Mercurial > p > roundup > code

comparison roundup/xmlrpc.py @ 4124:0ad79301f055

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Restrict user creation rights in XMLRPC frontend.
author Stefan Seefeld <stefan@seefeld.name>
date Wed, 17 Jun 2009 01:26:04 +0000
parents bbab97f8ffb2
children 3c4545f55949 4498f5252f8b
comparison
equal deleted inserted replaced
4120:ad57b06af972 4124:0ad79301f055
88 (p, designator)) 88 (p, designator))
89 result = [(prop, cl.get(itemid, prop)) for prop in props] 89 result = [(prop, cl.get(itemid, prop)) for prop in props]
90 return dict(result) 90 return dict(result)
91 91
92 def create(self, classname, *args): 92 def create(self, classname, *args):
93
93 if not self.db.security.hasPermission('Create', self.db.getuid(), classname): 94 if not self.db.security.hasPermission('Create', self.db.getuid(), classname):
94 raise Unauthorised('Permission to create %s denied'%classname) 95 raise Unauthorised('Permission to create %s denied'%classname)
95 96
96 cl = self.db.getclass(classname) 97 cl = self.db.getclass(classname)
97 98
100 101
101 # check for the key property 102 # check for the key property
102 key = cl.getkey() 103 key = cl.getkey()
103 if key and not props.has_key(key): 104 if key and not props.has_key(key):
104 raise UsageError, 'you must provide the "%s" property.'%key 105 raise UsageError, 'you must provide the "%s" property.'%key
106
107 for key in props:
108 if not self.db.security.hasPermission('Edit', self.db.getuid(), classname,
109 property=key):
110 raise Unauthorised('Permission to create %s denied'%classname)
105 111
106 # do the actual create 112 # do the actual create
107 try: 113 try:
108 result = cl.create(**props) 114 result = cl.create(**props)
109 except (TypeError, IndexError, ValueError), message: 115 except (TypeError, IndexError, ValueError), message:
127 133
128 134
129 builtin_actions = {'retire': actions.Retire} 135 builtin_actions = {'retire': actions.Retire}
130 136
131 def action(self, name, *args): 137 def action(self, name, *args):
132 """""" 138 """Execute a named action."""
133 139
134 if name in self.actions: 140 if name in self.actions:
135 action_type = self.actions[name] 141 action_type = self.actions[name]
136 elif name in self.builtin_actions: 142 elif name in self.builtin_actions:
137 action_type = self.builtin_actions[name] 143 action_type = self.builtin_actions[name]
Roundup Issue Tracker: http://roundup-tracker.org/