--- a/Allura/allura/controllers/project.py
+++ b/Allura/allura/controllers/project.py
@@ -25,7 +25,7 @@
from allura.lib import utils
from allura.lib.decorators import require_post
from allura.controllers.error import ErrorController
-from allura.lib.security import require, has_project_access, has_neighborhood_access
+from allura.lib.security import require_access, has_access
from allura.lib.security import RoleCache
from allura.lib.widgets import form_fields as ffw
from allura.lib.widgets import forms as forms
@@ -60,8 +60,7 @@
self._moderate = NeighborhoodModerateController(self.neighborhood)
def _check_security(self):
- require(has_neighborhood_access('read', self.neighborhood),
- 'Read access required')
+ require_access(self.neighborhood, 'read')
@expose()
def _lookup(self, pname, *remainder):
@@ -73,14 +72,8 @@
project = M.Project.query.get(
shortname='--init--',
neighborhood_id=self.neighborhood._id)
- if not project:
- # Go ahead and register it
- project_reg = plugin.ProjectRegistrationProvider.get()
- users = M.User.query.find(dict(_id={'$in':self.neighborhood.acl.admin})).all()
- project = project_reg.register_neighborhood_project(self.neighborhood, users)
- if project:
- c.project = project
- return ProjectController()._lookup(pname, *remainder)
+ c.project = project
+ return ProjectController()._lookup(pname, *remainder)
if project.database_configured == False:
if remainder == ('user_icon',):
redirect(g.forge_static('images/user.png'))
@@ -91,7 +84,7 @@
else:
raise exc.HTTPNotFound, pname
c.project = project
- if project is None or (project.deleted and not has_project_access('update')()):
+ if project is None or (project.deleted and not has_access(c.project, 'update')()):
raise exc.HTTPNotFound, pname
if project.neighborhood.name != self.neighborhood_name:
redirect(project.url())
@@ -136,7 +129,7 @@
@expose('jinja:allura:templates/neighborhood_add_project.html')
@without_trailing_slash
def add_project(self, **form_data):
- require(has_neighborhood_access('create', self.neighborhood), 'Create access required')
+ require_access(self.neighborhood, 'create')
c.add_project = W.add_project
for checkbox in ['Wiki','Git','Tickets','Downloads','Discussion']:
form_data.setdefault(checkbox, True)
@@ -164,7 +157,7 @@
@utils.AntiSpam.validate('Spambot protection engaged')
@require_post()
def register(self, project_unixname=None, project_description=None, project_name=None, neighborhood=None, **kw):
- require(has_neighborhood_access('create', self.neighborhood), 'Create access required')
+ require_access(self.neighborhood, 'create')
project_description = h.really_unicode(project_description or '').encode('utf-8')
project_name = h.really_unicode(project_name or '').encode('utf-8')
project_unixname = h.really_unicode(project_unixname or '').encode('utf-8').lower()
@@ -175,7 +168,6 @@
if project_description:
c.project.short_description = project_description
ming.orm.ormsession.ThreadLocalORMSession.flush_all()
- # require(has_project_access('tool'))
for i, tool in enumerate(kw):
if kw[tool]:
c.project.install_app(tool, ordinal=i)
@@ -259,8 +251,7 @@
return app.root, remainder
def _check_security(self):
- require(has_project_access('read'),
- 'Read access required')
+ require_access(c.project, 'read')
@expose()
@with_trailing_slash
@@ -276,8 +267,6 @@
@without_trailing_slash
def sitemap(self): # pragma no cover
raise NotImplementedError, 'sitemap'
- require(has_project_access('read'))
- return dict()
@without_trailing_slash
@expose()
@@ -388,8 +377,7 @@
self.awards = NeighborhoodAwardsController(self.neighborhood)
def _check_security(self):
- require(has_neighborhood_access('admin', self.neighborhood),
- 'Admin access required')
+ require_access(self.neighborhood, 'admin')
def set_nav(self):
project = M.Project.query.find({'shortname':'--init--','neighborhood_id':self.neighborhood._id}).first()
@@ -400,7 +388,6 @@
admin_url = self.neighborhood.url()+'_admin/'
c.custom_sidebar_menu = [
SitemapEntry('Overview', admin_url+'overview', className='nav_child'),
- SitemapEntry('Permissions', admin_url+'permissions', className='nav_child'),
SitemapEntry('Awards', admin_url+'accolades', className='nav_child')]
@with_trailing_slash
@@ -460,39 +447,13 @@
thumbnail_meta=dict(neighborhood_id=self.neighborhood._id))
redirect('overview')
- @h.vardec
- @expose()
- @require_post()
- def update_acl(self, permission=None, user=None, new=None, **kw):
- if user is None: user = []
- for u in user:
- if u.get('delete'):
- if u['id']:
- self.neighborhood.acl[permission].remove(ObjectId(str(u['id'])))
- else:
- self.neighborhood.acl[permission].remove(None)
- if new.get('add'):
- if new['username'] == '*authenticated':
- self.neighborhood.acl[permission] = []
- elif new['username'] == '*anonymous':
- self.neighborhood.acl[permission] = [ None ]
- else:
- u = M.User.by_username(new['username'])
- if u is None:
- flash('Cannot find user "%s"' % new['username'], 'error')
- redirect(request.referer)
- else:
- self.neighborhood.acl[permission].append(u._id)
- redirect('permissions')
-
class NeighborhoodModerateController(object):
def __init__(self, neighborhood):
self.neighborhood = neighborhood
def _check_security(self):
- require(has_neighborhood_access('moderate', self.neighborhood),
- 'Moderator access required')
+ require_access(self.neighborhood, 'admin')
@expose('jinja:allura:templates/neighborhood_moderate.html')
def index(self, **kw):