opensourceprojects.eu / osp-allura / Diff of /Allura/allura/app.py

Diff of /Allura/allura/app.py [607925] .. [429f32]

Switch to unified view


...
from urllib import basejoin
from cStringIO import StringIO

from tg import expose, redirect, flash
from tg.decorators import without_trailing_slash
from pylons import c, g, request
from bson import ObjectId

from ming.orm import session

from allura.lib.helpers import push_config, vardec
from allura.lib.security import require, has_artifact_access, has_project_access
from allura import model
from allura.controllers import BaseController
from allura.lib.decorators import react, require_post

log = logging.getLogger(__name__)
...
        return []

    def admin_menu(self):
        admin_url = c.project.url()+'admin/'+self.config.options.mount_point+'/'
        links = []
        if self.permissions and has_project_access('security')():
            links.append(SitemapEntry('Permissions', admin_url + 'permissions', className='nav_child'))
        if len(self.config_options) > 3:
            links.append(SitemapEntry('Options', admin_url + 'options', className='admin_modal'))
        return links

...
    @without_trailing_slash
    def permissions(self):
        from ext.admin.widgets import PermissionCard
        c.card = PermissionCard()
        return dict(app=self.app,
                    allow_config=has_project_access('security')())

    @expose('jinja:app_admin_options.html')
    def options(self):
        return dict(app=self.app,
                    allow_config=has_artifact_access('configure', app=self.app)())
...
            if isinstance(group_ids, basestring):
                group_ids = [ group_ids ]
            role_ids = map(ObjectId, group_ids + new_group_ids)
            roles = model.ProjectRole.query.find(dict(
                _id={'$in':role_ids},
                project_id=c.project.root_project._id))
            self.app.config.acl[perm] = [ r._id for r in roles ]
        redirect(request.referer)

    @expose()
    @require_post()
    def del_perm(self, permission=None, role=None):
        require(has_artifact_access('configure', app=self.app))

	a/Allura/allura/app.py		b/Allura/allura/app.py
	...		...
2	from urllib import basejoin	2	from urllib import basejoin
3	from cStringIO import StringIO	3	from cStringIO import StringIO
4		4
5	from tg import expose, redirect, flash	5	from tg import expose, redirect, flash
6	from tg.decorators import without_trailing_slash	6	from tg.decorators import without_trailing_slash
7	from pylons import c, g	7	from pylons import c, g, request
8	from bson import ObjectId	8	from bson import ObjectId
9		9
10	from ming.orm import session	10	from ming.orm import session
11		11
12	from allura.lib.helpers import push_config, vardec	12	from allura.lib.helpers import push_config, vardec
13	from allura.lib.security import require, has_artifact_access	13	from allura.lib.security import require, has_artifact_access, has_project_access
14	from allura import model	14	from allura import model
15	from allura.controllers import BaseController	15	from allura.controllers import BaseController
16	from allura.lib.decorators import react, require_post	16	from allura.lib.decorators import react, require_post
17		17
18	log = logging.getLogger(__name__)	18	log = logging.getLogger(__name__)
	...		...
210	return []	210	return []
211		211
212	def admin_menu(self):	212	def admin_menu(self):
213	admin_url = c.project.url()+'admin/'+self.config.options.mount_point+'/'	213	admin_url = c.project.url()+'admin/'+self.config.options.mount_point+'/'
214	links = []	214	links = []
215	if self.permissions and has_artifact_access('configure', app=self)():	215	if self.permissions and has_project_access('security')():
216	links.append(SitemapEntry('Permissions', admin_url + 'permissions', className='nav_child'))	216	links.append(SitemapEntry('Permissions', admin_url + 'permissions', className='nav_child'))
217	if len(self.config_options) > 3:	217	if len(self.config_options) > 3:
218	links.append(SitemapEntry('Options', admin_url + 'options', className='admin_modal'))	218	links.append(SitemapEntry('Options', admin_url + 'options', className='admin_modal'))
219	return links	219	return links
220		220
	...		...
272	@without_trailing_slash	272	@without_trailing_slash
273	def permissions(self):	273	def permissions(self):
274	from ext.admin.widgets import PermissionCard	274	from ext.admin.widgets import PermissionCard
275	c.card = PermissionCard()	275	c.card = PermissionCard()
276	return dict(app=self.app,	276	return dict(app=self.app,
277	allow_config=has_artifact_access('configure', app=self.app)())	277	allow_config=has_project_access('security')())
278		278
279	@expose('jinja:app_admin_options.html')	279	@expose('jinja:app_admin_options.html')
280	def options(self):	280	def options(self):
281	return dict(app=self.app,	281	return dict(app=self.app,
282	allow_config=has_artifact_access('configure', app=self.app)())	282	allow_config=has_artifact_access('configure', app=self.app)())
	...		...
320	if isinstance(group_ids, basestring):	320	if isinstance(group_ids, basestring):
321	group_ids = [ group_ids ]	321	group_ids = [ group_ids ]
322	role_ids = map(ObjectId, group_ids + new_group_ids)	322	role_ids = map(ObjectId, group_ids + new_group_ids)
323	roles = model.ProjectRole.query.find(dict(	323	roles = model.ProjectRole.query.find(dict(
324	_id={'$in':role_ids},	324	_id={'$in':role_ids},
325	project_id=c.project._id))	325	project_id=c.project.root_project._id))
326	self.app.config.acl[perm] = [ r._id for r in roles ]	326	self.app.config.acl[perm] = [ r._id for r in roles ]
327	redirect('.')	327	redirect(request.referer)
328		328
329	@expose()	329	@expose()
330	@require_post()	330	@require_post()
331	def del_perm(self, permission=None, role=None):	331	def del_perm(self, permission=None, role=None):
332	require(has_artifact_access('configure', app=self.app))	332	require(has_artifact_access('configure', app=self.app))