Show More
@@ -616,8 +616,6 b' def get_repo_fts_tree(request, apiuser, ' | |||||
616 | cache_namespace_uid = 'cache_repo.{}'.format(repo_id) |
|
616 | cache_namespace_uid = 'cache_repo.{}'.format(repo_id) | |
617 | region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid) |
|
617 | region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid) | |
618 |
|
618 | |||
619 | @region.conditional_cache_on_arguments(namespace=cache_namespace_uid, |
|
|||
620 | condition=cache_on) |
|
|||
621 | def compute_fts_tree(repo_id, commit_id, root_path, cache_ver): |
|
619 | def compute_fts_tree(repo_id, commit_id, root_path, cache_ver): | |
622 | return ScmModel().get_fts_data(repo_id, commit_id, root_path) |
|
620 | return ScmModel().get_fts_data(repo_id, commit_id, root_path) | |
623 |
|
621 |
@@ -320,9 +320,15 b' class PathFilter(object):' | |||||
320 | self.permission_checker = permission_checker |
|
320 | self.permission_checker = permission_checker | |
321 |
|
321 | |||
322 | def assert_path_permissions(self, path): |
|
322 | def assert_path_permissions(self, path): | |
323 | if path and self.permission_checker and not self.permission_checker.has_access(path): |
|
323 | if self.path_access_allowed(path): | |
324 | raise HTTPForbidden() |
|
324 | return path | |
325 | return path |
|
325 | raise HTTPForbidden() | |
|
326 | ||||
|
327 | def path_access_allowed(self, path): | |||
|
328 | log.debug('Checking ACL permissions for PathFilter for `%s`', path) | |||
|
329 | if self.permission_checker: | |||
|
330 | return path and self.permission_checker.has_access(path) | |||
|
331 | return True | |||
326 |
|
332 | |||
327 | def filter_patchset(self, patchset): |
|
333 | def filter_patchset(self, patchset): | |
328 | if not self.permission_checker or not patchset: |
|
334 | if not self.permission_checker or not patchset: |
@@ -904,9 +904,11 b' class RepoFilesView(RepoAppView):' | |||||
904 | raise HTTPFound(h.route_path( |
|
904 | raise HTTPFound(h.route_path( | |
905 | 'repo_files', repo_name=self.db_repo_name, |
|
905 | 'repo_files', repo_name=self.db_repo_name, | |
906 | commit_id='tip', f_path='/')) |
|
906 | commit_id='tip', f_path='/')) | |
|
907 | ||||
907 | return _d + _f |
|
908 | return _d + _f | |
908 |
|
909 | |||
909 |
re |
|
910 | result = compute_file_search(self.db_repo.repo_id, commit_id, f_path) | |
|
911 | return filter(lambda n: self.path_filter.path_access_allowed(n['name']), result) | |||
910 |
|
912 | |||
911 | @LoginRequired() |
|
913 | @LoginRequired() | |
912 | @HasRepoPermissionAnyDecorator( |
|
914 | @HasRepoPermissionAnyDecorator( |
General Comments 0
You need to be logged in to leave comments.
Login now