)
             self.sa.add(new_user)
             self.sa.flush()
             # notification to admins
             subject = _('new user registration')
             body = ('New user registration\n'
                     '---------------------\n'
                     '- Username: %s\n'
                     '- Full Name: %s\n'
                     '- Email: %s\n')
             body = body % (new_user.username, new_user.full_name,
                            new_user.email)
             edit_url = url('edit_user', id=new_user.user_id, qualified=True)
             kw = {'registered_user_url': edit_url}
             NotificationModel().create(created_by=new_user, subject=subject,
                                        body=body, recipients=None,
                                        type_=Notification.TYPE_REGISTRATION,
                                        email_kwargs=kw)
         except:
             log.error(traceback.format_exc())
             raise
     def update(self, user_id, form_data):
         from rhodecode.lib.auth import get_crypt_password
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                                 _("You can't Edit this user since it's"
                                   " crucial for entire application"))
             for k, v in form_data.items():
-                if k == 'new_password' and v != '':
                 if k == 'new_password' and v:
                     user.password = get_crypt_password(v)
                     user.api_key = generate_api_key(user.username)
                 else:
                     if k == 'firstname':
                         k = 'name'
                     setattr(user, k, v)
             self.sa.add(user)
         except:
             log.error(traceback.format_exc())
             raise
     def update_my_account(self, user_id, form_data):
         from rhodecode.lib.auth import get_crypt_password
         try:
             user = self.get(user_id, cache=False)
             if user.username == 'default':
                 raise DefaultUserException(
                     _("You can't Edit this user since it's"
                       " crucial for entire application")
+                )
             for k, v in form_data.items():
-                if k == 'new_password' and v != '':
                 if k == 'new_password' and v:
                     user.password = get_crypt_password(v)
                     user.api_key = generate_api_key(user.username)
                 else:
                     if k == 'firstname':
                         k = 'name'
                     if k not in ['admin', 'active']:
                         setattr(user, k, v)
             self.sa.add(user)
         except:
             log.error(traceback.format_exc())
             raise
     def delete(self, user):
         user = self._get_user(user)
         try:
             if user.username == 'default':
                 raise DefaultUserException(
                     _(u"You can't remove this user since it's"
                       " crucial for entire application")
+                )
             if user.repositories:
                 repos = [x.repo_name for x in user.repositories]
                 raise UserOwnsReposException(
                     _(u'user "%s" still owns %s repositories and cannot be '
                       'removed. Switch owners or remove those repositories. %s')
                     % (user.username, len(repos), ', '.join(repos))
+                )
             self.sa.delete(user)
         except:
             log.error(traceback.format_exc())
             raise
     def reset_password_link(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.send_password_link, data['email'])
     def reset_password(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.reset_user_password, data['email'])
     def fill_data(self, auth_user, user_id=None, api_key=None):
         """
         Fetches auth_user by user_id,or api_key if present.
         Fills auth_user attributes with those taken from database.
         Additionally set's is_authenitated if lookup fails
         present in database
         :param auth_user: instance of user to set attributes
         :param user_id: user id to fetch by
         :param api_key: api key to fetch by
         """
         if user_id is None and api_key is None:
             raise Exception('You need to pass user_id or api_key')
         try:
             if api_key:
                 dbuser = self.get_by_api_key(api_key)
             else:
                 dbuser = self.get(user_id)
             if dbuser is not None and dbuser.active:
                 log.debug('filling %s data' % dbuser)
                 for k, v in dbuser.get_dict().items():
                     setattr(auth_user, k, v)
             else:
                 return False
         except:
             log.error(traceback.format_exc())
             auth_user.is_authenticated = False
             return False
         return True
     def fill_perms(self, user):
         """
         Fills user permission attribute with permissions taken from database
         works for permissions given for repositories, and for permissions that
         are granted to groups
         :param user: user instance to fill his perms
         """
         RK = 'repositories'
         GK = 'repositories_groups'
         GLOBAL = 'global'
         user.permissions[RK] = {}
         user.permissions[GK] = {}
         user.permissions[GLOBAL] = set()
         #======================================================================
         # fetch default permissions
         #======================================================================
         default_user = User.get_by_username('default', cache=True)
         default_user_id = default_user.user_id
         default_repo_perms = Permission.get_default_perms(default_user_id)
         default_repo_groups_perms = Permission.get_default_group_perms(default_user_id)
         if user.is_admin:
             #==================================================================
             # admin user have all default rights for repositories
             # and groups set to admin
             #==================================================================
             user.permissions[GLOBAL].add('hg.admin')
             # repositories
             for perm in default_repo_perms:
                 r_k = perm.UserRepoToPerm.repository.repo_name
                 p = 'repository.admin'
                 user.permissions[RK][r_k] = p
             # repositories groups
             for perm in default_repo_groups_perms:
                 rg_k = perm.UserRepoGroupToPerm.group.group_name
                 p = 'group.admin'
                 user.permissions[GK][rg_k] = p
             return user
         #==================================================================
         # set default permissions first for repositories and groups
         #==================================================================
         uid = user.user_id
         # default global permissions
         default_global_perms = self.sa.query(UserToPerm)\
             .filter(UserToPerm.user_id == default_user_id)
         for perm in default_global_perms:
             user.permissions[GLOBAL].add(perm.permission.permission_name)
         # defaults for repositories, taken from default user
         for perm in default_repo_perms:
             r_k = perm.UserRepoToPerm.repository.repo_name
             if perm.Repository.private and not (perm.Repository.user_id == uid):
                 # disable defaults for private repos,
                 p = 'repository.none'
             elif perm.Repository.user_id == uid:
                 # set admin if owner
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions[RK][r_k] = p
         # defaults for repositories groups taken from default user permission
         # on given group
         for perm in default_repo_groups_perms:
             rg_k = perm.UserRepoGroupToPerm.group.group_name
             p = perm.Permission.permission_name
             user.permissions[GK][rg_k] = p
         #==================================================================
         # overwrite defaults with user permissions if any found
         #==================================================================
         # user global permissions
         user_perms = self.sa.query(UserToPerm)\
                 .options(joinedload(UserToPerm.permission))\
                 .filter(UserToPerm.user_id == uid).all()
         for perm in user_perms:
             user.permissions[GLOBAL].add(perm.permission.permission_name)
         # user explicit permissions for repositories
         user_repo_perms = \
          self.sa.query(UserRepoToPerm, Permission, Repository)\
          .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
          .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
          .filter(UserRepoToPerm.user_id == uid)\
          .all()
         for perm in user_repo_perms:
             # set admin if owner
             r_k = perm.UserRepoToPerm.repository.repo_name
             if perm.Repository.user_id == uid:
                 p = 'repository.admin'
             else:
                 p = perm.Permission.permission_name
             user.permissions[RK][r_k] = p
         # USER GROUP
         #==================================================================
         # check if user is part of user groups for this repository and
         # fill in (or replace with higher) permissions
         #==================================================================
         # users group global
         user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\
             .options(joinedload(UsersGroupToPerm.permission))\
             .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==
                    UsersGroupMember.users_group_id))\
             .filter(UsersGroupMember.user_id == uid).all()
         for perm in user_perms_from_users_groups:
             user.permissions[GLOBAL].add(perm.permission.permission_name)

rhodecode/templates/admin/users/user_edit.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 <%inherit file="/base/base.html"/>
 <%def name="title()">
     ${_('Edit user')} ${c.user.username} - ${c.rhodecode_name}
 </%def>
 <%def name="breadcrumbs_links()">
     ${h.link_to(_('Admin'),h.url('admin_home'))}
     &raquo;
     ${h.link_to(_('Users'),h.url('users'))}
     &raquo;
     ${_('edit')} "${c.user.username}"
 </%def>
 <%def name="page_nav()">
 	${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box box-left">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
     </div>
     <!-- end box / title -->
     ${h.form(url('update_user', id=c.user.user_id),method='put')}
     <div class="form">
         <div class="field">
            <div class="gravatar_box">
                <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(c.user.email)}"/></div>
                 <p>
                 %if c.use_gravatar:
                 <strong>${_('Change your avatar at')} <a href="http://gravatar.com">gravatar.com</a></strong>
                 <br/>${_('Using')} ${c.user.email}
                 %else:
                 <br/>${c.user.email}
                 %endif
            </div>
         </div>
         <div class="field">
             <div class="label">
                 <label>${_('API key')}</label> ${c.user.api_key}
             </div>
         </div>
         <div class="fields">
              <div class="field">
                 <div class="label">
                     <label for="username">${_('Username')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('username',class_='medium')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="ldap_dn">${_('LDAP DN')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('ldap_dn',class_='medium disabled',readonly="readonly")}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="new_password">${_('New password')}:</label>
                 </div>
                 <div class="input">
                     ${h.password('new_password',class_='medium',autocomplete="off")}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="password_confirmation">${_('New password confirmation')}:</label>
                 </div>
                 <div class="input">
                     ${h.password('password_confirmation',class_="medium",autocomplete="off")}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
-                    <label for="name">${_('First Name')}:</label>
+                    <label for="firstname">${_('First Name')}:</label>
                 </div>
                 <div class="input">
-                    ${h.text('name',class_='medium')}
+                    ${h.text('firstname',class_='medium')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="lastname">${_('Last Name')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('lastname',class_='medium')}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="email">${_('Email')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('email',class_='medium')}
                 </div>
              </div>
              <div class="field">
                 <div class="label label-checkbox">
                     <label for="active">${_('Active')}:</label>
                 </div>
                 <div class="checkboxes">
                     ${h.checkbox('active',value=True)}
                 </div>
              </div>
              <div class="field">
                 <div class="label label-checkbox">
                     <label for="admin">${_('Admin')}:</label>
                 </div>
                 <div class="checkboxes">
                     ${h.checkbox('admin',value=True)}
                 </div>
              </div>
             <div class="buttons">
               ${h.submit('save',_('Save'),class_="ui-button")}
               ${h.reset('reset',_('Reset'),class_="ui-button")}
             </div>
     	</div>
     </div>
     ${h.end_form()}
 </div>
 <div class="box box-right">
     <!-- box / title -->
     <div class="title">
         <h5>${_('Permissions')}</h5>
     </div>
     ${h.form(url('user_perm', id=c.user.user_id),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
              <div class="field">
                 <div class="label label-checkbox">
                     <label for="create_repo_perm">${_('Create repositories')}:</label>
                 </div>
                 <div class="checkboxes">
                     ${h.checkbox('create_repo_perm',value=True)}
                 </div>
              </div>
             <div class="buttons">
               ${h.submit('save',_('Save'),class_="ui-button")}
               ${h.reset('reset',_('Reset'),class_="ui-button")}
             </div>
         </div>
     </div>
     ${h.end_form()}
     ## permissions overview
     <div id="perms" class="table">
            %for section in sorted(c.perm_user.permissions.keys()):
               <div class="perms_section_head">${section.replace("_"," ").capitalize()}</div>
               <div id='tbl_list_wrap_${section}' class="yui-skin-sam">
                <table id="tbl_list_${section}">
                 <thead>
                     <tr>
                     <th class="left">${_('Name')}</th>
                     <th class="left">${_('Permission')}</th>
                 </thead>
                 <tbody>
                 %for k in c.perm_user.permissions[section]:
                      <%
                      if section != 'global':
                          section_perm = c.perm_user.permissions[section].get(k)
                          _perm = section_perm.split('.')[-1]
                      else:
                          _perm = section_perm = None
                      %>
                     <tr>
                         <td>
                             %if section == 'repositories':
                                 <a href="${h.url('summary_home',repo_name=k)}">${k}</a>
                             %elif section == 'repositories_groups':
                                 <a href="${h.url('repos_group_home',group_name=k)}">${k}</a>
                             %else:
                                 ${h.get_permission_name(k)}
                             %endif
                         </td>
                         <td>
                             %if section == 'global':
                              ${h.bool2icon(k.split('.')[-1] != 'none')}
                             %else:
                              <span class="perm_tag ${_perm}">${section_perm}</span>
                             %endif
                          </td>
                     </tr>
                 %endfor
                 </tbody>
                </table>
               </div>
            %endfor
     </div>
 </div>
 <div class="box box-left">
     <!-- box / title -->
     <div class="title">
         <h5>${_('Email addresses')}</h5>
     </div>
     <div class="emails_wrap">
       <table class="noborder">
       %for em in c.user_email_map:
         <tr>
             <td><div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(em.user.email,16)}"/> </div></td>
             <td><div class="email">${em.email}</div></td>
             <td>
               ${h.form(url('user_emails_delete', id=c.user.user_id),method='delete')}
                   ${h.hidden('del_email',em.email_id)}
                   ${h.submit('remove_',_('delete'),id="remove_email_%s" % em.email_id,
                   class_="delete_icon action_button", onclick="return  confirm('"+_('Confirm to delete this email: %s') % em.email+"');")}
               ${h.end_form()}
             </td>
         </tr>
       %endfor
       </table>
     </div>
     ${h.form(url('user_emails', id=c.user.user_id),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
              <div class="field">
                 <div class="label">
                     <label for="email">${_('New email address')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('new_email', class_='medium')}
                 </div>
              </div>
             <div class="buttons">
               ${h.submit('save',_('Add'),class_="ui-button")}
               ${h.reset('reset',_('Reset'),class_="ui-button")}
             </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>

rhodecode/templates/admin/users/user_edit_my_account_form.html

➞

Show inline comments

 <div>
     ${h.form(url('admin_settings_my_account_update'),method='put')}
         <div class="form">
              <div class="field">
                 <div class="gravatar_box">
                     <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(c.user.email)}"/></div>
                     <p>
                     %if c.use_gravatar:
                     <strong>${_('Change your avatar at')} <a href="http://gravatar.com">gravatar.com</a></strong>
                     <br/>${_('Using')} ${c.user.email}
                     %else:
                     <br/>${c.user.email}
                     %endif
                     </p>
                 </div>
              </div>
             <div class="field">
                 <div class="label">
                     <label>${_('API key')}</label> ${c.user.api_key}
                 </div>
             </div>
             <div class="fields">
                  <div class="field">
                     <div class="label">
                         <label for="username">${_('Username')}:</label>
                     </div>
                     <div class="input">
                         ${h.text('username',class_="medium")}
                     </div>
                  </div>
                  <div class="field">
                     <div class="label">
                         <label for="new_password">${_('New password')}:</label>
                     </div>
                     <div class="input">
                         ${h.password('new_password',class_="medium",autocomplete="off")}
                     </div>
                  </div>
                  <div class="field">
                     <div class="label">
                         <label for="password_confirmation">${_('New password confirmation')}:</label>
                     </div>
                     <div class="input">
                         ${h.password('password_confirmation',class_="medium",autocomplete="off")}
                     </div>
                  </div>
                  <div class="field">
                     <div class="label">
                         <label for="name">${_('First Name')}:</label>
                     </div>
                     <div class="input">
-                        ${h.text('name',class_="medium")}
+                        ${h.text('firstname',class_="medium")}
                     </div>
                  </div>
                  <div class="field">
                     <div class="label">
                         <label for="lastname">${_('Last Name')}:</label>
                     </div>
                     <div class="input">
                         ${h.text('lastname',class_="medium")}
                     </div>
                  </div>
                  <div class="field">
                     <div class="label">
                         <label for="email">${_('Email')}:</label>
                     </div>
                     <div class="input">
                         ${h.text('email',class_="medium")}
                     </div>
                  </div>
                 <div class="buttons">
                   ${h.submit('save',_('Save'),class_="ui-button")}
                   ${h.reset('reset',_('Reset'),class_="ui-button")}
                 </div>
             </div>
         </div>
     ${h.end_form()}
     </div>

rhodecode/tests/functional/test_admin_settings.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 from rhodecode.lib.auth import get_crypt_password, check_password
 from rhodecode.model.db import User, RhodeCodeSetting
 from rhodecode.tests import *
 from rhodecode.lib import helpers as h
 from rhodecode.model.user import UserModel
 class TestAdminSettingsController(TestController):
     def test_index(self):
         response = self.app.get(url('admin_settings'))
         # Test response...
     def test_index_as_xml(self):
         response = self.app.get(url('formatted_admin_settings', format='xml'))
     def test_create(self):
         response = self.app.post(url('admin_settings'))
     def test_new(self):
         response = self.app.get(url('admin_new_setting'))
     def test_new_as_xml(self):
         response = self.app.get(url('formatted_admin_new_setting', format='xml'))
     def test_update(self):
         response = self.app.put(url('admin_setting', setting_id=1))
     def test_update_browser_fakeout(self):
         response = self.app.post(url('admin_setting', setting_id=1), params=dict(_method='put'))
     def test_delete(self):
         response = self.app.delete(url('admin_setting', setting_id=1))
     def test_delete_browser_fakeout(self):
         response = self.app.post(url('admin_setting', setting_id=1), params=dict(_method='delete'))
     def test_show(self):
         response = self.app.get(url('admin_setting', setting_id=1))
     def test_show_as_xml(self):
         response = self.app.get(url('formatted_admin_setting', setting_id=1, format='xml'))
     def test_edit(self):
         response = self.app.get(url('admin_edit_setting', setting_id=1))
     def test_edit_as_xml(self):
         response = self.app.get(url('formatted_admin_edit_setting',
                                     setting_id=1, format='xml'))
     def test_ga_code_active(self):
         self.log_user()
         old_title = 'RhodeCode'
         old_realm = 'RhodeCode authentication'
         new_ga_code = 'ga-test-123456789'
         response = self.app.post(url('admin_setting', setting_id='global'),
                                      params=dict(
                                                  _method='put',
                                                  rhodecode_title=old_title,
                                                  rhodecode_realm=old_realm,
                                                  rhodecode_ga_code=new_ga_code
                                                  ))
         self.checkSessionFlash(response, 'Updated application settings')
         self.assertEqual(RhodeCodeSetting
                          .get_app_settings()['rhodecode_ga_code'], new_ga_code)
         response = response.follow()
         self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
                         in response.body)
         response.mustcontain("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code)
     def test_ga_code_inactive(self):
         self.log_user()
         old_title = 'RhodeCode'
         old_realm = 'RhodeCode authentication'
         new_ga_code = ''
         response = self.app.post(url('admin_setting', setting_id='global'),
                                      params=dict(
                                                  _method='put',
                                                  rhodecode_title=old_title,
                                                  rhodecode_realm=old_realm,
                                                  rhodecode_ga_code=new_ga_code
                                                  ))
         self.assertTrue('Updated application settings' in
                         response.session['flash'][0][1])
         self.assertEqual(RhodeCodeSetting
                         .get_app_settings()['rhodecode_ga_code'], new_ga_code)
         response = response.follow()
         self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
                         not in response.body)
         self.assertFalse("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
                          in response.body)
     def test_title_change(self):
         self.log_user()
         old_title = 'RhodeCode'
         new_title = old_title + '_changed'
         old_realm = 'RhodeCode authentication'
         for new_title in ['Changed', 'Żółwik', old_title]:
             response = self.app.post(url('admin_setting', setting_id='global'),
                                          params=dict(
                                                      _method='put',
                                                      rhodecode_title=new_title,
                                                      rhodecode_realm=old_realm,
                                                      rhodecode_ga_code=''
                                                      ))
             self.checkSessionFlash(response, 'Updated application settings')
             self.assertEqual(RhodeCodeSetting
                              .get_app_settings()['rhodecode_title'],
                              new_title.decode('utf-8'))
             response = response.follow()
             self.assertTrue("""<h1><a href="/">%s</a></h1>""" % new_title
                         in response.body)
             response.mustcontain("""<h1><a href="/">%s</a></h1>""" % new_title)
     def test_my_account(self):
         self.log_user()
         response = self.app.get(url('admin_settings_my_account'))
         self.assertTrue('value="test_admin' in response.body)
     def test_my_account_update(self):
         self.log_user()
         new_email = 'new@mail.pl'
         new_name = 'NewName'
         new_lastname = 'NewLastname'
         new_password = 'test123'
         response = self.app.post(url('admin_settings_my_account_update'),
                                  params=dict(_method='put',
                                              username='test_admin',
                                              new_password=new_password,
                                              password_confirmation=new_password,
                                              password='',
                                              name=new_name,
                                              lastname=new_lastname,
                                              email=new_email,))
         response.follow()
     @parameterized.expand([('firstname', 'new_username'),
                            ('lastname', 'new_username'),
                            ('admin', True),
                            ('admin', False),
                            ('ldap_dn', 'test'),
                            ('ldap_dn', None),
                            ('active', False),
                            ('active', True),
                            ('email', 'some@email.com'),
                            ])
     def test_my_account_update(self, name, expected):
         uname = 'testme'
         usr = UserModel().create_or_update(username=uname, password='qweqwe',
                                            email='testme@rhodecod.org')
         self.Session().commit()
         params = usr.get_api_data()
         user_id = usr.user_id
         self.log_user(username=uname, password='qweqwe')
         params.update({name: expected})
         params.update({'password_confirmation': ''})
         params.update({'new_password': ''})
         assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change'
         user = self.Session.query(User).filter(User.username == 'test_admin').one()
         assert user.email == new_email, 'incorrect user email after update got %s vs %s' % (user.email, new_email)
         assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name)
         assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname)
         assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password)
         try:
             response = self.app.put(url('admin_settings_my_account_update',
                                         id=user_id), params)
         #bring back the admin settings
         old_email = 'test_admin@mail.com'
         old_name = 'RhodeCode'
         old_lastname = 'Admin'
         old_password = 'test12'
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
                                                             username='test_admin',
                                                             new_password=old_password,
                                                             password_confirmation=old_password,
                                                             password='',
                                                             name=old_name,
                                                             lastname=old_lastname,
                                                             email=old_email,))
         response.follow()
         self.checkSessionFlash(response,
                                'Your account was updated successfully')
         user = self.Session.query(User).filter(User.username == 'test_admin').one()
         assert user.email == old_email, 'incorrect user email after update got %s vs %s' % (user.email, old_email)
             updated_user = User.get_by_username(uname)
             updated_params = updated_user.get_api_data()
             updated_params.update({'password_confirmation': ''})
             updated_params.update({'new_password': ''})
         assert user.email == old_email, 'incorrect user email after update got %s vs %s' % (user.email, old_email)
         assert user.name == old_name, 'updated field mismatch %s vs %s' % (user.name, old_name)
         assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname)
         assert check_password(old_password, user.password) is True, 'password updated field mismatch %s vs %s' % (user.password, old_password)
             params['last_login'] = updated_params['last_login']
             if name == 'email':
                 params['emails'] = [expected]
             if name == 'ldap_dn':
                 #cannot update this via form
                 params['ldap_dn'] = None
             if name == 'active':
                 #my account cannot deactivate account
                 params['active'] = True
             if name == 'admin':
                 #my account cannot make you an admin !
                 params['admin'] = False
             self.assertEqual(params, updated_params)
         finally:
             UserModel().delete('testme')
     def test_my_account_update_err_email_exists(self):
         self.log_user()
         new_email = 'test_regular@mail.com'  # already exisitn email
         response = self.app.post(url('admin_settings_my_account_update'), params=dict(
                                                             _method='put',
         response = self.app.put(url('admin_settings_my_account_update'),
                                 params=dict(
                                                             username='test_admin',
                                                             new_password='test12',
                                                             password_confirmation='test122',
-                                                            name='NewName',
+                                    firstname='NewName',
                                                             lastname='NewLastname',
                                                             email=new_email,))
                                     email=new_email,)
+                                )
-        assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email'
+        response.mustcontain('This e-mail address is already taken')
     def test_my_account_update_err(self):
         self.log_user('test_regular2', 'test12')
         new_email = 'newmail.pl'
         response = self.app.post(url('admin_settings_my_account_update'),
                                  params=dict(
                                             _method='put',
                                             username='test_admin',
                                             new_password='test12',
                                             password_confirmation='test122',
-                                            name='NewName',
+                                            firstname='NewName',
                                             lastname='NewLastname',
                                             email=new_email,)
+                                 )
         response.mustcontain('An email address must contain a single @')
         from rhodecode.model import validators
         msg = validators.ValidUsername(edit=False,
                                     old_data={})._messages['username_exists']
         msg = h.html_escape(msg % {'username': 'test_admin'})
         response.mustcontain(u"%s" % msg)

rhodecode/tests/functional/test_admin_users.py

➞

Show inline comments

 from sqlalchemy.orm.exc import NoResultFound
 from rhodecode.tests import *
 from rhodecode.model.db import User, Permission
 from rhodecode.lib.auth import check_password
 from rhodecode.model.user import UserModel
 from rhodecode.model import validators
 from rhodecode.lib import helpers as h
 class TestAdminUsersController(TestController):
     def test_index(self):
         self.log_user()
         response = self.app.get(url('users'))
         # Test response...
     def test_index_as_xml(self):
         response = self.app.get(url('formatted_users', format='xml'))
     def test_create(self):
         self.log_user()
         username = 'newtestuser'
         password = 'test12'
         password_confirmation = password
         name = 'name'
         lastname = 'lastname'
         email = 'mail@mail.com'
         response = self.app.post(url('users'),
                              {'username': username,
                                'password': password,
                                'password_confirmation': password_confirmation,
-                               'name': name,
+                               'firstname': name,
                                'active': True,
                                'lastname': lastname,
                                'email': email})
         self.checkSessionFlash(response, '''created user %s''' % (username))
         new_user = self.Session.query(User).\
             filter(User.username == username).one()
         self.assertEqual(new_user.username, username)
         self.assertEqual(check_password(password, new_user.password), True)
         self.assertEqual(new_user.name, name)
         self.assertEqual(new_user.lastname, lastname)
         self.assertEqual(new_user.email, email)
         response.follow()
         response = response.follow()
-        self.assertTrue("""edit">newtestuser</a>""" in response.body)
+        response.mustcontain("""edit">newtestuser</a>""")
     def test_create_err(self):
         self.log_user()
         username = 'new_user'
         password = ''
         name = 'name'
         lastname = 'lastname'
         email = 'errmail.com'
         response = self.app.post(url('users'), {'username': username,
                                                'password': password,
                                                'name': name,
                                                'active': False,
                                                'lastname': lastname,
                                                'email': email})
         msg = validators.ValidUsername(False, {})._messages['system_invalid_username']
         msg = h.html_escape(msg % {'username': 'new_user'})
         response.mustcontain("""<span class="error-message">%s</span>""" % msg)
         response.mustcontain("""<span class="error-message">Please enter a value</span>""")
         response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""")
         def get_user():
             self.Session.query(User).filter(User.username == username).one()
         self.assertRaises(NoResultFound, get_user), 'found user in database'
     def test_new(self):
         self.log_user()
         response = self.app.get(url('new_user'))
     def test_new_as_xml(self):
         response = self.app.get(url('formatted_new_user', format='xml'))
     def test_update(self):
         response = self.app.put(url('user', id=1))
     @parameterized.expand([('firstname', 'new_username'),
                            ('lastname', 'new_username'),
                            ('admin', True),
                            ('admin', False),
                            ('ldap_dn', 'test'),
                            ('ldap_dn', None),
                            ('active', False),
                            ('active', True),
                            ('email', 'some@email.com'),
                            ])
     def test_update(self, name, expected):
         self.log_user()
         uname = 'testme'
         usr = UserModel().create_or_update(username=uname, password='qweqwe',
                                            email='testme@rhodecod.org')
         self.Session().commit()
         params = usr.get_api_data()
         params.update({name: expected})
         params.update({'password_confirmation': ''})
         params.update({'new_password': ''})
         if name == 'email':
             params['emails'] = [expected]
         if name == 'ldap_dn':
             #cannot update this via form
             params['ldap_dn'] = None
         try:
             response = self.app.put(url('user', id=usr.user_id), params)
             self.checkSessionFlash(response, '''User updated successfully''')
             updated_user = User.get_by_username(uname)
             updated_params = updated_user.get_api_data()
             updated_params.update({'password_confirmation': ''})
             updated_params.update({'new_password': ''})
             self.assertEqual(params, updated_params)
         finally:
             UserModel().delete('testme')
     def test_update_browser_fakeout(self):
         response = self.app.post(url('user', id=1), params=dict(_method='put'))
     def test_delete(self):
         self.log_user()
         username = 'newtestuserdeleteme'
         password = 'test12'
         name = 'name'
         lastname = 'lastname'
         email = 'todeletemail@mail.com'
         response = self.app.post(url('users'), {'username': username,
                                                'password': password,
                                                'password_confirmation': password,
-                                               'name': name,
+                                               'firstname': name,
                                                'active': True,
                                                'lastname': lastname,
                                                'email': email})
         response = response.follow()
         new_user = self.Session.query(User)\
             .filter(User.username == username).one()
         response = self.app.delete(url('user', id=new_user.user_id))
         self.assertTrue("""successfully deleted user""" in
                         response.session['flash'][0])
     def test_delete_browser_fakeout(self):
         response = self.app.post(url('user', id=1),
                                  params=dict(_method='delete'))
     def test_show(self):
         response = self.app.get(url('user', id=1))
     def test_show_as_xml(self):
         response = self.app.get(url('formatted_user', id=1, format='xml'))
     def test_edit(self):
         self.log_user()
         user = User.get_by_username(TEST_USER_ADMIN_LOGIN)
         response = self.app.get(url('edit_user', id=user.user_id))
     def test_add_perm_create_repo(self):
         self.log_user()
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), False)
         self.assertEqual(UserModel().has_perm(user, perm_create), False)
         response = self.app.post(url('user_perm', id=user.user_id),
                                  params=dict(_method='put',
                                              create_repo_perm=True))
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), False)
         self.assertEqual(UserModel().has_perm(user, perm_create), True)
     def test_revoke_perm_create_repo(self):
         self.log_user()
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR2_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), False)
         self.assertEqual(UserModel().has_perm(user, perm_create), False)
         response = self.app.post(url('user_perm', id=user.user_id),
                                  params=dict(_method='put'))
         perm_none = Permission.get_by_key('hg.create.none')
         perm_create = Permission.get_by_key('hg.create.repository')
         user = User.get_by_username(TEST_USER_REGULAR2_LOGIN)
         #User should have None permission on creation repository
         self.assertEqual(UserModel().has_perm(user, perm_none), True)
         self.assertEqual(UserModel().has_perm(user, perm_create), False)
     def test_edit_as_xml(self):
         response = self.app.get(url('formatted_edit_user', id=1, format='xml'))

0 comments (0 inline, 0 general)