Diff of /Allura/allura/app.py [6624f6] .. [99a2fe]

  Switch to unified view

a/Allura/allura/app.py b/Allura/allura/app.py 
...
 
...
504 
    @without_trailing_slash
504 
    @without_trailing_slash
505 
    @expose()
505 
    @expose()
506 
    @h.vardec
506 
    @h.vardec
507 
    @require_post()
507 
    @require_post()
508 
    def update(self, card=None, **kw):
508 
    def update(self, card=None, **kw):


  509
  
        old_acl = self.app.config.acl






  509
  
        self.app.config.acl = []


  510
  
        self.app.config.acl = []






  510
  
        for args in card:


  511
  
        for args in card:






  511
  
            perm = args['id']


  512
  
            perm = args['id']






  512
  
            new_group_ids = args.get('new', [])


  513
  
            new_group_ids = args.get('new', [])






  
  

  514
  
            del_group_ids = []






  513
  
            group_ids = args.get('value', [])


  515
  
            group_ids = args.get('value', [])






  514
  
            if isinstance(new_group_ids, basestring):


  516
  
            if isinstance(new_group_ids, basestring):






  515
  
                new_group_ids = [ new_group_ids ]


  517
  
                new_group_ids = [ new_group_ids ]






  516
  
            if isinstance(group_ids, basestring):


  518
  
            if isinstance(group_ids, basestring):






  517
  
                group_ids = [ group_ids ]


  519
  
                group_ids = [ group_ids ]






  
  

  520
  





  
  

  521
  
            for acl in old_acl:






  
  

  522
  
                if (acl['permission']==perm) and (str(acl['role_id']) not in group_ids):






  
  

  523
  
                    del_group_ids.append(str(acl['role_id']))






  
  

  524
  





  
  

  525
  
            if new_group_ids or del_group_ids:






  
  

  526
  
                model.AuditLog.log('updated "%s" permissions: "%s" => "%s" for %s' % (






  
  

  527
  
                    perm,






  
  

  528
  
                    ', '.join(map(lambda id: model.ProjectRole.query.get(_id=ObjectId(id)).name, group_ids+del_group_ids)),






  
  

  529
  
                    ', '.join(map(lambda id: model.ProjectRole.query.get(_id=ObjectId(id)).name, group_ids+new_group_ids)),






  
  

  530
  
                    self.app.config.options['mount_point']))






  
  

  531
  





  518
  
            role_ids = map(ObjectId, group_ids + new_group_ids)


  532
  
            role_ids = map(ObjectId, group_ids + new_group_ids)






  519
  
            self.app.config.acl += [


  533
  
            self.app.config.acl += [






  520
  
                model.ACE.allow(r, perm) for r in role_ids]


  534
  
                model.ACE.allow(r, perm) for r in role_ids]






  521
  
        redirect(request.referer)


  535
  
        redirect(request.referer)