rhodecode-enterprise-ce Files · rhodecode/templates/admin/repos/repo_edit_vcs.mako

security: fixed issues with exposing repository names using global PR redirection link...

security: fixed issues with exposing repository names using global PR redirection link logic. - Since redirect was created to repository which linked to the PR, users who didn't have permissions to those repos could still see the name in the url generated.

marcink - - Load All Authors

File last commit:

r2105:4ad1a937 default


                r4044:573a1043

default

Download file

             repo_edit_vcs.mako
        
                    73 lines
            
             | 2.7 KiB
            
                | application/x-mako
            
             |
                MakoHtmlLexer
            
             / rhodecode / templates / admin / repos / repo_edit_vcs.mako
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      <%namespace name="vcss" file="/base/vcs_settings.mako"/>

      <div id="repo_vcs_settings" class="${'inherited' if c.inherit_global_settings else ''}">

          ${h.secure_form(h.route_path('edit_repo_vcs_update', repo_name=c.rhodecode_db_repo.repo_name), request=request)}

              <div class="form panel panel-default">

                  <div class="fields panel-body">

                      <div class="field">

                          <div class="label label-checkbox">

                              <label for="inherit_global_settings">${_('Inherit from global settings')}:</label>

                          </div>

                          <div class="checkboxes">

                              ${h.checkbox('inherit_global_settings',value=True)}

                              <span class="help-block">${h.literal(_('Select to inherit global vcs settings.'))}</span>

                          </div>

                      </div>

                  </div>

              </div>

              <div id="inherit_overlay_vcs_default">

                  <div>

                      ${vcss.vcs_settings_fields(

                          suffix='_inherited',

                          svn_tag_patterns=c.global_svn_tag_patterns,

                          svn_branch_patterns=c.global_svn_branch_patterns,

                          repo_type=c.rhodecode_db_repo.repo_type,

                          disabled='disabled'

                      )}

                  </div>

              </div>

              <div id="inherit_overlay_vcs_custom">

                  <div>

                      ${vcss.vcs_settings_fields(

                          suffix='',

                          svn_tag_patterns=c.svn_tag_patterns,

                          svn_branch_patterns=c.svn_branch_patterns,

                          repo_type=c.rhodecode_db_repo.repo_type

                      )}

                  </div>

              </div>

              <div class="buttons">

                      ${h.submit('save',_('Save settings'),class_="btn")}

                      ${h.reset('reset',_('Reset'),class_="btn")}

              </div>

          ${h.end_form()}

      </div>

      <script type="text/javascript">

          function ajaxDeletePattern(pattern_id, field_id) {

              var sUrl = "${h.route_path('edit_repo_vcs_svn_pattern_delete', repo_name=c.rhodecode_db_repo.repo_name)}";

              var callback =  function (o) {

                  var elem = $("#"+field_id);

                  elem.remove();

              };

              var postData = {

                  'delete_svn_pattern': pattern_id,

                  'csrf_token': CSRF_TOKEN

              };

              var request = $.post(sUrl, postData)

                  .done(callback)

                  .fail(function (data, textStatus, errorThrown) {

                      alert("Error while deleting hooks.\nError code {0} ({1}). URL: {2}".format(data.status,data.statusText,$(this)[0].url));

                  });

          }

          $('#inherit_global_settings').on('change', function(e){

              $('#repo_vcs_settings').toggleClass('inherited', this.checked);

          });

      </script>

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				<%namespace name="vcss" file="/base/vcs_settings.mako"/>

				<div id="repo_vcs_settings" class="${'inherited' if c.inherit_global_settings else ''}">
				${h.secure_form(h.route_path('edit_repo_vcs_update', repo_name=c.rhodecode_db_repo.repo_name), request=request)}
				<div class="form panel panel-default">
				<div class="fields panel-body">
				<div class="field">
				<div class="label label-checkbox">
				<label for="inherit_global_settings">${_('Inherit from global settings')}:</label>
				</div>
				<div class="checkboxes">
				${h.checkbox('inherit_global_settings',value=True)}
				<span class="help-block">${h.literal(_('Select to inherit global vcs settings.'))}</span>
				</div>
				</div>
				</div>
				</div>

				<div id="inherit_overlay_vcs_default">
				<div>
				${vcss.vcs_settings_fields(
				suffix='_inherited',
				svn_tag_patterns=c.global_svn_tag_patterns,
				svn_branch_patterns=c.global_svn_branch_patterns,
				repo_type=c.rhodecode_db_repo.repo_type,
				disabled='disabled'
				)}
				</div>
				</div>

				<div id="inherit_overlay_vcs_custom">
				<div>
				${vcss.vcs_settings_fields(
				suffix='',
				svn_tag_patterns=c.svn_tag_patterns,
				svn_branch_patterns=c.svn_branch_patterns,
				repo_type=c.rhodecode_db_repo.repo_type
				)}
				</div>
				</div>

				<div class="buttons">
				${h.submit('save',_('Save settings'),class_="btn")}
				${h.reset('reset',_('Reset'),class_="btn")}
				</div>

				${h.end_form()}
				</div>

				<script type="text/javascript">

				function ajaxDeletePattern(pattern_id, field_id) {
				var sUrl = "${h.route_path('edit_repo_vcs_svn_pattern_delete', repo_name=c.rhodecode_db_repo.repo_name)}";
				var callback = function (o) {
				var elem = $("#"+field_id);
				elem.remove();
				};
				var postData = {
				'delete_svn_pattern': pattern_id,
				'csrf_token': CSRF_TOKEN
				};
				var request = $.post(sUrl, postData)
				.done(callback)
				.fail(function (data, textStatus, errorThrown) {
				alert("Error while deleting hooks.\nError code {0} ({1}). URL: {2}".format(data.status,data.statusText,$(this)[0].url));
				});
				}

				$('#inherit_global_settings').on('change', function(e){
				$('#repo_vcs_settings').toggleClass('inherited', this.checked);
				});

				</script>