Files @ 2e1059de6751
Branch filter:

Location: kallithea/kallithea/templates/admin/repo_groups/repo_group_edit_perms.html

2e1059de6751 5.7 KiB text/html Show Annotation Show as Raw Download as Raw
Mads Kiilerich
repo groups: make it possible to remove own explicit permissions, now when group owners always have admin permissions

Until recently, group owners very given explicit admin permissions on repo
group, and special care was taken to make sure they didn't remove themselves.

Now we always give admin permissions to owners, and don't care about the
explicit permissions. We no longer add them when creating groups or changing
owner. There is no migration step to remove redundant permissions, but we
should allow group admins to remove them. This change will thus remove the
mechanism for preventing removal of own/owner permissions.
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
${h.form(url('edit_repo_group_perms', group_name=c.repo_group.group_name))}
<div class="form">
        <div>
            <table id="permissions_manage" class="table">
                <tr>
                    <td>${_('None')}<br />(${_('Not visible')})</td>
                    <td>${_('Read')}<br />(${_('Visible')})</td>
                    <td>${_('Write')}<br />(${_('Add repos')})</td>
                    <td>${_('Admin')}<br />(${_('Add/Edit groups')})</td>
                    <td>${_('User/User Group')}</td>
                    <td></td>
                </tr>
                ## USERS
                %for r2p in c.repo_group.repo_group_to_perm:
                    <tr id="id${id(r2p.user.username)}">
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none')}</td>
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read')}</td>
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write')}</td>
                        <td>${h.radio('u_perm_%s' % r2p.user.username,'group.admin')}</td>
                        <td>
                            ${h.gravatar(r2p.user.email, cls="perm-gravatar", size=14)}
                            %if h.HasPermissionAny('hg.admin')() and r2p.user.username != 'default':
                             <a href="${h.url('edit_user',id=r2p.user.user_id)}">${r2p.user.username}</a>
                            %else:
                             ${r2p.user.username if r2p.user.username != 'default' else _('Default')}
                            %endif
                        </td>
                        <td>
                          %if r2p.user.username !='default':
                            <button type="button" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${r2p.user.user_id}, 'user', '${'id%s'%id(r2p.user.username)}', '${r2p.user.username}')">
                             <i class="icon-minus-circled"></i>${_('Revoke')}
                            </button>
                          %endif
                        </td>
                    </tr>
                %endfor

                ## USER GROUPS
                %for g2p in c.repo_group.users_group_to_perm:
                    <tr id="id${id(g2p.users_group.users_group_name)}">
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.none')}</td>
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.read')}</td>
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.write')}</td>
                        <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.admin')}</td>
                        <td>
                            <i class="icon-users"></i>
                            %if h.HasPermissionAny('hg.admin')():
                             <a href="${h.url('edit_users_group',id=g2p.users_group.users_group_id)}">
                                 ${g2p.users_group.users_group_name}
                             </a>
                            %else:
                             ${g2p.users_group.users_group_name}
                            %endif
                        </td>
                        <td>
                            <button type="button" class="btn btn-default btn-xs" onclick="ajaxActionRevoke(${g2p.users_group.users_group_id}, 'user_group', '${'id%s'%id(g2p.users_group.users_group_name)}', '${g2p.users_group.users_group_name}')">
                            <i class="icon-minus-circled"></i>${_('Revoke')}
                            </button>
                        </td>
                    </tr>
                %endfor
                ## New entries added by addPermAction here.
                <tr class="new_members last_new_member" id="add_perm_input"><td colspan="6"></td></tr>
                <tr>
                    <td colspan="6">
                        <button type="button" id="add_perm" class="btn btn-link btn-xs">
                            <i class="icon-plus"></i>${_('Add new')}
                        </button>
                    </td>
                </tr>
                <tr>
                    <td colspan="6">
                       ${_('Apply to children')}:
                       ${h.radio('recursive', 'none', label=_('None'), checked="checked")}
                       ${h.radio('recursive', 'groups', label=_('Repository Groups'))}
                       ${h.radio('recursive', 'repos', label=_('Repositories'))}
                       ${h.radio('recursive', 'all', label=_('Both'))}
                       <span class="help-block">${_('Set or revoke permission to all children of that group, including non-private repositories and other groups if selected.')}</span>
                    </td>
                </tr>
            </table>
        </div>
        <div class="buttons">
            ${h.submit('save',_('Save'),class_="btn btn-default")}
            ${h.reset('reset',_('Reset'),class_="btn btn-default")}
        </div>
</div>
${h.end_form()}

<script>
    'use strict';
    function ajaxActionRevoke(obj_id, obj_type, field_id, obj_name) {
        let url = ${h.jshtml(h.url('edit_repo_group_perms_delete', group_name=c.repo_group.group_name))};
        var revoke_msg = _TM['Confirm to revoke permission for {0}: {1}?'].format(obj_type.replace('_', ' '), obj_name);
        if (confirm(revoke_msg)){
            var recursive = $('input[name=recursive]:checked').val();
            ajaxActionRevokePermission(url, obj_id, obj_type, field_id, {recursive:recursive});
        }
    }

    $(document).ready(function () {
        if (!$('#perm_new_member_name').hasClass('error')) {
            $('#add_perm_input').hide();
        }
        $('#add_perm').click(function () {
            addPermAction('group');
        });
    });
</script>
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.