diff --git a/kallithea/controllers/admin/permissions.py b/kallithea/controllers/admin/permissions.py --- a/kallithea/controllers/admin/permissions.py +++ b/kallithea/controllers/admin/permissions.py @@ -89,11 +89,6 @@ class PermissionsController(BaseControll c.repo_create_choices = [('hg.create.none', _('Disabled')), ('hg.create.repository', _('Enabled'))] - c.repo_create_on_write_choices = [ - ('hg.create.write_on_repogroup.true', _('Enabled')), - ('hg.create.write_on_repogroup.false', _('Disabled')), - ] - c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')), ('hg.usergroup.create.true', _('Enabled'))] @@ -109,7 +104,6 @@ class PermissionsController(BaseControll [x[0] for x in c.group_perms_choices], [x[0] for x in c.user_group_perms_choices], [x[0] for x in c.repo_create_choices], - [x[0] for x in c.repo_create_on_write_choices], [x[0] for x in c.repo_group_create_choices], [x[0] for x in c.user_group_create_choices], [x[0] for x in c.fork_choices], @@ -154,9 +148,6 @@ class PermissionsController(BaseControll if p.permission.permission_name.startswith('usergroup.'): defaults['default_user_group_perm'] = p.permission.permission_name - if p.permission.permission_name.startswith('hg.create.write_on_repogroup.'): - defaults['create_on_write'] = p.permission.permission_name - elif p.permission.permission_name.startswith('hg.create.'): defaults['default_repo_create'] = p.permission.permission_name diff --git a/kallithea/controllers/admin/repos.py b/kallithea/controllers/admin/repos.py --- a/kallithea/controllers/admin/repos.py +++ b/kallithea/controllers/admin/repos.py @@ -39,7 +39,7 @@ from webob.exc import HTTPForbidden, HTT import kallithea from kallithea.config.routing import url from kallithea.lib import helpers as h -from kallithea.lib.auth import HasPermissionAny, HasRepoPermissionLevelDecorator, LoginRequired, NotAnonymous +from kallithea.lib.auth import HasRepoPermissionLevelDecorator, LoginRequired, NotAnonymous from kallithea.lib.base import BaseRepoController, jsonify, render from kallithea.lib.exceptions import AttachedForksError from kallithea.lib.utils import action_logger @@ -76,13 +76,9 @@ class ReposController(BaseRepoController return repo_obj def __load_defaults(self, repo=None): - if HasPermissionAny('hg.create.write_on_repogroup.true')(): - repo_group_perm_level = 'write' - else: - repo_group_perm_level = 'admin' extras = [] if repo is None else [repo.group] - c.repo_groups = AvailableRepoGroupChoices(repo_group_perm_level, extras) + c.repo_groups = AvailableRepoGroupChoices('write', extras) c.landing_revs_choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo) diff --git a/kallithea/controllers/forks.py b/kallithea/controllers/forks.py --- a/kallithea/controllers/forks.py +++ b/kallithea/controllers/forks.py @@ -38,7 +38,7 @@ from webob.exc import HTTPFound import kallithea import kallithea.lib.helpers as h from kallithea.config.routing import url -from kallithea.lib.auth import HasPermissionAny, HasPermissionAnyDecorator, HasRepoPermissionLevel, HasRepoPermissionLevelDecorator, LoginRequired +from kallithea.lib.auth import HasPermissionAnyDecorator, HasRepoPermissionLevel, HasRepoPermissionLevelDecorator, LoginRequired from kallithea.lib.base import BaseRepoController, render from kallithea.lib.page import Page from kallithea.lib.utils2 import safe_int @@ -54,11 +54,7 @@ log = logging.getLogger(__name__) class ForksController(BaseRepoController): def __load_defaults(self): - if HasPermissionAny('hg.create.write_on_repogroup.true')(): - repo_group_perm_level = 'write' - else: - repo_group_perm_level = 'admin' - c.repo_groups = AvailableRepoGroupChoices(repo_group_perm_level) + c.repo_groups = AvailableRepoGroupChoices('write') c.landing_revs_choices, c.landing_revs = ScmModel().get_repo_landing_revs() diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py --- a/kallithea/lib/auth.py +++ b/kallithea/lib/auth.py @@ -149,7 +149,6 @@ def _cached_perms_data(user_id, user_is_ # based on default permissions, just set everything to admin #================================================================== permissions[GLOBAL].add('hg.admin') - permissions[GLOBAL].add('hg.create.write_on_repogroup.true') # repositories for perm in default_repo_perms: @@ -242,7 +241,7 @@ def _cached_perms_data(user_id, user_is_ # for each kind of global permissions, only keep the one with heighest weight kind_max_perm = {} - for perm in sorted(permissions[GLOBAL], key=lambda n: PERM_WEIGHTS[n]): + for perm in sorted(permissions[GLOBAL], key=lambda n: PERM_WEIGHTS.get(n, -1)): kind = perm.rsplit('.', 1)[0] kind_max_perm[kind] = perm permissions[GLOBAL] = set(kind_max_perm.values()) diff --git a/kallithea/model/db.py b/kallithea/model/db.py --- a/kallithea/model/db.py +++ b/kallithea/model/db.py @@ -1562,9 +1562,6 @@ class Permission(Base, BaseDbModel): ('hg.create.none', _('Only admins can create top level repositories')), ('hg.create.repository', _('Non-admins can create top level repositories')), - ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')), - ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')), - ('hg.fork.none', _('Only admins can fork repositories')), ('hg.fork.repository', _('Non-admins can fork repositories')), @@ -1582,7 +1579,6 @@ class Permission(Base, BaseDbModel): 'group.read', 'usergroup.read', 'hg.create.repository', - 'hg.create.write_on_repogroup.true', 'hg.fork.repository', 'hg.register.manual_activate', 'hg.extern_activate.auto', @@ -1616,9 +1612,6 @@ class Permission(Base, BaseDbModel): 'hg.create.none': 0, 'hg.create.repository': 1, - 'hg.create.write_on_repogroup.false': 0, - 'hg.create.write_on_repogroup.true': 1, - 'hg.register.none': 0, 'hg.register.manual_activate': 1, 'hg.register.auto_activate': 2, diff --git a/kallithea/model/forms.py b/kallithea/model/forms.py --- a/kallithea/model/forms.py +++ b/kallithea/model/forms.py @@ -396,7 +396,7 @@ def ApplicationUiSettingsForm(): def DefaultPermissionsForm(repo_perms_choices, group_perms_choices, user_group_perms_choices, create_choices, - create_on_write_choices, repo_group_create_choices, + repo_group_create_choices, user_group_create_choices, fork_choices, register_choices, extern_activate_choices): class _DefaultPermissionsForm(formencode.Schema): @@ -411,7 +411,6 @@ def DefaultPermissionsForm(repo_perms_ch default_user_group_perm = v.OneOf(user_group_perms_choices) default_repo_create = v.OneOf(create_choices) - create_on_write = v.OneOf(create_on_write_choices) default_user_group_create = v.OneOf(user_group_create_choices) default_fork = v.OneOf(fork_choices) diff --git a/kallithea/model/permission.py b/kallithea/model/permission.py --- a/kallithea/model/permission.py +++ b/kallithea/model/permission.py @@ -119,7 +119,6 @@ class PermissionModel(object): 'default_group_perm', 'default_user_group_perm', 'default_repo_create', - 'create_on_write', # special case for create repos on write access to group 'default_user_group_create', 'default_fork', 'default_register', diff --git a/kallithea/model/validators.py b/kallithea/model/validators.py --- a/kallithea/model/validators.py +++ b/kallithea/model/validators.py @@ -456,12 +456,11 @@ def CanWriteGroup(old_data=None): gr_name = gr.group_name if gr is not None else None # None means ROOT location # create repositories with write permission on group is set to true - create_on_write = HasPermissionAny('hg.create.write_on_repogroup.true')() group_admin = HasRepoGroupPermissionLevel('admin')(gr_name, 'can write into group validator') group_write = HasRepoGroupPermissionLevel('write')(gr_name, 'can write into group validator') - forbidden = not (group_admin or (group_write and create_on_write)) + forbidden = not (group_admin or group_write) can_create_repos = HasPermissionAny('hg.admin', 'hg.create.repository') gid = (old_data['repo_group'].get('group_id') if (old_data and 'repo_group' in old_data) else None) diff --git a/kallithea/templates/admin/permissions/permissions_globals.html b/kallithea/templates/admin/permissions/permissions_globals.html --- a/kallithea/templates/admin/permissions/permissions_globals.html +++ b/kallithea/templates/admin/permissions/permissions_globals.html @@ -58,13 +58,6 @@ ${h.form(url('admin_permissions'), metho
- -
- ${h.select('create_on_write','',c.repo_create_on_write_choices,class_='form-control')} - ${_('With this, write permission to a repository group allows creating repositories inside that group. Without this, group write permissions mean nothing.')} -
-
-
${h.select('default_user_group_create','',c.user_group_create_choices,class_='form-control')} diff --git a/kallithea/templates/index_base.html b/kallithea/templates/index_base.html --- a/kallithea/templates/index_base.html +++ b/kallithea/templates/index_base.html @@ -16,11 +16,10 @@ <% gr_name = c.group.group_name if c.group else None # create repositories with write permission on group is set to true - create_on_write = h.HasPermissionAny('hg.create.write_on_repogroup.true')() group_admin = h.HasRepoGroupPermissionLevel('admin')(gr_name, 'can write into group index page') group_write = h.HasRepoGroupPermissionLevel('write')(gr_name, 'can write into group index page') %> - %if h.HasPermissionAny('hg.admin','hg.create.repository')() or (group_admin or (group_write and create_on_write)): + %if h.HasPermissionAny('hg.admin','hg.create.repository')() or group_admin or group_write: %if c.group: ${_('Add Repository')} %if h.HasPermissionAny('hg.admin')() or h.HasRepoGroupPermissionLevel('admin')(c.group.group_name): diff --git a/kallithea/tests/models/test_permissions.py b/kallithea/tests/models/test_permissions.py --- a/kallithea/tests/models/test_permissions.py +++ b/kallithea/tests/models/test_permissions.py @@ -290,7 +290,7 @@ class TestPermissions(base.TestControlle 'hg.register.manual_activate', 'hg.extern_activate.auto', 'repository.read', 'group.read', - 'usergroup.read', 'hg.create.write_on_repogroup.true']) + 'usergroup.read']) def test_inherit_sad_permissions_from_default_user(self): user_model = UserModel() @@ -307,7 +307,7 @@ class TestPermissions(base.TestControlle 'hg.register.manual_activate', 'hg.extern_activate.auto', 'repository.read', 'group.read', - 'usergroup.read', 'hg.create.write_on_repogroup.true']) + 'usergroup.read']) def test_inherit_more_permissions_from_default_user(self): user_model = UserModel() @@ -333,7 +333,7 @@ class TestPermissions(base.TestControlle 'hg.register.manual_activate', 'hg.extern_activate.auto', 'repository.read', 'group.read', - 'usergroup.read', 'hg.create.write_on_repogroup.true']) + 'usergroup.read']) def test_inherit_less_permissions_from_default_user(self): user_model = UserModel() @@ -359,7 +359,7 @@ class TestPermissions(base.TestControlle 'hg.register.manual_activate', 'hg.extern_activate.auto', 'repository.read', 'group.read', - 'usergroup.read', 'hg.create.write_on_repogroup.true']) + 'usergroup.read']) def test_inactive_user_group_does_not_affect_global_permissions(self): # Add user to inactive user group, set specific permissions on user @@ -391,7 +391,7 @@ class TestPermissions(base.TestControlle 'hg.extern_activate.auto', 'repository.read', 'group.read', 'usergroup.read', - 'hg.create.write_on_repogroup.true']) + ]) def test_inactive_user_group_does_not_affect_global_permissions_inverse(self): # Add user to inactive user group, set specific permissions on user @@ -423,7 +423,7 @@ class TestPermissions(base.TestControlle 'hg.extern_activate.auto', 'repository.read', 'group.read', 'usergroup.read', - 'hg.create.write_on_repogroup.true']) + ]) def test_inactive_user_group_does_not_affect_repo_permissions(self): self.ug1 = fixture.create_user_group('G1')