kallithea Changeset - faffec4abbda

Changeset - faffec4abbda

Parent rev.

Child rev.

[Not reviewed]

beta

0 7 0

Marcin Kuzminski - 13 years ago 2012-09-13 19:36:56
marcin@python-works.com

Implemented permissions for writing to repo
groups. Now only write access to group allows to create a repostiory
within that group

7 files changed with 36 insertions and 8 deletions:

rhodecode/controllers/admin/repos.py

rhodecode/controllers/admin/settings.py

rhodecode/controllers/forks.py

rhodecode/controllers/settings.py

rhodecode/model/db.py

rhodecode/model/forms.py

rhodecode/model/validators.py

0 comments (0 inline, 0 general)

rhodecode/controllers/admin/repos.py

➞

Show inline comments

@@ @@ -66,7 +66,7 @@ class ReposController(BaseController): @@
         super(ReposController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         repo_model = RepoModel()

rhodecode/controllers/admin/settings.py

➞

Show inline comments

@@ @@ -451,7 +451,7 @@ class SettingsController(BaseController) @@
     def create_repository(self):
         """GET /_admin/create_repository: Form to create a new item"""
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()

rhodecode/controllers/forks.py

➞

Show inline comments

@@ @@ -53,7 +53,7 @@ class ForksController(BaseRepoController @@
         super(ForksController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         choices, c.landing_revs = ScmModel().get_repo_landing_revs()
         c.landing_revs_choices = choices

rhodecode/controllers/settings.py

➞

Show inline comments

@@ @@ -56,7 +56,7 @@ class SettingsController(BaseRepoControl @@
         super(SettingsController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
+        c.repo_groups = RepoGroup.groups_choices(check_perms=True)
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         repo_model = RepoModel()

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -1027,14 +1027,20 @@ class RepoGroup(Base, BaseModel): @@
                                   self.group_name)
     @classmethod
     def groups_choices(cls):
+    def groups_choices(cls, check_perms=False):
         from webhelpers.html import literal as _literal
         from rhodecode.model.scm import ScmModel
         groups = cls.query().all()
         if check_perms:
             #filter group user have access to, it's done
             #magically inside ScmModel based on current user
             groups = ScmModel().get_repos_groups(groups)
         repo_groups = [('', '')]
         sep = ' &raquo; '
         _name = lambda k: _literal(sep.join(k))
         repo_groups.extend([(x.group_id, _name(x.full_path_splitted))
-                              for x in cls.query().all()])
+                              for x in groups])
         repo_groups = sorted(repo_groups, key=lambda t: t[1].split(sep)[0])
         return repo_groups

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -177,7 +177,8 @@ def RepoForm(edit=False, old_data={}, su @@
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_group = All(v.CanWriteGroup(),
                          v.OneOf(repo_groups, hideList=True))
         repo_type = v.OneOf(supported_backends)
         description = v.UnicodeString(strip=True, min=1, not_empty=False)
         private = v.StringBoolean(if_missing=False)
@@ @@ -203,7 +204,8 @@ def RepoForkForm(edit=False, old_data={} @@
         filter_extra_fields = False
         repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.SlugifyName())
         repo_group = v.OneOf(repo_groups, hideList=True)
         repo_group = All(v.CanWriteGroup(),
                          v.OneOf(repo_groups, hideList=True))
         repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
         description = v.UnicodeString(strip=True, min=1, not_empty=True)
         private = v.StringBoolean(if_missing=False)

rhodecode/model/validators.py

➞

Show inline comments

@@ @@ -19,6 +19,7 @@ from rhodecode.model.db import RepoGroup @@
     ChangesetStatus
 from rhodecode.lib.exceptions import LdapImportError
 from rhodecode.config.routing import ADMIN_PREFIX
 from rhodecode.lib.auth import HasReposGroupPermissionAny
 # silence warnings and pylint
 UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \
@@ @@ -466,6 +467,25 @@ def ValidForkType(old_data={}): @@
     return _validator
 def CanWriteGroup():
     class _validator(formencode.validators.FancyValidator):
         messages = {
             'permission_denied': _(u"You don't have permissions "
                                    "to create repository in this group")
+        }
         def validate_python(self, value, state):
             gr = RepoGroup.get(value)
             if not HasReposGroupPermissionAny(
                 'group.write', 'group.admin'
             )(gr.group_name, 'get group of repo form'):
                 msg = M(self, 'permission_denied', state)
                 raise formencode.Invalid(msg, value, state,
                     error_dict=dict(repo_type=msg)
+                )
     return _validator
 def ValidPerms(type_='repo'):
     if type_ == 'group':
         EMPTY_PERM = 'group.none'

0 comments (0 inline, 0 general)