Changeset - e423ed080057
Parent rev.
Child rev.
[Not reviewed]
default
0 2 0
Mads Kiilerich - 9 years ago 2016-08-04 14:23:36
madski@unity3d.com
routing: use POST to 'edit_repo_perms_update' instead of PUT
2 files changed with 2 insertions and 2 deletions:
kallithea/config/routing.py
1
1
kallithea/templates/admin/repos/repo_edit_permissions.html
1
1
0 comments (0 inline, 0 general)
kallithea/config/routing.py
Show inline comments
 
@@ -447,193 +447,193 @@ def make_map(config):
 
                 controller='journal', action="public_journal_rss")
 

			




	
	
	
		
 
    rmap.connect('public_journal_atom',

			




	
	
	
		
 
                 '%s/public_journal/atom' % ADMIN_PREFIX, controller='journal',

			




	
	
	
		
 
                 action="public_journal_atom")

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('public_journal_atom_old',

			




	
	
	
		
 
                 '%s/public_journal_atom' % ADMIN_PREFIX, controller='journal',

			




	
	
	
		
 
                 action="public_journal_atom")

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('toggle_following', '%s/toggle_following' % ADMIN_PREFIX,

			




	
	
	
		
 
                 controller='journal', action='toggle_following',

			




	
	
	
		
 
                 conditions=dict(method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
    #SEARCH

			




	
	
	
		
 
    rmap.connect('search', '%s/search' % ADMIN_PREFIX, controller='search',)

			




	
	
	
		
 
    rmap.connect('search_repo_admin', '%s/search/{repo_name:.*}' % ADMIN_PREFIX,

			




	
	
	
		
 
                 controller='search',

			




	
	
	
		
 
                 conditions=dict(function=check_repo))

			




	
	
	
		
 
    rmap.connect('search_repo', '/{repo_name:.*?}/search',

			




	
	
	
		
 
                 controller='search',

			




	
	
	
		
 
                 conditions=dict(function=check_repo),

			




	
	
	
		
 
                 )

			




	
	
	
		
 

			




	
	
	
		
 
    #LOGIN/LOGOUT/REGISTER/SIGN IN

			




	
	
	
		
 
    rmap.connect('authentication_token', '%s/authentication_token' % ADMIN_PREFIX, controller='login', action='authentication_token')

			




	
	
	
		
 
    rmap.connect('login_home', '%s/login' % ADMIN_PREFIX, controller='login')

			




	
	
	
		
 
    rmap.connect('logout_home', '%s/logout' % ADMIN_PREFIX, controller='login',

			




	
	
	
		
 
                 action='logout')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('register', '%s/register' % ADMIN_PREFIX, controller='login',

			




	
	
	
		
 
                 action='register')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX,

			




	
	
	
		
 
                 controller='login', action='password_reset')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('reset_password_confirmation',

			




	
	
	
		
 
                 '%s/password_reset_confirmation' % ADMIN_PREFIX,

			




	
	
	
		
 
                 controller='login', action='password_reset_confirmation')

			




	
	
	
		
 

			




	
	
	
		
 
    #FEEDS

			




	
	
	
		
 
    rmap.connect('rss_feed_home', '/{repo_name:.*?}/feed/rss',

			




	
	
	
		
 
                controller='feed', action='rss',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('atom_feed_home', '/{repo_name:.*?}/feed/atom',

			




	
	
	
		
 
                controller='feed', action='atom',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    #==========================================================================

			




	
	
	
		
 
    # REPOSITORY ROUTES

			




	
	
	
		
 
    #==========================================================================

			




	
	
	
		
 
    rmap.connect('repo_creating_home', '/{repo_name:.*?}/repo_creating',

			




	
	
	
		
 
                controller='admin/repos', action='repo_creating')

			




	
	
	
		
 
    rmap.connect('repo_check_home', '/{repo_name:.*?}/crepo_check',

			




	
	
	
		
 
                controller='admin/repos', action='repo_check')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('summary_home', '/{repo_name:.*?}',

			




	
	
	
		
 
                controller='summary',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    # must be here for proper group/repo catching

			




	
	
	
		
 
    rmap.connect('repos_group_home', '/{group_name:.*}',

			




	
	
	
		
 
                controller='admin/repo_groups', action="show_by_name",

			




	
	
	
		
 
                conditions=dict(function=check_group))

			




	
	
	
		
 
    rmap.connect('repo_stats_home', '/{repo_name:.*?}/statistics',

			




	
	
	
		
 
                controller='summary', action='statistics',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('repo_size', '/{repo_name:.*?}/repo_size',

			




	
	
	
		
 
                controller='summary', action='repo_size',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('repo_refs_data', '/{repo_name:.*?}/refs-data',

			




	
	
	
		
 
                 controller='home', action='repo_refs_data')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('changeset_home', '/{repo_name:.*?}/changeset/{revision:.*}',

			




	
	
	
		
 
                controller='changeset', revision='tip',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 
    rmap.connect('changeset_children', '/{repo_name:.*?}/changeset_children/{revision}',

			




	
	
	
		
 
                controller='changeset', revision='tip', action="changeset_children",

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 
    rmap.connect('changeset_parents', '/{repo_name:.*?}/changeset_parents/{revision}',

			




	
	
	
		
 
                controller='changeset', revision='tip', action="changeset_parents",

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    # repo edit options

			




	
	
	
		
 
    rmap.connect("edit_repo", "/{repo_name:.*?}/settings",

			




	
	
	
		
 
                 controller='admin/repos', action="edit",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_perms", "/{repo_name:.*?}/settings/permissions",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_permissions",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 
    rmap.connect("edit_repo_perms_update", "/{repo_name:.*?}/settings/permissions",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_permissions_update",

			




	
	
	
		
 
                 conditions=dict(method=["PUT"], function=check_repo))

			




	
	
	
		
 
                 conditions=dict(method=["POST"], function=check_repo))

			




	
	
	
		
 
    rmap.connect("edit_repo_perms_revoke", "/{repo_name:.*?}/settings/permissions/delete",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_permissions_revoke",

			




	
	
	
		
 
                 conditions=dict(method=["POST"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_fields", "/{repo_name:.*?}/settings/fields",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_fields",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 
    rmap.connect('create_repo_fields', "/{repo_name:.*?}/settings/fields/new",

			




	
	
	
		
 
                 controller='admin/repos', action="create_repo_field",

			




	
	
	
		
 
                 conditions=dict(method=["PUT"], function=check_repo))

			




	
	
	
		
 
    rmap.connect('delete_repo_fields', "/{repo_name:.*?}/settings/fields/{field_id}/delete",

			




	
	
	
		
 
                 controller='admin/repos', action="delete_repo_field",

			




	
	
	
		
 
                 conditions=dict(method=["POST"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_advanced", "/{repo_name:.*?}/settings/advanced",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_advanced",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_advanced_locking", "/{repo_name:.*?}/settings/advanced/locking",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_advanced_locking",

			




	
	
	
		
 
                 conditions=dict(method=["PUT"], function=check_repo))

			




	
	
	
		
 
    rmap.connect('toggle_locking', "/{repo_name:.*?}/settings/advanced/locking_toggle",

			




	
	
	
		
 
                 controller='admin/repos', action="toggle_locking",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_advanced_journal", "/{repo_name:.*?}/settings/advanced/journal",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_advanced_journal",

			




	
	
	
		
 
                 conditions=dict(method=["PUT"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_advanced_fork", "/{repo_name:.*?}/settings/advanced/fork",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_advanced_fork",

			




	
	
	
		
 
                 conditions=dict(method=["POST"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_caches", "/{repo_name:.*?}/settings/caches",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_caches",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 
    rmap.connect("edit_repo_caches", "/{repo_name:.*?}/settings/caches",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_caches",

			




	
	
	
		
 
                 conditions=dict(method=["PUT"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_remote", "/{repo_name:.*?}/settings/remote",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_remote",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 
    rmap.connect("edit_repo_remote_update", "/{repo_name:.*?}/settings/remote",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_remote",

			




	
	
	
		
 
                 conditions=dict(method=["POST"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect("edit_repo_statistics", "/{repo_name:.*?}/settings/statistics",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_statistics",

			




	
	
	
		
 
                 conditions=dict(method=["GET"], function=check_repo))

			




	
	
	
		
 
    rmap.connect("edit_repo_statistics_update", "/{repo_name:.*?}/settings/statistics",

			




	
	
	
		
 
                 controller='admin/repos', action="edit_statistics",

			




	
	
	
		
 
                 conditions=dict(method=["POST"], function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    #still working url for backward compat.

			




	
	
	
		
 
    rmap.connect('raw_changeset_home_depraced',

			




	
	
	
		
 
                 '/{repo_name:.*?}/raw-changeset/{revision}',

			




	
	
	
		
 
                 controller='changeset', action='changeset_raw',

			




	
	
	
		
 
                 revision='tip', conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    ## new URLs

			




	
	
	
		
 
    rmap.connect('changeset_raw_home',

			




	
	
	
		
 
                 '/{repo_name:.*?}/changeset-diff/{revision}',

			




	
	
	
		
 
                 controller='changeset', action='changeset_raw',

			




	
	
	
		
 
                 revision='tip', conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('changeset_patch_home',

			




	
	
	
		
 
                 '/{repo_name:.*?}/changeset-patch/{revision}',

			




	
	
	
		
 
                 controller='changeset', action='changeset_patch',

			




	
	
	
		
 
                 revision='tip', conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('changeset_download_home',

			




	
	
	
		
 
                 '/{repo_name:.*?}/changeset-download/{revision}',

			




	
	
	
		
 
                 controller='changeset', action='changeset_download',

			




	
	
	
		
 
                 revision='tip', conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('changeset_comment',

			




	
	
	
		
 
                 '/{repo_name:.*?}/changeset-comment/{revision}',

			




	
	
	
		
 
                controller='changeset', revision='tip', action='comment',

			




	
	
	
		
 
                conditions=dict(function=check_repo))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('changeset_comment_delete',

			




	
	
	
		
 
                 '/{repo_name:.*?}/changeset-comment/{comment_id}/delete',

			




	
	
	
		
 
                controller='changeset', action='delete_comment',

			




	
	
	
		
 
                conditions=dict(function=check_repo, method=["POST"]))

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('changeset_info', '/changeset_info/{repo_name:.*?}/{revision}',

			




	
	
	
		
 
                 controller='changeset', action='changeset_info')

			




	
	
	
		
 

			




	
	
	
		
 
    rmap.connect('compare_home',

			




	
	
	
		
 
                 '/{repo_name:.*?}/compare',

			




	
	
	
		
 
                 controller='compare', action='index',

			




	
	
	
		
 
                 conditions=dict(function=check_repo))

			




        

    


    
    

    

        

                

                    kallithea/templates/admin/repos/repo_edit_permissions.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
${h.form(url('edit_repo_perms_update', repo_name=c.repo_name), method='put')}

			




	
	
	
		
 
${h.form(url('edit_repo_perms_update', repo_name=c.repo_name))}

			




	
	
	
		
 
<div class="form">

			




	
	
	
		
 
   <div class="fields">

			




	
	
	
		
 
        <div class="field">

			




	
	
	
		
 
            ${h.hidden('repo_private')}

			




	
	
	
		
 
            <table id="permissions_manage" class="noborder">

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td>${_('None')}</td>

			




	
	
	
		
 
                    <td>${_('Read')}</td>

			




	
	
	
		
 
                    <td>${_('Write')}</td>

			




	
	
	
		
 
                    <td>${_('Admin')}</td>

			




	
	
	
		
 
                    <td>${_('User/User Group')}</td>

			




	
	
	
		
 
                    <td></td>

			




	
	
	
		
 
                </tr>

			




	
	
	
		
 
                ## USERS

			




	
	
	
		
 
                %for r2p in sorted(c.repo_info.repo_to_perm, key=lambda x: x.user.username != 'default' and x.user.username):

			




	
	
	
		
 
                    %if r2p.user.username =='default' and c.repo_info.private:

			




	
	
	
		
 
                        <tr>

			




	
	
	
		
 
                            <td colspan="4">

			




	
	
	
		
 
                                <span class="private_repo_msg">

			




	
	
	
		
 
                                ${_('Private Repository')}

			




	
	
	
		
 
                                </span>

			




	
	
	
		
 
                            </td>

			




	
	
	
		
 
                            <td class="private_repo_msg"><i class="icon-user"></i> ${_('Default')}</td>

			




	
	
	
		
 
                        </tr>

			




	
	
	
		
 
                    %else:

			




	
	
	
		
 
                    <tr id="id${id(r2p.user.username)}">

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'repository.admin')}</td>

			




	
	
	
		
 
                        <td style="white-space: nowrap;">

			




	
	
	
		
 
                            ${h.gravatar(r2p.user.email, size=14)}

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')() and r2p.user.username != 'default':

			




	
	
	
		
 
                             <a href="${h.url('edit_user',id=r2p.user.user_id)}">${r2p.user.username}</a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${r2p.user.username if r2p.user.username != 'default' else _('Default')}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                          %if r2p.user.username !='default':

			




	
	
	
		
 
                            <span style="color:#da4f49" class="action_button" onclick="ajaxActionRevoke(${r2p.user.user_id}, 'user', '${'id%s'%id(r2p.user.username)}', '${r2p.user.username}')">

			




	
	
	
		
 
                            <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                          %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                    %endif

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                ## USER GROUPS

			




	
	
	
		
 
                %for g2p in sorted(c.repo_info.users_group_to_perm, key=lambda x:x.users_group.users_group_name):

			




	
	
	
		
 
                    <tr id="id${id(g2p.users_group.users_group_name)}">

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.none')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.read')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.write')}</td>

			




	
	
	
		
 
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'repository.admin')}</td>

			




	
	
	
		
 
                        <td style="white-space: nowrap;">

			




	
	
	
		
 
                            <i class="icon-users"></i>

			




	
	
	
		
 
                            %if h.HasPermissionAny('hg.admin')():

			




	
	
	
		
 
                             <a href="${h.url('edit_users_group',id=g2p.users_group.users_group_id)}">${g2p.users_group.users_group_name}</a>

			




	
	
	
		
 
                            %else:

			




	
	
	
		
 
                             ${g2p.users_group.users_group_name}

			




	
	
	
		
 
                            %endif

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                        <td>

			




	
	
	
		
 
                            <span style="color:#da4f49" class="action_button" onclick="ajaxActionRevoke(${g2p.users_group.users_group_id}, 'user_group', '${'id%s'%id(g2p.users_group.users_group_name)}', '${g2p.users_group.users_group_name}')">

			




	
	
	
		
 
                            <i class="icon-minus-circled"></i> ${_('Revoke')}

			




	
	
	
		
 
                            </span>

			




	
	
	
		
 
                        </td>

			




	
	
	
		
 
                    </tr>

			




	
	
	
		
 
                %endfor

			




	
	
	
		
 

			




	
	
	
		
 
                <%

			




	
	
	
		
 
                _tmpl = h.literal("""'\

			




	
	
	
		
 
                    <td><input type="radio" value="repository.none" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="repository.read" checked="checked" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="repository.write" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td><input type="radio" value="repository.admin" name="perm_new_member_{0}" id="perm_new_member_{0}"></td> \

			




	
	
	
		
 
                    <td class="ac"> \

			




	
	
	
		
 
                        <div class="perm_ac" id="perm_ac_{0}"> \

			




	
	
	
		
 
                            <input class="yui-ac-input" id="perm_new_member_name_{0}" name="perm_new_member_name_{0}" value="" type="text"> \

			




	
	
	
		
 
                            <input id="perm_new_member_type_{0}" name="perm_new_member_type_{0}" value="" type="hidden">  \

			




	
	
	
		
 
                            <div id="perm_container_{0}"></div> \

			




	
	
	
		
 
                        </div> \

			




	
	
	
		
 
                    </td> \

			




	
	
	
		
 
                    <td></td>'""")

			




	
	
	
		
 
                %>

			




	
	
	
		
 
                ## ADD HERE DYNAMICALLY NEW INPUTS FROM THE '_tmpl'

			




	
	
	
		
 
                <tr class="new_members last_new_member" id="add_perm_input"></tr>

			




	
	
	
		
 
                <tr>

			




	
	
	
		
 
                    <td colspan="6">

			




	
	
	
		
 
                        <span id="add_perm" style="cursor: pointer;">

			




	
	
	
		
 
                            <i class="icon-plus"></i> ${_('Add new')}

			




	
	
	
		
 
                        </span>

			




	
	
	
		
 
                    </td>

			




	
	
	
		
 
                </tr>

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.