kallithea Changeset - a8f520540ab0

Changeset - a8f520540ab0

Parent rev.

Child rev.

[Not reviewed]

beta

0 20 0

Marcin Kuzminski - 13 years ago 2013-04-10 14:33:04
marcin@python-works.com

New default permissions definition for user group create

20 files changed with 182 insertions and 82 deletions:

rhodecode/config/routing.py

rhodecode/controllers/admin/permissions.py

rhodecode/controllers/admin/repos.py

rhodecode/controllers/forks.py

rhodecode/controllers/login.py

rhodecode/lib/auth.py

rhodecode/lib/db_manage.py

rhodecode/lib/utils.py

rhodecode/model/db.py

rhodecode/model/forms.py

rhodecode/model/permission.py

rhodecode/model/repo.py

rhodecode/model/repos_group.py

rhodecode/model/users_group.py

rhodecode/templates/admin/permissions/permissions.html

rhodecode/templates/admin/users_groups/users_groups.html

rhodecode/templates/base/perms_summary.html

rhodecode/templates/pullrequests/pullrequest_data.html

rhodecode/tests/functional/test_home.py

rhodecode/tests/models/test_permissions.py

0 comments (0 inline, 0 general)

rhodecode/config/routing.py

➞

Show inline comments

@@ @@ -47,48 +47,57 @@ def make_map(config): @@
         return is_valid_repo(repo_name, config['base_path'])
     def check_group(environ, match_dict):
         """
         check for valid repository group for proper 404 handling
         :param environ:
         :param match_dict:
         """
         repos_group_name = match_dict.get('group_name')
         return is_valid_repos_group(repos_group_name, config['base_path'])
     def check_group_skip_path(environ, match_dict):
         """
         check for valid repository group for proper 404 handling, but skips
         verification of existing path
         :param environ:
         :param match_dict:
         """
         repos_group_name = match_dict.get('group_name')
         return is_valid_repos_group(repos_group_name, config['base_path'],
                                     skip_path_check=True)
     def check_user_group(environ, match_dict):
         """
         check for valid user group for proper 404 handling
         :param environ:
         :param match_dict:
         """
         return True
     def check_int(environ, match_dict):
         return match_dict.get('id').isdigit()
     # The ErrorController route (handles 404/500 error pages); it should
     # likely stay at the top, ensuring it can always be resolved
     rmap.connect('/error/{action}', controller='error')
     rmap.connect('/error/{action}/{id}', controller='error')
     #==========================================================================
     # CUSTOM ROUTES HERE
     #==========================================================================
     #MAIN PAGE
     rmap.connect('home', '/', controller='home', action='index')
     rmap.connect('repo_switcher', '/repos', controller='home',
                  action='repo_switcher')
     rmap.connect('branch_tag_switcher', '/branches-tags/{repo_name:.*?}',
                  controller='home', action='branch_tag_switcher')
     rmap.connect('bugtracker',
                  "http://bitbucket.org/marcinkuzminski/rhodecode/issues",
                  _static=True)
     rmap.connect('rst_help',
                  "http://docutils.sourceforge.net/docs/user/rst/quickref.html",
                  _static=True)
@@ @@ -245,49 +254,50 @@ def make_map(config): @@
                   action="delete_email", conditions=dict(method=["DELETE"]))
         m.connect("user_ips", "/users_ips/{id}",
                   action="add_ip", conditions=dict(method=["PUT"]))
         m.connect("user_ips_delete", "/users_ips/{id}",
                   action="delete_ip", conditions=dict(method=["DELETE"]))
     #ADMIN USER GROUPS REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users_groups') as m:
         m.connect("users_groups", "/users_groups",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users_groups", "/users_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users_groups", "/users_groups.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_users_group", "/users_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_users_group", "/users_groups/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_users_group", "/users_groups/{id}",
                   action="update", conditions=dict(method=["PUT"]))
         m.connect("delete_users_group", "/users_groups/{id}",
                   action="delete", conditions=dict(method=["DELETE"]))
         m.connect("edit_users_group", "/users_groups/{id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
                   action="edit", conditions=dict(method=["GET"]),
                   function=check_user_group)
         m.connect("formatted_edit_users_group",
                   "/users_groups/{id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("users_group", "/users_groups/{id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_users_group", "/users_groups/{id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
         #EXTRAS USER ROUTES
         # update
         m.connect("users_group_perm", "/users_groups/{id}/update_global_perm",
                   action="update_perm", conditions=dict(method=["PUT"]))
         #add user group perm member
         m.connect('set_user_group_perm_member', "/users_groups/{id}/grant_perm",
              action="set_user_group_perm_member",
              conditions=dict(method=["POST"]))
         #ajax delete user group perm
         m.connect('delete_user_group_perm_member', "/users_groups/{id}/revoke_perm",
              action="delete_user_group_perm_member",
              conditions=dict(method=["DELETE"]))
     #ADMIN GROUP REST ROUTES

rhodecode/controllers/admin/permissions.py

➞

Show inline comments

@@ @@ -34,160 +34,174 @@ from pylons.i18n.translation import _ @@
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
     AuthUser
 from rhodecode.lib.base import BaseController, render
 from rhodecode.model.forms import DefaultPermissionsForm
 from rhodecode.model.permission import PermissionModel
 from rhodecode.model.db import User, UserIpMap, Permission
 from rhodecode.model.meta import Session
 log = logging.getLogger(__name__)
 class PermissionsController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('permission', 'permissions')
     @LoginRequired()
     @HasPermissionAllDecorator('hg.admin')
     def __before__(self):
         super(PermissionsController, self).__before__()
-        self.repo_perms_choices = [('repository.none', _('None'),),
+        c.repo_perms_choices = [('repository.none', _('None'),),
                                    ('repository.read', _('Read'),),
                                    ('repository.write', _('Write'),),
                                    ('repository.admin', _('Admin'),)]
         self.group_perms_choices = [('group.none', _('None'),),
                                     ('group.read', _('Read'),),
                                     ('group.write', _('Write'),),
                                     ('group.admin', _('Admin'),)]
         self.register_choices = [
         c.group_perms_choices = [('group.none', _('None'),),
                                  ('group.read', _('Read'),),
                                  ('group.write', _('Write'),),
                                  ('group.admin', _('Admin'),)]
         c.user_group_perms_choices = [('usergroup.none', _('None'),),
                                       ('usergroup.read', _('Read'),),
                                       ('usergroup.write', _('Write'),),
                                       ('usergroup.admin', _('Admin'),)]
         c.register_choices = [
             ('hg.register.none',
                 _('Disabled')),
             ('hg.register.manual_activate',
                 _('Allowed with manual account activation')),
             ('hg.register.auto_activate',
                 _('Allowed with automatic account activation')), ]
         self.create_choices = [('hg.create.none', _('Disabled')),
                                ('hg.create.repository', _('Enabled'))]
         c.repo_create_choices = [('hg.create.none', _('Disabled')),
                                  ('hg.create.repository', _('Enabled'))]
         self.fork_choices = [('hg.fork.none', _('Disabled')),
                              ('hg.fork.repository', _('Enabled'))]
         c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')),
                                        ('hg.usergroup.create.true', _('Enabled'))]
         # set the global template variables
         c.repo_perms_choices = self.repo_perms_choices
         c.group_perms_choices = self.group_perms_choices
         c.register_choices = self.register_choices
         c.create_choices = self.create_choices
         c.fork_choices = self.fork_choices
         c.repo_group_create_choices = [('hg.repogroup.create.false', _('Disabled')),
                                        ('hg.repogroup.create.true', _('Enabled'))]
         c.fork_choices = [('hg.fork.none', _('Disabled')),
                           ('hg.fork.repository', _('Enabled'))]
     def index(self, format='html'):
         """GET /permissions: All items in the collection"""
         # url('permissions')
     def create(self):
         """POST /permissions: Create a new item"""
         # url('permissions')
     def new(self, format='html'):
         """GET /permissions/new: Form to create a new item"""
         # url('new_permission')
     def update(self, id):
         """PUT /permissions/id: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('permission', id=ID),
         #           method='put')
         # url('permission', id=ID)
         if id == 'default':
-            c.user = default_user = User.get_by_username('default')
+            c.user = default_user = User.get_default_user()
             c.perm_user = AuthUser(user_id=default_user.user_id)
             c.user_ip_map = UserIpMap.query()\
                             .filter(UserIpMap.user == default_user).all()
             permission_model = PermissionModel()
             _form = DefaultPermissionsForm(
                     [x[0] for x in self.repo_perms_choices],
                     [x[0] for x in self.group_perms_choices],
                     [x[0] for x in self.register_choices],
                     [x[0] for x in self.create_choices],
                     [x[0] for x in self.fork_choices])()
                     [x[0] for x in c.repo_perms_choices],
                     [x[0] for x in c.group_perms_choices],
                     [x[0] for x in c.user_group_perms_choices],
                     [x[0] for x in c.repo_create_choices],
                     [x[0] for x in c.repo_group_create_choices],
                     [x[0] for x in c.user_group_create_choices],
                     [x[0] for x in c.fork_choices],
                     [x[0] for x in c.register_choices])()
             try:
                 form_result = _form.to_python(dict(request.POST))
                 form_result.update({'perm_user_name': id})
-                permission_model.update(form_result)
+                PermissionModel().update(form_result)
                 Session().commit()
                 h.flash(_('Default permissions updated successfully'),
                         category='success')
             except formencode.Invalid, errors:
                 defaults = errors.value
                 return htmlfill.render(
                     render('admin/permissions/permissions.html'),
                     defaults=defaults,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
             except Exception:
                 log.error(traceback.format_exc())
                 h.flash(_('Error occurred during update of permissions'),
                         category='error')
         return redirect(url('edit_permission', id=id))
     def delete(self, id):
         """DELETE /permissions/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('permission', id=ID),
         #           method='delete')
         # url('permission', id=ID)
     def show(self, id, format='html'):
         """GET /permissions/id: Show a specific item"""
         # url('permission', id=ID)
         Permission.get_or_404(-1)
     def edit(self, id, format='html'):
         """GET /permissions/id/edit: Form to edit an existing item"""
         #url('edit_permission', id=ID)
         #this form can only edit default user permissions
         if id == 'default':
             c.user = default_user = User.get_by_username('default')
             defaults = {'anonymous': default_user.active}
             c.perm_user = AuthUser(user_id=default_user.user_id)
             c.user = User.get_default_user()
             defaults = {'anonymous': c.user.active}
             c.perm_user = c.user.AuthUser
             c.user_ip_map = UserIpMap.query()\
                             .filter(UserIpMap.user == default_user).all()
             for p in default_user.user_perms:
                             .filter(UserIpMap.user == c.user).all()
             for p in c.user.user_perms:
                 if p.permission.permission_name.startswith('repository.'):
                     defaults['default_repo_perm'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('group.'):
                     defaults['default_group_perm'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('usergroup.'):
                     defaults['default_user_group_perm'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.create.'):
                     defaults['default_repo_create'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.repogroup.'):
                     defaults['default_repo_group_create'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.usergroup.'):
                     defaults['default_user_group_create'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.register.'):
                     defaults['default_register'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.create.'):
                     defaults['default_create'] = p.permission.permission_name
                 if p.permission.permission_name.startswith('hg.fork.'):
                     defaults['default_fork'] = p.permission.permission_name
             return htmlfill.render(
                 render('admin/permissions/permissions.html'),
                 defaults=defaults,
                 encoding="UTF-8",
                 force_defaults=False
+            )
         else:
             return redirect(url('admin_home'))

rhodecode/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -77,49 +77,49 @@ class ReposController(BaseRepoController @@
         c.users_array = repo_model.get_users_js()
         c.users_groups_array = repo_model.get_users_groups_js()
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         c.landing_revs_choices = choices
     def __load_data(self, repo_name=None):
         """
         Load defaults settings for edit, and update
         :param repo_name:
         """
         self.__load_defaults()
         c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)
         repo = db_repo.scm_instance
         if c.repo_info is None:
             h.not_mapped_error(repo_name)
             return redirect(url('repos'))
         ##override defaults for exact repo info here git/hg etc
         choices, c.landing_revs = ScmModel().get_repo_landing_revs(c.repo_info)
         c.landing_revs_choices = choices
-        c.default_user_id = User.get_by_username('default').user_id
+        c.default_user_id = User.get_default_user().user_id
         c.in_public_journal = UserFollowing.query()\
             .filter(UserFollowing.user_id == c.default_user_id)\
             .filter(UserFollowing.follows_repository == c.repo_info).scalar()
         if c.repo_info.stats:
             # this is on what revision we ended up so we add +1 for count
             last_rev = c.repo_info.stats.stat_on_revision + 1
         else:
             last_rev = 0
         c.stats_revision = last_rev
         c.repo_last_rev = repo.count() if repo.revisions else 0
         if last_rev == 0 or c.repo_last_rev == 0:
             c.stats_percentage = 0
         else:
             c.stats_percentage = '%.2f' % ((float((last_rev)) /
                                             c.repo_last_rev) * 100)
         c.repo_fields = RepositoryField.query()\
             .filter(RepositoryField.repository == db_repo).all()
         defaults = RepoModel()._get_defaults(repo_name)
@@ @@ -445,49 +445,49 @@ class ReposController(BaseRepoController @@
                     action = _('Locked')
                 h.flash(_('Repository has been %s') % action,
                         category='success')
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during unlocking'),
                     category='error')
         return redirect(url('summary_home', repo_name=repo_name))
     @HasRepoPermissionAllDecorator('repository.admin')
     def repo_public_journal(self, repo_name):
         """
         Set's this repository to be visible in public journal,
         in other words assing default user to follow this repo
         :param repo_name:
         """
         cur_token = request.POST.get('auth_token')
         token = get_token()
         if cur_token == token:
             try:
                 repo_id = Repository.get_by_repo_name(repo_name).repo_id
-                user_id = User.get_by_username('default').user_id
+                user_id = User.get_default_user().user_id
                 self.scm_model.toggle_following_repo(repo_id, user_id)
                 h.flash(_('Updated repository visibility in public journal'),
                         category='success')
                 Session().commit()
             except Exception:
                 h.flash(_('An error occurred during setting this'
                           ' repository in public journal'),
                         category='error')
         else:
             h.flash(_('Token mismatch'), category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasRepoPermissionAllDecorator('repository.admin')
     def repo_pull(self, repo_name):
         """
         Runs task to update given repository with remote changes,
         ie. make pull on remote location
         :param repo_name:
         """
         try:
             ScmModel().pull_changes(repo_name, self.rhodecode_user.username)
             h.flash(_('Pulled from remote location'), category='success')

rhodecode/controllers/forks.py

➞

Show inline comments

@@ @@ -56,49 +56,49 @@ class ForksController(BaseRepoController @@
     def __load_defaults(self):
         acl_groups = RepoGroupList(RepoGroup.query().all(),
                                perm_set=['group.write', 'group.admin'])
         c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         c.landing_revs_choices = choices
     def __load_data(self, repo_name=None):
         """
         Load defaults settings for edit, and update
         :param repo_name:
         """
         self.__load_defaults()
         c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)
         repo = db_repo.scm_instance
         if c.repo_info is None:
             h.not_mapped_error(repo_name)
             return redirect(url('repos'))
-        c.default_user_id = User.get_by_username('default').user_id
+        c.default_user_id = User.get_default_user().user_id
         c.in_public_journal = UserFollowing.query()\
             .filter(UserFollowing.user_id == c.default_user_id)\
             .filter(UserFollowing.follows_repository == c.repo_info).scalar()
         if c.repo_info.stats:
             last_rev = c.repo_info.stats.stat_on_revision+1
         else:
             last_rev = 0
         c.stats_revision = last_rev
         c.repo_last_rev = repo.count() if repo.revisions else 0
         if last_rev == 0 or c.repo_last_rev == 0:
             c.stats_percentage = 0
         else:
             c.stats_percentage = '%.2f' % ((float((last_rev)) /
                                             c.repo_last_rev) * 100)
         c.can_update = RhodeCodeUi.get_by_key(RhodeCodeUi.HOOK_UPDATE).ui_active
         defaults = RepoModel()._get_defaults(repo_name)
         # alter the description to indicate a fork
         defaults['description'] = ('fork of repository: %s \n%s'
                                    % (defaults['repo_name'],

rhodecode/controllers/login.py

➞

Show inline comments

@@ @@ -105,49 +105,49 @@ class LoginController(BaseController): @@
                             (parsed.scheme, parsed))
                         c.came_from = url('home')
                     elif server_parsed.netloc != parsed.netloc:
                         log.error('Suspicious NETLOC detected %s for url %s'
                                   'server url is: %s' %
                                   (parsed.netloc, parsed, server_parsed))
                         c.came_from = url('home')
                     raise HTTPFound(location=c.came_from, headers=headers)
                 else:
                     raise HTTPFound(location=url('home'), headers=headers)
             except formencode.Invalid, errors:
                 return htmlfill.render(
                     render('/login.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
         return render('/login.html')
     @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
                                'hg.register.manual_activate')
     def register(self):
-        c.auto_active = 'hg.register.auto_activate' in User.get_by_username('default')\
+        c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\
             .AuthUser.permissions['global']
         if request.POST:
             register_form = RegisterForm()()
             try:
                 form_result = register_form.to_python(dict(request.POST))
                 form_result['active'] = c.auto_active
                 UserModel().create_registration(form_result)
                 h.flash(_('You have successfully registered into RhodeCode'),
                             category='success')
                 Session().commit()
                 return redirect(url('login_home'))
             except formencode.Invalid, errors:
                 return htmlfill.render(
                     render('/register.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8")
         return render('/register.html')
     def password_reset(self):

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -208,79 +208,79 @@ def authenticate(username, password): @@
                   'bind_dn': ldap_settings.get('ldap_dn_user'),
                   'bind_pass': ldap_settings.get('ldap_dn_pass'),
                   'tls_kind': ldap_settings.get('ldap_tls_kind'),
                   'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'),
                   'ldap_filter': ldap_settings.get('ldap_filter'),
                   'search_scope': ldap_settings.get('ldap_search_scope'),
                   'attr_login': ldap_settings.get('ldap_attr_login'),
                   'ldap_version': 3,
+                  }
             log.debug('Checking for ldap authentication')
             try:
                 aldap = AuthLdap(**kwargs)
                 (user_dn, ldap_attrs) = aldap.authenticate_ldap(username,
                                                                 password)
                 log.debug('Got ldap DN response %s' % user_dn)
                 get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\
                                                            .get(k), [''])[0]
                 user_attrs = {
                  'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')),
                  'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')),
                  'email': get_ldap_attr('ldap_attr_email'),
                  'active': 'hg.register.auto_activate' in User\
-                    .get_by_username('default').AuthUser.permissions['global']
+                    .get_default_user().AuthUser.permissions['global']
+                }
                 # don't store LDAP password since we don't need it. Override
                 # with some random generated password
                 _password = PasswordGenerator().gen_password(length=8)
                 # create this user on the fly if it doesn't exist in rhodecode
                 # database
                 if user_model.create_ldap(username, _password, user_dn,
                                           user_attrs):
                     log.info('created new ldap user %s' % username)
                 Session().commit()
                 return True
             except (LdapUsernameError, LdapPasswordError, LdapImportError):
                 pass
             except (Exception,):
                 log.error(traceback.format_exc())
                 pass
     return False
 def login_container_auth(username):
     user = User.get_by_username(username)
     if user is None:
         user_attrs = {
             'name': username,
             'lastname': None,
             'email': None,
             'active': 'hg.register.auto_activate' in User\
-               .get_by_username('default').AuthUser.permissions['global']
+               .get_default_user().AuthUser.permissions['global']
+        }
         user = UserModel().create_for_container_auth(username, user_attrs)
         if not user:
             return None
         log.info('User %s was created by container authentication' % username)
     if not user.active:
         return None
     user.update_lastlogin()
     Session().commit()
     log.debug('User %s is now logged in by container authentication',
               user.username)
     return user
 def get_container_username(environ, config, clean_username=False):
     """
     Get's the container_auth username (or email). It tries to get username
     from REMOTE_USER if container_auth_enabled is enabled, if that fails
     it tries to get username from HTTP_X_FORWARDED_USER if proxypass_auth_enabled
     is enabled. clean_username extracts the username from this data if it's
     having @ in it.

rhodecode/lib/db_manage.py

➞

Show inline comments

@@ @@ -500,49 +500,49 @@ class DbManage(object): @@
             if skip_existing and RhodeCodeSetting.get_by_name(k) != None:
                 log.debug('Skipping option %s' % k)
                 continue
             setting = RhodeCodeSetting(k, v)
             self.sa.add(setting)
     def create_default_options(self, skip_existing=False):
         """Creates default settings"""
         for k, v in [
             ('default_repo_enable_locking',  False),
             ('default_repo_enable_downloads', False),
             ('default_repo_enable_statistics', False),
             ('default_repo_private', False),
             ('default_repo_type', 'hg')]:
             if skip_existing and RhodeCodeSetting.get_by_name(k) != None:
                 log.debug('Skipping option %s' % k)
                 continue
             setting = RhodeCodeSetting(k, v)
             self.sa.add(setting)
     def fixup_groups(self):
-        def_usr = User.get_by_username('default')
+        def_usr = User.get_default_user()
         for g in RepoGroup.query().all():
             g.group_name = g.get_new_name(g.name)
             self.sa.add(g)
             # get default perm
             default = UserRepoGroupToPerm.query()\
                 .filter(UserRepoGroupToPerm.group == g)\
                 .filter(UserRepoGroupToPerm.user == def_usr)\
                 .scalar()
             if default is None:
                 log.debug('missing default permission for group %s adding' % g)
                 perm_obj = ReposGroupModel()._create_default_perms(g)
                 self.sa.add(perm_obj)
     def reset_permissions(self, username):
         """
         Resets permissions to default state, usefull when old systems had
         bad permissions, we must clean them up
         :param username:
         :type username:
         """
         default_user = User.get_by_username(username)
         if not default_user:
@@ @@ -667,49 +667,44 @@ class DbManage(object): @@
         self.create_default_options()
         log.info('created ui config')
     def create_user(self, username, password, email='', admin=False):
         log.info('creating user %s' % username)
         UserModel().create_or_update(username, password, email,
                                      firstname='RhodeCode', lastname='Admin',
                                      active=True, admin=admin)
     def create_default_user(self):
         log.info('creating default user')
         # create default user for handling default permissions.
         UserModel().create_or_update(username='default',
                               password=str(uuid.uuid1())[:8],
                               email='anonymous@rhodecode.org',
                               firstname='Anonymous', lastname='User')
     def create_permissions(self):
         """
         Creates all permissions defined in the system
         """
         # module.(access|create|change|delete)_[name]
         # module.(none|read|write|admin)
         for p in Permission.PERMS:
             if not Permission.get_by_key(p[0]):
                 new_perm = Permission()
                 new_perm.permission_name = p[0]
                 new_perm.permission_longname = p[0]
                 self.sa.add(new_perm)
         log.info('creating permissions')
         PermissionModel(self.sa).create_permissions()
     def populate_default_permissions(self):
         """
         Populate default permissions. It will create only the default
         permissions that are missing, and not alter already defined ones
         """
         log.info('creating default user permissions')
         PermissionModel(self.sa).create_default_permissions(user=User.DEFAULT_USER)
     @staticmethod
     def check_waitress():
         """
         Function executed at the end of setup
         """
         if not __py_version__ >= (2, 6):
             notify('Python2.5 detected, please switch '
                    'egg:waitress#main -> egg:Paste#http '
                    'in your .ini file')

rhodecode/lib/utils.py

➞

Show inline comments

@@ @@ -37,109 +37,119 @@ import warnings @@
 from os.path import abspath
 from os.path import dirname as dn, join as jn
 from paste.script.command import Command, BadCommand
 from mercurial import ui, config
 from webhelpers.text import collapse, remove_formatting, strip_tags
 from rhodecode.lib.vcs import get_backend
 from rhodecode.lib.vcs.backends.base import BaseChangeset
 from rhodecode.lib.vcs.utils.lazy import LazyProperty
 from rhodecode.lib.vcs.utils.helpers import get_scm
 from rhodecode.lib.vcs.exceptions import VCSError
 from rhodecode.lib.caching_query import FromCache
 from rhodecode.model import meta
 from rhodecode.model.db import Repository, User, RhodeCodeUi, \
     UserLog, RepoGroup, RhodeCodeSetting, CacheInvalidation, UserGroup
 from rhodecode.model.meta import Session
 from rhodecode.model.repos_group import ReposGroupModel
 from rhodecode.lib.utils2 import safe_str, safe_unicode
 from rhodecode.lib.vcs.utils.fakemod import create_module
 from rhodecode.model.users_group import UserGroupModel
 log = logging.getLogger(__name__)
 REMOVED_REPO_PAT = re.compile(r'rm__\d{8}_\d{6}_\d{6}__.*')
 def recursive_replace(str_, replace=' '):
     """
     Recursive replace of given sign to just one instance
     :param str_: given string
     :param replace: char to find and replace multiple instances
     Examples::
     >>> recursive_replace("Mighty---Mighty-Bo--sstones",'-')
     'Mighty-Mighty-Bo-sstones'
     """
     if str_.find(replace * 2) == -1:
         return str_
     else:
         str_ = str_.replace(replace * 2, replace)
         return recursive_replace(str_, replace)
 def repo_name_slug(value):
     """
     Return slug of name of repository
     This function is called on each creation/modification
     of repository to prevent bad names in repo
     """
     slug = remove_formatting(value)
     slug = strip_tags(slug)
     for c in """`?=[]\;'"<>,/~!@#$%^&*()+{}|: """:
         slug = slug.replace(c, '-')
     slug = recursive_replace(slug, '-')
     slug = collapse(slug, '-')
     return slug
 #==============================================================================
 # PERM DECORATOR HELPERS FOR EXTRACTING NAMES FOR PERM CHECKS
 #==============================================================================
 def get_repo_slug(request):
     _repo = request.environ['pylons.routes_dict'].get('repo_name')
     if _repo:
         _repo = _repo.rstrip('/')
     return _repo
 def get_repos_group_slug(request):
     _group = request.environ['pylons.routes_dict'].get('group_name')
     if _group:
         _group = _group.rstrip('/')
     return _group
 def get_user_group_slug(request):
     _group = request.environ['pylons.routes_dict'].get('id')
     _group = UserGroup.get(_group)
     if _group:
         _group = _group.users_group_name
     try:
         _group = UserGroup.get(_group)
         if _group:
             _group = _group.users_group_name
     except Exception:
         log.debug(traceback.format_exc())
         #catch all failures here
         pass
     return _group
 def action_logger(user, action, repo, ipaddr='', sa=None, commit=False):
     """
     Action logger for various actions made by users
     :param user: user that made this action, can be a unique username string or
         object containing user_id attribute
     :param action: action to log, should be on of predefined unique actions for
         easy translations
     :param repo: string name of repository or object containing repo_id,
         that action was made on
     :param ipaddr: optional ip address from what the action was made
     :param sa: optional sqlalchemy session
     """
     if not sa:
         sa = meta.Session()
     try:
         if hasattr(user, 'user_id'):
             user_obj = User.get(user.user_id)

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -616,48 +616,49 @@ class UserLog(Base, BaseModel): @@
     @property
     def action_as_day(self):
         return datetime.date(*self.action_date.timetuple()[:3])
     user = relationship('User')
     repository = relationship('Repository', cascade='')
 class UserGroup(Base, BaseModel):
     __tablename__ = 'users_groups'
     __table_args__ = (
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'},
+    )
     users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     users_group_name = Column("users_group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
     inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
     members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
     users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
     users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
     users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
     user_user_group_to_perm = relationship('UserUserGroupToPerm ', cascade='all')
     user = relationship('User')
     def __unicode__(self):
         return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                       self.users_group_id,
                                       self.users_group_name)
     @classmethod
     def get_by_group_name(cls, group_name, cache=False,
                           case_insensitive=False):
         if case_insensitive:
             q = cls.query().filter(cls.users_group_name.ilike(group_name))
         else:
             q = cls.query().filter(cls.users_group_name == group_name)
         if cache:
             q = q.options(FromCache(
                             "sql_cache_short",
                             "get_user_%s" % _hash_key(group_name)
+                          )
+            )
         return q.scalar()
     @classmethod
@@ @@ -1405,88 +1406,101 @@ class Permission(Base, BaseModel): @@
     __tablename__ = 'permissions'
     __table_args__ = (
         Index('p_perm_name_idx', 'permission_name'),
         {'extend_existing': True, 'mysql_engine': 'InnoDB',
          'mysql_charset': 'utf8'},
+    )
     PERMS = [
         ('hg.admin', _('RhodeCode Administrator')),
         ('repository.none', _('Repository no access')),
         ('repository.read', _('Repository read access')),
         ('repository.write', _('Repository write access')),
         ('repository.admin', _('Repository admin access')),
         ('group.none', _('Repository group no access')),
         ('group.read', _('Repository group read access')),
         ('group.write', _('Repository group write access')),
         ('group.admin', _('Repository group admin access')),
         ('usergroup.none', _('User group no access')),
         ('usergroup.read', _('User group read access')),
         ('usergroup.write', _('User group write access')),
         ('usergroup.admin', _('User group admin access')),
         ('hg.repogroup.create.false', _('Repository Group creation disabled')),
         ('hg.repogroup.create.true', _('Repository Group creation enabled')),
         ('hg.usergroup.create.false', _('User Group creation disabled')),
         ('hg.usergroup.create.true', _('User Group creation enabled')),
         ('hg.create.none', _('Repository creation disabled')),
         ('hg.create.repository', _('Repository creation enabled')),
         ('hg.fork.none', _('Repository forking disabled')),
         ('hg.fork.repository', _('Repository forking enabled')),
         ('hg.register.none', _('Register disabled')),
         ('hg.register.manual_activate', _('Register new user with RhodeCode '
                                           'with manual activation')),
         ('hg.register.auto_activate', _('Register new user with RhodeCode '
                                         'with auto activation')),
+    ]
     #definition of system default permissions for DEFAULT user
     DEFAULT_USER_PERMISSIONS = [
         'repository.read',
         'group.read',
         'usergroup.read',
         'hg.create.repository',
         'hg.fork.repository',
         'hg.register.manual_activate',
+    ]
     # defines which permissions are more important higher the more important
     # Weight defines which permissions are more important.
     # The higher number the more important.
     PERM_WEIGHTS = {
         'repository.none': 0,
         'repository.read': 1,
         'repository.write': 3,
         'repository.admin': 4,
         'group.none': 0,
         'group.read': 1,
         'group.write': 3,
         'group.admin': 4,
         'usergroup.none': 0,
         'usergroup.read': 1,
         'usergroup.write': 3,
         'usergroup.admin': 4,
         'hg.repogroup.create.false': 0,
         'hg.repogroup.create.true': 1,
         'hg.usergroup.create.false': 0,
         'hg.usergroup.create.true': 1,
         'hg.fork.none': 0,
         'hg.fork.repository': 1,
         'hg.create.none': 0,
         'hg.create.repository': 1
+    }
     permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     permission_name = Column("permission_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     permission_longname = Column("permission_longname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     def __unicode__(self):
         return u"<%s('%s:%s')>" % (
             self.__class__.__name__, self.permission_id, self.permission_name
+        )
     @classmethod
     def get_by_key(cls, key):
         return cls.query().filter(cls.permission_name == key).scalar()
     @classmethod
     def get_default_perms(cls, default_user_id):
         q = Session().query(UserRepoToPerm, Repository, cls)\
          .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -290,61 +290,67 @@ def ApplicationVisualisationForm(): @@
 def ApplicationUiSettingsForm():
     class _ApplicationUiSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         web_push_ssl = v.StringBoolean(if_missing=False)
         paths_root_path = All(
             v.ValidPath(),
             v.UnicodeString(strip=True, min=1, not_empty=True)
+        )
         hooks_changegroup_update = v.StringBoolean(if_missing=False)
         hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
         hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
         hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
         extensions_largefiles = v.StringBoolean(if_missing=False)
         extensions_hgsubversion = v.StringBoolean(if_missing=False)
         extensions_hggit = v.StringBoolean(if_missing=False)
     return _ApplicationUiSettingsForm
 def DefaultPermissionsForm(repo_perms_choices, group_perms_choices,
                            register_choices, create_choices, fork_choices):
                            user_group_perms_choices, create_choices,
                            repo_group_create_choices, user_group_create_choices,
                            fork_choices, register_choices):
     class _DefaultPermissionsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         overwrite_default_repo = v.StringBoolean(if_missing=False)
         overwrite_default_group = v.StringBoolean(if_missing=False)
         anonymous = v.StringBoolean(if_missing=False)
         default_repo_perm = v.OneOf(repo_perms_choices)
         default_group_perm = v.OneOf(group_perms_choices)
         default_register = v.OneOf(register_choices)
         default_create = v.OneOf(create_choices)
         default_user_group_perm = v.OneOf(user_group_perms_choices)
         default_repo_create = v.OneOf(create_choices)
         default_user_group_create = v.OneOf(user_group_create_choices)
         #default_repo_group_create = v.OneOf(repo_group_create_choices) #not impl. yet
         default_fork = v.OneOf(fork_choices)
         default_register = v.OneOf(register_choices)
     return _DefaultPermissionsForm
 def DefaultsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys()):
     class _DefaultsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         default_repo_type = v.OneOf(supported_backends)
         default_repo_private = v.StringBoolean(if_missing=False)
         default_repo_enable_statistics = v.StringBoolean(if_missing=False)
         default_repo_enable_downloads = v.StringBoolean(if_missing=False)
         default_repo_enable_locking = v.StringBoolean(if_missing=False)
     return _DefaultsForm
 def LdapSettingsForm(tls_reqcert_choices, search_scope_choices,
                      tls_kind_choices):
     class _LdapSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         #pre_validators = [LdapLibValidator]
         ldap_active = v.StringBoolean(if_missing=False)
         ldap_host = v.UnicodeString(strip=True,)

rhodecode/model/permission.py

➞

Show inline comments

@@ @@ -22,108 +22,123 @@ @@
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from sqlalchemy.exc import DatabaseError
 from rhodecode.model import BaseModel
 from rhodecode.model.db import User, Permission, UserToPerm, UserRepoToPerm,\
     UserRepoGroupToPerm
 from rhodecode.lib.utils2 import str2bool
 log = logging.getLogger(__name__)
 class PermissionModel(BaseModel):
     """
     Permissions model for RhodeCode
     """
     cls = Permission
     def create_permissions(self):
         """
         Create permissions for whole system
         """
         for p in Permission.PERMS:
             if not Permission.get_by_key(p[0]):
                 new_perm = Permission()
                 new_perm.permission_name = p[0]
                 new_perm.permission_longname = p[0]  #translation err with p[1]
                 self.sa.add(new_perm)
     def create_default_permissions(self, user):
         """
         Creates only missing default permissions for user
         :param user:
         """
         user = self._get_user(user)
         def _make_perm(perm):
             new_perm = UserToPerm()
             new_perm.user = user
             new_perm.permission = Permission.get_by_key(perm)
             return new_perm
         def _get_group(perm_name):
             return '.'.join(perm_name.split('.')[:1])
         perms = UserToPerm.query().filter(UserToPerm.user == user).all()
         defined_perms_groups = map(_get_group,
                                 (x.permission.permission_name for x in perms))
         log.debug('GOT ALREADY DEFINED:%s' % perms)
         DEFAULT_PERMS = Permission.DEFAULT_USER_PERMISSIONS
         # for every default permission that needs to be created, we check if
         # it's group is already defined, if it's not we create default perm
         for perm_name in DEFAULT_PERMS:
             gr = _get_group(perm_name)
             if gr not in defined_perms_groups:
                 log.debug('GR:%s not found, creating permission %s'
                           % (gr, perm_name))
                 new_perm = _make_perm(perm_name)
                 self.sa.add(new_perm)
     def update(self, form_result):
         perm_user = User.get_by_username(username=form_result['perm_user_name'])
         try:
             # stage 1 set anonymous access
             if perm_user.username == 'default':
                 perm_user.active = str2bool(form_result['anonymous'])
                 self.sa.add(perm_user)
             # stage 2 reset defaults and set them from form data
             def _make_new(usr, perm_name):
                 log.debug('Creating new permission:%s' % (perm_name))
                 new = UserToPerm()
                 new.user = usr
                 new.permission = Permission.get_by_key(perm_name)
                 return new
             # clear current entries, to make this function idempotent
             # it will fix even if we define more permissions or permissions
             # are somehow missing
             u2p = self.sa.query(UserToPerm)\
                 .filter(UserToPerm.user == perm_user)\
                 .all()
             for p in u2p:
                 self.sa.delete(p)
             #create fresh set of permissions
             for def_perm_key in ['default_repo_perm', 'default_group_perm',
                                  'default_register', 'default_create',
                                  'default_fork']:
                                  'default_user_group_perm',
                                  'default_repo_create',
                                  #'default_repo_group_create', #not implemented yet
                                  'default_user_group_create',
                                  'default_fork', 'default_register']:
                 p = _make_new(perm_user, form_result[def_perm_key])
                 self.sa.add(p)
             #stage 3 update all default permissions for repos if checked
             if form_result['overwrite_default_repo'] == True:
                 _def_name = form_result['default_repo_perm'].split('repository.')[-1]
                 _def = Permission.get_by_key('repository.' + _def_name)
                 # repos
                 for r2p in self.sa.query(UserRepoToPerm)\
                                .filter(UserRepoToPerm.user == perm_user)\
                                .all():
                     #don't reset PRIVATE repositories
                     if not r2p.repository.private:
                         r2p.permission = _def
                         self.sa.add(r2p)
             if form_result['overwrite_default_group'] == True:
                 _def_name = form_result['default_group_perm'].split('group.')[-1]
                 # groups
                 _def = Permission.get_by_key('group.' + _def_name)
                 for g2p in self.sa.query(UserRepoGroupToPerm)\
                                .filter(UserRepoGroupToPerm.user == perm_user)\
                                .all():

rhodecode/model/repo.py

➞

Show inline comments

@@ @@ -42,49 +42,49 @@ from rhodecode.model.db import Repositor @@
     RhodeCodeSetting, RepositoryField
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import HasRepoPermissionAny
 from rhodecode.lib.exceptions import AttachedForksError
 log = logging.getLogger(__name__)
 class RepoModel(BaseModel):
     cls = Repository
     URL_SEPARATOR = Repository.url_sep()
     def _get_user_group(self, users_group):
         return self._get_instance(UserGroup, users_group,
                                   callback=UserGroup.get_by_group_name)
     def _get_repo_group(self, repos_group):
         return self._get_instance(RepoGroup, repos_group,
                                   callback=RepoGroup.get_by_group_name)
     def _create_default_perms(self, repository, private):
         # create default permission
         default = 'repository.read'
-        def_user = User.get_by_username('default')
+        def_user = User.get_default_user()
         for p in def_user.user_perms:
             if p.permission.permission_name.startswith('repository.'):
                 default = p.permission.permission_name
                 break
         default_perm = 'repository.none' if private else default
         repo_to_perm = UserRepoToPerm()
         repo_to_perm.permission = Permission.get_by_key(default_perm)
         repo_to_perm.repository = repository
         repo_to_perm.user_id = def_user.user_id
         return repo_to_perm
     @LazyProperty
     def repos_path(self):
         """
         Get's the repositories root path from database
         """
         q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()
         return q.ui_value

rhodecode/model/repos_group.py

➞

Show inline comments

@@ @@ -41,49 +41,49 @@ log = logging.getLogger(__name__) @@
 class ReposGroupModel(BaseModel):
     cls = RepoGroup
     def _get_user_group(self, users_group):
         return self._get_instance(UserGroup, users_group,
                                   callback=UserGroup.get_by_group_name)
     def _get_repo_group(self, repos_group):
         return self._get_instance(RepoGroup, repos_group,
                                   callback=RepoGroup.get_by_group_name)
     @LazyProperty
     def repos_path(self):
         """
         Get's the repositories root path from database
         """
         q = RhodeCodeUi.get_by_key('/')
         return q.ui_value
     def _create_default_perms(self, new_group):
         # create default permission
         default_perm = 'group.read'
-        def_user = User.get_by_username('default')
+        def_user = User.get_default_user()
         for p in def_user.user_perms:
             if p.permission.permission_name.startswith('group.'):
                 default_perm = p.permission.permission_name
                 break
         repo_group_to_perm = UserRepoGroupToPerm()
         repo_group_to_perm.permission = Permission.get_by_key(default_perm)
         repo_group_to_perm.group = new_group
         repo_group_to_perm.user_id = def_user.user_id
         return repo_group_to_perm
     def __create_group(self, group_name):
         """
         makes repository group on filesystem
         :param repo_name:
         :param parent_id:
         """
         create_path = os.path.join(self.repos_path, group_name)
         log.debug('creating new group in %s' % create_path)
         if os.path.isdir(create_path):

rhodecode/model/users_group.py

➞

Show inline comments

@@ @@ -25,49 +25,49 @@ @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from rhodecode.model import BaseModel
 from rhodecode.model.db import UserGroupMember, UserGroup,\
     UserGroupRepoToPerm, Permission, UserGroupToPerm, User, UserUserGroupToPerm
 from rhodecode.lib.exceptions import UserGroupsAssignedException
 log = logging.getLogger(__name__)
 class UserGroupModel(BaseModel):
     cls = UserGroup
     def _get_user_group(self, users_group):
         return self._get_instance(UserGroup, users_group,
                                   callback=UserGroup.get_by_group_name)
     def _create_default_perms(self, user_group):
         # create default permission
         default_perm = 'usergroup.read'
-        def_user = User.get_by_username('default')
+        def_user = User.get_default_user()
         for p in def_user.user_perms:
             if p.permission.permission_name.startswith('usergroup.'):
                 default_perm = p.permission.permission_name
                 break
         user_group_to_perm = UserUserGroupToPerm()
         user_group_to_perm.permission = Permission.get_by_key(default_perm)
         user_group_to_perm.user_group = user_group
         user_group_to_perm.user_id = def_user.user_id
         return user_group_to_perm
     def _update_permissions(self, user_group, perms_new=None,
                             perms_updates=None):
         if not perms_new:
             perms_new = []
         if not perms_updates:
             perms_updates = []
         # update permissions
         for member, perm, member_type in perms_updates:
             if member_type == 'user':
                 # this updates existing one
                 self.grant_user_permission(

rhodecode/templates/admin/permissions/permissions.html

➞

Show inline comments

@@ @@ -45,87 +45,110 @@ @@
                     ${h.checkbox('overwrite_default_repo','true')}
                     <label for="overwrite_default_repo">
                     <span class="tooltip"
                     title="${h.tooltip(_('All default permissions on each repository will be reset to chosen permission, note that all custom default permission on repositories will be lost'))}">
                     ${_('Overwrite existing settings')}</span> </label>
                 </div>
             </div>
             <div class="field">
                 <div class="label">
                     <label for="default_group_perm">${_('Repository group')}:</label>
                 </div>
                 <div class="select">
                     ${h.select('default_group_perm','',c.group_perms_choices)}
                     ${h.checkbox('overwrite_default_group','true')}
                     <label for="overwrite_default_group">
                     <span class="tooltip"
                     title="${h.tooltip(_('All default permissions on each repository group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}">
                     ${_('Overwrite existing settings')}</span> </label>
                 </div>
             </div>
             <div class="field">
                 <div class="label">
-                    <label for="default_register">${_('Registration')}:</label>
+                    <label for="default_group_perm">${_('User group')}:</label>
                 </div>
                 <div class="select">
                     ${h.select('default_register','',c.register_choices)}
                     ${h.select('default_user_group_perm','',c.user_group_perms_choices)}
                     ${h.checkbox('overwrite_default_user_group','true')}
                     <label for="overwrite_default_user_group">
                     <span class="tooltip"
                     title="${h.tooltip(_('All default permissions on each user group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}">
                     ${_('Overwrite existing settings')}</span> </label>
                 </div>
             </div>
              <div class="field">
                 <div class="label">
-                    <label for="default_create">${_('Repository creation')}:</label>
+                    <label for="default_repo_create">${_('Repository creation')}:</label>
                 </div>
                 <div class="select">
                     ${h.select('default_create','',c.create_choices)}
                     ${h.select('default_repo_create','',c.repo_create_choices)}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="default_user_group_create">${_('User group creation')}:</label>
                 </div>
                 <div class="select">
                     ${h.select('default_user_group_create','',c.user_group_create_choices)}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="default_fork">${_('Repository forking')}:</label>
                 </div>
                 <div class="select">
                     ${h.select('default_fork','',c.fork_choices)}
                 </div>
              </div>
              <div class="field">
                 <div class="label">
                     <label for="default_register">${_('Registration')}:</label>
                 </div>
                 <div class="select">
                     ${h.select('default_register','',c.register_choices)}
                 </div>
              </div>
             <div class="buttons">
               ${h.submit('save',_('Save'),class_="ui-btn large")}
               ${h.reset('reset',_('Reset'),class_="ui-btn large")}
             </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 <div style="min-height:780px" class="box box-right">
     <!-- box / title -->
     <div class="title">
         <h5>${_('Default User Permissions')}</h5>
     </div>
     ## permissions overview
     <%include file="/base/perms_summary.html"/>
     <%namespace name="p" file="/base/perms_summary.html"/>
     ${p.perms_summary(c.perm_user.permissions)}
 </div>
 <div class="box box-left" style="clear:left">
     <!-- box / title -->
     <div class="title">
         <h5>${_('Allowed IP addresses')}</h5>
     </div>
     <div class="ips_wrap">
       <table class="noborder">
       %if c.user_ip_map:
         %for ip in c.user_ip_map:
           <tr>
               <td><div class="ip">${ip.ip_addr}</div></td>
               <td><div class="ip">${h.ip_range(ip.ip_addr)}</div></td>
               <td>
                 ${h.form(url('user_ips_delete', id=c.user.user_id),method='delete')}
                     ${h.hidden('del_ip',ip.ip_id)}
                     ${h.hidden('default_user', 'True')}
                     ${h.submit('remove_',_('delete'),id="remove_ip_%s" % ip.ip_id,
                     class_="delete_icon action_button", onclick="return confirm('"+_('Confirm to delete this ip: %s') % ip.ip_addr+"');")}
                 ${h.end_form()}
               </td>
           </tr>

rhodecode/templates/admin/users_groups/users_groups.html

➞

Show inline comments

@@ @@ -7,54 +7,59 @@ @@
 <%def name="breadcrumbs_links()">
     ${h.link_to(_('Admin'),h.url('admin_home'))}
     &raquo;
     ${_('User groups')}
 </%def>
 <%def name="page_nav()">
     ${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
         <ul class="links">
           <li>
             <span>${h.link_to(_(u'Add new user group'),h.url('new_users_group'))}</span>
           </li>
         </ul>
     </div>
     <!-- end box / title -->
     <div class="table">
     %if c.users_groups_list:
         <table class="table_disp">
         <tr class="header">
             <th class="left">${_('Group name')}</th>
             <th class="left">${_('Members')}</th>
             <th class="left">${_('Active')}</th>
             <th class="left" colspan="2">${_('Action')}</th>
         </tr>
             %for cnt,u_group in enumerate(c.users_groups_list):
                 <tr class="parity${cnt%2}">
                     <td>${h.link_to(u_group.users_group_name,h.url('edit_users_group', id=u_group.users_group_id))}</td>
                     <td><span class="tooltip" title="${h.tooltip(', '.join(map(h.safe_unicode,[x.user.username for x in u_group.members[:50]])))}">${len(u_group.members)}</span></td>
                     <td>${h.boolicon(u_group.users_group_active)}</td>
                     <td>
                      <a href="${h.url('edit_users_group', id=u_group.users_group_id)}" title="${_('Edit')}">
                        ${h.submit('edit_%s' % u_group.users_group_name,_('edit'),class_="edit_icon action_button")}
                      </a>
                     </td>
                     <td>
                         ${h.form(url('users_group', id=u_group.users_group_id),method='delete')}
                             ${h.submit('remove_',_('delete'),id="remove_group_%s" % u_group.users_group_id,
                             class_="delete_icon action_button",onclick="return  confirm('"+_('Confirm to delete this user group: %s') % u_group.users_group_name+"');")}
                         ${h.end_form()}
                     </td>
                 </tr>
             %endfor
         </table>
     %else:
         ${_('There are no user groups yet')}
     %endif
     </div>
 </div>
 </%def>

rhodecode/templates/base/perms_summary.html

➞

Show inline comments

 ## snippet for displaying permissions overview for users
 <%def name="perms_summary(permissions)">
 <div id="perms" class="table">
      %for section in sorted(permissions.keys()):
         <div class="perms_section_head">${section.replace("_"," ").capitalize()}</div>
         %if not permissions[section]:
             <span class="empty_data">${_('No permissions defined yet')}</span>
         %else:
         <div id='tbl_list_wrap_${section}' class="yui-skin-sam">
          <table id="tbl_list_${section}">
           <thead>
               <tr>
               <th class="left">${_('Name')}</th>
               <th class="left">${_('Permission')}</th>
               <th class="left">${_('Edit Permission')}</th>
           </thead>
           <tbody>
           %if section == 'global':
               <thead>
                   <tr>
                   <th colspan="2" class="left">${_('Permission')}</th>
                   <th class="left">${_('Edit Permission')}</th>
               </thead>
               <tbody>
               %for k in sorted(permissions[section], key=lambda s: s.lower()):
                   <tr>
                       <td>
+                      <td colspan="2">
                           ${h.get_permission_name(k)}
                       </td>
                       <td>
                            ${h.boolicon(k.split('.')[-1] != 'none')}
                       </td>
                       <td>
                            <a href="${h.url('edit_permission', id='default')}">${_('edit')}</a>
                       </td>
                   </tr>
               %endfor
               </tbody>
           %else:
               <thead>
                   <tr>
                   <th class="left">${_('Name')}</th>
                   <th class="left">${_('Permission')}</th>
                   <th class="left">${_('Edit Permission')}</th>
               </thead>
               <tbody>
               %for k, section_perm in sorted(permissions[section].items(), key=lambda s: s[1]+s[0].lower()):
                   <tr>
                       <td>
                           %if section == 'repositories':
                               <a href="${h.url('summary_home',repo_name=k)}">${k}</a>
                           %elif section == 'repositories_groups':
                               <a href="${h.url('repos_group_home',group_name=k)}">${k}</a>
                           %elif section == 'user_groups':
                               ##<a href="${h.url('edit_users_group',id=k)}">${k}</a>
                               ${k}
                           %endif
                       </td>
                       <td>
                            <span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span>
                       </td>
                       <td>
                           %if section == 'repositories':
                               <a href="${h.url('edit_repo',repo_name=k,anchor='permissions_manage')}">${_('edit')}</a>
                           %elif section == 'repositories_groups':
                               <a href="${h.url('edit_repos_group',group_name=k,anchor='permissions_manage')}">${_('edit')}</a>
                           %elif section == 'user_groups':
                               ##<a href="${h.url('edit_users_group',id=k)}">${_('edit')}</a>
                           %endif
                       </td>
                   </tr>
               %endfor
               </tbody>
           %endif
           </tbody>
          </table>
         </div>
         %endif
      %endfor
 </div>
 </%def>

rhodecode/templates/pullrequests/pullrequest_data.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 % for pr in c.pullrequests_pager:
   <div class="pr ${'pr-closed' if pr.is_closed() else ''}">
     <div class="pr-title">
        %if pr.is_closed():
          <div style="float:left;margin: -4px 0px;"><span class="pr-closed-tag">${_('Closed')}</span></div>
        %endif
       <img src="${h.url('/images/icons/flag_status_%s.png' % str(pr.last_review_status))}" />
       <a href="${h.url('pullrequest_show',repo_name=c.repo_name,pull_request_id=pr.pull_request_id)}">
       ${_('Pull request #%s opened by %s on %s') % (pr.pull_request_id, pr.author.full_name, h.fmt_date(pr.created_on))}
       </a>
     </div>
     <h5 style="border:0px;padding-bottom:0px">${_('Title')}: ${pr.title}</h5>
     <div>${pr.description}</div>
   </div>
 % endfor
 <div class="notification-paginator">
   <div class="pagination-wh pagination-left">
   ${c.pullrequests_pager.pager('$link_previous ~2~ $link_next')}
   </div>
 </div>
@@ \ No newline at end of file @@
 </div>

rhodecode/tests/functional/test_home.py

➞

Show inline comments

@@ @@ -12,77 +12,77 @@ fixture = Fixture() @@
 class TestHomeController(TestController):
     def test_index(self):
         self.log_user()
         response = self.app.get(url(controller='home', action='index'))
         #if global permission is set
         response.mustcontain('Add repository')
         response.mustcontain('href="/%s"' % HG_REPO)
         response.mustcontain("""<img class="icon" title="Mercurial repository" """
                         """alt="Mercurial repository" src="/images/icons/hg"""
                         """icon.png"/>""")
         response.mustcontain("""<img class="icon" title="Public repository" """
                         """alt="Public repository" src="/images/icons/lock_"""
                         """open.png"/>""")
         response.mustcontain(
 """<a title="Marcin Kuzminski &amp;lt;marcin@python-works.com&amp;gt;:\n
 merge" class="tooltip" href="/vcs_test_hg/changeset/27cd5cce30c96924232"""
 """dffcd24178a07ffeb5dfc">r173:27cd5cce30c9</a>"""
+)
     def test_repo_summary_with_anonymous_access_disabled(self):
-        anon = User.get_by_username('default')
+        anon = User.get_default_user()
         anon.active = False
         Session().add(anon)
         Session().commit()
         time.sleep(1.5)  # must sleep for cache (1s to expire)
         try:
             response = self.app.get(url(controller='summary',
                                         action='index', repo_name=HG_REPO),
                                         status=302)
             assert 'login' in response.location
         finally:
-            anon = User.get_by_username('default')
+            anon = User.get_default_user()
             anon.active = True
             Session().add(anon)
             Session().commit()
     def test_index_with_anonymous_access_disabled(self):
-        anon = User.get_by_username('default')
+        anon = User.get_default_user()
         anon.active = False
         Session().add(anon)
         Session().commit()
         time.sleep(1.5)  # must sleep for cache (1s to expire)
         try:
             response = self.app.get(url(controller='home', action='index'),
                                     status=302)
             assert 'login' in response.location
         finally:
-            anon = User.get_by_username('default')
+            anon = User.get_default_user()
             anon.active = True
             Session().add(anon)
             Session().commit()
     def _set_l_dash(self, set_to):
         self.app.post(url('admin_setting', setting_id='visual'),
                       params=dict(_method='put',
                                   rhodecode_lightweight_dashboard=set_to,))
     def test_index_with_lightweight_dashboard(self):
         self.log_user()
         self._set_l_dash(True)
         try:
             response = self.app.get(url(controller='home', action='index'))
             response.mustcontain("""var data = {"totalRecords": %s"""
                                  % len(Repository.getAll()))
         finally:
             self._set_l_dash(False)
     def test_index_page_on_groups(self):
         self.log_user()
         gr = fixture.create_group('gr1')
         fixture.create_repo(name='gr1/repo_in_group', repos_group=gr)

rhodecode/tests/models/test_permissions.py

➞

Show inline comments

@@ @@ -13,49 +13,49 @@ from rhodecode.model.users_group import @@
 from rhodecode.lib.auth import AuthUser
 from rhodecode.model.permission import PermissionModel
 fixture = Fixture()
 class TestPermissions(unittest.TestCase):
     def __init__(self, methodName='runTest'):
         super(TestPermissions, self).__init__(methodName=methodName)
     def setUp(self):
         self.u1 = UserModel().create_or_update(
             username=u'u1', password=u'qweqwe',
             email=u'u1@rhodecode.org', firstname=u'u1', lastname=u'u1'
+        )
         self.u2 = UserModel().create_or_update(
             username=u'u2', password=u'qweqwe',
             email=u'u2@rhodecode.org', firstname=u'u2', lastname=u'u2'
+        )
         self.u3 = UserModel().create_or_update(
             username=u'u3', password=u'qweqwe',
             email=u'u3@rhodecode.org', firstname=u'u3', lastname=u'u3'
+        )
-        self.anon = User.get_by_username('default')
+        self.anon = User.get_default_user()
         self.a1 = UserModel().create_or_update(
             username=u'a1', password=u'qweqwe',
             email=u'a1@rhodecode.org', firstname=u'a1', lastname=u'a1', admin=True
+        )
         Session().commit()
     def tearDown(self):
         if hasattr(self, 'test_repo'):
             RepoModel().delete(repo=self.test_repo)
         UserModel().delete(self.u1)
         UserModel().delete(self.u2)
         UserModel().delete(self.u3)
         UserModel().delete(self.a1)
         if hasattr(self, 'g1'):
             ReposGroupModel().delete(self.g1.group_id)
         if hasattr(self, 'g2'):
             ReposGroupModel().delete(self.g2.group_id)
         if hasattr(self, 'ug1'):
             UserGroupModel().delete(self.ug1, force=True)
         Session().commit()

0 comments (0 inline, 0 general)