Show More
| @@ -1,72 +1,79 b'' | |||
|
|
1 | 1 | # -*- coding: utf-8 -*- |
|
|
2 | 2 | |
|
|
3 | 3 | # Copyright (C) 2016-2019 RhodeCode GmbH |
|
|
4 | 4 | # |
|
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
|
8 | 8 | # |
|
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
|
12 | 12 | # GNU General Public License for more details. |
|
|
13 | 13 | # |
|
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
|
16 | 16 | # |
|
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
|
20 | 20 | |
|
|
21 | 21 | import logging |
|
|
22 | 22 | |
|
|
23 | 23 | from pyramid.httpexceptions import HTTPFound, HTTPNotFound |
|
|
24 | 24 | from pyramid.view import view_config |
|
|
25 | 25 | |
|
|
26 | 26 | from rhodecode.apps._base import BaseAppView |
|
|
27 | 27 | from rhodecode.lib import helpers as h |
|
|
28 | from rhodecode.lib.auth import (LoginRequired, NotAnonymous) | |
|
|
28 | from rhodecode.lib.auth import (LoginRequired, NotAnonymous, HasRepoPermissionAny) | |
|
|
29 | 29 | from rhodecode.model.db import PullRequest |
|
|
30 | 30 | |
|
|
31 | 31 | |
|
|
32 | 32 | log = logging.getLogger(__name__) |
|
|
33 | 33 | |
|
|
34 | 34 | |
|
|
35 | 35 | class AdminMainView(BaseAppView): |
|
|
36 | 36 | def load_default_context(self): |
|
|
37 | 37 | c = self._get_local_tmpl_context() |
|
|
38 | 38 | return c |
|
|
39 | 39 | |
|
|
40 | 40 | @LoginRequired() |
|
|
41 | 41 | @NotAnonymous() |
|
|
42 | 42 | @view_config( |
|
|
43 | 43 | route_name='admin_home', request_method='GET', |
|
|
44 | 44 | renderer='rhodecode:templates/admin/main.mako') |
|
|
45 | 45 | def admin_main(self): |
|
|
46 | 46 | c = self.load_default_context() |
|
|
47 | 47 | c.active = 'admin' |
|
|
48 | 48 | |
|
|
49 | 49 | if not (c.is_super_admin or c.is_delegated_admin): |
|
|
50 | 50 | raise HTTPNotFound() |
|
|
51 | 51 | |
|
|
52 | 52 | return self._get_template_context(c) |
|
|
53 | 53 | |
|
|
54 | 54 | @LoginRequired() |
|
|
55 | 55 | @view_config(route_name='pull_requests_global_0', request_method='GET') |
|
|
56 | 56 | @view_config(route_name='pull_requests_global_1', request_method='GET') |
|
|
57 | 57 | @view_config(route_name='pull_requests_global', request_method='GET') |
|
|
58 | 58 | def pull_requests(self): |
|
|
59 | 59 | """ |
|
|
60 | 60 | Global redirect for Pull Requests |
|
|
61 | 61 | pull_request_id: id of pull requests in the system |
|
|
62 | 62 | """ |
|
|
63 | 63 | |
|
|
64 | 64 | pull_request = PullRequest.get_or_404( |
|
|
65 | 65 | self.request.matchdict['pull_request_id']) |
|
|
66 | 66 | pull_request_id = pull_request.pull_request_id |
|
|
67 | 67 | |
|
|
68 | 68 | repo_name = pull_request.target_repo.repo_name |
|
|
69 | # NOTE(marcink): | |
|
|
70 | # check permissions so we don't redirect to repo that we don't have access to | |
|
|
71 | # exposing it's name | |
|
|
72 | target_repo_perm = HasRepoPermissionAny( | |
|
|
73 | 'repository.read', 'repository.write', 'repository.admin')(repo_name) | |
|
|
74 | if not target_repo_perm: | |
|
|
75 | raise HTTPNotFound() | |
|
|
69 | 76 | |
|
|
70 | 77 | raise HTTPFound( |
|
|
71 | 78 | h.route_path('pullrequest_show', repo_name=repo_name, |
|
|
72 | 79 | pull_request_id=pull_request_id)) |
General Comments 0
You need to be logged in to leave comments.
Login now