def update(self, id):
"""PUT /permissions/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('permission', id=ID),
# method='put')
# url('permission', id=ID)
permission_model = PermissionModel()
_form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
[x[0] for x in self.register_choices],
[x[0] for x in self.create_choices])()
try:
form_result = _form.to_python(dict(request.POST))
form_result.update({'perm_user_name': id})
permission_model.update(form_result)
Session.commit()
h.flash(_('Default permissions updated successfully'),
category='success')
except formencode.Invalid, errors:
c.perms_choices = self.perms_choices
c.register_choices = self.register_choices
c.create_choices = self.create_choices
defaults = errors.value
return htmlfill.render(
render('admin/permissions/permissions.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def update(self, id):
"""PUT /permissions/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('permission', id=ID),
# method='put')
# url('permission', id=ID)
permission_model = PermissionModel()
_form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
[x[0] for x in self.register_choices],
[x[0] for x in self.create_choices])()
try:
form_result = _form.to_python(dict(request.POST))
form_result.update({'perm_user_name': id})
permission_model.update(form_result)
h.flash(_('Default permissions updated successfully'),
category='success')
except formencode.Invalid, errors:
c.perms_choices = self.perms_choices
c.register_choices = self.register_choices
c.create_choices = self.create_choices
defaults = errors.value
return htmlfill.render(
render('admin/permissions/permissions.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
def test_clear_user_perms(self):
PermissionModel().create_default_user_permissions(user=self.u1)
self._test_def_user_perm_equal(user=self.u1)
# now clear permissions
cleared = PermissionModel()._clear_user_perms(self.u1.user_id)
self._test_def_user_perm_equal(user=self.u1,
change_factor=len(cleared) * -1)
def fixups(models, _SESSION):
# ** create default permissions ** #
from rhodecode.model.permission import PermissionModel
PermissionModel(_SESSION()).create_permissions()
_SESSION().commit()
res = PermissionModel(_SESSION()).create_default_user_permissions(
models.User.DEFAULT_USER)
print res
_SESSION().commit()
def test_clear_user_group_perms(self):
self.ug1 = fixture.create_user_group('G1')
PermissionModel().create_default_user_group_permissions(
user_group=self.ug1)
self._test_def_user_group_perm_equal(user_group=self.ug1)
# now clear permissions
cleared = PermissionModel()._clear_user_group_perms(
self.ug1.users_group_id)
self._test_def_user_group_perm_equal(user_group=self.ug1,
change_factor=len(cleared) * -1)
def test_set_default_permissions_after_one_is_missing(self):
PermissionModel().create_default_user_permissions(user=self.u1)
self._test_def_user_perm_equal(user=self.u1)
# now we delete one, it should be re-created after another call
perms = UserToPerm.query().filter(UserToPerm.user == self.u1).all()
Session().delete(perms[0])
Session().commit()
self._test_def_user_perm_equal(user=self.u1, change_factor=-1)
# create missing one !
PermissionModel().create_default_user_permissions(user=self.u1)
self._test_def_user_perm_equal(user=self.u1)
def permission_objects_update(self):
c.active = 'objects'
self.__load_data()
_form = ObjectPermissionsForm(
[x[0] for x in c.repo_perms_choices],
[x[0] for x in c.group_perms_choices],
[x[0] for x in c.user_group_perms_choices])()
try:
form_result = _form.to_python(dict(request.POST))
form_result.update({'perm_user_name': User.DEFAULT_USER})
PermissionModel().update_object_permissions(form_result)
Session().commit()
h.flash(_('Object permissions updated successfully'),
category='success')
except formencode.Invalid as errors:
defaults = errors.value
return htmlfill.render(
render('admin/permissions/permissions.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8",
force_defaults=False)
except Exception:
log.exception("Exception during update of permissions")
h.flash(_('Error occurred during update of permissions'),
category='error')
return redirect(url('admin_permissions_object'))
def test_inherited_permissions_on_objects(self, perm, expected_perm):
_form_result = {
'default_inherit_default_permissions': perm,
}
PermissionModel().set_new_user_perms(User.get_default_user(),
_form_result)
Session().commit()
# make sure inherit flag is turned on
self.u1.inherit_default_permissions = True
Session().commit()
# this user will have inherited permissions from default user
assert global_perms(self.u1) == set([
'hg.create.none',
'hg.fork.none',
'hg.register.manual_activate',
'hg.extern_activate.auto',
'repository.read',
'group.read',
'usergroup.read',
'hg.create.write_on_repogroup.true',
'hg.usergroup.create.false',
'hg.repogroup.create.false',
perm,
])
assert set(repo_perms(self.u1).values()) == set([expected_perm])
def populate_default_permissions(self):
"""
Populate default permissions. It will create only the default
permissions that are missing, and not alter already defined ones
"""
log.info('creating default user permissions')
PermissionModel(self.sa).create_default_user_permissions(user=User.DEFAULT_USER)
def create_permissions(self):
"""
Creates all permissions defined in the system
"""
# module.(access|create|change|delete)_[name]
# module.(none|read|write|admin)
log.info('creating permissions')
PermissionModel(self.sa).create_permissions()
def test_set_new_user_permissions(self, form_result):
_form_result = {}
_form_result.update(form_result)
PermissionModel().set_new_user_perms(self.u1, _form_result)
Session().commit()
change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS) -
len(form_result.keys()))
self._test_def_user_perm_equal(self.u1, change_factor=change_factor)
def test_set_default_permissions_after_modification(self, perm, modify_to):
PermissionModel().create_default_user_permissions(user=self.u1)
self._test_def_user_perm_equal(user=self.u1)
old = Permission.get_by_key(perm)
new = Permission.get_by_key(modify_to)
assert old is not None
assert new is not None
# now modify permissions
p = UserToPerm.query().filter(UserToPerm.user == self.u1).filter(
UserToPerm.permission == old).one()
p.permission = new
Session().add(p)
Session().commit()
PermissionModel().create_default_user_permissions(user=self.u1)
self._test_def_user_perm_equal(user=self.u1)
def update(self, id):
"""PUT /permissions/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('permission', id=ID),
# method='put')
# url('permission', id=ID)
if id == 'default':
c.user = default_user = User.get_by_username('default')
c.perm_user = AuthUser(user_id=default_user.user_id)
c.user_ip_map = UserIpMap.query()\
.filter(UserIpMap.user == default_user).all()
permission_model = PermissionModel()
_form = DefaultPermissionsForm(
[x[0] for x in self.repo_perms_choices],
[x[0] for x in self.group_perms_choices],
[x[0] for x in self.register_choices],
[x[0] for x in self.create_choices],
[x[0] for x in self.fork_choices])()
try:
form_result = _form.to_python(dict(request.POST))
form_result.update({'perm_user_name': id})
permission_model.update(form_result)
Session().commit()
h.flash(_('Default permissions updated successfully'),
category='success')
except formencode.Invalid, errors:
defaults = errors.value
return htmlfill.render(
render('admin/permissions/permissions.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
except Exception:
log.error(traceback.format_exc())
h.flash(_('Error occurred during update of permissions'),
category='error')
def test_set_default_permissions_after_modification(self, perm, modify_to):
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)
old = Permission.get_by_key(perm)
new = Permission.get_by_key(modify_to)
self.assertNotEqual(old, None)
self.assertNotEqual(new, None)
#now modify permissions
p = UserToPerm.query()\
.filter(UserToPerm.user == self.u1)\
.filter(UserToPerm.permission == old)\
.one()
p.permission = new
Session().add(p)
Session().commit()
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)
def update_global_perms(self, user_group_id):
"""PUT /users_perm/user_group_id: Update an existing item"""
# url('users_group_perm', user_group_id=ID, method='put')
user_group_id = safe_int(user_group_id)
user_group = UserGroup.get_or_404(user_group_id)
c.active = 'global_perms'
try:
# first stage that verifies the checkbox
_form = UserIndividualPermissionsForm()
form_result = _form.to_python(dict(request.POST))
inherit_perms = form_result['inherit_default_permissions']
user_group.inherit_default_permissions = inherit_perms
Session().add(user_group)
if not inherit_perms:
# only update the individual ones if we un check the flag
_form = UserPermissionsForm(
[x[0] for x in c.repo_create_choices],
[x[0] for x in c.repo_create_on_write_choices],
[x[0] for x in c.repo_group_create_choices],
[x[0] for x in c.user_group_create_choices],
[x[0] for x in c.fork_choices],
[x[0] for x in c.inherit_default_permission_choices])()
form_result = _form.to_python(dict(request.POST))
form_result.update(
{'perm_user_group_id': user_group.users_group_id})
PermissionModel().update_user_group_permissions(form_result)
Session().commit()
h.flash(_('User Group global permissions updated successfully'),
category='success')
except formencode.Invalid as errors:
defaults = errors.value
c.user_group = user_group
return htmlfill.render(
render('admin/user_groups/user_group_edit.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8",
force_defaults=False)
except Exception:
log.exception("Exception during permissions saving")
h.flash(_('An error occurred during permissions saving'),
category='error')
return redirect(
url('edit_user_group_global_perms', user_group_id=user_group_id))
def __before__(self):
super(UsersController, self).__before__()
c.available_permissions = config['available_permissions']
c.allowed_languages = [
('en', 'English (en)'),
('de', 'German (de)'),
('fr', 'French (fr)'),
('it', 'Italian (it)'),
('ja', 'Japanese (ja)'),
('pl', 'Polish (pl)'),
('pt', 'Portuguese (pt)'),
('ru', 'Russian (ru)'),
('zh', 'Chinese (zh)'),
]
PermissionModel().set_global_permission_choices(c, translator=_)
def test_inherited_permissions_from_default_on_user_enabled(self):
# enable fork and create on default user
_form_result = {
'default_repo_create': 'hg.create.repository',
'default_fork_create': 'hg.fork.repository'
}
PermissionModel().set_new_user_perms(User.get_default_user(),
_form_result)
Session().commit()
# make sure inherit flag is turned on
self.u1.inherit_default_permissions = True
Session().commit()
# this user will have inherited permissions from default user
assert global_perms(self.u1) == default_perms()
def permission_application_update(self):
c.active = 'application'
self.__load_data()
_form = ApplicationPermissionsForm(
[x[0] for x in c.register_choices],
[x[0] for x in c.extern_activate_choices])()
try:
form_result = _form.to_python(dict(request.POST))
form_result.update({'perm_user_name': User.DEFAULT_USER})
PermissionModel().update_application_permissions(form_result)
settings = [
('register_message', 'default_register_message'),
]
for setting, form_key in settings:
sett = SettingsModel().create_or_update_setting(
setting, form_result[form_key])
Session().add(sett)
Session().commit()
h.flash(_('Application permissions updated successfully'),
category='success')
except formencode.Invalid as errors:
defaults = errors.value
return htmlfill.render(
render('admin/permissions/permissions.html'),
defaults=defaults,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8",
force_defaults=False)
except Exception:
log.exception("Exception during update of permissions")
h.flash(_('Error occurred during update of permissions'),
category='error')
return redirect(url('admin_permissions_application'))
def default_permissions(self, request, pylonsapp):
# recreate default user to get a clean start
PermissionModel().create_default_user_permissions(
user=User.DEFAULT_USER, force=True)
Session().commit()
def cleanup():
PermissionModel().create_default_user_permissions(
User.get_default_user(), force=True)
def test_set_default_permissions(self):
PermissionModel().create_default_user_permissions(user=self.u1)
self._test_def_user_perm_equal(user=self.u1)
def __load_data(self):
PermissionModel().set_global_permission_choices(c, translator=_)
def __before__(self):
super(UserGroupsController, self).__before__()
c.available_permissions = config['available_permissions']
PermissionModel().set_global_permission_choices(c, translator=_)