##// END OF EJS Templates
u » pc » rhodecode-enterprise-ce-fork-pc
RSS

Fork of rhodecode-enterprise-ce

pull-requests: use consistent check who is allowed to delete a pull request.
marcink -
r1607:5a387f60 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -576,13 +576,21 b' class PullrequestsController(BaseRepoCon'
576 576 def delete(self, repo_name, pull_request_id):
577 577 pull_request_id = safe_int(pull_request_id)
578 578 pull_request = PullRequest.get_or_404(pull_request_id)
579
580 pr_closed = pull_request.is_closed()
581 allowed_to_delete = PullRequestModel().check_user_delete(
582 pull_request, c.rhodecode_user) and not pr_closed
583
579 584 # only owner can delete it !
580 if pull_request.author.user_id == c.rhodecode_user.user_id:
585 if allowed_to_delete:
581 586 PullRequestModel().delete(pull_request)
582 587 Session().commit()
583 588 h.flash(_('Successfully deleted pull request'),
584 589 category='success')
585 590 return redirect(url('my_account_pullrequests'))
591
592 h.flash(_('Your are not allowed to delete this pull request'),
593 category='error')
586 594 raise HTTPForbidden()
587 595
588 596 def _get_pr_version(self, pull_request_id, version=None):
General Comments 0
You need to be logged in to leave comments. Login now