Esempio n. 1
0
    def update(self, id):
        """PUT /permissions/id: Update an existing item"""
        # Forms posted to this method should contain a hidden field:
        #    <input type="hidden" name="_method" value="PUT" />
        # Or using helpers:
        #    h.form(url('permission', id=ID),
        #           method='put')
        # url('permission', id=ID)

        permission_model = PermissionModel()

        _form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
                                       [x[0] for x in self.register_choices],
                                       [x[0] for x in self.create_choices])()

        try:
            form_result = _form.to_python(dict(request.POST))
            form_result.update({'perm_user_name': id})
            permission_model.update(form_result)
            Session.commit()
            h.flash(_('Default permissions updated successfully'),
                    category='success')

        except formencode.Invalid, errors:
            c.perms_choices = self.perms_choices
            c.register_choices = self.register_choices
            c.create_choices = self.create_choices
            defaults = errors.value

            return htmlfill.render(
                render('admin/permissions/permissions.html'),
                defaults=defaults,
                errors=errors.error_dict or {},
                prefix_error=False,
                encoding="UTF-8")
Esempio n. 2
0
    def update(self, id):
        """PUT /permissions/id: Update an existing item"""
        # Forms posted to this method should contain a hidden field:
        #    <input type="hidden" name="_method" value="PUT" />
        # Or using helpers:
        #    h.form(url('permission', id=ID),
        #           method='put')
        # url('permission', id=ID)

        permission_model = PermissionModel()

        _form = DefaultPermissionsForm([x[0] for x in self.perms_choices],
                                       [x[0] for x in self.register_choices],
                                       [x[0] for x in self.create_choices])()

        try:
            form_result = _form.to_python(dict(request.POST))
            form_result.update({'perm_user_name': id})
            permission_model.update(form_result)
            h.flash(_('Default permissions updated successfully'),
                    category='success')

        except formencode.Invalid, errors:
            c.perms_choices = self.perms_choices
            c.register_choices = self.register_choices
            c.create_choices = self.create_choices
            defaults = errors.value

            return htmlfill.render(
                render('admin/permissions/permissions.html'),
                defaults=defaults,
                errors=errors.error_dict or {},
                prefix_error=False,
                encoding="UTF-8")
    def test_clear_user_perms(self):
        PermissionModel().create_default_user_permissions(user=self.u1)
        self._test_def_user_perm_equal(user=self.u1)

        # now clear permissions
        cleared = PermissionModel()._clear_user_perms(self.u1.user_id)
        self._test_def_user_perm_equal(user=self.u1,
                                       change_factor=len(cleared) * -1)
Esempio n. 4
0
def fixups(models, _SESSION):
    # ** create default permissions ** #
    from rhodecode.model.permission import PermissionModel
    PermissionModel(_SESSION()).create_permissions()
    _SESSION().commit()

    res = PermissionModel(_SESSION()).create_default_user_permissions(
        models.User.DEFAULT_USER)
    print res
    _SESSION().commit()
    def test_clear_user_group_perms(self):
        self.ug1 = fixture.create_user_group('G1')
        PermissionModel().create_default_user_group_permissions(
            user_group=self.ug1)
        self._test_def_user_group_perm_equal(user_group=self.ug1)

        # now clear permissions
        cleared = PermissionModel()._clear_user_group_perms(
            self.ug1.users_group_id)
        self._test_def_user_group_perm_equal(user_group=self.ug1,
                                             change_factor=len(cleared) * -1)
    def test_set_default_permissions_after_one_is_missing(self):
        PermissionModel().create_default_user_permissions(user=self.u1)
        self._test_def_user_perm_equal(user=self.u1)
        # now we delete one, it should be re-created after another call
        perms = UserToPerm.query().filter(UserToPerm.user == self.u1).all()
        Session().delete(perms[0])
        Session().commit()

        self._test_def_user_perm_equal(user=self.u1, change_factor=-1)

        # create missing one !
        PermissionModel().create_default_user_permissions(user=self.u1)
        self._test_def_user_perm_equal(user=self.u1)
    def permission_objects_update(self):
        c.active = 'objects'
        self.__load_data()
        _form = ObjectPermissionsForm(
            [x[0] for x in c.repo_perms_choices],
            [x[0] for x in c.group_perms_choices],
            [x[0] for x in c.user_group_perms_choices])()

        try:
            form_result = _form.to_python(dict(request.POST))
            form_result.update({'perm_user_name': User.DEFAULT_USER})
            PermissionModel().update_object_permissions(form_result)

            Session().commit()
            h.flash(_('Object permissions updated successfully'),
                    category='success')

        except formencode.Invalid as errors:
            defaults = errors.value

            return htmlfill.render(
                render('admin/permissions/permissions.html'),
                defaults=defaults,
                errors=errors.error_dict or {},
                prefix_error=False,
                encoding="UTF-8",
                force_defaults=False)
        except Exception:
            log.exception("Exception during update of permissions")
            h.flash(_('Error occurred during update of permissions'),
                    category='error')

        return redirect(url('admin_permissions_object'))
    def test_inherited_permissions_on_objects(self, perm, expected_perm):
        _form_result = {
            'default_inherit_default_permissions': perm,
        }
        PermissionModel().set_new_user_perms(User.get_default_user(),
                                             _form_result)
        Session().commit()

        # make sure inherit flag is turned on
        self.u1.inherit_default_permissions = True
        Session().commit()

        # this user will have inherited permissions from default user
        assert global_perms(self.u1) == set([
            'hg.create.none',
            'hg.fork.none',
            'hg.register.manual_activate',
            'hg.extern_activate.auto',
            'repository.read',
            'group.read',
            'usergroup.read',
            'hg.create.write_on_repogroup.true',
            'hg.usergroup.create.false',
            'hg.repogroup.create.false',
            perm,
        ])

        assert set(repo_perms(self.u1).values()) == set([expected_perm])
Esempio n. 9
0
 def populate_default_permissions(self):
     """
     Populate default permissions. It will create only the default
     permissions that are missing, and not alter already defined ones
     """
     log.info('creating default user permissions')
     PermissionModel(self.sa).create_default_user_permissions(user=User.DEFAULT_USER)
Esempio n. 10
0
 def create_permissions(self):
     """
     Creates all permissions defined in the system
     """
     # module.(access|create|change|delete)_[name]
     # module.(none|read|write|admin)
     log.info('creating permissions')
     PermissionModel(self.sa).create_permissions()
 def test_set_new_user_permissions(self, form_result):
     _form_result = {}
     _form_result.update(form_result)
     PermissionModel().set_new_user_perms(self.u1, _form_result)
     Session().commit()
     change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS) -
                           len(form_result.keys()))
     self._test_def_user_perm_equal(self.u1, change_factor=change_factor)
    def test_set_default_permissions_after_modification(self, perm, modify_to):
        PermissionModel().create_default_user_permissions(user=self.u1)
        self._test_def_user_perm_equal(user=self.u1)

        old = Permission.get_by_key(perm)
        new = Permission.get_by_key(modify_to)
        assert old is not None
        assert new is not None

        # now modify permissions
        p = UserToPerm.query().filter(UserToPerm.user == self.u1).filter(
            UserToPerm.permission == old).one()
        p.permission = new
        Session().add(p)
        Session().commit()

        PermissionModel().create_default_user_permissions(user=self.u1)
        self._test_def_user_perm_equal(user=self.u1)
Esempio n. 13
0
    def update(self, id):
        """PUT /permissions/id: Update an existing item"""
        # Forms posted to this method should contain a hidden field:
        #    <input type="hidden" name="_method" value="PUT" />
        # Or using helpers:
        #    h.form(url('permission', id=ID),
        #           method='put')
        # url('permission', id=ID)
        if id == 'default':
            c.user = default_user = User.get_by_username('default')
            c.perm_user = AuthUser(user_id=default_user.user_id)
            c.user_ip_map = UserIpMap.query()\
                            .filter(UserIpMap.user == default_user).all()
            permission_model = PermissionModel()

            _form = DefaultPermissionsForm(
                    [x[0] for x in self.repo_perms_choices],
                    [x[0] for x in self.group_perms_choices],
                    [x[0] for x in self.register_choices],
                    [x[0] for x in self.create_choices],
                    [x[0] for x in self.fork_choices])()

            try:
                form_result = _form.to_python(dict(request.POST))
                form_result.update({'perm_user_name': id})
                permission_model.update(form_result)
                Session().commit()
                h.flash(_('Default permissions updated successfully'),
                        category='success')

            except formencode.Invalid, errors:
                defaults = errors.value

                return htmlfill.render(
                    render('admin/permissions/permissions.html'),
                    defaults=defaults,
                    errors=errors.error_dict or {},
                    prefix_error=False,
                    encoding="UTF-8")
            except Exception:
                log.error(traceback.format_exc())
                h.flash(_('Error occurred during update of permissions'),
                        category='error')
Esempio n. 14
0
    def test_set_default_permissions_after_modification(self, perm, modify_to):
        PermissionModel().create_default_permissions(user=self.u1)
        self._test_def_perm_equal(user=self.u1)

        old = Permission.get_by_key(perm)
        new = Permission.get_by_key(modify_to)
        self.assertNotEqual(old, None)
        self.assertNotEqual(new, None)

        #now modify permissions
        p = UserToPerm.query()\
                .filter(UserToPerm.user == self.u1)\
                .filter(UserToPerm.permission == old)\
                .one()
        p.permission = new
        Session().add(p)
        Session().commit()

        PermissionModel().create_default_permissions(user=self.u1)
        self._test_def_perm_equal(user=self.u1)
    def update_global_perms(self, user_group_id):
        """PUT /users_perm/user_group_id: Update an existing item"""
        # url('users_group_perm', user_group_id=ID, method='put')
        user_group_id = safe_int(user_group_id)
        user_group = UserGroup.get_or_404(user_group_id)
        c.active = 'global_perms'

        try:
            # first stage that verifies the checkbox
            _form = UserIndividualPermissionsForm()
            form_result = _form.to_python(dict(request.POST))
            inherit_perms = form_result['inherit_default_permissions']
            user_group.inherit_default_permissions = inherit_perms
            Session().add(user_group)

            if not inherit_perms:
                # only update the individual ones if we un check the flag
                _form = UserPermissionsForm(
                    [x[0] for x in c.repo_create_choices],
                    [x[0] for x in c.repo_create_on_write_choices],
                    [x[0] for x in c.repo_group_create_choices],
                    [x[0] for x in c.user_group_create_choices],
                    [x[0] for x in c.fork_choices],
                    [x[0] for x in c.inherit_default_permission_choices])()

                form_result = _form.to_python(dict(request.POST))
                form_result.update(
                    {'perm_user_group_id': user_group.users_group_id})

                PermissionModel().update_user_group_permissions(form_result)

            Session().commit()
            h.flash(_('User Group global permissions updated successfully'),
                    category='success')

        except formencode.Invalid as errors:
            defaults = errors.value
            c.user_group = user_group
            return htmlfill.render(
                render('admin/user_groups/user_group_edit.html'),
                defaults=defaults,
                errors=errors.error_dict or {},
                prefix_error=False,
                encoding="UTF-8",
                force_defaults=False)

        except Exception:
            log.exception("Exception during permissions saving")
            h.flash(_('An error occurred during permissions saving'),
                    category='error')

        return redirect(
            url('edit_user_group_global_perms', user_group_id=user_group_id))
Esempio n. 16
0
 def __before__(self):
     super(UsersController, self).__before__()
     c.available_permissions = config['available_permissions']
     c.allowed_languages = [
         ('en', 'English (en)'),
         ('de', 'German (de)'),
         ('fr', 'French (fr)'),
         ('it', 'Italian (it)'),
         ('ja', 'Japanese (ja)'),
         ('pl', 'Polish (pl)'),
         ('pt', 'Portuguese (pt)'),
         ('ru', 'Russian (ru)'),
         ('zh', 'Chinese (zh)'),
     ]
     PermissionModel().set_global_permission_choices(c, translator=_)
    def test_inherited_permissions_from_default_on_user_enabled(self):
        # enable fork and create on default user
        _form_result = {
            'default_repo_create': 'hg.create.repository',
            'default_fork_create': 'hg.fork.repository'
        }
        PermissionModel().set_new_user_perms(User.get_default_user(),
                                             _form_result)
        Session().commit()

        # make sure inherit flag is turned on
        self.u1.inherit_default_permissions = True
        Session().commit()

        # this user will have inherited permissions from default user
        assert global_perms(self.u1) == default_perms()
    def permission_application_update(self):
        c.active = 'application'
        self.__load_data()
        _form = ApplicationPermissionsForm(
            [x[0] for x in c.register_choices],
            [x[0] for x in c.extern_activate_choices])()

        try:
            form_result = _form.to_python(dict(request.POST))
            form_result.update({'perm_user_name': User.DEFAULT_USER})
            PermissionModel().update_application_permissions(form_result)

            settings = [
                ('register_message', 'default_register_message'),
            ]
            for setting, form_key in settings:
                sett = SettingsModel().create_or_update_setting(
                    setting, form_result[form_key])
                Session().add(sett)

            Session().commit()
            h.flash(_('Application permissions updated successfully'),
                    category='success')

        except formencode.Invalid as errors:
            defaults = errors.value

            return htmlfill.render(
                render('admin/permissions/permissions.html'),
                defaults=defaults,
                errors=errors.error_dict or {},
                prefix_error=False,
                encoding="UTF-8",
                force_defaults=False)
        except Exception:
            log.exception("Exception during update of permissions")
            h.flash(_('Error occurred during update of permissions'),
                    category='error')

        return redirect(url('admin_permissions_application'))
 def default_permissions(self, request, pylonsapp):
     # recreate default user to get a clean start
     PermissionModel().create_default_user_permissions(
         user=User.DEFAULT_USER, force=True)
     Session().commit()
 def cleanup():
     PermissionModel().create_default_user_permissions(
         User.get_default_user(), force=True)
 def test_set_default_permissions(self):
     PermissionModel().create_default_user_permissions(user=self.u1)
     self._test_def_user_perm_equal(user=self.u1)
 def __load_data(self):
     PermissionModel().set_global_permission_choices(c, translator=_)
 def __before__(self):
     super(UserGroupsController, self).__before__()
     c.available_permissions = config['available_permissions']
     PermissionModel().set_global_permission_choices(c, translator=_)