Changeset - bacc854a3853
Parent rev.
Child rev.
[Not reviewed]
default
0 4 0
Søren Løvborg - 9 years ago 2017-03-15 20:39:38
sorenl@unity3d.com
templates: addPermAction JS escaping bugfix (by eliminating expansion bugfix)

In 33b71a130b16, the addPermAction template was incorrectly escaped via
h.jshtml, where it should've been plain h.js.

Instead of merely fixing the escaping, refactor the code to completely
remove the need for escaping anything, by avoiding the template variable
expansion inside the JavaScript.
4 files changed with 21 insertions and 56 deletions:
kallithea/public/js/base.js
15
2
kallithea/templates/admin/repo_groups/repo_group_edit_perms.html
2
18
kallithea/templates/admin/repos/repo_edit_permissions.html
2
18
kallithea/templates/admin/user_groups/user_group_edit_perms.html
2
18
0 comments (0 inline, 0 general)
kallithea/public/js/base.js
Show inline comments
 
@@ -1144,339 +1144,352 @@ var SimpleUserAutoComplete = function ($
 
        var oData = aArgs[2]; // object literal of selected item's result data
 
        myAC.getInputEl().value = oData.nname;
 
    };
 
    userAC.itemSelectEvent.subscribe(itemSelectHandler);
 
}
 

			




	
	
	
		
 
var MembersAutoComplete = function ($inputElement, $container, users_list, groups_list) {

			




	
	
	
		
 

			




	
	
	
		
 
    var matchAll = function (sQuery) {

			




	
	
	
		
 
        var u = autocompleteMatchUsers(sQuery, users_list);

			




	
	
	
		
 
        var g = autocompleteMatchGroups(sQuery, groups_list);

			




	
	
	
		
 
        return u.concat(g);

			




	
	
	
		
 
    };

			




	
	
	
		
 

			




	
	
	
		
 
    var membersAC = autocompleteCreate($inputElement, $container, matchAll);

			




	
	
	
		
 

			




	
	
	
		
 
    // Handler for selection of an entry

			




	
	
	
		
 
    var itemSelectHandler = function (sType, aArgs) {

			




	
	
	
		
 
        var nextId = $inputElement.prop('id').split('perm_new_member_name_')[1];

			




	
	
	
		
 
        var myAC = aArgs[0]; // reference back to the AC instance

			




	
	
	
		
 
        var elLI = aArgs[1]; // reference to the selected LI element

			




	
	
	
		
 
        var oData = aArgs[2]; // object literal of selected item's result data

			




	
	
	
		
 
        //fill the autocomplete with value

			




	
	
	
		
 
        if (oData.nname != undefined) {

			




	
	
	
		
 
            //users

			




	
	
	
		
 
            myAC.getInputEl().value = oData.nname;

			




	
	
	
		
 
            $('#perm_new_member_type_'+nextId).val('user');

			




	
	
	
		
 
        } else {

			




	
	
	
		
 
            //groups

			




	
	
	
		
 
            myAC.getInputEl().value = oData.grname;

			




	
	
	
		
 
            $('#perm_new_member_type_'+nextId).val('users_group');

			




	
	
	
		
 
        }

			




	
	
	
		
 
    };

			




	
	
	
		
 
    membersAC.itemSelectEvent.subscribe(itemSelectHandler);

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
var MentionsAutoComplete = function ($inputElement, $container, users_list) {

			




	
	
	
		
 

			




	
	
	
		
 
    var matchUsers = function (sQuery) {

			




	
	
	
		
 
            var org_sQuery = sQuery;

			




	
	
	
		
 
            if(this.mentionQuery == null){

			




	
	
	
		
 
                return []

			




	
	
	
		
 
            }

			




	
	
	
		
 
            sQuery = this.mentionQuery;

			




	
	
	
		
 
            return autocompleteMatchUsers(sQuery, users_list);

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    var mentionsAC = autocompleteCreate($inputElement, $container, matchUsers);

			




	
	
	
		
 
    mentionsAC.suppressInputUpdate = true;

			




	
	
	
		
 
    // Overwrite formatResult to take into account mentionQuery

			




	
	
	
		
 
    mentionsAC.formatResult = function (oResultData, sQuery, sResultMatch) {

			




	
	
	
		
 
        var org_sQuery = sQuery;

			




	
	
	
		
 
        if (this.dataSource.mentionQuery != null) {

			




	
	
	
		
 
            sQuery = this.dataSource.mentionQuery;

			




	
	
	
		
 
        }

			




	
	
	
		
 
        return autocompleteFormatter(oResultData, sQuery, sResultMatch);

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    // Handler for selection of an entry

			




	
	
	
		
 
    if(mentionsAC.itemSelectEvent){

			




	
	
	
		
 
        mentionsAC.itemSelectEvent.subscribe(function (sType, aArgs) {

			




	
	
	
		
 
            var myAC = aArgs[0]; // reference back to the AC instance

			




	
	
	
		
 
            var elLI = aArgs[1]; // reference to the selected LI element

			




	
	
	
		
 
            var oData = aArgs[2]; // object literal of selected item's result data

			




	
	
	
		
 
            //Replace the mention name with replaced

			




	
	
	
		
 
            var re = new RegExp();

			




	
	
	
		
 
            var org = myAC.getInputEl().value;

			




	
	
	
		
 
            var chunks = myAC.dataSource.chunks

			




	
	
	
		
 
            // replace middle chunk(the search term) with actuall  match

			




	
	
	
		
 
            chunks[1] = chunks[1].replace('@'+myAC.dataSource.mentionQuery,

			




	
	
	
		
 
                                          '@'+oData.nname+' ');

			




	
	
	
		
 
            myAC.getInputEl().value = chunks.join('');

			




	
	
	
		
 
            myAC.getInputEl().focus(); // Y U NO WORK !?

			




	
	
	
		
 
        });

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    // in this keybuffer we will gather current value of search !

			




	
	
	
		
 
    // since we need to get this just when someone does `@` then we do the

			




	
	
	
		
 
    // search

			




	
	
	
		
 
    mentionsAC.dataSource.chunks = [];

			




	
	
	
		
 
    mentionsAC.dataSource.mentionQuery = null;

			




	
	
	
		
 

			




	
	
	
		
 
    mentionsAC.get_mention = function(msg, max_pos) {

			




	
	
	
		
 
        var org = msg;

			




	
	
	
		
 
        // Must match utils2.py MENTIONS_REGEX.

			




	
	
	
		
 
        // Only matching on string up to cursor, so it must end with $

			




	
	
	
		
 
        var re = new RegExp('(?:^|[^a-zA-Z0-9])@([a-zA-Z0-9][-_.a-zA-Z0-9]*[a-zA-Z0-9])$');

			




	
	
	
		
 
        var chunks  = [];

			




	
	
	
		
 

			




	
	
	
		
 
        // cut first chunk until current pos

			




	
	
	
		
 
        var to_max = msg.substr(0, max_pos);

			




	
	
	
		
 
        var at_pos = Math.max(0,to_max.lastIndexOf('@')-1);

			




	
	
	
		
 
        var msg2 = to_max.substr(at_pos);

			




	
	
	
		
 

			




	
	
	
		
 
        chunks.push(org.substr(0,at_pos)); // prefix chunk

			




	
	
	
		
 
        chunks.push(msg2);                 // search chunk

			




	
	
	
		
 
        chunks.push(org.substr(max_pos));  // postfix chunk

			




	
	
	
		
 

			




	
	
	
		
 
        // clean up msg2 for filtering and regex match

			




	
	
	
		
 
        var msg2 = msg2.lstrip(' ').lstrip('\n');

			




	
	
	
		
 

			




	
	
	
		
 
        if(re.test(msg2)){

			




	
	
	
		
 
            var unam = re.exec(msg2)[1];

			




	
	
	
		
 
            return [unam, chunks];

			




	
	
	
		
 
        }

			




	
	
	
		
 
        return [null, null];

			




	
	
	
		
 
    };

			




	
	
	
		
 

			




	
	
	
		
 
    $inputElement.keyup(function(e){

			




	
	
	
		
 
            var currentMessage = $inputElement.val();

			




	
	
	
		
 
            var currentCaretPosition = $inputElement[0].selectionStart;

			




	
	
	
		
 

			




	
	
	
		
 
            var unam = mentionsAC.get_mention(currentMessage, currentCaretPosition);

			




	
	
	
		
 
            var curr_search = null;

			




	
	
	
		
 
            if(unam[0]){

			




	
	
	
		
 
                curr_search = unam[0];

			




	
	
	
		
 
            }

			




	
	
	
		
 

			




	
	
	
		
 
            mentionsAC.dataSource.chunks = unam[1];

			




	
	
	
		
 
            mentionsAC.dataSource.mentionQuery = curr_search;

			




	
	
	
		
 
        });

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
var addReviewMember = function(id,fname,lname,nname,gravatar_link,gravatar_size){

			




	
	
	
		
 
    var displayname = nname;

			




	
	
	
		
 
    if ((fname != "") && (lname != "")) {

			




	
	
	
		
 
        displayname = "{0} {1} ({2})".format(fname, lname, nname);

			




	
	
	
		
 
    }

			




	
	
	
		
 
    var gravatarelm = gravatar(gravatar_link, gravatar_size, "");

			




	
	
	
		
 
    // WARNING: the HTML below is duplicate with

			




	
	
	
		
 
    // kallithea/templates/pullrequests/pullrequest_show.html

			




	
	
	
		
 
    // If you change something here it should be reflected in the template too.

			




	
	
	
		
 
    var element = (

			




	
	
	
		
 
        '     <li id="reviewer_{2}">\n'+

			




	
	
	
		
 
        '       <span class="reviewers_member">\n'+

			




	
	
	
		
 
        '         <span class="reviewer_status" data-toggle="tooltip" title="not_reviewed">\n'+

			




	
	
	
		
 
        '             <i class="icon-circle changeset-status-not_reviewed"></i>\n'+

			




	
	
	
		
 
        '         </span>\n'+

			




	
	
	
		
 
        (gravatarelm ?

			




	
	
	
		
 
        '         {0}\n' :

			




	
	
	
		
 
        '')+

			




	
	
	
		
 
        '         <span>{1}</span>\n'+

			




	
	
	
		
 
        '         <input type="hidden" value="{2}" name="review_members" />\n'+

			




	
	
	
		
 
        '         <a href="#" class="reviewer_member_remove" onclick="removeReviewMember({2})">\n'+

			




	
	
	
		
 
        '             <i class="icon-minus-circled"></i>\n'+

			




	
	
	
		
 
        '         </a> (add not saved)\n'+

			




	
	
	
		
 
        '       </span>\n'+

			




	
	
	
		
 
        '     </li>\n'

			




	
	
	
		
 
        ).format(gravatarelm, displayname, id);

			




	
	
	
		
 
    // check if we don't have this ID already in

			




	
	
	
		
 
    var ids = [];

			




	
	
	
		
 
    $('#review_members').find('li').each(function() {

			




	
	
	
		
 
            ids.push(this.id);

			




	
	
	
		
 
        });

			




	
	
	
		
 
    if(ids.indexOf('reviewer_'+id) == -1){

			




	
	
	
		
 
        //only add if it's not there

			




	
	
	
		
 
        $('#review_members').append(element);

			




	
	
	
		
 
    }

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
var removeReviewMember = function(reviewer_id, repo_name, pull_request_id){

			




	
	
	
		
 
    var $li = $('#reviewer_{0}'.format(reviewer_id));

			




	
	
	
		
 
    $li.find('div div').css("text-decoration", "line-through");

			




	
	
	
		
 
    $li.find('input').prop('name', 'review_members_removed');

			




	
	
	
		
 
    $li.find('.reviewer_member_remove').replaceWith('&nbsp;(remove not saved)');

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
/* activate auto completion of users as PR reviewers */

			




	
	
	
		
 
var PullRequestAutoComplete = function ($inputElement, $container, users_list) {

			




	
	
	
		
 

			




	
	
	
		
 
    var matchUsers = function (sQuery) {

			




	
	
	
		
 
        return autocompleteMatchUsers(sQuery, users_list);

			




	
	
	
		
 
    };

			




	
	
	
		
 

			




	
	
	
		
 
    var reviewerAC = autocompleteCreate($inputElement, $container, matchUsers);

			




	
	
	
		
 
    reviewerAC.suppressInputUpdate = true;

			




	
	
	
		
 

			




	
	
	
		
 
    // Handler for selection of an entry

			




	
	
	
		
 
    if(reviewerAC.itemSelectEvent){

			




	
	
	
		
 
        reviewerAC.itemSelectEvent.subscribe(function (sType, aArgs) {

			




	
	
	
		
 
            var myAC = aArgs[0]; // reference back to the AC instance

			




	
	
	
		
 
            var elLI = aArgs[1]; // reference to the selected LI element

			




	
	
	
		
 
            var oData = aArgs[2]; // object literal of selected item's result data

			




	
	
	
		
 

			




	
	
	
		
 
            addReviewMember(oData.id, oData.fname, oData.lname, oData.nname,

			




	
	
	
		
 
                            oData.gravatar_lnk, oData.gravatar_size);

			




	
	
	
		
 
            myAC.getInputEl().value = '';

			




	
	
	
		
 
        });

			




	
	
	
		
 
    }

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
var addPermAction = function(_html, users_list, groups_list){

			




	
	
	
		
 
function addPermAction(perm_type, users_list, groups_list) {

			




	
	
	
		
 
    var template =

			




	
	
	
		
 
        '<td><input type="radio" value="{1}.none" name="perm_new_member_{0}" id="perm_new_member_{0}"></td>' +

			




	
	
	
		
 
        '<td><input type="radio" value="{1}.read" checked="checked" name="perm_new_member_{0}" id="perm_new_member_{0}"></td>' +

			




	
	
	
		
 
        '<td><input type="radio" value="{1}.write" name="perm_new_member_{0}" id="perm_new_member_{0}"></td>' +

			




	
	
	
		
 
        '<td><input type="radio" value="{1}.admin" name="perm_new_member_{0}" id="perm_new_member_{0}"></td>' +

			




	
	
	
		
 
        '<td class="ac">' +

			




	
	
	
		
 
            '<div class="perm_ac" id="perm_ac_{0}">' +

			




	
	
	
		
 
                '<input class="yui-ac-input" id="perm_new_member_name_{0}" name="perm_new_member_name_{0}" value="" type="text">' +

			




	
	
	
		
 
                '<input id="perm_new_member_type_{0}" name="perm_new_member_type_{0}" value="" type="hidden">' +

			




	
	
	
		
 
                '<div id="perm_container_{0}"></div>' +

			




	
	
	
		
 
            '</div>' +

			




	
	
	
		
 
        '</td>' +

			




	
	
	
		
 
        '<td></td>';

			




	
	
	
		
 
    var $last_node = $('.last_new_member').last(); // empty tr between last and add

			




	
	
	
		
 
    var next_id = $('.new_members').length;

			




	
	
	
		
 
    $last_node.before($('<tr class="new_members">').append(_html.format(next_id)));

			




	
	
	
		
 
    $last_node.before($('<tr class="new_members">').append(template.format(next_id, perm_type)));

			




	
	
	
		
 
    MembersAutoComplete($("#perm_new_member_name_"+next_id),

			




	
	
	
		
 
            $("#perm_container_"+next_id), users_list, groups_list);

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
function ajaxActionRevokePermission(url, obj_id, obj_type, field_id, extra_data) {

			




	
	
	
		
 
    var success = function (o) {

			




	
	
	
		
 
            $('#' + field_id).remove();

			




	
	
	
		
 
        };

			




	
	
	
		
 
    var failure = function (o) {

			




	
	
	
		
 
            alert(_TM['Failed to revoke permission'] + ": " + o.status);

			




	
	
	
		
 
        };

			




	
	
	
		
 
    var query_params = {};

			




	
	
	
		
 
    // put extra data into POST

			




	
	
	
		
 
    if (extra_data !== undefined && (typeof extra_data === 'object')){

			




	
	
	
		
 
        for(var k in extra_data){

			




	
	
	
		
 
            query_params[k] = extra_data[k];

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    if (obj_type=='user'){

			




	
	
	
		
 
        query_params['user_id'] = obj_id;

			




	
	
	
		
 
        query_params['obj_type'] = 'user';

			




	
	
	
		
 
    }

			




	
	
	
		
 
    else if (obj_type=='user_group'){

			




	
	
	
		
 
        query_params['user_group_id'] = obj_id;

			




	
	
	
		
 
        query_params['obj_type'] = 'user_group';

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    ajaxPOST(url, query_params, success, failure);

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/* Multi selectors */

			




	
	
	
		
 

			




	
	
	
		
 
var MultiSelectWidget = function(selected_id, available_id, form_id){

			




	
	
	
		
 
    var $availableselect = $('#' + available_id);

			




	
	
	
		
 
    var $selectedselect = $('#' + selected_id);

			




	
	
	
		
 

			




	
	
	
		
 
    //fill available only with those not in selected

			




	
	
	
		
 
    var $selectedoptions = $selectedselect.children('option');

			




	
	
	
		
 
    $availableselect.children('option').filter(function(i, e){

			




	
	
	
		
 
            for(var j = 0, node; node = $selectedoptions[j]; j++){

			




	
	
	
		
 
                if(node.value == e.value){

			




	
	
	
		
 
                    return true;

			




	
	
	
		
 
                }

			




	
	
	
		
 
            }

			




	
	
	
		
 
            return false;

			




	
	
	
		
 
        }).remove();

			




	
	
	
		
 

			




	
	
	
		
 
    $('#add_element').click(function(e){

			




	
	
	
		
 
            $selectedselect.append($availableselect.children('option:selected'));

			




	
	
	
		
 
        });

			




	
	
	
		
 
    $('#remove_element').click(function(e){

			




	
	
	
		
 
            $availableselect.append($selectedselect.children('option:selected'));

			




	
	
	
		
 
        });

			




	
	
	
		
 

			




	
	
	
		
 
    $('#'+form_id).submit(function(){

			




	
	
	
		
 
            $selectedselect.children('option').each(function(i, e){

			




	
	
	
		
 
                e.selected = 'selected';

			




	
	
	
		
 
            });

			




	
	
	
		
 
        });

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 Branch Sorting callback for select2, modifying the filtered result so prefix

			




	
	
	
		
 
 matches come before matches in the line.

			




	
	
	
		
 
 **/

			




	
	
	
		
 
var branchSort = function(results, container, query) {

			




	
	
	
		
 
    if (query.term) {

			




	
	
	
		
 
        return results.sort(function (a, b) {

			




	
	
	
		
 
            // Put closed branches after open ones (a bit of a hack ...)

			




	
	
	
		
 
            var aClosed = a.text.indexOf("(closed)") > -1,

			




	
	
	
		
 
                bClosed = b.text.indexOf("(closed)") > -1;

			




	
	
	
		
 
            if (aClosed && !bClosed) {

			




	
	
	
		
 
                return 1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            if (bClosed && !aClosed) {

			




	
	
	
		
 
                return -1;

			




	
	
	
		
 
            }

			




	
	
	
		
 

			




	
	
	
		
 
            // Put early (especially prefix) matches before later matches

			




	
	
	
		
 
            var aPos = a.text.toLowerCase().indexOf(query.term.toLowerCase()),

			




	
	
	
		
 
                bPos = b.text.toLowerCase().indexOf(query.term.toLowerCase());

			




	
	
	
		
 
            if (aPos < bPos) {

			




	
	
	
		
 
                return -1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            if (bPos < aPos) {

			




	
	
	
		
 
                return 1;

			




	
	
	
		
 
            }

			




	
	
	
		
 

			




	
	
	
		
 
            // Default sorting

			




	
	
	
		
 
            if (a.text > b.text) {

			




	
	
	
		
 
                return 1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            if (a.text < b.text) {

			




	
	
	
		
 
                return -1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            return 0;

			




	
	
	
		
 
        });

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return results;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var prefixFirstSort = function(results, container, query) {

			




	
	
	
		
 
    if (query.term) {

			




	
	
	
		
 
        return results.sort(function (a, b) {

			




	
	
	
		
 
            // if parent node, no sorting

			




	
	
	
		
 
            if (a.children != undefined || b.children != undefined) {

			




	
	
	
		
 
                return 0;

			




	
	
	
		
 
            }

			




	
	
	
		
 

			




	
	
	
		
 
            // Put prefix matches before matches in the line

			




	
	
	
		
 
            var aPos = a.text.toLowerCase().indexOf(query.term.toLowerCase()),

			




	
	
	
		
 
                bPos = b.text.toLowerCase().indexOf(query.term.toLowerCase());

			




	
	
	
		
 
            if (aPos === 0 && bPos !== 0) {

			




	
	
	
		
 
                return -1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            if (bPos === 0 && aPos !== 0) {

			




	
	
	
		
 
                return 1;

			




	
	
	
		
 
            }

			




	
	
	
		
 

			




	
	
	
		
 
            // Default sorting

			




	
	
	
		
 
            if (a.text > b.text) {

			




	
	
	
		
 
                return 1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            if (a.text < b.text) {

			




	
	
	
		
 
                return -1;

			




	
	
	
		
 
            }

			




	
	
	
		
 
            return 0;

			




	
	
	
		
 
        });

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return results;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/* Helper for jQuery DataTables */

			




	
	
	
		
 

			




	
	
	
		
 
var updateRowCountCallback = function updateRowCountCallback($elem, onlyDisplayed) {

			




	
	
	
		
 
    return function drawCallback() {

			




	
	
	
		
 
        var info = this.api().page.info(),

			




	
	
	
		
 
            count = onlyDisplayed === true ? info.recordsDisplay : info.recordsTotal;

			




	
	
	
		
 
        $elem.html(count);

			




	
	
	
		
 
    }

			




	
	
	
		
 
};

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/repo_groups/repo_group_edit_perms.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
${h.form(url('edit_repo_group_perms', group_name=c.repo_group.group_name))}

			




	
	
	
		
 
<div class="form">

			




	
	
	
		
 
    <div>

			




	
	
	
		
 
        <div>

			




	
	
	
		
 
            <table id="permissions_manage" class="table">

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td>${_('None')}<br />(${_('Not visible')})</td>

			




	
	
	
		
 
                    <td>${_('Read')}<br />(${_('Visible')})</td>

			




	
	
	
		
 
                    <td>${_('Write')}<br />(${_('Add repos')})</td>

			




	
	
	
		
 
                    <td>${_('Admin')}<br />(${_('Add/Edit groups')})</td>

			




	
	
	
		
 
                    <td>${_('User/User Group')}</td>

			




	
	
	
		
 
                    <td></td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
                ## USERS

			




	
	
	
		
 
                %for r2p in c.repo_group.repo_group_to_perm:

			




	
	
	
		
 
                    ##forbid revoking permission from yourself, except if you're an super admin

			




	
	
	
		
 
                    <tr id="id${id(r2p.user.username)}">

			




	
	
	
		
 
                      %if request.authuser.user_id != r2p.user.user_id or request.authuser.is_admin:

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.admin')}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            ${h.gravatar(r2p.user.email, cls="perm-gravatar", size=14)}

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')() and r2p.user.username != 'default':

			




	
	
	
		
 
                             <a href="${h.url('edit_user',id=r2p.user.user_id)}">${r2p.user.username}</a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${r2p.user.username if r2p.user.username != 'default' else _('Default')}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                          %if r2p.user.username !='default':

			




	
	
	
		
 
                            <span style="color:#da4f49" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${r2p.user.user_id}, 'user', '${'id%s'%id(r2p.user.username)}', '${r2p.user.username}')">

			




	
	
	
		
 
                             <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                          %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                      %else:

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.admin', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            ${h.gravatar(r2p.user.email, cls="perm-gravatar", size=14)}

			




	
	
	
		
 
                            ${r2p.user.username if r2p.user.username != 'default' else _('Default')}

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td><i class="icon-user"></i> ${_('Admin')}</td>

			




	
	
	
		
 
                      %endif

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                ## USER GROUPS

			




	
	
	
		
 
                %for g2p in c.repo_group.users_group_to_perm:

			




	
	
	
		
 
                    <tr id="id${id(g2p.users_group.users_group_name)}">

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.admin')}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <i class="icon-users"></i>

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')():

			




	
	
	
		
 
                             <a href="${h.url('edit_users_group',id=g2p.users_group.users_group_id)}">

			




	
	
	
		
 
                                 ${g2p.users_group.users_group_name}

			




	
	
	
		
 
                             </a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${g2p.users_group.users_group_name}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <span style="color:#da4f49" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${g2p.users_group.users_group_id}, 'user_group', '${'id%s'%id(g2p.users_group.users_group_name)}', '${g2p.users_group.users_group_name}')">

			




	
	
	
		
 
                            <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                <%

			




	
	
	
		
 
                _tmpl = """\

			




	
	
	
		
 
                    <td><input type="radio" value="group.none" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="group.read" checked="checked" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="group.write" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="group.admin" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td class="ac"> \

			




	
	
	
		
 
                        <div class="perm_ac" id="perm_ac_{0}"> \

			




	
	
	
		
 
                            <input class="yui-ac-input" id="perm_new_member_name_{0}" name="perm_new_member_name_{0}" value="" type="text"> \

			




	
	
	
		
 
                            <input id="perm_new_member_type_{0}" name="perm_new_member_type_{0}" value="" type="hidden">  \

			




	
	
	
		
 
                            <div id="perm_container_{0}"></div> \

			




	
	
	
		
 
                        </div> \

			




	
	
	
		
 
                    </td> \

			




	
	
	
		
 
                    <td></td>"""

			




	
	
	
		
 
                %>

			




	
	
	
		
 
                ## ADD HERE DYNAMICALLY NEW INPUTS FROM THE '_tmpl'

			




	
	
	
		
 
                ## New entries added by addPermAction here.

			




	
	
	
		
 
                <tr class="new_members last_new_member" id="add_perm_input"><td colspan="6"></td></tr>

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td colspan="6">

			




	
	
	
		
 
                        <span id="add_perm" style="cursor: pointer;">

			




	
	
	
		
 
                            <i class="icon-plus"></i> ${_('Add new')}

			




	
	
	
		
 
                        </span>

			




	
	
	
		
 
                    </td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td colspan="6">

			




	
	
	
		
 
                       ${_('Apply to children')}:

			




	
	
	
		
 
                       ${h.radio('recursive', 'none', label=_('None'), checked="checked")}

			




	
	
	
		
 
                       ${h.radio('recursive', 'groups', label=_('Repository Groups'))}

			




	
	
	
		
 
                       ${h.radio('recursive', 'repos', label=_('Repositories'))}

			




	
	
	
		
 
                       ${h.radio('recursive', 'all', label=_('Both'))}

			




	
	
	
		
 
                       <span class="help-block">${_('Set or revoke permission to all children of that group, including non-private repositories and other groups if selected.')}</span>

			




	
	
	
		
 
                    </td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
            </table>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
        <div class="buttons">

			




	
	
	
		
 
            ${h.submit('save',_('Save'),class_="btn btn-default")}

			




	
	
	
		
 
            ${h.reset('reset',_('Reset'),class_="btn btn-default")}

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
</div>

			




	
	
	
		
 
${h.end_form()}

			




	
	
	
		
 

			




	
	
	
		
 
<script type="text/javascript">

			




	
	
	
		
 
    function ajaxActionRevoke(obj_id, obj_type, field_id, obj_name) {

			




	
	
	
		
 
        url = ${h.jshtml(h.url('edit_repo_group_perms_delete', group_name=c.repo_group.group_name))};

			




	
	
	
		
 
        var revoke_msg = _TM['Confirm to revoke permission for {0}: {1} ?'].format(obj_type.replace('_', ' '), obj_name);

			




	
	
	
		
 
        if (confirm(revoke_msg)){

			




	
	
	
		
 
            var recursive = $('input[name=recursive]:checked').val();

			




	
	
	
		
 
            ajaxActionRevokePermission(url, obj_id, obj_type, field_id, {recursive:recursive});

			




	
	
	
		
 
        }

			




	
	
	
		
 
    };

			




	
	
	
		
 

			




	
	
	
		
 
    $(document).ready(function () {

			




	
	
	
		
 
        if (!$('#perm_new_member_name').hasClass('error')) {

			




	
	
	
		
 
            $('#add_perm_input').hide();

			




	
	
	
		
 
        }

			




	
	
	
		
 
        $('#add_perm').click(function () {

			




	
	
	
		
 
            addPermAction(${h.jshtml(_tmpl)}, ${h.js(c.users_array)}, ${h.js(c.user_groups_array)});

			




	
	
	
		
 
            addPermAction('group', ${h.js(c.users_array)}, ${h.js(c.user_groups_array)});

			




	
	
	
		
 
        });

			




	
	
	
		
 
    });

			




	
	
	
		
 
</script>

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/repos/repo_edit_permissions.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
${h.form(url('edit_repo_perms_update', repo_name=c.repo_name))}

			




	
	
	
		
 
<div class="form">

			




	
	
	
		
 
    <div class="form-horizontal">

			




	
	
	
		
 
        <div class="form-group">

			




	
	
	
		
 
            ${h.hidden('repo_private')}

			




	
	
	
		
 
            <table id="permissions_manage" class="table table-condensed">

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td>${_('None')}</td>

			




	
	
	
		
 
                    <td>${_('Read')}</td>

			




	
	
	
		
 
                    <td>${_('Write')}</td>

			




	
	
	
		
 
                    <td>${_('Admin')}</td>

			




	
	
	
		
 
                    <td>${_('User/User Group')}</td>

			




	
	
	
		
 
                    <td></td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
                ## USERS

			




	
	
	
		
 
                %for r2p in sorted(c.repo_info.repo_to_perm, key=lambda x: x.user.username != 'default' and x.user.username):

			




	
	
	
		
 
                    %if r2p.user.username =='default' and c.repo_info.private:

			




	
	
	
		
 
                        <tr>

			




	
	
	
		
 
                            <td colspan="4">

			




	
	
	
		
 
                                <span class="private_repo_msg">

			




	
	
	
		
 
                                ${_('Private Repository')}

			




	
	
	
		
 
                                </span>

			




	
	
	
		
 
                            </td>

			




	
	
	
		
 
                            <td class="private_repo_msg"><i class="icon-user"></i> ${_('Default')}</td>

			




	
	
	
		
 
                        </tr>

			




	
	
	
		
 
                    %else:

			




	
	
	
		
 
                    <tr id="id${id(r2p.user.username)}">

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.admin')}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            ${h.gravatar(r2p.user.email, size=14)}

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')() and r2p.user.username != 'default':

			




	
	
	
		
 
                             <a href="${h.url('edit_user',id=r2p.user.user_id)}">${r2p.user.username}</a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${r2p.user.username if r2p.user.username != 'default' else _('Default')}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                          %if r2p.user.username !='default':

			




	
	
	
		
 
                            <span style="color:#da4f49" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${r2p.user.user_id}, 'user', '${'id%s'%id(r2p.user.username)}', '${r2p.user.username}')">

			




	
	
	
		
 
                            <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                          %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                    %endif

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                ## USER GROUPS

			




	
	
	
		
 
                %for g2p in sorted(c.repo_info.users_group_to_perm, key=lambda x:x.users_group.users_group_name):

			




	
	
	
		
 
                    <tr id="id${id(g2p.users_group.users_group_name)}">

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.admin')}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <i class="icon-users"></i>

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')():

			




	
	
	
		
 
                             <a href="${h.url('edit_users_group',id=g2p.users_group.users_group_id)}">${g2p.users_group.users_group_name}</a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${g2p.users_group.users_group_name}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <span style="color:#da4f49" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${g2p.users_group.users_group_id}, 'user_group', '${'id%s'%id(g2p.users_group.users_group_name)}', '${g2p.users_group.users_group_name}')">

			




	
	
	
		
 
                            <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                <%

			




	
	
	
		
 
                _tmpl = """\

			




	
	
	
		
 
                    <td><input type="radio" value="repository.none" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="repository.read" checked="checked" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="repository.write" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="repository.admin" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td class="ac"> \

			




	
	
	
		
 
                        <div class="perm_ac" id="perm_ac_{0}"> \

			




	
	
	
		
 
                            <input class="yui-ac-input" id="perm_new_member_name_{0}" name="perm_new_member_name_{0}" value="" type="text"> \

			




	
	
	
		
 
                            <input id="perm_new_member_type_{0}" name="perm_new_member_type_{0}" value="" type="hidden">  \

			




	
	
	
		
 
                            <div id="perm_container_{0}"></div> \

			




	
	
	
		
 
                        </div> \

			




	
	
	
		
 
                    </td> \

			




	
	
	
		
 
                    <td></td>"""

			




	
	
	
		
 
                %>

			




	
	
	
		
 
                ## ADD HERE DYNAMICALLY NEW INPUTS FROM THE '_tmpl'

			




	
	
	
		
 
                ## New entries added by addPermAction here.

			




	
	
	
		
 
                <tr class="new_members last_new_member" id="add_perm_input"><td colspan="6"></td></tr>

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td colspan="6">

			




	
	
	
		
 
                        <span id="add_perm" style="cursor: pointer;">

			




	
	
	
		
 
                            <i class="icon-plus"></i> ${_('Add new')}

			




	
	
	
		
 
                        </span>

			




	
	
	
		
 
                    </td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
            </table>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
        <div class="form-group">

			




	
	
	
		
 
            ${h.submit('save',_('Save'),class_="btn btn-default")}

			




	
	
	
		
 
            ${h.reset('reset',_('Reset'),class_="btn btn-default")}

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
</div>

			




	
	
	
		
 
${h.end_form()}

			




	
	
	
		
 

			




	
	
	
		
 
<script type="text/javascript">

			




	
	
	
		
 
    function ajaxActionRevoke(obj_id, obj_type, field_id, obj_name) {

			




	
	
	
		
 
        url = ${h.js(h.url('edit_repo_perms_revoke',repo_name=c.repo_name))};

			




	
	
	
		
 
        var revoke_msg = _TM['Confirm to revoke permission for {0}: {1} ?'].format(obj_type.replace('_', ' '), obj_name);

			




	
	
	
		
 
        if (confirm(revoke_msg)){

			




	
	
	
		
 
            ajaxActionRevokePermission(url, obj_id, obj_type, field_id);

			




	
	
	
		
 
        }

			




	
	
	
		
 
    };

			




	
	
	
		
 

			




	
	
	
		
 
    $(document).ready(function () {

			




	
	
	
		
 
        if (!$('#perm_new_member_name').hasClass('error')) {

			




	
	
	
		
 
            $('#add_perm_input').hide();

			




	
	
	
		
 
        }

			




	
	
	
		
 
        $('#add_perm').click(function () {

			




	
	
	
		
 
            addPermAction(${h.jshtml(_tmpl)}, ${h.js(c.users_array)}, ${h.js(c.user_groups_array)});

			




	
	
	
		
 
            addPermAction('repository', ${h.js(c.users_array)}, ${h.js(c.user_groups_array)});

			




	
	
	
		
 
        });

			




	
	
	
		
 
    });

			




	
	
	
		
 
</script>

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/user_groups/user_group_edit_perms.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
${h.form(url('edit_user_group_perms_update', id=c.user_group.users_group_id))}

			




	
	
	
		
 
<div class="form">

			




	
	
	
		
 
   <div>

			




	
	
	
		
 
        <div>

			




	
	
	
		
 
            <table id="permissions_manage" class="table">

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td>${_('None')}</td>

			




	
	
	
		
 
                    <td>${_('Read')}</td>

			




	
	
	
		
 
                    <td>${_('Write')}</td>

			




	
	
	
		
 
                    <td>${_('Admin')}</td>

			




	
	
	
		
 
                    <td>${_('User/User Group')}</td>

			




	
	
	
		
 
                    <td></td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
                ## USERS

			




	
	
	
		
 
                %for r2p in c.user_group.user_user_group_to_perm:

			




	
	
	
		
 
                    ##forbid revoking permission from yourself, except if you're an super admin

			




	
	
	
		
 
                    <tr id="id${id(r2p.user.username)}">

			




	
	
	
		
 
                      %if request.authuser.user_id != r2p.user.user_id or request.authuser.is_admin:

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.admin')}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            ${h.gravatar(r2p.user.email, cls="perm-gravatar", size=14)}

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')() and r2p.user.username != 'default':

			




	
	
	
		
 
                             <a href="${h.url('edit_user',id=r2p.user.user_id)}">${r2p.user.username}</a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${r2p.user.username if r2p.user.username != 'default' else _('Default')}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                          %if r2p.user.username !='default':

			




	
	
	
		
 
                            <span style="color:#da4f49" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${r2p.user.user_id}, 'user', '${'id%s'%id(r2p.user.username)}', '${r2p.user.username}')">

			




	
	
	
		
 
                             <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                          %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                      %else:

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.none', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.read', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.write', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'usergroup.admin', disabled="disabled")}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            ${h.gravatar(r2p.user.email, cls="perm-gravatar", size=14)}

			




	
	
	
		
 
                            ${r2p.user.username if r2p.user.username != 'default' else _('Default')}

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td><i class="icon-user"></i> ${_('Admin')}</td>

			




	
	
	
		
 
                      %endif

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                ## USER GROUPS

			




	
	
	
		
 
                %for g2p in c.user_group.user_group_user_group_to_perm:

			




	
	
	
		
 
                    <tr id="id${id(g2p.user_group.users_group_name)}">

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.user_group.users_group_name,'usergroup.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.user_group.users_group_name,'usergroup.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.user_group.users_group_name,'usergroup.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.user_group.users_group_name,'usergroup.admin')}</td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <i class="icon-users"></i>

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')():

			




	
	
	
		
 
                             <a href="${h.url('edit_users_group',id=g2p.user_group.users_group_id)}">

			




	
	
	
		
 
                                 ${g2p.user_group.users_group_name}

			




	
	
	
		
 
                             </a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${g2p.user_group.users_group_name}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <span style="color:#da4f49" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${g2p.user_group.users_group_id}, 'user_group', '${'id%s'%id(g2p.user_group.users_group_name)}', '${g2p.user_group.users_group_name}')">

			




	
	
	
		
 
                            <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                <%

			




	
	
	
		
 
                _tmpl = """\

			




	
	
	
		
 
                    <td><input type="radio" value="usergroup.none" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="usergroup.read" checked="checked" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="usergroup.write" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="usergroup.admin" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td class="ac"> \

			




	
	
	
		
 
                        <div class="perm_ac" id="perm_ac_{0}"> \

			




	
	
	
		
 
                            <input class="yui-ac-input" id="perm_new_member_name_{0}" name="perm_new_member_name_{0}" value="" type="text"> \

			




	
	
	
		
 
                            <input id="perm_new_member_type_{0}" name="perm_new_member_type_{0}" value="" type="hidden">  \

			




	
	
	
		
 
                            <div id="perm_container_{0}"></div> \

			




	
	
	
		
 
                        </div> \

			




	
	
	
		
 
                    </td> \

			




	
	
	
		
 
                    <td></td>"""

			




	
	
	
		
 
                %>

			




	
	
	
		
 
                ## ADD HERE DYNAMICALLY NEW INPUTS FROM THE '_tmpl'

			




	
	
	
		
 
                ## New entries added by addPermAction here.

			




	
	
	
		
 
                <tr class="new_members last_new_member" id="add_perm_input"><td colspan="6"></td></tr>

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td colspan="6">

			




	
	
	
		
 
                        <span id="add_perm" class="btn">

			




	
	
	
		
 
                            <i class="icon-plus"></i> ${_('Add new')}

			




	
	
	
		
 
                        </span>

			




	
	
	
		
 
                    </td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
            </table>

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
        <div class="buttons">

			




	
	
	
		
 
            ${h.submit('save',_('Save'),class_="btn btn-default")}

			




	
	
	
		
 
            ${h.reset('reset',_('Reset'),class_="btn btn-default")}

			




	
	
	
		
 
        </div>

			




	
	
	
		
 
   </div>

			




	
	
	
		
 
</div>

			




	
	
	
		
 
${h.end_form()}

			




	
	
	
		
 

			




	
	
	
		
 
<script type="text/javascript">

			




	
	
	
		
 
    function ajaxActionRevoke(obj_id, obj_type, field_id, obj_name) {

			




	
	
	
		
 
        url = ${h.js(h.url('edit_user_group_perms_delete', id=c.user_group.users_group_id))};

			




	
	
	
		
 
        var revoke_msg = _TM['Confirm to revoke permission for {0}: {1} ?'].format(obj_type.replace('_', ' '), obj_name);

			




	
	
	
		
 
        if (confirm(revoke_msg)){

			




	
	
	
		
 
            ajaxActionRevokePermission(url, obj_id, obj_type, field_id);

			




	
	
	
		
 
        }

			




	
	
	
		
 
    };

			




	
	
	
		
 

			




	
	
	
		
 
    $(document).ready(function () {

			




	
	
	
		
 
        if (!$('#perm_new_member_name').hasClass('error')) {

			




	
	
	
		
 
            $('#add_perm_input').hide();

			




	
	
	
		
 
        }

			




	
	
	
		
 
        $('#add_perm').click(function () {

			




	
	
	
		
 
            addPermAction(${h.jshtml(_tmpl)}, ${h.js(c.users_array)}, ${h.js(c.user_groups_array)});

			




	
	
	
		
 
            addPermAction('usergroup', ${h.js(c.users_array)}, ${h.js(c.user_groups_array)});

			




	
	
	
		
 
        });

			




	
	
	
		
 
    });

			




	
	
	
		
 
</script>

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.