def delete(self, id):
"""DELETE /repos_groups/id: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="DELETE" />
# Or using helpers:
# h.form(url('repos_group', id=ID),
# method='delete')
# url('repos_group', id=ID)
repos_group_model = ReposGroupModel()
gr = Group.get(id)
repos = gr.repositories.all()
if repos:
h.flash(_('This group contains %s repositores and cannot be '
'deleted' % len(repos)),
category='error')
return redirect(url('repos_groups'))
try:
repos_group_model.delete(id)
h.flash(_('removed repos group %s' % gr.group_name), category='success')
#TODO: in future action_logger(, '', '', '', self.sa)
except IntegrityError, e:
if e.message.find('groups_group_parent_id_fkey'):
log.error(traceback.format_exc())
h.flash(_('Cannot delete this group it still contains '
'subgroups'),
category='warning')
else:
log.error(traceback.format_exc())
h.flash(_('error occurred during deletion of repos '
'group %s' % gr.group_name), category='error')
def map_groups(path):
"""
Given a full path to a repository, create all nested groups that this
repo is inside. This function creates parent-child relationships between
groups and creates default perms for all new groups.
:param paths: full path to repository
"""
sa = meta.Session()
groups = path.split(Repository.url_sep())
parent = None
group = None
# last element is repo in nested groups structure
groups = groups[:-1]
rgm = ReposGroupModel(sa)
for lvl, group_name in enumerate(groups):
group_name = '/'.join(groups[:lvl] + [group_name])
group = RepoGroup.get_by_group_name(group_name)
desc = '%s group' % group_name
# skip folders that are now removed repos
if REMOVED_REPO_PAT.match(group_name):
break
if group is None:
log.debug('creating group level: %s group_name: %s' % (lvl,
group_name))
group = RepoGroup(group_name, parent)
group.group_description = desc
sa.add(group)
rgm._create_default_perms(group)
sa.flush()
parent = group
return group
def update(self, id):
"""PUT /repos_groups/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('repos_group', id=ID),
# method='put')
# url('repos_group', id=ID)
self.__load_defaults()
c.repos_group = Group.get(id)
repos_group_model = ReposGroupModel()
repos_group_form = ReposGroupForm(edit=True,
old_data=c.repos_group.get_dict(),
available_groups=
c.repo_groups_choices)()
try:
form_result = repos_group_form.to_python(dict(request.POST))
repos_group_model.update(id, form_result)
h.flash(_('updated repos group %s') \
% form_result['group_name'], category='success')
#TODO: in futureaction_logger(, '', '', '', self.sa)
except formencode.Invalid, errors:
return htmlfill.render(
render('admin/repos_groups/repos_groups_edit.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def map_groups(path):
"""
Given a full path to a repository, create all nested groups that this
repo is inside. This function creates parent-child relationships between
groups and creates default perms for all new groups.
:param paths: full path to repository
"""
sa = meta.Session()
groups = path.split(Repository.url_sep())
parent = None
group = None
# last element is repo in nested groups structure
groups = groups[:-1]
rgm = ReposGroupModel(sa)
for lvl, group_name in enumerate(groups):
group_name = '/'.join(groups[:lvl] + [group_name])
group = RepoGroup.get_by_group_name(group_name)
desc = '%s group' % group_name
# skip folders that are now removed repos
if REMOVED_REPO_PAT.match(group_name):
break
if group is None:
log.debug('creating group level: %s group_name: %s' %
(lvl, group_name))
group = RepoGroup(group_name, parent)
group.group_description = desc
sa.add(group)
rgm._create_default_perms(group)
sa.flush()
parent = group
return group
def test_repo_group_user_as_user_group_member(self):
# create Group1
self.g1 = _make_group('group1', skip_if_exists=True)
Session.commit()
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.read'})
# set default permission to none
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.anon,
perm='group.none')
# make group
self.ug1 = UsersGroupModel().create('G1')
# add user to group
UsersGroupModel().add_user_to_group(self.ug1, self.u1)
Session.commit()
# check if user is in the group
membrs = [
x.user_id
for x in UsersGroupModel().get(self.ug1.users_group_id).members
]
self.assertEqual(membrs, [self.u1.user_id])
# add some user to that group
# check his permissions
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
# grant ug1 read permissions for
ReposGroupModel().grant_users_group_permission(repos_group=self.g1,
group_name=self.ug1,
perm='group.read')
Session.commit()
# check if the
obj = Session.query(UsersGroupRepoGroupToPerm)\
.filter(UsersGroupRepoGroupToPerm.group == self.g1)\
.filter(UsersGroupRepoGroupToPerm.users_group == self.ug1)\
.scalar()
self.assertEqual(obj.permission.permission_name, 'group.read')
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.read'})
def update(self, group_name):
"""PUT /repos_groups/group_name: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('repos_group', group_name=GROUP_NAME),
# method='put')
# url('repos_group', group_name=GROUP_NAME)
c.repos_group = ReposGroupModel()._get_repos_group(group_name)
if HasPermissionAll('hg.admin')('group edit'):
#we're global admin, we're ok and we can create TOP level groups
allow_empty_group = True
elif not c.repos_group.parent_group:
allow_empty_group = True
else:
allow_empty_group = False
self.__load_defaults(allow_empty_group=allow_empty_group,
exclude_group_ids=[c.repos_group.group_id])
repos_group_form = ReposGroupForm(
edit=True,
old_data=c.repos_group.get_dict(),
available_groups=c.repo_groups_choices,
can_create_in_root=allow_empty_group,
)()
try:
form_result = repos_group_form.to_python(dict(request.POST))
if not c.rhodecode_user.is_admin:
if self._revoke_perms_on_yourself(form_result):
msg = _('Cannot revoke permission for yourself as admin')
h.flash(msg, category='warning')
raise Exception('revoke admin permission on self')
new_gr = ReposGroupModel().update(group_name, form_result)
Session().commit()
h.flash(_('Updated repository group %s') \
% form_result['group_name'], category='success')
# we now have new name !
group_name = new_gr.group_name
#TODO: in future action_logger(, '', '', '', self.sa)
except formencode.Invalid, errors:
return htmlfill.render(
render('admin/repos_groups/repos_groups_edit.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def tearDown(self):
if hasattr(self, 'test_repo'):
RepoModel().delete(repo=self.test_repo)
UserModel().delete(self.u1)
UserModel().delete(self.u2)
UserModel().delete(self.a1)
if hasattr(self, 'g1'):
ReposGroupModel().delete(self.g1.group_id)
if hasattr(self, 'g2'):
ReposGroupModel().delete(self.g2.group_id)
if hasattr(self, 'ug1'):
UsersGroupModel().delete(self.ug1, force=True)
Session.commit()
def test_create_hg_in_group(self):
self.log_user()
## create GROUP
group_name = 'sometest'
gr = ReposGroupModel().create(group_name=group_name,
group_description='test',
owner=TEST_USER_ADMIN_LOGIN)
self.Session().commit()
repo_name = 'ingroup'
repo_name_full = RepoGroup.url_sep().join([group_name, repo_name])
description = 'description for newly created repo'
response = self.app.post(
url('repos'),
fixture._get_repo_create_params(
repo_private=False,
repo_name=repo_name,
repo_description=description,
repo_group=gr.group_id,
))
self.checkSessionFlash(
response, 'Created repository <a href="/%s">%s</a>' %
(repo_name_full, repo_name))
#test if the repo was created in the database
new_repo = self.Session().query(Repository)\
.filter(Repository.repo_name == repo_name_full).one()
self.assertEqual(new_repo.repo_name, repo_name_full)
self.assertEqual(new_repo.description, description)
#test if repository is visible in the list ?
response = response.follow()
response.mustcontain(repo_name_full)
#test if repository was created on filesystem
try:
vcs.get_repo(os.path.join(TESTS_TMP_PATH, repo_name_full))
except Exception:
ReposGroupModel().delete(group_name)
self.Session().commit()
self.fail('no repo %s in filesystem' % repo_name)
RepoModel().delete(repo_name_full)
ReposGroupModel().delete(group_name)
self.Session().commit()
def update(self, id):
"""PUT /repos_groups/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('repos_group', id=ID),
# method='put')
# url('repos_group', id=ID)
self.__load_defaults()
c.repos_group = RepoGroup.get(id)
repos_group_form = ReposGroupForm(
edit=True,
old_data=c.repos_group.get_dict(),
available_groups=c.repo_groups_choices)()
try:
form_result = repos_group_form.to_python(dict(request.POST))
ReposGroupModel().update(id, form_result)
Session.commit()
h.flash(_('updated repos group %s') \
% form_result['group_name'], category='success')
#TODO: in futureaction_logger(, '', '', '', self.sa)
except formencode.Invalid, errors:
return htmlfill.render(
render('admin/repos_groups/repos_groups_edit.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def show(self, group_name, format='html'):
"""GET /repos_groups/group_name: Show a specific item"""
# url('repos_group', group_name=GROUP_NAME)
c.group = c.repos_group = ReposGroupModel()._get_repo_group(group_name)
c.group_repos = c.group.repositories.all()
#overwrite our cached list with current filter
gr_filter = c.group_repos
c.repo_cnt = 0
groups = RepoGroup.query().order_by(RepoGroup.group_name)\
.filter(RepoGroup.group_parent_id == c.group.group_id).all()
c.groups = self.scm_model.get_repos_groups(groups)
c.repos_list = Repository.query()\
.filter(Repository.group_id == c.group.group_id)\
.order_by(func.lower(Repository.repo_name))\
.all()
repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list,
admin=False)
#json used to render the grid
c.data = json.dumps(repos_data)
return render('admin/repos_groups/repos_groups.html')
def create(self):
"""POST /repos_groups: Create a new item"""
# url('repos_groups')
self.__load_defaults()
# permissions for can create group based on parent_id are checked
# here in the Form
repos_group_form = ReposGroupForm(
available_groups=map(lambda k: unicode(k[0]), c.repo_groups))()
try:
form_result = repos_group_form.to_python(dict(request.POST))
ReposGroupModel().create(
group_name=form_result['group_name'],
group_description=form_result['group_description'],
parent=form_result['group_parent_id'],
owner=self.rhodecode_user.user_id)
Session().commit()
h.flash(_('Created repository group %s') \
% form_result['group_name'], category='success')
#TODO: in futureaction_logger(, '', '', '', self.sa)
except formencode.Invalid, errors:
return htmlfill.render(
render('admin/repos_groups/repos_groups_add.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def delete(self, id):
"""DELETE /repos_groups/id: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="DELETE" />
# Or using helpers:
# h.form(url('repos_group', id=ID),
# method='delete')
# url('repos_group', id=ID)
gr = RepoGroup.get(id)
repos = gr.repositories.all()
if repos:
h.flash(_('This group contains %s repositores and cannot be '
'deleted' % len(repos)),
category='error')
return redirect(url('repos_groups'))
try:
ReposGroupModel().delete(id)
Session.commit()
h.flash(_('removed repos group %s' % gr.group_name),
category='success')
#TODO: in future action_logger(, '', '', '', self.sa)
except IntegrityError, e:
if e.message.find('groups_group_parent_id_fkey') != -1:
log.error(traceback.format_exc())
h.flash(_('Cannot delete this group it still contains '
'subgroups'),
category='warning')
else:
log.error(traceback.format_exc())
h.flash(_('error occurred during deletion of repos '
'group %s' % gr.group_name),
category='error')
def _make_group(path, desc='desc', parent_id=None, skip_if_exists=False):
gr = RepoGroup.get_by_group_name(path)
if gr and skip_if_exists:
return gr
gr = ReposGroupModel().create(path, desc, parent_id)
return gr
def __update_group(self, id_, path, desc='desc', parent_id=None):
form_data = dict(group_name=path,
group_description=desc,
group_parent_id=parent_id,
perms_updates=[],
perms_new=[])
gr = ReposGroupModel().update(id_, form_data)
return gr
def test_ValidReposGroup(self):
validator = v.ValidReposGroup()
model = ReposGroupModel()
self.assertRaises(formencode.Invalid, validator.to_python,
{'group_name': HG_REPO, })
gr = model.create(group_name='test_gr', group_description='desc',
parent=None,
just_db=True)
self.assertRaises(formencode.Invalid,
validator.to_python, {'group_name': gr.group_name, })
validator = v.ValidReposGroup(edit=True,
old_data={'group_id': gr.group_id})
self.assertRaises(formencode.Invalid,
validator.to_python, {
'group_name': gr.group_name + 'n',
'group_parent_id': gr.group_id
})
model.delete(gr)
def get_repo_group_or_error(repogroupid):
"""
Get repo group by id or name or return JsonRPCError if not found
:param repogroupid:
"""
repo_group = ReposGroupModel()._get_repo_group(repogroupid)
if repo_group is None:
raise JSONRPCError('repository group `%s` does not exist' %
(repogroupid, ))
return repo_group
def permissions_setup_func(group_name='g0', perm='group.read', recursive=True):
"""
Resets all permissions to perm attribute
"""
repos_group = RepoGroup.get_by_group_name(group_name=group_name)
if not repos_group:
raise Exception('Cannot get group %s' % group_name)
perms_updates = [[test_u1_id, perm, 'user']]
ReposGroupModel()._update_permissions(repos_group,
perms_updates=perms_updates,
recursive=recursive)
Session().commit()
def test_index_page_on_groups(self):
self.log_user()
gr = fixture.create_group('gr1')
fixture.create_repo(name='gr1/repo_in_group', repos_group=gr)
response = self.app.get(url('repos_group_home', group_name='gr1'))
try:
response.mustcontain("gr1/repo_in_group")
finally:
RepoModel().delete('gr1/repo_in_group')
ReposGroupModel().delete(repos_group='gr1', force_delete=True)
Session().commit()
def create(self):
"""POST /repos_groups: Create a new item"""
# url('repos_groups')
self.__load_defaults()
repos_group_model = ReposGroupModel()
repos_group_form = ReposGroupForm(available_groups=
c.repo_groups_choices)()
try:
form_result = repos_group_form.to_python(dict(request.POST))
repos_group_model.create(form_result)
h.flash(_('created repos group %s') \
% form_result['group_name'], category='success')
#TODO: in futureaction_logger(, '', '', '', self.sa)
except formencode.Invalid, errors:
return htmlfill.render(
render('admin/repos_groups/repos_groups_add.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def _destroy_project_tree(test_u1_id):
Session.remove()
repos_group = RepoGroup.get_by_group_name(group_name='g0')
for el in reversed(repos_group.recursive_groups_and_repos()):
if isinstance(el, Repository):
RepoModel().delete(el)
elif isinstance(el, RepoGroup):
ReposGroupModel().delete(el, force_delete=True)
u = User.get(test_u1_id)
Session().delete(u)
Session().commit()
def delete(self, group_name):
"""DELETE /repos_groups/group_name: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="DELETE" />
# Or using helpers:
# h.form(url('repos_group', group_name=GROUP_NAME),
# method='delete')
# url('repos_group', group_name=GROUP_NAME)
gr = c.repos_group = ReposGroupModel()._get_repo_group(group_name)
repos = gr.repositories.all()
if repos:
h.flash(_('This group contains %s repositores and cannot be '
'deleted') % len(repos),
category='warning')
return redirect(url('repos_groups'))
children = gr.children.all()
if children:
h.flash(
_('This group contains %s subgroups and cannot be deleted' %
(len(children))),
category='warning')
return redirect(url('repos_groups'))
try:
ReposGroupModel().delete(group_name)
Session().commit()
h.flash(_('Removed repository group %s') % group_name,
category='success')
#TODO: in future action_logger(, '', '', '', self.sa)
except Exception:
log.error(traceback.format_exc())
h.flash(
_('Error occurred during deletion of repository group %s') %
group_name,
category='error')
return redirect(url('repos_groups'))
def set_repo_group_perm_member(self, group_name):
c.repos_group = ReposGroupModel()._get_repo_group(group_name)
form_result = RepoGroupPermsForm()().to_python(request.POST)
if not c.rhodecode_user.is_admin:
if self._revoke_perms_on_yourself(form_result):
msg = _('Cannot revoke permission for yourself as admin')
h.flash(msg, category='warning')
return redirect(url('edit_repos_group', group_name=group_name))
recursive = form_result['recursive']
# iterate over all members(if in recursive mode) of this groups and
# set the permissions !
# this can be potentially heavy operation
ReposGroupModel()._update_permissions(c.repos_group,
form_result['perms_new'],
form_result['perms_updates'],
recursive)
#TODO: implement this
#action_logger(self.rhodecode_user, 'admin_changed_repo_permissions',
# repo_name, self.ip_addr, self.sa)
Session().commit()
h.flash(_('Repository Group permissions updated'), category='success')
return redirect(url('edit_repos_group', group_name=group_name))
def test_ValidReposGroup(self):
validator = v.ValidReposGroup()
model = ReposGroupModel()
self.assertRaises(formencode.Invalid, validator.to_python, {
'group_name': HG_REPO,
})
gr = model.create(group_name='test_gr',
group_description='desc',
parent=None,
just_db=True,
owner=TEST_USER_ADMIN_LOGIN)
self.assertRaises(formencode.Invalid, validator.to_python, {
'group_name': gr.group_name,
})
validator = v.ValidReposGroup(edit=True,
old_data={'group_id': gr.group_id})
self.assertRaises(formencode.Invalid, validator.to_python, {
'group_name': gr.group_name + 'n',
'group_parent_id': gr.group_id
})
model.delete(gr)
def test_index_page_on_groups_with_lightweight_dashboard(self):
self.log_user()
self._set_l_dash(True)
fixture.create_repo(name='gr1/repo_in_group',
repos_group=fixture.create_group('gr1'))
response = self.app.get(url('repos_group_home', group_name='gr1'))
try:
response.mustcontain("""gr1/repo_in_group""")
finally:
self._set_l_dash(False)
RepoModel().delete('gr1/repo_in_group')
ReposGroupModel().delete(repos_group='gr1', force_delete=True)
Session().commit()
def fixup_groups(self):
def_usr = User.get_by_username('default')
for g in RepoGroup.query().all():
g.group_name = g.get_new_name(g.name)
self.sa.add(g)
# get default perm
default = UserRepoGroupToPerm.query()\
.filter(UserRepoGroupToPerm.group == g)\
.filter(UserRepoGroupToPerm.user == def_usr)\
.scalar()
if default is None:
log.debug('missing default permission for group %s adding' % g)
ReposGroupModel()._create_default_perms(g)
def delete_repo_group_perm_member(self, group_name):
"""
DELETE an existing repository group permission user
:param group_name:
"""
try:
obj_type = request.POST.get('obj_type')
obj_id = None
if obj_type == 'user':
obj_id = safe_int(request.POST.get('user_id'))
elif obj_type == 'user_group':
obj_id = safe_int(request.POST.get('user_group_id'))
if not c.rhodecode_user.is_admin:
if obj_type == 'user' and c.rhodecode_user.user_id == obj_id:
msg = _('Cannot revoke permission for yourself as admin')
h.flash(msg, category='warning')
raise Exception('revoke admin permission on self')
recursive = str2bool(request.POST.get('recursive', False))
if obj_type == 'user':
ReposGroupModel().delete_permission(repos_group=group_name,
obj=obj_id,
obj_type='user',
recursive=recursive)
elif obj_type == 'user_group':
ReposGroupModel().delete_permission(repos_group=group_name,
obj=obj_id,
obj_type='users_group',
recursive=recursive)
Session().commit()
except Exception:
log.error(traceback.format_exc())
h.flash(_('An error occurred during revoking of permission'),
category='error')
raise HTTPInternalServerError()
def test_ValidRepoName(self):
validator = v.ValidRepoName()
self.assertRaises(formencode.Invalid, validator.to_python,
{'repo_name': ''})
self.assertRaises(formencode.Invalid, validator.to_python,
{'repo_name': HG_REPO})
gr = ReposGroupModel().create(group_name='group_test',
group_description='desc',
parent=None,
owner=TEST_USER_ADMIN_LOGIN)
self.assertRaises(formencode.Invalid, validator.to_python,
{'repo_name': gr.group_name})
def delete_repos_group_user_perm(self, group_name):
"""
DELETE an existing repositories group permission user
:param group_name:
"""
try:
ReposGroupModel().revoke_user_permission(
repos_group=group_name, user=request.POST['user_id'])
Session.commit()
except Exception:
log.error(traceback.format_exc())
h.flash(_('An error occurred during deletion of group user'),
category='error')
raise HTTPInternalServerError()
def create_group(self, name, **kwargs):
if 'skip_if_exists' in kwargs:
del kwargs['skip_if_exists']
gr = RepoGroup.get_by_group_name(group_name=name)
if gr:
return gr
form_data = self._get_group_create_params(group_name=name, **kwargs)
owner = kwargs.get('cur_user', TEST_USER_ADMIN_LOGIN)
gr = ReposGroupModel().create(
group_name=form_data['group_name'],
group_description=form_data['group_name'],
owner=owner,
parent=form_data['group_parent_id'])
Session().commit()
gr = RepoGroup.get_by_group_name(gr.group_name)
return gr
def delete_repos_group_users_group_perm(self, group_name):
"""
DELETE an existing repository group permission user group
:param group_name:
"""
try:
recursive = str2bool(request.POST.get('recursive', False))
ReposGroupModel().delete_permission(
repos_group=group_name,
obj=request.POST['users_group_id'],
obj_type='users_group',
recursive=recursive)
Session().commit()
except Exception:
log.error(traceback.format_exc())
h.flash(_('An error occurred during deletion of group'
' user groups'),
category='error')
raise HTTPInternalServerError()
def create(self):
"""POST /repos_groups: Create a new item"""
# url('repos_groups')
self.__load_defaults()
repos_group_form = ReposGroupForm(
available_groups=c.repo_groups_choices)()
try:
form_result = repos_group_form.to_python(dict(request.POST))
ReposGroupModel().create(
group_name=form_result['group_name'],
group_description=form_result['group_description'],
parent=form_result['group_parent_id'])
Session.commit()
h.flash(_('created repos group %s') \
% form_result['group_name'], category='success')
#TODO: in futureaction_logger(, '', '', '', self.sa)
except formencode.Invalid, errors:
return htmlfill.render(
render('admin/repos_groups/repos_groups_add.html'),
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def edit(self, group_name, format='html'):
"""GET /repos_groups/group_name/edit: Form to edit an existing item"""
# url('edit_repos_group', group_name=GROUP_NAME)
c.repos_group = ReposGroupModel()._get_repo_group(group_name)
#we can only allow moving empty group if it's already a top-level
#group, ie has no parents, or we're admin
if HasPermissionAll('hg.admin')('group edit'):
#we're global admin, we're ok and we can create TOP level groups
allow_empty_group = True
elif not c.repos_group.parent_group:
allow_empty_group = True
else:
allow_empty_group = False
self.__load_defaults(allow_empty_group=allow_empty_group,
exclude_group_ids=[c.repos_group.group_id])
defaults = self.__load_data(c.repos_group.group_id)
return htmlfill.render(
render('admin/repos_groups/repos_groups_edit.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=False)
def test_repo_in_group_permissions(self):
self.g1 = _make_group('group1', skip_if_exists=True)
self.g2 = _make_group('group2', skip_if_exists=True)
Session.commit()
# both perms should be read !
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'], {
u'group1': u'group.read',
u'group2': u'group.read'
})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'], {
u'group1': u'group.read',
u'group2': u'group.read'
})
#Change perms to none for both groups
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.anon,
perm='group.none')
ReposGroupModel().grant_user_permission(repos_group=self.g2,
user=self.anon,
perm='group.none')
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'], {
u'group1': u'group.none',
u'group2': u'group.none'
})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'], {
u'group1': u'group.none',
u'group2': u'group.none'
})
# add repo to group
form_data = {
'repo_name':
HG_REPO,
'repo_name_full':
RepoGroup.url_sep().join([self.g1.group_name, HG_REPO]),
'repo_type':
'hg',
'clone_uri':
'',
'repo_group':
self.g1.group_id,
'description':
'desc',
'private':
False
}
self.test_repo = RepoModel().create(form_data, cur_user=self.u1)
Session.commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'], {
u'group1': u'group.none',
u'group2': u'group.none'
})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'], {
u'group1': u'group.none',
u'group2': u'group.none'
})
#grant permission for u2 !
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.u2,
perm='group.read')
ReposGroupModel().grant_user_permission(repos_group=self.g2,
user=self.u2,
perm='group.read')
Session.commit()
self.assertNotEqual(self.u1, self.u2)
#u1 and anon should have not change perms while u2 should !
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'], {
u'group1': u'group.none',
u'group2': u'group.none'
})
u2_auth = AuthUser(user_id=self.u2.user_id)
self.assertEqual(u2_auth.permissions['repositories_groups'], {
u'group1': u'group.read',
u'group2': u'group.read'
})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'], {
u'group1': u'group.none',
u'group2': u'group.none'
})
def __delete_group(self, id_):
ReposGroupModel().delete(id_)
def _update_group(id_, group_name, desc='desc', parent_id=None):
form_data = fixture._get_group_create_params(group_name=group_name,
group_desc=desc,
group_parent_id=parent_id)
gr = ReposGroupModel().update(id_, form_data)
return gr
