(allura) branch master updated: fix permissions options to show anonymous/read for private projects

Mon, 14 Jul 2025 07:38:06 -0700 

This is an automated email from the ASF dual-hosted git repository.

brondsem pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git


The following commit(s) were added to refs/heads/master by this push:
     new 7c27df81f fix permissions options to show anonymous/read for private 
projects
7c27df81f is described below

commit 7c27df81fa81c11ba05b7a75e8b94fe217137f66
Author: Dave Brondsema <dbronds...@slashdotmedia.com>
AuthorDate: Mon Jul 14 10:37:04 2025 -0400

    fix permissions options to show anonymous/read for private projects
---
 Allura/allura/ext/admin/templates/project_groups.html | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/Allura/allura/ext/admin/templates/project_groups.html 
b/Allura/allura/ext/admin/templates/project_groups.html
index b26508c9b..fc49c9983 100644
--- a/Allura/allura/ext/admin/templates/project_groups.html
+++ b/Allura/allura/ext/admin/templates/project_groups.html
@@ -31,14 +31,16 @@
 {% macro show_perms_for_role(role) %}
   <ul class="permissions">
     {% for perm in permissions_by_role[role._id.__str__()] %}
-        {%  set display_perms = role.name not in ['*authenticated', 
'*anonymous'] %}
-        {% if display_perms and (private_projects or perm['name'] != 'read' or 
(perm['name'] == 'read' and perm['has'] == 'no')) %}
-            <li class="{{perm['has']}}" data-permission="{{perm['name']}}">
-              {{ g.icons['perm_has_%s'%perm['has']].render(title=perm['text'], 
closing_tag=False) }}
-                {{perm['name']}}
-              </a> {# close tag, opened by render #}
-            </li>
-        {% elif private_projects and not display_perms and perm['name'] == 
'read' %}
+        {% if perm['name'] == 'read' %}
+            {# only controllable if private projects permitted, or if it was 
already false (so user can toggle it back to true) #}
+            {% set show_perm = private_projects or perm['has'] == 'no' %}
+        {% elif perm['name'] in ('admin', 'update', 'create') %}
+            {# not allowed for auth & anon, only the other normal groups  #}
+            {% set show_perm = role.name not in ['*authenticated', 
'*anonymous'] %}
+        {% else %}
+            {% set show_perm = True %}
+        {% endif %}
+        {% if show_perm %}
             <li class="{{perm['has']}}" data-permission="{{perm['name']}}">
               {{ g.icons['perm_has_%s'%perm['has']].render(title=perm['text'], 
closing_tag=False) }}
                 {{perm['name']}}

Reply via email to