Changeset - be2b75779da3
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 13 years ago 2013-05-12 19:19:33
marcin@python-works.com
Repository groups: super admin shouldn't have the permission set
when he creates a group. Super admins anyway can edit groups even without
explicit permissions set
1 file changed with 7 insertions and 5 deletions:
rhodecode/model/repos_group.py
7
5
0 comments (0 inline, 0 general)
rhodecode/model/repos_group.py
Show inline comments
 
@@ -131,38 +131,40 @@ class ReposGroupModel(BaseModel):
 
            if force_delete:
 
                shutil.rmtree(rm_path)
 
            else:
 
                #archive that group`
 
                _now = datetime.datetime.now()
 
                _ms = str(_now.microsecond).rjust(6, '0')
 
                _d = 'rm__%s_GROUP_%s' % (_now.strftime('%Y%m%d_%H%M%S_' + _ms),
 
                                          group.name)
 
                shutil.move(rm_path, os.path.join(self.repos_path, _d))
 

			




	
	
	
		
 
    def create(self, group_name, group_description, owner, parent=None, just_db=False):

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            user = self._get_user(owner)

			




	
	
	
		
 
            new_repos_group = RepoGroup()

			




	
	
	
		
 
            new_repos_group.user = self._get_user(owner)

			




	
	
	
		
 
            new_repos_group.user = user

			




	
	
	
		
 
            new_repos_group.group_description = group_description or group_name

			




	
	
	
		
 
            new_repos_group.parent_group = self._get_repo_group(parent)

			




	
	
	
		
 
            new_repos_group.group_name = new_repos_group.get_new_name(group_name)

			




	
	
	
		
 

			




	
	
	
		
 
            self.sa.add(new_repos_group)

			




	
	
	
		
 
            perm_obj = self._create_default_perms(new_repos_group)

			




	
	
	
		
 
            self.sa.add(perm_obj)

			




	
	
	
		
 

			




	
	
	
		
 
            #create an ADMIN permission for owner, later owner should go into

			




	
	
	
		
 
            #the owner field of groups

			




	
	
	
		
 
            self.grant_user_permission(repos_group=new_repos_group,

			




	
	
	
		
 
                                       user=owner, perm='group.admin')

			




	
	
	
		
 
            #create an ADMIN permission for owner except if we're super admin,

			




	
	
	
		
 
            #later owner should go into the owner field of groups

			




	
	
	
		
 
            if not user.is_admin:

			




	
	
	
		
 
                self.grant_user_permission(repos_group=new_repos_group,

			




	
	
	
		
 
                                           user=owner, perm='group.admin')

			




	
	
	
		
 

			




	
	
	
		
 
            if not just_db:

			




	
	
	
		
 
                # we need to flush here, in order to check if database won't

			




	
	
	
		
 
                # throw any exceptions, create filesystem dirs at the very end

			




	
	
	
		
 
                self.sa.flush()

			




	
	
	
		
 
                self.__create_group(new_repos_group.group_name)

			




	
	
	
		
 

			




	
	
	
		
 
            return new_repos_group

			




	
	
	
		
 
        except Exception:

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            raise

			




	
	
	
		
 

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.