Mailing-List: contact allura-commits-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: allura-dev@incubator.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: johnsca@apache.org
To: allura-commits@incubator.apache.org
Date: Tue, 24 Sep 2013 19:38:06 -0000
Message-Id: <51740c7ba1604aa0be47d7e17cccd4f6@git.apache.org>
In-Reply-To: <23245120331d4ab1b230984179626760@git.apache.org>
References: <23245120331d4ab1b230984179626760@git.apache.org>
Subject: [30/33] git commit: [#6392] ticket:444 Simplify update() controller

[#6392] ticket:444 Simplify update() controller


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/009fc6e3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/009fc6e3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/009fc6e3

Branch: refs/heads/cj/6695
Commit: 009fc6e3cb96d4886c180c7ff080fdf51f1b0620
Parents: 82be4a4
Author: Igor Bondarenko <jetmind2@gmail.com>
Authored: Tue Sep 24 13:50:00 2013 +0300
Committer: Tim Van Steenburgh <tvansteenburgh@gmail.com>
Committed: Tue Sep 24 17:36:25 2013 +0000

----------------------------------------------------------------------
 Allura/allura/app.py | 21 ++++-----------------
 1 file changed, 4 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/009fc6e3/Allura/allura/app.py
----------------------------------------------------------------------
diff --git a/Allura/allura/app.py b/Allura/allura/app.py
index efa61a6..0135969 100644
--- a/Allura/allura/app.py
+++ b/Allura/allura/app.py
@@ -733,9 +733,8 @@ class DefaultAdminController(BaseController):
             if isinstance(group_ids, basestring):
                 group_ids = [ group_ids ]
 
-            # ACE.deny() entries for blocked users will end up in del_group_ids after the following
             for acl in old_acl:
-                if (acl['permission']==perm) and (str(acl['role_id']) not in group_ids):
+                if (acl['permission'] == perm) and (str(acl['role_id']) not in group_ids) and acl['access'] != model.ACE.DENY:
                     del_group_ids.append(str(acl['role_id']))
 
             get_role = lambda _id: model.ProjectRole.query.get(_id=ObjectId(_id))
@@ -743,18 +742,6 @@ class DefaultAdminController(BaseController):
             new_groups = map(get_role, new_group_ids)
             del_groups = map(get_role, del_group_ids)
 
-            def split_group_user_roles(roles):
-                group_roles = []
-                user_roles = []
-                for role in roles:
-                    if role.user_id and not role.name:
-                        user_roles.append(role)
-                    else:
-                        group_roles.append(role)
-                return group_roles, user_roles
-
-            del_groups, user_roles = split_group_user_roles(del_groups)
-
             if new_groups or del_groups:
                 model.AuditLog.log('updated "%s" permission: "%s" => "%s" for %s' % (
                     perm,
@@ -767,7 +754,7 @@ class DefaultAdminController(BaseController):
                 model.ACE.allow(r, perm) for r in role_ids]
 
             # Add all ACEs for user roles back
-            user_roles_ids = map(lambda role: role._id, user_roles)
-            user_aces = filter(lambda ace: ace.permission == perm and ace.role_id in user_roles_ids, old_acl)
-            self.app.config.acl += user_aces
+            for ace in old_acl:
+                if (ace.permission == perm) and (ace.access == model.ACE.DENY):
+                    self.app.config.acl.append(ace)
         redirect(request.referer)