incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tvansteenbu...@apache.org
Subject [3/4] git commit: [#6164] Bug fixes/clean up on merge request edits
Date Fri, 21 Feb 2014 17:37:10 GMT
[#6164] Bug fixes/clean up on merge request edits

- Fix bug fetching MR w/o specifying app_config_id
- Only show Edit icon if user has write access
- Clean up security access checks and imports

Signed-off-by: Tim Van Steenburgh <tvansteenburgh@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/a7530430
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/a7530430
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/a7530430

Branch: refs/heads/master
Commit: a7530430964836efd5dbe579d1dc1abbe4114624
Parents: 4601179
Author: Tim Van Steenburgh <tvansteenburgh@gmail.com>
Authored: Fri Feb 21 17:19:30 2014 +0000
Committer: Tim Van Steenburgh <tvansteenburgh@gmail.com>
Committed: Fri Feb 21 17:35:57 2014 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/repository.py         | 48 +++++++++-----------
 Allura/allura/templates/repo/merge_request.html |  5 +-
 2 files changed, 26 insertions(+), 27 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/a7530430/Allura/allura/controllers/repository.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/repository.py b/Allura/allura/controllers/repository.py
index 7fb1a7e..eecd563 100644
--- a/Allura/allura/controllers/repository.py
+++ b/Allura/allura/controllers/repository.py
@@ -22,6 +22,7 @@ from urllib import quote, unquote
 from collections import defaultdict
 from itertools import islice
 
+from paste.deploy.converters import asbool
 from pylons import tmpl_context as c, app_globals as g
 from pylons import request, response
 from webob import exc
@@ -35,22 +36,21 @@ from ming.base import Object
 from ming.orm import ThreadLocalORMSession, session
 
 import allura.tasks
-from allura.lib import security
+from allura import model as M
 from allura.lib import utils
 from allura.lib import helpers as h
 from allura.lib import widgets as w
 from allura.lib.decorators import require_post
-from allura.controllers import AppDiscussionController
+from allura.lib.diff import HtmlSideBySideDiff
+from allura.lib.security import require_access, require_authenticated
+from allura.lib.widgets import form_fields as ffw
 from allura.lib.widgets.repo import SCMLogWidget, SCMRevisionWidget, SCMTreeWidget
 from allura.lib.widgets.repo import SCMMergeRequestWidget, SCMMergeRequestFilterWidget
 from allura.lib.widgets.repo import SCMMergeRequestDisposeWidget, SCMCommitBrowserWidget
 from allura.lib.widgets.subscriptions import SubscribeForm
-from allura import model as M
-from allura.lib.widgets import form_fields as ffw
+from allura.controllers import AppDiscussionController
 from allura.controllers.base import DispatchIndex
 from allura.controllers.feed import FeedController, FeedArgs
-from allura.lib.diff import HtmlSideBySideDiff
-from paste.deploy.converters import asbool
 from .base import BaseController
 
 log = logging.getLogger(__name__)
@@ -75,7 +75,7 @@ class RepoRootController(BaseController, FeedController):
         return FeedArgs(query, title, app.url, description=description)
 
     def _check_security(self):
-        security.require(security.has_access(c.app, 'read'))
+        require_access(c.app, 'read')
 
     @with_trailing_slash
     @expose()
@@ -112,7 +112,7 @@ class RepoRootController(BaseController, FeedController):
     @expose('jinja:allura:templates/repo/fork.html')
     def fork(self, project_id=None, mount_point=None, mount_label=None, **kw):
         # this shows the form and handles the submission
-        security.require_authenticated()
+        require_authenticated()
         if not c.app.forkable:
             raise exc.HTTPNotFound
         from_repo = c.app.repo
@@ -132,7 +132,7 @@ class RepoRootController(BaseController, FeedController):
             with h.push_config(c, project=to_project):
                 if not to_project.database_configured:
                     to_project.configure_project(is_user_project=True)
-                security.require(security.has_access(to_project, 'admin'))
+                require_access(to_project, 'admin')
                 try:
                     to_project.install_app(
                         ep_name=from_repo.tool_name,
@@ -163,7 +163,7 @@ class RepoRootController(BaseController, FeedController):
     @without_trailing_slash
     @expose('jinja:allura:templates/repo/request_merge.html')
     def request_merge(self, branch=None, **kw):
-        security.require(security.has_access(c.app.repo, 'admin'))
+        require_access(c.app.repo, 'admin')
         c.form = self.mr_widget
         if branch in c.form.source_branches:
             source_branch = branch
@@ -382,8 +382,7 @@ class MergeRequestController(object):
 
     @expose('jinja:allura:templates/repo/merge_request_edit.html')
     def edit(self, **kw):
-        security.require(
-            security.has_access(self.req, 'write'), 'Write access required')
+        require_access(self.req, 'write')
         c.form = self.mr_widget_edit
         if self.req['source_branch'] in c.form.source_branches:
             source_branch = self.req['source_branch']
@@ -403,27 +402,24 @@ class MergeRequestController(object):
     @expose()
     @require_post()
     def do_request_merge_edit(self, **kw):
-        security.require(
-            security.has_access(self.req, 'write'), 'Write access required')
+        require_access(self.req, 'write')
         kw = self.mr_widget_edit.to_python(kw)
-        mr = M.MergeRequest.query.get(request_number=self.req['request_number'])
-        mr.summary = kw['summary']
-        mr.target_branch = kw['target_branch']
-        mr.source_branch = kw['source_branch']
-        mr.description = kw['description']
+        self.req.summary = kw['summary']
+        self.req.target_branch = kw['target_branch']
+        self.req.source_branch = kw['source_branch']
+        self.req.description = kw['description']
         with self.req.push_downstream_context():
-            mr.downstream['commit_id'] = c.app.repo.commit(kw['source_branch'])._id
+            self.req.downstream['commit_id'] = c.app.repo.commit(kw['source_branch'])._id
         M.Notification.post(
-            mr, 'merge_request',
-            subject='Merge request: ' + mr.summary)
-        redirect(mr.url())
+            self.req, 'merge_request',
+            subject='Merge request: ' + self.req.summary)
+        redirect(self.req.url())
 
     @expose()
     @require_post()
     @validate(mr_dispose_form)
     def save(self, status=None, **kw):
-        security.require(
-            security.has_access(self.req, 'write'), 'Write access required')
+        require_access(self.req, 'write')
         self.req.status = status
         redirect('.')
 
@@ -462,7 +458,7 @@ class BranchBrowser(BaseController):
         self._branch = branch
 
     def _check_security(self):
-        security.require(security.has_access(c.app.repo, 'read'))
+        require_access(c.app.repo, 'read')
 
     @expose('jinja:allura:templates/repo/tags.html')
     @with_trailing_slash

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/a7530430/Allura/allura/templates/repo/merge_request.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/repo/merge_request.html b/Allura/allura/templates/repo/merge_request.html
index 00aa0b0..4454066 100644
--- a/Allura/allura/templates/repo/merge_request.html
+++ b/Allura/allura/templates/repo/merge_request.html
@@ -29,8 +29,11 @@
 {% block header %}{{c.app.config.options.mount_label}}
 Merge Request #{{req.request_number}}: {{req.summary}} ({{req.status}})
 {% endblock %}
+
 {% block actions %}
-      <a href="edit" title="Edit"><b data-icon="{{g.icons['pencil'].char}}" class="ico
{{g.icons['pencil'].css}}" title="Edit"></b></a>
+  {% if h.has_access(req, 'write')() %}
+    <a href="edit" title="Edit"><b data-icon="{{g.icons['pencil'].char}}" class="ico
{{g.icons['pencil'].css}}" title="Edit"></b></a>
+  {% endif %}
 {% endblock %}
 
 {% block content %}


Mime
View raw message