##// END OF EJS Templates
bleach: moved clean out of the catch context, so we no longer allow sanitizer to be bypassed....
bleach: moved clean out of the catch context, so we no longer allow sanitizer to be bypassed. - in addition we bumped bleach to fix the error that allowed bypass

File last commit:

r2351:59272121 default
r2992:63458594 default
Show More
admin_log_base.mako
68 lines | 2.2 KiB | application/x-mako | MakoHtmlLexer
user-audit: share same template for rendering audit logs between user and admin views.
r1696 <%namespace name="base" file="/base/base.mako"/>
%if c.audit_logs:
<table class="rctable admin_log">
<tr>
audit-logs: allow showing individual entries for audit log.
r2110 <th>${_('Uid')}</th>
user-audit: share same template for rendering audit logs between user and admin views.
r1696 <th>${_('Username')}</th>
<th>${_('Action')}</th>
<th>${_('Action Data')}</th>
<th>${_('Repository')}</th>
<th>${_('Date')}</th>
<th>${_('IP')}</th>
</tr>
%for cnt,l in enumerate(c.audit_logs):
<tr class="parity${cnt%2}">
audit-logs: allow showing individual entries for audit log.
r2110 <td class="td-col">
<a href="${h.route_path('admin_audit_log_entry', audit_log_id=l.entry_id)}">${l.entry_id}</a>
</td>
user-audit: share same template for rendering audit logs between user and admin views.
r1696 <td class="td-user">
%if l.user is not None:
${base.gravatar_with_user(l.user.email)}
%else:
${l.username}
%endif
</td>
<td class="td-journalaction">
% if l.version == l.VERSION_1:
pylons: remove pylons as dependency...
r2351 ${h.action_parser(request, l)[0]()}
user-audit: share same template for rendering audit logs between user and admin views.
r1696 % else:
${h.literal(l.action)}
% endif
<div class="journal_action_params">
% if l.version == l.VERSION_1:
pylons: remove pylons as dependency...
r2351 ${h.literal(h.action_parser(request, l)[1]())}
user-audit: share same template for rendering audit logs between user and admin views.
r1696 % endif
</div>
</td>
<td>
% if l.version == l.VERSION_2:
audit-logs: present action data as formatted JSON.
r1703 <a href="#" onclick="$('#entry-'+${l.user_log_id}).toggle();return false">${_('toggle')}</a>
<div id="entry-${l.user_log_id}" style="display: none">
<pre>${h.json.dumps(l.action_data, indent=4, sort_keys=True)}</pre>
</div>
% else:
audit-logs: change v1 data text to less intrusive.
r1708 <pre title="${_('data not available for v1 entries type')}">-</pre>
user-audit: share same template for rendering audit logs between user and admin views.
r1696 % endif
</td>
<td class="td-componentname">
%if l.repository is not None:
repo-summary: re-implemented summary view as pyramid....
r1785 ${h.link_to(l.repository.repo_name, h.route_path('repo_summary',repo_name=l.repository.repo_name))}
user-audit: share same template for rendering audit logs between user and admin views.
r1696 %else:
${l.repository_name}
%endif
</td>
<td class="td-time">${h.format_date(l.action_date)}</td>
<td class="td-ip">${l.user_ip}</td>
</tr>
%endfor
</table>
<div class="pagination-wh pagination-left">
${c.audit_logs.pager('$link_previous ~2~ $link_next')}
</div>
%else:
${_('No actions yet')}
%endif