Gitiles
Code Review Sign In
gerrit.avm99963.com / monorail-avm99963 / 1663d14d8132d1d2bacc6302122f4ce2c8af201a / . / sitewide / grouplist.py
blob: 57c46e97a3aaa9b1dbe1789b2055d6756c66661f [file] [log] [blame]
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]1# Copyright 2016 The Chromium Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style
3# license that can be found in the LICENSE file or at
4# https://developers.google.com/open-source/licenses/bsd
5
6"""Classes to list user groups."""
7from __future__ import print_function
8from __future__ import division
9from __future__ import absolute_import
10
11import logging
12import time
13
14import ezt
15
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +0200[diff] [blame]16from framework import flaskservlet, framework_helpers
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]17from framework import permissions
18from framework import servlet
19from framework import urls
20from framework import xsrf
21from sitewide import sitewide_views
22
23
24class GroupList(servlet.Servlet):
25 """Shows a page with a simple form to create a user group."""
26
27 _PAGE_TEMPLATE = 'sitewide/group-list-page.ezt'
28
29 def AssertBasePermission(self, mr):
30 """Assert that the user has the permissions needed to view this page."""
31 super(GroupList, self).AssertBasePermission(mr)
32
33 if not mr.perms.HasPerm(permissions.VIEW_GROUP, None, None):
34 raise permissions.PermissionException(
35 'User is not allowed to view list of user groups')
36
37 def GatherPageData(self, mr):
38 """Build up a dictionary of data values to use when rendering the page."""
39 group_views = [
40 sitewide_views.GroupView(*groupinfo) for groupinfo in
41 self.services.usergroup.GetAllUserGroupsInfo(mr.cnxn)]
42 group_views.sort(key=lambda gv: gv.name)
43 offer_group_deletion = mr.perms.CanUsePerm(
44 permissions.DELETE_GROUP, mr.auth.effective_ids, None, [])
45 offer_group_creation = mr.perms.CanUsePerm(
46 permissions.CREATE_GROUP, mr.auth.effective_ids, None, [])
47
48 return {
49 'form_token': xsrf.GenerateToken(
50 mr.auth.user_id, '%s.do' % urls.GROUP_DELETE),
51 'groups': group_views,
52 'offer_group_deletion': ezt.boolean(offer_group_deletion),
53 'offer_group_creation': ezt.boolean(offer_group_creation),
54 }
55
56 def ProcessFormData(self, mr, post_data):
57 """Process the posted form."""
58 if 'removebtn' in post_data:
59 return self.ProcessDeleteGroups(mr, post_data)
60
61 def ProcessDeleteGroups(self, mr, post_data):
62 """Process request to delete groups."""
63 if not mr.perms.CanUsePerm(
64 permissions.DELETE_GROUP, mr.auth.effective_ids, None, []):
65 raise permissions.PermissionException(
66 'User is not permitted to delete groups')
67
68 remove_groups = [int(g) for g in post_data.getall('remove')]
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +0200[diff] [blame]69 # TODO(crbug.com/monorail/10936): getall in Flask is getlist
70 # remove_groups = [int(g) for g in post_data.getlist('remove')]
Copybara854996b2021-09-07 19:36:02 +0000[diff] [blame]71
72 if not mr.errors.AnyErrors():
73 self.services.usergroup.DeleteGroups(mr.cnxn, remove_groups)
74
75 if mr.errors.AnyErrors():
76 self.PleaseCorrect(mr)
77 else:
78 return framework_helpers.FormatAbsoluteURL(
79 mr, '/g', include_project=False,
80 saved=1, ts=int(time.time()))
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +0200[diff] [blame]81
82 # def GetGroupList(self, **kwargs):
83 # return self.handler(**kwargs)
84
85 # def PostGroupList(self, **kwargs):
86 # return self.handler(**kwargs)
87
88
89class GroupDelete(flaskservlet.FlaskServlet):
90 """Shows a page with a simple form to create a user group."""
91
92 _PAGE_TEMPLATE = 'sitewide/group-list-page.ezt'
93
94 def AssertBasePermission(self, mr):
95 """Assert that the user has the permissions needed to view this page."""
96 super(GroupDelete, self).AssertBasePermission(mr)
97
98 if not mr.perms.HasPerm(permissions.VIEW_GROUP, None, None):
99 raise permissions.PermissionException(
100 'User is not allowed to view list of user groups')
101
102 def GatherPageData(self, mr):
103 """Build up a dictionary of data values to use when rendering the page."""
104 group_views = [
105 sitewide_views.GroupView(*groupinfo)
106 for groupinfo in self.services.usergroup.GetAllUserGroupsInfo(mr.cnxn)
107 ]
108 group_views.sort(key=lambda gv: gv.name)
109 offer_group_deletion = mr.perms.CanUsePerm(
110 permissions.DELETE_GROUP, mr.auth.effective_ids, None, [])
111 offer_group_creation = mr.perms.CanUsePerm(
112 permissions.CREATE_GROUP, mr.auth.effective_ids, None, [])
113
114 return {
115 'form_token':
116 xsrf.GenerateToken(mr.auth.user_id, '%s.do' % urls.GROUP_DELETE),
117 'groups':
118 group_views,
119 'offer_group_deletion':
120 ezt.boolean(offer_group_deletion),
121 'offer_group_creation':
122 ezt.boolean(offer_group_creation),
123 }
124
125 def ProcessFormData(self, mr, post_data):
126 """Process the posted form."""
127 if 'removebtn' in post_data:
128 return self.ProcessDeleteGroups(mr, post_data)
129
130 def ProcessDeleteGroups(self, mr, post_data):
131 """Process request to delete groups."""
132 if not mr.perms.CanUsePerm(permissions.DELETE_GROUP, mr.auth.effective_ids,
133 None, []):
134 raise permissions.PermissionException(
135 'User is not permitted to delete groups')
136
137 remove_groups = [int(g) for g in post_data.getlist('remove')]
138
139 if not mr.errors.AnyErrors():
140 self.services.usergroup.DeleteGroups(mr.cnxn, remove_groups)
141
142 if mr.errors.AnyErrors():
143 self.PleaseCorrect(mr)
144 else:
145 return framework_helpers.FormatAbsoluteURL(
146 mr, '/g', include_project=False, saved=1, ts=int(time.time()))
147
148 def GetGroupDelete(self, **kwargs):
149 return self.handler(**kwargs)
150
151 def PostGroupDelete(self, **kwargs):
152 return self.handler(**kwargs)