Show More
@@ -1346,7 +1346,7 b' class AuthUser(object):' | |||||
1346 | def _cached_repo_acl(perm_def, _name_filter): |
|
1346 | def _cached_repo_acl(perm_def, _name_filter): | |
1347 | qry = Repository.query() |
|
1347 | qry = Repository.query() | |
1348 | if _name_filter: |
|
1348 | if _name_filter: | |
1349 |
ilike_expression = |
|
1349 | ilike_expression = '%{}%'.format(_name_filter) | |
1350 | qry = qry.filter( |
|
1350 | qry = qry.filter( | |
1351 | Repository.repo_name.ilike(ilike_expression)) |
|
1351 | Repository.repo_name.ilike(ilike_expression)) | |
1352 |
|
1352 | |||
@@ -1397,7 +1397,7 b' class AuthUser(object):' | |||||
1397 | def _cached_repo_group_acl(perm_def, _name_filter): |
|
1397 | def _cached_repo_group_acl(perm_def, _name_filter): | |
1398 | qry = RepoGroup.query() |
|
1398 | qry = RepoGroup.query() | |
1399 | if _name_filter: |
|
1399 | if _name_filter: | |
1400 |
ilike_expression = |
|
1400 | ilike_expression = '%{}%'.format(_name_filter) | |
1401 | qry = qry.filter( |
|
1401 | qry = qry.filter( | |
1402 | RepoGroup.group_name.ilike(ilike_expression)) |
|
1402 | RepoGroup.group_name.ilike(ilike_expression)) | |
1403 |
|
1403 | |||
@@ -1446,7 +1446,7 b' class AuthUser(object):' | |||||
1446 | def _cached_user_group_acl(perm_def, _name_filter): |
|
1446 | def _cached_user_group_acl(perm_def, _name_filter): | |
1447 | qry = UserGroup.query() |
|
1447 | qry = UserGroup.query() | |
1448 | if _name_filter: |
|
1448 | if _name_filter: | |
1449 |
ilike_expression = |
|
1449 | ilike_expression = '%{}%'.format(_name_filter) | |
1450 | qry = qry.filter( |
|
1450 | qry = qry.filter( | |
1451 | UserGroup.users_group_name.ilike(ilike_expression)) |
|
1451 | UserGroup.users_group_name.ilike(ilike_expression)) | |
1452 |
|
1452 | |||
@@ -2323,9 +2323,11 b' class HasPermissionAnyMiddleware(object)' | |||||
2323 | self.required_perms = set(perms) |
|
2323 | self.required_perms = set(perms) | |
2324 |
|
2324 | |||
2325 | def __call__(self, auth_user, repo_name): |
|
2325 | def __call__(self, auth_user, repo_name): | |
2326 | # repo_name MUST be unicode, since we handle keys in permission |
|
2326 | # # repo_name MUST be unicode, since we handle keys in permission | |
2327 | # dict by unicode |
|
2327 | # # dict by unicode | |
2328 | repo_name = safe_unicode(repo_name) |
|
2328 | #TODO: verify | |
|
2329 | # repo_name = safe_unicode(repo_name) | |||
|
2330 | ||||
2329 | log.debug( |
|
2331 | log.debug( | |
2330 | 'Checking VCS protocol permissions %s for user:%s repo:`%s`', |
|
2332 | 'Checking VCS protocol permissions %s for user:%s repo:`%s`', | |
2331 | self.required_perms, auth_user, repo_name) |
|
2333 | self.required_perms, auth_user, repo_name) | |
@@ -2495,10 +2497,11 b' def check_ip_access(source_ip, allowed_i' | |||||
2495 | :param allowed_ips: list of allowed ips together with mask |
|
2497 | :param allowed_ips: list of allowed ips together with mask | |
2496 | """ |
|
2498 | """ | |
2497 | log.debug('checking if ip:%s is subnet of %s', source_ip, allowed_ips) |
|
2499 | log.debug('checking if ip:%s is subnet of %s', source_ip, allowed_ips) | |
2498 |
source_ip_address = ipaddress.ip_address( |
|
2500 | source_ip_address = ipaddress.ip_address(source_ip) | |
2499 | if isinstance(allowed_ips, (tuple, list, set)): |
|
2501 | if isinstance(allowed_ips, (tuple, list, set)): | |
2500 | for ip in allowed_ips: |
|
2502 | for ip in allowed_ips: | |
2501 | ip = safe_unicode(ip) |
|
2503 | #TODO: verify | |
|
2504 | #ip = safe_unicode(ip) | |||
2502 | try: |
|
2505 | try: | |
2503 | network_address = ipaddress.ip_network(ip, strict=False) |
|
2506 | network_address = ipaddress.ip_network(ip, strict=False) | |
2504 | if source_ip_address in network_address: |
|
2507 | if source_ip_address in network_address: |
@@ -86,7 +86,7 b' def _filter_port(ip):' | |||||
86 | else: |
|
86 | else: | |
87 | # fallback to ipaddress |
|
87 | # fallback to ipaddress | |
88 | try: |
|
88 | try: | |
89 |
ipaddress.IPv6Address(safe_ |
|
89 | ipaddress.IPv6Address(safe_str(ip_addr)) | |
90 | except Exception: |
|
90 | except Exception: | |
91 | return False |
|
91 | return False | |
92 | return True |
|
92 | return True |
@@ -1086,7 +1086,7 b' def style_metatag(tag_type, value):' | |||||
1086 | pat, replace_html = tag_data |
|
1086 | pat, replace_html = tag_data | |
1087 | # convert to plain `unicode` instead of a markup tag to be used in |
|
1087 | # convert to plain `unicode` instead of a markup tag to be used in | |
1088 | # regex expressions. safe_unicode doesn't work here |
|
1088 | # regex expressions. safe_unicode doesn't work here | |
1089 |
html_value = pat.sub(replace_html, |
|
1089 | html_value = pat.sub(replace_html, value) | |
1090 |
|
1090 | |||
1091 | return html_value |
|
1091 | return html_value | |
1092 |
|
1092 | |||
@@ -1223,10 +1223,10 b' class InitialsGravatar(object):' | |||||
1223 | def normalize_email(self, email_address): |
|
1223 | def normalize_email(self, email_address): | |
1224 | import unicodedata |
|
1224 | import unicodedata | |
1225 | # default host used to fill in the fake/missing email |
|
1225 | # default host used to fill in the fake/missing email | |
1226 |
default_host = |
|
1226 | default_host = 'localhost' | |
1227 |
|
1227 | |||
1228 | if not email_address: |
|
1228 | if not email_address: | |
1229 |
email_address = |
|
1229 | email_address = '%s@%s' % (User.DEFAULT_USER, default_host) | |
1230 |
|
1230 | |||
1231 | email_address = safe_unicode(email_address) |
|
1231 | email_address = safe_unicode(email_address) | |
1232 |
|
1232 |
@@ -467,8 +467,9 b' class MercurialRepository(BaseRepository' | |||||
467 | else: |
|
467 | else: | |
468 | commit_id = "tip" |
|
468 | commit_id = "tip" | |
469 |
|
469 | |||
470 | if isinstance(commit_id, unicode): |
|
470 | #TODO: decide if we pass bytes or str into lookup ? | |
471 | commit_id = safe_str(commit_id) |
|
471 | # if isinstance(commit_id, unicode): | |
|
472 | # commit_id = safe_str(commit_id) | |||
472 |
|
473 | |||
473 | try: |
|
474 | try: | |
474 | raw_id, idx = self._remote.lookup(commit_id, both=True) |
|
475 | raw_id, idx = self._remote.lookup(commit_id, both=True) |
@@ -47,10 +47,10 b' class NodeKind:' | |||||
47 |
|
47 | |||
48 |
|
48 | |||
49 | class NodeState: |
|
49 | class NodeState: | |
50 |
ADDED = |
|
50 | ADDED = 'added' | |
51 |
CHANGED = |
|
51 | CHANGED = 'changed' | |
52 |
NOT_CHANGED = |
|
52 | NOT_CHANGED = 'not changed' | |
53 |
REMOVED = |
|
53 | REMOVED = 'removed' | |
54 |
|
54 | |||
55 |
|
55 | |||
56 | class NodeGeneratorBase(object): |
|
56 | class NodeGeneratorBase(object): | |
@@ -115,7 +115,7 b' class Node(object):' | |||||
115 | only. Moreover, every single node is identified by the ``path`` attribute, |
|
115 | only. Moreover, every single node is identified by the ``path`` attribute, | |
116 | so it cannot end with slash, too. Otherwise, path could lead to mistakes. |
|
116 | so it cannot end with slash, too. Otherwise, path could lead to mistakes. | |
117 | """ |
|
117 | """ | |
118 |
RTLO_MARKER = |
|
118 | RTLO_MARKER = "\u202E" # RTLO marker allows swapping text, and certain | |
119 | # security attacks could be used with this |
|
119 | # security attacks could be used with this | |
120 | commit = None |
|
120 | commit = None | |
121 |
|
121 | |||
@@ -173,7 +173,7 b' class Node(object):' | |||||
173 | _parts = self.path.rstrip('/').rsplit('/', 1) |
|
173 | _parts = self.path.rstrip('/').rsplit('/', 1) | |
174 | if len(_parts) == 2: |
|
174 | if len(_parts) == 2: | |
175 | return safe_unicode(_parts[0]) |
|
175 | return safe_unicode(_parts[0]) | |
176 |
return |
|
176 | return '' | |
177 |
|
177 | |||
178 | @LazyProperty |
|
178 | @LazyProperty | |
179 | def name(self): |
|
179 | def name(self): | |
@@ -829,7 +829,7 b' class SubModuleNode(Node):' | |||||
829 | then only last part is returned. |
|
829 | then only last part is returned. | |
830 | """ |
|
830 | """ | |
831 | org = safe_unicode(self.path.rstrip('/').split('/')[-1]) |
|
831 | org = safe_unicode(self.path.rstrip('/').split('/')[-1]) | |
832 |
return |
|
832 | return '%s @ %s' % (org, self.commit.short_id) | |
833 |
|
833 | |||
834 |
|
834 | |||
835 | class LargeFileNode(FileNode): |
|
835 | class LargeFileNode(FileNode): |
@@ -346,7 +346,7 b' class RhodeCodeSetting(Base, BaseModel):' | |||||
346 |
|
346 | |||
347 | @validates('_app_settings_value') |
|
347 | @validates('_app_settings_value') | |
348 | def validate_settings_value(self, key, val): |
|
348 | def validate_settings_value(self, key, val): | |
349 |
assert type(val) == |
|
349 | assert type(val) == str | |
350 | return val |
|
350 | return val | |
351 |
|
351 | |||
352 | @hybrid_property |
|
352 | @hybrid_property | |
@@ -487,7 +487,7 b' class RepoRhodeCodeSetting(Base, BaseMod' | |||||
487 |
|
487 | |||
488 | @validates('_app_settings_value') |
|
488 | @validates('_app_settings_value') | |
489 | def validate_settings_value(self, key, val): |
|
489 | def validate_settings_value(self, key, val): | |
490 |
assert type(val) == |
|
490 | assert type(val) == str | |
491 | return val |
|
491 | return val | |
492 |
|
492 | |||
493 | @hybrid_property |
|
493 | @hybrid_property |
General Comments 0
You need to be logged in to leave comments.
Login now