u/pc/rhodecode-enterprise-ce-fork-pc Files · rhodecode/templates/admin/repos/repo_edit_statistics.mako

security: make sure the admin of repo can only delete comments which are from the same repo....

security: make sure the admin of repo can only delete comments which are from the same repo. - fixes IDOR issue - protects against other people comment deletion by repo admins.

marcink - - Load All Authors

File last commit:

r1282:90601d74 default


                r1818:1ced1b24

default

Download file

             repo_edit_statistics.mako
        
                    22 lines
            
             | 924 B
            
                | application/x-mako
            
             |
                MakoHtmlLexer
            
             / rhodecode / templates / admin / repos / repo_edit_statistics.mako
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      <div class="panel panel-default">

          <div class="panel-heading">

              <h3 class="panel-title">${_('Repository statistics')}</h3>

          </div>

          <div class="panel-body">

              ${h.secure_form(url('edit_repo_statistics', repo_name=c.repo_info.repo_name), method='put')}

              <div class="form">

                  <div class="fields">

                     <div class="field" >

                      <dl class="dl-horizontal settings">

                          <dt>${_('Processed commits')}:</dt><dd>${c.stats_revision}/${c.repo_last_rev}</dd>

                          <dt>${_('Processed progress')}:</dt><dd>${c.stats_percentage}%</dd>

                      </dl>

                     </div>

                      ${h.submit('reset_stats_%s' % c.repo_info.repo_name,_('Reset statistics'),class_="btn btn-small",onclick="return confirm('"+_('Confirm to remove current statistics')+"');")}

                 </div>

              </div>

              ${h.end_form()}

          </div>

      </div>

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				<div class="panel panel-default">
				<div class="panel-heading">
				<h3 class="panel-title">${_('Repository statistics')}</h3>
				</div>
				<div class="panel-body">
				${h.secure_form(url('edit_repo_statistics', repo_name=c.repo_info.repo_name), method='put')}
				<div class="form">
				<div class="fields">
				<div class="field" >
				<dl class="dl-horizontal settings">
				<dt>${_('Processed commits')}:</dt><dd>${c.stats_revision}/${c.repo_last_rev}</dd>
				<dt>${_('Processed progress')}:</dt><dd>${c.stats_percentage}%</dd>
				</dl>
				</div>
				${h.submit('reset_stats_%s' % c.repo_info.repo_name,_('Reset statistics'),class_="btn btn-small",onclick="return confirm('"+_('Confirm to remove current statistics')+"');")}
				</div>
				</div>
				${h.end_form()}
				</div>
				</div>