# HG changeset patch # User Marcin Kuzminski # Date 2019-07-24 09:53:06 # Node ID d10a30f629d3c96ad264f106eea04253d2c45ba0 # Parent 18ef8156a58544d805e63abb224b9aef05c07fa3 path-filter: enable for quick search menu. diff --git a/rhodecode/apps/_base/__init__.py b/rhodecode/apps/_base/__init__.py --- a/rhodecode/apps/_base/__init__.py +++ b/rhodecode/apps/_base/__init__.py @@ -320,9 +320,15 @@ class PathFilter(object): self.permission_checker = permission_checker def assert_path_permissions(self, path): - if path and self.permission_checker and not self.permission_checker.has_access(path): - raise HTTPForbidden() - return path + if self.path_access_allowed(path): + return path + raise HTTPForbidden() + + def path_access_allowed(self, path): + log.debug('Checking ACL permissions for PathFilter for `%s`', path) + if self.permission_checker: + return path and self.permission_checker.has_access(path) + return True def filter_patchset(self, patchset): if not self.permission_checker or not patchset: diff --git a/rhodecode/apps/repository/views/repo_files.py b/rhodecode/apps/repository/views/repo_files.py --- a/rhodecode/apps/repository/views/repo_files.py +++ b/rhodecode/apps/repository/views/repo_files.py @@ -904,9 +904,11 @@ class RepoFilesView(RepoAppView): raise HTTPFound(h.route_path( 'repo_files', repo_name=self.db_repo_name, commit_id='tip', f_path='/')) + return _d + _f - return compute_file_search(self.db_repo.repo_id, commit_id, f_path) + result = compute_file_search(self.db_repo.repo_id, commit_id, f_path) + return filter(lambda n: self.path_filter.path_access_allowed(n['name']), result) @LoginRequired() @HasRepoPermissionAnyDecorator(