Show More
| @@ -19,6 +19,7 b' fixes' | |||
|
|
19 | 19 | +++++ |
|
|
20 | 20 | |
|
|
21 | 21 | - fixed dev-version marker for stable when served from source codes |
|
|
22 | - fixed missing permission checks on show forks page | |
|
|
22 | 23 | |
|
|
23 | 24 | 1.3.4 (**2012-03-28**) |
|
|
24 | 25 | ---------------------- |
| @@ -35,7 +35,7 b' import rhodecode.lib.helpers as h' | |||
|
|
35 | 35 | |
|
|
36 | 36 | from rhodecode.lib.helpers import Page |
|
|
37 | 37 | from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \ |
|
|
38 | NotAnonymous | |
|
|
38 | NotAnonymous, HasRepoPermissionAny | |
|
|
39 | 39 | from rhodecode.lib.base import BaseRepoController, render |
|
|
40 | 40 | from rhodecode.model.db import Repository, RepoGroup, UserFollowing, User |
|
|
41 | 41 | from rhodecode.model.repo import RepoModel |
| @@ -103,7 +103,13 b' class ForksController(BaseRepoController' | |||
|
|
103 | 103 | def forks(self, repo_name): |
|
|
104 | 104 | p = int(request.params.get('page', 1)) |
|
|
105 | 105 | repo_id = c.rhodecode_db_repo.repo_id |
|
|
106 | d = Repository.get_repo_forks(repo_id) | |
|
|
106 | d = [] | |
|
|
107 | for r in Repository.get_repo_forks(repo_id): | |
|
|
108 | if not HasRepoPermissionAny( | |
|
|
109 | 'repository.read', 'repository.write', 'repository.admin' | |
|
|
110 | )(r.repo_name, 'get forks check'): | |
|
|
111 | continue | |
|
|
112 | d.append(r) | |
|
|
107 | 113 | c.forks_pager = Page(d, page=p, items_per_page=20) |
|
|
108 | 114 | |
|
|
109 | 115 | c.forks_data = render('/forks/forks_data.html') |
| @@ -1,9 +1,25 b'' | |||
|
|
1 | 1 | from rhodecode.tests import * |
|
|
2 | 2 | |
|
|
3 | 3 | from rhodecode.model.db import Repository |
|
|
4 | from rhodecode.model.repo import RepoModel | |
|
|
5 | from rhodecode.model.user import UserModel | |
|
|
6 | ||
|
|
4 | 7 | |
|
|
5 | 8 | class TestForksController(TestController): |
|
|
6 | 9 | |
|
|
10 | def setUp(self): | |
|
|
11 | self.username = u'forkuser' | |
|
|
12 | self.password = u'qweqwe' | |
|
|
13 | self.u1 = UserModel().create_or_update( | |
|
|
14 | username=self.username, password=self.password, | |
|
|
15 | email=u'fork_king@rhodecode.org', name=u'u1', lastname=u'u1' | |
|
|
16 | ) | |
|
|
17 | self.Session.commit() | |
|
|
18 | ||
|
|
19 | def tearDown(self): | |
|
|
20 | self.Session.delete(self.u1) | |
|
|
21 | self.Session.commit() | |
|
|
22 | ||
|
|
7 | 23 | def test_index(self): |
|
|
8 | 24 | self.log_user() |
|
|
9 | 25 | repo_name = HG_REPO |
| @@ -12,7 +28,6 b' class TestForksController(TestController' | |||
|
|
12 | 28 | |
|
|
13 | 29 | self.assertTrue("""There are no forks yet""" in response.body) |
|
|
14 | 30 | |
|
|
15 | ||
|
|
16 | 31 | def test_index_with_fork(self): |
|
|
17 | 32 | self.log_user() |
|
|
18 | 33 | |
| @@ -34,7 +49,6 b' class TestForksController(TestController' | |||
|
|
34 | 49 | response = self.app.get(url(controller='forks', action='forks', |
|
|
35 | 50 | repo_name=repo_name)) |
|
|
36 | 51 | |
|
|
37 | ||
|
|
38 | 52 | self.assertTrue("""<a href="/%s/summary">""" |
|
|
39 | 53 | """vcs_test_hg_fork</a>""" % fork_name |
|
|
40 | 54 | in response.body) |
| @@ -42,9 +56,6 b' class TestForksController(TestController' | |||
|
|
42 | 56 | #remove this fork |
|
|
43 | 57 | response = self.app.delete(url('repo', repo_name=fork_name)) |
|
|
44 | 58 | |
|
|
45 | ||
|
|
46 | ||
|
|
47 | ||
|
|
48 | 59 | def test_z_fork_create(self): |
|
|
49 | 60 | self.log_user() |
|
|
50 | 61 | fork_name = HG_FORK |
| @@ -71,11 +82,9 b' class TestForksController(TestController' | |||
|
|
71 | 82 | self.assertEqual(fork_repo.repo_name, fork_name) |
|
|
72 | 83 | self.assertEqual(fork_repo.fork.repo_name, repo_name) |
|
|
73 | 84 | |
|
|
74 | ||
|
|
75 | 85 | #test if fork is visible in the list ? |
|
|
76 | 86 | response = response.follow() |
|
|
77 | 87 | |
|
|
78 | ||
|
|
79 | 88 | # check if fork is marked as fork |
|
|
80 | 89 | # wait for cache to expire |
|
|
81 | 90 | import time |
| @@ -84,3 +93,41 b' class TestForksController(TestController' | |||
|
|
84 | 93 | repo_name=fork_name)) |
|
|
85 | 94 | |
|
|
86 | 95 | self.assertTrue('Fork of %s' % repo_name in response.body) |
|
|
96 | ||
|
|
97 | def test_zz_fork_permission_page(self): | |
|
|
98 | usr = self.log_user(self.username, self.password)['user_id'] | |
|
|
99 | repo_name = HG_REPO | |
|
|
100 | ||
|
|
101 | forks = self.Session.query(Repository)\ | |
|
|
102 | .filter(Repository.fork_id != None)\ | |
|
|
103 | .all() | |
|
|
104 | self.assertEqual(1, len(forks)) | |
|
|
105 | ||
|
|
106 | # set read permissions for this | |
|
|
107 | RepoModel().grant_user_permission(repo=forks[0], | |
|
|
108 | user=usr, | |
|
|
109 | perm='repository.read') | |
|
|
110 | self.Session.commit() | |
|
|
111 | ||
|
|
112 | response = self.app.get(url(controller='forks', action='forks', | |
|
|
113 | repo_name=repo_name)) | |
|
|
114 | ||
|
|
115 | response.mustcontain('<div style="padding:5px 3px 3px 42px;">fork of vcs test</div>') | |
|
|
116 | ||
|
|
117 | def test_zzz_fork_permission_page(self): | |
|
|
118 | usr = self.log_user(self.username, self.password)['user_id'] | |
|
|
119 | repo_name = HG_REPO | |
|
|
120 | ||
|
|
121 | forks = self.Session.query(Repository)\ | |
|
|
122 | .filter(Repository.fork_id != None)\ | |
|
|
123 | .all() | |
|
|
124 | self.assertEqual(1, len(forks)) | |
|
|
125 | ||
|
|
126 | # set none | |
|
|
127 | RepoModel().grant_user_permission(repo=forks[0], | |
|
|
128 | user=usr, perm='repository.none') | |
|
|
129 | self.Session.commit() | |
|
|
130 | # fork shouldn't be there | |
|
|
131 | response = self.app.get(url(controller='forks', action='forks', | |
|
|
132 | repo_name=repo_name)) | |
|
|
133 | response.mustcontain('There are no forks yet') | |
General Comments 0
You need to be logged in to leave comments.
Login now