|
a/Allura/allura/app.py |
|
b/Allura/allura/app.py |
|
... |
|
... |
| 7 |
from pylons import c, g
|
7 |
from pylons import c, g
|
| 8 |
from bson import ObjectId
|
8 |
from bson import ObjectId
|
| 9 |
|
9 |
|
| 10 |
from ming.orm import session
|
10 |
from ming.orm import session
|
| 11 |
|
11 |
|
| 12 |
from allura.lib.helpers import push_config
|
12 |
from allura.lib.helpers import push_config, vardec
|
| 13 |
from allura.lib.security import require, has_artifact_access
|
13 |
from allura.lib.security import require, has_artifact_access
|
| 14 |
from allura import model
|
14 |
from allura import model
|
| 15 |
from allura.controllers import BaseController
|
15 |
from allura.controllers import BaseController
|
| 16 |
from allura.lib.decorators import react, require_post
|
16 |
from allura.lib.decorators import react, require_post
|
| 17 |
|
17 |
|
|
... |
|
... |
| 210 |
return []
|
210 |
return []
|
| 211 |
|
211 |
|
| 212 |
def admin_menu(self):
|
212 |
def admin_menu(self):
|
| 213 |
admin_url = c.project.url()+'admin/'+self.config.options.mount_point+'/'
|
213 |
admin_url = c.project.url()+'admin/'+self.config.options.mount_point+'/'
|
| 214 |
links = []
|
214 |
links = []
|
| 215 |
# if self.permissions and has_artifact_access('configure', app=self)():
|
215 |
if self.permissions and has_artifact_access('configure', app=self)():
|
| 216 |
# links.append(SitemapEntry('Permissions', admin_url + 'permissions', className='nav_child'))
|
216 |
links.append(SitemapEntry('Permissions', admin_url + 'permissions', className='nav_child'))
|
| 217 |
if len(self.config_options) > 3:
|
217 |
if len(self.config_options) > 3:
|
| 218 |
links.append(SitemapEntry('Options', admin_url + 'options', className='admin_modal'))
|
218 |
links.append(SitemapEntry('Options', admin_url + 'options', className='admin_modal'))
|
| 219 |
return links
|
219 |
return links
|
| 220 |
|
220 |
|
| 221 |
def message_auditor(self, routing_key, data, artifact, **kw):
|
221 |
def message_auditor(self, routing_key, data, artifact, **kw):
|
|
... |
|
... |
| 269 |
return redirect('permissions')
|
269 |
return redirect('permissions')
|
| 270 |
|
270 |
|
| 271 |
@expose('jinja:app_admin_permissions.html')
|
271 |
@expose('jinja:app_admin_permissions.html')
|
| 272 |
@without_trailing_slash
|
272 |
@without_trailing_slash
|
| 273 |
def permissions(self):
|
273 |
def permissions(self):
|
|
|
274 |
from ext.admin.widgets import PermissionCard
|
|
|
275 |
c.card = W.PermissionCard()
|
| 274 |
return dict(app=self.app,
|
276 |
return dict(app=self.app,
|
| 275 |
allow_config=has_artifact_access('configure', app=self.app)())
|
277 |
allow_config=has_artifact_access('configure', app=self.app)())
|
| 276 |
|
278 |
|
| 277 |
@expose('jinja:app_admin_options.html')
|
279 |
@expose('jinja:app_admin_options.html')
|
| 278 |
def options(self):
|
280 |
def options(self):
|
|
... |
|
... |
| 302 |
+ self.app.config.options.mount_point
|
304 |
+ self.app.config.options.mount_point
|
| 303 |
+ '/')
|
305 |
+ '/')
|
| 304 |
else:
|
306 |
else:
|
| 305 |
redirect('../' + self.app.config.options.mount_point + '/')
|
307 |
redirect('../' + self.app.config.options.mount_point + '/')
|
| 306 |
|
308 |
|
|
|
309 |
@without_trailing_slash
|
| 307 |
@expose()
|
310 |
@expose()
|
|
|
311 |
@vardec
|
| 308 |
@require_post()
|
312 |
@require_post()
|
| 309 |
def add_perm(self, permission=None, role=None):
|
313 |
def update(self, card=None, **kw):
|
| 310 |
require(has_artifact_access('configure', app=self.app))
|
314 |
for args in card:
|
| 311 |
self.app.config.acl.setdefault(permission, []).append(ObjectId(role))
|
315 |
perm = args['id']
|
|
|
316 |
new_group_ids = args.get('new', [])
|
|
|
317 |
group_ids = args.get('value', [])
|
|
|
318 |
if isinstance(new_group_ids, basestring):
|
|
|
319 |
new_group_ids = [ new_group_ids ]
|
|
|
320 |
if isinstance(group_ids, basestring):
|
|
|
321 |
group_ids = [ group_ids ]
|
|
|
322 |
role_ids = map(ObjectId, group_ids + new_group_ids)
|
|
|
323 |
roles = model.ProjectRole.query.find(dict(
|
|
|
324 |
_id={'$in':role_ids},
|
|
|
325 |
project_id=c.project._id))
|
|
|
326 |
self.app.config.acl[perm] = [ r._id for r in roles ]
|
| 312 |
redirect('permissions')
|
327 |
redirect('.')
|
| 313 |
|
328 |
|
| 314 |
@expose()
|
329 |
@expose()
|
| 315 |
@require_post()
|
330 |
@require_post()
|
| 316 |
def del_perm(self, permission=None, role=None):
|
331 |
def del_perm(self, permission=None, role=None):
|
| 317 |
require(has_artifact_access('configure', app=self.app))
|
332 |
require(has_artifact_access('configure', app=self.app))
|