# HG changeset patch
# User Marcin Kuzminski <marcin@python-works.com>
# Date 2011-02-15 22:03:16
# Node ID 32dbf759fa98ca1c98010b84ebae3e76b209cb8c
# Parent  aa01004399a5b8de4d57049d0a60efb3b018eaeb

fixed #113 to high permission was required to fork a repository

diff --git a/rhodecode/controllers/settings.py b/rhodecode/controllers/settings.py
--- a/rhodecode/controllers/settings.py
+++ b/rhodecode/controllers/settings.py
@@ -47,10 +47,10 @@ log = logging.getLogger(__name__)
 class SettingsController(BaseRepoController):
 
     @LoginRequired()
-    @HasRepoPermissionAllDecorator('repository.admin')
     def __before__(self):
         super(SettingsController, self).__before__()
 
+    @HasRepoPermissionAllDecorator('repository.admin')
     def index(self, repo_name):
         repo_model = RepoModel()
         c.repo_info = repo = repo_model.get_by_repo_name(repo_name)
@@ -93,6 +93,7 @@ class SettingsController(BaseRepoControl
             force_defaults=False
         )
 
+    @HasRepoPermissionAllDecorator('repository.admin')
     def update(self, repo_name):
         repo_model = RepoModel()
         changed_name = repo_name
@@ -124,7 +125,7 @@ class SettingsController(BaseRepoControl
         return redirect(url('repo_settings_home', repo_name=changed_name))
 
 
-
+    @HasRepoPermissionAllDecorator('repository.admin')
     def delete(self, repo_name):
         """DELETE /repos/repo_name: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
@@ -156,6 +157,7 @@ class SettingsController(BaseRepoControl
 
         return redirect(url('home'))
 
+    @HasRepoPermissionAllDecorator('repository.read')
     def fork(self, repo_name):
         repo_model = RepoModel()
         c.repo_info = repo = repo_model.get_by_repo_name(repo_name)
@@ -171,7 +173,7 @@ class SettingsController(BaseRepoControl
         return render('settings/repo_fork.html')
 
 
-
+    @HasRepoPermissionAllDecorator('repository.read')
     def fork_create(self, repo_name):
         repo_model = RepoModel()
         c.repo_info = repo_model.get_by_repo_name(repo_name)
diff --git a/rhodecode/templates/base/base.html b/rhodecode/templates/base/base.html
--- a/rhodecode/templates/base/base.html
+++ b/rhodecode/templates/base/base.html
@@ -233,8 +233,8 @@
                      %else:
                          <li>${h.link_to(_('settings'),h.url('repo_settings_home',repo_name=c.repo_name),class_='settings')}</li>
                      %endif
+                   %endif
                    	<li>${h.link_to(_('fork'),h.url('repo_fork_home',repo_name=c.repo_name),class_='fork')}</li>
-                   %endif  
                    	<li>${h.link_to(_('search'),h.url('search_repo',search_repo=c.repo_name),class_='search')}</li>
                     
                     %if h.HasPermissionAll('hg.admin')('access admin main page'):