def render_admin_panel(self, req, category, page, path_info): req.perm.require('REPOSITORY_CREATE') if req.method == 'POST': repo_name = req.args['name'] perms = self.read_config() if repo_name in perms: add_warning( req, _('A repository named %s already exists; maybe you just need to tell Trac about it using the Repositories panel?' )) req.redirect(req.href.admin(category, page)) perms[repo_name] = repo_perms = {} trac_user = getpass.getuser() for perm in ['R', 'W', '+']: repo_perms[perm] = [trac_user] utils.save_file(self.gitolite_admin_ssh_path, 'conf/gitolite.conf', utils.to_string(perms), _('Adding new repository %s' % repo_name)) add_notice( req, _('Repository "%s" has been created. Now you should give some users permissions on it using the Version Control Permissions panel.' % repo_name)) req.redirect(req.href.admin(category, page)) data = {'repos': sorted(self.read_config())} return 'admin_repository_gitolite.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('VERSIONCONTROL_ADMIN') if req.method == 'POST': if 'add_user' in req.args: username = req.args['name'] pubkey = req.args['sshkey'].file #add_notice(req, "%s" % self.gitolite_admin_ssh_path) try: utils.save_file(self.gitolite_admin_ssh_path, 'keydir/%s.pub' % username, pubkey.read(), _('Adding new user %s' % username),self.admin_home_path) except CalledProcessError as e: add_notice(req, "Saving files failed. The error code is '%s' and the output '%s'" % (e.returncode, e.output)) raise e add_notice(req, _('User "%s" has been added. Visit the repository permissions panel to set up the new user\'s read/write permissions.' % ( username))) req.redirect(req.href.admin(category, page)) # check if there is one user to be removed or more if isinstance(req.args.get('remove_user'), basestring): users = ['keydir/%s.pub' % req.args.get('remove_user', [])] else: users = ['keydir/%s.pub' % username for username in req.args.get('remove_user', [])] #add_notice(req, "%s" % users) if users: utils.remove_files(self.gitolite_admin_ssh_path, users, _('Removing users'),self.admin_home_path) add_notice(req, _('The selected users have been removed and no longer have SSH access to your repositories. Note that if they have Trac accounts, they may still be able to browse the source code through the web.')) else: add_warning(req, _('No users were selected.')) req.redirect(req.href.admin(category, page)) data = {'users': self.get_users()} return 'admin_repository_users.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('VERSIONCONTROL_ADMIN') if req.method == 'POST': if 'add_user' in req.args: username = req.args['name'] pubkey = req.args['sshkey'].file utils.save_file(self.gitolite_admin_ssh_path, 'keydir/%s.pub' % username, pubkey.read(), _('Adding new user %s' % username)) add_notice(req, _('User "%s" has been added. Visit the repository permissions panel to set up the new user\'s read/write permissions.' % ( username))) req.redirect(req.href.admin(category, page)) users = ['keydir/%s.pub' % username for username in req.args.get('remove_user', [])] if users: utils.remove_files(self.gitolite_admin_ssh_path, users, _('Removing users')) add_notice(req, _('The selected users have been removed and no longer have SSH access to your repositories. Note that if they have Trac accounts, they may still be able to browse the source code through the web.')) else: add_warning(req, _('No users were selected.')) req.redirect(req.href.admin(category, page)) data = {'users': self.get_users()} return 'admin_repository_users.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('VERSIONCONTROL_ADMIN') if req.method == 'POST': perms = {} for setting in req.args: try: setting = json.loads(setting) except ValueError: continue if not isinstance(setting, dict) or 'perm' not in setting or 'user' not in setting or 'repo' not in setting: continue repo = setting['repo']; perm = setting['perm']; user = setting['user'] if repo not in perms: perms[repo] = {} if perm not in perms[repo]: perms[repo][perm] = [] if user not in perms[repo][perm]: perms[repo][perm].append(user) gitolite_admin_perms = perms.get(self.gitolite_admin_real_reponame, {}) if (self.gitolite_admin_system_user not in gitolite_admin_perms.get('R', []) or self.gitolite_admin_system_user not in gitolite_admin_perms.get('W', [])): add_warning(req, _('Read and write permissions on the gitolite admin repo must not be revoked for user %s -- otherwise this plugin will no longer work!' % self.gitolite_admin_system_user)) req.redirect(req.href.admin(category, page)) utils.save_file(self.gitolite_admin_ssh_path, 'conf/gitolite.conf', utils.to_string(perms), _('Updating repository permissions')) add_notice(req, _('The permissions have been updated.')) req.redirect(req.href.admin(category, page)) perms = self.read_config() users_listed_in_perms = set() flattened_perms = set() for p in perms.values(): for perm in p: flattened_perms.add(perm) users_listed_in_perms.update(p[perm]) flattened_perms = list(flattened_perms) def sort_perms(perms): tail = [] ## Ensure the + goes last if '+' in perms: perms.remove("+") tail.append("+") perms = sorted(perms) perms.extend(tail) return perms flattened_perms = sort_perms(flattened_perms) users = sorted(list(set(list(self.get_users()) + list(users_listed_in_perms)))) data = {'repositories': perms, 'permissions': flattened_perms, 'users': users, 'sort_perms': sort_perms} return 'admin_repository_permissions.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('REPOSITORY_CREATE') if req.method == 'POST': repo_name = req.args['name'] perms = self.read_config() if repo_name in perms: add_warning(req, _('A repository named %s already exists; maybe you just need to tell Trac about it using the Repositories panel?')) req.redirect(req.href.admin(category, page)) perms[repo_name] = repo_perms = {} trac_user = getpass.getuser() for perm in ['R', 'W', '+']: repo_perms[perm] = [trac_user] utils.save_file(self.gitolite_admin_ssh_path, 'conf/gitolite.conf', utils.to_string(perms), _('Adding new repository %s' % repo_name),self.admin_home_path) add_notice(req, _('Repository "%s" has been created. Now you should give some users permissions on it using the Version Control Permissions panel.' % repo_name)) req.redirect(req.href.admin(category, page)) data = {'repos': sorted(self.read_config())} return 'admin_repository_gitolite.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('VERSIONCONTROL_ADMIN') if req.method == 'POST': if 'add_user' in req.args: username = req.args['name'] pubkey = req.args['sshkey'].file utils.save_file(self.gitolite_admin_ssh_path, 'keydir/%s.pub' % username, pubkey.read(), _('Adding new user %s' % username)) add_notice( req, _('User "%s" has been added. Visit the repository permissions panel to set up the new user\'s read/write permissions.' % (username))) req.redirect(req.href.admin(category, page)) users = [ 'keydir/%s.pub' % username for username in req.args.get('remove_user', []) ] if users: utils.remove_files(self.gitolite_admin_ssh_path, users, _('Removing users')) add_notice( req, _('The selected users have been removed and no longer have SSH access to your repositories. Note that if they have Trac accounts, they may still be able to browse the source code through the web.' )) else: add_warning(req, _('No users were selected.')) req.redirect(req.href.admin(category, page)) data = {'users': self.get_users()} return 'admin_repository_users.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('VERSIONCONTROL_ADMIN') if req.method == 'POST': perms_old, groups, inverse_groups = self.read_config() perms = {} for setting in req.args: try: setting = json.loads(setting) except ValueError: continue if not isinstance(setting, dict) or 'perm' not in setting or 'user' not in setting or 'repo' not in setting: continue repo = setting['repo']; perm = setting['perm']; user = setting['user'] if repo not in perms: perms[repo] = {} if perm not in perms[repo]: perms[repo][perm] = [] if user not in perms[repo][perm]: perms[repo][perm].append(user) perms[self.gitolite_admin_real_reponame] = perms_old.get(self.gitolite_admin_real_reponame, {}) gitolite_admin_perms = perms.get(self.gitolite_admin_real_reponame, {}) if (self.gitolite_admin_system_user not in gitolite_admin_perms.get('R', []) or self.gitolite_admin_system_user not in gitolite_admin_perms.get('W', [])): add_warning(req, _('Read and write permissions on the gitolite admin repo must not be revoked for user %s -- otherwise this plugin will no longer work!' % self.gitolite_admin_system_user)) req.redirect(req.href.admin(category, page)) utils.save_file(self.gitolite_admin_ssh_path, 'conf/gitolite.conf', utils.to_string(perms, groups), _('Updating repository permissions')) add_notice(req, _('The permissions have been updated.')) req.redirect(req.href.admin(category, page)) perms, groups, inverse_groups = self.read_config() users_listed_in_perms = set() for perm in perms.values(): for userlist in perm.values(): users_listed_in_perms.update(userlist) users = sorted(list(set(list(self.get_users()) + list(users_listed_in_perms) + groups.keys() + ['@all']))) repos_perms = {} for repo in perms: if repo != "gitolite-admin": users_listed_in_perms = set() if repo not in repos_perms: repos_perms[repo] = {} for permission_class in ("W", "R", "0"): repos_perms[repo][permission_class] = {"g": [], "u": []} repos_perms[repo]["perms"] = perms[repo] for permission_class in ("W", "R"): for user in perms[repo].get(permission_class, []): if user not in users_listed_in_perms: if user.startswith("@"): repos_perms[repo][permission_class]["g"].append(user) else: repos_perms[repo][permission_class]["u"].append(user) users_listed_in_perms.add(user) for user in users: if user not in users_listed_in_perms: if user.startswith("@"): repos_perms[repo]["0"]["g"].append(user) else: repos_perms[repo]["0"]["u"].append(user) flattened_perms = set() for p in perms.values(): for perm in p: flattened_perms.add(perm) flattened_perms = list(flattened_perms) def sort_perms(perms): tail = [] ## Ensure the + goes last if '+' in perms: perms.remove("+") tail.append("+") perms = sorted(perms) perms.extend(tail) return perms flattened_perms = sort_perms(flattened_perms) data = {'permissions': flattened_perms, 'repos_perms': repos_perms, 'groups': groups, 'inverse_groups': inverse_groups} return 'admin_repository_permissions.html', data
def render_admin_panel(self, req, category, page, path_info): req.perm.require('VERSIONCONTROL_ADMIN') if req.method == 'POST': perms = {} for setting in req.args: try: setting = json.loads(setting) except ValueError: continue if not isinstance( setting, dict ) or 'perm' not in setting or 'user' not in setting or 'repo' not in setting: continue repo = setting['repo'] perm = setting['perm'] user = setting['user'] if repo not in perms: perms[repo] = {} if perm not in perms[repo]: perms[repo][perm] = [] if user not in perms[repo][perm]: perms[repo][perm].append(user) gitolite_admin_perms = perms.get(self.gitolite_admin_real_reponame, {}) if (self.gitolite_admin_system_user not in gitolite_admin_perms.get('R', []) or self.gitolite_admin_system_user not in gitolite_admin_perms.get('W', [])): add_warning( req, _('Read and write permissions on the gitolite admin repo must not be revoked for user %s -- otherwise this plugin will no longer work!' % self.gitolite_admin_system_user)) req.redirect(req.href.admin(category, page)) utils.save_file(self.gitolite_admin_ssh_path, 'conf/gitolite.conf', utils.to_string(perms), _('Updating repository permissions')) add_notice(req, _('The permissions have been updated.')) req.redirect(req.href.admin(category, page)) perms = self.read_config() users_listed_in_perms = set() flattened_perms = set() for p in perms.values(): for perm in p: flattened_perms.add(perm) users_listed_in_perms.update(p[perm]) flattened_perms = list(flattened_perms) def sort_perms(perms): tail = [] ## Ensure the + goes last if '+' in perms: perms.remove("+") tail.append("+") perms = sorted(perms) perms.extend(tail) return perms flattened_perms = sort_perms(flattened_perms) users = sorted( list(set(list(self.get_users()) + list(users_listed_in_perms)))) data = { 'repositories': perms, 'permissions': flattened_perms, 'users': users, 'sort_perms': sort_perms } return 'admin_repository_permissions.html', data