| Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 1 | # Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 | # Use of this source code is governed by a BSD-style |
| 3 | # license that can be found in the LICENSE file or at |
| 4 | # https://developers.google.com/open-source/licenses/bsd |
| 5 | |
| 6 | """Classes to list user groups.""" |
| 7 | from __future__ import print_function |
| 8 | from __future__ import division |
| 9 | from __future__ import absolute_import |
| 10 | |
| 11 | import logging |
| 12 | import time |
| 13 | |
| 14 | import ezt |
| 15 | |
| 16 | from framework import framework_helpers |
| 17 | from framework import permissions |
| 18 | from framework import servlet |
| 19 | from framework import urls |
| 20 | from framework import xsrf |
| 21 | from sitewide import sitewide_views |
| 22 | |
| 23 | |
| 24 | class GroupList(servlet.Servlet): |
| 25 | """Shows a page with a simple form to create a user group.""" |
| 26 | |
| 27 | _PAGE_TEMPLATE = 'sitewide/group-list-page.ezt' |
| 28 | |
| 29 | def AssertBasePermission(self, mr): |
| 30 | """Assert that the user has the permissions needed to view this page.""" |
| 31 | super(GroupList, self).AssertBasePermission(mr) |
| 32 | |
| 33 | if not mr.perms.HasPerm(permissions.VIEW_GROUP, None, None): |
| 34 | raise permissions.PermissionException( |
| 35 | 'User is not allowed to view list of user groups') |
| 36 | |
| 37 | def GatherPageData(self, mr): |
| 38 | """Build up a dictionary of data values to use when rendering the page.""" |
| 39 | group_views = [ |
| 40 | sitewide_views.GroupView(*groupinfo) for groupinfo in |
| 41 | self.services.usergroup.GetAllUserGroupsInfo(mr.cnxn)] |
| 42 | group_views.sort(key=lambda gv: gv.name) |
| 43 | offer_group_deletion = mr.perms.CanUsePerm( |
| 44 | permissions.DELETE_GROUP, mr.auth.effective_ids, None, []) |
| 45 | offer_group_creation = mr.perms.CanUsePerm( |
| 46 | permissions.CREATE_GROUP, mr.auth.effective_ids, None, []) |
| 47 | |
| 48 | return { |
| 49 | 'form_token': xsrf.GenerateToken( |
| 50 | mr.auth.user_id, '%s.do' % urls.GROUP_DELETE), |
| 51 | 'groups': group_views, |
| 52 | 'offer_group_deletion': ezt.boolean(offer_group_deletion), |
| 53 | 'offer_group_creation': ezt.boolean(offer_group_creation), |
| 54 | } |
| 55 | |
| 56 | def ProcessFormData(self, mr, post_data): |
| 57 | """Process the posted form.""" |
| 58 | if 'removebtn' in post_data: |
| 59 | return self.ProcessDeleteGroups(mr, post_data) |
| 60 | |
| 61 | def ProcessDeleteGroups(self, mr, post_data): |
| 62 | """Process request to delete groups.""" |
| 63 | if not mr.perms.CanUsePerm( |
| 64 | permissions.DELETE_GROUP, mr.auth.effective_ids, None, []): |
| 65 | raise permissions.PermissionException( |
| 66 | 'User is not permitted to delete groups') |
| 67 | |
| 68 | remove_groups = [int(g) for g in post_data.getall('remove')] |
| 69 | |
| 70 | if not mr.errors.AnyErrors(): |
| 71 | self.services.usergroup.DeleteGroups(mr.cnxn, remove_groups) |
| 72 | |
| 73 | if mr.errors.AnyErrors(): |
| 74 | self.PleaseCorrect(mr) |
| 75 | else: |
| 76 | return framework_helpers.FormatAbsoluteURL( |
| 77 | mr, '/g', include_project=False, |
| 78 | saved=1, ts=int(time.time())) |