kallithea Changeset - faffec4abbda

Changeset - faffec4abbda

Parent rev.

Child rev.

[Not reviewed]

beta

0 7 0

Marcin Kuzminski - 13 years ago 2012-09-13 19:36:56
marcin@python-works.com

Implemented permissions for writing to repo
groups. Now only write access to group allows to create a repostiory
within that group

7 files changed with 36 insertions and 8 deletions:

rhodecode/controllers/admin/repos.py

rhodecode/controllers/admin/settings.py

rhodecode/controllers/forks.py

rhodecode/controllers/settings.py

rhodecode/model/db.py

rhodecode/model/forms.py

rhodecode/model/validators.py

0 comments (0 inline, 0 general)

rhodecode/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -63,13 +63,13 @@ class ReposController(BaseController): @@
     def __before__(self):
         c.admin_user = session.get('admin_user')
         c.admin_username = session.get('admin_username')
         super(ReposController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         repo_model = RepoModel()
         c.users_array = repo_model.get_users_js()
         c.users_groups_array = repo_model.get_users_groups_js()
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()

rhodecode/controllers/admin/settings.py

➞

Show inline comments

@@ @@ -448,13 +448,13 @@ class SettingsController(BaseController) @@
     @NotAnonymous()
     @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def create_repository(self):
         """GET /_admin/create_repository: Form to create a new item"""
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         new_repo = request.GET.get('repo', '')
         c.new_repo = repo_name_slug(new_repo)

rhodecode/controllers/forks.py

➞

Show inline comments

@@ @@ -50,13 +50,13 @@ class ForksController(BaseRepoController @@
     @LoginRequired()
     def __before__(self):
         super(ForksController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         c.landing_revs_choices = choices
     def __load_data(self, repo_name=None):
         """

rhodecode/controllers/settings.py

➞

Show inline comments

@@ @@ -53,13 +53,13 @@ class SettingsController(BaseRepoControl @@
     @LoginRequired()
     def __before__(self):
         super(SettingsController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         repo_model = RepoModel()
         c.users_array = repo_model.get_users_js()
         c.users_groups_array = repo_model.get_users_groups_js()
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -1024,20 +1024,26 @@ class RepoGroup(Base, BaseModel): @@
     def __unicode__(self):
         return u"<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,
                                   self.group_name)
     @classmethod
     def groups_choices(cls):
+    def groups_choices(cls, check_perms=False):
         from webhelpers.html import literal as _literal
         from rhodecode.model.scm import ScmModel
         groups = cls.query().all()
         if check_perms:
             #filter group user have access to, it's done
             #magically inside ScmModel based on current user
             groups = ScmModel().get_repos_groups(groups)
         repo_groups = [('', '')]
         sep = ' &raquo; '
         _name = lambda k: _literal(sep.join(k))
         repo_groups.extend([(x.group_id, _name(x.full_path_splitted))
-                              for x in cls.query().all()])
+                              for x in groups])
         repo_groups = sorted(repo_groups, key=lambda t: t[1].split(sep)[0])
         return repo_groups
     @classmethod
     def url_sep(cls):

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -174,13 +174,14 @@ def RepoForm(edit=False, old_data={}, su @@
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_group = All(v.CanWriteGroup(),
                          v.OneOf(repo_groups, hideList=True))
         repo_type = v.OneOf(supported_backends)
         description = v.UnicodeString(strip=True, min=1, not_empty=False)
         private = v.StringBoolean(if_missing=False)
         enable_statistics = v.StringBoolean(if_missing=False)
         enable_downloads = v.StringBoolean(if_missing=False)
         enable_locking = v.StringBoolean(if_missing=False)
@@ @@ -200,13 +201,14 @@ def RepoForkForm(edit=False, old_data={} @@
                  repo_groups=[], landing_revs=[]):
     class _RepoForkForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_group = All(v.CanWriteGroup(),
                          v.OneOf(repo_groups, hideList=True))
         repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         private = v.StringBoolean(if_missing=False)
         copy_permissions = v.StringBoolean(if_missing=False)
         update_after_clone = v.StringBoolean(if_missing=False)
         fork_parent_id = v.UnicodeString()

rhodecode/model/validators.py

➞

Show inline comments

@@ @@ -16,12 +16,13 @@ from formencode.validators import ( @@
 from rhodecode.lib.compat import OrderedSet
 from rhodecode.lib.utils import repo_name_slug
 from rhodecode.model.db import RepoGroup, Repository, UsersGroup, User,\
     ChangesetStatus
 from rhodecode.lib.exceptions import LdapImportError
 from rhodecode.config.routing import ADMIN_PREFIX
 from rhodecode.lib.auth import HasReposGroupPermissionAny
 # silence warnings and pylint
 UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \
     NotEmpty
 log = logging.getLogger(__name__)
@@ @@ -463,12 +464,31 @@ def ValidForkType(old_data={}): @@
                 raise formencode.Invalid(msg, value, state,
                     error_dict=dict(repo_type=msg)
+                )
     return _validator
 def CanWriteGroup():
     class _validator(formencode.validators.FancyValidator):
         messages = {
             'permission_denied': _(u"You don't have permissions "
                                    "to create repository in this group")
+        }
         def validate_python(self, value, state):
             gr = RepoGroup.get(value)
             if not HasReposGroupPermissionAny(
                 'group.write', 'group.admin'
             )(gr.group_name, 'get group of repo form'):
                 msg = M(self, 'permission_denied', state)
                 raise formencode.Invalid(msg, value, state,
                     error_dict=dict(repo_type=msg)
+                )
     return _validator
 def ValidPerms(type_='repo'):
     if type_ == 'group':
         EMPTY_PERM = 'group.none'
     elif type_ == 'repo':
         EMPTY_PERM = 'repository.none'

0 comments (0 inline, 0 general)