def process_request(self, req): data = {} req.perm.require('PROJECT_LIST') projects = [] for project_name in Project.select(self.env): project = Project(self.env, project_name) # Don't list this environment if project.env_path == self.env.path: continue if project.valid: env = project.env try: self.log.debug('TracForge: %s', env.path) env_perm = PermissionCache(env, req.authname) #self.log.debug(env_perm.perms) if 'PROJECT_VIEW' in env_perm: projects.append({ 'name': env.project_name, 'description': env.project_description, 'href': req.href.projects(project.name), }) elif req.perm('tracforge_project', project.name): projects.append({ 'name': env.project_name, 'description': 'PROJECT_VIEW permission not granted.', }) except Exception, e: # Only show errors to admins to prevent excessive disclosure if 'TRACFORGE_ADMIN' in req.perm('tracforge_project', project.name): projects.append({ 'name': env.project_name, 'description': e }) self.log.debug( 'tracforge.dispatch: Unable to load project %s:\n%s', project.name, e) else: if 'TRACFORGE_ADMIN' in req.perm('tracforge_project', project.name): projects.append({ 'name': project.env_path, 'description': project.env.exc, }) self.log.debug( 'tracforge.dispatch: Unable to load project %s:\n%s', project.name, project.env.exc)
def render_admin_panel(self, req, cat, page, path_info): data = {} projects = sorted([(n, Project(self.env, n)) for n in Project.select(self.env)]) projects.insert(0, ('*', Project(self.env, '*'))) if req.method == 'POST': if 'add' in req.args: proj = req.args.get('project') user = req.args.get('user') role = req.args.get('role') if proj not in [n for n, p in projects]: raise TracError(_('Invalid project %s'), proj) if role not in ('member', 'admin'): raise TracError(_('Invalid role %s'), role) Members(self.env, proj)[user] = role req.redirect(req.href.admin(cat, page)) elif 'remove' in req.args: db = self.env.get_db_cnx() for name, proj in projects: users = req.args.getlist('sel' + name) members = Members(self.env, name, db=db) for user in users: del members[user] db.commit() req.redirect(req.href.admin(cat, page)) # projects_data = {} # for proj in projects: # projects_data[proj.name] = { # 'members': dict(proj.members.iteritems()), # 'env_path': proj.env_path, # Need some dummy value to ensure that the headings show up # } # data['projects'] = projects # req.hdf['tracforge.projects.*'] = { # 'dummy': 1, # 'members': dict(Members(self.env, '*').iteritems()), # } #req.hdf['tracforge.projects'] = projects_data add_stylesheet(req, 'tracforge/css/admin.css') return 'admin_tracforge_membership.html', data
def match_request(self, req): if req.path_info.startswith('/projects/'): path_info = req.path_info[10:].lstrip('/') if path_info: self.log.debug( 'TracForgeDispatch: Starting WSGI relaunch for %s (%s)', path_info, req.method) self.log.debug('SN = %s PI = %s', req.environ['SCRIPT_NAME'], req.environ['PATH_INFO']) project_name = path_info.split('/', 1)[0] # Check that we aren't trying to recurse (possible link loop) if project_name == os.path.basename(self.env.path): req.redirect(req.href()) project = Project(self.env, project_name) # Assert permissions on the desination environment if not project.exists: raise TracError('No such project "%s"', project.name) if not project.valid: raise TracError('Project %s is invalid:\n%s', project.name, project.env.exc) # Check that we have permissions in the desired project authname = RequestDispatcher(self.env).authenticate(req) project_perm = PermissionCache(project.env, authname) project_perm.require('PROJECT_LIST') start_response = req._start_response environ = copy.copy(req.environ) # Setup the environment variables environ['SCRIPT_NAME'] = req.href.projects(project.name) environ['PATH_INFO'] = path_info[len(project.name):] environ['trac.env_path'] = project.env_path if 'TRAC_ENV' in environ: del environ['TRAC_ENV'] if 'TRAC_ENV_PARENT_DIR' in environ: del environ['TRAC_ENV_PARENT_DIR'] if 'trac.env_parent' in environ: del environ['trac.env_parent_dir'] environ['tracforge_master_link'] = req.href.projects() # Remove mod_python options to avoid conflicts if 'mod_python.subprocess_env' in environ: del environ['mod_python.subprocess_env'] if 'mod_python.options' in environ: del environ['mod_python.options'] req._response = dispatch_request(environ, start_response) raise RequestDone
def render_admin_panel(self, req, cat, page, path_info): data = {} projects = sorted([(n, Project(self.env, n)) for n in Project.select(self.env)]) projects.insert(0, ('*', Project(self.env, '*'))) if req.method == 'POST': if 'add' in req.args: proj = req.args.get('project') user = req.args.get('user') role = req.args.get('role') if proj not in [n for n, p in projects]: raise TracError(_('Invalid project %s'), proj) if role not in ('member', 'admin'): raise TracError(_('Invalid role %s'), role) Members(self.env, proj)[user] = role req.redirect(req.href.admin(cat, page)) elif 'remove' in req.args: db = self.env.get_db_cnx() for name, proj in projects: users = req.args.getlist('sel'+name) members = Members(self.env, name, db=db) for user in users: del members[user] db.commit() req.redirect(req.href.admin(cat, page)) # projects_data = {} # for proj in projects: # projects_data[proj.name] = { # 'members': dict(proj.members.iteritems()), # 'env_path': proj.env_path, # Need some dummy value to ensure that the headings show up # } # data['projects'] = projects # req.hdf['tracforge.projects.*'] = { # 'dummy': 1, # 'members': dict(Members(self.env, '*').iteritems()), # } #req.hdf['tracforge.projects'] = projects_data add_stylesheet(req, 'tracforge/css/admin.css') return 'admin_tracforge_membership.html', data
def render_admin_panel(self, req, cat, page, path_info): if path_info: return self._render_project_view(req, cat, page, path_info) data = {} if req.method == 'POST': if 'create' in req.args.keys(): # Project creation name = req.args.get('shortname', '').strip() full_name = req.args.get('fullname', '').strip() proto_name = req.args.get('prototype', '').strip() if not (name and full_name and proto_name): raise TracError('All arguments are required') # Make the models proto = Prototype(self.env, proto_name) if not proto.exists: raise TracError('Penguins on fire') # Use $PATH on non-Win32 if os.name == 'nt': spawn = os.spawnv else: spawn = os.spawnvp # Spawn the helper script helper = self.helper_script.split() helper += [self.env.path, proto_name, name, full_name] helper.insert(1, os.path.basename(helper[0])) spawn(os.P_NOWAIT, helper.pop(0), helper) # Redirect to the watcher page req.redirect(req.href.admin(cat, page, name)) elif 'delete' in req.args.keys(): # Project deleteion raise TracError, 'Not implemented yet. Sorry.' data['projects'] = sorted([Project(self.env, n) for n in Project.select(self.env)], key=lambda p: p.name) data['prototypes'] = Prototype.select(self.env) data['env_base_path'] = os.path.join(os.path.dirname(self.env.path), '') add_script(req, 'tracforge/js/typewatch1.1.js') return 'admin_tracforge_projects.html', data
def process_request(self, req): data = {} req.perm.require("PROJECT_LIST") projects = [] for project_name in Project.select(self.env): project = Project(self.env, project_name) # Don't list this environment if project.env_path == self.env.path: continue if project.valid: env = project.env try: self.log.debug("TracForge: %s", env.path) env_perm = PermissionCache(env, req.authname) # self.log.debug(env_perm.perms) if "PROJECT_VIEW" in env_perm: projects.append( { "name": env.project_name, "description": env.project_description, "href": req.href.projects(project.name), } ) elif req.perm("tracforge_project", project.name): projects.append( {"name": env.project_name, "description": "PROJECT_VIEW permission not granted."} ) except Exception, e: # Only show errors to admins to prevent excessive disclosure if "TRACFORGE_ADMIN" in req.perm("tracforge_project", project.name): projects.append({"name": env.project_name, "description": e}) self.log.debug("tracforge.dispatch: Unable to load project %s:\n%s", project.name, e) else: if "TRACFORGE_ADMIN" in req.perm("tracforge_project", project.name): projects.append({"name": project.env_path, "description": project.env.exc}) self.log.debug("tracforge.dispatch: Unable to load project %s:\n%s", project.name, project.env.exc)
def get_permission_groups(self, username): group_extn_point = PermissionSystem(self.master_env).store.group_providers group_providers = [x for x in group_extn_point if x.__class__.__name__ != self.__class__.__name__] # Filter out this one (recursion block) master_groups = [] for prov in group_providers: master_groups += list(prov.get_permission_groups(username)) self.log.debug('TracForgeGroupModule: Detected master groups (%s) for %s'%(', '.join([str(x) for x in master_groups]), username)) proj = Project.by_env_path(self.master_env, self.env.path) access = {} subjects = [username] + master_groups for subj in subjects: if subj in proj: access[proj.members[subj]] = True if 'admin' in access: return ['admin', 'member'] elif 'member' in access: return ['member'] else: return []