kallithea Changeset - 802c94bdfc85

Changeset - 802c94bdfc85

Parent rev.

Child rev.

[Not reviewed]

beta

3 11 0

Marcin Kuzminski - 13 years ago 2013-03-28 02:57:05
marcin@python-works.com

#749 and #516 Removed dupliciting of repo settings for rhodecode admins and repo admins
- repo admin now is allowed the same set of operations as the rhodecode admin
- single logic for forms/validations/permissions
- fixes #805 update external repo via webinterface
-

14 files changed with 134 insertions and 531 deletions:

rhodecode/config/routing.py

rhodecode/controllers/admin/repos.py

rhodecode/controllers/admin/settings.py

rhodecode/controllers/settings.py

200

rhodecode/model/forms.py

rhodecode/model/repo.py

rhodecode/model/validators.py

rhodecode/templates/admin/repos/repo_edit.html

rhodecode/templates/base/base.html

rhodecode/templates/data_table/_dt_elements.html

rhodecode/templates/settings/repo_settings.html

138

rhodecode/templates/summary/summary.html

rhodecode/tests/functional/test_admin_repos.py

rhodecode/tests/functional/test_settings.py

0 comments (0 inline, 0 general)

rhodecode/config/routing.py

➞

Show inline comments

@@ @@ -97,36 +97,35 @@ def make_map(config): @@
     #ADMIN REPOSITORY REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/repos') as m:
         m.connect("repos", "/repos",
              action="create", conditions=dict(method=["POST"]))
         m.connect("repos", "/repos",
              action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_repos", "/repos.{format}",
              action="index",
             conditions=dict(method=["GET"]))
         m.connect("new_repo", "/repos/new",
              action="new", conditions=dict(method=["GET"]))
         #TODO: refactor the name
         m.connect("admin_settings_create_repository", "/create_repository",
                   action="create_repository", conditions=dict(method=["GET"]))
         m.connect("formatted_new_repo", "/repos/new.{format}",
              action="new", conditions=dict(method=["GET"]))
         m.connect("/repos/{repo_name:.*?}",
              action="update", conditions=dict(method=["PUT"],
                                               function=check_repo))
         m.connect("/repos/{repo_name:.*?}",
              action="delete", conditions=dict(method=["DELETE"],
                                               function=check_repo))
         # no longer used:
         m.connect("edit_repo_admin", "/repos/{repo_name:.*?}/edit",
              action="edit", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("formatted_edit_repo", "/repos/{repo_name:.*?}.{format}/edit",
              action="edit", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("repo", "/repos/{repo_name:.*?}",
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("formatted_repo", "/repos/{repo_name:.*?}.{format}",
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         #add repo perm member
         m.connect('set_repo_perm_member', "/set_repo_perm_member/{repo_name:.*?}",
              action="set_repo_perm_member",
@@ @@ -153,24 +152,28 @@ def make_map(config): @@
         m.connect('repo_public_journal', "/repos_public_journal/{repo_name:.*?}",
                   action="repo_public_journal", conditions=dict(method=["PUT"],
                                                         function=check_repo))
         m.connect('repo_pull', "/repo_pull/{repo_name:.*?}",
                   action="repo_pull", conditions=dict(method=["PUT"],
                                                       function=check_repo))
         m.connect('repo_as_fork', "/repo_as_fork/{repo_name:.*?}",
                   action="repo_as_fork", conditions=dict(method=["PUT"],
                                                       function=check_repo))
         m.connect('repo_locking', "/repo_locking/{repo_name:.*?}",
                   action="repo_locking", conditions=dict(method=["PUT"],
                                                       function=check_repo))
         m.connect('toggle_locking', "/locking_toggle/{repo_name:.*?}",
                   action="toggle_locking", conditions=dict(method=["GET"],
                                                       function=check_repo))
         #repo fields
         m.connect('create_repo_fields', "/repo_fields/{repo_name:.*?}/new",
                   action="create_repo_field", conditions=dict(method=["PUT"],
                                                       function=check_repo))
         m.connect('delete_repo_fields', "/repo_fields/{repo_name:.*?}/{field_id}",
                   action="delete_repo_field", conditions=dict(method=["DELETE"],
                                                       function=check_repo))
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/repos_groups') as m:
         m.connect("repos_groups", "/repos_groups",
@@ @@ -325,26 +328,24 @@ def make_map(config): @@
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("formatted_admin_edit_setting",
                   "/settings/{setting_id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("admin_setting", "/settings/{setting_id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_admin_setting", "/settings/{setting_id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_account", "/my_account",
                   action="my_account", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_account_update", "/my_account_update",
                   action="my_account_update", conditions=dict(method=["PUT"]))
         m.connect("admin_settings_create_repository", "/create_repository",
                   action="create_repository", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_repos", "/my_account/repos",
                   action="my_account_my_repos", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_pullrequests", "/my_account/pull_requests",
                   action="my_account_my_pullrequests", conditions=dict(method=["GET"]))
     #NOTIFICATION REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/notifications') as m:
         m.connect("notifications", "/notifications",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("notifications", "/notifications",
                   action="index", conditions=dict(method=["GET"]))
@@ @@ -457,25 +458,31 @@ def make_map(config): @@
     rmap.connect('repo_size', '/{repo_name:.*?}/repo_size',
                 controller='summary', action='repo_size',
                 conditions=dict(function=check_repo))
     rmap.connect('repos_group_home', '/{group_name:.*}',
                 controller='admin/repos_groups', action="show_by_name",
                 conditions=dict(function=check_group))
     rmap.connect('changeset_home', '/{repo_name:.*?}/changeset/{revision}',
                 controller='changeset', revision='tip',
                 conditions=dict(function=check_repo))
     rmap.connect("edit_repo", "/{repo_name:.*?}/edit",
     # no longer user, but kept for routes to work
     rmap.connect("_edit_repo", "/{repo_name:.*?}/edit",
                  controller='admin/repos', action="edit",
                  conditions=dict(method=["GET"], function=check_repo)
+                 )
     rmap.connect("edit_repo", "/{repo_name:.*?}/settings",
                  controller='admin/repos', action="edit",
                  conditions=dict(method=["GET"], function=check_repo)
+                 )
     #still working url for backward compat.
     rmap.connect('raw_changeset_home_depraced',
                  '/{repo_name:.*?}/raw-changeset/{revision}',
                  controller='changeset', action='changeset_raw',
                  revision='tip', conditions=dict(function=check_repo))
     ## new URLs
     rmap.connect('changeset_raw_home',
@@ @@ -626,40 +633,24 @@ def make_map(config): @@
                  controller='files', action='add', revision='tip',
                  f_path='', conditions=dict(function=check_repo))
     rmap.connect('files_archive_home', '/{repo_name:.*?}/archive/{fname}',
                 controller='files', action='archivefile',
                 conditions=dict(function=check_repo))
     rmap.connect('files_nodelist_home',
                  '/{repo_name:.*?}/nodelist/{revision}/{f_path:.*}',
                 controller='files', action='nodelist',
                 conditions=dict(function=check_repo))
     rmap.connect('repo_settings_delete', '/{repo_name:.*?}/settings',
                 controller='settings', action="delete",
                 conditions=dict(method=["DELETE"], function=check_repo))
     rmap.connect('repo_settings_update', '/{repo_name:.*?}/settings',
                 controller='settings', action="update",
                 conditions=dict(method=["PUT"], function=check_repo))
     rmap.connect('repo_settings_home', '/{repo_name:.*?}/settings',
                 controller='settings', action='index',
                 conditions=dict(function=check_repo))
     rmap.connect('toggle_locking', "/{repo_name:.*?}/locking_toggle",
                  controller='settings', action="toggle_locking",
                  conditions=dict(method=["GET"], function=check_repo))
     rmap.connect('repo_fork_create_home', '/{repo_name:.*?}/fork',
                 controller='forks', action='fork_create',
                 conditions=dict(function=check_repo, method=["POST"]))
     rmap.connect('repo_fork_home', '/{repo_name:.*?}/fork',
                 controller='forks', action='fork',
                 conditions=dict(function=check_repo))
     rmap.connect('repo_forks_home', '/{repo_name:.*?}/forks',
                  controller='forks', action='forks',
                  conditions=dict(function=check_repo))

rhodecode/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -29,25 +29,25 @@ import formencode @@
 from formencode import htmlfill
 from webob.exc import HTTPInternalServerError, HTTPForbidden
 from pylons import request, session, tmpl_context as c, url
 from pylons.controllers.util import redirect
 from pylons.i18n.translation import _
 from sqlalchemy.exc import IntegrityError
 import rhodecode
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
     HasPermissionAnyDecorator, HasRepoPermissionAllDecorator, NotAnonymous,\
     HasPermissionAny, HasReposGroupPermissionAny
+    HasPermissionAny, HasReposGroupPermissionAny, HasRepoPermissionAnyDecorator
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.lib.utils import invalidate_cache, action_logger, repo_name_slug
 from rhodecode.lib.helpers import get_token
 from rhodecode.model.meta import Session
 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\
     RhodeCodeSetting, RepositoryField
 from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm
 from rhodecode.model.scm import ScmModel, GroupList
 from rhodecode.model.repo import RepoModel
 from rhodecode.lib.compat import json
 from sqlalchemy.sql.expression import func
@@ @@ -193,48 +193,59 @@ class ReposController(BaseRepoController @@
         except Exception:
             log.error(traceback.format_exc())
             msg = _('error occurred during creation of repository %s') \
                     % form_result.get('repo_name')
             h.flash(msg, category='error')
             if c.rhodecode_user.is_admin:
                 return redirect(url('repos'))
             return redirect(url('home'))
         #redirect to our new repo !
         return redirect(url('summary_home', repo_name=new_repo.repo_name))
     @HasPermissionAllDecorator('hg.admin')
     def new(self, format='html'):
         """
         WARNING: this function is depracated see settings.create_repo !!
     @NotAnonymous()
     def create_repository(self):
         """GET /_admin/create_repository: Form to create a new item"""
         new_repo = request.GET.get('repo', '')
         parent_group = request.GET.get('parent_group')
         if not HasPermissionAny('hg.admin', 'hg.create.repository')():
             #you're not super admin nor have global create permissions,
             #but maybe you have at least write permission to a parent group ?
             _gr = RepoGroup.get(parent_group)
             gr_name = _gr.group_name if _gr else None
             if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name):
                 raise HTTPForbidden
         GET /repos/new: Form to create a new item
         """
         acl_groups = GroupList(RepoGroup.query().all(),
                                perm_set=['group.write', 'group.admin'])
         c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         parent_group = request.GET.get('parent_group')
         self.__load_defaults()
         c.new_repo = repo_name_slug(new_repo)
         ## apply the defaults from defaults page
         defaults = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True)
         if parent_group:
             defaults.update({'repo_group': parent_group})
         return htmlfill.render(
             render('admin/repos/repo_add.html'),
             defaults=defaults,
             errors={},
             prefix_error=False,
             encoding="UTF-8"
+        )
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def update(self, repo_name):
         """
         PUT /repos/repo_name: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('repo', repo_name=ID),
         #           method='put')
         # url('repo', repo_name=ID)
         self.__load_defaults()
         repo_model = RepoModel()
         changed_name = repo_name
@@ @@ -264,25 +275,25 @@ class ReposController(BaseRepoController @@
                 render('admin/repos/repo_edit.html'),
                 defaults=defaults,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('Error occurred during update of repository %s') \
                     % repo_name, category='error')
         return redirect(url('edit_repo', repo_name=changed_name))
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def delete(self, repo_name):
         """
         DELETE /repos/repo_name: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('repo', repo_name=ID),
         #           method='delete')
         # url('repo', repo_name=ID)
         repo_model = RepoModel()
         repo = repo_model.get_by_repo_name(repo_name)
@@ @@ -396,79 +407,106 @@ class ReposController(BaseRepoController @@
         try:
             RepoModel().revoke_users_group_permission(
                 repo=repo_name, group_name=request.POST['users_group_id']
+            )
             Session().commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository'
                       ' user groups'),
                     category='error')
             raise HTTPInternalServerError()
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def repo_stats(self, repo_name):
         """
         DELETE an existing repository statistics
         :param repo_name:
         """
         try:
             RepoModel().delete_stats(repo_name)
             Session().commit()
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository stats'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def repo_cache(self, repo_name):
         """
         INVALIDATE existing repository cache
         :param repo_name:
         """
         try:
             ScmModel().mark_for_invalidation(repo_name)
             Session().commit()
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during cache invalidation'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def repo_locking(self, repo_name):
         """
         Unlock repository when it is locked !
         :param repo_name:
         """
         try:
             repo = Repository.get_by_repo_name(repo_name)
             if request.POST.get('set_lock'):
                 Repository.lock(repo, c.rhodecode_user.user_id)
             elif request.POST.get('set_unlock'):
                 Repository.unlock(repo)
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during unlocking'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasPermissionAllDecorator('hg.admin')
     @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
     def toggle_locking(self, repo_name):
         """
         Toggle locking of repository by simple GET call to url
         :param repo_name:
         """
         try:
             repo = Repository.get_by_repo_name(repo_name)
             if repo.enable_locking:
                 if repo.locked[0]:
                     Repository.unlock(repo)
                     action = _('unlocked')
                 else:
                     Repository.lock(repo, c.rhodecode_user.user_id)
                     action = _('locked')
                 h.flash(_('Repository has been %s') % action,
                         category='success')
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during unlocking'),
                     category='error')
         return redirect(url('summary_home', repo_name=repo_name))
     @HasRepoPermissionAllDecorator('repository.admin')
     def repo_public_journal(self, repo_name):
         """
         Set's this repository to be visible in public journal,
         in other words assing default user to follow this repo
         :param repo_name:
         """
         cur_token = request.POST.get('auth_token')
         token = get_token()
         if cur_token == token:
             try:
@@ @@ -478,42 +516,42 @@ class ReposController(BaseRepoController @@
                 h.flash(_('Updated repository visibility in public journal'),
                         category='success')
                 Session().commit()
             except:
                 h.flash(_('An error occurred during setting this'
                           ' repository in public journal'),
                         category='error')
         else:
             h.flash(_('Token mismatch'), category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def repo_pull(self, repo_name):
         """
         Runs task to update given repository with remote changes,
         ie. make pull on remote location
         :param repo_name:
         """
         try:
             ScmModel().pull_changes(repo_name, self.rhodecode_user.username)
             h.flash(_('Pulled from remote location'), category='success')
         except Exception, e:
             h.flash(_('An error occurred during pull from remote location'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def repo_as_fork(self, repo_name):
         """
         Mark given repository as a fork of another
         :param repo_name:
         """
         try:
             fork_id = request.POST.get('id_fork_of')
             repo = ScmModel().mark_as_fork(repo_name, fork_id,
                                     self.rhodecode_user.username)
             fork = repo.fork.repo_name if repo.fork else _('Nothing')
             Session().commit()
@@ @@ -522,25 +560,25 @@ class ReposController(BaseRepoController @@
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during this operation'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasPermissionAllDecorator('hg.admin')
     def show(self, repo_name, format='html'):
         """GET /repos/repo_name: Show a specific item"""
         # url('repo', repo_name=ID)
-    @HasPermissionAllDecorator('hg.admin')
+    @HasRepoPermissionAllDecorator('repository.admin')
     def edit(self, repo_name, format='html'):
         """GET /repos/repo_name/edit: Form to edit an existing item"""
         # url('edit_repo', repo_name=ID)
         defaults = self.__load_data(repo_name)
         return htmlfill.render(
             render('admin/repos/repo_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False
+        )

rhodecode/controllers/admin/settings.py

➞

Show inline comments

@@ @@ -482,58 +482,24 @@ class SettingsController(BaseController) @@
         c.my_pull_requests = _filter(PullRequest.query()\
                                 .filter(PullRequest.user_id ==
                                         self.rhodecode_user.user_id)\
                                 .all())
         c.participate_in_pull_requests = _filter([
                     x.pull_request for x in PullRequestReviewers.query()\
                     .filter(PullRequestReviewers.user_id ==
                             self.rhodecode_user.user_id).all()])
         return render('admin/users/user_edit_my_account_pullrequests.html')
     @NotAnonymous()
     def create_repository(self):
         """GET /_admin/create_repository: Form to create a new item"""
         new_repo = request.GET.get('repo', '')
         parent_group = request.GET.get('parent_group')
         if not HasPermissionAny('hg.admin', 'hg.create.repository')():
             #you're not super admin nor have global create permissions,
             #but maybe you have at least write permission to a parent group ?
             _gr = RepoGroup.get(parent_group)
             gr_name = _gr.group_name if _gr else None
             if not HasReposGroupPermissionAny('group.admin', 'group.write')(group_name=gr_name):
                 raise HTTPForbidden
         acl_groups = GroupList(RepoGroup.query().all(),
                                perm_set=['group.write', 'group.admin'])
         c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         c.new_repo = repo_name_slug(new_repo)
         ## apply the defaults from defaults page
         defaults = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True)
         if parent_group:
             defaults.update({'repo_group': parent_group})
         return htmlfill.render(
             render('admin/repos/repo_add.html'),
             defaults=defaults,
             errors={},
             prefix_error=False,
             encoding="UTF-8"
+        )
     def _get_hg_ui_settings(self):
         ret = RhodeCodeUi.query().all()
         if not ret:
             raise Exception('Could not get application ui settings !')
         settings = {}
         for each in ret:
             k = each.ui_key
             v = each.ui_value
             if k == '/':
                 k = 'root_path'

rhodecode/controllers/settings.py

➞

Show inline comments

deleted file

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -218,45 +218,24 @@ def RepoFieldForm(): @@
         new_field_key = All(v.FieldKey(),
                             v.UnicodeString(strip=True, min=3, not_empty=True))
         new_field_value = v.UnicodeString(not_empty=False, if_missing='')
         new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],
                                  if_missing='str')
         new_field_label = v.UnicodeString(not_empty=False)
         new_field_desc = v.UnicodeString(not_empty=False)
     return _RepoFieldForm
 def RepoSettingsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                      repo_groups=[], landing_revs=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         repo_group = All(v.CanWriteGroup(old_data),
                          v.OneOf(repo_groups, hideList=True))
         repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
         repo_private = v.StringBoolean(if_missing=False)
         repo_landing_rev = v.OneOf(landing_revs, hideList=True)
         clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
         chained_validators = [v.ValidCloneUri(),
                               v.ValidRepoName(edit, old_data),
                               v.ValidPerms(),
                               v.ValidSettings()]
     return _RepoForm
 def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                  repo_groups=[], landing_revs=[]):
     class _RepoForkForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         repo_group = All(v.CanWriteGroup(),
                          v.OneOf(repo_groups, hideList=True))
         repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         private = v.StringBoolean(if_missing=False)

rhodecode/model/repo.py

➞

Show inline comments

@@ @@ -288,25 +288,31 @@ class RepoModel(BaseModel): @@
             for strip, k in [(0, 'repo_type'), (1, 'repo_enable_downloads'),
                       (1, 'repo_description'), (1, 'repo_enable_locking'),
                       (1, 'repo_landing_rev'), (0, 'clone_uri'),
                       (1, 'repo_private'), (1, 'repo_enable_statistics')]:
                 if k in kwargs:
                     val = kwargs[k]
                     if strip:
                         k = remove_prefix(k, 'repo_')
                     setattr(cur_repo, k, val)
             new_name = cur_repo.get_new_name(kwargs['repo_name'])
             cur_repo.repo_name = new_name
             #if private flag is set, reset default permission to NONE
             if kwargs.get('repo_private'):
                 EMPTY_PERM = 'repository.none'
                 RepoModel().grant_user_permission(
                     repo=cur_repo, user='default', perm=EMPTY_PERM
+                )
             #handle extra fields
             for field in filter(lambda k: k.startswith(RepositoryField.PREFIX), kwargs):
                 k = RepositoryField.un_prefix_key(field)
                 ex_field = RepositoryField.get_by_key_name(key=k, repo=cur_repo)
                 if ex_field:
                     ex_field.field_value = kwargs[field]
                     self.sa.add(ex_field)
             self.sa.add(cur_repo)
             if org_repo_name != new_name:
                 # rename repository
                 self.__rename_repo(old=org_repo_name, new=new_name)

rhodecode/model/validators.py

➞

Show inline comments

@@ @@ -7,25 +7,25 @@ import formencode @@
 import logging
 from collections import defaultdict
 from pylons.i18n.translation import _
 from webhelpers.pylonslib.secure_form import authentication_token
 from formencode.validators import (
     UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set,
     NotEmpty, IPAddress, CIDR
+)
 from rhodecode.lib.compat import OrderedSet
 from rhodecode.lib import ipaddr
 from rhodecode.lib.utils import repo_name_slug
 from rhodecode.lib.utils2 import safe_int
+from rhodecode.lib.utils2 import safe_int, str2bool
 from rhodecode.model.db import RepoGroup, Repository, UserGroup, User,\
     ChangesetStatus
 from rhodecode.lib.exceptions import LdapImportError
 from rhodecode.config.routing import ADMIN_PREFIX
 from rhodecode.lib.auth import HasReposGroupPermissionAny, HasPermissionAny
 # silence warnings and pylint
 UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \
     NotEmpty, IPAddress, CIDR
 log = logging.getLogger(__name__)
@@ @@ -582,32 +582,29 @@ def ValidPerms(type_='repo'): @@
                 new_perm = perm_dict.get('perm')
                 new_type = perm_dict.get('type')
                 if new_member and new_perm and new_type:
                     perms_new.add((new_member, new_perm, new_type))
             for k, v in value.iteritems():
                 if k.startswith('u_perm_') or k.startswith('g_perm_'):
                     member = k[7:]
                     t = {'u': 'user',
                          'g': 'users_group'
                     }[k[0]]
                     if member == 'default':
                         if value.get('repo_private'):
+                        if str2bool(value.get('repo_private')):
                             # set none for default when updating to
                             # private repo
+                            # private repo protects agains form manipulation
                             v = EMPTY_PERM
                     perms_update.add((member, v, t))
             #always set NONE when private flag is set
             if value.get('repo_private'):
                 perms_update.add(('default', EMPTY_PERM, 'user'))
             value['perms_updates'] = list(perms_update)
             value['perms_new'] = list(perms_new)
             # update permissions
             for k, v, t in perms_new:
                 try:
                     if t is 'user':
                         self.user_db = User.query()\
                             .filter(User.active == True)\
                             .filter(User.username == k).one()
                     if t is 'users_group':

rhodecode/templates/admin/repos/repo_edit.html

➞

Show inline comments

@@ @@ -156,36 +156,37 @@ ${self.context_bar('options')} @@
 <div class="box box-right">
     <div class="title">
         <h5>${_('Permissions')}</h5>
     </div>
     ${h.form(url('set_repo_perm_member', repo_name=c.repo_info.repo_name),method='post')}
     <div class="form">
        <div class="fields">
             <div class="field">
                 <div class="label">
                     <label for="input">${_('Permissions')}:</label>
                 </div>
                 <div class="input">
                     ${h.hidden('repo_private')}
                     <%include file="repo_edit_perms.html"/>
                 </div>
             </div>
             <div class="buttons">
               ${h.submit('save',_('Save'),class_="ui-btn large")}
               ${h.reset('reset',_('Reset'),class_="ui-btn large")}
-            </div>
             </div>
        </div>
     </div>
-    ${h.end_form()}
     ${h.end_form()}
 </div>
 <div class="box box-right"  style="clear:right">
     <div class="title">
         <h5>${_('Advanced settings')}</h5>
     </div>
     <h3>${_('Statistics')}</h3>
     ${h.form(url('repo_stats', repo_name=c.repo_info.repo_name),method='delete')}
     <div class="form">
        <div class="fields">
            ${h.submit('reset_stats_%s' % c.repo_info.repo_name,_('Reset current statistics'),class_="ui-btn",onclick="return confirm('"+_('Confirm to remove current statistics')+"');")}
            <div class="field" style="border:none;color:#888">

rhodecode/templates/base/base.html

➞

Show inline comments

@@ @@ -107,29 +107,25 @@ @@
         <li ${is_current('changelog')}><a href="${h.url('changelog_home', repo_name=c.repo_name)}" class="changelogs">${_('Changelog')}</a></li>
         <li ${is_current('files')}><a href="${h.url('files_home', repo_name=c.repo_name)}" class="files"></span>${_('Files')}</a></li>
         <li ${is_current('switch-to')}>
           <a href="#" id="branch_tag_switcher_2" class="dropdown switch-to"></span>${_('Switch To')}</a>
           <ul id="switch_to_list_2" class="switch_to submenu">
             <li><a href="#">${_('loading...')}</a></li>
           </ul>
         </li>
         <li ${is_current('options')}>
           <a href="#" class="dropdown options"></span>${_('Options')}</a>
           <ul>
              %if h.HasRepoPermissionAll('repository.admin')(c.repo_name):
                %if h.HasPermissionAll('hg.admin')('access settings on repository'):
                    <li>${h.link_to(_('Settings'),h.url('edit_repo',repo_name=c.repo_name),class_='settings')}</li>
                %else:
                    <li>${h.link_to(_('Settings'),h.url('repo_settings_home',repo_name=c.repo_name),class_='settings')}</li>
                %endif
              %endif
               %if c.rhodecode_db_repo.fork:
                <li>${h.link_to(_('Compare fork'),h.url('compare_url',repo_name=c.rhodecode_db_repo.fork.repo_name,org_ref_type='branch',org_ref='default',other_repo=c.repo_name,other_ref_type='branch',other_ref=request.GET.get('branch') or 'default', merge=1),class_='compare_request')}</li>
               %endif
               <li>${h.link_to(_('Lightweight changelog'),h.url('shortlog_home',repo_name=c.repo_name),class_='shortlog')}</li>
               <li>${h.link_to(_('Search'),h.url('search_repo',repo_name=c.repo_name),class_='search')}</li>
               %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name) and c.rhodecode_db_repo.enable_locking:
                 %if c.rhodecode_db_repo.locked[0]:
                   <li>${h.link_to(_('Unlock'), h.url('toggle_locking',repo_name=c.repo_name),class_='locking_del')}</li>
                 %else:
                   <li>${h.link_to(_('Lock'), h.url('toggle_locking',repo_name=c.repo_name),class_='locking_add')}</li>

rhodecode/templates/data_table/_dt_elements.html

➞

Show inline comments

@@ @@ -104,44 +104,32 @@ @@
   %else:
     <a title="${_('Subscribe to %s atom feed')% name}"  class="atom_icon" href="${h.url('atom_feed_home',repo_name=name)}"></a>
   %endif
 </%def>
 <%def name="user_gravatar(email, size=24)">
     <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(email, size)}"/> </div>
 </%def>
 <%def name="repo_actions(repo_name, super_user=True)">
   <div>
     <div style="float:left">
     %if super_user:
       <a href="${h.url('edit_repo',repo_name=repo_name)}" title="${_('edit')}">
         ${h.submit('edit_%s' % repo_name,_('edit'),class_="edit_icon action_button")}
       </a>
     %else:
       <a href="${h.url('repo_settings_home',repo_name=repo_name)}" title="${_('edit')}">
         ${h.submit('edit_%s' % repo_name,_('edit'),class_="edit_icon action_button")}
       </a>
     %endif
     </div>
     <div style="float:left">
     %if super_user:
       ${h.form(h.url('repo', repo_name=repo_name),method='delete')}
         ${h.submit('remove_%s' % repo_name,_('delete'),class_="delete_icon action_button",onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}
       ${h.end_form()}
     %else:
       ${h.form(h.url('repo_settings_delete', repo_name=repo_name),method='delete')}
         ${h.submit('remove_%s' % repo_name,_('delete'),class_="delete_icon action_button",onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}
       ${h.end_form()}
     %endif
     </div>
   </div>
 </%def>
 <%def name="user_actions(user_id, username)">
   ${h.form(h.url('delete_user', id=user_id),method='delete')}
       ${h.submit('remove_',_('delete'),id="remove_user_%s" % user_id,
       class_="delete_icon action_button",onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}
   ${h.end_form()}
 </%def>
 <%def name="user_name(user_id, username)">

rhodecode/templates/settings/repo_settings.html

➞

Show inline comments

deleted file

rhodecode/templates/summary/summary.html

➞

Show inline comments

@@ @@ -170,29 +170,25 @@ ${self.context_bar('summary')} @@
                 <span style="float:right" id="current_followers_count">${c.repository_followers}</span>
               </a>
             </li>
             <li>
               <a class="forks" title="${_('Forks')}" href="${h.url('repo_forks_home',repo_name=c.repo_name)}">
                 ${_('Forks')}
                 <span style="float:right">${c.repository_forks}</span>
               </a>
             </li>
              %if h.HasRepoPermissionAll('repository.admin')(c.repo_name):
              <li>
               %if h.HasPermissionAll('hg.admin')('access settings on repository'):
                   ${h.link_to(_('Settings'),h.url('edit_repo',repo_name=c.repo_name),class_='settings')}
               %else:
                   ${h.link_to(_('Settings'),h.url('repo_settings_home',repo_name=c.repo_name),class_='settings')}
               %endif
             </li>
             %endif
             <li>
             %if c.rhodecode_user.username != 'default':
               ${h.link_to(_('Feed'),h.url('atom_feed_home',repo_name=c.dbrepo.repo_name,api_key=c.rhodecode_user.api_key),class_='feed')}
             %else:
               ${h.link_to(_('Feed'),h.url('atom_feed_home',repo_name=c.dbrepo.repo_name),class_='feed')}
             %endif
             </li>
             %if c.rhodecode_user.username != 'default':

rhodecode/tests/functional/test_admin_repos.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 import os
 import urllib
 from rhodecode.lib import vcs
 from rhodecode.model.db import Repository, RepoGroup
 from rhodecode.model.db import Repository, RepoGroup, UserRepoToPerm, User,\
     Permission
 from rhodecode.tests import *
 from rhodecode.model.repos_group import ReposGroupModel
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.meta import Session
 def _get_permission_for_user(user, repo):
     perm = UserRepoToPerm.query()\
                 .filter(UserRepoToPerm.repository ==
                         Repository.get_by_repo_name(repo))\
                 .filter(UserRepoToPerm.user == User.get_by_username(user))\
                 .all()
     return perm
 class TestAdminReposController(TestController):
     def __make_repo(self):
         pass
     def test_index(self):
         self.log_user()
         response = self.app.get(url('repos'))
         # Test response...
@@ @@ -191,31 +202,24 @@ class TestAdminReposController(TestContr @@
         #test if repository is visible in the list ?
         response = response.follow()
         response.mustcontain(repo_name)
         #test if repository was created on filesystem
         try:
             vcs.get_repo(os.path.join(TESTS_TMP_PATH, repo_name))
         except:
             self.fail('no repo %s in filesystem' % repo_name)
     def test_new(self):
         self.log_user()
         response = self.app.get(url('new_repo'))
     def test_new_as_xml(self):
         response = self.app.get(url('formatted_new_repo', format='xml'))
     def test_update(self):
         response = self.app.put(url('repo', repo_name=HG_REPO))
     def test_update_browser_fakeout(self):
         response = self.app.post(url('repo', repo_name=HG_REPO),
                                  params=dict(_method='put'))
     def test_delete_hg(self):
         self.log_user()
         repo_name = 'vcs_test_new_to_delete'
         description = 'description for newly created repo'
         response = self.app.post(url('repos'),
@@ @@ -319,12 +323,51 @@ class TestAdminReposController(TestContr @@
     def test_show_hg(self):
         self.log_user()
         response = self.app.get(url('repo', repo_name=HG_REPO))
     def test_show_git(self):
         self.log_user()
         response = self.app.get(url('repo', repo_name=GIT_REPO))
     def test_edit(self):
         response = self.app.get(url('edit_repo', repo_name=HG_REPO))
     def test_set_private_flag_sets_default_to_none(self):
         self.log_user()
         #initially repository perm should be read
         perm = _get_permission_for_user(user='default', repo=HG_REPO)
         self.assertTrue(len(perm), 1)
         self.assertEqual(perm[0].permission.permission_name, 'repository.read')
         self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, False)
         response = self.app.put(url('repo', repo_name=HG_REPO),
                         _get_repo_create_params(repo_private=1,
                                                 repo_name=HG_REPO,
                                                 user=TEST_USER_ADMIN_LOGIN))
         self.checkSessionFlash(response,
                                msg='Repository %s updated successfully' % (HG_REPO))
         self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, True)
         #now the repo default permission should be None
         perm = _get_permission_for_user(user='default', repo=HG_REPO)
         self.assertTrue(len(perm), 1)
         self.assertEqual(perm[0].permission.permission_name, 'repository.none')
         response = self.app.put(url('repo', repo_name=HG_REPO),
                         _get_repo_create_params(repo_private=False,
                                                 repo_name=HG_REPO,
                                                 user=TEST_USER_ADMIN_LOGIN))
         self.checkSessionFlash(response,
                                msg='Repository %s updated successfully' % (HG_REPO))
         self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, False)
         #we turn off private now the repo default permission should stay None
         perm = _get_permission_for_user(user='default', repo=HG_REPO)
         self.assertTrue(len(perm), 1)
         self.assertEqual(perm[0].permission.permission_name, 'repository.none')
         #update this permission back
         perm[0].permission = Permission.get_by_key('repository.read')
         Session().add(perm[0])
         Session().commit()

rhodecode/tests/functional/test_settings.py

➞

Show inline comments

deleted file

0 comments (0 inline, 0 general)