Show More
| @@ -679,7 +679,8 b' class RepoPullRequestsView(RepoAppView, ' | |||
|
|
679 | 679 | repo = Repository.get_by_repo_name(target_repo_name) |
|
|
680 | 680 | if not repo: |
|
|
681 | 681 | raise HTTPNotFound() |
|
|
682 |
return PullRequestModel().generate_repo_data( |
|
|
|
682 | return PullRequestModel().generate_repo_data( | |
|
|
683 | repo, translator=self.request.translate) | |
|
|
683 | 684 | |
|
|
684 | 685 | @LoginRequired() |
|
|
685 | 686 | @NotAnonymous() |
| @@ -1081,6 +1082,13 b' class RepoPullRequestsView(RepoAppView, ' | |||
|
|
1081 | 1082 | log.debug('comment: forbidden because pull request is closed') |
|
|
1082 | 1083 | raise HTTPForbidden() |
|
|
1083 | 1084 | |
|
|
1085 | allowed_to_comment = PullRequestModel().check_user_comment( | |
|
|
1086 | pull_request, self._rhodecode_user) | |
|
|
1087 | if not allowed_to_comment: | |
|
|
1088 | log.debug( | |
|
|
1089 | 'comment: forbidden because pull request is from forbidden repo') | |
|
|
1090 | raise HTTPForbidden() | |
|
|
1091 | ||
|
|
1084 | 1092 | c = self.load_default_context() |
|
|
1085 | 1093 | |
|
|
1086 | 1094 | status = self.request.POST.get('changeset_status', None) |
| @@ -164,6 +164,10 b' class PullRequestModel(BaseModel):' | |||
|
|
164 | 164 | pull_request.reviewers] |
|
|
165 | 165 | return self.check_user_update(pull_request, user, api) or reviewer |
|
|
166 | 166 | |
|
|
167 | def check_user_comment(self, pull_request, user): | |
|
|
168 | owner = user.user_id == pull_request.user_id | |
|
|
169 | return self.check_user_read(pull_request, user) or owner | |
|
|
170 | ||
|
|
167 | 171 | def get(self, pull_request): |
|
|
168 | 172 | return self.__get_pull_request(pull_request) |
|
|
169 | 173 | |
General Comments 0
You need to be logged in to leave comments.
Login now