kallithea Files · rhodecode/controllers/admin/permissions.py

Files @ aa3b55946089

Branch filter:

Location: kallithea/rhodecode/controllers/admin/permissions.py

aa3b55946089 8.0 KiB text/x-python Show Annotation Show as Raw Download as Raw

"Bradley M. Kuhn"

Migrate to Mergely 3.3.4.

RhodeCode 2.2.5 distributed Mergely 3.3.4 with some of the changes that
Mergely 3.3.3 in RhodeCode 1.7.2 also had. That do however not seem to be
changes we want for Kallithea this way and we take the 3.3.4 files as they are.

I've also included the Mergely license file, as downloaded from:
http://www.mergely.com/license.php

That LICENSE file is kept in HTML just as it was downloaded from their
website. While it's a bit annoying to keep the license file in HTML, this is
the way it came from upstream so we'll leave it that way.

Since the Javascript code is used with other GPLv3 Javascript, we are using the
GPL option of Mergely's tri-license.

Finally, note that previously, this was incorrectly called "mergerly", so the
opportunity is taken here to correct the name. That required changes to
diff_2way.html.

As commands::

$ wget -N --output-document LICENSE-MERGELY.html http://www.mergely.com/license.php
$ hg add LICENSE-MERGELY.html
$ hg mv rhodecode/public/css/mergerly.css rhodecode/public/css/mergely.css
$ hg mv rhodecode/public/js/mergerly.js rhodecode/public/js/mergely.js
$ sed -i 's,mergerly\.,mergely,g' rhodecode/templates/files/diff_2way.html
$ ( cd /tmp; \
wget -N http://www.mergely.com/releases/mergely-3.3.4.zip; \
unzip mergely-3.3.4.zip )
$ sha256sum /tmp/mergely-3.3.4.zip
87415d30494bbe829c248881aa7cdc0303f7e70b458a5f687615564d4498cc82 mergely-3.3.4.zip
$ cp /tmp/mergely-3.3.4/lib/mergely.js rhodecode/public/js/mergely.js
$ cp /tmp/mergely-3.3.4/lib/mergely.css rhodecode/public/css/mergely.css
$ sed -i -e '/^ \* Version/a\ *\n * NOTE by bkuhn@sfconservancy.org for Kallithea:\n * Mergely license appears at http://www.mergely.com/license.php and in LICENSE-MERGELY.html' rhodecode/public/js/mergely.js rhodecode/public/css/mergely.css

# -*- coding: utf-8 -*-
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
"""
rhodecode.controllers.admin.permissions
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

permissions controller for Rhodecode

:created_on: Apr 27, 2010
:author: marcink
:copyright: (c) 2013 RhodeCode GmbH.
:license: GPLv3, see LICENSE for more details.
"""


import logging
import traceback
import formencode
from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url
from pylons.controllers.util import abort, redirect
from pylons.i18n.translation import _

from rhodecode.lib import helpers as h
from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator,\
    AuthUser
from rhodecode.lib.base import BaseController, render
from rhodecode.model.forms import DefaultPermissionsForm
from rhodecode.model.permission import PermissionModel
from rhodecode.model.db import User, UserIpMap, Permission
from rhodecode.model.meta import Session

log = logging.getLogger(__name__)


class PermissionsController(BaseController):
    """REST Controller styled on the Atom Publishing Protocol"""
    # To properly map this controller, ensure your config/routing.py
    # file has a resource setup:
    #     map.resource('permission', 'permissions')

    @LoginRequired()
    @HasPermissionAllDecorator('hg.admin')
    def __before__(self):
        super(PermissionsController, self).__before__()

    def __load_data(self):
        c.repo_perms_choices = [('repository.none', _('None'),),
                                   ('repository.read', _('Read'),),
                                   ('repository.write', _('Write'),),
                                   ('repository.admin', _('Admin'),)]
        c.group_perms_choices = [('group.none', _('None'),),
                                 ('group.read', _('Read'),),
                                 ('group.write', _('Write'),),
                                 ('group.admin', _('Admin'),)]
        c.user_group_perms_choices = [('usergroup.none', _('None'),),
                                      ('usergroup.read', _('Read'),),
                                      ('usergroup.write', _('Write'),),
                                      ('usergroup.admin', _('Admin'),)]
        c.register_choices = [
            ('hg.register.none',
                _('Disabled')),
            ('hg.register.manual_activate',
                _('Allowed with manual account activation')),
            ('hg.register.auto_activate',
                _('Allowed with automatic account activation')), ]

        c.extern_activate_choices = [
            ('hg.extern_activate.manual', _('Manual activation of external account')),
            ('hg.extern_activate.auto', _('Automatic activation of external account')),
        ]

        c.repo_create_choices = [('hg.create.none', _('Disabled')),
                                 ('hg.create.repository', _('Enabled'))]

        c.repo_create_on_write_choices = [
            ('hg.create.write_on_repogroup.true', _('Enabled')),
            ('hg.create.write_on_repogroup.false', _('Disabled')),
        ]

        c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')),
                                       ('hg.usergroup.create.true', _('Enabled'))]

        c.repo_group_create_choices = [('hg.repogroup.create.false', _('Disabled')),
                                       ('hg.repogroup.create.true', _('Enabled'))]

        c.fork_choices = [('hg.fork.none', _('Disabled')),
                          ('hg.fork.repository', _('Enabled'))]

    def permission_globals(self):
        c.active = 'globals'
        self.__load_data()
        if request.POST:
            _form = DefaultPermissionsForm(
                [x[0] for x in c.repo_perms_choices],
                [x[0] for x in c.group_perms_choices],
                [x[0] for x in c.user_group_perms_choices],
                [x[0] for x in c.repo_create_choices],
                [x[0] for x in c.repo_create_on_write_choices],
                [x[0] for x in c.repo_group_create_choices],
                [x[0] for x in c.user_group_create_choices],
                [x[0] for x in c.fork_choices],
                [x[0] for x in c.register_choices],
                [x[0] for x in c.extern_activate_choices])()

            try:
                form_result = _form.to_python(dict(request.POST))
                form_result.update({'perm_user_name': 'default'})
                PermissionModel().update(form_result)
                Session().commit()
                h.flash(_('Global permissions updated successfully'),
                        category='success')

            except formencode.Invalid, errors:
                defaults = errors.value

                return htmlfill.render(
                    render('admin/permissions/permissions.html'),
                    defaults=defaults,
                    errors=errors.error_dict or {},
                    prefix_error=False,
                    encoding="UTF-8")
            except Exception:
                log.error(traceback.format_exc())
                h.flash(_('Error occurred during update of permissions'),
                        category='error')

            return redirect(url('admin_permissions'))

        c.user = User.get_default_user()
        defaults = {'anonymous': c.user.active}

        for p in c.user.user_perms:
            if p.permission.permission_name.startswith('repository.'):
                defaults['default_repo_perm'] = p.permission.permission_name

            if p.permission.permission_name.startswith('group.'):
                defaults['default_group_perm'] = p.permission.permission_name

            if p.permission.permission_name.startswith('usergroup.'):
                defaults['default_user_group_perm'] = p.permission.permission_name

            if p.permission.permission_name.startswith('hg.create.write_on_repogroup'):
                defaults['create_on_write'] = p.permission.permission_name

            elif p.permission.permission_name.startswith('hg.create.'):
                defaults['default_repo_create'] = p.permission.permission_name

            if p.permission.permission_name.startswith('hg.repogroup.'):
                defaults['default_repo_group_create'] = p.permission.permission_name

            if p.permission.permission_name.startswith('hg.usergroup.'):
                defaults['default_user_group_create'] = p.permission.permission_name

            if p.permission.permission_name.startswith('hg.register.'):
                defaults['default_register'] = p.permission.permission_name

            if p.permission.permission_name.startswith('hg.extern_activate.'):
                defaults['default_extern_activate'] = p.permission.permission_name

            if p.permission.permission_name.startswith('hg.fork.'):
                defaults['default_fork'] = p.permission.permission_name

        return htmlfill.render(
            render('admin/permissions/permissions.html'),
            defaults=defaults,
            encoding="UTF-8",
            force_defaults=False)

    def permission_ips(self):
        c.active = 'ips'
        c.user = User.get_default_user()
        c.user_ip_map = UserIpMap.query()\
                        .filter(UserIpMap.user == c.user).all()

        return render('admin/permissions/permissions.html')

    def permission_perms(self):
        c.active = 'perms'
        c.user = User.get_default_user()
        c.perm_user = c.user.AuthUser
        return render('admin/permissions/permissions.html')